/* * Copyright 2003 Federal Chancellery Austria * * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. * You may obtain a copy of the License at * * http://www.apache.org/licenses/LICENSE-2.0 * * Unless required by applicable law or agreed to in writing, software * distributed under the License is distributed on an "AS IS" BASIS, * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. * See the License for the specific language governing permissions and * limitations under the License. */ package test.abnahme.A; import java.util.HashMap; import java.util.Vector; import org.w3c.dom.Element; import test.abnahme.AbnahmeTestCase; import at.gv.egovernment.moa.id.AuthenticationException; import at.gv.egovernment.moa.id.ParseException; import at.gv.egovernment.moa.id.auth.MOAIDAuthConstants; import at.gv.egovernment.moa.id.auth.builder.VerifyXMLSignatureRequestBuilder; import at.gv.egovernment.moa.id.auth.data.IdentityLink; import at.gv.egovernment.moa.id.auth.invoke.SignatureVerificationInvoker; import at.gv.egovernment.moa.id.auth.parser.InfoboxReadResponseParser; import at.gv.egovernment.moa.id.auth.parser.VerifyXMLSignatureResponseParser; import at.gv.egovernment.moa.id.auth.validator.ValidateException; import at.gv.egovernment.moa.id.auth.validator.VerifyXMLSignatureResponseValidator; import at.gv.egovernment.moa.id.config.auth.AuthConfigurationProvider; /** * @author Stefan Knirsch * @version $Id$ * */ public class Test200VerifyIdentityLink extends AbnahmeTestCase { public Test200VerifyIdentityLink(String name) { super(name); } public void testA201() throws Exception { try { String sessionID = startAuthentication(); System.out.println(sessionID); String infoboxReadResponse = readXmldata("InfoBoxReadResponse.xml"); HashMap parameters = new HashMap(1); parameters.put(MOAIDAuthConstants.PARAM_XMLRESPONSE, infoboxReadResponse); String createXMLSignatureRequest = server.verifyIdentityLink(sessionID, parameters); InfoboxReadResponseParser irrp = new InfoboxReadResponseParser(infoboxReadResponse); IdentityLink idl = irrp.parseIdentityLink(); Element domVerifyXMLSignatureRequest = new VerifyXMLSignatureRequestBuilder().build(idl, AuthConfigurationProvider.getInstance().getMoaSpAuthBlockTrustProfileID()); Element domVerifyXMLSignatureResponse = new SignatureVerificationInvoker().verifyXMLSignature(domVerifyXMLSignatureRequest); VerifyXMLSignatureResponseParser respParser = new VerifyXMLSignatureResponseParser(domVerifyXMLSignatureResponse); VerifyXMLSignatureResponseValidator.getInstance().validate(respParser.parseData(), AuthConfigurationProvider.getInstance().getIdentityLinkX509SubjectNames(), VerifyXMLSignatureResponseValidator.CHECK_IDENTITY_LINK, true); /* * HINWEIS: clearSamlAssertion löscht aus einer beliebiegen String-Repräsentation einer XML-Struktur * AUSSLIESSLICH die Attribute IssueInstand und die AssertionID heraus, von dem her ist diese * Method hier verwendbar */ assertXmlEquals(clearSamlAssertion(readXmldata("CreateXMLSignatureRequest.xml")), clearSamlAssertion(createXMLSignatureRequest)); System.out.println("-----------------------\nTestfall " + this.getName() + " erfolgreich abgearbeitet! \n-----------------------"); } catch (Exception e) { System.err.println("------ FEHLER IN " + this.getName() + ":" + e.getLocalizedMessage()); throw e; } } public void testA251() throws Exception { try { startAuthentication(); String sessionID = "0"; String infoboxReadResponse = readXmldata("InfoBoxReadResponse.xml"); try { HashMap parameters = new HashMap(1); parameters.put(MOAIDAuthConstants.PARAM_XMLRESPONSE, infoboxReadResponse); server.verifyIdentityLink(sessionID, parameters); System.err.println(this.getName() + " hat KEINE FEHLER geworfen"); fail(this.getName() + " hat KEINE FEHLER geworfen"); } catch (AuthenticationException e) { System.out.println("-----------------------\nFehler in " + this.getName() + " erfolgreich abgefangen: " + e.getLocalizedMessage() + "\n-----------------------"); } } catch (Exception e) { System.err.println("------ FEHLER IN " + this.getName() + ":" + e.getLocalizedMessage()); throw e; } } public void testA252() throws Exception { try { String sessionID = startAuthentication(); server.setSecondsSessionTimeOut(-100); server.cleanup(); server.setSecondsSessionTimeOut(1000); System.out.println(sessionID); String infoboxReadResponse = readXmldata("InfoBoxReadResponse.xml"); try { HashMap parameters = new HashMap(1); parameters.put(MOAIDAuthConstants.PARAM_XMLRESPONSE, infoboxReadResponse); server.verifyIdentityLink(sessionID, parameters); System.err.println(this.getName() + " hat KEINE FEHLER geworfen"); fail(this.getName() + " hat KEINE FEHLER geworfen"); } catch (AuthenticationException e) { System.out.println("-----------------------\nFehler in " + this.getName() + " erfolgreich abgefangen: " + e.getLocalizedMessage() + "\n-----------------------"); } } catch (Exception e) { System.err.println("------ FEHLER IN " + this.getName() + ":" + e.getLocalizedMessage()); throw e; } } public void testA253() throws Exception { try { String sessionID = startAuthentication(); System.out.println(sessionID); String infoboxReadResponse = readXmldata("InfoBoxReadResponse.xml"); try { HashMap parameters = new HashMap(1); parameters.put(MOAIDAuthConstants.PARAM_XMLRESPONSE, infoboxReadResponse); server.verifyIdentityLink(sessionID, parameters); System.err.println(this.getName() + " hat KEINE FEHLER geworfen"); fail(this.getName() + " hat KEINE FEHLER geworfen"); } catch (AuthenticationException e) { System.out.println("-----------------------\nFehler in " + this.getName() + " erfolgreich abgefangen: " + e.getLocalizedMessage() + "\n-----------------------"); } } catch (Exception e) { System.err.println("------ FEHLER IN " + this.getName() + ":" + e.getLocalizedMessage()); throw e; } } public void testA254() throws Exception { try { String sessionID = startAuthentication(); String infoboxReadResponse = readXmldata("InfoBoxReadResponse.xml"); try { HashMap parameters = new HashMap(1); parameters.put(MOAIDAuthConstants.PARAM_XMLRESPONSE, infoboxReadResponse); server.verifyIdentityLink(sessionID, parameters); System.err.println(this.getName() + " hat KEINE FEHLER geworfen"); fail(this.getName() + " hat KEINE FEHLER geworfen"); } catch (ValidateException e) { System.out.println("-----------------------\nFehler in " + this.getName() + " erfolgreich abgefangen: " + e.getLocalizedMessage() + "\n-----------------------"); } } catch (Exception e) { System.err.println("------ FEHLER IN " + this.getName() + ":" + e.getLocalizedMessage()); throw e; } } public void testA255() throws Exception { try { String sessionID = startAuthentication(); System.out.println(sessionID); String infoboxReadResponse = readXmldata("InfoBoxReadResponse.xml"); try { HashMap parameters = new HashMap(1); parameters.put(MOAIDAuthConstants.PARAM_XMLRESPONSE, infoboxReadResponse); server.verifyIdentityLink(sessionID, parameters); } catch (ParseException e) { System.out.println("-----------------------\nFehler in " + this.getName() + " erfolgreich abgefangen: " + e.getLocalizedMessage() + "\n-----------------------"); } } catch (Exception e) { System.err.println("------ FEHLER IN " + this.getName() + ":" + e.getLocalizedMessage()); throw e; } } public void testA256() throws Exception { try { String sessionID = startAuthentication(); System.out.println(sessionID); String infoboxReadResponse = readXmldata("InfoBoxReadResponse.xml"); try { HashMap parameters = new HashMap(1); parameters.put(MOAIDAuthConstants.PARAM_XMLRESPONSE, infoboxReadResponse); server.verifyIdentityLink(sessionID, parameters); } catch (ValidateException e) { System.out.println("-----------------------\nFehler in " + this.getName() + " erfolgreich abgefangen: " + e.getLocalizedMessage() + "\n-----------------------"); } } catch (Exception e) { System.err.println("------ FEHLER IN " + this.getName() + ":" + e.getLocalizedMessage()); throw e; } } public void testA257() throws Exception { try { String sessionID = startAuthentication(); System.out.println(sessionID); String infoboxReadResponse = readXmldata("InfoBoxReadResponse.xml"); try { HashMap parameters = new HashMap(1); parameters.put(MOAIDAuthConstants.PARAM_XMLRESPONSE, infoboxReadResponse); server.verifyIdentityLink(sessionID, parameters); System.err.println(this.getName() + " hat KEINE FEHLER geworfen"); fail(this.getName() + " hat KEINE FEHLER geworfen"); } catch (ValidateException e) { System.out.println("-----------------------\nFehler in " + this.getName() + " erfolgreich abgefangen: " + e.getLocalizedMessage() + "\n-----------------------"); } } catch (Exception e) { System.err.println("------ FEHLER IN " + this.getName() + ":" + e.getLocalizedMessage()); throw e; } } public void testA258() throws Exception { try { String sessionID = startAuthentication(); System.out.println(sessionID); String infoboxReadResponse = readXmldata("InfoBoxReadResponse.xml"); try { HashMap parameters = new HashMap(1); parameters.put(MOAIDAuthConstants.PARAM_XMLRESPONSE, infoboxReadResponse); server.verifyIdentityLink(sessionID, parameters); System.err.println(this.getName() + " hat KEINE FEHLER geworfen"); fail(this.getName() + " hat KEINE FEHLER geworfen"); } catch (ValidateException e) { System.out.println("-----------------------\nFehler in " + this.getName() + " erfolgreich abgefangen: " + e.getLocalizedMessage() + "\n-----------------------"); } } catch (Exception e) { System.err.println("------ FEHLER IN " + this.getName() + ":" + e.getLocalizedMessage()); throw e; } } public void testA259() throws Exception { try { String sessionID = startAuthentication(); System.out.println(sessionID); String infoboxReadResponse = readXmldata("InfoBoxReadResponse.xml"); try { HashMap parameters = new HashMap(1); parameters.put(MOAIDAuthConstants.PARAM_XMLRESPONSE, infoboxReadResponse); server.verifyIdentityLink(sessionID, parameters); System.err.println(this.getName() + " hat KEINE FEHLER geworfen"); fail(this.getName() + " hat KEINE FEHLER geworfen"); } catch (ValidateException e) { System.out.println("-----------------------\nFehler in " + this.getName() + " erfolgreich abgefangen: " + e.getLocalizedMessage() + "\n-----------------------"); } } catch (Exception e) { System.err.println("------ FEHLER IN " + this.getName() + ":" + e.getLocalizedMessage()); throw e; } } public void testA260() throws Exception { try { String sessionID = startAuthentication(); System.out.println(sessionID); String infoboxReadResponse = readXmldata("InfoBoxReadResponse.xml"); try { HashMap parameters = new HashMap(1); parameters.put(MOAIDAuthConstants.PARAM_XMLRESPONSE, infoboxReadResponse); server.verifyIdentityLink(sessionID, parameters); System.err.println(this.getName() + " hat KEINE FEHLER geworfen"); fail(this.getName() + " hat KEINE FEHLER geworfen"); } catch (ValidateException e) { System.out.println("-----------------------\nFehler in " + this.getName() + " erfolgreich abgefangen: " + e.getLocalizedMessage() + "\n-----------------------"); } } catch (Exception e) { System.err.println("------ FEHLER IN " + this.getName() + ":" + e.getLocalizedMessage()); throw e; } } public void testA261() throws Exception { try { String sessionID = startAuthentication(); System.out.println(sessionID); String infoboxReadResponse = readXmldata("InfoBoxReadResponse.xml"); try { HashMap parameters = new HashMap(1); parameters.put(MOAIDAuthConstants.PARAM_XMLRESPONSE, infoboxReadResponse); server.verifyIdentityLink(sessionID, parameters); System.err.println(this.getName() + " hat KEINE FEHLER geworfen"); fail(this.getName() + " hat KEINE FEHLER geworfen"); } catch (ValidateException e) { System.out.println("-----------------------\nFehler in " + this.getName() + " erfolgreich abgefangen: " + e.getLocalizedMessage() + "\n-----------------------"); } } catch (Exception e) { System.err.println("------ FEHLER IN " + this.getName() + ":" + e.getLocalizedMessage()); throw e; } } public void testA262() throws Exception { try { String sessionID = startAuthentication(); System.out.println(sessionID); String infoboxReadResponse = readXmldata("InfoBoxReadResponse.xml"); new InfoboxReadResponseParser(infoboxReadResponse).parseIdentityLink(); // System.out.println(infoboxReadResponse); try { HashMap parameters = new HashMap(1); parameters.put(MOAIDAuthConstants.PARAM_XMLRESPONSE, infoboxReadResponse); server.verifyIdentityLink(sessionID, parameters); System.err.println(this.getName() + " hat KEINE FEHLER geworfen"); fail(this.getName() + " hat KEINE FEHLER geworfen"); } catch (ValidateException e) { System.out.println("-----------------------\nFehler in " + this.getName() + " erfolgreich abgefangen: " + e.getLocalizedMessage() + "\n-----------------------"); } } catch (Exception e) { System.err.println("------ FEHLER IN " + this.getName() + ":" + e.getLocalizedMessage()); throw e; } } public void testA263() throws Exception { try { String sessionID = startAuthentication(); System.out.println(sessionID); String infoboxReadResponse = readXmldata("InfoBoxReadResponse.xml"); HashMap parameters = new HashMap(1); parameters.put(MOAIDAuthConstants.PARAM_XMLRESPONSE, infoboxReadResponse); server.verifyIdentityLink(sessionID, parameters); InfoboxReadResponseParser irrp = new InfoboxReadResponseParser(infoboxReadResponse); IdentityLink idl = irrp.parseIdentityLink(); Element domVerifyXMLSignatureRequest = new VerifyXMLSignatureRequestBuilder().build(idl, AuthConfigurationProvider.getInstance().getMoaSpAuthBlockTrustProfileID()); Element domVerifyXMLSignatureResponse = new SignatureVerificationInvoker().verifyXMLSignature(domVerifyXMLSignatureRequest); VerifyXMLSignatureResponseParser respParser = new VerifyXMLSignatureResponseParser(domVerifyXMLSignatureResponse); // String createXMLSignatureRequest = server.verifyIdentityLink(sessionID, infoboxReadResponse); // System.out.println(createXMLSignatureRequest); // String createXMLSignatureResponse = readFile(TESTDATA_ROOT + "xmldata/standard/"+"CreateXMLSignatureResponse.xml"); // String samlArtifact = server.verifyAuthenticationBlock(sessionID, createXMLSignatureResponse); Vector identityLinkSigners = new Vector(); identityLinkSigners.add("CN=TEST,OU=TEST,O=TEST,C=AT"); try { VerifyXMLSignatureResponseValidator.getInstance().validate(respParser.parseData(), identityLinkSigners, VerifyXMLSignatureResponseValidator.CHECK_IDENTITY_LINK, true); System.err.println(this.getName() + " hat KEINE FEHLER geworfen"); fail(this.getName() + " hat KEINE FEHLER geworfen"); } catch (ValidateException e) { System.out.println("-----------------------\nFehler in " + this.getName() + " erfolgreich abgefangen: " + e.getLocalizedMessage() + "\n-----------------------"); } } catch (Exception e) { System.err.println("------ FEHLER IN " + this.getName() + ":" + e.getLocalizedMessage()); throw e; } } }