use of uk.gov.ida.hub.config.domain.SignatureVerificationCertificate in project verify-hub by alphagov.
the class CertificateServiceTest method findsSignatureVerificationCertificates_WhenTransactionSignatureCertificatesExists.
@Test
public void findsSignatureVerificationCertificates_WhenTransactionSignatureCertificatesExists() throws Exception {
SignatureVerificationCertificate sigCert1 = aSignatureVerificationCertificate().withX509(CERT_ONE_X509).build();
SignatureVerificationCertificate sigCert2 = aSignatureVerificationCertificate().withX509(CERT_TWO_X509).build();
TransactionConfigEntityData transactionConfigEntityData = aTransactionConfigData().withEntityId(ENTITY_ID).addSignatureVerificationCertificate(sigCert1).addSignatureVerificationCertificate(sigCert2).build();
when(matchingServiceDataSource.getData(ENTITY_ID)).thenReturn(Optional.empty());
when(transactionDataSource.getData(ENTITY_ID)).thenReturn(Optional.of(transactionConfigEntityData));
when(certificateValidityChecker.isValid(any(CertificateDetails.class))).thenReturn(true);
List<CertificateDetails> certificateDetailsFound = certificateService.signatureVerificatonCertificatesFor(ENTITY_ID);
assertThat(certificateDetailsFound.size()).isEqualTo(2);
assertThat(certificateDetailsFound).contains(aCertifcateDetail(ENTITY_ID, sigCert1, FederationEntityType.RP), aCertifcateDetail(ENTITY_ID, sigCert2, FederationEntityType.RP));
}
use of uk.gov.ida.hub.config.domain.SignatureVerificationCertificate in project verify-hub by alphagov.
the class ConfigDataBootstrapTest method continuesToStart_WhenCertificateCheckHasInvalidCertificates.
@Ignore
public void continuesToStart_WhenCertificateCheckHasInvalidCertificates() {
final String idpEntityId = "idp-entity-id";
final String matchingServiceId = "matching-service-id";
final String rpEntityId = "rp-entity";
String badCertificateValue = "badCertificate";
final SignatureVerificationCertificate badCertificate = new SignatureVerificationCertificateBuilder().withX509(badCertificateValue).build();
final IdentityProviderConfigEntityData identityProviderConfigData = anIdentityProviderConfigData().withEntityId(idpEntityId).addSignatureVerificationCertificate(badCertificate).build();
MatchingServiceConfigEntityData matchingServiceConfigData = aMatchingServiceConfigEntityData().addSignatureVerificationCertificate(badCertificate).withEntityId(matchingServiceId).build();
TransactionConfigEntityData transactionConfigData = aTransactionConfigData().withMatchingServiceEntityId(matchingServiceId).withEntityId(rpEntityId).build();
InvalidCertificateDto invalidIdpCertificateDto = new InvalidCertificateDto(idpEntityId, CertPathValidatorException.BasicReason.INVALID_SIGNATURE, CertificateType.SIGNING, FederationEntityType.IDP, "certificate was bad!");
InvalidCertificateDto invalidMatchingServiceCertificateDto = new InvalidCertificateDto(matchingServiceId, CertPathValidatorException.BasicReason.NOT_YET_VALID, CertificateType.SIGNING, FederationEntityType.MS, "certificate was not yet valid!");
doThrow(createInvalidCertificatesException(ImmutableList.of(invalidMatchingServiceCertificateDto, invalidIdpCertificateDto))).when(certificateChainConfigValidator).validate(ImmutableSet.of(transactionConfigData), ImmutableSet.of(matchingServiceConfigData));
CountriesConfigEntityData countriesConfigEntityData = createCountriesConfigEntityData();
ConfigDataBootstrap configDataBootstrap = createConfigDataBootstrap(identityProviderConfigData, matchingServiceConfigData, transactionConfigData, countriesConfigEntityData);
configDataBootstrap.start();
}
Aggregations