MOSIP-29513

automationtests/src/main/java/io/mosip/testrig/apirig/admin/fw/util/AdminTestUtil.java

@@ -3264,25 +3264,39 @@ public static String signJWK(String clientId, String accessToken, RSAKey jwkKey,
 
 			if (testCaseName.contains("_Invalid_C_nonce_"))
 				nonce = "jwt_payload.c_nonce123";
-			if (testCaseName.contains("_Empty_Typ_"))
+			else if (testCaseName.contains("_Empty_C_nonce_"))
+				nonce = "";
+			else if (testCaseName.contains("_SpaceVal_C_nonce_"))
+				nonce = "  ";
+			else if (testCaseName.contains("_Empty_Typ_"))
 				typ = "";
-			if (testCaseName.contains("_Invalid_Typ_"))
+			else if (testCaseName.contains("_SpaceVal_Typ_"))
+				typ = "  ";
+			else if (testCaseName.contains("_Invalid_Typ_"))
 				typ = "openid4vci-123@proof+jwt";
+			else if (testCaseName.contains("_Invalid_JwkHeader_"))
+				jwkHeader = RSAKey.parse(getJWKKey(oidcJWK2)).toPublicJWK();
+			else if (testCaseName.contains("_Invalid_Aud_"))
+				tempUrl = "sdfaf";
+			else if (testCaseName.contains("_Invalid_Iss_"))
+				clientId = "sdfdsg";
+			else if (testCaseName.contains("_Invalid_Exp_"))
+				idTokenExpirySecs = 0;
 
 			claimsSet = new JWTClaimsSet.Builder().audience(tempUrl).claim("nonce", nonce).issuer(clientId)
 					.issueTime(new Date()).expirationTime(new Date(new Date().getTime() + idTokenExpirySecs)).build();
 
 			if (testCaseName.contains("_Missing_Typ_")) {
+				signedJWT = new SignedJWT(new JWSHeader.Builder(JWSAlgorithm.RS256).jwk(jwkHeader).build(), claimsSet);
+			} else if (testCaseName.contains("_Missing_JwkHeader_")) {
 				signedJWT = new SignedJWT(
-						new JWSHeader.Builder(JWSAlgorithm.RS256).jwk(jwkHeader).build(),
-						claimsSet);
+						new JWSHeader.Builder(JWSAlgorithm.RS256).type(new JOSEObjectType(typ)).build(), claimsSet);
 			} else {
 				signedJWT = new SignedJWT(
 						new JWSHeader.Builder(JWSAlgorithm.RS256).type(new JOSEObjectType(typ)).jwk(jwkHeader).build(),
 						claimsSet);
 			}
 
-
 			signedJWT.sign(signer);
 			proofJWT = signedJWT.serialize();
 		} catch (Exception e) {

automationtests/src/main/resources/esignet/VCINegTC/GetCredential/GetCredential.yml

@@ -561,6 +561,48 @@ GetCredentialNegTC:
       "error":"invalid_proof"
 }'
 
+   ESignet_GetCredential_uin_IdpAccessToken_Empty_C_nonce_Neg:
+      endPoint: /v1/esignet/vci/credential
+      role: resident
+      checkErrorsOnlyInResponse: true
+      restMethod: post
+      validityCheckRequired: true
+      inputTemplate: esignet/VCINegTC/GetCredential/GetCredential
+      outputTemplate: esignet/error2
+      input: '{
+      	"client_id": "$ID:CreateOIDCClient_all_Valid_Smoke_sid_clientId$",
+        "idpAccessToken": "$ID:GenerateTokenVCI_uin_NegCredScen9_Smoke_sid_access_token$",
+        "format": "ldp_vc",
+      	"type": [{types: "VerifiableCredential"}, {types: "MOSIPVerifiableCredential"}],
+      	"@context": [{context: "$VCICONTEXTURL$"}],
+      	"proof_type": "jwt",
+        "proof_jwt": "$PROOFJWT$"
+}'
+      output: '{
+      "error":"invalid_proof"
+}'
+
+   ESignet_GetCredential_uin_IdpAccessToken_SpaceVal_C_nonce_Neg:
+      endPoint: /v1/esignet/vci/credential
+      role: resident
+      checkErrorsOnlyInResponse: true
+      restMethod: post
+      validityCheckRequired: true
+      inputTemplate: esignet/VCINegTC/GetCredential/GetCredential
+      outputTemplate: esignet/error2
+      input: '{
+      	"client_id": "$ID:CreateOIDCClient_all_Valid_Smoke_sid_clientId$",
+        "idpAccessToken": "$ID:GenerateTokenVCI_uin_NegCredScen9_Smoke_sid_access_token$",
+        "format": "ldp_vc",
+      	"type": [{types: "VerifiableCredential"}, {types: "MOSIPVerifiableCredential"}],
+      	"@context": [{context: "$VCICONTEXTURL$"}],
+      	"proof_type": "jwt",
+        "proof_jwt": "$PROOFJWT$"
+}'
+      output: '{
+      "error":"invalid_proof"
+}'
+
    ESignet_GetCredential_uin_IdpAccessToken_Empty_Typ_Neg:
       endPoint: /v1/esignet/vci/credential
       role: resident
@@ -582,6 +624,27 @@ GetCredentialNegTC:
       "error":"invalid_proof"
 }'
 
+   ESignet_GetCredential_uin_IdpAccessToken_SpaceVal_Typ_Neg:
+      endPoint: /v1/esignet/vci/credential
+      role: resident
+      checkErrorsOnlyInResponse: true
+      restMethod: post
+      validityCheckRequired: true
+      inputTemplate: esignet/VCINegTC/GetCredential/GetCredential
+      outputTemplate: esignet/error2
+      input: '{
+      	"client_id": "$ID:CreateOIDCClient_all_Valid_Smoke_sid_clientId$",
+        "idpAccessToken": "$ID:GenerateTokenVCI_uin_NegCredScen9_Smoke_sid_access_token$",
+        "format": "ldp_vc",
+      	"type": [{types: "VerifiableCredential"}, {types: "MOSIPVerifiableCredential"}],
+      	"@context": [{context: "$VCICONTEXTURL$"}],
+      	"proof_type": "jwt",
+        "proof_jwt": "$PROOFJWT$"
+}'
+      output: '{
+      "error":"invalid_proof"
+}'
+
    ESignet_GetCredential_uin_IdpAccessToken_Invalid_Typ_Neg:
       endPoint: /v1/esignet/vci/credential
       role: resident
@@ -622,4 +685,109 @@ GetCredentialNegTC:
 }'
       output: '{
       "error":"invalid_proof"
+}'
+
+   ESignet_GetCredential_uin_IdpAccessToken_Invalid_JwkHeader_Neg:
+      endPoint: /v1/esignet/vci/credential
+      role: resident
+      checkErrorsOnlyInResponse: true
+      restMethod: post
+      validityCheckRequired: true
+      inputTemplate: esignet/VCINegTC/GetCredential/GetCredential
+      outputTemplate: esignet/error2
+      input: '{
+      	"client_id": "$ID:CreateOIDCClient_all_Valid_Smoke_sid_clientId$",
+        "idpAccessToken": "$ID:GenerateTokenVCI_uin_NegCredScen9_Smoke_sid_access_token$",
+        "format": "ldp_vc",
+      	"type": [{types: "VerifiableCredential"}, {types: "MOSIPVerifiableCredential"}],
+      	"@context": [{context: "$VCICONTEXTURL$"}],
+      	"proof_type": "jwt",
+        "proof_jwt": "$PROOFJWT$"
+}'
+      output: '{
+      "error":"invalid_proof"
+}'
+
+   ESignet_GetCredential_uin_IdpAccessToken_Missing_JwkHeader_Neg:
+      endPoint: /v1/esignet/vci/credential
+      role: resident
+      checkErrorsOnlyInResponse: true
+      restMethod: post
+      validityCheckRequired: true
+      inputTemplate: esignet/VCINegTC/GetCredential/GetCredential
+      outputTemplate: esignet/error2
+      input: '{
+      	"client_id": "$ID:CreateOIDCClient_all_Valid_Smoke_sid_clientId$",
+        "idpAccessToken": "$ID:GenerateTokenVCI_uin_NegCredScen9_Smoke_sid_access_token$",
+        "format": "ldp_vc",
+      	"type": [{types: "VerifiableCredential"}, {types: "MOSIPVerifiableCredential"}],
+      	"@context": [{context: "$VCICONTEXTURL$"}],
+      	"proof_type": "jwt",
+        "proof_jwt": "$PROOFJWT$"
+}'
+      output: '{
+      "error":"invalid_proof"
+}'
+
+   ESignet_GetCredential_uin_IdpAccessToken_Invalid_Aud_Neg:
+      endPoint: /v1/esignet/vci/credential
+      role: resident
+      checkErrorsOnlyInResponse: true
+      restMethod: post
+      validityCheckRequired: true
+      inputTemplate: esignet/VCINegTC/GetCredential/GetCredential
+      outputTemplate: esignet/error2
+      input: '{
+      	"client_id": "$ID:CreateOIDCClient_all_Valid_Smoke_sid_clientId$",
+        "idpAccessToken": "$ID:GenerateTokenVCI_uin_NegCredScen9_Smoke_sid_access_token$",
+        "format": "ldp_vc",
+      	"type": [{types: "VerifiableCredential"}, {types: "MOSIPVerifiableCredential"}],
+      	"@context": [{context: "$VCICONTEXTURL$"}],
+      	"proof_type": "jwt",
+        "proof_jwt": "$PROOFJWT$"
+}'
+      output: '{
+      "error":"invalid_proof"
+}'
+
+   ESignet_GetCredential_uin_IdpAccessToken_Invalid_Iss_Neg:
+      endPoint: /v1/esignet/vci/credential
+      role: resident
+      checkErrorsOnlyInResponse: true
+      restMethod: post
+      validityCheckRequired: true
+      inputTemplate: esignet/VCINegTC/GetCredential/GetCredential
+      outputTemplate: esignet/error2
+      input: '{
+      	"client_id": "$ID:CreateOIDCClient_all_Valid_Smoke_sid_clientId$",
+        "idpAccessToken": "$ID:GenerateTokenVCI_uin_NegCredScen9_Smoke_sid_access_token$",
+        "format": "ldp_vc",
+      	"type": [{types: "VerifiableCredential"}, {types: "MOSIPVerifiableCredential"}],
+      	"@context": [{context: "$VCICONTEXTURL$"}],
+      	"proof_type": "jwt",
+        "proof_jwt": "$PROOFJWT$"
+}'
+      output: '{
+      "error":"invalid_proof"
+}'
+
+   ESignet_GetCredential_uin_IdpAccessToken_Invalid_Exp_Neg:
+      endPoint: /v1/esignet/vci/credential
+      role: resident
+      checkErrorsOnlyInResponse: true
+      restMethod: post
+      validityCheckRequired: true
+      inputTemplate: esignet/VCINegTC/GetCredential/GetCredential
+      outputTemplate: esignet/error2
+      input: '{
+      	"client_id": "$ID:CreateOIDCClient_all_Valid_Smoke_sid_clientId$",
+        "idpAccessToken": "$ID:GenerateTokenVCI_uin_NegCredScen9_Smoke_sid_access_token$",
+        "format": "ldp_vc",
+      	"type": [{types: "VerifiableCredential"}, {types: "MOSIPVerifiableCredential"}],
+      	"@context": [{context: "$VCICONTEXTURL$"}],
+      	"proof_type": "jwt",
+        "proof_jwt": "$PROOFJWT$"
+}'
+      output: '{
+      "error":"invalid_proof"
 }'