From d7ddfdb8e94fab64780ad3cd01d41cab6c1220d2 Mon Sep 17 00:00:00 2001 From: naare Date: Fri, 18 Jun 2021 15:54:58 +0300 Subject: [PATCH] MAINTENANCE code cleanup --- README.md | 2 ++ ...u_regional_development_fund_horizontal.jpg | Bin 0 -> 33146 bytes pom.xml | 6 ++++- .../specificproxyservice/MetadataUtils.java | 6 ++--- .../specificproxyservice/OpenSAMLUtils.java | 1 - .../ResponseAssertionBuilderUtils.java | 25 +----------------- .../SamlSignatureUtils.java | 2 -- .../ee/ria/specificproxyservice/XmlUtils.java | 3 +-- .../GeneralAuthenticationSpec.groovy | 5 ++-- .../IdpResponseSpec.groovy | 5 ---- .../OidcRequestSpec.groovy | 13 ++++----- .../UserConsentSpec.groovy | 1 - 12 files changed, 20 insertions(+), 49 deletions(-) create mode 100644 img/eu_regional_development_fund_horizontal.jpg diff --git a/README.md b/README.md index ee8b06e..8fe552e 100644 --- a/README.md +++ b/README.md @@ -1,3 +1,5 @@ + + # eIDAS Proxy integration tests Tests for eIDAS proxy component (both eIDAS standard component and Estonia specific component) diff --git a/img/eu_regional_development_fund_horizontal.jpg b/img/eu_regional_development_fund_horizontal.jpg new file mode 100644 index 0000000000000000000000000000000000000000..0d7e75271b3da19efc40c7d199b0ca18765691fb GIT binary patch literal 33146 zcmeFZ2Ut|gwk|r!86;<#j1nbhT11kFNRS{xi{zYhXa&hhNh+vF5F|?$L|U>Wkt`so z5mAD46PgB^=1$hyXYF;*-Z$*?_PgKr-dz)_d(4_uvugZRHEM){(=Vq>z`3hB`Z@ps zc!?8;1HkF>xf1OVS0?~4Gz3He03ZiQ2p9k&kRkwo00LEj5Tt3q2j=mv0P%160J+1n z=Vwm=4gfg!V4Vvf1D{ia_gBFLaIJ$MgY>|BVRfIeNG` z@*28&csTlj{1g0LS0E2M!{aYq;s3^2@fXj3A@COheF8h61|1jxK&^Mp)ytdk8~}KF1^AihUgov5y2VTO z3G`S{0HlC40NC04`xu()n4PtuudT)F4;K1!djNo$`pu64j7#X<;N|`ApZzcI=AD00v$n`=o(1J1-Uu~gY*PQ3wi{4x`H$oq?tS&?fe0N z_{jn%d9IL<^+V&b&0vf1>aHi4JfK0s9F6THZdPey+|g0leq!FYrn$ zD=YEpIR<+;1_Vglu(Nl!^K;ux_{5}E(8FjeGr?6f6u%76aboI0f24x?|FhR z0f6oS05pyKi654;`Qj1~;G-fX6&xHa>FQ`Nc?Reo*Z;D>A0_|C#Gl%eJZtX{?0By@ zI@tw!1n{1LYVYmg9q7mF?_+20$Sd)mC-Hx|;-9+pr+$c=I667{IeLLjnS-;;)yo+i zZZ8Md09S7>URSUG(Fp$+tNp1DXXNkm8YCEt@c5=0Qh5F`_15abdR5R?(r60{I>5cCs_63h@R6Z|CDAvhu= zBBUl{BIG6%CX^ynBGe=_AT%SiA#^76B@82cK$u4Ogs_mXlCX)egK&^=l5mM|gK(b+ zAfh5-A>t#FAW|aIA~GVnMdU=}M-)YrM3h5RNK{SKO4LU*PP9a{Npwg|O3X;iODsXG zN~}kGlh~fvmpF}GBJu6PeMb&MIuI`LZVM%N#aZrOcF;{cjEtR3j7*)(h|G>G zfGm#eDOn{Mf^3Xzl?+QxMGhgCA=e?lMeao&O`bzuPTo#FM!rUVOmU7vh(d+Jh{Ay) zlp>v?n4*0A^ z`bf1*bx6%XElRCLeVaOvI*q!N`UCY0^)3w!jWEq6np-phG-)(tG+i_cG+0_jT1i@c zS_fJA_i7@Fi zxiKX(RWW^HLNPNi%Q2fXhcM?czh_=zAz~3`(P!~sNoT2JnPNF&JvH;77?}(ju&ng{vpC9qAwCAQX%s7Jk5FNdEfJe=O-?ZUQoK= ze&P9r&!U8)@}e%Hd7>j?gklO}u42!{M#V|QmBqcp3&p1;s3kNdf+Q*=mL*vvuSrHr zHcS4J5|p|n^+>8u3V%`lqQ}MJi*wQp(pROUrCX(UWJG1`W%6VuWNBn|WZ|-JWzlkC za*lE@3LTWL zyl%Me2R#x!1HDIj)B4={_WEV|sH=)sBd>NFP#c&Ut5HJjQ}HkqfDdu8zMJ+Z@e=mHNIh-XZ+nn+9blH&y>*=W?F8FF}rM*ZZ>!G{LR3d zo#u4rx6RAU4=k=&WLPX&N?Ar)4q9lR>`e>Yi;Xn>($%xx8rV4*@)PL z*!0_S*m~H$hta|8VD)!M?pWL@zk{nPLbVl@Ej73cA1MUa+9<0Rb##Y49#`(of$E(KYClDvNCVWbiO?;Y&PjW~aNWPey zlZ;ETPZ>y+PJNPkn&y=DDP1A`#Y57EUJs`pK_9)&pw9@)SjjZZY|7%zO3K>HhGqBX z$mQferhFXuc%Ak^@zk+CtUiJ&R83DxY< zy!6)U?P$x@md;ky*2Z^|?@HVF+Vb8rzfW(cY=6*xiU>pOfAIOR+2P!=(h2LF>$2>c z=r->D)ML=|u~(dW-)>7_3YUw+JZ%%Eq3W{>CYeI@ytG=FYB zXMt;>aPh)o&62{>`{gUkLr7EP+=~6m#y9_OxYY;WX};&ILDtHC$oy#gsq^#my7l_% zhR??FX51G2*0W#de>H4h+8#n#qE^v<=+m8)UH0A5J-NNk{TurW7*EXcK@yf7`}$Dn zuUny4x=iW#H$BhGU((LO`>vy;y|<@Sh@Fp=wB$u8 zKn)rKYF_S+0laq|on5`uMYi7|M0i~t)I}`h4KEt{XgRvL>V^3^nuc9Bvk!B(S9TDA zYS2)sg{Xvh`gl49*ztyVdU*M(gsAiX_I4GJKFgNk*HH6wa8fb3qVu;B;GH`EpLEV( zSxIj{XDLtzSC+acBPAmv0hW;P5A_PL3z6{h7x>!?u7H+@pR3Pr8rsmVU5?O-Qi=O8OB;UFvPpeQe`B;zD~m;Z0gJJ|oxx=)~= z$8T*r*h@KjIC?sI1^9z#NK5fc{od*Sqit%aIoPY%`#IVLc>Dd{ys4w_|1-=yTs8je znpTrK0}jmmod91CjvxgEg__i#TmG%kpE&b5R>W|?DYx4ddxc+M7Ujq3rxc-9c zUqawtD*V^%`U|dq34wp9@L#j*|6_3dU1fCi0`1GE4_0)n&Ozg-xB@HDd6*YK~QP9%SP}82#XD>OcepUx|^=SRlb49y9_%B4QF!uuGIwV1dSSVE2iL z2*J*h5QA0dQ9yJ>C#`t$4^9G#q9T;2Qw0)v7>Lc?Mn#Ky%Z zBqn8KW@YC*e)2T8u&DS|N$Kmd^1Awl#-`@CEv=nh-95d1ANvQ!#wRAHroYV0E+bdI zt$tto@pB!$v%9yCIlvwso$*Bg5dF^9ADsOszUV=|2*EKRCOhMcfG`+LMD)ZYeA1*0 zn#N>yzKr}b_sN+qKPss0pb(HXK{4O;8>M6slv@@;pRx8EXa9SQMgNyL`-8E+^EC@l z6A^%eM??=mffHO|(qTTHvh)-nkw>lJ81gU?qfva=qOP#TB)Jp!?i*NNiGUXVG?#BV zv+GNG*B(fImaw!}9;6G~{BTE_?dz3`Pb_z@d-Y4!e7{y)*z&4&uZI~sa|+Ps;UK3# zp%z-~6dMti>mJx1iBvlj_b@Uj zeiu>~V6o!-PgwgW{9j%WJq2D~h(wD| zlFrw}t6WYx|B^6CEDqapd_6)LOB#b`^ybFucBT!s@K4ISNH}E$9ts3eugz%6zfv(R zlf3HMJR?>oY8I=sYgqj5J?;0TL!#bO0A=GnQ`4~}7=)LZRMS+uQlb0mhhjC|n7)AC zlkj-{w)Im0PpgR)a`)+{d!Qjc|N5t3nAeN)#e@0v=AX8cJS@ZOVtsVbT=(7DZxcxI zI@+-sNG4*{e~%#vcMyZ8)y0YlCe?+AA-{#EQE{spiXyTxa6X&980b-R#d&zen`E;@sXYAr*F;@p_IfsQs%x@H^6IE>WUeb-q)MkzrS|(P zA)$Fyyrwpjx$u2$rW*u*POwZUD&zoHB=P})F%yUGjaN)>$VXi}1v*w1cT(~RPl1^m zZ%%>n>oqX%Wdtq@D|LiLnC7wL*ux;ho=nEDMUf#ACgV$gBxZjb)Yd5wyKUbzQTeOV zORzb5OW=hpr=0ASOf6nAtnCH*i9N?afoM?)nT|%As|%A3aV&2i-KCR@R{C5^BtCqv zT()10VAz>sV%2E2rYrJX3^#w5A($okmP@hPap+BXg~YuWM4%e~c_vP^im1gp-BLba0tIyIaQxPzIeVG|Jvr7P_d}ajqKd%iC%}0O(F8T(oC<|Mx4fNZq>IB&u+9% z@`P(M``<>L9K?A~P2XsETld!G?pyk6v21r$9^ud{qWU z2;Y?UKLv_eZ|=6)oC5sf-X~#Y;JvH|6m7qbkUjcUn1q7Q&EYAjmPW85r$86ew3-2J zLAhIQ8g}ow=zwf1#yBN3lYX^>M{ls@lWeWSopYx^zS3<84@1k(1*{hgt~}a%l42;X zE^@1(3z5-Es$I zKS_i?^ zUL}$&53j{KDPL*Q;25_l8r$+cV4qfgn`N)zQ2fxqgT8E5O$Kr2BTl}^P_*S)%PU;j zjFiQ@L#xpGU9QD+(c#w6uvOU5zW1m{d+;Gd5C3@)Wxkk>Xh^BoEelyc=u){h)BAYY zbJnmm`l8v#6fZ#&B{9LF(ifzL5wkbsyE7Gs<%Vqa>7)dB^zA1y!gFtl?Nths(Z$Bs zcWG({=}QgzFQJuMv5EfEd6~Pxl;;au(|ih(&J$$L_4(yFqzal&$b7S?j~W4G&JClK zQ=p#up-4<8VbxT<$r@+os)Zy^bH(G&#A+Yq$#EblbTg`8GE?uBzu6 zMh?xU@mI0?k7g$SdY-=&)qo$!NBK5oR^7J#31@E;JBbl|Am)ze)|d3i${aLs=_yUU zw9R{-?Bx&*d2Zk zUT$Y-4U{?9T$`Ei!B?yXev51}?X%34(Bf!WS#*^e#nTPp^Ul{K!Iz#PP*x*k_%AzF zSfifN8LR-(?7n@{@GI!d(e6s7vw&Z<-pI^1)eqi}N+>rG?iMSdY1WA!%tIo~xEv4= zIgI-->4DeKwW{|DNyp< z7GYJfh&lBb{nfz6XL(D7$4yo>iP`}?@>IM^~#fm%I(Zl)nC7a|8Z<~hv%CTp3xjn zj0-}uZqB1=AuJ&}>*}iAIYHAb7{%{=g1MnDgkx6|6bA%%zCF76ggdrblKbZ4W$Xx9 z;t1BAGj@5?v@{{h?Q-_jKxJjIjsePDPy?9<6a@@@U?`Dgzs&;*Y4b~iOQ}y?DEg2A(Scy~i za?G7I<>>M9Tp`eRC3Y!)Ng-(T@#-Gz9DcH04PDydo(_b>bh9q-p}w|`-~=!BlnqSF zTEUw0z7I212G``R4LDrO3W{7cxYzZmV!1uNox}MVRp*;!Ja6A1_pPjF_U0y;>21((6}>7EMiNVClP?eJT!SW>Aa4eT6#Ng))1$Kz#TKU$l6 z5RA4VUTbFWP+Q;2e0@s{%AB``J$7WZG3iec5$9e<$kHso8M@f_w6HzzfttW_HT$R9 zuUeU7S<;r@R}(Uyz1nhEzh0P?>2;ywlW#nK(v8OwxhbKczE69_m@mKJXsDqK)3ypP z@3#t@u|1f!T^nCSU4!2PdklAjrv$-h@j~#TMd>K<# zjK5lTvy)O%KPFWPMHYc|woaZ#5#b;c%h=eOFSyI#mU@3BS$jOdP(-V(scv+7Qvrjb zC~@_Cv#mFaeWHQE941V*Hxj?Ke(qn|AZq5@H)I2{i!af!eym%JK!o>QCj zd-a{%uAH6`r6BID0#NkPU? znI;T-LT?~=8Umpqvu=IcOKd; zKVqx6z*BIa>?dq&w9jrqXlY`)!PvwX(N;Kj)qG*Nq^5CnXW`TBHq5yDVK%tJ*9CuD z+nY65#Xh{L5K08!#R@&r41{q^&%jXL>9`VuC8Lu#N%&s$dV6p(;+uBrDNu70x)=75psLs*zpZ^bBBh=o%zdB5DKPp@&#X>>>uvaBNT#zIG-wV}VxEgb{r)o-}= zji+V>21I@H>>8czuGn|r+-4jPa22dadF7u}$)HaP!m60x9O%7$gs(Iu4zPnMM(AR9 zk=w~KikM$5;lW{et$LV$qa}j4h0e3=z!Z;oy_9<`?dwwK( zlS(4)F_K$zV#QyZxy^G=Xa*tAjJ9D$y+tt8Urj%dPGNnuxG;|(j*R2Hw}X{hXfZsR ziQ>SEOtC^xrj|tXbkV|gFWC1V%3{f(Rl2M=rb*319PKdvSAF`)OZQb3G0>uh$<8g# zf%^@pNq;laI=Ma|;cb5kWEz0hrbf>wbg3B6*C z5NrPXvU-zSYMOT3zw$%fBi)9mgB3C>YcrHdY$({dxME;cFqFO&R)T5aJYp=08Rs;q zHhlGNP80-fGme`c@~NF&0JY1UzF7T{qw!eyg54_K94E1&4*PKQq;0fO^+fWA@AuhH zpKEy@l(F;l#n|qnn(>sJRjzyM_rqoTi@KC^OszMR117bnq;#geM*8P9KH|TguNln8DlX!w zj0>Y?UT`#F4Ukd{x)mV^-3F2QJ1TjHcfVN#Y7TF&e*iT$pr$_` zs}_zo&Rl{Wi?TqDTqig7a}mPuCG_^8j?sPi=4(s%&r*w;X4E47Y6R;^1gva01yB8+ z?t2qxnr>%)Cp@!F-${WIpRr-_0i0no@VR>@2U%J}$jIaH!gZu}^bWtyQk~8KT2DGV zP>ud$pm=KUWU7F9%jZCAkp1H3w)$-6Xfq|3=X#EIzsO17`is+udoh$S)OpD!Cto#* zsW%_HVm2sz=?|di>6$aIb!bVNuS+HWL0}S(216w;YRY$UY%mE)lNWqgevuS8bZJnQK|gmI$@1P2nK$gG?rdgbZ^9}T8jdMdWKH%<=k6Rh z97>ka=l{s|a6=&O<6TC`Xx+e<^{JsCF+_IZ9BA?EcT3d|HB9(`}r7m z&bk**Fpbl!xs6?19=YFe3SiAat?Ja0g8v_CF<~zOTi(E}E58cnbM#z3H z8-7m$XIyqG#A`!04!Ek-1iDw z7?!*;F})pXeY2&wOevhWbm(Qd?$eWNZy&W4I7SWI9<0^1AA91OED#Dg?_WIKGuDP* z%NJ)d)&`g{7C27O({>>P%XkXdCFh^;w$`M&|KkRy+OxRB54t|4%kz)46uM3U7LAHs zX!ZK}Lc|E;di2@cZKpZ~qW9n(ta1>nn8oJ8nCoSAffd$h&(-|SuWOJh5M`*T=r#LS85^4)WqG+N_}L>y0@KrvYjhr&>Zy(QL^x3784V$@Vw0R;NcT5 zaW6Z6t~Vc3qpQ;@D@z}0GCzeOAgGYXIEH93(%O@XHrCQC#(vKN+@)w{p$PT zfmV_Qjya|q@+SBLjcO;HdXHP=*!#vb#1^ekRoQ{LA3^%1;7uZZRwd#21G(6?&I1PG zozCq{6twud0g~3a%eVvUn_yO(nVbCG_{KNvs|$w56I+80$kL(Jfo10ry29mWI@Y?( zBe}Y{6fnc>retS?^{r`y?kcQFchkKrs)t8CzH{~zNNFQOO3}wkg_mN3FvwqqBF7az zBg8HliqLn|HkU}UwfMZbYc8FXx1aw3<2(gi(pj*BUAgMh@p~gIu%_yOnN=&p)b1q% zUj~(X974}u(LXQ0N<2_DkPfYxR1#LM`{Kn_gb`gHZY!CvPL?V&2?b+2Lh`c+nKsTJ+@s6yPBnY!D$cgM@zg>3inn3f1y_G15=3EagRw!7Ju z*M0N(V`5piijMo`#b6fbY<6uT)6U#9d=ANT1M5PfB9B%kb4uV1mSJwI1x`0iJ( z`MWv|=aW*nbJ6idoN+5E1uuhwrR+;6dA8?uv0AVO<(LNFf0epG zrdpMr5F93S3Zyrd;p9CdotI~7)-ny6-}@Y}U`lkP1yhuq&1NaM^@M9T4kF@Sh_ZW< zuav7~hYE~b(7EVkXtO}yW?wUN-FzoGc1<4BFcdL%=#fucB>jg2g{7 z=JGXlh^0ly;kCyf@{g%+p8`KgCL^|4;UAO1*)xTCfw%0HPY>>0^KABO4!je_f!`53v~>E(p0-X4vhLVaQ&dWn`w$j}!wjp?)$8a0hMfY}k>LAIBo=x}VSNU@U(f@s|> z_QIcvU%g|lqC8q3*kW@GKGLn!-Gh?;sQK~O2<$tL8asEpB*MjraacjwrA>_3{g5*b zADE7$!%Ej1ynU=p$Jdi=`s^k}?9gczE; z_1h`XJulUe_yq7F?4ud@hEn!X-hlDqKO<0{BU?|8m91~vEJmO8S<6XoaX_N z)gHmgYj_7E)UyS;^b&@;RuhXjw@+2_4lV17__81nDroU^UsYIPcTjkN>65+nz4tlG z?&||M&<7O5cM7;RK>I{6V4vGp_bkdYqQki{O0qXtZ? zXG-gXVOi^+Q@%5^UHQvt=RaIA{tQ56hv8}`ToD07Y6c(decx8LTIzkSQ0n<)+_tQ^ zbzYvlX=_u&u(cTzC=`6v^!8VTe)kNCcy+)sWx1EJ(Um=SeRsUz-n_)tv<#?S{}fp5 z{4Mfx{v~blGFcam>56v`oEodBZE0KEDd7x73u+_Ur*86ylpRFc0m>*h&)K0t zgmv_Mi9Noa+_TnubTj+?LIE;HZs#yfG8)OZ*2C-b;Nz;k^XzvO{GCqh?z2g>S82S= zfJ2!M#WCEK_PWFS;@n8`JuXLkxD zLv9}CPX~eloVCRL|In-nU@@TS9AVT|6p0$dgreQb%YTNIG#6jJoPwCWTc0fxhQ?T3 zgwDzzcfgXtlHpfAr+*PyR`X16P)zRD~{3#@RBw z`K+c`2Y92L~N^Ek*_0@^U4&vj4c+m~(~UB0X|TKA*M8W7l}awu&BH`U7YW)b=-H=RC= z-387TkWPCFcqU)Lf5s0_NCa}~i{m!Ecdj*`KbCFwTVof2y8JCf^zVx38I`yNs|dgH z4t4fbf4*8=A;;Lom!{`nLfQIe)$$y^O04i`cuUdRe_uv zk(V8_9a@rttcn>b1Yf>U=9`?iWZWga<3~{z03+J46|4)dg6d96RTaS{R+}3`?ah0A ztTch8nDns0niA+zCZfUV{jnXOt@aOJXBG*n`B-$_vwud{ z`uP(MpQ?mdjxjfxpw_0xV@D0|18=cG8@D$}R*Yusk#z9^%5stJCXwM?9JcR|D-<7X zeSg~wYnW^LaLJ`Q2YFE?TU&jj!+k#(Pw5T%vVz9o?sQ+qjvz5niqmRhLQSm!2qqUr z-&bixl|TJ;kg89LE$&YBeAX58ZQ5OneWcdLiYuv4Q?B9HFW#|pCiph@?(SM97=Ei6 zj!IXv>wTuxnatYvMCd`UX=ds9aQx`o$d;Z?QAyWc;~Rne$cdI3Nz0>W`q3YjYo9%h zIQ-cdu-EjSvAt-gi(`=^^rB3wP;CiP^5H*E-iAqO(`4d z7}4na`nr}5NFV3qS{7M6bpB4iO|EHvXE{5PmK44HK&d$a{Z%T{JPWO)lU202E}?w) z+oBw+i1=KokcPzw&&{AQnLZR=ku0_}xrXy{xN0@Nb>6M&GZLqYn(nrhs?BZac1Xp9FAydamvZ*%o3d=Pn47*dliwbc zzZ=J-$vG65^K=&Tk$<|8*KLByC>kLe?O1JbyjD^o+Gt)OQXKHkAl$wFyJ1sxi%pGF zl(TO2qE_K>N!9Au&uPY2LrsO|=LSW^%Jur6vE0nKM8Qs|L$uBHm}7No;gM(QU}&IF z>az?3Z;zdNEu#Jgy^l{jbG|&~b=bVU$84U2e}R$P9v-L(-AhB3nfITAFGC_u&+3^v`owAz1E6AAG$kIQ|lImHUkh0O%!%| zCm0L}yF`sY#E(Kz7FF(DM;^((cBq=mwWtg^nWq9T*4EnI-jTT!n1TB60r2;X8M~)} z2j9-GLHIQ!9OH*wM$6o3H%eC1vRfX!@ljC<6WNyealrR^Wgrt77bENIny+q$kMZQI z$1MHed^iQbjou^T0@gm9JieR5_My~1>ZW3KY0y?+AiLvox5>cg3cstD^RFJc{T@sF z53?Qo)&P~_=r@`t1tn3RFz!RmFzyJ!kLnS5iC&4RzYaifyMM>><%n=TJtS zCt{b!JOiFzjdbr;REd4l24}Jv`0`~XhMJ1dx+meu)n0D=-8lN1PcUvZ_adA=wjb$D z9|G6)ru}h*DN-o%EPi^W;#K0akDjBQ)jw98&Q~=slo#Lg6U!=Whs5I)mfO-5y4RkX zv&hw2zHq)(=$%`UHE%HS?%=D#Y{~q|GtN?@9G;(x2}9_cKla( z2it)jy{}vZ|8c6}?EBwvvOx@o)_8pu-8oA;i*xRnH>iV6*<)esF>*SI-C7r=kSY1{ zj!dX097^HsmKx2x_8b|j&qgD+WF00V~zFMY2+Z74O^HUxt5yVIpo$ z$t{wtLuRAYCYQ4m@|`1De|=Lld8uL3^r9~Np_kCF(sKzzqgQH z47;$N&u|L3)6EKNr*~)&pr9Y|5S4L>P;}Jl!r4}Le8d7EKTsg(KVk8Ss0GD|F zw^^1NdF=bX*O2Jha*)I~_n&OATjbB+A&az5oSKPjQ*-g`mo^5)^mZx5gOUB7-w z9fHXOd)XT`h^SMY*IF4#gVOB{U+&eS`IP7Q8t(39{!3N;)svj%u!9tf;oy9fKddW1 z!RZ$?8a!zTu8f+rg{zq)2eAq-Vn%2CnE1wFraahLniBbk>k5 z8mJ#eil&>Thwk+*jelL#^qE}oH}Y#i@GTEl}?ui5`=eKQ`JdJ%+AN6>Uex-;O4Q>SW#q zrwO!@m4OqaWgQ=&y|HU1C=?)^yUiuPO49^d9v5Hew0%O*iXyB;RdU z2eAvrHrr^AK65FbG_SgyF!cr6OnxN87zL*JH-Yv^)*yzCF~Y)R<@Zx(~_ zeD)3BzA9|1BQ?1v)G!u5=*g8t&iM6f!w)X-FpCXiXv zPB^;;$8Gnc8ql3g93pEzCb4g*+tnJE?OwL%*4*l!U(flGe>ZnlU06Gm|7+1!L9oM{ znyT|egnv6?v6hd$;EZE5`hY;0ZQs9T)U}0+|qp0 z=>&jzXRu@;tE^eSk7Wq(A~?$D@yN5nvGh8jZJRXeK|V?lAr_z%#L{4 z)!<7T`lrCECj?DKw+U_pTGM^$IBr)cuBv9rO>6^>6!e9jkWL(fXt14JPv0p5&x-Ia zpFD;B2*ZMwRZJB)(%B90ZZ2rO$O#>c2Z{XAM=ydd0k+~ef2~NPs?$V5?FP8_S5vrbnN%mwrt)wY3Int zL40QL*T3{Oba7YGz@}c#=EHHo(R0YE?$9al4}C8B$G$Zl4QoTt3`+U<7`I5!CL>x8 zfM-K8q5nUwdpo^zI}Oi(9WTc=^>rRiw$}zO*?1Yzy4Ut_)?k7PxQwr1Hmxo>(T~s% ztVVe_^WKAZ>mlJsG-U_ixnsJrQM_3cXx070n5JW6;xXXKn1YR!K0IwhKHhx#XJ2%b zDj0TD>>l9&eGOAp+c-niuW$oz`Y(cBb*_Fka}twp?+!3GcdjoL*u}&|lXD0D*GIz@ zMTWVL^4`)%q*9h=An zDkqwa8sG**u&)9gNC#t>|Cx(X@U*WFekgxWJt72@nNy$;ADBIHD*WH8JzWyj2S<4r zeSm$*#N?pzdyFWs2qeA$2_gOZelokgs@!$lYG8!1`${r*ikHp|=dadhD=#LG$n1gAI;CC8OYW%fDTp-Nl^Iu!8@37>c@mQvbQMPJfx@X z1UA|@7&&ZlhSjU1m1V^aDKZ=x>RYRB zG)}fK#NMdoZTMV5z?@w3vE$&%(Ay`khw7EtLvPo&tUh_+{<;#Hh+t@tih1KVb5Yd>g8dJ5B)} zxI4E|?~!43%dtv?)K~y#GWPC-)KC)~rm&7dJff`EQlY=@yXGMD9jG#O&f;Udz51e;d3^7_xd$nxfO>G&OK_2(y zaVwKWu-4EOE1_Kxzr*Z&Z|&JOi!KDHVR#~DtuY9!=`j%E)wiPE7t>fXE24$2T1;y* z^jv-}iac@{`_`O8+LZY6T$ki9iqwpfWx3cP_=>>RNHPL-%{rYKKZcjZW-dWeAq?&3 zzDAfg*4AO~+b@4<`1!coz|jlSG_I*W*--C#AV&0LXlkhVLFzpV!|#YqFbGE+k22a^ z2|QNpFUIEeD7qiZ{>1Z-2QalU_^|z20y3-V&a#p&aLyDpDq}ylB|(WHI%FpPVWz`o{*?|9j$Ovt*i%J z$1!lPnppu%8`^mjz7(m76w2>Bu}6}ub#qf8onF2C(PXjc1*fsGo;xYMe(WG4Zem!A z$*6pEQZ-ZbxL>=bN<#{i1@ilb&Y1gX=Wg#o)CRs0h0B*rJ`_qzrBcjn5~O#0!Urbi%3RK-EYZ zJ(cd2n>`Z0T`eIYY>;LE3= z$;iccsHaq%EnDL>)YUr~PKWcQIeDB?6D1JA(TZw_VtSu6`AcG-%KG(Qg;K_>tNpQZ z)6?Ra??qy3yvGXQAC3^;Lm4GTkw)A`jdZ88gp4C~liF3}Qx>Gq&%aI`c~uF{hLvL6 ztzH!ycepkA=?KTNC=lx0#oxKx7`_a{F`8O5VaE%wbI9pFsYD2;WE-pV>n~W?^~tJ+ z6Nu5+*b#xJuN?a4=S$vRhV9rK{XtQRV#gF^+Lw@gXagONSq!P$37?7HSdof{y5w`? zOwiNuxSQTAWhEh6%LRE$i!+?J(iUtq)bDx(M2}+- zplExBpM+4$A<|z6V(pe74;1ihnVLRG=(Cayy?xh|)mUyo^l_AVS5S6~ z@k(NC9uk7(eT)-ctSgEjn})k=r_9E8JQr57N3F#nn?|>+uUQH*SW65~1l@K2viwl2 z*iWY9+vR~CM(>G5QmB0@>r%~@4LT3G`l7bNb_2!<1&=p1idPfE9LB-Ga^=F9RQ=YC zQ$VG~d13e?+Xv)5B`8+FdFv)}WX>8-Q2-uH)=hiy$(zkRN71~sv8R%st;S1y+eZ2%iHxnjkh?pyfzG=GFmxCI=lNhM| zb5;!DNmhge>Ty?VQ*HGRJd=BGbNi%PP2&hAZ|2t=JS!nz?5j-5`9m{j5y8XsUOKGs z^)mRe9=0CY2g)_JxXAG~eaD)a4G!9;B^||XDo**_ zd%l7HloN!fh(7uY*0X zEa06OTxzrR{-k(Rk5qn(0WNV@vKN+Dt;})OSY3V>wp~zv8O9i4 z7Sp>RfNoB$3^0@ryg9b#>1V(uA7xkz(o|9TfP^}rRWR9Ni@j;RLYg@PtV$!$PbaEfTmNOvwg z!6Pt|=-RkvL#meHxW$d6?Q1L#1>bZpSoeH0lJ8}>Z1pXZR%5S506Tij^8>*NcRRC& znZ5T7Z;e=Bg?uZ&x&{T|VKd%yrf(Ev4v(`C{hTZ|DG0^eX=2m=xM$ZqLoB_4?j%8H z4e3Glsn^+?X!kS#+L!yxAMNp1ujHDZEj9oqv|j{6CKfLc;edU9Y#%{`WnIcow#cWBpo%sPy~L@@?q`*&wXR2**0ml9W| z)F@Cq$e_73wklU~zMv^QVT`r;ZHANf zlZ$>g6Az5yAt=4YcnxNd0nh)|$aO|Fu}0gV^dcZihk#TG5b0M1VnHDyqKFg`a<6m( zMx;wfF1-^0MFlk?T?CXC5J(7B1w@J9oKBLQZbTI22@wT z0H0@jkVEPNaY+^LDE0&}K#}$Mg56(<@_HA-RU|}89oe*b8Mp^evw=zMS1#D+HE#kAbEkKb_{51T)Ehk#y__wwxslSrse(y z-LB%(Zvvd>6xL9-g}p=Xw6{kLUQe_RyhQng(%C1wxNo9~nWf{y8`%$Zw~5gjmuJ12 zfuuU`&`kxKIZOqG)ZFowrjTfNFHXMBJ!tou`|sZW&bbrmeF_DZ0^;kKXQ;Up>@6-cc`;@(D=0SxW+B+aoo~4_^7#dz68N)k* zHDhlKySOqk`!_O5mD1bPlv@eXp*FOl#W2O$fyd(s7^Cg`rSH3IKYufGO1pN99QN`f zQ3!!?C7{|URQ#L)gKuv+g;irU<<9yY(6r!ux?M4kjBdAAoK_ujedhh%QSb2r>e;_7 z&6Zb1?-s#3>Nh?6Hs%m6fDg}`?*+6))Q2fuBo3CzNcM62+>c`Ze(oL@IW!?>qoCDw zdA=njRRawMCt5I9brSE7N&|VS%t!C|!DQ$z?0Kf|c~_u*$;H&pf4~n?cHzMaXC^}b zuyYA{>Z{8L)x1*Ikd*fHS29HNB~J)gW$734VsR6A34sCD36+h50*O`ep6A#l<)-<8 z)%3C?r&Zbg-HOi~)!y%nP(M-VX6+oZ;GbW41Nsd1eN!M#XFCtl5bH>uGv8yT5~z9{ zk7phSFlQ#Q$2m&Qs-`{6gw}WP^ta1g%-lM8Fu1Ja5sC1EVAkK!hz#1^@!t~be@d+s z?cb1a49#(AHkGo}h*IMtc*poypocx){~Vvehau9U$9Kh#4;;Es=4@<}@oV4^I(+

zZnOpXkA!!f1d@0TxEUh*T+>_^ORRt_ z@s6*}CieNj_jrX_+t^z)&$L++&rdb5zDI^hpQMka>*Uq9Ht>du4BhqFl9V0zrEX8? zp5KrlpYa0PW-m$&KrP|92a*g1y6ygG9z6xj^Ps8{9hN#)Ath6t}CjF;PadVZ8 zHUBidteZa`sVn?7!>jjXfNo7$m-PA2A9g!?DVmfk@Oi1FraXZzR1ht^e8A9O#_KZ)RiQQi7>`~)cjaFT$SwrKm9LcQ4J7l-fM9OQ zG$oj_Hy+Q8nXW9L`*5%ibXq#6E$wDczIL9dK1q%kBFYR+7X`-LF)TXK9zT_sXfOl? z3^NOKx684yqJ{HNJIt*+>t;n_L)>GvpMs`{+}Ni{6)Gaz`aEcA)m)sc3%y!GrU| zID`RA+SX>eZ4}Rbm8PG|f{I;4TW>v+sCNx$zwHrMXy}}lnE3XNj_$QURcm)$RSq3A z*s)y*IS=*#hk1tqj2qzjknaR$S34W;++loW$BUOt7TVTeaS6&4Qd;)q zkeW^c+~RayW{BrFN+1E{+`)}f+DPfq@Kiq`03$m%hGBedSsIrDg8kZy&osAB!Hr9~ z61ss|CZp#rssvr@(k~5_##qP6$#(p4E>j(B{p)cvpnnIIixO_br*35uevCPKvaLRl z^`FivUCQb0yR!b(ZJPLO!BJztJY2@|w3Nu*oTXm`zPbVD7&IN)GE9Z7pC8=XOu_0T zfk}4@pKGOIaH(seQZP{1c;Xu}60I9$d{S<({i#mKKN)8o8wHb;mbhGj4xZ{l36jlL zJwuckPQ$5&;>_DQBJ;kEYBXdm?F)w{l3(!4rgeA9S-Gxjk%gs1knf%=9zwN#y2V2b zFD+PWAo*e(N*~U0Chc~l&vu#fv(Cb=K`65f?uox+O}#sN4RRoWBNH)9OttYd13>ju z+Lc3Lft7o{1k1z#lNrtrWum}ke{Ra}iw;F~I&RVhBT_``9{W^OQ1JLwKiYizB_~lJ zsli&M&~^@?WCfypscCx)U#yvz4yT|didlw{37xSirfQ5{jJVe_tkvDav(43M`dXel znjdi2o0~@m_9NC3Sv~$t8!$hIxc+M$Tf?g9hgG&dpQL@WvzE&(O(I=wr zDqJj~sN!#2tC3nWN^iyUclRy#Q`(gV30X?`X0cR!n28kg=YXcpWGQdpB971i9ClN@ zN{y^p?3sSxUgCySzNOc0ZtL)>`ruKIhq6^MC;;}UjAOwdQCFLi!3I!J=g;x`3z!d0 zs{Jfb>FFl)FCS~0`sieJFb18icrM7~irU)RUXUenD@;iJ)T98KTbJrNe7Ef)P>iyJ z4%4M@23U(3vPjqi=_%}qn$Kj5jNuEVtM1drbGYGJA6NuQq%iHCT5iGtx7};?y9#+W zz$RA|3^V4dnlf($;ww<)=nWB|xc|_2Uz04|nUQ2Ma6RyKIl68^V+XqZj>OuPJo8g6 z&>vYJZvBQt_7Nne?RW6eV6;g20X`5hs49hF48U0VFy?G8diAiZ9N(VZ{gT-=|A~^bzx9i8 zFv;DU`CxzH+ zka@1cFaA;gsi&mO3sXhk_61CRxbI&ga_i+bd)Fe{Y$8L}Pud(cZ_gK%-d zCo}9P8LW35GO^0|>cZlPdU1Bcq*syQP2X`tboTv(_q z!P-t_68Q2{O9d2WQj`}*zo#yAcG7p{V#6AVbo;awtW6Xd5ER>&ey-^19--bHp$29JW>P zKNg5zbb(|p2j&X6^7aqcucQvhkMMs zNV1P$%Lu?Icqh$h|U4HlXw6rcKH@qUG>h;~&myxrzDKv@Pwh$)OE9 zRzeGWu21+vx=PJ?bG;-h9$YY?D!U%RI}~rgj7y){LdXIeC);P9T<*#De@-e0>Hp>S zxW%wg!ieg9``SGVX@w6UNTjT7FgG$#txX^^WrB7om_-8jnGJ~Z><@h_2W8f~FN&m> zbzZnU!Hf^M^p{)gvYL~Dvp~X?tuqL1k>x8CFVR8qQ`O6{3TWyBdB~|YXNQggM#S=w zIISYeI&VrLOA&~r#?nK0P_Yi>H1nv}^T720&4ObU9s|23w=r-Q$N12lDecL$ z7k5l7zxf=vni(D^`SFZ+#V~^HhR<5u2lTKoQXp+3gy*EpGF&D@aTYU5gWOWRd#ZO+ z)Uu-&EXNeoR_{Ez>zv6u1l#Mj^t4HYcJ#v(zMKr?PzgrDhtcP&+7Y@@|&8#dU);dvz=*CZ@#juK^#$`r#?dvZA;tO-n!w zy>uUbcG?!f`QAs{$PSNDyX&zSq0(As%zW^Q2~k!lLD%g|YToPE{=*%N&Y8Vq=LiXMJH543>8)$uJZ95SJ1)nm(K@Pk07EA?z?lD#u^kE~43 z^tEdJkozpN8_BsMKJ+a4|l##sgf<2&Q)9VdQ_%O6d^h~BSp zEpPq2Df=kSlgiWx~W4ID>?F5KZY=KqE1#z%pxGZ}i{<}@gt^jS%;A2NLf9dCn!S;1 zW=R!UZ!9YCVSh~R=UA!o{+gOCZ68#-8nNw(c9rp$4yB-`caQl~93@aiXNk7)6makS zc7ttvqO(KL-8fqp&SB~eRG2f@*W=aVrUN-Su*h!F`E>N$BcWcS(W>^Qu_I7F+ytUs zWRr@g>GYzce_%vkGAZ&{2li}s+n6Cp%;g2KoN~q{C+<$9Y?n9fwVgadxN_>LEjAK_ z{SUxZQjR_Khl9om#uv4KPR4@c!1d)JRF2XEu{O>g+In{}D&hO8%}Gvqfz~s}D>E)( zPazeTVcHjjV3W2&3>3|RTM8atgjE7sSfH+<8rO#s;@g3jkIsD7!HFqpd7}4mD|BGQ zuuUJTJ=WpWO^VwdZ7|HmhG7+!X4k-GMyv{Wf+VaCTOB23X?GlCXPcXbbXX?(biwZV z6C~h%RV%IEDg1-2w{wfTkjM9+(+>B7BOpmtywiB9<2oW(HV2`^w}7WL#)R4{@KtWJ zcD~nt__VP`{o0C|8l>9V>={qU9y5wa+_XoPjs9>2V9WXXzzKh5j}O>rUvk@KU<{=H z1Tvo^fnt}gw>X`$dF0oDmO(XtWR6t4!&J|R{2om4_qu}aVW#IAh3ABu!6CM5Z6ldY z>DLj-ct$Yp^(;|_uU2l56Je#sxgPLV)ev5JOsgPN_c{H!P5kbImqp!Hwfx4ppb0J| z1jG=nachY@+b1{?HVD`iu@crc*E5rC9kE)Id{4}FN%%&%NUzAgj`wa(`q-i7V>UY) zZU}uvG?Uh+ny}}A%|@&iP{*FZq)`+t@9#qFrG?&DeFLOA&$b44SPy-jhrIUt3YBQS_-V~hk_ds{?JXvyq>6|(8u zPYKKiOeS;XbzBRnd3)NhWMui&hDu>&mXKN!>wiWCVUP3v7R;hrum1V^pD7UBP9MGk z2~Ef-;veauaDG!`uF`gA}o~VRX;dzHbg+K&| zkp#p}aESSqK4XbgKLfVa&*?=d=a6@^)cj5vT5fLQ3!S3fwx&K z7~iC{9_H(3vY`ES_BzAS(cd4Mb_#XzyznLsW?j(GU6OY!KJ5^nr#2B{#&b)9`Fkq_ zl9}wdAqphM+lnG87{jS?B4)~2#HXi9HD*Xp-Z|FLLQAHcQpZd6#zw0TOc*IsBbEcP zY7FEDGI&YH&j{h4O*GWeH$Qoa^}ah;OXPfZ0gc5BA~G*fJpU1Pt*6@FhQ-|_(>$zV zMoQe~Lw0U~4e*0>DgHT(96U2-9d;2T8P*bV@kMKg_paM`$%>H(YuT4ZPYR!%PuW@b z`9uP70EG6Az0g#Ic()B}d=J)-t(ePzs=&y}b(g{>#DBIOd%PYdWMW<(_+o-4K}zlO$OAR}OO-N%HBsv4tg>jlMMXr|&0j`fpGgv5MPO0%5@j!{s}Rbx-uL!}%lO(!;YeEJu091+qq|9y$L zR#?}QIWV5%C&4~b*?yJYkWv45P~^iK7u`Y!POs}-t>BEmt@j(ey79wf-^Y!0DjRbe zumE3Z)+}m|06HJPbI?-;T^U~x5lgc(5(Faevz$`|-hn>ol>S)H7q?@rtr4b(Kuos1 z+;%nySgR>5If6;mA+S?=Zz#T5GxgE@s^>tD)OHFuN9ZBoHZDHY?>Ha3MP`Bn`JAC%5K zb{7+wzXH7>J5`HVdWvuUINq1Lq3+08W#q=AT&5LHb@r&fM|C~FI;btbJQ@^;RJmGn z?c|zy?Z9=Lfu?yFXv?4{mmn0d=Qujl>+t>skH4y>_{XE_d!OSf^^WVJf^S;S(HuMi zy+#xzoy0`RAW5_2B8mXLnnU*!qVHS93<3y7mf(H+XH&_M+7+}RJn#N0I&9bVtbH1L z{J*Pl15}s6N;3e|k3e%)0iJRBGeQC@!I&pz(N2)^W9ZWQJr4mNkB-?!ofh83mysBa zj?%^bj0{HQyu63<*^mEuJL#~XcBIN9a#yHL=fbyjzXU0OqsE4P$cB*Ik6BAS2 zBEuqyfQ76oxGn4>SSS>^F9UrzNE4> z#j~u}UAoq)i?)rwZr*v*oYMProJCnr=OR>by&xfT7O!>`M2ak{2i;`h$u{EN5I>33 zeu4bk7^x&T5r6-fy+2?1U2+tDGkkSL4!-r*f`J<1C?djD_KUp)7)h`$n<#5W)seKwYPMB-|?hmBMuYRQs>f%luTKXu#XF7;tNoclyH5NC^rvBna?2X(r^JCx*KV$-t` z{=VmXW1oK_MzIK)npPZNQckPc0l}L$ft{R_&n%^)qP=O5@!7HNTY11M0!fdn;zV9GQ#&rYcBjnaE%d2-@%d@}Fw(a!F2%_X6&WS%lVXqpm2f49kS954x^ z4UKzomQz~^@+hAyRirI$Ite^HlgJ|rldgG3`z@#nsQ9ZP(Y_2C*Q?suiPT{L{`rk zTZEBLzaB!~!;WPX9eaG{?c)5A_fenS|JOLh|17dGOYcg>37hke-*$Ec(>jEjo-Vhibh)Fz@xPQ(Zl#e$QF43_5N=^-2Sn zHYJ_|n+Z>>Sc_O20%Q7tX6c}Adq}Z+(((0^$L35r+rwdb(#y7w@sPX1m)KdGnN2qzs@~h$z>J_g6>XV( bs!#1}(a6~yHIM#<9Qd!kf&cIR_uPK~temz7 literal 0 HcmV?d00001 diff --git a/pom.xml b/pom.xml index 06b2b65..708823f 100644 --- a/pom.xml +++ b/pom.xml @@ -30,7 +30,11 @@ UTF-8 - + + org.junit.vintage + junit-vintage-engine + 5.7.0 + org.codehaus.groovy diff --git a/src/main/java/ee/ria/specificproxyservice/MetadataUtils.java b/src/main/java/ee/ria/specificproxyservice/MetadataUtils.java index f3878f7..c0cf9ef 100644 --- a/src/main/java/ee/ria/specificproxyservice/MetadataUtils.java +++ b/src/main/java/ee/ria/specificproxyservice/MetadataUtils.java @@ -17,13 +17,11 @@ public class MetadataUtils { public static Credential getEncryptionCredentialFromMetaData(String body) throws CertificateException { java.security.cert.X509Certificate x509Certificate = getEncryptionCertificate(body); - BasicX509Credential encryptionCredential = new BasicX509Credential(x509Certificate); - return encryptionCredential; + return new BasicX509Credential(x509Certificate); } protected static java.security.cert.X509Certificate getEncryptionCertificate(String body) throws CertificateException { XmlPath metadataXml = new XmlPath(body); - java.security.cert.X509Certificate x509 = X509Support.decodeCertificate(metadataXml.getString("**.findAll {it.@use == 'encryption'}.KeyInfo.X509Data.X509Certificate")); - return x509; + return X509Support.decodeCertificate(metadataXml.getString("**.findAll {it.@use == 'encryption'}.KeyInfo.X509Data.X509Certificate")); } protected static void validateMetadataSignature(String body) { XmlPath metadataXml = new XmlPath(body); diff --git a/src/main/java/ee/ria/specificproxyservice/OpenSAMLUtils.java b/src/main/java/ee/ria/specificproxyservice/OpenSAMLUtils.java index 60c5649..c694ae6 100644 --- a/src/main/java/ee/ria/specificproxyservice/OpenSAMLUtils.java +++ b/src/main/java/ee/ria/specificproxyservice/OpenSAMLUtils.java @@ -1,6 +1,5 @@ package ee.ria.specificproxyservice; -import ee.ria.specificproxyservice.OpenSAMLConfiguration; import net.shibboleth.utilities.java.support.security.RandomIdentifierGenerationStrategy; import net.shibboleth.utilities.java.support.xml.SerializeSupport; import net.shibboleth.utilities.java.support.xml.XMLParserException; diff --git a/src/main/java/ee/ria/specificproxyservice/ResponseAssertionBuilderUtils.java b/src/main/java/ee/ria/specificproxyservice/ResponseAssertionBuilderUtils.java index d136f4d..8284e09 100644 --- a/src/main/java/ee/ria/specificproxyservice/ResponseAssertionBuilderUtils.java +++ b/src/main/java/ee/ria/specificproxyservice/ResponseAssertionBuilderUtils.java @@ -120,8 +120,7 @@ protected EncryptedAssertion encryptAssertion (Assertion assertion,Credential en Encrypter samlEncrypter = new Encrypter(encryptParams, keyParams); samlEncrypter.setKeyPlacement(Encrypter.KeyPlacement.INLINE); - EncryptedAssertion encryptedAssertion = samlEncrypter.encrypt(assertion); - return encryptedAssertion; + return samlEncrypter.encrypt(assertion); } protected EncryptedAssertion buildEncrAssertionWithoutAssertionSignature(Credential encCredential, String inResponseId, String recipient, DateTime issueInstant, Integer acceptableTimeMin, String loa, String givenName, String familyName, String personIdentifier, String dateOfBirth, String issuerValue, String audienceUri) throws EncryptionException { @@ -358,26 +357,4 @@ else if (subjectConfirmationCnt == 2) { return encryptAssertion(assertion, encCredential); } - - protected EncryptedAssertion buildEncrAssertionNameIdCnt(Integer nameIdCnt, String nameIdFormat,Credential signCredential, Credential encCredential, String inResponseId, String recipient, DateTime issueInstant, Integer acceptableTimeMin, String loa, String givenName, String familyName, String personIdentifier, String dateOfBirth, String issuerValue, String audienceUri) throws SecurityException, SignatureException, MarshallingException, EncryptionException { - Signature signature = prepareSignature(signCredential); - Assertion assertion = buildAssertionForSigning(inResponseId, recipient ,issueInstant, acceptableTimeMin, loa, givenName, familyName, personIdentifier, dateOfBirth, issuerValue, audienceUri); - - if (nameIdCnt == 0) { - assertion.getSubject().setNameID(null); - } - else if (nameIdCnt == 1) { - assertion.getSubject().getNameID().setFormat(nameIdFormat); - } - else if (nameIdCnt == 2) { - //TODO: Have to find a way for that - } - - assertion.setSignature(signature); - XMLObjectProviderRegistrySupport.getMarshallerFactory().getMarshaller(assertion).marshall(assertion); - Signer.signObject(signature); - - return encryptAssertion(assertion, encCredential); - } - } diff --git a/src/main/java/ee/ria/specificproxyservice/SamlSignatureUtils.java b/src/main/java/ee/ria/specificproxyservice/SamlSignatureUtils.java index 23d562d..6b350d1 100644 --- a/src/main/java/ee/ria/specificproxyservice/SamlSignatureUtils.java +++ b/src/main/java/ee/ria/specificproxyservice/SamlSignatureUtils.java @@ -41,10 +41,8 @@ protected static void validateSignature(String body, java.security.cert.X509Cert throw new RuntimeException("Signature validation in validateSignature() failed: " + e.getMessage(), e); } catch (CertificateNotYetValidException e) { //Expired certificates are used in test environment - return; } catch (CertificateExpiredException e) { //Expired certificates are used in test environment - return; } } diff --git a/src/main/java/ee/ria/specificproxyservice/XmlUtils.java b/src/main/java/ee/ria/specificproxyservice/XmlUtils.java index bd0a33e..9a0219b 100644 --- a/src/main/java/ee/ria/specificproxyservice/XmlUtils.java +++ b/src/main/java/ee/ria/specificproxyservice/XmlUtils.java @@ -33,8 +33,7 @@ public static T unmarshallElement(St private static Document parseXMLDocument(String xml) throws XMLParserException { InputStream is = new ByteArrayInputStream(xml.getBytes(StandardCharsets.UTF_8)); - Document doc = XMLObjectProviderRegistrySupport.getParserPool().parse(is); - return doc; + return XMLObjectProviderRegistrySupport.getParserPool().parse(is); } private static Unmarshaller getUnmarshaller(Element element) { diff --git a/src/test/groovy/ee/ria/specificproxyservice/GeneralAuthenticationSpec.groovy b/src/test/groovy/ee/ria/specificproxyservice/GeneralAuthenticationSpec.groovy index 558e431..de40fa1 100644 --- a/src/test/groovy/ee/ria/specificproxyservice/GeneralAuthenticationSpec.groovy +++ b/src/test/groovy/ee/ria/specificproxyservice/GeneralAuthenticationSpec.groovy @@ -3,12 +3,10 @@ package ee.ria.specificproxyservice import io.qameta.allure.Feature import io.restassured.filter.cookie.CookieFilter import io.restassured.response.Response -import org.hamcrest.Matcher import org.opensaml.saml.saml2.core.Assertion import spock.lang.Unroll import static org.junit.Assert.assertEquals -import static org.junit.Assert.assertThat class GeneralAuthenticationSpec extends SpecificProxyServiceSpecification { public static final String FN_DATE = "DateOfBirth" @@ -149,13 +147,14 @@ class GeneralAuthenticationSpec extends SpecificProxyServiceSpecification { Response midAuthAcceptResponse = Steps.authenticateWithMidAndFollowRedirects(flow, taraInitResponse) Response getLegalEntityListResponse = Steps.getLegalEntityList(flow, midAuthAcceptResponse) Response legalPersonSelectionResponse = Steps.selectLegalEntity(flow, getLegalEntityListResponse.body().jsonPath().get("legalPersons[0].legalPersonIdentifier")) + String legalName = getLegalEntityListResponse.body().jsonPath().get("legalPersons[0].legalName") Response taraAuthenticationResponse = Steps.userConsentAndFollowRedirects(flow, legalPersonSelectionResponse) Response eidasResponse = Steps.finishAuthProcessInEidasNode(flow, taraAuthenticationResponse.getHeader("Location")) Assertion assertion = SamlResponseUtils.getSamlAssertionFromResponse(eidasResponse, flow.connector.encryptionCredential) assertEquals("Correct LOA is returned", "http://eidas.europa.eu/LoA/high", SamlUtils.getLoaValue(assertion)) - assertThat("Either legal name from dev or test business register", SamlUtils.getAttributeValue(assertion, "LegalName"), org.hamcrest.Matchers.oneOf("täisühing VAVILOV", "AS Hallebygg", "OÜ Ibor JFM")) + assertEquals("Either legal name from dev or test business register", SamlUtils.getAttributeValue(assertion, "LegalName"), legalName) assertEquals("Correct legal person identifier is returned", "EE/CA/" + getLegalEntityListResponse.body().jsonPath().get("legalPersons[0].legalPersonIdentifier"), SamlUtils.getAttributeValue(assertion, "LegalPersonIdentifier")) } diff --git a/src/test/groovy/ee/ria/specificproxyservice/IdpResponseSpec.groovy b/src/test/groovy/ee/ria/specificproxyservice/IdpResponseSpec.groovy index 1788432..3081a71 100644 --- a/src/test/groovy/ee/ria/specificproxyservice/IdpResponseSpec.groovy +++ b/src/test/groovy/ee/ria/specificproxyservice/IdpResponseSpec.groovy @@ -154,11 +154,6 @@ class IdpResponseSpec extends SpecificProxyServiceSpecification { String returnUrl = flow.specificProxyService.taraBaseUrl + "/auth/reject?error_code=user_cancel" Response cancelResponse = Requests.backToServiceProvider(flow, returnUrl) - String backToSpUrl = cancelResponse.then().extract().response().getHeader("location") - - String[] elements = backToSpUrl.split('\\?|&') - - Response idpResponse = Requests.idpResponse(flow, elements[0]+"?"+errorCode+"&"+errorMessage+"&"+elements[3]) assertEquals("Correct status is returned", statusCode, cancelResponse.getStatusCode()) diff --git a/src/test/groovy/ee/ria/specificproxyservice/OidcRequestSpec.groovy b/src/test/groovy/ee/ria/specificproxyservice/OidcRequestSpec.groovy index 93f2d83..be6d249 100644 --- a/src/test/groovy/ee/ria/specificproxyservice/OidcRequestSpec.groovy +++ b/src/test/groovy/ee/ria/specificproxyservice/OidcRequestSpec.groovy @@ -3,6 +3,7 @@ package ee.ria.specificproxyservice import io.qameta.allure.Feature import io.restassured.filter.cookie.CookieFilter import io.restassured.response.Response +import org.hamcrest.MatcherAssert import org.hamcrest.Matchers import spock.lang.Unroll @@ -34,9 +35,9 @@ class OidcRequestSpec extends SpecificProxyServiceSpecification { String taraUrl = response2.then().extract().response().getHeader("location") - assertThat(taraUrl, Matchers.stringContainsInOrder(mainStructure)) - assertThat(taraUrl, Matchers.stringContainsInOrder(transformedLoa)) - assertThat(taraUrl, Matchers.stringContainsInOrder(defaultLocale)) + MatcherAssert.assertThat(taraUrl, Matchers.stringContainsInOrder(mainStructure)) + MatcherAssert.assertThat(taraUrl, Matchers.stringContainsInOrder(transformedLoa)) + MatcherAssert.assertThat(taraUrl, Matchers.stringContainsInOrder(defaultLocale)) where: requestLoa || transformedLoa || defaultLocale || mainStructure @@ -61,7 +62,7 @@ class OidcRequestSpec extends SpecificProxyServiceSpecification { String taraUrl = response2.then().extract().response().getHeader("location") - assertThat("Only supported attributes should be requested", taraUrl, Matchers.stringContainsInOrder("scope=openid%20idcard%20mid&")) + MatcherAssert.assertThat("Only supported attributes should be requested", taraUrl, Matchers.stringContainsInOrder("scope=openid%20idcard%20mid&")) } @Unroll @@ -79,7 +80,7 @@ class OidcRequestSpec extends SpecificProxyServiceSpecification { String taraUrl = response2.then().extract().response().getHeader("location") - assertThat("Only supported attributes should be requested", taraUrl, Matchers.stringContainsInOrder("scope=openid%20idcard%20mid&")) + MatcherAssert.assertThat("Only supported attributes should be requested", taraUrl, Matchers.stringContainsInOrder("scope=openid%20idcard%20mid&")) } @Unroll @@ -97,6 +98,6 @@ class OidcRequestSpec extends SpecificProxyServiceSpecification { String taraUrl = response2.then().extract().response().getHeader("location") - assertThat("Only supported attributes should be requested", taraUrl, Matchers.stringContainsInOrder("scope=openid%20idcard%20mid%20legalperson&")) + MatcherAssert.assertThat("Only supported attributes should be requested", taraUrl, Matchers.stringContainsInOrder("scope=openid%20idcard%20mid%20legalperson&")) } } diff --git a/src/test/groovy/ee/ria/specificproxyservice/UserConsentSpec.groovy b/src/test/groovy/ee/ria/specificproxyservice/UserConsentSpec.groovy index 71c17c5..b660f42 100644 --- a/src/test/groovy/ee/ria/specificproxyservice/UserConsentSpec.groovy +++ b/src/test/groovy/ee/ria/specificproxyservice/UserConsentSpec.groovy @@ -6,7 +6,6 @@ import io.restassured.response.Response import spock.lang.Unroll import static org.junit.Assert.assertEquals -import static org.junit.Assert.assertThat class UserConsentSpec extends SpecificProxyServiceSpecification {