diff --git a/authentication/authentication-common/src/main/java/io/mosip/authentication/common/service/filter/BaseAuthFilter.java b/authentication/authentication-common/src/main/java/io/mosip/authentication/common/service/filter/BaseAuthFilter.java index ae77638a80b..a2a23c849a6 100644 --- a/authentication/authentication-common/src/main/java/io/mosip/authentication/common/service/filter/BaseAuthFilter.java +++ b/authentication/authentication-common/src/main/java/io/mosip/authentication/common/service/filter/BaseAuthFilter.java @@ -11,7 +11,6 @@ import org.apache.commons.io.IOUtils; import org.springframework.beans.factory.annotation.Autowired; -import org.springframework.stereotype.Component; import org.springframework.web.context.WebApplicationContext; import org.springframework.web.context.support.WebApplicationContextUtils; @@ -35,7 +34,7 @@ * @author Manoj SP * @author Sanjay Murali */ -@Component + public abstract class BaseAuthFilter extends BaseIDAFilter { private static final String SIGNATURE_HEADER = "signature header"; diff --git a/authentication/authentication-common/src/main/java/io/mosip/authentication/common/service/filter/DefaultAuthTypeFilter.java b/authentication/authentication-common/src/main/java/io/mosip/authentication/common/service/filter/DefaultAuthTypeFilter.java index d314417b3c9..ff31b3bf213 100644 --- a/authentication/authentication-common/src/main/java/io/mosip/authentication/common/service/filter/DefaultAuthTypeFilter.java +++ b/authentication/authentication-common/src/main/java/io/mosip/authentication/common/service/filter/DefaultAuthTypeFilter.java @@ -7,7 +7,7 @@ * * @author Dinesh Karuppiah.T */ -@Component + public class DefaultAuthTypeFilter extends DefaultInternalFilter { diff --git a/authentication/authentication-common/src/main/java/io/mosip/authentication/common/service/filter/DefaultInternalFilter.java b/authentication/authentication-common/src/main/java/io/mosip/authentication/common/service/filter/DefaultInternalFilter.java index c465ccbb8e8..5cac819e927 100644 --- a/authentication/authentication-common/src/main/java/io/mosip/authentication/common/service/filter/DefaultInternalFilter.java +++ b/authentication/authentication-common/src/main/java/io/mosip/authentication/common/service/filter/DefaultInternalFilter.java @@ -8,8 +8,6 @@ import java.util.Objects; import java.util.stream.Collectors; -import org.springframework.stereotype.Component; - import io.mosip.authentication.core.constant.IdAuthCommonConstants; import io.mosip.authentication.core.constant.IdAuthConfigKeyConstants; import io.mosip.authentication.core.exception.IdAuthenticationAppException; @@ -21,7 +19,7 @@ * * @author Manoj SP */ -@Component + public class DefaultInternalFilter extends InternalAuthFilter { /* (non-Javadoc) diff --git a/authentication/authentication-common/src/main/java/io/mosip/authentication/common/service/filter/IdAuthFilter.java b/authentication/authentication-common/src/main/java/io/mosip/authentication/common/service/filter/IdAuthFilter.java index e9a162fac2c..5a41004e592 100644 --- a/authentication/authentication-common/src/main/java/io/mosip/authentication/common/service/filter/IdAuthFilter.java +++ b/authentication/authentication-common/src/main/java/io/mosip/authentication/common/service/filter/IdAuthFilter.java @@ -85,7 +85,7 @@ * @author Loganathan Sekar * @author Nagarjuna K */ -@Component + public abstract class IdAuthFilter extends BaseAuthFilter { private static Logger mosipLogger = IdaLogger.getLogger(IdAuthFilter.class); diff --git a/authentication/authentication-common/src/main/java/io/mosip/authentication/common/service/filter/InternalOtpFilter.java b/authentication/authentication-common/src/main/java/io/mosip/authentication/common/service/filter/InternalOtpFilter.java index ca2a882b6ed..3a1df54e45d 100644 --- a/authentication/authentication-common/src/main/java/io/mosip/authentication/common/service/filter/InternalOtpFilter.java +++ b/authentication/authentication-common/src/main/java/io/mosip/authentication/common/service/filter/InternalOtpFilter.java @@ -1,8 +1,6 @@ package io.mosip.authentication.common.service.filter; -import org.springframework.stereotype.Component; -@Component public class InternalOtpFilter extends DefaultInternalFilter { protected boolean needStoreAuthTransaction() { diff --git a/authentication/authentication-common/src/test/java/io/mosip/authentication/common/service/util/KeyBindedTokenMatcherUtilTest.java b/authentication/authentication-common/src/test/java/io/mosip/authentication/common/service/util/KeyBindedTokenMatcherUtilTest.java index 6bfd363de7d..96f0fc0d432 100644 --- a/authentication/authentication-common/src/test/java/io/mosip/authentication/common/service/util/KeyBindedTokenMatcherUtilTest.java +++ b/authentication/authentication-common/src/test/java/io/mosip/authentication/common/service/util/KeyBindedTokenMatcherUtilTest.java @@ -19,9 +19,16 @@ import java.security.cert.Certificate; import java.security.cert.CertificateException; import java.security.cert.CertificateFactory; -import java.util.HashMap; -import java.util.Map; -import java.util.Objects; +import java.util.*; + +import com.nimbusds.jose.JOSEException; +import com.nimbusds.jose.JWSAlgorithm; +import com.nimbusds.jose.JWSHeader; +import com.nimbusds.jose.JWSSigner; +import com.nimbusds.jose.crypto.MACSigner; +import com.nimbusds.jose.util.Base64URL; +import com.nimbusds.jwt.JWTClaimsSet; +import com.nimbusds.jwt.SignedJWT; @RunWith(SpringRunner.class) public class KeyBindedTokenMatcherUtilTest { @@ -84,7 +91,7 @@ public void matchTestWithInValidThumbprint_thenFail() { } } @Test - public void matchTestWithInValidCerts_thenFail() throws IdAuthenticationBusinessException { + public void matchTestWithInValidCerts_thenFail() throws Exception { ReflectionTestUtils.setField(keyBindedTokenMatcherUtil, "iatAdjSeconds", 30000000); Map properties =new HashMap<>(); Map bindingCertificates =new HashMap<>(); @@ -92,8 +99,7 @@ public void matchTestWithInValidCerts_thenFail() throws IdAuthenticationBusiness input.put("individualId","individualId"); input.put("type","type"); input.put("format","jwt"); - input.put("token","eyJ0eXAiOiJKV1QiLCJ4NXQjUzI1NiI6IjBFSmtKMDYyWnZNZ0dKSk9BRVNYWFo1Tl9hamRDOG04Y0hPTXVKVVRGWUEiLCJhbGciOiJSUzI1NiJ9.eyJpYXQiOjE2OTg5ODgyMTcsIm5iZiI6MTY5ODk4ODIxNywiZXhwIjoxNjk4OTg4ODIyLCJqdGkiOiJYZkpRaGVfU3RuNTNmaWc3YVV3V3MiLCJhdWQiOiJpZGEtYmluZGluZyIsInN1YiI6IjQxNTg2MTI2MDkiLCJpc3MiOiJwb3N0bWFuLWluamkifQ.bSqcJZlq5PyAExwPoww41OF-vBIyaADZ8OsXzA_7gtowNl0kChVAB11eIPEcjuFvYeQiSpQgNZsS2-w84ZBdiqh72kkJQLjN7ItMKNf-cekNRmG6XFf1os1vom7CwrguataoYvboiiXYw0WUfsZTmnhcOKC8XN3qAsB2YAyYEnBJBeKy5aCNAfJiOULTMrqAqcu-A1MA_wtAkaCJggiNxf1-5bJWjZYyQOkis0nHmbgWjzzThdd6TzMkLnUyNxzO2n1E9A19OJ2ZH0ZN1d46c8QBMsYmGX-Kz8B8GBDnDlwC4M5g4hmxuXCN6sBcVjAONl92LxI1htSZ6muv3xL1YQ"); - + input.put("token", generateTestJwtToken()); try { keyBindedTokenMatcherUtil.match(input, bindingCertificates, properties); }catch (IdAuthenticationBusinessException e){ @@ -101,6 +107,33 @@ public void matchTestWithInValidCerts_thenFail() throws IdAuthenticationBusiness } } + private String generateTestJwtToken() throws JOSEException { + // Secret key for signing - in production, this should be stored securely + String secretKey = "your-256-bit-secret-key-for-testing-purposes-only"; + // Create HMAC signer + JWSSigner signer = new MACSigner(secretKey.getBytes()); + // Create header with thumbprint + JWSHeader header = new JWSHeader.Builder(JWSAlgorithm.HS256) + .x509CertSHA256Thumbprint(Base64URL.encode(Base64.getDecoder().decode("dGVzdF90aHVtYnByaW50"))) // "test_thumbprint" in base64 + .build(); + // Prepare JWT with claims + JWTClaimsSet claimsSet = new JWTClaimsSet.Builder() + .subject("test-user") + .issuer("test-issuer") + .claim("name", "Test User") + .claim("email", "test@example.com") + .claim("roles", "ROLE_USER") + .issueTime(new Date()) + .expirationTime(new Date(System.currentTimeMillis() + 24 * 60 * 60 * 1000)) // 24 hours + .build(); + // Create signed JWT with custom header + SignedJWT signedJWT = new SignedJWT(header, claimsSet); + // Sign the JWT + signedJWT.sign(signer); + // Serialize to compact form + return signedJWT.serialize(); + } + @Test public void matchTestWithValidCerts_thenFail() throws IdAuthenticationBusinessException { ReflectionTestUtils.setField(keyBindedTokenMatcherUtil, "iatAdjSeconds", 300000000); diff --git a/authentication/authentication-otp-service/src/main/java/io/mosip/authentication/otp/service/filter/OTPFilter.java b/authentication/authentication-otp-service/src/main/java/io/mosip/authentication/otp/service/filter/OTPFilter.java index 46e79ec64e1..ed69797b161 100644 --- a/authentication/authentication-otp-service/src/main/java/io/mosip/authentication/otp/service/filter/OTPFilter.java +++ b/authentication/authentication-otp-service/src/main/java/io/mosip/authentication/otp/service/filter/OTPFilter.java @@ -8,8 +8,6 @@ import java.util.Objects; import java.util.stream.Collectors; -import org.springframework.stereotype.Component; - import io.mosip.authentication.common.service.filter.IdAuthFilter; import io.mosip.authentication.common.service.filter.ResettableStreamHttpServletRequest; import io.mosip.authentication.core.constant.IdAuthenticationErrorConstants; @@ -21,7 +19,7 @@ * * @author Manoj SP */ -@Component + public class OTPFilter extends IdAuthFilter { /** The Constant AUTH. */ diff --git a/authentication/authentication-service/src/main/java/io/mosip/authentication/service/kyc/filter/IdentityKeyBindingFilter.java b/authentication/authentication-service/src/main/java/io/mosip/authentication/service/kyc/filter/IdentityKeyBindingFilter.java index b3bfa33f013..e55e58ef2e0 100644 --- a/authentication/authentication-service/src/main/java/io/mosip/authentication/service/kyc/filter/IdentityKeyBindingFilter.java +++ b/authentication/authentication-service/src/main/java/io/mosip/authentication/service/kyc/filter/IdentityKeyBindingFilter.java @@ -3,8 +3,6 @@ import java.util.List; import java.util.Map; -import org.springframework.stereotype.Component; - import io.mosip.authentication.common.service.filter.IdAuthFilter; import io.mosip.authentication.common.service.filter.ResettableStreamHttpServletRequest; import io.mosip.authentication.core.constant.IdAuthCommonConstants; @@ -21,7 +19,7 @@ * * @author Mahammed Taheer */ -@Component + public class IdentityKeyBindingFilter extends IdAuthFilter { private static Logger mosipLogger = IdaLogger.getLogger(IdentityKeyBindingFilter.class); diff --git a/authentication/authentication-service/src/main/java/io/mosip/authentication/service/kyc/filter/KycAuthFilter.java b/authentication/authentication-service/src/main/java/io/mosip/authentication/service/kyc/filter/KycAuthFilter.java index 426f3824b39..d61c00a49df 100644 --- a/authentication/authentication-service/src/main/java/io/mosip/authentication/service/kyc/filter/KycAuthFilter.java +++ b/authentication/authentication-service/src/main/java/io/mosip/authentication/service/kyc/filter/KycAuthFilter.java @@ -5,8 +5,6 @@ import java.util.Map; import java.util.Set; -import org.springframework.stereotype.Component; - import io.mosip.authentication.common.service.filter.IdAuthFilter; import io.mosip.authentication.common.service.filter.ResettableStreamHttpServletRequest; import io.mosip.authentication.common.service.util.AuthTypeUtil; @@ -25,7 +23,7 @@ * * @author Mahammed Taheer */ -@Component + public class KycAuthFilter extends IdAuthFilter { private static Logger mosipLogger = IdaLogger.getLogger(KycAuthFilter.class); diff --git a/authentication/authentication-service/src/main/java/io/mosip/authentication/service/kyc/filter/KycAuthenticationFilter.java b/authentication/authentication-service/src/main/java/io/mosip/authentication/service/kyc/filter/KycAuthenticationFilter.java index 2da7db488a4..d659f82406a 100644 --- a/authentication/authentication-service/src/main/java/io/mosip/authentication/service/kyc/filter/KycAuthenticationFilter.java +++ b/authentication/authentication-service/src/main/java/io/mosip/authentication/service/kyc/filter/KycAuthenticationFilter.java @@ -3,8 +3,6 @@ import java.util.List; import java.util.Map; -import org.springframework.stereotype.Component; - import io.mosip.authentication.common.service.filter.IdAuthFilter; import io.mosip.authentication.common.service.filter.ResettableStreamHttpServletRequest; import io.mosip.authentication.core.constant.IdAuthenticationErrorConstants; @@ -17,7 +15,7 @@ * * @author Sanjay Murali */ -@Component + public class KycAuthenticationFilter extends IdAuthFilter { /** The Constant KYC. */ diff --git a/authentication/authentication-service/src/main/java/io/mosip/authentication/service/kyc/filter/KycExchangeFilter.java b/authentication/authentication-service/src/main/java/io/mosip/authentication/service/kyc/filter/KycExchangeFilter.java index e303e9cf132..a30ab699889 100644 --- a/authentication/authentication-service/src/main/java/io/mosip/authentication/service/kyc/filter/KycExchangeFilter.java +++ b/authentication/authentication-service/src/main/java/io/mosip/authentication/service/kyc/filter/KycExchangeFilter.java @@ -3,8 +3,6 @@ import java.util.List; import java.util.Map; -import org.springframework.stereotype.Component; - import io.mosip.authentication.common.service.filter.IdAuthFilter; import io.mosip.authentication.common.service.filter.ResettableStreamHttpServletRequest; import io.mosip.authentication.core.constant.IdAuthCommonConstants; @@ -21,7 +19,7 @@ * * @author Mahammed Taheer */ -@Component + public class KycExchangeFilter extends IdAuthFilter { private static Logger mosipLogger = IdaLogger.getLogger(KycAuthFilter.class); diff --git a/authentication/authentication-service/src/main/java/io/mosip/authentication/service/kyc/filter/VciExchangeFilter.java b/authentication/authentication-service/src/main/java/io/mosip/authentication/service/kyc/filter/VciExchangeFilter.java index 54b6ff05667..352adca10bc 100644 --- a/authentication/authentication-service/src/main/java/io/mosip/authentication/service/kyc/filter/VciExchangeFilter.java +++ b/authentication/authentication-service/src/main/java/io/mosip/authentication/service/kyc/filter/VciExchangeFilter.java @@ -21,7 +21,7 @@ * * @author Mahammed Taheer */ -@Component + public class VciExchangeFilter extends IdAuthFilter { private static Logger mosipLogger = IdaLogger.getLogger(VciExchangeFilter.class);