diff --git a/automationtests/src/main/java/io/mosip/testrig/apirig/admin/fw/util/AdminTestUtil.java b/automationtests/src/main/java/io/mosip/testrig/apirig/admin/fw/util/AdminTestUtil.java index 70533b94740..0686dd5ed6f 100644 --- a/automationtests/src/main/java/io/mosip/testrig/apirig/admin/fw/util/AdminTestUtil.java +++ b/automationtests/src/main/java/io/mosip/testrig/apirig/admin/fw/util/AdminTestUtil.java @@ -3278,6 +3278,10 @@ else if (testCaseName.contains("_Invalid_JwkHeader_")) jwkHeader = RSAKey.parse(getJWKKey(oidcJWK2)).toPublicJWK(); else if (testCaseName.contains("_Invalid_Aud_")) tempUrl = "sdfaf"; + else if (testCaseName.contains("_Empty_Aud_")) + tempUrl = ""; + else if (testCaseName.contains("_SpaceVal_Aud_")) + tempUrl = " "; else if (testCaseName.contains("_Invalid_Iss_")) clientId = "sdfdsg"; else if (testCaseName.contains("_Invalid_Exp_")) diff --git a/automationtests/src/main/resources/esignet/VCINegTC/AuthenticateUserVCI/AuthenticateUserVCI.yml b/automationtests/src/main/resources/esignet/VCINegTC/AuthenticateUserVCI/AuthenticateUserVCI.yml index bb5467cfc8d..0134d100acd 100644 --- a/automationtests/src/main/resources/esignet/VCINegTC/AuthenticateUserVCI/AuthenticateUserVCI.yml +++ b/automationtests/src/main/resources/esignet/VCINegTC/AuthenticateUserVCI/AuthenticateUserVCI.yml @@ -591,4 +591,103 @@ AuthenticateUserVCINegTC: "sendOtpResTemplate":"esignet/SendOtp/SendOtpResult", "maskedEmail": "$IGNORE$" } +}' + + ESignet_AuthenticateUserVCI_uin_Otp_NegAuthCodeScen5_Valid_Smoke: + endPoint: /v1/esignet/authorization/authenticate + role: resident + restMethod: post + checkErrorsOnlyInResponse: true + validityCheckRequired: true + inputTemplate: esignet/VCINegTC/AuthenticateUserVCI/AuthenticateUserVCI + outputTemplate: esignet/VCINegTC/AuthenticateUserVCI/AuthenticateUserVCIResultResult + input: '{ + "encodedHash": "$ID:OAuthDetailsRequest_VCI_uin_NegAuthCodeScen5_Valid_Smoke_sid_encodedResp$", + "requestTime": "$TIMESTAMP$", + "transactionId": "$ID:OAuthDetailsRequest_VCI_uin_NegAuthCodeScen5_Valid_Smoke_sid_transactionId$", + "individualId": "$ID:AddIdentity_Valid_Params_VCI_uin_Inv_Scen_smoke_Pos_UIN$", + "authFactorType" : "OTP", + "challenge" : "$ID:AddIdentity_Valid_Params_VCI_uin_Inv_Scen_smoke_Pos_EMAIL$", + "sendOtp":{ + "encodedHash": "$ID:OAuthDetailsRequest_VCI_uin_NegAuthCodeScen5_Valid_Smoke_sid_encodedResp$", + "requestTime": "$TIMESTAMP$", + "transactionId": "$ID:OAuthDetailsRequest_VCI_uin_NegAuthCodeScen5_Valid_Smoke_sid_transactionId$", + "individualId": "$ID:AddIdentity_Valid_Params_VCI_uin_Inv_Scen_smoke_Pos_UIN$", + "otpChannels": [{channel: "email"},{channel: "phone"}], + "sendOtpReqTemplate": "esignet/SendOtp/SendOtp", + "sendOtpEndPoint": "/v1/esignet/authorization/send-otp" + } + }' + output: '{ + "sendOtpResp":{ + "maskedMobile": "XXXXXX3210", + "sendOtpResTemplate":"esignet/SendOtp/SendOtpResult", + "maskedEmail": "$IGNORE$" + } +}' + + ESignet_AuthenticateUserVCI_uin_Otp_NegAuthCodeScen6_Valid_Smoke: + endPoint: /v1/esignet/authorization/authenticate + role: resident + restMethod: post + checkErrorsOnlyInResponse: true + validityCheckRequired: true + inputTemplate: esignet/VCINegTC/AuthenticateUserVCI/AuthenticateUserVCI + outputTemplate: esignet/VCINegTC/AuthenticateUserVCI/AuthenticateUserVCIResultResult + input: '{ + "encodedHash": "$ID:OAuthDetailsRequest_VCI_uin_NegAuthCodeScen6_Valid_Smoke_sid_encodedResp$", + "requestTime": "$TIMESTAMP$", + "transactionId": "$ID:OAuthDetailsRequest_VCI_uin_NegAuthCodeScen6_Valid_Smoke_sid_transactionId$", + "individualId": "$ID:AddIdentity_Valid_Params_VCI_uin_Inv_Scen_smoke_Pos_UIN$", + "authFactorType" : "OTP", + "challenge" : "$ID:AddIdentity_Valid_Params_VCI_uin_Inv_Scen_smoke_Pos_EMAIL$", + "sendOtp":{ + "encodedHash": "$ID:OAuthDetailsRequest_VCI_uin_NegAuthCodeScen6_Valid_Smoke_sid_encodedResp$", + "requestTime": "$TIMESTAMP$", + "transactionId": "$ID:OAuthDetailsRequest_VCI_uin_NegAuthCodeScen6_Valid_Smoke_sid_transactionId$", + "individualId": "$ID:AddIdentity_Valid_Params_VCI_uin_Inv_Scen_smoke_Pos_UIN$", + "otpChannels": [{channel: "email"},{channel: "phone"}], + "sendOtpReqTemplate": "esignet/SendOtp/SendOtp", + "sendOtpEndPoint": "/v1/esignet/authorization/send-otp" + } + }' + output: '{ + "sendOtpResp":{ + "maskedMobile": "XXXXXX3210", + "sendOtpResTemplate":"esignet/SendOtp/SendOtpResult", + "maskedEmail": "$IGNORE$" + } +}' + + ESignet_AuthenticateUserVCI_uin_Otp_NegAuthCodeScen7_Valid_Smoke: + endPoint: /v1/esignet/authorization/authenticate + role: resident + restMethod: post + checkErrorsOnlyInResponse: true + validityCheckRequired: true + inputTemplate: esignet/VCINegTC/AuthenticateUserVCI/AuthenticateUserVCI + outputTemplate: esignet/VCINegTC/AuthenticateUserVCI/AuthenticateUserVCIResultResult + input: '{ + "encodedHash": "$ID:OAuthDetailsRequest_VCI_uin_NegAuthCodeScen7_Valid_Smoke_sid_encodedResp$", + "requestTime": "$TIMESTAMP$", + "transactionId": "$ID:OAuthDetailsRequest_VCI_uin_NegAuthCodeScen7_Valid_Smoke_sid_transactionId$", + "individualId": "$ID:AddIdentity_Valid_Params_VCI_uin_Inv_Scen_smoke_Pos_UIN$", + "authFactorType" : "OTP", + "challenge" : "$ID:AddIdentity_Valid_Params_VCI_uin_Inv_Scen_smoke_Pos_EMAIL$", + "sendOtp":{ + "encodedHash": "$ID:OAuthDetailsRequest_VCI_uin_NegAuthCodeScen7_Valid_Smoke_sid_encodedResp$", + "requestTime": "$TIMESTAMP$", + "transactionId": "$ID:OAuthDetailsRequest_VCI_uin_NegAuthCodeScen7_Valid_Smoke_sid_transactionId$", + "individualId": "$ID:AddIdentity_Valid_Params_VCI_uin_Inv_Scen_smoke_Pos_UIN$", + "otpChannels": [{channel: "email"},{channel: "phone"}], + "sendOtpReqTemplate": "esignet/SendOtp/SendOtp", + "sendOtpEndPoint": "/v1/esignet/authorization/send-otp" + } + }' + output: '{ + "sendOtpResp":{ + "maskedMobile": "XXXXXX3210", + "sendOtpResTemplate":"esignet/SendOtp/SendOtpResult", + "maskedEmail": "$IGNORE$" + } }' \ No newline at end of file diff --git a/automationtests/src/main/resources/esignet/VCINegTC/AuthorizationCodeVCI/AuthorizationCodeVCI.yml b/automationtests/src/main/resources/esignet/VCINegTC/AuthorizationCodeVCI/AuthorizationCodeVCI.yml index 7818765b030..55dc0da35b0 100644 --- a/automationtests/src/main/resources/esignet/VCINegTC/AuthorizationCodeVCI/AuthorizationCodeVCI.yml +++ b/automationtests/src/main/resources/esignet/VCINegTC/AuthorizationCodeVCI/AuthorizationCodeVCI.yml @@ -315,4 +315,70 @@ AuthorizationCodeVCINegTC: "transactionId": "$ID:OAuthDetailsRequest_VCI_uin_NegCredScen9_Valid_Smoke_sid_transactionId$" }' output: '{ +}' + + ESignet_AuthorizationCode_VCI_uin_SpaceVal_Scope: + endPoint: /v1/esignet/authorization/auth-code + role: resident + restMethod: post + checkErrorsOnlyInResponse: true + validityCheckRequired: true + inputTemplate: esignet/VCINegTC/AuthorizationCodeVCI/AuthorizationCodeVCI + outputTemplate: esignet/error + input: '{ + "encodedHash": "$ID:OAuthDetailsRequest_VCI_uin_NegAuthCodeScen5_Valid_Smoke_sid_encodedResp$", + "requestTime": "$TIMESTAMP$", + "transactionId": "$ID:OAuthDetailsRequest_VCI_uin_NegAuthCodeScen5_Valid_Smoke_sid_transactionId$", + "permittedAuthorizeScopes": [{scope: " "}] +}' + output: '{ + "errors": [ + { + "errorCode": "invalid_permitted_scope" + } + ] +}' + + ESignet_AuthorizationCode_VCI_uin_Empty_Claim_Neg: + endPoint: /v1/esignet/authorization/auth-code + role: resident + restMethod: post + checkErrorsOnlyInResponse: true + validityCheckRequired: true + inputTemplate: esignet/VCINegTC/AuthorizationCodeVCI/AuthorizationCodeVCI + outputTemplate: esignet/error + input: '{ + "encodedHash": "$ID:OAuthDetailsRequest_VCI_uin_NegAuthCodeScen6_Valid_Smoke_sid_encodedResp$", + "requestTime": "$TIMESTAMP$", + "transactionId": "$ID:OAuthDetailsRequest_VCI_uin_NegAuthCodeScen6_Valid_Smoke_sid_transactionId$", + "acceptedClaims": [{claim: ""}] +}' + output: '{ + "errors": [ + { + "errorCode": "invalid_accepted_claim" + } + ] +}' + + ESignet_AuthorizationCode_VCI_uin_spaceVal_Claim_Neg: + endPoint: /v1/esignet/authorization/auth-code + role: resident + restMethod: post + checkErrorsOnlyInResponse: true + validityCheckRequired: true + inputTemplate: esignet/VCINegTC/AuthorizationCodeVCI/AuthorizationCodeVCI + outputTemplate: esignet/error + input: '{ + "encodedHash": "$ID:OAuthDetailsRequest_VCI_uin_NegAuthCodeScen7_Valid_Smoke_sid_encodedResp$", + "requestTime": "$TIMESTAMP$", + "transactionId": "$ID:OAuthDetailsRequest_VCI_uin_NegAuthCodeScen7_Valid_Smoke_sid_transactionId$", + "acceptedClaims": [{claim: " "}] +}' + output: '{ + "errors": [ + { + "errorCode": "invalid_accepted_claim" + } + ] }' \ No newline at end of file diff --git a/automationtests/src/main/resources/esignet/VCINegTC/GetCredential/GetCredential.yml b/automationtests/src/main/resources/esignet/VCINegTC/GetCredential/GetCredential.yml index a6b39199d78..f7face0ffd2 100644 --- a/automationtests/src/main/resources/esignet/VCINegTC/GetCredential/GetCredential.yml +++ b/automationtests/src/main/resources/esignet/VCINegTC/GetCredential/GetCredential.yml @@ -750,6 +750,48 @@ GetCredentialNegTC: "error":"invalid_proof" }' + ESignet_GetCredential_uin_IdpAccessToken_Empty_Aud_Neg: + endPoint: /v1/esignet/vci/credential + role: resident + checkErrorsOnlyInResponse: true + restMethod: post + validityCheckRequired: true + inputTemplate: esignet/VCINegTC/GetCredential/GetCredential + outputTemplate: esignet/error2 + input: '{ + "client_id": "$ID:CreateOIDCClient_all_Valid_Smoke_sid_clientId$", + "idpAccessToken": "$ID:GenerateTokenVCI_uin_NegCredScen9_Smoke_sid_access_token$", + "format": "ldp_vc", + "type": [{types: "VerifiableCredential"}, {types: "MOSIPVerifiableCredential"}], + "@context": [{context: "$VCICONTEXTURL$"}], + "proof_type": "jwt", + "proof_jwt": "$PROOFJWT$" +}' + output: '{ + "error":"invalid_proof" +}' + + ESignet_GetCredential_uin_IdpAccessToken_SpaceVal_Aud_Neg: + endPoint: /v1/esignet/vci/credential + role: resident + checkErrorsOnlyInResponse: true + restMethod: post + validityCheckRequired: true + inputTemplate: esignet/VCINegTC/GetCredential/GetCredential + outputTemplate: esignet/error2 + input: '{ + "client_id": "$ID:CreateOIDCClient_all_Valid_Smoke_sid_clientId$", + "idpAccessToken": "$ID:GenerateTokenVCI_uin_NegCredScen9_Smoke_sid_access_token$", + "format": "ldp_vc", + "type": [{types: "VerifiableCredential"}, {types: "MOSIPVerifiableCredential"}], + "@context": [{context: "$VCICONTEXTURL$"}], + "proof_type": "jwt", + "proof_jwt": "$PROOFJWT$" +}' + output: '{ + "error":"invalid_proof" +}' + ESignet_GetCredential_uin_IdpAccessToken_Invalid_Iss_Neg: endPoint: /v1/esignet/vci/credential role: resident diff --git a/automationtests/src/main/resources/esignet/VCINegTC/OAuthDetailsRequestVCI/OAuthDetailsRequestVCI.yml b/automationtests/src/main/resources/esignet/VCINegTC/OAuthDetailsRequestVCI/OAuthDetailsRequestVCI.yml index dd5d549aac4..83124641676 100644 --- a/automationtests/src/main/resources/esignet/VCINegTC/OAuthDetailsRequestVCI/OAuthDetailsRequestVCI.yml +++ b/automationtests/src/main/resources/esignet/VCINegTC/OAuthDetailsRequestVCI/OAuthDetailsRequestVCI.yml @@ -29,6 +29,36 @@ OAuthDetailsRequestVCINegTC: ] }' + ESignet_OAuthDetailsRequest_VCI_uin_SpaceVal_Scope_Neg: + endPoint: /v1/esignet/authorization/v2/oauth-details + role: resident + restMethod: post + checkErrorsOnlyInResponse: true + inputTemplate: esignet/VCINegTC/OAuthDetailsRequestVCI/OAuthDetailsRequestVCI + outputTemplate: esignet/error + input: '{ + "requestTime": "$TIMESTAMP$", + "clientId": "$ID:CreateOIDCClient_all_Valid_Smoke_sid_clientId$", + "scope": " ", + "responseType": "code", + "redirectUri": "$IDPREDIRECTURI$", + "display": "popup", + "prompt": "login", + "acrValues": "mosip:idp:acr:generated-code mosip:idp:acr:linked-wallet mosip:idp:acr:biometrics", + "nonce": "973eieljzng", + "state": "eree2311", + "claimsLocales": "en", + "codeChallenge": "$CODECHALLENGE$", + "codeChallengeMethod": "S256" +}' + output: '{ + "errors": [ + { + "errorCode": "invalid_scope" + } + ] +}' + ESignet_OAuthDetailsRequest_VCI_uin_Diff_Scope_sid: endPoint: /v1/esignet/authorization/v2/oauth-details role: resident @@ -145,6 +175,36 @@ OAuthDetailsRequestVCINegTC: ] }' + ESignet_OAuthDetailsRequest_VCI_uin_SpaceVal_Code_Challenge_Neg: + endPoint: /v1/esignet/authorization/v2/oauth-details + role: resident + restMethod: post + checkErrorsOnlyInResponse: true + inputTemplate: esignet/VCINegTC/OAuthDetailsRequestVCI/OAuthDetailsRequestVCI + outputTemplate: esignet/error + input: '{ + "requestTime": "$TIMESTAMP$", + "clientId": "$ID:CreateOIDCClient_all_Valid_Smoke_sid_clientId$", + "scope": "mosip_identity_vc_ldp", + "responseType": "code", + "redirectUri": "$IDPREDIRECTURI$", + "display": "popup", + "prompt": "login", + "acrValues": "mosip:idp:acr:generated-code mosip:idp:acr:linked-wallet mosip:idp:acr:biometrics", + "nonce": "973eieljzng", + "state": "eree2311", + "claimsLocales": "en", + "codeChallenge": " ", + "codeChallengeMethod": "S256" +}' + output: '{ + "errors": [ + { + "errorCode": "invalid_pkce_challenge" + } + ] +}' + ESignet_OAuthDetailsRequest_VCI_uin_Empty_Code_Challenge_Method_Neg: endPoint: /v1/esignet/authorization/v2/oauth-details role: resident @@ -175,6 +235,36 @@ OAuthDetailsRequestVCINegTC: ] }' + ESignet_OAuthDetailsRequest_VCI_uin_SpaceVal_Code_Challenge_Method_Neg: + endPoint: /v1/esignet/authorization/v2/oauth-details + role: resident + restMethod: post + checkErrorsOnlyInResponse: true + inputTemplate: esignet/VCINegTC/OAuthDetailsRequestVCI/OAuthDetailsRequestVCI + outputTemplate: esignet/error + input: '{ + "requestTime": "$TIMESTAMP$", + "clientId": "$ID:CreateOIDCClient_all_Valid_Smoke_sid_clientId$", + "scope": "mosip_identity_vc_ldp", + "responseType": "code", + "redirectUri": "$IDPREDIRECTURI$", + "display": "popup", + "prompt": "login", + "acrValues": "mosip:idp:acr:generated-code mosip:idp:acr:linked-wallet mosip:idp:acr:biometrics", + "nonce": "973eieljzng", + "state": "eree2311", + "claimsLocales": "en", + "codeChallenge": "$CODECHALLENGE$", + "codeChallengeMethod": " " +}' + output: '{ + "errors": [ + { + "errorCode": "unsupported_pkce_challenge_method" + } + ] +}' + ESignet_OAuthDetailsRequest_VCI_uin_Long_Code_Challenge_Pos: endPoint: /v1/esignet/authorization/v2/oauth-details role: resident @@ -381,6 +471,84 @@ OAuthDetailsRequestVCINegTC: }' output: '{ +}' + + ESignet_OAuthDetailsRequest_VCI_uin_NegAuthCodeScen5_Valid_Smoke_sid: + endPoint: /v1/esignet/authorization/v2/oauth-details + role: resident + restMethod: post + checkErrorsOnlyInResponse: true + inputTemplate: esignet/VCINegTC/OAuthDetailsRequestVCI/OAuthDetailsRequestVCI + outputTemplate: esignet/VCINegTC/OAuthDetailsRequestVCI/OAuthDetailsRequestVCIResult + input: '{ + "requestTime": "$TIMESTAMP$", + "clientId": "$ID:CreateOIDCClient_all_Valid_Smoke_sid_clientId$", + "scope": "mosip_identity_vc_ldp", + "responseType": "code", + "redirectUri": "$IDPREDIRECTURI$", + "display": "popup", + "prompt": "login", + "acrValues": "mosip:idp:acr:generated-code mosip:idp:acr:linked-wallet mosip:idp:acr:biometrics", + "nonce": "973eieljzng", + "state": "eree2311", + "claimsLocales": "en", + "codeChallenge": "$CODECHALLENGE$", + "codeChallengeMethod": "S256" +}' + output: '{ + +}' + + ESignet_OAuthDetailsRequest_VCI_uin_NegAuthCodeScen6_Valid_Smoke_sid: + endPoint: /v1/esignet/authorization/v2/oauth-details + role: resident + restMethod: post + checkErrorsOnlyInResponse: true + inputTemplate: esignet/VCINegTC/OAuthDetailsRequestVCI/OAuthDetailsRequestVCI + outputTemplate: esignet/VCINegTC/OAuthDetailsRequestVCI/OAuthDetailsRequestVCIResult + input: '{ + "requestTime": "$TIMESTAMP$", + "clientId": "$ID:CreateOIDCClient_all_Valid_Smoke_sid_clientId$", + "scope": "mosip_identity_vc_ldp", + "responseType": "code", + "redirectUri": "$IDPREDIRECTURI$", + "display": "popup", + "prompt": "login", + "acrValues": "mosip:idp:acr:generated-code mosip:idp:acr:linked-wallet mosip:idp:acr:biometrics", + "nonce": "973eieljzng", + "state": "eree2311", + "claimsLocales": "en", + "codeChallenge": "$CODECHALLENGE$", + "codeChallengeMethod": "S256" +}' + output: '{ + +}' + + ESignet_OAuthDetailsRequest_VCI_uin_NegAuthCodeScen7_Valid_Smoke_sid: + endPoint: /v1/esignet/authorization/v2/oauth-details + role: resident + restMethod: post + checkErrorsOnlyInResponse: true + inputTemplate: esignet/VCINegTC/OAuthDetailsRequestVCI/OAuthDetailsRequestVCI + outputTemplate: esignet/VCINegTC/OAuthDetailsRequestVCI/OAuthDetailsRequestVCIResult + input: '{ + "requestTime": "$TIMESTAMP$", + "clientId": "$ID:CreateOIDCClient_all_Valid_Smoke_sid_clientId$", + "scope": "mosip_identity_vc_ldp", + "responseType": "code", + "redirectUri": "$IDPREDIRECTURI$", + "display": "popup", + "prompt": "login", + "acrValues": "mosip:idp:acr:generated-code mosip:idp:acr:linked-wallet mosip:idp:acr:biometrics", + "nonce": "973eieljzng", + "state": "eree2311", + "claimsLocales": "en", + "codeChallenge": "$CODECHALLENGE$", + "codeChallengeMethod": "S256" +}' + output: '{ + }' ESignet_OAuthDetailsRequest_VCI_uin_NegTokenScen1_Valid_Smoke_sid: