From 721d4261b72a12dc6147687d72b81738014be20b Mon Sep 17 00:00:00 2001 From: Thomas Lenz Date: Tue, 12 Jun 2018 09:20:52 +0200 Subject: add jUnit simple test for AuthDataBuilder and foreign bPK generation --- .../id/auth/builder/AuthenticationDataBuilder.java | 13 +- .../moa/id/auth/builder/BPKBuilder.java | 158 +++-------- .../id/config/auth/data/UserWhitelistStore.java | 39 ++- .../auth/data/AuthenticationDataBuilderTest.java | 85 ++++++ .../moa/id/config/auth/data/DummyAuthConfig.java | 49 +++- .../moa/id/config/auth/data/DummyAuthSession.java | 287 ++++++++++++++++++++ .../moa/id/config/auth/data/DummyAuthStorage.java | 186 +++++++++++++ .../moa/id/config/auth/data/DummyOAConfig.java | 289 +++++++++++++++++++++ .../auth/data/UserRestrictionWhiteListTest.java | 8 +- .../moa/id/module/test/TestRequestImpl.java | 5 +- .../src/test/resources/BPK-Whitelist_20180607.csv | 4 +- .../SpringTest-context_basic_user_whitelist.xml | 11 + .../moa/id/commons/validation/IPKIXValidator.java | 6 + .../commons/validation/MOASPPKIXCertValidator.java | 9 + .../validation/PKIXValidatorConfiguration.java | 21 ++ .../modules/sl20_auth/eIDDataVerifierTest.java | 8 +- .../data/SSOTransferOnlineApplication.java | 6 + 17 files changed, 1037 insertions(+), 147 deletions(-) create mode 100644 id/server/idserverlib/src/test/java/at/gv/egovernment/moa/id/config/auth/data/AuthenticationDataBuilderTest.java create mode 100644 id/server/idserverlib/src/test/java/at/gv/egovernment/moa/id/config/auth/data/DummyAuthSession.java create mode 100644 id/server/idserverlib/src/test/java/at/gv/egovernment/moa/id/config/auth/data/DummyAuthStorage.java create mode 100644 id/server/idserverlib/src/test/java/at/gv/egovernment/moa/id/config/auth/data/DummyOAConfig.java create mode 100644 id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/id/commons/validation/IPKIXValidator.java create mode 100644 id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/id/commons/validation/MOASPPKIXCertValidator.java create mode 100644 id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/id/commons/validation/PKIXValidatorConfiguration.java (limited to 'id') diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/builder/AuthenticationDataBuilder.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/builder/AuthenticationDataBuilder.java index 91159ad4e..afac80df9 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/builder/AuthenticationDataBuilder.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/builder/AuthenticationDataBuilder.java @@ -106,13 +106,14 @@ import iaik.x509.X509Certificate; @Service("AuthenticationDataBuilder") public class AuthenticationDataBuilder extends MOAIDAuthConstants { - private static final String CONFIGURATION_PROP_FOREIGN_BPK_ENC_KEYS = "configuration.foreignsectors.pubkey"; + public static final String CONFIGURATION_PROP_FOREIGN_BPK_ENC_KEYS = "configuration.foreignsectors.pubkey"; + + @Autowired(required=true) private IAuthenticationSessionStoreage authenticatedSessionStorage; + @Autowired(required=true) protected AuthConfiguration authConfig; + @Autowired(required=false) private MOAMetadataProvider metadataProvider; + @Autowired(required=false) private AttributQueryBuilder attributQueryBuilder; + @Autowired(required=false) private SAMLVerificationEngineSP samlVerificationEngine; - @Autowired private IAuthenticationSessionStoreage authenticatedSessionStorage; - @Autowired protected AuthConfiguration authConfig; - @Autowired private AttributQueryBuilder attributQueryBuilder; - @Autowired private SAMLVerificationEngineSP samlVerificationEngine; - @Autowired(required=true) private MOAMetadataProvider metadataProvider; private Map encKeyMap = new HashMap(); diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/builder/BPKBuilder.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/builder/BPKBuilder.java index 04df32309..14de65e36 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/builder/BPKBuilder.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/builder/BPKBuilder.java @@ -149,121 +149,7 @@ public class BPKBuilder { } } } - - - /** - * Builds the storkeid from the given parameters. - * - * @param baseID baseID of the citizen - * @param baseIDType Type of the baseID - * @param sourceCountry CountryCode of that country, which build the eIDAs ID - * @param destinationCountry CountryCode of that country, which receives the eIDAs ID - * - * @return Pair in a BASE64 encoding - * @throws BuildException if an error occurs on building the wbPK - */ - private Pair buildeIDASIdentifer(String baseID, String baseIDType, String sourceCountry, String destinationCountry) - throws BuildException { - String bPK = null; - String bPKType = null; - - // check if we have been called by public sector application - if (baseIDType.startsWith(Constants.URN_PREFIX_BASEID)) { - bPKType = Constants.URN_PREFIX_EIDAS + "+" + sourceCountry + "+" + destinationCountry; - Logger.debug("Building eIDAS identification from: [identValue]+" + bPKType); - bPK = calculatebPKwbPK(baseID + "+" + bPKType); - - } else { // if not, sector identification value is already calculated by BKU - Logger.debug("eIDAS eIdentifier already provided by BKU"); - bPK = baseID; - } - - if ((MiscUtil.isEmpty(bPK) || - MiscUtil.isEmpty(sourceCountry) || - MiscUtil.isEmpty(destinationCountry))) { - throw new BuildException("builder.00", - new Object[]{"eIDAS-ID", "Unvollständige Parameterangaben: identificationValue=" + - bPK + ", Zielland=" + destinationCountry + ", Ursprungsland=" + sourceCountry}); - } - - Logger.debug("Building eIDAS identification from: " + sourceCountry+"/"+destinationCountry+"/" + "[identValue]"); - String eIdentifier = sourceCountry + "/" + destinationCountry + "/" + bPK; - - return Pair.newInstance(eIdentifier, bPKType); - } - -// /** -// * Builds the bPK from the given parameters. -// * -// * @param identificationValue Base64 encoded "Stammzahl" -// * @param target "Bereich lt. Verordnung des BKA" -// * @return bPK in a BASE64 encoding -// * @throws BuildException if an error occurs on building the bPK -// */ -// private String buildBPK(String identificationValue, String target) -// throws BuildException { -// -// if ((identificationValue == null || -// identificationValue.length() == 0 || -// target == null || -// target.length() == 0)) { -// throw new BuildException("builder.00", -// new Object[]{"BPK", "Unvollständige Parameterangaben: identificationValue=" + -// identificationValue + ",target=" + target}); -// } -// String basisbegriff; -// if (target.startsWith(Constants.URN_PREFIX_CDID + "+")) -// basisbegriff = identificationValue + "+" + target; -// else -// basisbegriff = identificationValue + "+" + Constants.URN_PREFIX_CDID + "+" + target; -// -// return calculatebPKwbPK(basisbegriff); -// } -// -// /** -// * Builds the wbPK from the given parameters. -// * -// * @param identificationValue Base64 encoded "Stammzahl" -// * @param registerAndOrdNr type of register + "+" + number in register. -// * @return wbPK in a BASE64 encoding -// * @throws BuildException if an error occurs on building the wbPK -// */ -// private String buildWBPK(String identificationValue, String registerAndOrdNr) -// throws BuildException { -// -// if ((identificationValue == null || -// identificationValue.length() == 0 || -// registerAndOrdNr == null || -// registerAndOrdNr.length() == 0)) { -// throw new BuildException("builder.00", -// new Object[]{"wbPK", "Unvollständige Parameterangaben: identificationValue=" + -// identificationValue + ",Register+Registernummer=" + registerAndOrdNr}); -// } -// -// String basisbegriff; -// if (registerAndOrdNr.startsWith(Constants.URN_PREFIX_WBPK + "+")) -// basisbegriff = identificationValue + "+" + registerAndOrdNr; -// else -// basisbegriff = identificationValue + "+" + Constants.URN_PREFIX_WBPK + "+" + registerAndOrdNr; -// -// return calculatebPKwbPK(basisbegriff); -// } -// -// private String buildbPKorwbPK(String baseID, String bPKorwbPKTarget) throws BuildException { -// if (MiscUtil.isEmpty(baseID) || -// !(bPKorwbPKTarget.startsWith(Constants.URN_PREFIX_CDID + "+") || -// bPKorwbPKTarget.startsWith(Constants.URN_PREFIX_WBPK + "+") || -// bPKorwbPKTarget.startsWith(Constants.URN_PREFIX_STORK + "+")) ) { -// throw new BuildException("builder.00", -// new Object[]{"bPK/wbPK", "bPK or wbPK target " + bPKorwbPKTarget -// + " has an unkown prefix."}); -// -// } -// -// return calculatebPKwbPK(baseID + "+" + bPKorwbPKTarget); -// -// } - + public static String encryptBPK(String bpk, String target, PublicKey publicKey) throws BuildException { MiscUtil.assertNotNull(bpk, "BPK"); MiscUtil.assertNotNull(target, "sector"); @@ -332,6 +218,48 @@ public class BPKBuilder { } } + + /** + * Builds the storkeid from the given parameters. + * + * @param baseID baseID of the citizen + * @param baseIDType Type of the baseID + * @param sourceCountry CountryCode of that country, which build the eIDAs ID + * @param destinationCountry CountryCode of that country, which receives the eIDAs ID + * + * @return Pair in a BASE64 encoding + * @throws BuildException if an error occurs on building the wbPK + */ + private Pair buildeIDASIdentifer(String baseID, String baseIDType, String sourceCountry, String destinationCountry) + throws BuildException { + String bPK = null; + String bPKType = null; + + // check if we have been called by public sector application + if (baseIDType.startsWith(Constants.URN_PREFIX_BASEID)) { + bPKType = Constants.URN_PREFIX_EIDAS + "+" + sourceCountry + "+" + destinationCountry; + Logger.debug("Building eIDAS identification from: [identValue]+" + bPKType); + bPK = calculatebPKwbPK(baseID + "+" + bPKType); + + } else { // if not, sector identification value is already calculated by BKU + Logger.debug("eIDAS eIdentifier already provided by BKU"); + bPK = baseID; + } + + if ((MiscUtil.isEmpty(bPK) || + MiscUtil.isEmpty(sourceCountry) || + MiscUtil.isEmpty(destinationCountry))) { + throw new BuildException("builder.00", + new Object[]{"eIDAS-ID", "Unvollständige Parameterangaben: identificationValue=" + + bPK + ", Zielland=" + destinationCountry + ", Ursprungsland=" + sourceCountry}); + } + + Logger.debug("Building eIDAS identification from: " + sourceCountry+"/"+destinationCountry+"/" + "[identValue]"); + String eIdentifier = sourceCountry + "/" + destinationCountry + "/" + bPK; + + return Pair.newInstance(eIdentifier, bPKType); + } + private String calculatebPKwbPK(String basisbegriff) throws BuildException { try { MessageDigest md = MessageDigest.getInstance("SHA-1"); diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/auth/data/UserWhitelistStore.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/auth/data/UserWhitelistStore.java index a90d71a18..a32159dd0 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/auth/data/UserWhitelistStore.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/auth/data/UserWhitelistStore.java @@ -18,6 +18,7 @@ import org.springframework.beans.factory.annotation.Autowired; import org.springframework.stereotype.Service; import at.gv.egovernment.moa.id.auth.modules.internal.tasks.UserRestrictionTask; +import at.gv.egovernment.moa.id.commons.MOAIDAuthConstants; import at.gv.egovernment.moa.id.commons.api.AuthConfiguration; import at.gv.egovernment.moa.id.commons.utils.KeyValueUtils; import at.gv.egovernment.moa.util.FileUtils; @@ -35,26 +36,44 @@ public class UserWhitelistStore { @PostConstruct private void initialize() { String whiteListUrl = authConfig.getBasicMOAIDConfiguration(UserRestrictionTask.CONFIG_PROPS_CSV_USER_FILE); - if (MiscUtil.isEmpty(whiteListUrl)) - Logger.debug("Do not initialize user whitelist. Reason: No configuration path to CSV file."); + String internalTarget = authConfig.getBasicMOAIDConfiguration(UserRestrictionTask.CONFIG_PROPS_CSV_USER_SECTOR); + if (MiscUtil.isEmpty(whiteListUrl) || MiscUtil.isEmpty(internalTarget)) + Logger.debug("Do not initialize user whitelist. Reason: NO configuration path to CSV file or NO internal bPK target for whitelist"); else { - absWhiteListUrl = FileUtils.makeAbsoluteURL(whiteListUrl, authConfig.getRootConfigFileDir()); - try { - InputStream is = new FileInputStream(new File(new URL(absWhiteListUrl).toURI())); + if (internalTarget.startsWith(MOAIDAuthConstants.PREFIX_CDID)) + internalTarget = internalTarget.substring(MOAIDAuthConstants.PREFIX_CDID.length()); + else if (internalTarget.startsWith(MOAIDAuthConstants.PREFIX_WPBK)) + internalTarget = internalTarget.substring(MOAIDAuthConstants.PREFIX_WPBK.length()); + else if (internalTarget.startsWith(MOAIDAuthConstants.PREFIX_EIDAS)) + internalTarget = internalTarget.substring(MOAIDAuthConstants.PREFIX_EIDAS.length()); + else { + Logger.warn("Sector: " + internalTarget + " is NOT supported for user whitelist."); + Logger.info("User whitelist-store MAY NOT contains all user from whitelist"); + } + + try { + absWhiteListUrl = new URL(FileUtils.makeAbsoluteURL(whiteListUrl, authConfig.getRootConfigFileDir())) + .toURI().toString().substring("file:".length()); + InputStream is = new FileInputStream(new File(absWhiteListUrl)); String whiteListString = IOUtils.toString(new InputStreamReader(is)); List preWhitelist = KeyValueUtils.getListOfCSVValues(KeyValueUtils.normalizeCSVValueString(whiteListString)); + + //remove prefix if required for (String bPK : preWhitelist) { String[] bPKSplit = bPK.split(":"); if (bPKSplit.length == 1) whitelist.add(bPK); - else if (bPKSplit.length ==2 ) - whitelist.add(bPKSplit[1]); - - else + else if (bPKSplit.length ==2 ) { + if (internalTarget.equals(bPKSplit[0])) + whitelist.add(bPKSplit[1]); + else + Logger.info("Whitelist entry: " + bPK + " has an unsupported target. Entry will be removed ..."); + + } else Logger.info("Whitelist entry: " + bPK + " has an unsupported format. Entry will be removed ..."); } @@ -108,7 +127,7 @@ public class UserWhitelistStore { public boolean isUserbPKInWhitelistDynamic(String bPK, boolean onlyDynamic) { try { if (absWhiteListUrl != null) { - InputStream is = new FileInputStream(new File(new URL(absWhiteListUrl).toURI())); + InputStream is = new FileInputStream(new File(absWhiteListUrl)); String whiteListString = IOUtils.toString(new InputStreamReader(is)); if (whiteListString != null && whiteListString.contains(bPK)) { Logger.trace("Find user with dynamic whitelist check"); diff --git a/id/server/idserverlib/src/test/java/at/gv/egovernment/moa/id/config/auth/data/AuthenticationDataBuilderTest.java b/id/server/idserverlib/src/test/java/at/gv/egovernment/moa/id/config/auth/data/AuthenticationDataBuilderTest.java new file mode 100644 index 000000000..e300c8ec8 --- /dev/null +++ b/id/server/idserverlib/src/test/java/at/gv/egovernment/moa/id/config/auth/data/AuthenticationDataBuilderTest.java @@ -0,0 +1,85 @@ +package at.gv.egovernment.moa.id.config.auth.data; + +import java.io.ByteArrayInputStream; +import java.util.Arrays; +import java.util.List; + +import org.junit.Test; +import org.junit.runner.RunWith; +import org.springframework.beans.factory.annotation.Autowired; +import org.springframework.test.context.ContextConfiguration; +import org.springframework.test.context.junit4.SpringJUnit4ClassRunner; + +import at.gv.egovernment.moa.id.auth.builder.AuthenticationDataBuilder; +import at.gv.egovernment.moa.id.auth.parser.IdentityLinkAssertionParser; +import at.gv.egovernment.moa.id.commons.api.IRequest; +import at.gv.egovernment.moa.id.commons.api.data.IAuthenticationSession; +import at.gv.egovernment.moa.id.data.IAuthData; +import at.gv.egovernment.moa.id.module.test.TestRequestImpl; +import at.gv.egovernment.moa.util.Base64Utils; + +@RunWith(SpringJUnit4ClassRunner.class) +@ContextConfiguration("/SpringTest-context_basic_user_whitelist.xml") +public class AuthenticationDataBuilderTest { + + @Autowired private AuthenticationDataBuilder authBuilder; + + private static final String DUMMY_IDL = "PHNhbWw6QXNzZXJ0aW9uIEFzc2VydGlvbklEPSJzenIuYm1pLmd2LmF0LUFzc2VydGlvbklEMTUyNzY2OTEwMDU5MTI3NDQiIElzc3VlSW5zdGFudD0iMjAxOC0wNS0zMFQxMDozMTo0MCswMTowMCIgSXNzdWVyPSJodHRwOi8vcG9ydGFsLmJtaS5ndi5hdC9yZWYvc3pyL2lzc3VlciIgTWFqb3JWZXJzaW9uPSIxIiBNaW5vclZlcnNpb249IjAiIHhtbG5zOnNhbWw9InVybjpvYXNpczpuYW1lczp0YzpTQU1MOjEuMDphc3NlcnRpb24iIHhtbG5zOnByPSJodHRwOi8vcmVmZXJlbmNlLmUtZ292ZXJubWVudC5ndi5hdC9uYW1lc3BhY2UvcGVyc29uZGF0YS8yMDAyMDIyOCMiIHhtbG5zOmRzaWc9Imh0dHA6Ly93d3cudzMub3JnLzIwMDAvMDkveG1sZHNpZyMiIHhtbG5zOmVjZHNhPSJodHRwOi8vd3d3LnczLm9yZy8yMDAxLzA0L3htbGRzaWctbW9yZSMiIHhtbG5zOnNpPSJodHRwOi8vd3d3LnczLm9yZy8yMDAxL1hNTFNjaGVtYS1pbnN0YW5jZSI+Cgk8c2FtbDpBdHRyaWJ1dGVTdGF0ZW1lbnQ+CgkJPHNhbWw6U3ViamVjdD4KCQkJPHNhbWw6U3ViamVjdENvbmZpcm1hdGlvbj4KCQkJCTxzYW1sOkNvbmZpcm1hdGlvbk1ldGhvZD51cm46b2FzaXM6bmFtZXM6dGM6U0FNTDoxLjA6Y206c2VuZGVyLXZvdWNoZXM8L3NhbWw6Q29uZmlybWF0aW9uTWV0aG9kPgoJCQkJPHNhbWw6U3ViamVjdENvbmZpcm1hdGlvbkRhdGE+CgkJCQkJPHByOlBlcnNvbiBzaTp0eXBlPSJwcjpQaHlzaWNhbFBlcnNvblR5cGUiPjxwcjpJZGVudGlmaWNhdGlvbj48cHI6VmFsdWU+dHFDUUVDNytBcUdFZWVMMzkwVjVKZz09PC9wcjpWYWx1ZT48cHI6VHlwZT51cm46cHVibGljaWQ6Z3YuYXQ6YmFzZWlkPC9wcjpUeXBlPjwvcHI6SWRlbnRpZmljYXRpb24+PHByOk5hbWU+PHByOkdpdmVuTmFtZT5NYXg8L3ByOkdpdmVuTmFtZT48cHI6RmFtaWx5TmFtZSBwcmltYXJ5PSJ1bmRlZmluZWQiPk11c3Rlcm1hbm48L3ByOkZhbWlseU5hbWU+PC9wcjpOYW1lPjxwcjpEYXRlT2ZCaXJ0aD4xOTQwLTAxLTAxPC9wcjpEYXRlT2ZCaXJ0aD48L3ByOlBlcnNvbj4KCQkJCTwvc2FtbDpTdWJqZWN0Q29uZmlybWF0aW9uRGF0YT4KCQkJPC9zYW1sOlN1YmplY3RDb25maXJtYXRpb24+CgkJPC9zYW1sOlN1YmplY3Q+Cgk8c2FtbDpBdHRyaWJ1dGUgQXR0cmlidXRlTmFtZT0iQ2l0aXplblB1YmxpY0tleSIgQXR0cmlidXRlTmFtZXNwYWNlPSJ1cm46cHVibGljaWQ6Z3YuYXQ6bmFtZXNwYWNlczppZGVudGl0eWxpbms6MS4yIj48c2FtbDpBdHRyaWJ1dGVWYWx1ZT48ZHNpZzpSU0FLZXlWYWx1ZT48ZHNpZzpNb2R1bHVzPnMwWmhkR2E4REgwSW1iTlU3aTRxdDRtR25CUEFlTDk5Q0dkZmRCOEhWWE5CNWd3d2VMY1o5WE1TWUJvUHFHdFVqemh6S29zRkN5M0sNCmpsSEVrejB0L3JQemhOVGRsVjJRN0FGWEZlT2g3M3dPajQ3R1B2T2lVNzdwQjE3WnJaOHlObW1JTTEyUVE5MVN0RGFWRkUra0dxUEkNCmNFZHZiZk94blU4aGNpa3lYcWVheFZVV3oxbVdXTnRveUwyWG5wa1U0QkZVQnU1NWg5S2tYVEFQcnBUbEFMZjkvRDFKamZWb05tamwNCnBLWXh6Q3JBSmE4Sno4Ui9sNis0U0U3YXc3dGZuazNZUXkxcFVmNWZmellkeXZQS2ZxVTBUTUVKLzdpOW1ORHFCZlVwcVhBRWowdWUNCkpvRWs0UC9pa2Q5UnZuVUlsU0V1NzFHMyt1VEluSXBaaTd2UG93PT08L2RzaWc6TW9kdWx1cz48ZHNpZzpFeHBvbmVudD5BUUFCPC9kc2lnOkV4cG9uZW50PjwvZHNpZzpSU0FLZXlWYWx1ZT48L3NhbWw6QXR0cmlidXRlVmFsdWU+PC9zYW1sOkF0dHJpYnV0ZT48L3NhbWw6QXR0cmlidXRlU3RhdGVtZW50PgoJPGRzaWc6U2lnbmF0dXJlPgoJCTxkc2lnOlNpZ25lZEluZm8+CgkJCTxkc2lnOkNhbm9uaWNhbGl6YXRpb25NZXRob2QgQWxnb3JpdGhtPSJodHRwOi8vd3d3LnczLm9yZy8yMDAxLzEwL3htbC1leGMtYzE0biMiIC8+CgkJCTxkc2lnOlNpZ25hdHVyZU1ldGhvZCBBbGdvcml0aG09Imh0dHA6Ly93d3cudzMub3JnLzIwMDAvMDkveG1sZHNpZyNyc2Etc2hhMSIgLz4KCQkJPGRzaWc6UmVmZXJlbmNlIFVSST0iIj4KCQkJCTxkc2lnOlRyYW5zZm9ybXM+CgkJCQkJPGRzaWc6VHJhbnNmb3JtIEFsZ29yaXRobT0iaHR0cDovL3d3dy53My5vcmcvVFIvMTk5OS9SRUMteHBhdGgtMTk5OTExMTYiPgoJCQkJCQk8ZHNpZzpYUGF0aD5ub3QoYW5jZXN0b3Itb3Itc2VsZjo6cHI6SWRlbnRpZmljYXRpb24pPC9kc2lnOlhQYXRoPgoJCQkJCTwvZHNpZzpUcmFuc2Zvcm0+CgkJCQkJPGRzaWc6VHJhbnNmb3JtIEFsZ29yaXRobT0iaHR0cDovL3d3dy53My5vcmcvMjAwMC8wOS94bWxkc2lnI2VudmVsb3BlZC1zaWduYXR1cmUiIC8+CgkJCQk8L2RzaWc6VHJhbnNmb3Jtcz4KCQkJCTxkc2lnOkRpZ2VzdE1ldGhvZCBBbGdvcml0aG09Imh0dHA6Ly93d3cudzMub3JnLzIwMDAvMDkveG1sZHNpZyNzaGExIiAvPgoJCQkJPGRzaWc6RGlnZXN0VmFsdWU+QmVIdUFyYXUzSFVQcXg5dHV3QTRGaDNOSDB3PTwvZHNpZzpEaWdlc3RWYWx1ZT4KCQkJPC9kc2lnOlJlZmVyZW5jZT4KCQkJPGRzaWc6UmVmZXJlbmNlIFR5cGU9Imh0dHA6Ly93d3cudzMub3JnLzIwMDAvMDkveG1sZHNpZyNNYW5pZmVzdCIgVVJJPSIjbWFuaWZlc3QiPgoJCQkJPGRzaWc6RGlnZXN0TWV0aG9kIEFsZ29yaXRobT0iaHR0cDovL3d3dy53My5vcmcvMjAwMC8wOS94bWxkc2lnI3NoYTEiIC8+CgkJCQk8ZHNpZzpEaWdlc3RWYWx1ZT5mVEUrMjRnRHlkUlgvd0p2QlAxOUlucU54Rkk9PC9kc2lnOkRpZ2VzdFZhbHVlPgoJCQk8L2RzaWc6UmVmZXJlbmNlPgoJCTwvZHNpZzpTaWduZWRJbmZvPgoJCTxkc2lnOlNpZ25hdHVyZVZhbHVlPgogICAgUHpLMWR2N2JFMGhQcGxlc1ZaRFhHSWxhbTlUK0JxWkd4ZWs5RHVuYkhNK21GWWI3a1NaZTN2eEszUmhRZjNBV3djbXFtVWZPRlJObg0KWndxYnovNGRZd2hJRld6VGdMelVmMlZkR0JsN2szbS8wSmJXSkV1bEtobE5vV2ZSTkRrdTRZcmI2THVrWjdaQzJFcWd2UXYxa1BRTg0Kb1BvQ1I5d3hUc1RKWFNCaHdLc0lERG9vZHY3aUVpWGFCM0xmVHQrQWdYdEdvbWRRaktjby9WamJSSzRUUEkvQUVNVU1KWm9zZlJYMg0KdmE2U1BaUnV4QjBlWkwwVGVzYittRjlFaUlOVnNTSU9nbTVSRE95V1ZRZkJnVG9nYjNoWmlLVmh0a1IvaWlSNmhZNlA2b1cwTDh4ag0KMG5ZVldPRHAxSlJML3Z0ZDFhUklVYzNCQTJQaFkrRmdJR1FHTUE9PQogIDwvZHNpZzpTaWduYXR1cmVWYWx1ZT48ZHNpZzpLZXlJbmZvPjxkc2lnOlg1MDlEYXRhPjxkc2lnOlg1MDlDZXJ0aWZpY2F0ZT5NSUlGdXpDQ0JLT2dBd0lCQWdJREdTa2VNQTBHQ1NxR1NJYjNEUUVCQlFVQU1JR2ZNUXN3Q1FZRFZRUUdFd0pCDQpWREZJTUVZR0ExVUVDZ3cvUVMxVWNuVnpkQ0JIWlhNdUlHWXVJRk5wWTJobGNtaGxhWFJ6YzNsemRHVnRaU0JwDQpiU0JsYkdWcmRISXVJRVJoZEdWdWRtVnlhMlZvY2lCSGJXSklNU0l3SUFZRFZRUUxEQmxoTFhOcFoyNHRZMjl5DQpjRzl5WVhSbExXeHBaMmgwTFRBeU1TSXdJQVlEVlFRRERCbGhMWE5wWjI0dFkyOXljRzl5WVhSbExXeHBaMmgwDQpMVEF5TUI0WERURTFNRGN5T0RFMU5Ea3dOVm9YRFRJd01EY3lPREV6TkRrd05Wb3dnYll4Q3pBSkJnTlZCQVlUDQpBa0ZVTVI0d0hBWURWUVFLREJWRVlYUmxibk5qYUhWMGVtdHZiVzFwYzNOcGIyNHhJakFnQmdOVkJBc01HVk4wDQpZVzF0ZW1Gb2JISmxaMmx6ZEdWeVltVm9iMlZ5WkdVeExqQXNCZ05WQkFNTUpWTnBaMjVoZEhWeWMyVnlkbWxqDQpaU0JFWVhSbGJuTmphSFYwZW10dmJXMXBjM05wYjI0eEZUQVRCZ05WQkFVVERETXlOVGt5T0RNeU16azVPREVjDQpNQm9HQ1NxR1NJYjNEUUVKQVF3TlpITnJRR1J6YXk1bmRpNWhkRENDQVNJd0RRWUpLb1pJaHZjTkFRRUJCUUFEDQpnZ0VQQURDQ0FRb0NnZ0VCQU4rZEJTRUJHajJqVVhJSzFNcDNsVnhjL1phK3BKTWl5S3JYM0cxWnhnWC9pa3g3DQpEOXNjc1BZTXQ0NzNMbEFXbDljbUNiSGJKSytQVjJYTk5kVVJMTVVDSVgrNHZVTnMyTUhlRFRRdFg4QlhqSkZwDQp3SllTb2FSSlEzOUZWUy8xcjVzV2NyYTlIaGRtN3c1R3R4LzJ1a3lEWDBrZGt4YXdraFA0RVFFemkvU0krRnVnDQpuK1dxZ1ExbkFkbGJ4Yi9kY0J3NXcxaDliM2xtdXdVZjR6M29vUVdVRDJEZ0Eva0tkMUtlak5SNDNtTFVzbXZTDQp6ZXZQeFQ5enM3OHBPUjFPYWNCN0lzelRWSlBYZU9FYWFOWkhubkIvVWVPM2c4TEVWLzNPa1hjVWdjTWtiSUlpDQphQkhsbGw3MVBxMENPajlrcWpYb2U3T3JSakxZNWkzS3dPcGE2VE1DQXdFQUFhT0NBZVV3Z2dIaE1CRUdBMVVkDQpEZ1FLQkFoTUNBNmVHdlMxdWpBT0JnTlZIUThCQWY4RUJBTUNCTEF3RGdZSEtpZ0FDZ0VIQVFRREFRSC9NQk1HDQpBMVVkSXdRTU1BcUFDRWtjV0RwUDZBMERNQWtHQTFVZEV3UUNNQUF3RkFZSEtpZ0FDZ0VCQVFRSkRBZENVMEl0DQpSRk5MTUg4R0NDc0dBUVVGQndFQkJITXdjVEJHQmdnckJnRUZCUWN3QW9ZNmFIUjBjRG92TDNkM2R5NWhMWFJ5DQpkWE4wTG1GMEwyTmxjblJ6TDJFdGMybG5iaTFqYjNKd2IzSmhkR1V0YkdsbmFIUXRNREpoTG1OeWREQW5CZ2dyDQpCZ0VGQlFjd0FZWWJhSFIwY0RvdkwyOWpjM0F1WVMxMGNuVnpkQzVoZEM5dlkzTndNRlFHQTFVZElBUk5NRXN3DQpTUVlHS2lnQUVRRVNNRDh3UFFZSUt3WUJCUVVIQWdFV01XaDBkSEE2THk5M2QzY3VZUzEwY25WemRDNWhkQzlrDQpiMk56TDJOd0wyRXRjMmxuYmkxQmJYUnpjMmxuYm1GMGRYSXdnWjRHQTFVZEh3U0JsakNCa3pDQmtLQ0JqYUNCDQppb2FCaDJ4a1lYQTZMeTlzWkdGd0xtRXRkSEoxYzNRdVlYUXZiM1U5WVMxemFXZHVMV052Y25CdmNtRjBaUzFzDQphV2RvZEMwd01peHZQVUV0VkhKMWMzUXNZejFCVkQ5alpYSjBhV1pwWTJGMFpYSmxkbTlqWVhScGIyNXNhWE4wDQpQMkpoYzJVL2IySnFaV04wWTJ4aGMzTTlaV2xrUTJWeWRHbG1hV05oZEdsdmJrRjFkR2h2Y21sMGVUQU5CZ2txDQpoa2lHOXcwQkFRVUZBQU9DQVFFQUhRM1pDTXRBYmF6ZU1IbVdBMnpoWWxIcUhnS1ZvY1ZYRURnbU5tV0xHcUZlDQo4RUFERklzOHVHcmt0Qm1XQ1VJWGJYczdUSGNmeHMySjQ3dkh1Y29wc2RrYWJObFhFanpuZFJmbmMrMVZJbmJvDQp6TXJZZDdqZUROVEsvdElqaU9FWWRyeUlwZWtWOUNmYXc3eXU2bWVmTXpldTFhQXdmN0JuSy9odWl3SlduZW5wDQpCN2lEL1B2WittenVDN1JOZkpmRisrU3RpQlR4aTNWWXhOR01qTTFjVThHdzlWV2MwUjNFdWpPYVhXZ0NDOGk1DQpGR2hWdk9ZaE5YZnN4SlhiTnhld0VDanBBTHZEbEZMTCtpQzQ5RytBRFNvUnYwU2s5MU9QdStjSW1DajNyczNRDQp0YXNJL3A5TFlhY0c2Yy9nSTN0RTBpaHFnOVJic0tIWFFsM1BPdkVSSkE9PTwvZHNpZzpYNTA5Q2VydGlmaWNhdGU+PC9kc2lnOlg1MDlEYXRhPjwvZHNpZzpLZXlJbmZvPgoJCTxkc2lnOk9iamVjdD4KCQkJPGRzaWc6TWFuaWZlc3QgSWQ9Im1hbmlmZXN0Ij4KCQkJCTxkc2lnOlJlZmVyZW5jZSBVUkk9IiI+CgkJCQkJPGRzaWc6VHJhbnNmb3Jtcz4KCQkJCQkJPGRzaWc6VHJhbnNmb3JtIEFsZ29yaXRobT0iaHR0cDovL3d3dy53My5vcmcvVFIvMTk5OS9SRUMteHBhdGgtMTk5OTExMTYiPgoJCQkJCQkJPGRzaWc6WFBhdGg+bm90KGFuY2VzdG9yLW9yLXNlbGY6OmRzaWc6U2lnbmF0dXJlKTwvZHNpZzpYUGF0aD4KCQkJCQkJPC9kc2lnOlRyYW5zZm9ybT4KCQkJCQk8L2RzaWc6VHJhbnNmb3Jtcz4KCQkJCQk8ZHNpZzpEaWdlc3RNZXRob2QgQWxnb3JpdGhtPSJodHRwOi8vd3d3LnczLm9yZy8yMDAwLzA5L3htbGRzaWcjc2hhMSIgLz4KCQkJCQk8ZHNpZzpEaWdlc3RWYWx1ZT5wM1pwS1BvK0ZYT3ZXdEhidFJzR2VLWm9lSTQ9PC9kc2lnOkRpZ2VzdFZhbHVlPgoJCQkJPC9kc2lnOlJlZmVyZW5jZT4KCQkJPC9kc2lnOk1hbmlmZXN0PgoJCTwvZHNpZzpPYmplY3Q+Cgk8L2RzaWc6U2lnbmF0dXJlPgo8L3NhbWw6QXNzZXJ0aW9uPg=="; + + @Test + public void dummyTest() throws Exception { + + + } + + + @Test + public void buildAuthDataWithIDLOnly() throws Exception { + IRequest pendingReq = new TestRequestImpl(); + DummyOAConfig oaParam = new DummyOAConfig(); + oaParam.setHasBaseIdTransferRestriction(false); + oaParam.setTarget("urn:publicid:gv.at:cdid+ZP-MH"); + oaParam.setForeignbPKSectors(Arrays.asList("wbpk+FN+195738a")); + + IAuthenticationSession session = new DummyAuthSession(); + session.setIdentityLink(new IdentityLinkAssertionParser(new ByteArrayInputStream(Base64Utils.decode(DUMMY_IDL, false))).parseIdentityLink()); + + IAuthData authData = authBuilder.buildAuthenticationData(pendingReq, session, oaParam); + + if (!authData.getFamilyName().equals("Mustermann")) + throw new Exception("Familyname wrong"); + + if (!authData.getGivenName().equals("Max")) + throw new Exception("GivenName wrong"); + + if (!authData.getFormatedDateOfBirth().equals("1940-01-01")) + throw new Exception("DateOfBirth wrong"); + + + if (!authData.getIdentificationValue().equals("tqCQEC7+AqGEeeL390V5Jg==")) + throw new Exception("baseId wrong"); + + if (!authData.getIdentificationType().equals("urn:publicid:gv.at:baseid")) + throw new Exception("baseIdType wrong"); + + + if (!authData.getBPK().equals("DJ6nGg2JgcPH768BhqTNXVsGhOY=")) + throw new Exception("bPK wrong"); + + if (!authData.getBPKType().equals("urn:publicid:gv.at:cdid+ZP-MH")) + throw new Exception("bPKType wrong"); + + + List foreignbPKs = authData.getEncbPKList(); + if (foreignbPKs.isEmpty()) + throw new Exception("NO foreign bPK list is null"); + + if (foreignbPKs.size() != 1) + throw new Exception("NO or MORE THAN ONE foreign bPK"); + + if (!foreignbPKs.get(0).startsWith("(wbpk+FN+195738a|") && !(foreignbPKs.get(0).endsWith(")"))) + throw new Exception("foreign bPK has wrong prefix"); + + } + +} diff --git a/id/server/idserverlib/src/test/java/at/gv/egovernment/moa/id/config/auth/data/DummyAuthConfig.java b/id/server/idserverlib/src/test/java/at/gv/egovernment/moa/id/config/auth/data/DummyAuthConfig.java index d72e2f28c..2c31d82f9 100644 --- a/id/server/idserverlib/src/test/java/at/gv/egovernment/moa/id/config/auth/data/DummyAuthConfig.java +++ b/id/server/idserverlib/src/test/java/at/gv/egovernment/moa/id/config/auth/data/DummyAuthConfig.java @@ -1,10 +1,12 @@ package at.gv.egovernment.moa.id.config.auth.data; import java.io.IOException; +import java.util.HashMap; import java.util.List; import java.util.Map; import java.util.Properties; +import at.gv.egovernment.moa.id.auth.builder.AuthenticationDataBuilder; import at.gv.egovernment.moa.id.auth.modules.internal.tasks.UserRestrictionTask; import at.gv.egovernment.moa.id.commons.api.AuthConfiguration; import at.gv.egovernment.moa.id.commons.api.ConnectionParameterInterface; @@ -86,8 +88,13 @@ public class DummyAuthConfig implements AuthConfiguration { } catch (IOException e) { e.printStackTrace(); } + + } else if (UserRestrictionTask.CONFIG_PROPS_CSV_USER_SECTOR.equals(key)) { + return "urn:publicid:gv.at:cdid+ZP-MH"; + } + return null; } @@ -99,8 +106,46 @@ public class DummyAuthConfig implements AuthConfiguration { @Override public Map getBasicMOAIDConfigurationWithPrefix(String prefix) { - // TODO Auto-generated method stub - return null; + Map result = new HashMap(); + if (AuthenticationDataBuilder.CONFIGURATION_PROP_FOREIGN_BPK_ENC_KEYS.equals(prefix)) { + result.put("BMI+T1", "MIICuTCCAaGgAwIBAgIEWQMr6TANBgkqhkiG9w0BAQsFADAPMQ0wCwYDVQQDDARyb290MB4XDTE3MDQyODExNDgyN1oXDTE4MDQyODExNDgyN1owDzENMAsGA1UEAwwEcm9vdDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAKavdekY9h6te6UoCvahSKqhlNk+ZMGq1aBvj129J10wJoz3BsO86cK/ounvzrE9g6FOOeEtlb/lRRTwhO601o9/dXhIvSalpKgAF4owTuhxKUEhEUNJr4pUxFSm8OkPHEXqSXsn6W7tg/G0r12z246RAApw5jpzDDdYYY8gEZFXURf1xYnbKFPoNlPIyFj0vN7Afe+Fo8v3Brb05iQkC3wBxMnL2LZ7XLK8uu93VG/mOrUrEtZkFzOWg0c3WBKQgxCD/F5BMouXBSsNu7lzV2qEyX0uIiEQrv75Fk32DjQqx41S31lByFnL8YbYWX4lsCv0O9Smhjrn6+k91JsvcDECAwEAAaMdMBswDAYDVR0TBAUwAwEB/zALBgNVHQ8EBAMCAb4wDQYJKoZIhvcNAQELBQADggEBAAFQVd6PHrpBDTw+YUYj3yOgjFlKiSTEb4s59O74CZGbgElE2k36bqEJwki8W2ZiK+L3aeA1XCYF9cuI8QBWHJXg3UQFtDMF2zieOy/BBEA0HN6q4IjQKbt9cNR3w7nMp+lJ/BUlX6AIqfmSgJ6bKVlUsu4yuhstDBXy7QOAuQ8q76qkk7j6uiahWCyBRb5R9TDj7mQn0nM/tbeUUZa7Mxje/W4YhdatNYasTnExCyEE4S6lpSiJQdrkFGlRWp6Ia41/r6GZsAZ6pss+xyxDbJySqbVn2ro6WV4kMbrh/gX1HbmrF5UGIO/qvM+5yM6+wUfLtqPCK0PtLkI940E3WfM="); + result.put("wbpk+FN+468924i", "MIIDCzCCAfMCBFr9aB4wDQYJKoZIhvcNAQELBQAwSjELMAkGA1UEBhMCQVQxDTALBgNVBAoMBEVHSVoxEzARBgNVBAsMCnZpZHAuZ3YuYXQxFzAVBgNVBAMMDlNBTUwyIG1ldGFkYXRhMB4XDTE4MDUxNzExMzE0MloXDTE5MDUxNzExMzE0MlowSjELMAkGA1UEBhMCQVQxDTALBgNVBAoMBEVHSVoxEzARBgNVBAsMCnZpZHAuZ3YuYXQxFzAVBgNVBAMMDlNBTUwyIG1ldGFkYXRhMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAi5yyZCJCW2MLQKmupDZTQBNItpIqMlLNAUMF5U8vwJ0uoAWqetOyJ65Q9Wx9TixcIIxXa+0qA/7xVr44LoE4sRXZtZvkS5TGXUgD81FLXU5WJdeJQeUa63TdKjpdcL6wCbMIDs+2fDClIB7gKUV7S56NMhdiQzfW6OLFFQyfu6aXzpLcAOqq+FVo5paPjvGNgmVGwMS/4W0c8FeaPceno98rjslYslKUu3gCMezhYmvson7fEsgRf6s/Ko4pZev4rK7N+ib25g0x0L+gJkq6gb46wH4TBemXr/WTi5II1pxdG0CuLLKewDgMCymeneXPFIewiIPF9ydSPdq2XsHlTwIDAQABMA0GCSqGSIb3DQEBCwUAA4IBAQBbNeQGGDB0RjWRtCoMPQ1tF4pTMOy1QXd362Qx6kbuScEsG/9fGLE3mgpyLx3zyjX/pP0hkVtygDu/5684KEj0aJ65dx6kgFkmvLNq4YUpvQUBjylQHmpO4fsL57q8ZMnoWow8rX4g18sP8lHvW1g+tfWa3r+RRN/NlHm0RYb559xq7NgfPu11gxp9O6RsSkrf0IkWnJ1dit4bx7RR8PY+ZZjPAfg8/eAZ98DSP8FPdlLkKQvRV5NCIjG4tU5tIV4z5yvZ/npdKMdqjiQxmA002U+inOzCcciRRZSdXhYgqvkuMEHYsaoGlLwj+wJbEviobPpWxcEeQoqEwIj6QpwX"); + result.put("wbpk+FN+195738a", "MIIF2TCCA8GgAwIBAgIEL2AV4zANBgkqhkiG9w0BAQsFADCBizELMAkGA1UEBhMC\r\n" + + "QVQxSDBGBgNVBAoMP0EtVHJ1c3QgR2VzLiBmLiBTaWNoZXJoZWl0c3N5c3RlbWUg\r\n" + + "aW0gZWxla3RyLiBEYXRlbnZlcmtlaHIgR21iSDEYMBYGA1UECwwPYS1zaWduLWxp\r\n" + + "Z2h0LTA1MRgwFgYDVQQDDA9hLXNpZ24tbGlnaHQtMDUwHhcNMTgwNjA4MTA0MzEy\r\n" + + "WhcNMjMwNjA4MDg0MzEyWjBoMQswCQYDVQQGEwJBVDEbMBkGA1UEAwwSZS1UcmVz\r\n" + + "b3IgRnJlbWQtYlBLMRIwEAYDVQQEDAlGcmVtZC1iUEsxETAPBgNVBCoMCGUtVHJl\r\n" + + "c29yMRUwEwYDVQQFEwwxMTc3MDQwMzU4MjUwggEgMA0GCSqGSIb3DQEBAQUAA4IB\r\n" + + "DQAwggEIAoIBAQC9jQHCrCK4r8bKsist/h53yP7RzqDZhDGy3j6BLiGMGeQ8Qekf\r\n" + + "k+Onmy6k7PfOfBZgiOd/Zs8JXZMISycz5/G9WJp0d1iFjmRDNWmM4MEN8k+mAnW+\r\n" + + "Omn7sTJStaL5hRME/YdJpI/k08MasQuc13M6i6szpKA0eMfLf0nTWgEWt5e/x3Gj\r\n" + + "+Br7dxYtv8RDeHHVhk5EkXwbhuVi9fO/UCNEAEsKCkiTGCwVRek/c+LQ42cnuLKN\r\n" + + "Kg4LKJaIrr9uyMkibYpDZi1nXwQR9Jxsg4lzfpyAvSJIZtqMN0C66cwnzflLt9M8\r\n" + + "GwO08KzvONEo4oiodKx7IcMGGbjukHX2NY7BAgERo4IBZzCCAWMwdAYIKwYBBQUH\r\n" + + "AQEEaDBmMDsGCCsGAQUFBzAChi9odHRwOi8vd3d3LmEtdHJ1c3QuYXQvY2VydHMv\r\n" + + "YS1zaWduLWxpZ2h0LTA1LmNydDAnBggrBgEFBQcwAYYbaHR0cDovL29jc3AuYS10\r\n" + + "cnVzdC5hdC9vY3NwMBMGA1UdIwQMMAqACEhCh7VWr5ysMB0GA1UdEQQWMBSBEnRl\r\n" + + "Y2huaWtAYS10cnVzdC5hdDARBgNVHQ4ECgQIRnNIDj8iCQcwDgYDVR0PAQH/BAQD\r\n" + + "AgSwMAkGA1UdEwQCMAAwTQYDVR0gBEYwRDBCBgYqKAARAQkwODA2BggrBgEFBQcC\r\n" + + "ARYqaHR0cDovL3d3dy5hLXRydXN0LmF0L2RvY3MvY3AvYS1zaWduLWxpZ2h0MDoG\r\n" + + "A1UdHwQzMDEwL6AtoCuGKWh0dHA6Ly9jcmwuYS10cnVzdC5hdC9jcmwvYS1zaWdu\r\n" + + "LWxpZ2h0LTA1MA0GCSqGSIb3DQEBCwUAA4ICAQAh7plfW9U3hh5brYS0OmWhKJrM\r\n" + + "jBDn9TyKsdetZ3AU3/GJONSq1GrZbTv6dq6vAH0G20cNQaLSNl2/9U3WBqX2T2Ik\r\n" + + "vek8925+9HAFRVZiwnNX5CT0dQGNkqkagVzfd8dj8n+KiQZZZN9WroR9MoRXNlw1\r\n" + + "DERzlXLlYFtK+F4323LtbolSLnN793p/6al4k8RheKG0Jy+pEtpCy6KNohkl34ZE\r\n" + + "xtGrQLrJDtRtbCJcJ1t2fsM8iP9vi+K+0hOolIM7qwELRftwhvLyB+Gtlke2zLod\r\n" + + "SR0AA6fLoNISdKpSEIu1OJ88R70T3q3sEYWLHc8GHPO6WjaF/tq8iI/lPeUc0c2u\r\n" + + "gZOpH6Q3jWZo9UmhAbcyIwQTtVg9lS35EM3xPt+GC9DTsyNkTJObICZXUGsUswCp\r\n" + + "Vj76888biAR/ey9pr6fctj11w4jEwOP5pIcKdv1vX6KZl58O8kIUV3IUbvFY/M1n\r\n" + + "bfCrmm8uT4780NAIv3v8jgB/wK6EjntXoACPyGwB3lbdWJ2lZ4y5QCYEbW/8LLzJ\r\n" + + "6kGERNrFGBn4pK8GhZg8Tq1GigOyUrGteHeYUylKqLRoIvby53tYHnMx5fS/N/OU\r\n" + + "uKuAqGNHDTNkYI2jWhS6gFjUdTiaVVdKo/GSS4eDU5hsKOBRHTKWLT9E1DryCUkD\r\n" + + "u4SwB63SrCEshSczfA==\r\n"); + + } + + return result; } @Override diff --git a/id/server/idserverlib/src/test/java/at/gv/egovernment/moa/id/config/auth/data/DummyAuthSession.java b/id/server/idserverlib/src/test/java/at/gv/egovernment/moa/id/config/auth/data/DummyAuthSession.java new file mode 100644 index 000000000..e340d4c86 --- /dev/null +++ b/id/server/idserverlib/src/test/java/at/gv/egovernment/moa/id/config/auth/data/DummyAuthSession.java @@ -0,0 +1,287 @@ +package at.gv.egovernment.moa.id.config.auth.data; + +import java.util.Date; +import java.util.List; +import java.util.Map; + +import at.gv.egovernment.moa.id.commons.api.data.ExtendedSAMLAttribute; +import at.gv.egovernment.moa.id.commons.api.data.IAuthenticationSession; +import at.gv.egovernment.moa.id.commons.api.data.IIdentityLink; +import at.gv.egovernment.moa.id.commons.api.data.IMISMandate; +import at.gv.egovernment.moa.id.commons.api.data.IVerifiyXMLSignatureResponse; +import at.gv.egovernment.moa.id.commons.api.exceptions.SessionDataStorageException; +import iaik.x509.X509Certificate; + +public class DummyAuthSession implements IAuthenticationSession { + + private IIdentityLink idl; + + @Override + public boolean isAuthenticated() { + return true; + } + + @Override + public void setAuthenticated(boolean authenticated) { + // TODO Auto-generated method stub + + } + + @Override + public X509Certificate getSignerCertificate() { + // TODO Auto-generated method stub + return null; + } + + @Override + public byte[] getEncodedSignerCertificate() { + // TODO Auto-generated method stub + return null; + } + + @Override + public void setSignerCertificate(X509Certificate signerCertificate) { + // TODO Auto-generated method stub + + } + + @Override + public IIdentityLink getIdentityLink() { + return this.idl; + } + + @Override + public String getSessionID() { + return "123456789abcd"; + } + + @Override + public void setIdentityLink(IIdentityLink identityLink) { + this.idl = identityLink; + + } + + @Override + public void setSessionID(String sessionId) { + // TODO Auto-generated method stub + + } + + @Override + public String getBkuURL() { + // TODO Auto-generated method stub + return null; + } + + @Override + public void setBkuURL(String bkuURL) { + // TODO Auto-generated method stub + + } + + @Override + public String getAuthBlock() { + // TODO Auto-generated method stub + return null; + } + + @Override + public void setAuthBlock(String authBlock) { + // TODO Auto-generated method stub + + } + + @Override + public List getExtendedSAMLAttributesAUTH() { + // TODO Auto-generated method stub + return null; + } + + @Override + public void setExtendedSAMLAttributesAUTH(List extendedSAMLAttributesAUTH) { + // TODO Auto-generated method stub + + } + + @Override + public List getExtendedSAMLAttributesOA() { + // TODO Auto-generated method stub + return null; + } + + @Override + public void setExtendedSAMLAttributesOA(List extendedSAMLAttributesOA) { + // TODO Auto-generated method stub + + } + + @Override + public boolean getSAMLAttributeGebeORwbpk() { + // TODO Auto-generated method stub + return false; + } + + @Override + public void setSAMLAttributeGebeORwbpk(boolean samlAttributeGebeORwbpk) { + // TODO Auto-generated method stub + + } + + @Override + public String getIssueInstant() { + // TODO Auto-generated method stub + return null; + } + + @Override + public void setIssueInstant(String issueInstant) { + // TODO Auto-generated method stub + + } + + @Override + public void setUseMandate(String useMandate) { + // TODO Auto-generated method stub + + } + + @Override + public void setUseMandates(boolean useMandates) { + // TODO Auto-generated method stub + + } + + @Override + public boolean isMandateUsed() { + // TODO Auto-generated method stub + return false; + } + + @Override + public void setMISSessionID(String misSessionID) { + // TODO Auto-generated method stub + + } + + @Override + public String getMISSessionID() { + // TODO Auto-generated method stub + return null; + } + + @Override + public String getMandateReferenceValue() { + // TODO Auto-generated method stub + return null; + } + + @Override + public void setMandateReferenceValue(String mandateReferenceValue) { + // TODO Auto-generated method stub + + } + + @Override + public boolean isForeigner() { + // TODO Auto-generated method stub + return false; + } + + @Override + public void setForeigner(boolean isForeigner) { + // TODO Auto-generated method stub + + } + + @Override + public IVerifiyXMLSignatureResponse getXMLVerifySignatureResponse() { + // TODO Auto-generated method stub + return null; + } + + @Override + public void setXMLVerifySignatureResponse(IVerifiyXMLSignatureResponse xMLVerifySignatureResponse) { + // TODO Auto-generated method stub + + } + + @Override + public IMISMandate getMISMandate() { + // TODO Auto-generated method stub + return null; + } + + @Override + public void setMISMandate(IMISMandate mandate) { + // TODO Auto-generated method stub + + } + + @Override + public boolean isOW() { + // TODO Auto-generated method stub + return false; + } + + @Override + public void setOW(boolean isOW) { + // TODO Auto-generated method stub + + } + + @Override + public String getAuthBlockTokken() { + // TODO Auto-generated method stub + return null; + } + + @Override + public void setAuthBlockTokken(String authBlockTokken) { + // TODO Auto-generated method stub + + } + + @Override + public String getQAALevel() { + // TODO Auto-generated method stub + return null; + } + + @Override + public void setQAALevel(String qAALevel) { + // TODO Auto-generated method stub + + } + + @Override + public Date getSessionCreated() { + // TODO Auto-generated method stub + return null; + } + + @Override + public Map getGenericSessionDataStorage() { + // TODO Auto-generated method stub + return null; + } + + @Override + public Object getGenericDataFromSession(String key) { + // TODO Auto-generated method stub + return null; + } + + @Override + public T getGenericDataFromSession(String key, Class clazz) { + // TODO Auto-generated method stub + return null; + } + + @Override + public void setGenericDataToSession(String key, Object object) throws SessionDataStorageException { + // TODO Auto-generated method stub + + } + + +} diff --git a/id/server/idserverlib/src/test/java/at/gv/egovernment/moa/id/config/auth/data/DummyAuthStorage.java b/id/server/idserverlib/src/test/java/at/gv/egovernment/moa/id/config/auth/data/DummyAuthStorage.java new file mode 100644 index 000000000..76e0a83c6 --- /dev/null +++ b/id/server/idserverlib/src/test/java/at/gv/egovernment/moa/id/config/auth/data/DummyAuthStorage.java @@ -0,0 +1,186 @@ +package at.gv.egovernment.moa.id.config.auth.data; + +import java.util.Date; +import java.util.List; + +import at.gv.egovernment.moa.id.auth.data.AuthenticationSession; +import at.gv.egovernment.moa.id.auth.data.AuthenticationSessionExtensions; +import at.gv.egovernment.moa.id.auth.exception.AuthenticationException; +import at.gv.egovernment.moa.id.auth.exception.BuildException; +import at.gv.egovernment.moa.id.commons.api.IRequest; +import at.gv.egovernment.moa.id.commons.api.data.IAuthenticationSession; +import at.gv.egovernment.moa.id.commons.db.dao.session.AuthenticatedSessionStore; +import at.gv.egovernment.moa.id.commons.db.dao.session.InterfederationSessionStore; +import at.gv.egovernment.moa.id.commons.db.dao.session.OASessionStore; +import at.gv.egovernment.moa.id.commons.db.dao.session.OldSSOSessionIDStore; +import at.gv.egovernment.moa.id.commons.db.ex.MOADatabaseException; +import at.gv.egovernment.moa.id.data.SLOInformationInterface; +import at.gv.egovernment.moa.id.protocols.pvp2x.exceptions.AssertionAttributeExtractorExeption; +import at.gv.egovernment.moa.id.protocols.pvp2x.utils.AssertionAttributeExtractor; +import at.gv.egovernment.moa.id.storage.IAuthenticationSessionStoreage; + +public class DummyAuthStorage implements IAuthenticationSessionStoreage { + + @Override + public boolean isAuthenticated(String internalSsoSessionID) { + // TODO Auto-generated method stub + return false; + } + + @Override + public AuthenticationSession createInternalSSOSession(IRequest target) throws MOADatabaseException, BuildException { + // TODO Auto-generated method stub + return null; + } + + @Override + public AuthenticationSession getInternalSSOSession(String internalSsoSessionID) throws MOADatabaseException { + // TODO Auto-generated method stub + return null; + } + + @Override + public AuthenticationSessionExtensions getAuthenticationSessionExtensions(String internalSsoSessionID) + throws MOADatabaseException { + // TODO Auto-generated method stub + return null; + } + + @Override + public void setAuthenticationSessionExtensions(String internalSsoSessionID, + AuthenticationSessionExtensions sessionExtensions) throws MOADatabaseException { + // TODO Auto-generated method stub + + } + + @Override + public void destroyInternalSSOSession(String internalSsoSessionID) throws MOADatabaseException { + // TODO Auto-generated method stub + + } + + @Override + public void setAuthenticated(String internalSsoSessionID, boolean isAuthenticated) { + // TODO Auto-generated method stub + + } + + @Override + public AuthenticationSession getInternalMOASessionWithSSOID(String SSOSessionID) throws MOADatabaseException { + // TODO Auto-generated method stub + return null; + } + + @Override + public boolean isSSOSession(String sessionID) throws MOADatabaseException { + // TODO Auto-generated method stub + return false; + } + + @Override + public AuthenticatedSessionStore isValidSessionWithSSOID(String SSOId) { + // TODO Auto-generated method stub + return null; + } + + @Override + public void addSSOInformation(String moaSessionID, String SSOSessionID, SLOInformationInterface SLOInfo, + IRequest protocolRequest) throws AuthenticationException { + // TODO Auto-generated method stub + + } + + @Override + public List getAllActiveOAFromMOASession(IAuthenticationSession moaSession) { + // TODO Auto-generated method stub + return null; + } + + @Override + public List getAllActiveIDPsFromMOASession(IAuthenticationSession moaSession) { + // TODO Auto-generated method stub + return null; + } + + @Override + public IAuthenticationSession searchMOASessionWithNameIDandOAID(String oaID, String userNameID) { + // TODO Auto-generated method stub + return null; + } + + @Override + public OASessionStore searchActiveOASSOSession(IAuthenticationSession moaSession, String oaID, + String protocolType) { + // TODO Auto-generated method stub + return null; + } + + @Override + public IAuthenticationSession getSessionWithUserNameID(String nameID) { + // TODO Auto-generated method stub + return null; + } + + @Override + public InterfederationSessionStore searchInterfederatedIDPFORSSOWithMOASession(String sessionID) { + // TODO Auto-generated method stub + return null; + } + + @Override + public InterfederationSessionStore searchInterfederatedIDPFORSSOWithMOASessionIDPID(String sessionID, + String idpID) { + // TODO Auto-generated method stub + return null; + } + + @Override + public void addFederatedSessionInformation(IRequest req, String idpEntityID, AssertionAttributeExtractor extractor) + throws MOADatabaseException, AssertionAttributeExtractorExeption, BuildException { + // TODO Auto-generated method stub + + } + + @Override + public InterfederationSessionStore searchInterfederatedIDPFORAttributeQueryWithSessionID(String moaSessionID) { + // TODO Auto-generated method stub + return null; + } + + @Override + public boolean removeInterfederetedSession(String entityID, String pedingRequestID) { + // TODO Auto-generated method stub + return false; + } + + @Override + public void clean(Date now, long authDataTimeOutCreated, long authDataTimeOutUpdated) { + // TODO Auto-generated method stub + + } + + @Override + public void markOAWithAttributeQueryUsedFlag(IAuthenticationSession session, String oaurl, String requestedModule) { + // TODO Auto-generated method stub + + } + + @Override + public void deleteIdpInformation(InterfederationSessionStore nextIDPInformation) { + // TODO Auto-generated method stub + + } + + @Override + public void persistIdpInformation(InterfederationSessionStore nextIDPInformation) { + // TODO Auto-generated method stub + + } + + @Override + public OldSSOSessionIDStore checkSSOTokenAlreadyUsed(String ssoId) { + // TODO Auto-generated method stub + return null; + } + +} diff --git a/id/server/idserverlib/src/test/java/at/gv/egovernment/moa/id/config/auth/data/DummyOAConfig.java b/id/server/idserverlib/src/test/java/at/gv/egovernment/moa/id/config/auth/data/DummyOAConfig.java new file mode 100644 index 000000000..44e3d5e2a --- /dev/null +++ b/id/server/idserverlib/src/test/java/at/gv/egovernment/moa/id/config/auth/data/DummyOAConfig.java @@ -0,0 +1,289 @@ +package at.gv.egovernment.moa.id.config.auth.data; + +import java.security.PrivateKey; +import java.util.Collection; +import java.util.List; +import java.util.Map; + +import at.gv.egovernment.moa.id.commons.api.IOAAuthParameters; +import at.gv.egovernment.moa.id.commons.api.data.CPEPS; +import at.gv.egovernment.moa.id.commons.api.data.SAML1ConfigurationParameters; +import at.gv.egovernment.moa.id.commons.api.data.StorkAttribute; +import at.gv.egovernment.moa.id.commons.api.data.StorkAttributeProviderPlugin; +import at.gv.egovernment.moa.id.commons.api.exceptions.ConfigurationException; + +public class DummyOAConfig implements IOAAuthParameters { + + private List foreignbPKSectors; + private String target; + private boolean hasBaseIdTransferRestriction; + + @Override + public Map getFullConfiguration() { + // TODO Auto-generated method stub + return null; + } + + @Override + public String getConfigurationValue(String key) { + // TODO Auto-generated method stub + return null; + } + + @Override + public String getFriendlyName() { + // TODO Auto-generated method stub + return null; + } + + @Override + public String getPublicURLPrefix() { + // TODO Auto-generated method stub + return null; + } + + @Override + public boolean hasBaseIdInternalProcessingRestriction() throws ConfigurationException { + return false; + } + + @Override + public boolean hasBaseIdTransferRestriction() throws ConfigurationException { + return hasBaseIdTransferRestriction; + } + + @Override + public String getAreaSpecificTargetIdentifier() throws ConfigurationException { + return target; + } + + @Override + public String getAreaSpecificTargetIdentifierFriendlyName() throws ConfigurationException { + // TODO Auto-generated method stub + return null; + } + + @Override + public boolean isInderfederationIDP() { + // TODO Auto-generated method stub + return false; + } + + @Override + public boolean isSTORKPVPGateway() { + // TODO Auto-generated method stub + return false; + } + + @Override + public boolean isRemovePBKFromAuthBlock() { + // TODO Auto-generated method stub + return false; + } + + @Override + public String getKeyBoxIdentifier() { + // TODO Auto-generated method stub + return null; + } + + @Override + public SAML1ConfigurationParameters getSAML1Parameter() { + // TODO Auto-generated method stub + return null; + } + + @Override + public List getTemplateURL() { + // TODO Auto-generated method stub + return null; + } + + @Override + public String getAditionalAuthBlockText() { + // TODO Auto-generated method stub + return null; + } + + @Override + public String getBKUURL(String bkutype) { + // TODO Auto-generated method stub + return null; + } + + @Override + public List getBKUURL() { + // TODO Auto-generated method stub + return null; + } + + @Override + public boolean useSSO() { + return false; + } + + @Override + public boolean useSSOQuestion() { + // TODO Auto-generated method stub + return false; + } + + @Override + public List getMandateProfiles() { + // TODO Auto-generated method stub + return null; + } + + @Override + public boolean isShowMandateCheckBox() { + // TODO Auto-generated method stub + return false; + } + + @Override + public boolean isOnlyMandateAllowed() { + // TODO Auto-generated method stub + return false; + } + + @Override + public boolean isShowStorkLogin() { + // TODO Auto-generated method stub + return false; + } + + @Override + public String getQaaLevel() { + // TODO Auto-generated method stub + return null; + } + + @Override + public boolean isRequireConsentForStorkAttributes() { + // TODO Auto-generated method stub + return false; + } + + @Override + public Collection getRequestedSTORKAttributes() { + // TODO Auto-generated method stub + return null; + } + + @Override + public byte[] getBKUSelectionTemplate() { + // TODO Auto-generated method stub + return null; + } + + @Override + public byte[] getSendAssertionTemplate() { + // TODO Auto-generated method stub + return null; + } + + @Override + public Collection getPepsList() { + // TODO Auto-generated method stub + return null; + } + + @Override + public String getIDPAttributQueryServiceURL() { + // TODO Auto-generated method stub + return null; + } + + @Override + public boolean isInboundSSOInterfederationAllowed() { + // TODO Auto-generated method stub + return false; + } + + @Override + public boolean isInterfederationSSOStorageAllowed() { + // TODO Auto-generated method stub + return false; + } + + @Override + public boolean isOutboundSSOInterfederationAllowed() { + // TODO Auto-generated method stub + return false; + } + + @Override + public boolean isTestCredentialEnabled() { + // TODO Auto-generated method stub + return false; + } + + @Override + public List getTestCredentialOIDs() { + // TODO Auto-generated method stub + return null; + } + + @Override + public boolean isUseIDLTestTrustStore() { + // TODO Auto-generated method stub + return false; + } + + @Override + public boolean isUseAuthBlockTestTestStore() { + // TODO Auto-generated method stub + return false; + } + + @Override + public PrivateKey getBPKDecBpkDecryptionKey() { + // TODO Auto-generated method stub + return null; + } + + @Override + public boolean isPassivRequestUsedForInterfederation() { + // TODO Auto-generated method stub + return false; + } + + @Override + public boolean isPerformLocalAuthenticationOnInterfederationError() { + // TODO Auto-generated method stub + return false; + } + + @Override + public Collection getStorkAPs() { + // TODO Auto-generated method stub + return null; + } + + @Override + public List getReversionsLoggingEventCodes() { + // TODO Auto-generated method stub + return null; + } + + @Override + public List foreignbPKSectorsRequested() { + return foreignbPKSectors; + + } + + public void setForeignbPKSectors(List foreignSectors) { + this.foreignbPKSectors = foreignSectors; + + } + + public void setTarget(String target) { + this.target = target; + } + + public void setHasBaseIdTransferRestriction(boolean hasBaseIdTransferRestriction) { + this.hasBaseIdTransferRestriction = hasBaseIdTransferRestriction; + } + + +} diff --git a/id/server/idserverlib/src/test/java/at/gv/egovernment/moa/id/config/auth/data/UserRestrictionWhiteListTest.java b/id/server/idserverlib/src/test/java/at/gv/egovernment/moa/id/config/auth/data/UserRestrictionWhiteListTest.java index 71956990e..3cd9d9476 100644 --- a/id/server/idserverlib/src/test/java/at/gv/egovernment/moa/id/config/auth/data/UserRestrictionWhiteListTest.java +++ b/id/server/idserverlib/src/test/java/at/gv/egovernment/moa/id/config/auth/data/UserRestrictionWhiteListTest.java @@ -1,16 +1,10 @@ package at.gv.egovernment.moa.id.config.auth.data; -import java.io.IOException; -import java.io.InputStreamReader; - -import org.apache.commons.io.IOUtils; -import org.junit.Before; import org.junit.Test; import org.junit.runner.RunWith; -import org.opensaml.xml.ConfigurationException; import org.springframework.beans.factory.annotation.Autowired; import org.springframework.test.context.ContextConfiguration; -import org.springframework.test.context.junit4.SpringJUnit4ClassRunner; +import org.springframework.test.context.junit4.SpringJUnit4ClassRunner; @RunWith(SpringJUnit4ClassRunner.class) diff --git a/id/server/idserverlib/src/test/java/at/gv/egovernment/moa/id/module/test/TestRequestImpl.java b/id/server/idserverlib/src/test/java/at/gv/egovernment/moa/id/module/test/TestRequestImpl.java index 3ecbb84a2..ebed519f1 100644 --- a/id/server/idserverlib/src/test/java/at/gv/egovernment/moa/id/module/test/TestRequestImpl.java +++ b/id/server/idserverlib/src/test/java/at/gv/egovernment/moa/id/module/test/TestRequestImpl.java @@ -38,6 +38,8 @@ import at.gv.egovernment.moa.id.commons.api.exceptions.SessionDataStorageExcepti public class TestRequestImpl implements IRequest { private String processInstanceID = null; + + public static final String DUMMY_AUTH_URL = "http://dummyIDP/"; /* (non-Javadoc) * @see at.gv.egovernment.moa.id.moduls.IRequest#requestedModule() @@ -152,8 +154,7 @@ public class TestRequestImpl implements IRequest { */ @Override public String getAuthURL() { - // TODO Auto-generated method stub - return null; + return DUMMY_AUTH_URL; } /* (non-Javadoc) diff --git a/id/server/idserverlib/src/test/resources/BPK-Whitelist_20180607.csv b/id/server/idserverlib/src/test/resources/BPK-Whitelist_20180607.csv index 099fc0f7e..c33de9970 100644 --- a/id/server/idserverlib/src/test/resources/BPK-Whitelist_20180607.csv +++ b/id/server/idserverlib/src/test/resources/BPK-Whitelist_20180607.csv @@ -7,4 +7,6 @@ ZP-MH:DJ6nGg2JgcPH768BhqTNXVsGhOY=, JWiLzwktCITGg+ztRKEAwWloSNM=, ZP-MH:+cyQbhr1fQ8hLhazL62tFRq47iY=, ZP-MH:AFmfywfYPHcl2Lxp138upielmrs=, -ZP-MH:yPAOTsc9LY5/jnbkWn2MWY6hjg0= +ZP-MH:yPAOTsc9LY5/jnbkWn2MWY6hjg0=, +ZP-MH:yPAOTsc9LY5/jnbkWn2MWY6hjg0=:asdfadsfasdf, +ZP-AT:yPAOTsc9LY5/jnbkWn2MWY6hjg0= diff --git a/id/server/idserverlib/src/test/resources/SpringTest-context_basic_user_whitelist.xml b/id/server/idserverlib/src/test/resources/SpringTest-context_basic_user_whitelist.xml index 85788714a..65e48987a 100644 --- a/id/server/idserverlib/src/test/resources/SpringTest-context_basic_user_whitelist.xml +++ b/id/server/idserverlib/src/test/resources/SpringTest-context_basic_user_whitelist.xml @@ -9,10 +9,21 @@ http://www.springframework.org/schema/context http://www.springframework.org/schema/context/spring-context-3.1.xsd http://www.springframework.org/schema/tx http://www.springframework.org/schema/tx/spring-tx-3.0.xsd"> + + + + + + + + + diff --git a/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/id/commons/validation/IPKIXValidator.java b/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/id/commons/validation/IPKIXValidator.java new file mode 100644 index 000000000..ce32cbd0d --- /dev/null +++ b/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/id/commons/validation/IPKIXValidator.java @@ -0,0 +1,6 @@ +package at.gv.egovernment.moa.id.commons.validation; + +public interface IPKIXValidator { + + +} diff --git a/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/id/commons/validation/MOASPPKIXCertValidator.java b/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/id/commons/validation/MOASPPKIXCertValidator.java new file mode 100644 index 000000000..fda567452 --- /dev/null +++ b/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/id/commons/validation/MOASPPKIXCertValidator.java @@ -0,0 +1,9 @@ +package at.gv.egovernment.moa.id.commons.validation; + +import org.springframework.stereotype.Service; + +@Service +public class MOASPPKIXCertValidator implements IPKIXValidator { + + +} diff --git a/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/id/commons/validation/PKIXValidatorConfiguration.java b/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/id/commons/validation/PKIXValidatorConfiguration.java new file mode 100644 index 000000000..20235c4b6 --- /dev/null +++ b/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/id/commons/validation/PKIXValidatorConfiguration.java @@ -0,0 +1,21 @@ +package at.gv.egovernment.moa.id.commons.validation; + +public class PKIXValidatorConfiguration { + + public enum CHAININGMODE { + pkix, chaining + } + + public enum REVOCATIONCHECKMETHODES { + crl, ocsp + } + + private String trustStorePath = null; + private String certStorePath = null; + private boolean revocationChecking = true; + private REVOCATIONCHECKMETHODES[] revocationCheckMode = {REVOCATIONCHECKMETHODES.ocsp, REVOCATIONCHECKMETHODES.crl}; + private CHAININGMODE chaining = CHAININGMODE.pkix; + + + +} diff --git a/id/server/modules/moa-id-module-sl20_authentication/src/test/java/at/gv/egovernment/moa/id/auth/modules/sl20_auth/eIDDataVerifierTest.java b/id/server/modules/moa-id-module-sl20_authentication/src/test/java/at/gv/egovernment/moa/id/auth/modules/sl20_auth/eIDDataVerifierTest.java index a131e5e29..da0b7ac90 100644 --- a/id/server/modules/moa-id-module-sl20_authentication/src/test/java/at/gv/egovernment/moa/id/auth/modules/sl20_auth/eIDDataVerifierTest.java +++ b/id/server/modules/moa-id-module-sl20_authentication/src/test/java/at/gv/egovernment/moa/id/auth/modules/sl20_auth/eIDDataVerifierTest.java @@ -4,7 +4,6 @@ import java.io.ByteArrayInputStream; import java.io.IOException; import java.util.Map; -import org.jose4j.base64url.Base64Url; import org.junit.BeforeClass; import org.junit.Test; import org.opensaml.DefaultBootstrap; @@ -75,8 +74,8 @@ public abstract class eIDDataVerifierTest { if (MiscUtil.isEmpty(idlB64)) throw new Exception("NO IDL found"); - //IIdentityLink idl = new IdentityLinkAssertionParser(new ByteArrayInputStream(Base64Utils.decode(idlB64, false))).parseIdentityLink(); - IIdentityLink idl = new IdentityLinkAssertionParser(new ByteArrayInputStream(Base64Url.decode(idlB64))).parseIdentityLink(); + IIdentityLink idl = new IdentityLinkAssertionParser(new ByteArrayInputStream(Base64Utils.decode(idlB64, false))).parseIdentityLink(); + //IIdentityLink idl = new IdentityLinkAssertionParser(new ByteArrayInputStream(Base64Url.decode(idlB64))).parseIdentityLink(); if (idl == null) throw new Exception("IDL parsing FAILED"); @@ -88,7 +87,8 @@ public abstract class eIDDataVerifierTest { if (MiscUtil.isEmpty(idlB64)) throw new Exception("NO IDL found"); - IIdentityLink idl = new IdentityLinkAssertionParser(new ByteArrayInputStream(Base64Url.decode(idlB64))).parseIdentityLink(); + IIdentityLink idl = new IdentityLinkAssertionParser(new ByteArrayInputStream(Base64Utils.decode(idlB64, false))).parseIdentityLink(); +// IIdentityLink idl = new IdentityLinkAssertionParser(new ByteArrayInputStream(Base64Url.decode(idlB64))).parseIdentityLink(); if (idl == null) throw new Exception("IDL parsing FAILED"); diff --git a/id/server/modules/moa-id-module-ssoTransfer/src/main/java/at/gv/egovernment/moa/id/auth/modules/ssotransfer/data/SSOTransferOnlineApplication.java b/id/server/modules/moa-id-module-ssoTransfer/src/main/java/at/gv/egovernment/moa/id/auth/modules/ssotransfer/data/SSOTransferOnlineApplication.java index c2132c1f9..a97e5944a 100644 --- a/id/server/modules/moa-id-module-ssoTransfer/src/main/java/at/gv/egovernment/moa/id/auth/modules/ssotransfer/data/SSOTransferOnlineApplication.java +++ b/id/server/modules/moa-id-module-ssoTransfer/src/main/java/at/gv/egovernment/moa/id/auth/modules/ssotransfer/data/SSOTransferOnlineApplication.java @@ -424,4 +424,10 @@ public class SSOTransferOnlineApplication implements IOAAuthParameters { return null; } + @Override + public List foreignbPKSectorsRequested() { + // TODO Auto-generated method stub + return null; + } + } -- cgit v1.2.3