Example 1 with MatchingServiceConfig
use of uk.gov.ida.hub.config.domain.MatchingServiceConfig in project verify-hub by alphagov.
the class CertificateServiceTest method signatureVerificationCertificatesForEntityIdWarnsAndThrowsWhenMatchingSignatureCertificatesExistButAreInvalid.
@Test
public void signatureVerificationCertificatesForEntityIdWarnsAndThrowsWhenMatchingSignatureCertificatesExistButAreInvalid() {
Assertions.assertThrows(NoCertificateFoundException.class, () -> {
MatchingServiceConfig matchingServiceConfig = aMatchingServiceConfig().withEntityId(RP_ONE_ENTITY_ID).addSignatureVerificationCertificate(CERT_ONE_X509).addSignatureVerificationCertificate(CERT_TWO_X509).build();
Certificate invalidCertificate1 = new Certificate(RP_ONE_ENTITY_ID, FederationEntityType.MS, CERT_ONE_X509, CertificateUse.SIGNING, CertificateOrigin.FEDERATION, true);
Certificate invalidCertificate2 = new Certificate(RP_ONE_ENTITY_ID, FederationEntityType.MS, CERT_TWO_X509, CertificateUse.SIGNING, CertificateOrigin.FEDERATION, true);
when(connectedServiceConfigRepository.has(RP_ONE_ENTITY_ID)).thenReturn(false);
when(matchingServiceConfigRepository.has(RP_ONE_ENTITY_ID)).thenReturn(true);
when(matchingServiceConfigRepository.get(RP_ONE_ENTITY_ID)).thenReturn(Optional.of(matchingServiceConfig));
when(certificateValidityChecker.isValid(invalidCertificate1)).thenReturn(false);
when(certificateValidityChecker.isValid(invalidCertificate2)).thenReturn(false);
try {
certificateService.signatureVerificationCertificatesFor(RP_ONE_ENTITY_ID);
} finally {
String expectedLogMessage = String.format("Signature verification certificates were requested for entityId '%s'; 2 of them are invalid", RP_ONE_ENTITY_ID);
checkForExpectedLogWarnings(List.of(expectedLogMessage));
}
});
}
Also used :
MatchingServiceConfig(uk.gov.ida.hub.config.domain.MatchingServiceConfig)
MatchingServiceConfigBuilder.aMatchingServiceConfig(uk.gov.ida.hub.config.domain.builders.MatchingServiceConfigBuilder.aMatchingServiceConfig)
Certificate(uk.gov.ida.hub.config.domain.Certificate)
Test(org.junit.jupiter.api.Test)
Example 2 with MatchingServiceConfig
use of uk.gov.ida.hub.config.domain.MatchingServiceConfig in project verify-hub by alphagov.
the class CertificateServiceTest method encryptionCertificateForEntityIdReturnsCertificateWhenEnabledMatchingCertificateExists.
@Test
public void encryptionCertificateForEntityIdReturnsCertificateWhenEnabledMatchingCertificateExists() {
MatchingServiceConfig matchingServiceConfig = aMatchingServiceConfig().withEntityId(RP_ONE_ENTITY_ID).withEncryptionCertificate(CERT_ONE_X509).build();
when(connectedServiceConfigRepository.has(RP_ONE_ENTITY_ID)).thenReturn(false);
when(matchingServiceConfigRepository.has(RP_ONE_ENTITY_ID)).thenReturn(true);
when(matchingServiceConfigRepository.get(RP_ONE_ENTITY_ID)).thenReturn(Optional.of(matchingServiceConfig));
when(certificateValidityChecker.isValid(any(Certificate.class))).thenReturn(true);
Certificate certificate = certificateService.encryptionCertificateFor(RP_ONE_ENTITY_ID);
assertThat(certificate).isEqualTo(new Certificate(RP_ONE_ENTITY_ID, FederationEntityType.RP, CERT_ONE_X509, CertificateUse.ENCRYPTION, CertificateOrigin.FEDERATION, true));
}
Also used :
MatchingServiceConfig(uk.gov.ida.hub.config.domain.MatchingServiceConfig)
MatchingServiceConfigBuilder.aMatchingServiceConfig(uk.gov.ida.hub.config.domain.builders.MatchingServiceConfigBuilder.aMatchingServiceConfig)
Certificate(uk.gov.ida.hub.config.domain.Certificate)
Test(org.junit.jupiter.api.Test)
Example 3 with MatchingServiceConfig
use of uk.gov.ida.hub.config.domain.MatchingServiceConfig in project verify-hub by alphagov.
the class CertificateServiceTest method signatureVerificationCertificatesForEntityIdReturnsValidSignatureVerificationCertificatesWhenMatchingSignatureCertificatesExist.
@Test
public void signatureVerificationCertificatesForEntityIdReturnsValidSignatureVerificationCertificatesWhenMatchingSignatureCertificatesExist() {
MatchingServiceConfig matchingServiceConfig = aMatchingServiceConfig().withEntityId(RP_ONE_ENTITY_ID).addSignatureVerificationCertificate(CERT_ONE_X509).addSignatureVerificationCertificate(CERT_TWO_X509).build();
Certificate validCertificate = new Certificate(RP_ONE_ENTITY_ID, FederationEntityType.MS, CERT_ONE_X509, CertificateUse.SIGNING, CertificateOrigin.FEDERATION, true);
Certificate invalidCertificate = new Certificate(RP_ONE_ENTITY_ID, FederationEntityType.MS, CERT_TWO_X509, CertificateUse.SIGNING, CertificateOrigin.FEDERATION, true);
when(connectedServiceConfigRepository.has(RP_ONE_ENTITY_ID)).thenReturn(false);
when(matchingServiceConfigRepository.has(RP_ONE_ENTITY_ID)).thenReturn(true);
when(matchingServiceConfigRepository.get(RP_ONE_ENTITY_ID)).thenReturn(Optional.of(matchingServiceConfig));
when(certificateValidityChecker.isValid(invalidCertificate)).thenReturn(false);
when(certificateValidityChecker.isValid(validCertificate)).thenReturn(true);
List<Certificate> CertificateFound = certificateService.signatureVerificationCertificatesFor(RP_ONE_ENTITY_ID);
assertThat(CertificateFound.size()).isEqualTo(1);
assertThat(CertificateFound.get(0)).isEqualTo(validCertificate);
String expectedLogMessage = String.format("Signature verification certificates were requested for entityId '%s'; 1 of them is invalid", RP_ONE_ENTITY_ID);
checkForExpectedLogWarnings(List.of(expectedLogMessage));
}
Also used :
MatchingServiceConfig(uk.gov.ida.hub.config.domain.MatchingServiceConfig)
MatchingServiceConfigBuilder.aMatchingServiceConfig(uk.gov.ida.hub.config.domain.builders.MatchingServiceConfigBuilder.aMatchingServiceConfig)
Certificate(uk.gov.ida.hub.config.domain.Certificate)
Test(org.junit.jupiter.api.Test)
Example 4 with MatchingServiceConfig
use of uk.gov.ida.hub.config.domain.MatchingServiceConfig in project verify-hub by alphagov.
the class CertificateServiceTest method encryptionCertificateForEntityIdWarnsAndThrowsWhenMatchCertificateExistsButIsInvalid.
@Test
public void encryptionCertificateForEntityIdWarnsAndThrowsWhenMatchCertificateExistsButIsInvalid() {
Assertions.assertThrows(NoCertificateFoundException.class, () -> {
MatchingServiceConfig matchingServiceConfig = aMatchingServiceConfig().withEntityId(RP_ONE_ENTITY_ID).build();
when(matchingServiceConfigRepository.has(RP_ONE_ENTITY_ID)).thenReturn(true);
when(matchingServiceConfigRepository.get(RP_ONE_ENTITY_ID)).thenReturn(Optional.of(matchingServiceConfig));
when(certificateValidityChecker.isValid(any(Certificate.class))).thenReturn(false);
try {
certificateService.encryptionCertificateFor(RP_ONE_ENTITY_ID);
} finally {
String expectedLogMessage = "Encryption certificate for entityId '" + RP_ONE_ENTITY_ID + "' was requested but is invalid";
checkForExpectedLogWarnings(List.of(expectedLogMessage));
}
});
}
Also used :
MatchingServiceConfig(uk.gov.ida.hub.config.domain.MatchingServiceConfig)
MatchingServiceConfigBuilder.aMatchingServiceConfig(uk.gov.ida.hub.config.domain.builders.MatchingServiceConfigBuilder.aMatchingServiceConfig)
Certificate(uk.gov.ida.hub.config.domain.Certificate)
Test(org.junit.jupiter.api.Test)
Example 5 with MatchingServiceConfig
use of uk.gov.ida.hub.config.domain.MatchingServiceConfig in project verify-hub by alphagov.
the class TransactionConfigMatchingServiceValidatorTest method matchingServiceEntityId_shouldHaveCorrespondingConfigurationWhenUsingMatching.
@Test
public void matchingServiceEntityId_shouldHaveCorrespondingConfigurationWhenUsingMatching() {
final String matchingServiceEntityId = "matching-service-entity-id";
TransactionConfig transactionConfig = aTransactionConfigData().withMatchingServiceEntityId(matchingServiceEntityId).build();
MatchingServiceConfig matchingServiceConfigData = aMatchingServiceConfig().withEntityId(matchingServiceEntityId).build();
when(matchingServiceConfigRepository.getData(matchingServiceEntityId)).thenReturn(Optional.ofNullable(matchingServiceConfigData));
validator.validate(transactionConfig);
}
Also used :
MatchingServiceConfig(uk.gov.ida.hub.config.domain.MatchingServiceConfig)
MatchingServiceConfigBuilder.aMatchingServiceConfig(uk.gov.ida.hub.config.domain.builders.MatchingServiceConfigBuilder.aMatchingServiceConfig)
TransactionConfig(uk.gov.ida.hub.config.domain.TransactionConfig)
Test(org.junit.jupiter.api.Test)
Aggregations
MatchingServiceConfig (uk.gov.ida.hub.config.domain.MatchingServiceConfig)12
MatchingServiceConfigBuilder.aMatchingServiceConfig (uk.gov.ida.hub.config.domain.builders.MatchingServiceConfigBuilder.aMatchingServiceConfig)10
Test (org.junit.jupiter.api.Test)9
TransactionConfig (uk.gov.ida.hub.config.domain.TransactionConfig)7
Certificate (uk.gov.ida.hub.config.domain.Certificate)6
IdentityProviderConfig (uk.gov.ida.hub.config.domain.IdentityProviderConfig)5
TranslationData (uk.gov.ida.hub.config.domain.TranslationData)5
TranslationDataBuilder.aTranslationData (uk.gov.ida.hub.config.domain.builders.TranslationDataBuilder.aTranslationData)3
ConfigValidationException (uk.gov.ida.hub.config.exceptions.ConfigValidationException)3
TypeLiteral (com.google.inject.TypeLiteral)2
ConfigDataBootstrap (uk.gov.ida.hub.config.data.ConfigDataBootstrap)2
LevelsOfAssuranceConfigValidator (uk.gov.ida.hub.config.data.LevelsOfAssuranceConfigValidator)2
CertificateChainConfigValidator (uk.gov.ida.hub.config.domain.CertificateChainConfigValidator)2
AbstractModule (com.google.inject.AbstractModule)1
Injector (com.google.inject.Injector)1
ConfigurationFactoryFactory (io.dropwizard.configuration.ConfigurationFactoryFactory)1
DefaultConfigurationFactoryFactory (io.dropwizard.configuration.DefaultConfigurationFactoryFactory)1
ArrayList (java.util.ArrayList)1
HashSet (java.util.HashSet)1
Disabled (org.junit.jupiter.api.Disabled)1
