session_test.go 17.9 KB
Newer Older
1
package sessiontest
Sietse Ringers's avatar
Sietse Ringers committed
2
3

import (
4
	"encoding/base64"
Sietse Ringers's avatar
Sietse Ringers committed
5
	"encoding/json"
6
7
	"io/ioutil"
	"path/filepath"
Sietse Ringers's avatar
Sietse Ringers committed
8
	"strings"
Sietse Ringers's avatar
Sietse Ringers committed
9
	"testing"
10
	"time"
Sietse Ringers's avatar
Sietse Ringers committed
11

12
	"github.com/dgrijalva/jwt-go"
13
	"github.com/privacybydesign/irmago"
14
	"github.com/privacybydesign/irmago/internal/fs"
15
	"github.com/privacybydesign/irmago/internal/test"
16
	"github.com/privacybydesign/irmago/irmaclient"
Sietse Ringers's avatar
Sietse Ringers committed
17
18
19
	"github.com/stretchr/testify/require"
)

20
21
22
23
func init() {
	irma.ForceHttps = false
}

Sietse Ringers's avatar
Sietse Ringers committed
24
25
26
func getDisclosureRequest(id irma.AttributeTypeIdentifier) *irma.DisclosureRequest {
	return &irma.DisclosureRequest{
		BaseRequest: irma.BaseRequest{Type: irma.ActionDisclosing},
27
		Content: irma.AttributeDisjunctionList([]*irma.AttributeDisjunction{{
Sietse Ringers's avatar
Sietse Ringers committed
28
			Label:      "foo",
29
			Attributes: []irma.AttributeTypeIdentifier{id},
Sietse Ringers's avatar
Sietse Ringers committed
30
		}}),
Sietse Ringers's avatar
Sietse Ringers committed
31
	}
Sietse Ringers's avatar
Sietse Ringers committed
32
33
}

Sietse Ringers's avatar
Sietse Ringers committed
34
35
func getSigningRequest(id irma.AttributeTypeIdentifier) *irma.SignatureRequest {
	return &irma.SignatureRequest{
36
		Message: "test",
37
		DisclosureRequest: irma.DisclosureRequest{
Sietse Ringers's avatar
Sietse Ringers committed
38
			BaseRequest: irma.BaseRequest{Type: irma.ActionSigning},
39
			Content: irma.AttributeDisjunctionList([]*irma.AttributeDisjunction{{
Sietse Ringers's avatar
Sietse Ringers committed
40
				Label:      "foo",
41
				Attributes: []irma.AttributeTypeIdentifier{id},
Sietse Ringers's avatar
Sietse Ringers committed
42
43
			}}),
		},
Sietse Ringers's avatar
Sietse Ringers committed
44
	}
Sietse Ringers's avatar
Sietse Ringers committed
45
46
}

47
func getIssuanceRequest(defaultValidity bool) *irma.IssuanceRequest {
48
	temp := irma.Timestamp(irma.FloorToEpochBoundary(time.Now().AddDate(1, 0, 0)))
49
	var expiry *irma.Timestamp
50

51
52
53
54
	if !defaultValidity {
		expiry = &temp
	}

55
	return &irma.IssuanceRequest{
Sietse Ringers's avatar
Sietse Ringers committed
56
		BaseRequest: irma.BaseRequest{Type: irma.ActionIssuing},
57
		Credentials: []*irma.CredentialRequest{
Sietse Ringers's avatar
Sietse Ringers committed
58
			{
59
				Validity:         expiry,
60
				CredentialTypeID: irma.NewCredentialTypeIdentifier("irma-demo.RU.studentCard"),
Sietse Ringers's avatar
Sietse Ringers committed
61
62
				Attributes: map[string]string{
					"university":        "Radboud",
63
					"studentCardNumber": "31415927",
Sietse Ringers's avatar
Sietse Ringers committed
64
65
66
67
					"studentID":         "s1234567",
					"level":             "42",
				},
			}, {
68
				Validity:         expiry,
69
				CredentialTypeID: irma.NewCredentialTypeIdentifier("irma-demo.MijnOverheid.root"),
Sietse Ringers's avatar
Sietse Ringers committed
70
71
72
73
74
				Attributes: map[string]string{
					"BSN": "299792458",
				},
			},
		},
75
76
77
	}
}

78
79
func getNameIssuanceRequest() *irma.IssuanceRequest {
	expiry := irma.Timestamp(irma.NewMetadataAttribute(0).Expiry())
80
81

	req := &irma.IssuanceRequest{
Sietse Ringers's avatar
Sietse Ringers committed
82
		BaseRequest: irma.BaseRequest{Type: irma.ActionIssuing},
83
84
85
		Credentials: []*irma.CredentialRequest{
			{
				Validity:         &expiry,
86
				CredentialTypeID: irma.NewCredentialTypeIdentifier("irma-demo.MijnOverheid.fullName"),
87
88
89
90
91
92
93
94
95
96
97
98
				Attributes: map[string]string{
					"firstnames": "Johan Pieter",
					"firstname":  "Johan",
					"familyname": "Stuivezand",
				},
			},
		},
	}

	return req
}

Sietse Ringers's avatar
Sietse Ringers committed
99
100
101
102
func getSpecialIssuanceRequest(defaultValidity bool, attribute string) *irma.IssuanceRequest {
	request := getIssuanceRequest(defaultValidity)
	request.Credentials[0].Attributes["studentCardNumber"] = attribute
	return request
103
104
}

Sietse Ringers's avatar
Sietse Ringers committed
105
106
107
func getCombinedIssuanceRequest(id irma.AttributeTypeIdentifier) *irma.IssuanceRequest {
	request := getIssuanceRequest(false)
	request.Disclose = irma.AttributeDisjunctionList{
108
109
		&irma.AttributeDisjunction{Label: "foo", Attributes: []irma.AttributeTypeIdentifier{id}},
	}
Sietse Ringers's avatar
Sietse Ringers committed
110
	return request
Sietse Ringers's avatar
Sietse Ringers committed
111
112
}

Sietse Ringers's avatar
Sietse Ringers committed
113
var TestType = "irmaserver-jwt"
114
115
116
117
118
119
120
121
122

func startSession(t *testing.T, request irma.SessionRequest, sessiontype string) (*irma.Qr, string) {
	var qr irma.Qr
	var err error
	var token string

	switch TestType {
	case "apiserver":
		url := "http://localhost:8088/irma_api_server/api/v2/" + sessiontype
123
		err = irma.NewHTTPTransport(url).Post("", &qr, getJwt(t, request, sessiontype, jwt.SigningMethodNone))
124
125
126
127
		token = qr.URL
		qr.URL = url + "/" + qr.URL
	case "irmaserver-jwt":
		url := "http://localhost:48682"
128
129
130
131
132
		err = irma.NewHTTPTransport(url).Post("session", &qr, getJwt(t, request, sessiontype, jwt.SigningMethodRS256))
		token = tokenFromURL(qr.URL)
	case "irmaserver-hmac-jwt":
		url := "http://localhost:48682"
		err = irma.NewHTTPTransport(url).Post("session", &qr, getJwt(t, request, sessiontype, jwt.SigningMethodHS256))
Sietse Ringers's avatar
Sietse Ringers committed
133
		token = tokenFromURL(qr.URL)
134
135
	case "irmaserver":
		url := "http://localhost:48682"
136
		err = irma.NewHTTPTransport(url).Post("session", &qr, request)
Sietse Ringers's avatar
Sietse Ringers committed
137
		token = tokenFromURL(qr.URL)
138
139
140
141
142
143
144
145
	default:
		t.Fatal("Invalid TestType")
	}

	require.NoError(t, err)
	return &qr, token
}

Sietse Ringers's avatar
Sietse Ringers committed
146
147
148
149
150
151
152
153
func tokenFromURL(url string) string {
	parts := strings.Split(url, "/")
	if len(parts) == 0 {
		return ""
	}
	return parts[len(parts)-1]
}

154
func getJwt(t *testing.T, request irma.SessionRequest, sessiontype string, alg jwt.SigningMethod) string {
155
	var jwtcontents irma.RequestorJwt
156
157
	var kid string
	switch sessiontype {
Sietse Ringers's avatar
Sietse Ringers committed
158
	case "issue":
159
		kid = "testip"
Sietse Ringers's avatar
Sietse Ringers committed
160
161
		jwtcontents = irma.NewIdentityProviderJwt("testip", request.(*irma.IssuanceRequest))
	case "verification":
162
		kid = "testsp"
Sietse Ringers's avatar
Sietse Ringers committed
163
164
		jwtcontents = irma.NewServiceProviderJwt("testsp", request.(*irma.DisclosureRequest))
	case "signature":
165
		kid = "testsigclient"
Sietse Ringers's avatar
Sietse Ringers committed
166
		jwtcontents = irma.NewSignatureRequestorJwt("testsigclient", request.(*irma.SignatureRequest))
167
168
	}

169
170
	var j string
	var err error
171
172
173

	switch alg {
	case jwt.SigningMethodRS256:
174
175
176
177
178
179
180
		skbts, err := ioutil.ReadFile(filepath.Join(test.FindTestdataFolder(t), "jwtkeys", "requestor1-sk.pem"))
		require.NoError(t, err)
		sk, err := jwt.ParseRSAPrivateKeyFromPEM(skbts)
		require.NoError(t, err)
		tok := jwt.NewWithClaims(jwt.SigningMethodRS256, jwtcontents)
		tok.Header["kid"] = "requestor1"
		j, err = tok.SignedString(sk)
181
182
183
184
185
186
187
	case jwt.SigningMethodHS256:
		tok := jwt.NewWithClaims(jwt.SigningMethodHS256, jwtcontents)
		tok.Header["kid"] = "requestor3"
		bts, err := base64.StdEncoding.DecodeString(JwtServerConfiguration.Requestors["requestor3"].AuthenticationKey)
		require.NoError(t, err)
		j, err = tok.SignedString(bts)
	case jwt.SigningMethodNone:
188
189
190
191
		tok := jwt.NewWithClaims(jwt.SigningMethodNone, jwtcontents)
		tok.Header["kid"] = kid
		j, err = tok.SignedString(jwt.UnsafeAllowNoneSignatureType)
	}
192
193
	require.NoError(t, err)

194
	return j
Sietse Ringers's avatar
Sietse Ringers committed
195
196
}

197
func sessionHelper(t *testing.T, request irma.SessionRequest, sessiontype string, client *irmaclient.Client) {
Sietse Ringers's avatar
Sietse Ringers committed
198
199
200
201
202
	if client == nil {
		client = parseStorage(t)
		defer test.ClearTestStorage(t)
	}

203
	if TestType == "irmaserver" || TestType == "irmaserver-jwt" || TestType == "irmaserver-hmac-jwt" {
Sietse Ringers's avatar
Sietse Ringers committed
204
205
206
207
		StartIrmaServer(JwtServerConfiguration)
		defer StopIrmaServer()
	}

208
	qr, _ := startSession(t, request, sessiontype)
209
210
211

	c := make(chan *SessionResult)
	h := TestHandler{t, c, client}
212
	qrjson, err := json.Marshal(qr)
213
	require.NoError(t, err)
214
	client.NewSession(string(qrjson), h)
215
216
217
218
219
220

	if result := <-c; result != nil {
		require.NoError(t, result.Err)
	}
}

221
func keyshareSessions(t *testing.T, client *irmaclient.Client) {
222
223
	id := irma.NewAttributeTypeIdentifier("irma-demo.RU.studentCard.studentID")
	expiry := irma.Timestamp(irma.NewMetadataAttribute(0).Expiry())
Sietse Ringers's avatar
Sietse Ringers committed
224
225
	issuanceRequest := getCombinedIssuanceRequest(id)
	issuanceRequest.Credentials = append(issuanceRequest.Credentials,
226
227
		&irma.CredentialRequest{
			Validity:         &expiry,
228
			CredentialTypeID: irma.NewCredentialTypeIdentifier("test.test.mijnirma"),
229
230
231
			Attributes:       map[string]string{"email": "testusername"},
		},
	)
Sietse Ringers's avatar
Sietse Ringers committed
232
	sessionHelper(t, issuanceRequest, "issue", client)
233

Sietse Ringers's avatar
Sietse Ringers committed
234
235
	disclosureRequest := getDisclosureRequest(id)
	disclosureRequest.Content = append(disclosureRequest.Content,
236
237
238
239
240
		&irma.AttributeDisjunction{
			Label:      "foo",
			Attributes: []irma.AttributeTypeIdentifier{irma.NewAttributeTypeIdentifier("test.test.mijnirma.email")},
		},
	)
Sietse Ringers's avatar
Sietse Ringers committed
241
	sessionHelper(t, disclosureRequest, "verification", client)
242

Sietse Ringers's avatar
Sietse Ringers committed
243
244
	sigRequest := getSigningRequest(id)
	sigRequest.Content = append(sigRequest.Content,
245
246
247
248
249
		&irma.AttributeDisjunction{
			Label:      "foo",
			Attributes: []irma.AttributeTypeIdentifier{irma.NewAttributeTypeIdentifier("test.test.mijnirma.email")},
		},
	)
Sietse Ringers's avatar
Sietse Ringers committed
250
	sessionHelper(t, sigRequest, "signature", client)
251
252
}

Sietse Ringers's avatar
Sietse Ringers committed
253
func TestSigningSession(t *testing.T) {
254
	id := irma.NewAttributeTypeIdentifier("irma-demo.RU.studentCard.studentID")
Sietse Ringers's avatar
Sietse Ringers committed
255
256
	request := getSigningRequest(id)
	sessionHelper(t, request, "signature", nil)
Sietse Ringers's avatar
Sietse Ringers committed
257
258
259
}

func TestDisclosureSession(t *testing.T) {
260
	id := irma.NewAttributeTypeIdentifier("irma-demo.RU.studentCard.studentID")
Sietse Ringers's avatar
Sietse Ringers committed
261
262
	request := getDisclosureRequest(id)
	sessionHelper(t, request, "verification", nil)
Sietse Ringers's avatar
Sietse Ringers committed
263
264
}

265
266
func TestNoAttributeDisclosureSession(t *testing.T) {
	id := irma.NewAttributeTypeIdentifier("irma-demo.RU.studentCard")
Sietse Ringers's avatar
Sietse Ringers committed
267
268
	request := getDisclosureRequest(id)
	sessionHelper(t, request, "verification", nil)
269
270
}

Sietse Ringers's avatar
Sietse Ringers committed
271
func TestIssuanceSession(t *testing.T) {
272
	id := irma.NewAttributeTypeIdentifier("irma-demo.RU.studentCard.studentID")
Sietse Ringers's avatar
Sietse Ringers committed
273
274
	request := getCombinedIssuanceRequest(id)
	sessionHelper(t, request, "issue", nil)
Sietse Ringers's avatar
Sietse Ringers committed
275
276
}

277
278
func TestDefaultCredentialValidity(t *testing.T) {
	client := parseStorage(t)
Sietse Ringers's avatar
Sietse Ringers committed
279
280
	request := getIssuanceRequest(true)
	sessionHelper(t, request, "issue", client)
281
282
}

283
func TestIssuanceOptionalEmptyAttributes(t *testing.T) {
284
	req := getNameIssuanceRequest()
Sietse Ringers's avatar
Sietse Ringers committed
285
	sessionHelper(t, req, "issue", nil)
286
287
288
289
290
}

func TestIssuanceOptionalZeroLengthAttributes(t *testing.T) {
	req := getNameIssuanceRequest()
	req.Credentials[0].Attributes["prefix"] = ""
Sietse Ringers's avatar
Sietse Ringers committed
291
	sessionHelper(t, req, "issue", nil)
292
293
294
}

func TestIssuanceOptionalSetAttributes(t *testing.T) {
295
296
	req := getNameIssuanceRequest()
	req.Credentials[0].Attributes["prefix"] = "van"
Sietse Ringers's avatar
Sietse Ringers committed
297
	sessionHelper(t, req, "issue", nil)
298
299
}

300
301
func TestLargeAttribute(t *testing.T) {
	client := parseStorage(t)
302
303
	defer test.ClearTestStorage(t)

304
305
	require.NoError(t, client.RemoveAllCredentials())

Sietse Ringers's avatar
Sietse Ringers committed
306
307
	issuanceRequest := getSpecialIssuanceRequest(false, "1234567890123456789012345678901234567890") // 40 chars
	sessionHelper(t, issuanceRequest, "issue", client)
308

Sietse Ringers's avatar
Sietse Ringers committed
309
310
	disclosureRequest := getDisclosureRequest(irma.NewAttributeTypeIdentifier("irma-demo.RU.studentCard.university"))
	sessionHelper(t, disclosureRequest, "verification", client)
311
312
}

313
314
func TestIssuanceSingletonCredential(t *testing.T) {
	client := parseStorage(t)
315
316
	defer test.ClearTestStorage(t)

Sietse Ringers's avatar
Sietse Ringers committed
317
	request := getIssuanceRequest(true)
318
319
	credid := irma.NewCredentialTypeIdentifier("irma-demo.MijnOverheid.root")

320
	require.Nil(t, client.Attributes(credid, 0))
321

Sietse Ringers's avatar
Sietse Ringers committed
322
	sessionHelper(t, request, "issue", client)
323
324
	require.NotNil(t, client.Attributes(credid, 0))
	require.Nil(t, client.Attributes(credid, 1))
325

Sietse Ringers's avatar
Sietse Ringers committed
326
	sessionHelper(t, request, "issue", client)
327
328
	require.NotNil(t, client.Attributes(credid, 0))
	require.Nil(t, client.Attributes(credid, 1))
329
330
}

331
332
333
334
335
336
337
338
/* There is an annoying difference between how Java and Go convert big integers to and from
byte arrays: in Java the sign of the integer is taken into account, but not in Go. This means
that in Java, when converting a bigint to or from a byte array, the most significant bit
indicates the sign of the integer. In Go this is not the case. This resulted in invalid
signatures being issued in the issuance protocol in two distinct ways, of which we test here
that they have been fixed. */
func TestAttributeByteEncoding(t *testing.T) {
	client := parseStorage(t)
339
	defer test.ClearTestStorage(t)
340
341
342
343
344
345
346
	require.NoError(t, client.RemoveAllCredentials())

	/* After bitshifting the presence bit into the large attribute below, the most significant
	bit is 1. In the bigint->[]byte conversion that happens before hashing this attribute, in
	Java this results in an extra 0 byte being prepended in order to have a 0 instead as most
	significant (sign) bit. We test that the Java implementation correctly removes the extraneous
	0 byte. */
Sietse Ringers's avatar
Sietse Ringers committed
347
348
	request := getSpecialIssuanceRequest(false, "a23456789012345678901234567890")
	sessionHelper(t, request, "issue", client)
349
350
351
352
353
354
355

	/* After converting the attribute below to bytes (using UTF8, on which Java and Go do agree),
	the most significant bit of the byte version of this attribute is 1. In the []byte->bigint
	conversion that happens at that point in the Java implementation (bitshifting is done
	afterwards), this results in a negative number in Java and a positive number in Go. We test
	here that the Java correctly prepends a 0 byte just before this conversion in order to get
	the same positive bigint. */
Sietse Ringers's avatar
Sietse Ringers committed
356
357
	request = getSpecialIssuanceRequest(false, "é")
	sessionHelper(t, request, "issue", client)
358
359
}

360
// Use the existing keyshare enrollment and credentials
Sietse Ringers's avatar
Sietse Ringers committed
361
362
363
364
// in a keyshare session of each session type.
// Use keyshareuser.sql to enroll the user at the keyshare server.
func TestKeyshareSessions(t *testing.T) {
	client := parseStorage(t)
365
	defer test.ClearTestStorage(t)
Sietse Ringers's avatar
Sietse Ringers committed
366

367
	keyshareSessions(t, client)
Sietse Ringers's avatar
Sietse Ringers committed
368
}
369
370
371

func TestDisclosureNewAttributeUpdateSchemeManager(t *testing.T) {
	client := parseStorage(t)
372
	defer test.ClearTestStorage(t)
373
374
375
376
377
378
379
380
381
382
383
384
385
386
387
388
389
390
391
392
393
394
395
396

	schemeid := irma.NewSchemeManagerIdentifier("irma-demo")
	credid := irma.NewCredentialTypeIdentifier("irma-demo.RU.studentCard")
	attrid := irma.NewAttributeTypeIdentifier("irma-demo.RU.studentCard.newAttribute")
	require.False(t, client.Configuration.CredentialTypes[credid].ContainsAttribute(attrid))

	client.Configuration.SchemeManagers[schemeid].URL = "http://localhost:48681/irma_configuration_updated/irma-demo"
	disclosureRequest := irma.DisclosureRequest{
		Content: irma.AttributeDisjunctionList{
			&irma.AttributeDisjunction{
				Label: "foo",
				Attributes: []irma.AttributeTypeIdentifier{
					attrid,
				},
			},
		},
	}

	client.Configuration.Download(&disclosureRequest)
	require.True(t, client.Configuration.CredentialTypes[credid].ContainsAttribute(attrid))
}

func TestIssueNewAttributeUpdateSchemeManager(t *testing.T) {
	client := parseStorage(t)
397
398
	defer test.ClearTestStorage(t)

399
400
401
402
403
404
405
406
407
408
409
410
411
412
	schemeid := irma.NewSchemeManagerIdentifier("irma-demo")
	credid := irma.NewCredentialTypeIdentifier("irma-demo.RU.studentCard")
	attrid := irma.NewAttributeTypeIdentifier("irma-demo.RU.studentCard.newAttribute")
	require.False(t, client.Configuration.CredentialTypes[credid].ContainsAttribute(attrid))

	client.Configuration.SchemeManagers[schemeid].URL = "http://localhost:48681/irma_configuration_updated/irma-demo"
	issuanceRequest := getIssuanceRequest(true)
	issuanceRequest.Credentials[0].Attributes["newAttribute"] = "foobar"
	client.Configuration.Download(issuanceRequest)
	require.True(t, client.Configuration.CredentialTypes[credid].ContainsAttribute(attrid))
}

func TestIssueOptionalAttributeUpdateSchemeManager(t *testing.T) {
	client := parseStorage(t)
413
414
	defer test.ClearTestStorage(t)

415
416
417
418
419
420
421
422
423
424
425
426
	schemeid := irma.NewSchemeManagerIdentifier("irma-demo")
	credid := irma.NewCredentialTypeIdentifier("irma-demo.RU.studentCard")
	attrid := irma.NewAttributeTypeIdentifier("irma-demo.RU.studentCard.level")
	require.False(t, client.Configuration.CredentialTypes[credid].AttributeType(attrid).IsOptional())

	client.Configuration.SchemeManagers[schemeid].URL = "http://localhost:48681/irma_configuration_updated/irma-demo"
	issuanceRequest := getIssuanceRequest(true)
	delete(issuanceRequest.Credentials[0].Attributes, "level")
	client.Configuration.Download(issuanceRequest)
	require.True(t, client.Configuration.CredentialTypes[credid].AttributeType(attrid).IsOptional())
}

Sietse Ringers's avatar
Sietse Ringers committed
427
428
429
430
431
432
433
434
435
436
437
438
439
440
441
442
443
444
445
446
447
448
449
450
451
452
453
454
455
456
457
458
459
460
461
462
463
464
465
466
func TestIssueNewCredTypeUpdateSchemeManager(t *testing.T) {
	client := parseStorage(t)
	schemeid := irma.NewSchemeManagerIdentifier("irma-demo")
	credid := irma.NewCredentialTypeIdentifier("irma-demo.RU.studentCard")

	delete(client.Configuration.CredentialTypes, credid)
	require.NotContains(t, client.Configuration.CredentialTypes, credid)

	client.Configuration.SchemeManagers[schemeid].URL = "http://localhost:48681/irma_configuration_updated/irma-demo"
	request := getIssuanceRequest(true)
	client.Configuration.Download(request)

	require.Contains(t, client.Configuration.CredentialTypes, credid)

	test.ClearTestStorage(t)
}

func TestDisclosureNewCredTypeUpdateSchemeManager(t *testing.T) {
	client := parseStorage(t)
	schemeid := irma.NewSchemeManagerIdentifier("irma-demo")
	credid := irma.NewCredentialTypeIdentifier("irma-demo.RU.studentCard")
	attrid := irma.NewAttributeTypeIdentifier("irma-demo.RU.studentCard.level")

	delete(client.Configuration.CredentialTypes, credid)
	require.NotContains(t, client.Configuration.CredentialTypes, credid)

	client.Configuration.SchemeManagers[schemeid].URL = "http://localhost:48681/irma_configuration_updated/irma-demo"
	request := &irma.DisclosureRequest{
		Content: irma.AttributeDisjunctionList([]*irma.AttributeDisjunction{{
			Label:      "foo",
			Attributes: []irma.AttributeTypeIdentifier{attrid},
		}}),
	}
	client.Configuration.Download(request)

	require.Contains(t, client.Configuration.CredentialTypes, credid)

	test.ClearTestStorage(t)
}

467
468
469
470
471
// Test installing a new scheme manager from a qr, and do a(n issuance) session
// within this manager to test the autmatic downloading of credential definitions,
// issuers, and public keys.
func TestDownloadSchemeManager(t *testing.T) {
	client := parseStorage(t)
472
	defer test.ClearTestStorage(t)
473
474
475
476
477
478
479
480
481
482
483
484
485
486
487
488
489
490
491
492
493

	// Remove irma-demo scheme manager as we need to test adding it
	irmademo := irma.NewSchemeManagerIdentifier("irma-demo")
	require.Contains(t, client.Configuration.SchemeManagers, irmademo)
	require.NoError(t, client.Configuration.RemoveSchemeManager(irmademo, true))
	require.NotContains(t, client.Configuration.SchemeManagers, irmademo)

	// Do an add-scheme-manager-session
	c := make(chan *SessionResult)
	qr, err := json.Marshal(&irma.SchemeManagerRequest{
		Type: irma.ActionSchemeManager,
		URL:  "http://localhost:48681/irma_configuration/irma-demo",
	})
	require.NoError(t, err)
	client.NewSession(string(qr), TestHandler{t, c, client})
	if result := <-c; result != nil {
		require.NoError(t, result.Err)
	}
	require.Contains(t, client.Configuration.SchemeManagers, irmademo)

	// Do a session to test downloading of cred types, issuers and keys
Sietse Ringers's avatar
Sietse Ringers committed
494
495
	request := getCombinedIssuanceRequest(irma.NewAttributeTypeIdentifier("irma-demo.RU.studentCard.studentID"))
	sessionHelper(t, request, "issue", client)
496
497
498
499
500

	require.Contains(t, client.Configuration.SchemeManagers, irmademo)
	require.Contains(t, client.Configuration.Issuers, irma.NewIssuerIdentifier("irma-demo.RU"))
	require.Contains(t, client.Configuration.CredentialTypes, irma.NewCredentialTypeIdentifier("irma-demo.RU.studentCard"))

501
	basepath := test.FindTestdataFolder(t) + "/storage/test/irma_configuration/irma-demo"
502
503
504
505
506
507
508
509
510
511
	exists, err := fs.PathExists(basepath + "/description.xml")
	require.NoError(t, err)
	require.True(t, exists)
	exists, err = fs.PathExists(basepath + "/RU/description.xml")
	require.NoError(t, err)
	require.True(t, exists)
	exists, err = fs.PathExists(basepath + "/RU/Issues/studentCard/description.xml")
	require.NoError(t, err)
	require.True(t, exists)
}