Example 1 with InvalidCertificateDto
use of uk.gov.ida.hub.config.dto.InvalidCertificateDto in project verify-hub by alphagov.
the class ConfigValidationExceptionTest method createInvalidCertificatesException.
@Test
public void createInvalidCertificatesException() {
InvalidCertificateDto invalidCertificateDto = new InvalidCertificateDto("entity-id", CertPathValidatorException.BasicReason.EXPIRED, CertificateUse.ENCRYPTION, FederationEntityType.IDP, "description");
ConfigValidationException exception = ConfigValidationException.createInvalidCertificatesException(singletonList(invalidCertificateDto));
assertThat(exception.getMessage()).isEqualTo("Invalid certificate found.\n" + "Entity Id: entity-id\n" + "Certificate Type: ENCRYPTION\n" + "Federation Type: IDP\n" + "Reason: EXPIRED\n" + "Description: description");
}
Also used :
InvalidCertificateDto(uk.gov.ida.hub.config.dto.InvalidCertificateDto)
Test(org.junit.jupiter.api.Test)
Example 2 with InvalidCertificateDto
use of uk.gov.ida.hub.config.dto.InvalidCertificateDto in project verify-hub by alphagov.
the class ConfigDataBootstrapTest method continuesToStart_WhenCertificateCheckHasInvalidCertificates.
@Disabled
public void continuesToStart_WhenCertificateCheckHasInvalidCertificates() {
final String idpEntityId = "idp-entity-id";
final String simpleId = "simple-id";
final String matchingServiceId = "matching-service-id";
final String rpEntityId = "rp-entity";
String badCertificateValue = "badCertificate";
final IdentityProviderConfig identityProviderConfigData = anIdentityProviderConfigData().withEntityId(idpEntityId).build();
MatchingServiceConfig matchingServiceConfigData = aMatchingServiceConfig().addSignatureVerificationCertificate(badCertificateValue).withEntityId(matchingServiceId).build();
TransactionConfig transactionConfigData = aTransactionConfigData().withMatchingServiceEntityId(matchingServiceId).withEntityId(rpEntityId).build();
final TranslationData translationData = aTranslationData().withSimpleId(simpleId).build();
InvalidCertificateDto invalidIdpCertificateDto = new InvalidCertificateDto(idpEntityId, CertPathValidatorException.BasicReason.INVALID_SIGNATURE, CertificateUse.SIGNING, FederationEntityType.IDP, "certificate was bad!");
InvalidCertificateDto invalidMatchingServiceCertificateDto = new InvalidCertificateDto(matchingServiceId, CertPathValidatorException.BasicReason.NOT_YET_VALID, CertificateUse.SIGNING, FederationEntityType.MS, "certificate was not yet valid!");
doThrow(createInvalidCertificatesException(List.of(invalidMatchingServiceCertificateDto, invalidIdpCertificateDto))).when(certificateChainConfigValidator).validate(Set.of(transactionConfigData, matchingServiceConfigData));
ConfigDataBootstrap configDataBootstrap = createConfigDataBootstrap(identityProviderConfigData, matchingServiceConfigData, transactionConfigData, translationData);
configDataBootstrap.start();
}
Also used :
MatchingServiceConfig(uk.gov.ida.hub.config.domain.MatchingServiceConfig)
MatchingServiceConfigBuilder.aMatchingServiceConfig(uk.gov.ida.hub.config.domain.builders.MatchingServiceConfigBuilder.aMatchingServiceConfig)
TranslationDataBuilder.aTranslationData(uk.gov.ida.hub.config.domain.builders.TranslationDataBuilder.aTranslationData)
TranslationData(uk.gov.ida.hub.config.domain.TranslationData)
IdentityProviderConfig(uk.gov.ida.hub.config.domain.IdentityProviderConfig)
TransactionConfig(uk.gov.ida.hub.config.domain.TransactionConfig)
InvalidCertificateDto(uk.gov.ida.hub.config.dto.InvalidCertificateDto)
Disabled(org.junit.jupiter.api.Disabled)
Example 3 with InvalidCertificateDto
use of uk.gov.ida.hub.config.dto.InvalidCertificateDto in project verify-hub by alphagov.
the class CertificateValidityCheckerTest method getsInvalidCertificates.
@Test
public void getsInvalidCertificates() {
String description = "X509 Certificate is missing or badly formed.";
CertPathValidatorException certPathValidatorException = new CertPathValidatorException(description);
when(certificateChainValidator.validate(localCertificate.getX509Certificate().get(), trustStore)).thenReturn(CertificateValidity.invalid(certPathValidatorException));
Set<InvalidCertificateDto> invalidCertificates = certificateValidityChecker.getInvalidCertificates(List.of(localCertificate));
InvalidCertificateDto expected = new InvalidCertificateDto(localCertificate.getIssuerEntityId(), certPathValidatorException.getReason(), CertificateUse.SIGNING, localCertificate.getFederationEntityType(), description);
assertThat(invalidCertificates).usingFieldByFieldElementComparator().containsOnly(expected);
}
Also used :
CertPathValidatorException(java.security.cert.CertPathValidatorException)
InvalidCertificateDto(uk.gov.ida.hub.config.dto.InvalidCertificateDto)
Test(org.junit.jupiter.api.Test)
Aggregations
InvalidCertificateDto (uk.gov.ida.hub.config.dto.InvalidCertificateDto)3
Test (org.junit.jupiter.api.Test)2
CertPathValidatorException (java.security.cert.CertPathValidatorException)1
Disabled (org.junit.jupiter.api.Disabled)1
IdentityProviderConfig (uk.gov.ida.hub.config.domain.IdentityProviderConfig)1
MatchingServiceConfig (uk.gov.ida.hub.config.domain.MatchingServiceConfig)1
TransactionConfig (uk.gov.ida.hub.config.domain.TransactionConfig)1
TranslationData (uk.gov.ida.hub.config.domain.TranslationData)1
MatchingServiceConfigBuilder.aMatchingServiceConfig (uk.gov.ida.hub.config.domain.builders.MatchingServiceConfigBuilder.aMatchingServiceConfig)1
TranslationDataBuilder.aTranslationData (uk.gov.ida.hub.config.domain.builders.TranslationDataBuilder.aTranslationData)1
