diff --git a/authentication/authentication-service/src/main/java/io/mosip/authentication/service/kyc/controller/VCIController.java b/authentication/authentication-service/src/main/java/io/mosip/authentication/service/kyc/controller/VCIController.java index affef774a7f..249194edb04 100644 --- a/authentication/authentication-service/src/main/java/io/mosip/authentication/service/kyc/controller/VCIController.java +++ b/authentication/authentication-service/src/main/java/io/mosip/authentication/service/kyc/controller/VCIController.java @@ -139,7 +139,7 @@ public VciExchangeResponseDTO vciExchange(@Validated @RequestBody VciExchangeReq return vciExchangeResponseDTO; } catch (IDDataValidationException e) { - mosipLogger.error(IdAuthCommonConstants.SESSION_ID, this.getClass().getSimpleName(), "processIdKeyBinding", + mosipLogger.error(IdAuthCommonConstants.SESSION_ID, this.getClass().getSimpleName(), "vciExchange", e.getErrorTexts().isEmpty() ? "" : e.getErrorText()); IdaRequestResponsConsumerUtil.setIdVersionToObjectWithMetadata(requestWrapperWithMetadata, e); @@ -148,7 +148,7 @@ public VciExchangeResponseDTO vciExchange(@Validated @RequestBody VciExchangeReq e.putMetadata(IdAuthCommonConstants.TRANSACTION_ID, vciExchangeRequestDTO.getTransactionID()); throw authTransactionHelper.createDataValidationException(authTxnBuilder, e, requestWrapperWithMetadata); } catch (IdAuthenticationBusinessException e) { - mosipLogger.error(IdAuthCommonConstants.SESSION_ID, this.getClass().getSimpleName(), "processIdKeyBinding", + mosipLogger.error(IdAuthCommonConstants.SESSION_ID, this.getClass().getSimpleName(), "vciExchange", e.getErrorTexts().isEmpty() ? "" : e.getErrorText()); authTransactionHelper.setAuthTransactionEntityMetadata(e, authTxnBuilder, requestWrapperWithMetadata); diff --git a/authentication/authentication-service/src/main/java/io/mosip/authentication/service/kyc/validator/VciExchangeRequestValidator.java b/authentication/authentication-service/src/main/java/io/mosip/authentication/service/kyc/validator/VciExchangeRequestValidator.java index a2005c8fb34..5f212decbc4 100644 --- a/authentication/authentication-service/src/main/java/io/mosip/authentication/service/kyc/validator/VciExchangeRequestValidator.java +++ b/authentication/authentication-service/src/main/java/io/mosip/authentication/service/kyc/validator/VciExchangeRequestValidator.java @@ -177,8 +177,8 @@ private void validateCredSubjectIdDIDFormat(String credSubjectId, Errors errors, String identityJwk = new String(CryptoUtil.decodeBase64(didArray[2])); try { JSONObject jsonObject = OBJECT_MAPPER.readValue(identityJwk, JSONObject.class); - validatePublicKeyAttributes(jsonObject, errors, PUBLIC_KEY_EXPONENT_KEY); - validatePublicKeyAttributes(jsonObject, errors, PUBLIC_KEY_MODULUS_KEY); + validatePublicKeyAttributes(jsonObject, errors, PUBLIC_KEY_MODULUS_KEY, paramName); + validatePublicKeyAttributes(jsonObject, errors, PUBLIC_KEY_EXPONENT_KEY, paramName); } catch (IOException ioe) { mosipLogger.error(SESSION_ID, this.getClass().getSimpleName(), VALIDATE, "Error formating Identity JWK", ioe); @@ -189,12 +189,12 @@ private void validateCredSubjectIdDIDFormat(String credSubjectId, Errors errors, } } - private void validatePublicKeyAttributes(JSONObject jsonObject, Errors errors, String publicKeyAttribute) { + private void validatePublicKeyAttributes(JSONObject jsonObject, Errors errors, String publicKeyAttribute, String paramName) { String value = jsonObject.getAsString(publicKeyAttribute); if (value == null || StringUtils.isEmpty(value.trim())) { mosipLogger.error(SESSION_ID, this.getClass().getSimpleName(), VALIDATE, MISSING_INPUT_PARAMETER + publicKeyAttribute); - errors.rejectValue(publicKeyAttribute, IdAuthenticationErrorConstants.MISSING_INPUT_PARAMETER.getErrorCode(), - new Object[] { publicKeyAttribute }, IdAuthenticationErrorConstants.MISSING_INPUT_PARAMETER.getErrorMessage()); + errors.rejectValue(paramName, IdAuthenticationErrorConstants.MISSING_INPUT_PARAMETER.getErrorCode(), + new Object[] { paramName }, IdAuthenticationErrorConstants.MISSING_INPUT_PARAMETER.getErrorMessage()); } } diff --git a/authentication/authentication-service/src/test/java/io/mosip/authentication/service/controller/VCIControllerTest.java b/authentication/authentication-service/src/test/java/io/mosip/authentication/service/controller/VCIControllerTest.java new file mode 100644 index 00000000000..74d9238759c --- /dev/null +++ b/authentication/authentication-service/src/test/java/io/mosip/authentication/service/controller/VCIControllerTest.java @@ -0,0 +1,162 @@ +package io.mosip.authentication.service.controller; + +import io.mosip.authentication.common.service.builder.AuthTransactionBuilder; +import io.mosip.authentication.common.service.helper.AuthTransactionHelper; +import io.mosip.authentication.common.service.util.EnvUtil; +import io.mosip.authentication.common.service.util.TestHttpServletRequest; +import io.mosip.authentication.core.constant.IdAuthCommonConstants; +import io.mosip.authentication.core.exception.IDDataValidationException; +import io.mosip.authentication.core.exception.IdAuthenticationAppException; +import io.mosip.authentication.core.exception.IdAuthenticationBusinessException; +import io.mosip.authentication.core.indauth.dto.IdType; +import io.mosip.authentication.core.indauth.dto.VciCredentialsDefinitionRequestDTO; +import io.mosip.authentication.core.indauth.dto.VciExchangeRequestDTO; +import io.mosip.authentication.core.indauth.dto.VciExchangeResponseDTO; +import io.mosip.authentication.core.partner.dto.PartnerDTO; +import io.mosip.authentication.core.spi.indauth.facade.VciFacade; +import io.mosip.authentication.core.spi.partner.service.PartnerService; +import io.mosip.authentication.core.util.IdTypeUtil; +import io.mosip.authentication.service.kyc.controller.VCIController; +import io.mosip.authentication.service.kyc.validator.VciExchangeRequestValidator; +import org.apache.struts.mock.MockHttpServletRequest; +import org.junit.Assert; +import org.junit.Test; +import org.junit.runner.RunWith; +import org.mockito.InjectMocks; +import org.mockito.Mock; +import org.mockito.Mockito; +import org.springframework.boot.test.autoconfigure.web.servlet.WebMvcTest; +import org.springframework.context.annotation.Import; +import org.springframework.test.context.ContextConfiguration; +import org.springframework.test.context.TestContext; +import org.springframework.test.context.junit4.SpringRunner; +import org.springframework.validation.BeanPropertyBindingResult; +import org.springframework.validation.Errors; +import org.springframework.web.context.WebApplicationContext; + +import java.time.Instant; +import java.time.ZoneOffset; +import java.time.format.DateTimeFormatter; +import java.util.Arrays; +import java.util.Optional; + + +@RunWith(SpringRunner.class) +@WebMvcTest(value = VCIController.class) +@ContextConfiguration(classes = { TestContext.class, WebApplicationContext.class }) +@Import(EnvUtil.class) +public class VCIControllerTest { + + @Mock + private VciFacade vciFacade; + + @Mock + private IdTypeUtil idTypeUtil; + + @Mock + private AuthTransactionHelper authTransactionHelper; + + @Mock + private PartnerService partnerService; + + @Mock + private VciExchangeRequestValidator vciExchangeRequestValidator; + + @InjectMocks + VCIController vciController; + + + @Test + public void delegatedVCExchange_withValidInput_thenPass() throws Exception { + VciExchangeRequestDTO vciExchangeRequestDTO = new VciExchangeRequestDTO(); + vciExchangeRequestDTO.setRequestTime(Instant.now().atOffset(ZoneOffset.UTC) + .format(DateTimeFormatter.ofPattern(EnvUtil.getDateTimePattern())).toString()); + vciExchangeRequestDTO.setTransactionID("transactio"); + vciExchangeRequestDTO.setVcFormat("ldp_vc"); + vciExchangeRequestDTO.setVcAuthToken("vc-auth-token"); + vciExchangeRequestDTO.setCredSubjectId("did:jwk:eyJrdHkiOiJSU0EiLCJlIjoiQVFBQiIsInVzZSI6InNpZyIsImtpZCI6Inc4VUY3QnE0dDFSeVMxdFJTOHhvVllHUjMySVdiMFZyU3I4M0dEdno3d28iLCJhbGciOiJSUzI1NiIsIm4iOiJ5SGY1RjZYMFI5RDNxWm5WaUJORDZRV25pUmVnR2hjQ3NqakVJSENlTWp1UWJHek1LaFB6aFZVWGNtaTBMbGVQVWdUdlhjOWlrRmNnTXM3ckFhckI1dlJEcTh1Mjd2WHNBVjdiOUlZaVVGY3U1ZFZpdTd0Q0F1N0V5cXlLWVlUX20xMzhlZjQxVmU4X29LZVNvT0RRaGxyc0RJTmltX0JwWHBvc0xQVV96MXpfODNxX0ZRU05ydDE2dGhHa0hZeUZsRnhxZnNWZElPTkdoMzRFY3dubFZUY0lQUE5xZVY2RkJ3MENlR2NuaUlSRDZVMzVCbFNnT2loaHE2dl9LTll1aktJS2hmOERLY1AzWHY3Yy00ZUcwQ1Q2eFNGdDBpbzlvVGRQT0ZJNEt4RlJ0eGNIa3NxV2FsN1ZON3p5QUlNblJrMlJDbXRZLVUyVkVDSVgydzJOSlEifQ=="); + VciCredentialsDefinitionRequestDTO vciCredentialsDefinitionRequestDTO = new VciCredentialsDefinitionRequestDTO(); + vciCredentialsDefinitionRequestDTO.setType(Arrays.asList("VerifiableCredential", "MOSIPVerifiableCredential")); + vciExchangeRequestDTO.setCredentialsDefinition(vciCredentialsDefinitionRequestDTO); + + Errors errors = new BeanPropertyBindingResult(vciExchangeRequestDTO, "vciExchangeRequestDTO"); + + TestHttpServletRequest requestWithMetadata = new TestHttpServletRequest(); + requestWithMetadata.putMetadata(IdAuthCommonConstants.IDENTITY_DATA, "identity data"); + requestWithMetadata.putMetadata(IdAuthCommonConstants.IDENTITY_INFO, "identity info"); + + VciExchangeResponseDTO vciExchangeResponseDTO = new VciExchangeResponseDTO(); + + vciExchangeRequestDTO.setIndividualIdType(IdType.UIN.getType()); + AuthTransactionBuilder authTxnBuilder = AuthTransactionBuilder.newInstance(); + Optional partner = Optional.empty(); + Mockito.when(partnerService.getPartner("partnerId", vciExchangeRequestDTO.getMetadata())).thenReturn(partner); + Mockito.when(authTransactionHelper.createAndSetAuthTxnBuilderMetadataToRequest(vciExchangeRequestDTO, !false, partner)) + .thenReturn(authTxnBuilder); + + Mockito.when(vciFacade.processVciExchange(vciExchangeRequestDTO, "auth-partner-id", + "oidc-client-id", vciExchangeRequestDTO.getMetadata(), requestWithMetadata)).thenReturn(vciExchangeResponseDTO); + + vciExchangeResponseDTO = vciController.vciExchange(vciExchangeRequestDTO, errors, "license-key", "auth-partner-id", + "oidc-client-id", requestWithMetadata); + + Assert.assertNotNull(vciExchangeResponseDTO); + } + + @Test(expected = IdAuthenticationBusinessException.class) + public void delegatedVCExchange_withInvalidInput_thenFail() throws Exception { + VciExchangeRequestDTO vciExchangeRequestDTO = new VciExchangeRequestDTO(); + Errors errors = new BeanPropertyBindingResult(vciExchangeRequestDTO, "vciExchangeRequestDTO"); + vciController.vciExchange(vciExchangeRequestDTO, errors, "license-key", "auth-partner-id", + "oidc-client-id", new MockHttpServletRequest()); + } + + @Test(expected = IdAuthenticationAppException.class) + public void delegatedVCExchange_withInternalError_thenFail() throws Exception { + VciExchangeRequestDTO vciExchangeRequestDTO = new VciExchangeRequestDTO(); + Errors errors = new BeanPropertyBindingResult(vciExchangeRequestDTO, "vciExchangeRequestDTO"); + TestHttpServletRequest requestWithMetadata = new TestHttpServletRequest(); + requestWithMetadata.putMetadata(IdAuthCommonConstants.IDENTITY_DATA, "identity data"); + requestWithMetadata.putMetadata(IdAuthCommonConstants.IDENTITY_INFO, "identity info"); + + vciExchangeRequestDTO.setIndividualIdType(IdType.UIN.getType()); + AuthTransactionBuilder authTxnBuilder = AuthTransactionBuilder.newInstance(); + Optional partner = Optional.empty(); + Mockito.when(partnerService.getPartner("partnerId", vciExchangeRequestDTO.getMetadata())).thenReturn(partner); + Mockito.when(authTransactionHelper.createAndSetAuthTxnBuilderMetadataToRequest(vciExchangeRequestDTO, !false, partner)) + .thenReturn(authTxnBuilder); + IDDataValidationException idDataValidationException = new IDDataValidationException("error-code","error-message"); + Mockito.when(authTransactionHelper.createDataValidationException(null, idDataValidationException, requestWithMetadata)) + .thenReturn(new IdAuthenticationAppException()); + + Mockito.when(vciFacade.processVciExchange(vciExchangeRequestDTO, "auth-partner-id", + "oidc-client-id", vciExchangeRequestDTO.getMetadata(), requestWithMetadata)) + .thenThrow(idDataValidationException); + + vciController.vciExchange(vciExchangeRequestDTO, errors, "license-key", "auth-partner-id", + "oidc-client-id", requestWithMetadata); + } + + @Test(expected = IdAuthenticationAppException.class) + public void delegatedVCIExchange_withInternalError2_thenFail() throws Exception { + VciExchangeRequestDTO vciExchangeRequestDTO = new VciExchangeRequestDTO(); + Errors errors = new BeanPropertyBindingResult(vciExchangeRequestDTO, "vciExchangeRequestDTO"); + TestHttpServletRequest requestWithMetadata = new TestHttpServletRequest(); + requestWithMetadata.putMetadata(IdAuthCommonConstants.IDENTITY_DATA, "identity data"); + requestWithMetadata.putMetadata(IdAuthCommonConstants.IDENTITY_INFO, "identity info"); + + vciExchangeRequestDTO.setIndividualIdType(IdType.UIN.getType()); + AuthTransactionBuilder authTxnBuilder = AuthTransactionBuilder.newInstance(); + Optional partner = Optional.empty(); + Mockito.when(partnerService.getPartner("partnerId", vciExchangeRequestDTO.getMetadata())).thenReturn(partner); + Mockito.when(authTransactionHelper.createAndSetAuthTxnBuilderMetadataToRequest(vciExchangeRequestDTO, !false, partner)) + .thenReturn(authTxnBuilder); + IdAuthenticationBusinessException idAuthenticationBusinessException = new IdAuthenticationBusinessException("error-code","error-message"); + Mockito.when(vciFacade.processVciExchange(vciExchangeRequestDTO, "auth-partner-id", + "oidc-client-id", vciExchangeRequestDTO.getMetadata(), requestWithMetadata)) + .thenThrow(idAuthenticationBusinessException); + + vciController.vciExchange(vciExchangeRequestDTO, errors, "license-key", "auth-partner-id", + "oidc-client-id", requestWithMetadata); + } +} diff --git a/authentication/authentication-service/src/test/java/io/mosip/authentication/service/kyc/filter/VciExchangeFilterTest.java b/authentication/authentication-service/src/test/java/io/mosip/authentication/service/kyc/filter/VciExchangeFilterTest.java new file mode 100644 index 00000000000..d42ceb356be --- /dev/null +++ b/authentication/authentication-service/src/test/java/io/mosip/authentication/service/kyc/filter/VciExchangeFilterTest.java @@ -0,0 +1,69 @@ +package io.mosip.authentication.service.kyc.filter; + +import io.mosip.authentication.common.service.util.EnvUtil; +import io.mosip.authentication.core.exception.IdAuthenticationAppException; +import io.mosip.authentication.core.partner.dto.AuthPolicy; +import io.mosip.authentication.core.partner.dto.MispPolicyDTO; +import org.junit.Assert; +import org.junit.Test; +import org.junit.runner.RunWith; +import org.springframework.boot.test.autoconfigure.web.servlet.WebMvcTest; +import org.springframework.context.annotation.Import; +import org.springframework.test.context.ContextConfiguration; +import org.springframework.test.context.TestContext; +import org.springframework.test.context.junit4.SpringRunner; +import org.springframework.web.context.WebApplicationContext; + +import java.util.Arrays; + +@RunWith(SpringRunner.class) +@WebMvcTest +@ContextConfiguration(classes = { TestContext.class, WebApplicationContext.class }) +@Import(EnvUtil.class) +public class VciExchangeFilterTest { + + VciExchangeFilter vciExchangeFilter = new VciExchangeFilter(); + + @Test + public void test_defaultMethods() { + Assert.assertTrue(vciExchangeFilter.isPartnerCertificateNeeded()); + Assert.assertTrue(vciExchangeFilter.isSigningRequired()); + Assert.assertTrue(vciExchangeFilter.isSignatureVerificationRequired()); + Assert.assertTrue(vciExchangeFilter.isTrustValidationRequired()); + Assert.assertTrue(vciExchangeFilter.needStoreAuthTransaction()); + Assert.assertTrue(vciExchangeFilter.needStoreAnonymousProfile()); + Assert.assertTrue(vciExchangeFilter.isMispPolicyValidationRequired()); + Assert.assertTrue(vciExchangeFilter.isCertificateValidationRequired()); + Assert.assertFalse(vciExchangeFilter.isAMRValidationRequired()); + } + + @Test + public void test_checkAllowedAuthTypeBasedOnPolicy_withValidPolicy_thenPass() throws IdAuthenticationAppException { + AuthPolicy authPolicy = new AuthPolicy(); + authPolicy.setAuthType("vciexchange"); + vciExchangeFilter.checkAllowedAuthTypeBasedOnPolicy(null, Arrays.asList(authPolicy)); + } + + @Test(expected = IdAuthenticationAppException.class) + public void test_checkAllowedAuthTypeBasedOnPolicy_withInvalidPolicy_thenFail() throws IdAuthenticationAppException { + AuthPolicy authPolicy = new AuthPolicy(); + authPolicy.setAuthType("kycexchange"); + vciExchangeFilter.checkAllowedAuthTypeBasedOnPolicy(null, Arrays.asList(authPolicy)); + } + + @Test(expected = IdAuthenticationAppException.class) + public void test_checkMispPolicyAllowed_withInvalidPolicy_thenFail() + throws IdAuthenticationAppException { + MispPolicyDTO mispPolicyDTO = new MispPolicyDTO(); + mispPolicyDTO.setAllowVciRequestDelegation(false); + vciExchangeFilter.checkMispPolicyAllowed(mispPolicyDTO); + } + + @Test + public void test_checkMispPolicyAllowed_withValidPolicy_thenPass() + throws IdAuthenticationAppException { + MispPolicyDTO mispPolicyDTO = new MispPolicyDTO(); + mispPolicyDTO.setAllowVciRequestDelegation(true); + vciExchangeFilter.checkMispPolicyAllowed(mispPolicyDTO); + } +} diff --git a/authentication/authentication-service/src/test/java/io/mosip/authentication/service/kyc/validator/VciExchangeRequestValidatorTest.java b/authentication/authentication-service/src/test/java/io/mosip/authentication/service/kyc/validator/VciExchangeRequestValidatorTest.java new file mode 100644 index 00000000000..6df5a1ba32b --- /dev/null +++ b/authentication/authentication-service/src/test/java/io/mosip/authentication/service/kyc/validator/VciExchangeRequestValidatorTest.java @@ -0,0 +1,195 @@ +package io.mosip.authentication.service.kyc.validator; + +import io.mosip.authentication.common.service.util.EnvUtil; +import io.mosip.authentication.core.indauth.dto.KycAuthRequestDTO; +import io.mosip.authentication.core.indauth.dto.VciCredentialsDefinitionRequestDTO; +import io.mosip.authentication.core.indauth.dto.VciExchangeRequestDTO; +import org.junit.Assert; +import org.junit.Before; +import org.junit.Test; +import org.junit.runner.RunWith; +import org.mockito.InjectMocks; +import org.springframework.boot.test.autoconfigure.web.servlet.WebMvcTest; +import org.springframework.context.annotation.Import; +import org.springframework.test.context.ContextConfiguration; +import org.springframework.test.context.TestContext; +import org.springframework.test.context.junit4.SpringRunner; +import org.springframework.test.util.ReflectionTestUtils; +import org.springframework.validation.BeanPropertyBindingResult; +import org.springframework.validation.Errors; +import org.springframework.web.context.WebApplicationContext; + +import java.time.Instant; +import java.time.ZoneOffset; +import java.time.format.DateTimeFormatter; +import java.util.Arrays; + +import static org.junit.Assert.assertFalse; +import static org.junit.Assert.assertTrue; + +@RunWith(SpringRunner.class) +@WebMvcTest +@ContextConfiguration(classes = { TestContext.class, WebApplicationContext.class }) +@Import(EnvUtil.class) +public class VciExchangeRequestValidatorTest { + + @InjectMocks + VciExchangeRequestValidator vciExchangeRequestValidator; + + @Before + public void before() { + ReflectionTestUtils.setField(vciExchangeRequestValidator, "supportedCredTypes", + Arrays.asList("VerifiableCredential","MOSIPVerifiableCredential")); + } + + @Test + public void test_supports_withValidInput_thenPass() { + Assert.assertTrue(vciExchangeRequestValidator.supports(VciExchangeRequestDTO.class)); + } + + @Test + public void test_supports_withInvalidInput_thenFail() { + Assert.assertFalse(vciExchangeRequestValidator.supports(KycAuthRequestDTO.class)); + } + + @Test + public void test_validate_withValidInput_thenPass() { + VciExchangeRequestDTO vciExchangeRequestDTO = new VciExchangeRequestDTO(); + vciExchangeRequestDTO.setRequestTime(Instant.now().atOffset(ZoneOffset.UTC) + .format(DateTimeFormatter.ofPattern(EnvUtil.getDateTimePattern())).toString()); + vciExchangeRequestDTO.setTransactionID("transactio"); + vciExchangeRequestDTO.setVcFormat("ldp_vc"); + vciExchangeRequestDTO.setVcAuthToken("vc-auth-token"); + vciExchangeRequestDTO.setCredSubjectId("did:jwk:eyJrdHkiOiJSU0EiLCJlIjoiQVFBQiIsInVzZSI6InNpZyIsImtpZCI6Inc4VUY3QnE0dDFSeVMxdFJTOHhvVllHUjMySVdiMFZyU3I4M0dEdno3d28iLCJhbGciOiJSUzI1NiIsIm4iOiJ5SGY1RjZYMFI5RDNxWm5WaUJORDZRV25pUmVnR2hjQ3NqakVJSENlTWp1UWJHek1LaFB6aFZVWGNtaTBMbGVQVWdUdlhjOWlrRmNnTXM3ckFhckI1dlJEcTh1Mjd2WHNBVjdiOUlZaVVGY3U1ZFZpdTd0Q0F1N0V5cXlLWVlUX20xMzhlZjQxVmU4X29LZVNvT0RRaGxyc0RJTmltX0JwWHBvc0xQVV96MXpfODNxX0ZRU05ydDE2dGhHa0hZeUZsRnhxZnNWZElPTkdoMzRFY3dubFZUY0lQUE5xZVY2RkJ3MENlR2NuaUlSRDZVMzVCbFNnT2loaHE2dl9LTll1aktJS2hmOERLY1AzWHY3Yy00ZUcwQ1Q2eFNGdDBpbzlvVGRQT0ZJNEt4RlJ0eGNIa3NxV2FsN1ZON3p5QUlNblJrMlJDbXRZLVUyVkVDSVgydzJOSlEifQ=="); + VciCredentialsDefinitionRequestDTO vciCredentialsDefinitionRequestDTO = new VciCredentialsDefinitionRequestDTO(); + vciCredentialsDefinitionRequestDTO.setType(Arrays.asList("VerifiableCredential", "MOSIPVerifiableCredential")); + vciExchangeRequestDTO.setCredentialsDefinition(vciCredentialsDefinitionRequestDTO); + Errors errors = new BeanPropertyBindingResult(vciExchangeRequestDTO, "vciExchangeRequestDTO"); + vciExchangeRequestValidator.validate(vciExchangeRequestDTO, errors); + assertFalse(errors.hasErrors()); + } + + @Test + public void test_validate_withInvalidDIDAsCredentialSubjectId_thenFail() { + VciExchangeRequestDTO vciExchangeRequestDTO = new VciExchangeRequestDTO(); + vciExchangeRequestDTO.setRequestTime(Instant.now().atOffset(ZoneOffset.UTC) + .format(DateTimeFormatter.ofPattern(EnvUtil.getDateTimePattern())).toString()); + vciExchangeRequestDTO.setTransactionID("transactio"); + vciExchangeRequestDTO.setVcFormat("ldp_vc"); + vciExchangeRequestDTO.setVcAuthToken("vc-auth-token"); + vciExchangeRequestDTO.setCredSubjectId("QUlNblJrMlJDbXRZLVUyVkVDSVgydzJOSlE"); + VciCredentialsDefinitionRequestDTO vciCredentialsDefinitionRequestDTO = new VciCredentialsDefinitionRequestDTO(); + vciCredentialsDefinitionRequestDTO.setType(Arrays.asList("VerifiableCredential", "MOSIPVerifiableCredential")); + vciExchangeRequestDTO.setCredentialsDefinition(vciCredentialsDefinitionRequestDTO); + Errors errors = new BeanPropertyBindingResult(vciExchangeRequestDTO, "vciExchangeRequestDTO"); + vciExchangeRequestValidator.validate(vciExchangeRequestDTO, errors); + assertTrue(errors.hasErrors()); + assertTrue(errors.hasFieldErrors("credSubjectId")); + } + + @Test + public void test_validate_withInvalidRequestTime_thenFail() { + VciExchangeRequestDTO vciExchangeRequestDTO = new VciExchangeRequestDTO(); + Errors errors = new BeanPropertyBindingResult(vciExchangeRequestDTO, "vciExchangeRequestDTO"); + vciExchangeRequestValidator.validate(vciExchangeRequestDTO, errors); + assertTrue(errors.hasErrors()); + assertTrue(errors.hasFieldErrors("requestTime")); + } + + @Test + public void test_validate_withInvalidTxnId_thenFail() { + VciExchangeRequestDTO vciExchangeRequestDTO = new VciExchangeRequestDTO(); + vciExchangeRequestDTO.setRequestTime(Instant.now().atOffset(ZoneOffset.UTC) + .format(DateTimeFormatter.ofPattern(EnvUtil.getDateTimePattern())).toString()); + Errors errors = new BeanPropertyBindingResult(vciExchangeRequestDTO, "vciExchangeRequestDTO"); + vciExchangeRequestValidator.validate(vciExchangeRequestDTO, errors); + assertTrue(errors.hasErrors()); + assertTrue(errors.hasFieldErrors("transactionID")); + } + + @Test + public void test_validate_withInvalidAuthToken_thenFail() { + VciExchangeRequestDTO vciExchangeRequestDTO = new VciExchangeRequestDTO(); + vciExchangeRequestDTO.setRequestTime(Instant.now().atOffset(ZoneOffset.UTC) + .format(DateTimeFormatter.ofPattern(EnvUtil.getDateTimePattern())).toString()); + vciExchangeRequestDTO.setTransactionID("transactio"); + Errors errors = new BeanPropertyBindingResult(vciExchangeRequestDTO, "vciExchangeRequestDTO"); + vciExchangeRequestValidator.validate(vciExchangeRequestDTO, errors); + assertTrue(errors.hasErrors()); + assertTrue(errors.hasFieldErrors("vcAuthToken")); + } + + @Test + public void test_validate_withInvalidCredSubjectId_thenFail() { + VciExchangeRequestDTO vciExchangeRequestDTO = new VciExchangeRequestDTO(); + vciExchangeRequestDTO.setRequestTime(Instant.now().atOffset(ZoneOffset.UTC) + .format(DateTimeFormatter.ofPattern(EnvUtil.getDateTimePattern())).toString()); + vciExchangeRequestDTO.setTransactionID("transactio"); + vciExchangeRequestDTO.setVcAuthToken("vc-auth-token"); + Errors errors = new BeanPropertyBindingResult(vciExchangeRequestDTO, "vciExchangeRequestDTO"); + vciExchangeRequestValidator.validate(vciExchangeRequestDTO, errors); + assertTrue(errors.hasErrors()); + assertTrue(errors.hasFieldErrors("credSubjectId")); + } + + @Test + public void test_validate_withInvalidPublicKeyComponentInDID_thenFail() { + VciExchangeRequestDTO vciExchangeRequestDTO = new VciExchangeRequestDTO(); + vciExchangeRequestDTO.setRequestTime(Instant.now().atOffset(ZoneOffset.UTC) + .format(DateTimeFormatter.ofPattern(EnvUtil.getDateTimePattern())).toString()); + vciExchangeRequestDTO.setTransactionID("transactio"); + vciExchangeRequestDTO.setVcAuthToken("vc-auth-token"); + vciExchangeRequestDTO.setCredSubjectId("did:jwk:eyJrdHkiOiJSU0EiLCJlIjoiQVFBQiIsInVzZSI6InNpZyIsImtpZCI6Inc4VUY3QnE0dDFSeVMxdFJTOHhvVllHUjMySVdiMFZyU3I4M0dEdno3d28iLCJhbGciOiJSUzI1NiJ9"); + Errors errors = new BeanPropertyBindingResult(vciExchangeRequestDTO, "vciExchangeRequestDTO"); + vciExchangeRequestValidator.validate(vciExchangeRequestDTO, errors); + assertTrue(errors.hasErrors()); + assertTrue(errors.hasFieldErrors("credSubjectId")); + } + + @Test + public void test_validate_withInvalidCredentialFormat_thenFail() { + VciExchangeRequestDTO vciExchangeRequestDTO = new VciExchangeRequestDTO(); + vciExchangeRequestDTO.setRequestTime(Instant.now().atOffset(ZoneOffset.UTC) + .format(DateTimeFormatter.ofPattern(EnvUtil.getDateTimePattern())).toString()); + vciExchangeRequestDTO.setTransactionID("transactio"); + vciExchangeRequestDTO.setVcAuthToken("vc-auth-token"); + vciExchangeRequestDTO.setCredSubjectId("did:jwk:eyJrdHkiOiJSU0EiLCJlIjoiQVFBQiIsInVzZSI6InNpZyIsImtpZCI6Inc4VUY3QnE0dDFSeVMxdFJTOHhvVllHUjMySVdiMFZyU3I4M0dEdno3d28iLCJhbGciOiJSUzI1NiIsIm4iOiJ5SGY1RjZYMFI5RDNxWm5WaUJORDZRV25pUmVnR2hjQ3NqakVJSENlTWp1UWJHek1LaFB6aFZVWGNtaTBMbGVQVWdUdlhjOWlrRmNnTXM3ckFhckI1dlJEcTh1Mjd2WHNBVjdiOUlZaVVGY3U1ZFZpdTd0Q0F1N0V5cXlLWVlUX20xMzhlZjQxVmU4X29LZVNvT0RRaGxyc0RJTmltX0JwWHBvc0xQVV96MXpfODNxX0ZRU05ydDE2dGhHa0hZeUZsRnhxZnNWZElPTkdoMzRFY3dubFZUY0lQUE5xZVY2RkJ3MENlR2NuaUlSRDZVMzVCbFNnT2loaHE2dl9LTll1aktJS2hmOERLY1AzWHY3Yy00ZUcwQ1Q2eFNGdDBpbzlvVGRQT0ZJNEt4RlJ0eGNIa3NxV2FsN1ZON3p5QUlNblJrMlJDbXRZLVUyVkVDSVgydzJOSlEifQ=="); + Errors errors = new BeanPropertyBindingResult(vciExchangeRequestDTO, "vciExchangeRequestDTO"); + vciExchangeRequestValidator.validate(vciExchangeRequestDTO, errors); + assertTrue(errors.hasErrors()); + assertTrue(errors.hasFieldErrors("vcFormat")); + + vciExchangeRequestDTO.setVcFormat("tt"); + errors = new BeanPropertyBindingResult(vciExchangeRequestDTO, "vciExchangeRequestDTO"); + vciExchangeRequestValidator.validate(vciExchangeRequestDTO, errors); + assertTrue(errors.hasErrors()); + assertTrue(errors.hasFieldErrors("vcFormat")); + } + + @Test + public void test_validate_withInvalidCredentialType_thenFail() { + VciExchangeRequestDTO vciExchangeRequestDTO = new VciExchangeRequestDTO(); + vciExchangeRequestDTO.setRequestTime(Instant.now().atOffset(ZoneOffset.UTC) + .format(DateTimeFormatter.ofPattern(EnvUtil.getDateTimePattern())).toString()); + vciExchangeRequestDTO.setTransactionID("transactio"); + vciExchangeRequestDTO.setVcAuthToken("vc-auth-token"); + vciExchangeRequestDTO.setVcFormat("ldp_vc"); + vciExchangeRequestDTO.setCredSubjectId("did:jwk:eyJrdHkiOiJSU0EiLCJlIjoiQVFBQiIsInVzZSI6InNpZyIsImtpZCI6Inc4VUY3QnE0dDFSeVMxdFJTOHhvVllHUjMySVdiMFZyU3I4M0dEdno3d28iLCJhbGciOiJSUzI1NiIsIm4iOiJ5SGY1RjZYMFI5RDNxWm5WaUJORDZRV25pUmVnR2hjQ3NqakVJSENlTWp1UWJHek1LaFB6aFZVWGNtaTBMbGVQVWdUdlhjOWlrRmNnTXM3ckFhckI1dlJEcTh1Mjd2WHNBVjdiOUlZaVVGY3U1ZFZpdTd0Q0F1N0V5cXlLWVlUX20xMzhlZjQxVmU4X29LZVNvT0RRaGxyc0RJTmltX0JwWHBvc0xQVV96MXpfODNxX0ZRU05ydDE2dGhHa0hZeUZsRnhxZnNWZElPTkdoMzRFY3dubFZUY0lQUE5xZVY2RkJ3MENlR2NuaUlSRDZVMzVCbFNnT2loaHE2dl9LTll1aktJS2hmOERLY1AzWHY3Yy00ZUcwQ1Q2eFNGdDBpbzlvVGRQT0ZJNEt4RlJ0eGNIa3NxV2FsN1ZON3p5QUlNblJrMlJDbXRZLVUyVkVDSVgydzJOSlEifQ=="); + VciCredentialsDefinitionRequestDTO vciCredentialsDefinitionRequestDTO = new VciCredentialsDefinitionRequestDTO(); + vciExchangeRequestDTO.setCredentialsDefinition(vciCredentialsDefinitionRequestDTO); + Errors errors = new BeanPropertyBindingResult(vciExchangeRequestDTO, "vciExchangeRequestDTO"); + vciExchangeRequestValidator.validate(vciExchangeRequestDTO, errors); + assertTrue(errors.hasErrors()); + assertTrue(errors.hasFieldErrors("credentialsDefinition")); + + + vciCredentialsDefinitionRequestDTO = new VciCredentialsDefinitionRequestDTO(); + vciCredentialsDefinitionRequestDTO.setType(Arrays.asList("VerifiableCredentialssss", "MOSIPVerifiableCredential")); + vciExchangeRequestDTO.setCredentialsDefinition(vciCredentialsDefinitionRequestDTO); + errors = new BeanPropertyBindingResult(vciExchangeRequestDTO, "vciExchangeRequestDTO"); + vciExchangeRequestValidator.validate(vciExchangeRequestDTO, errors); + assertTrue(errors.hasErrors()); + assertTrue(errors.hasFieldErrors("credentialsDefinition")); + } + +} diff --git a/authentication/esignet-integration-impl/src/main/java/io/mosip/authentication/esignet/integration/service/HelperService.java b/authentication/esignet-integration-impl/src/main/java/io/mosip/authentication/esignet/integration/service/HelperService.java index d87772d670e..203c80d38f9 100644 --- a/authentication/esignet-integration-impl/src/main/java/io/mosip/authentication/esignet/integration/service/HelperService.java +++ b/authentication/esignet-integration-impl/src/main/java/io/mosip/authentication/esignet/integration/service/HelperService.java @@ -47,6 +47,7 @@ import java.nio.charset.StandardCharsets; import java.security.MessageDigest; import java.security.NoSuchAlgorithmException; +import java.security.SecureRandom; import java.security.cert.Certificate; import java.security.cert.CertificateEncodingException; import java.security.cert.X509Certificate; @@ -71,10 +72,12 @@ public class HelperService { public static final String BINDING_TRANSACTION = "bindingtransaction"; private static Base64.Encoder urlSafeEncoder; private static Base64.Decoder urlSafeDecoder; + private static SecureRandom secureRandom; static { urlSafeEncoder = Base64.getUrlEncoder().withoutPadding(); urlSafeDecoder = Base64.getUrlDecoder(); + secureRandom = new SecureRandom(); } @Value("${mosip.esignet.authenticator.ida-send-otp-id:mosip.identity.otp}") @@ -264,7 +267,7 @@ private void buildAuthRequest(AuthChallenge authChallenge, IdaKycAuthRequest.Aut protected static String generateTransactionId(int length) { StringBuilder builder = new StringBuilder(); for(int i=0; i