From d4c07d53432552e64ba173d2b4263bdbae7a8141 Mon Sep 17 00:00:00 2001 From: Sanjayss04 Date: Wed, 13 Dec 2023 16:40:56 +0000 Subject: [PATCH 1/2] Updating the Esignet Test script with VCI endpoints Signed-off-by: Sanjayss04 --- {idp => Esignet}/README.md | 12 +- .../scripts/Esignet_Helper_Script.jmx | 24 +- .../scripts/Esignet_Test_Script.jmx | 3931 +++++++++++++++-- .../add_identity_request_details.csv | 0 .../support-files/biometrics_mb.txt | 0 .../center_machine_id_values.csv | 0 6 files changed, 3606 insertions(+), 361 deletions(-) rename {idp => Esignet}/README.md (94%) rename idp/scripts/IDP_Helper_Script.jmx => Esignet/scripts/Esignet_Helper_Script.jmx (93%) rename idp/scripts/IDP_Test_Script.jmx => Esignet/scripts/Esignet_Test_Script.jmx (65%) rename {idp => Esignet}/support-files/add_identity_request_details.csv (100%) rename {idp => Esignet}/support-files/biometrics_mb.txt (100%) rename {idp => Esignet}/support-files/center_machine_id_values.csv (100%) diff --git a/idp/README.md b/Esignet/README.md similarity index 94% rename from idp/README.md rename to Esignet/README.md index 27b42b71..c28f466c 100644 --- a/idp/README.md +++ b/Esignet/README.md @@ -20,12 +20,12 @@ * Create Identities in MOSIP Authentication System (Setup) : This thread contains the authorization api's for regproc and idrepo from which the auth token will be generated. There is set of 4 api's generate RID, generate UIN, add identity and add VID. From here we will get the VID which can be further used as individual id. These 4 api's are present in the loop controller where we can define the number of samples for creating identities in which "addIdentitySetup" is used as a variable. -* Create OIDC Client in MOSIP Authentication System (Setup) : This thread contains a JSR223 sampler(Generate Key Pair) from which will get a public-private key pair. The public key generated will be used in the OIDC client api to generate client id's which will be registered for both IDA and IDP. The private key generated from the sampler will be used in another JSR223 sampler(Generate Client Assertion) present in the OIDC Token (Execution). Generated client id's and there respective private key will be stored in a file which will be used further in the required api's. +* Create OIDC Client in MOSIP Authentication System (Setup) : This thread contains a JSR223 sampler(Generate Key Pair) from which will get a public-private key pair. The public key generated will be used in the OIDC client api to generate client id's which will be registered for both IDA and Esignet. The private key generated from the sampler will be used in another JSR223 sampler(Generate Client Assertion) present in the OIDC Token (Execution). Generated client id's and there respective private key will be stored in a file which will be used further in the required api's. * In the above Create OIDC Client in MOSIP Authentication System (Setup) check for the Policy name and Auth partner id for the particular env in which we are executing the scripts. The policy name provided must be associated with the correct Auth partner id. * For execution purpose neeed to check for the mentioned properties: - * esignet default properties: Update the value for the properties according to the execution setup. Perform the execution for IDP api's with redis setup. So check for the redis setup accordingly. + * esignet default properties: Update the value for the properties according to the execution setup. Perform the execution for Esignet api's with redis setup. So check for the redis setup accordingly. mosip.esignet.cache.size - Enabled while not using the redis setup. Can keep the cache size around more than 100k. mosip.esignet.cache.expire-in-seconds - 86400 mosip.esignet.access-token-expire-seconds - 86400 @@ -81,14 +81,14 @@ 9.25.6 -### Execution points for IDP Management API's +### Execution points for Esignet Management API's * Management - Create OIDC Client (Execution) : This thread group will directly execute in which we are using a counter which will generate unique client id. Because we can't generate same duplicate cliend id. * Management - Update OIDC Client : * Management Update OIDC Client (Preparation) - In this the above mentioned Create OIDC Client API will be used to generate a large number of OIDC client id samples which will get stored in a file and will be used in the execution. * Management Update OIDC Client (Execution) - Thread will use the client id file generated in the preparation part. We can reuse the file for multiple runs and the number of preparation samples should be greater or equal to the number of execution samples. -### Execution points for IDP UI API's +### Execution points for Esignet UI API's * UI - OAuth Details : * OAuth Details (Execution) - Client id created from Create OIDC Client in MOSIP Authentication System (Setup) will be loaded. Total samples created during execution can be higher in number as compared to the samples present in the file. @@ -120,7 +120,7 @@ * Link Authorization Code (Preparation) - This thread includes 6 api's OAuth Details, Generate Link Code, Link Transaction, Send OTP Linked Auth, linked authenication and linked consent api. Transaction id and linked code must be same as the one received from oauth-details and generate link code api respectively. * Link Authorization Code (Execution) - Transaction id and linked code will be used from the preparation part. -### Execution points for IDP OIDC API's +### Execution points for Esignet OIDC API's * OIDC - Authorization : Its a GET API with no preparations and application will do a browser redirect to this endpoint with all required details passed as query parameters. * OIDC - Token : @@ -133,4 +133,4 @@ * OIDC - Configuration (Execution) : Open ID Connect dynamic provider discovery is not supported currently, this endpoint is only for facilitating the OIDC provider details in a standard way. -* OIDC - JSON Web Key Set (Execution) : Endpoint to fetch all the public keys of the IdP server.Returns public key set in the JWKS format. +* OIDC - JSON Web Key Set (Execution) : Endpoint to fetch all the public keys of the Esignet server.Returns public key set in the JWKS format. diff --git a/idp/scripts/IDP_Helper_Script.jmx b/Esignet/scripts/Esignet_Helper_Script.jmx similarity index 93% rename from idp/scripts/IDP_Helper_Script.jmx rename to Esignet/scripts/Esignet_Helper_Script.jmx index 06ba85e8..338abdf2 100644 --- a/idp/scripts/IDP_Helper_Script.jmx +++ b/Esignet/scripts/Esignet_Helper_Script.jmx @@ -12,18 +12,6 @@ - - - true - false - - - - true - false - false - - @@ -48,7 +36,7 @@ serverIP - api-internal.dev.mosip.net + api-internal.cellbox.mosip.net = @@ -128,6 +116,16 @@ 16 + + + 200 + + + Assertion.response_code + false + 2 + + true authToken diff --git a/idp/scripts/IDP_Test_Script.jmx b/Esignet/scripts/Esignet_Test_Script.jmx similarity index 65% rename from idp/scripts/IDP_Test_Script.jmx rename to Esignet/scripts/Esignet_Test_Script.jmx index 60200b1a..40c4240b 100644 --- a/idp/scripts/IDP_Test_Script.jmx +++ b/Esignet/scripts/Esignet_Test_Script.jmx @@ -5,7 +5,7 @@ false true - false + true @@ -21,7 +21,7 @@ serverIP - api.dev.mosip.net + api.cellbox.mosip.net = @@ -46,17 +46,12 @@ scope - openid - = - - - acrValues - mosip:idp:acr:static-code mosip:idp:acr:generated-code + openid profile Manage-Identity-Data Manage-VID Manage-Authentication Manage-Service-Requests Manage-Credentials = serverIPInternal - api-internal.dev.mosip.net + api-internal.cellbox.mosip.net = @@ -99,9 +94,9 @@ 1 = - - serverIPIdp - idp.dev.mosip.net + + serverIpEsignet + esignet.cellbox.mosip.net = @@ -109,24 +104,19 @@ e9bb2b7c-57ca-42d5-8657-c29e30dda2c9 = - - redirectUri - https://healthservices.dev.mosip.net/userprofile - = - jwtExpireInterval - 30000 + 60000 = policyName - policy957 + policy435 = authPartnerId - dummy_relying_party549222863787 + 787 = @@ -134,10 +124,50 @@ identity.readonly = + + acrValues + mosip:idp:acr:static-code mosip:idp:acr:generated-code + = + + + policyId + 62306 + = + + + redirectUri + https://healthservices-esignet.cellbox.mosip.net/userprofile + = + + + logoUri + https://healthservices-esignet.cellbox.mosip.net/logo.png + = + + + permittedAuthorizeScopes + "Manage-Identity-Data", "Manage-VID", "Manage-Authentication", "Manage-Service-Requests", "Manage-Credentials" + = + + + partnerApiKey + 804296 + = + + + delay + 3000 + = + + + scopeVci + mosip_identity_vc_ldp + = + - + , ./authorization_token_pms.txt @@ -163,6 +193,20 @@ true + + + + false + import java.text.SimpleDateFormat; +import java.util.Calendar; +import java.util.TimeZone;//Set the format for the date-time +SimpleDateFormat dateFormat = new SimpleDateFormat("yyyy-MM-dd'T'HH:mm:ss.sss"); +dateFormat.setTimeZone(TimeZone.getTimeZone("UTC"));// Get the current time in UTC +Calendar cal = Calendar.getInstance(); +String utcTime = dateFormat.format(cal.getTime()); +vars.put("utcTime", utcTime); + + true @@ -177,7 +221,7 @@ "secretKey": "${regProcSecretKey}", "appId": "${regProcAppId}" }, - "requesttime": "${__time(YYYY-MM-dd'T'HH:mm:ss.SSS,)}Z", + "requesttime": "${utcTime}Z", "version": "1.0" } = @@ -242,7 +286,7 @@ "secretKey": "${idRepoSecretKey}", "appId": "${idRepoAppId}" }, - "requesttime": "${__time(YYYY-MM-dd'T'HH:mm:ss.SSS,)}Z", + "requesttime": "${utcTime}Z", "version": "1.0" } = @@ -546,7 +590,7 @@ - "requesttime": "2019-01-28T13:07:13.152Z", + "requesttime": "${utcTime}Z", "version": "v1.0" } = @@ -592,7 +636,7 @@ - + true @@ -605,7 +649,7 @@ "UIN":"${uin}", "vidType": "Perpetual" }, - "requesttime": "2020-06-04T08:59:37.471Z", + "requesttime": "${utcTime}Z", "version": "v1" } = @@ -650,20 +694,20 @@ 16 - + false vid "VID":"(.*?)" $1$ - uin not found + vid not found 1 - + false - ${__StringToFile(individualid_idp.txt,${vid}\n,true,)} + ${__StringToFile(individualid_esignet.txt,${vid}\n,true,)} @@ -709,6 +753,20 @@ vars.put("encodedPrivateKey", encodedPrivateKey); groovy + + + + false + import java.text.SimpleDateFormat; +import java.util.Calendar; +import java.util.TimeZone;//Set the format for the date-time +SimpleDateFormat dateFormat = new SimpleDateFormat("yyyy-MM-dd'T'HH:mm:ss.sss"); +dateFormat.setTimeZone(TimeZone.getTimeZone("UTC"));// Get the current time in UTC +Calendar cal = Calendar.getInstance(); +String utcTime = dateFormat.format(cal.getTime()); +vars.put("utcTime", utcTime); + + true @@ -718,14 +776,14 @@ vars.put("encodedPrivateKey", encodedPrivateKey); { "id": "string", "version": "string", - "requesttime": "${__time(yyyy-MM-dd'T'HH:mm:ss.sss'Z',)}", + "requesttime": "${utcTime}Z", "metadata": {}, "request": { "name": "clienta2", - "policyName": "${policyName}", + "policyId": "${policyId}", "publicKey": ${publicKey}, "authPartnerId": "${authPartnerId}", - "logoUri": "https://mosip.atlassian.net/browse/MOSIP-24363.png", + "logoUri": "${logoUri}", "redirectUris": [ "${redirectUri}" ], @@ -802,7 +860,7 @@ vars.put("encodedPrivateKey", encodedPrivateKey); false - ${__StringToFile(client_id.csv,${partnerClientId}\,${encodedPrivateKey}\n,true,)} + ${__StringToFile(client_id_esignet.csv,${partnerClientId}\,${encodedPrivateKey}\n,true,)} @@ -854,6 +912,20 @@ vars.put("publicKey", publicKey); false + + + + false + import java.text.SimpleDateFormat; +import java.util.Calendar; +import java.util.TimeZone;//Set the format for the date-time +SimpleDateFormat dateFormat = new SimpleDateFormat("yyyy-MM-dd'T'HH:mm:ss.sss"); +dateFormat.setTimeZone(TimeZone.getTimeZone("UTC"));// Get the current time in UTC +Calendar cal = Calendar.getInstance(); +String utcTime = dateFormat.format(cal.getTime()); +vars.put("utcTime", utcTime); + + true @@ -861,7 +933,7 @@ vars.put("publicKey", publicKey); false { - "requestTime": "${__time(yyyy-MM-dd'T'HH:mm:ss.sss'Z',)}", + "requestTime": "${utcTime}Z", "request": { "clientId": "${clientId}", "clientName": "Health Service", @@ -893,7 +965,7 @@ vars.put("publicKey", publicKey); ${serverPortNo} ${protocol} - /v1/idp/client-mgmt/oidc-client + /v1/esignet/client-mgmt/oidc-client POST true false @@ -985,6 +1057,20 @@ vars.put("publicKey", publicKey); false + + + + false + import java.text.SimpleDateFormat; +import java.util.Calendar; +import java.util.TimeZone;//Set the format for the date-time +SimpleDateFormat dateFormat = new SimpleDateFormat("yyyy-MM-dd'T'HH:mm:ss.sss"); +dateFormat.setTimeZone(TimeZone.getTimeZone("UTC"));// Get the current time in UTC +Calendar cal = Calendar.getInstance(); +String utcTime = dateFormat.format(cal.getTime()); +vars.put("utcTime", utcTime); + + true @@ -992,7 +1078,7 @@ vars.put("publicKey", publicKey); false { - "requestTime": "${__time(yyyy-MM-dd'T'HH:mm:ss.sss'Z',)}", + "requestTime": "${utcTime}Z", "request": { "clientId": "${updatePreparationClientId}", "clientName": "Health Service", @@ -1024,7 +1110,7 @@ vars.put("publicKey", publicKey); ${serverPortNo} ${protocol} - /v1/idp/client-mgmt/oidc-client + /v1/esignet/client-mgmt/oidc-client POST true false @@ -1112,6 +1198,20 @@ vars.put("publicKey", publicKey); updateClientId + + + + false + import java.text.SimpleDateFormat; +import java.util.Calendar; +import java.util.TimeZone;//Set the format for the date-time +SimpleDateFormat dateFormat = new SimpleDateFormat("yyyy-MM-dd'T'HH:mm:ss.sss"); +dateFormat.setTimeZone(TimeZone.getTimeZone("UTC"));// Get the current time in UTC +Calendar cal = Calendar.getInstance(); +String utcTime = dateFormat.format(cal.getTime()); +vars.put("utcTime", utcTime); + + true @@ -1119,7 +1219,7 @@ vars.put("publicKey", publicKey); false { - "requestTime": "${__time(yyyy-MM-dd'T'HH:mm:ss.sss'Z',)}", + "requestTime": "${utcTime}Z", "request": { "clientName": "Health Service", "status": "ACTIVE", @@ -1149,7 +1249,7 @@ vars.put("publicKey", publicKey); ${serverPortNo} ${protocol} - /v1/idp/client-mgmt/oidc-client/${updateClientId} + /v1/esignet/client-mgmt/oidc-client/${updateClientId} PUT true false @@ -1212,7 +1312,7 @@ vars.put("publicKey", publicKey); , - ./client_id.csv + ./client_id_esignet.csv true false true @@ -1221,6 +1321,20 @@ vars.put("publicKey", publicKey); oAuthDetailsEndpointClientId + + + + false + import java.text.SimpleDateFormat; +import java.util.Calendar; +import java.util.TimeZone;//Set the format for the date-time +SimpleDateFormat dateFormat = new SimpleDateFormat("yyyy-MM-dd'T'HH:mm:ss.sss"); +dateFormat.setTimeZone(TimeZone.getTimeZone("UTC"));// Get the current time in UTC +Calendar cal = Calendar.getInstance(); +String utcTime = dateFormat.format(cal.getTime()); +vars.put("utcTime", utcTime); + + true @@ -1228,7 +1342,7 @@ vars.put("publicKey", publicKey); false { - "requestTime": "${__time(yyyy-MM-dd'T'HH:mm:ss.sss'Z',)}", + "requestTime": "${utcTime}Z", "request": { "clientId": "${oAuthDetailsEndpointClientId}", "scope": "${scope}", @@ -1268,7 +1382,7 @@ vars.put("publicKey", publicKey); ${serverPortNo} ${protocol} - /v1/idp/authorization/oauth-details + /v1/esignet/authorization/oauth-details POST true false @@ -1335,7 +1449,7 @@ vars.put("publicKey", publicKey); , - ./client_id.csv + ./client_id_esignet.csv true false true @@ -1344,6 +1458,20 @@ vars.put("publicKey", publicKey); sendOtpClientId + + + + false + import java.text.SimpleDateFormat; +import java.util.Calendar; +import java.util.TimeZone;//Set the format for the date-time +SimpleDateFormat dateFormat = new SimpleDateFormat("yyyy-MM-dd'T'HH:mm:ss.sss"); +dateFormat.setTimeZone(TimeZone.getTimeZone("UTC"));// Get the current time in UTC +Calendar cal = Calendar.getInstance(); +String utcTime = dateFormat.format(cal.getTime()); +vars.put("utcTime", utcTime); + + true @@ -1351,7 +1479,7 @@ vars.put("publicKey", publicKey); false { - "requestTime": "${__time(yyyy-MM-dd'T'HH:mm:ss.sss'Z',)}", + "requestTime": "${utcTime}Z", "request": { "clientId": "${sendOtpClientId}", "scope": "${scope}", @@ -1391,7 +1519,7 @@ vars.put("publicKey", publicKey); ${serverPortNo} ${protocol} - /v1/idp/authorization/oauth-details + /v1/esignet/authorization/oauth-details POST true false @@ -1448,11 +1576,68 @@ vars.put("publicKey", publicKey); 1 + + false + captcha + "captcha.sitekey":"(.*?)" + $1$ + Captcha not found + 1 + + + + true + + + // Import the required Java classes +var Base64 = Java.type('java.util.Base64'); +var StandardCharsets = Java.type('java.nio.charset.StandardCharsets'); + +// Retrieve the previous response value +var jsonResponse = prev.getResponseDataAsString(); + +// Print the previous response value +log.info("Previous Response: " + jsonResponse); + +// Parse the JSON response +var jsonObject = JSON.parse(jsonResponse); +var responseObjectString = JSON.stringify(jsonObject.response); + + +// Convert JSON to base64 URL-encoded SHA-256 hash +var sha256Hash = hashSHA256(responseObjectString); +var base64UrlEncodedHash = encodeBase64Url(sha256Hash); + +//Print the sha256 value +log.info("sha256Hash Value: " + sha256Hash); + +// Print the final hash value +log.info("Final Hash Value: " + base64UrlEncodedHash); + +// Set the new variable value in JMeter +vars.put("hashValue", base64UrlEncodedHash); + +// Function to compute the SHA-256 hash +function hashSHA256(value) { + var messageDigest = Java.type('java.security.MessageDigest').getInstance('SHA-256'); + var bytes = (value).getBytes(StandardCharsets.UTF_8); + var digest = messageDigest.digest(bytes); + return digest; +} + +// Function to base64 URL-encode the hash value +function encodeBase64Url(value) { + var base64 = Base64.getUrlEncoder().withoutPadding().encodeToString(value); + return base64; +} + javascript + + false - ${__StringToFile(transaction_id_send_otp_endpoint.txt,${transactionID}\n,true,)} + ${__StringToFile(transaction_id_send_otp_endpoint.txt,${transactionID}\,${hashValue}\,${captcha}\n,true,)} @@ -1480,13 +1665,13 @@ vars.put("publicKey", publicKey); true shareMode.all false - tidSendOtp + tidSendOtp,hashValue,captcha , - ./individualid_idp.txt + ./individualid_esignet.txt true false true @@ -1495,6 +1680,20 @@ vars.put("publicKey", publicKey); sendOtpIndividualId + + + + false + import java.text.SimpleDateFormat; +import java.util.Calendar; +import java.util.TimeZone;//Set the format for the date-time +SimpleDateFormat dateFormat = new SimpleDateFormat("yyyy-MM-dd'T'HH:mm:ss.sss"); +dateFormat.setTimeZone(TimeZone.getTimeZone("UTC"));// Get the current time in UTC +Calendar cal = Calendar.getInstance(); +String utcTime = dateFormat.format(cal.getTime()); +vars.put("utcTime", utcTime); + + true @@ -1502,13 +1701,16 @@ vars.put("publicKey", publicKey); false { - "requestTime": "${__time(yyyy-MM-dd'T'HH:mm:ss.sss'Z',)}", + "requestTime": "${utcTime}Z", "request": { "transactionId": "${tidSendOtp}", "individualId": "${sendOtpIndividualId}", - "otpChannels": ["EMAIL"] + "otpChannels": ["EMAIL"], + "captchaToken" : "${captcha}" + } -} +} + = @@ -1517,7 +1719,7 @@ vars.put("publicKey", publicKey); ${serverPortNo} ${protocol} - /v1/idp/authorization/send-otp + /v1/esignet/authorization/send-otp POST true false @@ -1542,6 +1744,14 @@ vars.put("publicKey", publicKey); Cookie XSRF-TOKEN=${loadCsrfToken} + + oauth-details-hash + ${hashValue} + + + oauth-details-key + ${tidSendOtp} + @@ -1584,7 +1794,7 @@ vars.put("publicKey", publicKey); , - ./client_id.csv + ./client_id_esignet.csv true false true @@ -1596,7 +1806,7 @@ vars.put("publicKey", publicKey); , - ./individualid_idp.txt + ./individualid_esignet.txt true false true @@ -1605,6 +1815,20 @@ vars.put("publicKey", publicKey); authIndividualId + + + + false + import java.text.SimpleDateFormat; +import java.util.Calendar; +import java.util.TimeZone;//Set the format for the date-time +SimpleDateFormat dateFormat = new SimpleDateFormat("yyyy-MM-dd'T'HH:mm:ss.sss"); +dateFormat.setTimeZone(TimeZone.getTimeZone("UTC"));// Get the current time in UTC +Calendar cal = Calendar.getInstance(); +String utcTime = dateFormat.format(cal.getTime()); +vars.put("utcTime", utcTime); + + true @@ -1612,7 +1836,7 @@ vars.put("publicKey", publicKey); false { - "requestTime": "${__time(yyyy-MM-dd'T'HH:mm:ss.sss'Z',)}", + "requestTime": "${utcTime}Z", "request": { "clientId": "${authClientId}", "scope": "${scope}", @@ -1652,7 +1876,7 @@ vars.put("publicKey", publicKey); ${serverPortNo} ${protocol} - /v1/idp/authorization/oauth-details + /v1/esignet/authorization/oauth-details POST true false @@ -1709,6 +1933,15 @@ vars.put("publicKey", publicKey); 1 + + false + captcha + "captcha.sitekey":"(.*?)" + $1$ + Captcha not found + 1 + + true @@ -1717,11 +1950,12 @@ vars.put("publicKey", publicKey); false { - "requestTime": "${__time(yyyy-MM-dd'T'HH:mm:ss.sss'Z',)}", + "requestTime": "${utcTime}Z", "request": { "transactionId": "${tidAuthEndpoint}", "individualId": "${authIndividualId}", - "otpChannels": ["EMAIL"] + "otpChannels": ["EMAIL"], + "captchaToken": "${captcha}" } } = @@ -1732,7 +1966,7 @@ vars.put("publicKey", publicKey); ${serverPortNo} ${protocol} - /v1/idp/authorization/send-otp + /v1/esignet/authorization/send-otp POST true false @@ -1757,6 +1991,14 @@ vars.put("publicKey", publicKey); Cookie XSRF-TOKEN=${loadCsrfToken} + + oauth-details-hash + ${hashValue} + + + oauth-details-key + ${tidAuthEndpoint} + @@ -1780,11 +2022,60 @@ vars.put("publicKey", publicKey); 2 + + javascript + + + true + // Import the required Java classes +var Base64 = Java.type('java.util.Base64'); +var StandardCharsets = Java.type('java.nio.charset.StandardCharsets'); + +// Retrieve the previous response value +var jsonResponse = prev.getResponseDataAsString(); + +// Print the previous response value +log.info("Previous Response: " + jsonResponse); + +// Parse the JSON response +var jsonObject = JSON.parse(jsonResponse); +var responseObjectString = JSON.stringify(jsonObject.response); + +log.info("Previous Response: " + responseObjectString); + +// Convert JSON to base64 URL-encoded SHA-256 hash +var sha256Hash = hashSHA256(responseObjectString); +var base64UrlEncodedHash = encodeBase64Url(sha256Hash); + +//Print the sha256 value +log.info("sha256Hash Value: " + sha256Hash); + +// Print the final hash value +log.info("Final Hash Value: " + base64UrlEncodedHash); + +// Set the new variable value in JMeter +vars.put("hashValue", base64UrlEncodedHash); + +// Function to compute the SHA-256 hash +function hashSHA256(value) { + var messageDigest = Java.type('java.security.MessageDigest').getInstance('SHA-256'); + var bytes = (value).getBytes(StandardCharsets.UTF_8); + var digest = messageDigest.digest(bytes); + return digest; +} + +// Function to base64 URL-encode the hash value +function encodeBase64Url(value) { + var base64 = Base64.getUrlEncoder().withoutPadding().encodeToString(value); + return base64; +} + + false - ${__StringToFile(transaction_id_auth_endpoint.txt,${tidAuthEndpoint}\,${authIndividualId}\n,true,)} + ${__StringToFile(transaction_id_auth_endpoint.txt,${tidAuthEndpoint}\,${authIndividualId}\,${hashValue}\n,true,)} @@ -1812,9 +2103,23 @@ vars.put("publicKey", publicKey); true shareMode.all false - tidAuthOtpEndpoint,authOtpIndividualId + tidAuthOtpEndpoint,authOtpIndividualId,hashValue + + + + false + import java.text.SimpleDateFormat; +import java.util.Calendar; +import java.util.TimeZone;//Set the format for the date-time +SimpleDateFormat dateFormat = new SimpleDateFormat("yyyy-MM-dd'T'HH:mm:ss.sss"); +dateFormat.setTimeZone(TimeZone.getTimeZone("UTC"));// Get the current time in UTC +Calendar cal = Calendar.getInstance(); +String utcTime = dateFormat.format(cal.getTime()); +vars.put("utcTime", utcTime); + + true @@ -1822,14 +2127,15 @@ vars.put("publicKey", publicKey); false { - "requestTime": "${__time(yyyy-MM-dd'T'HH:mm:ss.sss'Z',)}", + "requestTime": "${utcTime}Z", "request": { "transactionId": "${tidAuthOtpEndpoint}", "individualId": "${authOtpIndividualId}", "challengeList": [ { "authFactorType": "OTP", - "challenge": "111111" + "challenge": "111111", + "format": "alpha-numeric" } ] } @@ -1842,7 +2148,7 @@ vars.put("publicKey", publicKey); ${serverPortNo} ${protocol} - /v1/idp/authorization/authenticate + /v1/esignet/authorization/v2/authenticate POST true false @@ -1867,6 +2173,14 @@ vars.put("publicKey", publicKey); Cookie XSRF-TOKEN=${loadCsrfToken} + + oauth-details-hash + ${hashValue} + + + oauth-details-key + ${tidAuthOtpEndpoint} + @@ -1909,7 +2223,7 @@ vars.put("publicKey", publicKey); , - ./client_id.csv + ./client_id_esignet.csv true false true @@ -1921,7 +2235,7 @@ vars.put("publicKey", publicKey); , - ./individualid_idp.txt + ./individualid_esignet.txt true false true @@ -1930,6 +2244,20 @@ vars.put("publicKey", publicKey); authCodeIndividualId + + + + false + import java.text.SimpleDateFormat; +import java.util.Calendar; +import java.util.TimeZone;//Set the format for the date-time +SimpleDateFormat dateFormat = new SimpleDateFormat("yyyy-MM-dd'T'HH:mm:ss.sss"); +dateFormat.setTimeZone(TimeZone.getTimeZone("UTC"));// Get the current time in UTC +Calendar cal = Calendar.getInstance(); +String utcTime = dateFormat.format(cal.getTime()); +vars.put("utcTime", utcTime); + + true @@ -1937,7 +2265,7 @@ vars.put("publicKey", publicKey); false { - "requestTime": "${__time(yyyy-MM-dd'T'HH:mm:ss.sss'Z',)}", + "requestTime": "${utcTime}Z", "request": { "clientId": "${authCodeClientId}", "scope": "${scope}", @@ -1977,7 +2305,7 @@ vars.put("publicKey", publicKey); ${serverPortNo} ${protocol} - /v1/idp/authorization/oauth-details + /v1/esignet/authorization/oauth-details POST true false @@ -2034,6 +2362,15 @@ vars.put("publicKey", publicKey); 1 + + false + captcha + "captcha.sitekey":"(.*?)" + $1$ + Captcha not found + 1 + + true @@ -2042,11 +2379,12 @@ vars.put("publicKey", publicKey); false { - "requestTime": "${__time(yyyy-MM-dd'T'HH:mm:ss.sss'Z',)}", + "requestTime": "${utcTime}Z", "request": { "transactionId": "${transactionIdAuthCodePrep}", "individualId": "${authCodeIndividualId}", - "otpChannels": ["EMAIL"] + "otpChannels": ["EMAIL"], + "captchaToken" : "${captcha}" } } = @@ -2057,7 +2395,7 @@ vars.put("publicKey", publicKey); ${serverPortNo} ${protocol} - /v1/idp/authorization/send-otp + /v1/esignet/authorization/send-otp POST true false @@ -2082,6 +2420,14 @@ vars.put("publicKey", publicKey); Cookie XSRF-TOKEN=${loadCsrfToken} + + oauth-details-hash + ${hashValue} + + + oauth-details-key + ${transactionIdAuthCodePrep} + @@ -2105,6 +2451,55 @@ vars.put("publicKey", publicKey); 2 + + javascript + + + true + // Import the required Java classes +var Base64 = Java.type('java.util.Base64'); +var StandardCharsets = Java.type('java.nio.charset.StandardCharsets'); + +// Retrieve the previous response value +var jsonResponse = prev.getResponseDataAsString(); + +// Print the previous response value +log.info("Previous Response: " + jsonResponse); + +// Parse the JSON response +var jsonObject = JSON.parse(jsonResponse); +var responseObjectString = JSON.stringify(jsonObject.response); + +log.info("Previous Response: " + responseObjectString); + +// Convert JSON to base64 URL-encoded SHA-256 hash +var sha256Hash = hashSHA256(responseObjectString); +var base64UrlEncodedHash = encodeBase64Url(sha256Hash); + +//Print the sha256 value +log.info("sha256Hash Value: " + sha256Hash); + +// Print the final hash value +log.info("Final Hash Value: " + base64UrlEncodedHash); + +// Set the new variable value in JMeter +vars.put("hashValue", base64UrlEncodedHash); + +// Function to compute the SHA-256 hash +function hashSHA256(value) { + var messageDigest = Java.type('java.security.MessageDigest').getInstance('SHA-256'); + var bytes = (value).getBytes(StandardCharsets.UTF_8); + var digest = messageDigest.digest(bytes); + return digest; +} + +// Function to base64 URL-encode the hash value +function encodeBase64Url(value) { + var base64 = Base64.getUrlEncoder().withoutPadding().encodeToString(value); + return base64; +} + + true @@ -2113,14 +2508,15 @@ vars.put("publicKey", publicKey); false { - "requestTime": "${__time(yyyy-MM-dd'T'HH:mm:ss.sss'Z',)}", + "requestTime": "${utcTime}Z", "request": { "transactionId": "${transactionIdAuthCodePrep}", "individualId": "${authCodeIndividualId}", "challengeList": [ { "authFactorType": "OTP", - "challenge": "111111" + "challenge": "111111", + "format": "alpha-numeric" } ] } @@ -2133,7 +2529,7 @@ vars.put("publicKey", publicKey); ${serverPortNo} ${protocol} - /v1/idp/authorization/authenticate + /v1/esignet/authorization/v2/authenticate POST true false @@ -2158,6 +2554,14 @@ vars.put("publicKey", publicKey); Cookie XSRF-TOKEN=${loadCsrfToken} + + oauth-details-hash + ${hashValue} + + + oauth-details-key + ${transactionIdAuthCodePrep} + @@ -2181,7 +2585,7 @@ vars.put("publicKey", publicKey); 2 - + false transactionID "transactionId":"(.*?)" @@ -2194,7 +2598,7 @@ vars.put("publicKey", publicKey); false - ${__StringToFile(transaction_id_authorization_code_endpoint.txt,${transactionID}\n,true,)} + ${__StringToFile(transaction_id_authorization_code_endpoint.txt,${transactionIdAuthCodePrep}\,${hashValue}\n,true,)} @@ -2222,9 +2626,23 @@ vars.put("publicKey", publicKey); true shareMode.all false - tidAuthCodeEndpoint + tidAuthCodeEndpoint,hashValue + + + + false + import java.text.SimpleDateFormat; +import java.util.Calendar; +import java.util.TimeZone;//Set the format for the date-time +SimpleDateFormat dateFormat = new SimpleDateFormat("yyyy-MM-dd'T'HH:mm:ss.sss"); +dateFormat.setTimeZone(TimeZone.getTimeZone("UTC"));// Get the current time in UTC +Calendar cal = Calendar.getInstance(); +String utcTime = dateFormat.format(cal.getTime()); +vars.put("utcTime", utcTime); + + true @@ -2232,7 +2650,7 @@ vars.put("publicKey", publicKey); false { - "requestTime": "${__time(yyyy-MM-dd'T'HH:mm:ss.sss'Z',)}", + "requestTime": "${utcTime}Z", "request": { "transactionId": "${tidAuthCodeEndpoint}", "permittedAuthorizeScopes": [], @@ -2249,7 +2667,7 @@ vars.put("publicKey", publicKey); ${serverPortNo} ${protocol} - /v1/idp/authorization/auth-code + /v1/esignet/authorization/auth-code POST true false @@ -2274,6 +2692,14 @@ vars.put("publicKey", publicKey); Cookie XSRF-TOKEN=${loadCsrfToken} + + oauth-details-hash + ${hashValue} + + + oauth-details-key + ${tidAuthCodeEndpoint} + @@ -2316,7 +2742,7 @@ vars.put("publicKey", publicKey); , - ./client_id.csv + ./client_id_esignet.csv true false true @@ -2325,6 +2751,20 @@ vars.put("publicKey", publicKey); authorizationEndpointClientId + + + + false + import java.text.SimpleDateFormat; +import java.util.Calendar; +import java.util.TimeZone;//Set the format for the date-time +SimpleDateFormat dateFormat = new SimpleDateFormat("yyyy-MM-dd'T'HH:mm:ss.sss"); +dateFormat.setTimeZone(TimeZone.getTimeZone("UTC"));// Get the current time in UTC +Calendar cal = Calendar.getInstance(); +String utcTime = dateFormat.format(cal.getTime()); +vars.put("utcTime", utcTime); + + @@ -2337,7 +2777,7 @@ vars.put("publicKey", publicKey); false - https://healthservices.dev.mosip.com/userprofile + ${redirectUri} = true redirect_uri @@ -2358,11 +2798,11 @@ vars.put("publicKey", publicKey); - ${serverIPIdp} + ${serverIpEsignet} ${serverPortNo} ${protocol} - /authorize + /v1/esignet/authorize GET true false @@ -2411,7 +2851,7 @@ vars.put("publicKey", publicKey); , - ./client_id.csv + ./client_id_esignet.csv true false true @@ -2423,7 +2863,7 @@ vars.put("publicKey", publicKey); , - ./individualid_idp.txt + ./individualid_esignet.txt true false true @@ -2432,6 +2872,20 @@ vars.put("publicKey", publicKey); tokenIndividualId + + + + false + import java.text.SimpleDateFormat; +import java.util.Calendar; +import java.util.TimeZone;//Set the format for the date-time +SimpleDateFormat dateFormat = new SimpleDateFormat("yyyy-MM-dd'T'HH:mm:ss.sss"); +dateFormat.setTimeZone(TimeZone.getTimeZone("UTC"));// Get the current time in UTC +Calendar cal = Calendar.getInstance(); +String utcTime = dateFormat.format(cal.getTime()); +vars.put("utcTime", utcTime); + + true @@ -2439,7 +2893,7 @@ vars.put("publicKey", publicKey); false { - "requestTime": "${__time(yyyy-MM-dd'T'HH:mm:ss.sss'Z',)}", + "requestTime": "${utcTime}Z", "request": { "clientId": "${tokenClientId}", "scope": "${scope}", @@ -2479,7 +2933,7 @@ vars.put("publicKey", publicKey); ${serverPortNo} ${protocol} - /v1/idp/authorization/oauth-details + /v1/esignet/authorization/oauth-details POST true false @@ -2536,6 +2990,15 @@ vars.put("publicKey", publicKey); 1 + + false + captcha + "captcha.sitekey":"(.*?)" + $1$ + Captcha not found + 1 + + true @@ -2544,11 +3007,12 @@ vars.put("publicKey", publicKey); false { - "requestTime": "${__time(yyyy-MM-dd'T'HH:mm:ss.sss'Z',)}", + "requestTime": "${utcTime}Z", "request": { "transactionId": "${tidTokenPrep}", "individualId": "${tokenIndividualId}", - "otpChannels": ["EMAIL"] + "otpChannels": ["EMAIL"], + "captchaToken" : "${captcha}" } } = @@ -2559,7 +3023,7 @@ vars.put("publicKey", publicKey); ${serverPortNo} ${protocol} - /v1/idp/authorization/send-otp + /v1/esignet/authorization/send-otp POST true false @@ -2584,6 +3048,14 @@ vars.put("publicKey", publicKey); Cookie XSRF-TOKEN=${loadCsrfToken} + + oauth-details-hash + ${hashValue} + + + oauth-details-key + ${tidTokenPrep} + @@ -2607,6 +3079,55 @@ vars.put("publicKey", publicKey); 2 + + javascript + + + true + // Import the required Java classes +var Base64 = Java.type('java.util.Base64'); +var StandardCharsets = Java.type('java.nio.charset.StandardCharsets'); + +// Retrieve the previous response value +var jsonResponse = prev.getResponseDataAsString(); + +// Print the previous response value +log.info("Previous Response: " + jsonResponse); + +// Parse the JSON response +var jsonObject = JSON.parse(jsonResponse); +var responseObjectString = JSON.stringify(jsonObject.response); + +log.info("Previous Response: " + responseObjectString); + +// Convert JSON to base64 URL-encoded SHA-256 hash +var sha256Hash = hashSHA256(responseObjectString); +var base64UrlEncodedHash = encodeBase64Url(sha256Hash); + +//Print the sha256 value +log.info("sha256Hash Value: " + sha256Hash); + +// Print the final hash value +log.info("Final Hash Value: " + base64UrlEncodedHash); + +// Set the new variable value in JMeter +vars.put("hashValue", base64UrlEncodedHash); + +// Function to compute the SHA-256 hash +function hashSHA256(value) { + var messageDigest = Java.type('java.security.MessageDigest').getInstance('SHA-256'); + var bytes = (value).getBytes(StandardCharsets.UTF_8); + var digest = messageDigest.digest(bytes); + return digest; +} + +// Function to base64 URL-encode the hash value +function encodeBase64Url(value) { + var base64 = Base64.getUrlEncoder().withoutPadding().encodeToString(value); + return base64; +} + + true @@ -2615,14 +3136,15 @@ vars.put("publicKey", publicKey); false { - "requestTime": "${__time(yyyy-MM-dd'T'HH:mm:ss.sss'Z',)}", + "requestTime": "${utcTime}Z", "request": { "transactionId": "${tidTokenPrep}", "individualId": "${tokenIndividualId}", "challengeList": [ { "authFactorType": "OTP", - "challenge": "111111" + "challenge": "111111", + "format": "alpha-numeric" } ] } @@ -2635,7 +3157,7 @@ vars.put("publicKey", publicKey); ${serverPortNo} ${protocol} - /v1/idp/authorization/authenticate + /v1/esignet/authorization/v2/authenticate POST true false @@ -2660,6 +3182,14 @@ vars.put("publicKey", publicKey); Cookie XSRF-TOKEN=${loadCsrfToken} + + oauth-details-hash + ${hashValue} + + + oauth-details-key + ${tidTokenPrep} + @@ -2691,7 +3221,7 @@ vars.put("publicKey", publicKey); false { - "requestTime": "${__time(yyyy-MM-dd'T'HH:mm:ss.sss'Z',)}", + "requestTime": "${utcTime}Z", "request": { "transactionId": "${tidTokenPrep}", "permittedAuthorizeScopes": [], @@ -2708,7 +3238,7 @@ vars.put("publicKey", publicKey); ${serverPortNo} ${protocol} - /v1/idp/authorization/auth-code + /v1/esignet/authorization/auth-code POST true false @@ -2733,6 +3263,14 @@ vars.put("publicKey", publicKey); Cookie XSRF-TOKEN=${loadCsrfToken} + + oauth-details-hash + ${hashValue} + + + oauth-details-key + ${tidTokenPrep} + @@ -2825,7 +3363,7 @@ String clientId = vars.get("tokenEndpointClientId") ; //Save the Secret key/ Private Key in a variable String pemPrivateKey = "-----BEGIN RSA PRIVATE KEY-----\n"+ vars.get("tokenEncodedPrivateKey") +"\n-----END RSA PRIVATE KEY-----" ; -String audience = "${protocol}"+ ":" + "//" + "${serverIP}" +"/v1/idp/oauth/token" ; +String audience = "${protocol}"+ ":" + "//" + "${serverIpEsignet}" +"/v1/esignet/oauth/token" ; PemReader pemReader = new PemReader(new StringReader (pemPrivateKey)); PemObject pemObject = pemReader.readPemObject(); @@ -2857,6 +3395,20 @@ vars.put("clientAssertionJWT", JWT); groovy + + + + false + import java.text.SimpleDateFormat; +import java.util.Calendar; +import java.util.TimeZone;//Set the format for the date-time +SimpleDateFormat dateFormat = new SimpleDateFormat("yyyy-MM-dd'T'HH:mm:ss.sss"); +dateFormat.setTimeZone(TimeZone.getTimeZone("UTC"));// Get the current time in UTC +Calendar cal = Calendar.getInstance(); +String utcTime = dateFormat.format(cal.getTime()); +vars.put("utcTime", utcTime); + + @@ -2908,7 +3460,7 @@ vars.put("clientAssertionJWT", JWT); ${serverPortNo} ${protocol} - /v1/idp/oauth/token + /v1/esignet/oauth/token POST true false @@ -2967,7 +3519,7 @@ vars.put("clientAssertionJWT", JWT); , - ./client_id.csv + ./client_id_esignet.csv true false true @@ -2979,7 +3531,7 @@ vars.put("clientAssertionJWT", JWT); , - ./individualid_idp.txt + ./individualid_esignet.txt true false true @@ -2988,6 +3540,20 @@ vars.put("clientAssertionJWT", JWT); userInfoIndividualId + + + + false + import java.text.SimpleDateFormat; +import java.util.Calendar; +import java.util.TimeZone;//Set the format for the date-time +SimpleDateFormat dateFormat = new SimpleDateFormat("yyyy-MM-dd'T'HH:mm:ss.sss"); +dateFormat.setTimeZone(TimeZone.getTimeZone("UTC"));// Get the current time in UTC +Calendar cal = Calendar.getInstance(); +String utcTime = dateFormat.format(cal.getTime()); +vars.put("utcTime", utcTime); + + true @@ -2995,7 +3561,7 @@ vars.put("clientAssertionJWT", JWT); false { - "requestTime": "${__time(yyyy-MM-dd'T'HH:mm:ss.sss'Z',)}", + "requestTime": "${utcTime}Z", "request": { "clientId": "${userInfoClientId}", "scope": "${scope}", @@ -3035,7 +3601,7 @@ vars.put("clientAssertionJWT", JWT); ${serverPortNo} ${protocol} - /v1/idp/authorization/oauth-details + /v1/esignet/authorization/oauth-details POST true false @@ -3092,6 +3658,15 @@ vars.put("clientAssertionJWT", JWT); 1 + + false + captcha + "captcha.sitekey":"(.*?)" + $1$ + Captcha not found + 1 + + true @@ -3100,11 +3675,12 @@ vars.put("clientAssertionJWT", JWT); false { - "requestTime": "${__time(yyyy-MM-dd'T'HH:mm:ss.sss'Z',)}", + "requestTime": "${utcTime}Z", "request": { "transactionId": "${tidUserInfoPrep}", "individualId": "${userInfoIndividualId}", - "otpChannels": ["EMAIL"] + "otpChannels": ["EMAIL"], + "captchaToken" : "${captcha}" } } = @@ -3115,7 +3691,7 @@ vars.put("clientAssertionJWT", JWT); ${serverPortNo} ${protocol} - /v1/idp/authorization/send-otp + /v1/esignet/authorization/send-otp POST true false @@ -3140,6 +3716,14 @@ vars.put("clientAssertionJWT", JWT); Cookie XSRF-TOKEN=${loadCsrfToken} + + oauth-details-hash + ${hashValue} + + + oauth-details-key + ${tidUserInfoPrep} + @@ -3163,6 +3747,55 @@ vars.put("clientAssertionJWT", JWT); 2 + + javascript + + + true + // Import the required Java classes +var Base64 = Java.type('java.util.Base64'); +var StandardCharsets = Java.type('java.nio.charset.StandardCharsets'); + +// Retrieve the previous response value +var jsonResponse = prev.getResponseDataAsString(); + +// Print the previous response value +log.info("Previous Response: " + jsonResponse); + +// Parse the JSON response +var jsonObject = JSON.parse(jsonResponse); +var responseObjectString = JSON.stringify(jsonObject.response); + +log.info("Previous Response: " + responseObjectString); + +// Convert JSON to base64 URL-encoded SHA-256 hash +var sha256Hash = hashSHA256(responseObjectString); +var base64UrlEncodedHash = encodeBase64Url(sha256Hash); + +//Print the sha256 value +log.info("sha256Hash Value: " + sha256Hash); + +// Print the final hash value +log.info("Final Hash Value: " + base64UrlEncodedHash); + +// Set the new variable value in JMeter +vars.put("hashValue", base64UrlEncodedHash); + +// Function to compute the SHA-256 hash +function hashSHA256(value) { + var messageDigest = Java.type('java.security.MessageDigest').getInstance('SHA-256'); + var bytes = (value).getBytes(StandardCharsets.UTF_8); + var digest = messageDigest.digest(bytes); + return digest; +} + +// Function to base64 URL-encode the hash value +function encodeBase64Url(value) { + var base64 = Base64.getUrlEncoder().withoutPadding().encodeToString(value); + return base64; +} + + true @@ -3171,14 +3804,15 @@ vars.put("clientAssertionJWT", JWT); false { - "requestTime": "${__time(yyyy-MM-dd'T'HH:mm:ss.sss'Z',)}", + "requestTime": "${utcTime}Z", "request": { "transactionId": "${tidUserInfoPrep}", "individualId": "${userInfoIndividualId}", "challengeList": [ { "authFactorType": "OTP", - "challenge": "111111" + "challenge": "111111", + "format": "alpha-numeric" } ] } @@ -3191,7 +3825,7 @@ vars.put("clientAssertionJWT", JWT); ${serverPortNo} ${protocol} - /v1/idp/authorization/authenticate + /v1/esignet/authorization/v2/authenticate POST true false @@ -3216,6 +3850,14 @@ vars.put("clientAssertionJWT", JWT); Cookie XSRF-TOKEN=${loadCsrfToken} + + oauth-details-hash + ${hashValue} + + + oauth-details-key + ${tidUserInfoPrep} + @@ -3247,7 +3889,7 @@ vars.put("clientAssertionJWT", JWT); false { - "requestTime": "${__time(yyyy-MM-dd'T'HH:mm:ss.sss'Z',)}", + "requestTime": "${utcTime}Z", "request": { "transactionId": "${tidUserInfoPrep}", "permittedAuthorizeScopes": [], @@ -3264,7 +3906,7 @@ vars.put("clientAssertionJWT", JWT); ${serverPortNo} ${protocol} - /v1/idp/authorization/auth-code + /v1/esignet/authorization/auth-code POST true false @@ -3289,6 +3931,14 @@ vars.put("clientAssertionJWT", JWT); Cookie XSRF-TOKEN=${loadCsrfToken} + + oauth-details-hash + ${hashValue} + + + oauth-details-key + ${tidUserInfoPrep} + @@ -3346,7 +3996,7 @@ String clientId = vars.get("userInfoClientId") ; String pemPrivateKey = "-----BEGIN RSA PRIVATE KEY-----\n"+ vars.get("userInfoEncodedPrivateKey") +"\n-----END RSA PRIVATE KEY-----" ; -String audience = "${protocol}"+ ":" + "//" + "${serverIP}" +"/v1/idp/oauth/token" ; +String audience = "${protocol}"+ ":" + "//" + "${serverIpEsignet}" +"/v1/esignet/oauth/token" ; PemReader pemReader = new PemReader(new StringReader (pemPrivateKey)); PemObject pemObject = pemReader.readPemObject(); @@ -3430,7 +4080,7 @@ vars.put("clientAssertionJWT", JWT); ${serverPortNo} ${protocol} - /v1/idp/oauth/token + /v1/esignet/oauth/token POST true false @@ -3502,7 +4152,7 @@ vars.put("clientAssertionJWT", JWT); true - + , ./access_token_userinfo_endpoint.txt @@ -3514,6 +4164,20 @@ vars.put("clientAssertionJWT", JWT); accessToken + + + + false + import java.text.SimpleDateFormat; +import java.util.Calendar; +import java.util.TimeZone;//Set the format for the date-time +SimpleDateFormat dateFormat = new SimpleDateFormat("yyyy-MM-dd'T'HH:mm:ss.sss"); +dateFormat.setTimeZone(TimeZone.getTimeZone("UTC"));// Get the current time in UTC +Calendar cal = Calendar.getInstance(); +String utcTime = dateFormat.format(cal.getTime()); +vars.put("utcTime", utcTime); + + @@ -3522,7 +4186,7 @@ vars.put("clientAssertionJWT", JWT); ${serverPortNo} ${protocol} - /v1/idp/oidc/userinfo + /v1/esignet/oidc/userinfo GET true false @@ -3572,15 +4236,29 @@ vars.put("clientAssertionJWT", JWT); true + + + + false + import java.text.SimpleDateFormat; +import java.util.Calendar; +import java.util.TimeZone;//Set the format for the date-time +SimpleDateFormat dateFormat = new SimpleDateFormat("yyyy-MM-dd'T'HH:mm:ss.sss"); +dateFormat.setTimeZone(TimeZone.getTimeZone("UTC"));// Get the current time in UTC +Calendar cal = Calendar.getInstance(); +String utcTime = dateFormat.format(cal.getTime()); +vars.put("utcTime", utcTime); + + - ${serverIPIdp} + ${serverIpEsignet} ${serverPortNo} ${protocol} - /.well-known/openid-configuration + /v1/esignet/oidc/.well-known/openid-configuration GET true false @@ -3626,6 +4304,20 @@ vars.put("clientAssertionJWT", JWT); true + + + + false + import java.text.SimpleDateFormat; +import java.util.Calendar; +import java.util.TimeZone;//Set the format for the date-time +SimpleDateFormat dateFormat = new SimpleDateFormat("yyyy-MM-dd'T'HH:mm:ss.sss"); +dateFormat.setTimeZone(TimeZone.getTimeZone("UTC"));// Get the current time in UTC +Calendar cal = Calendar.getInstance(); +String utcTime = dateFormat.format(cal.getTime()); +vars.put("utcTime", utcTime); + + @@ -3634,7 +4326,7 @@ vars.put("clientAssertionJWT", JWT); ${serverPortNo} ${protocol} - /v1/idp/oauth/.well-known/jwks.json + /v1/esignet/oauth/.well-known/jwks.json GET true false @@ -3693,7 +4385,7 @@ vars.put("clientAssertionJWT", JWT); , - ./client_id.csv + ./client_id_esignet.csv true false true @@ -3702,6 +4394,20 @@ vars.put("clientAssertionJWT", JWT); genLinkCodeClientId + + + + false + import java.text.SimpleDateFormat; +import java.util.Calendar; +import java.util.TimeZone;//Set the format for the date-time +SimpleDateFormat dateFormat = new SimpleDateFormat("yyyy-MM-dd'T'HH:mm:ss.sss"); +dateFormat.setTimeZone(TimeZone.getTimeZone("UTC"));// Get the current time in UTC +Calendar cal = Calendar.getInstance(); +String utcTime = dateFormat.format(cal.getTime()); +vars.put("utcTime", utcTime); + + true @@ -3749,7 +4455,7 @@ vars.put("clientAssertionJWT", JWT); ${serverPortNo} ${protocol} - /v1/idp/authorization/oauth-details + /v1/esignet/authorization/oauth-details POST true false @@ -3806,28 +4512,62 @@ vars.put("clientAssertionJWT", JWT); 1 + + true + + + // Import the required Java classes +var Base64 = Java.type('java.util.Base64'); +var StandardCharsets = Java.type('java.nio.charset.StandardCharsets'); + +// Retrieve the previous response value +var jsonResponse = prev.getResponseDataAsString(); + +// Print the previous response value +log.info("Previous Response: " + jsonResponse); + +// Parse the JSON response +var jsonObject = JSON.parse(jsonResponse); +var responseObjectString = JSON.stringify(jsonObject.response); + + +// Convert JSON to base64 URL-encoded SHA-256 hash +var sha256Hash = hashSHA256(responseObjectString); +var base64UrlEncodedHash = encodeBase64Url(sha256Hash); + +//Print the sha256 value +log.info("sha256Hash Value: " + sha256Hash); + +// Print the final hash value +log.info("Final Hash Value: " + base64UrlEncodedHash); + +// Set the new variable value in JMeter +vars.put("hashValue", base64UrlEncodedHash); + +// Function to compute the SHA-256 hash +function hashSHA256(value) { + var messageDigest = Java.type('java.security.MessageDigest').getInstance('SHA-256'); + var bytes = (value).getBytes(StandardCharsets.UTF_8); + var digest = messageDigest.digest(bytes); + return digest; +} + +// Function to base64 URL-encode the hash value +function encodeBase64Url(value) { + var base64 = Base64.getUrlEncoder().withoutPadding().encodeToString(value); + return base64; +} + javascript + + false - ${__StringToFile(transaction_id_link_code_endpoint.txt,${oAuthTransactionID}\n,true,)} + ${__StringToFile(transaction_id_link_code_endpoint.txt,${oAuthTransactionID}\,${hashValue}\,${captcha}\n,true,)} - - - - false - import java.text.SimpleDateFormat; -import java.util.Calendar; -import java.util.TimeZone;//Set the format for the date-time -SimpleDateFormat dateFormat = new SimpleDateFormat("yyyy-MM-dd'T'HH:mm:ss.sss"); -dateFormat.setTimeZone(TimeZone.getTimeZone("UTC"));// Get the current time in UTC -Calendar cal = Calendar.getInstance(); -String utcTime = dateFormat.format(cal.getTime()); -vars.put("utcTime", utcTime); - - continue @@ -3852,9 +4592,23 @@ vars.put("utcTime", utcTime); true shareMode.all false - tidLinkCode + tidLinkCode,hashValue + + + + false + import java.text.SimpleDateFormat; +import java.util.Calendar; +import java.util.TimeZone;//Set the format for the date-time +SimpleDateFormat dateFormat = new SimpleDateFormat("yyyy-MM-dd'T'HH:mm:ss.sss"); +dateFormat.setTimeZone(TimeZone.getTimeZone("UTC"));// Get the current time in UTC +Calendar cal = Calendar.getInstance(); +String utcTime = dateFormat.format(cal.getTime()); +vars.put("utcTime", utcTime); + + true @@ -3876,7 +4630,7 @@ vars.put("utcTime", utcTime); ${serverPortNo} ${protocol} - /v1/idp/linked-authorization/link-code + /v1/esignet/linked-authorization/link-code POST true false @@ -3901,6 +4655,14 @@ vars.put("utcTime", utcTime); Cookie XSRF-TOKEN=${loadCsrfToken} + + oauth-details-hash + ${hashValue} + + + oauth-details-key + ${tidLinkCode} + @@ -3925,20 +4687,6 @@ vars.put("utcTime", utcTime); - - - - false - import java.text.SimpleDateFormat; -import java.util.Calendar; -import java.util.TimeZone;//Set the format for the date-time -SimpleDateFormat dateFormat = new SimpleDateFormat("yyyy-MM-dd'T'HH:mm:ss.sss"); -dateFormat.setTimeZone(TimeZone.getTimeZone("UTC"));// Get the current time in UTC -Calendar cal = Calendar.getInstance(); -String utcTime = dateFormat.format(cal.getTime()); -vars.put("utcTime", utcTime); - - continue @@ -3957,7 +4705,7 @@ vars.put("utcTime", utcTime); , - ./client_id.csv + ./client_id_esignet.csv true false true @@ -3966,6 +4714,20 @@ vars.put("utcTime", utcTime); linkTidClientId + + + + false + import java.text.SimpleDateFormat; +import java.util.Calendar; +import java.util.TimeZone;//Set the format for the date-time +SimpleDateFormat dateFormat = new SimpleDateFormat("yyyy-MM-dd'T'HH:mm:ss.sss"); +dateFormat.setTimeZone(TimeZone.getTimeZone("UTC"));// Get the current time in UTC +Calendar cal = Calendar.getInstance(); +String utcTime = dateFormat.format(cal.getTime()); +vars.put("utcTime", utcTime); + + true @@ -4013,7 +4775,7 @@ vars.put("utcTime", utcTime); ${serverPortNo} ${protocol} - /v1/idp/authorization/oauth-details + /v1/esignet/authorization/oauth-details POST true false @@ -4063,7 +4825,7 @@ vars.put("utcTime", utcTime); false - genLinkCodeTransactionID + genLinkCodeTransactionId "transactionId":"(.*?)" $1$ transactionID not found @@ -4080,7 +4842,7 @@ vars.put("utcTime", utcTime); { "requestTime": "${utcTime}Z", "request": { - "transactionId": "${genLinkCodeTransactionID}" + "transactionId": "${genLinkCodeTransactionId}" } } @@ -4092,7 +4854,7 @@ vars.put("utcTime", utcTime); ${serverPortNo} ${protocol} - /v1/idp/linked-authorization/link-code + /v1/esignet/linked-authorization/link-code POST true false @@ -4117,6 +4879,14 @@ vars.put("utcTime", utcTime); Cookie XSRF-TOKEN=${loadCsrfToken} + + oauth-details-hash + ${hashValue} + + + oauth-details-key + ${genLinkCodeTransactionId} + @@ -4140,8 +4910,57 @@ vars.put("utcTime", utcTime); 2 - - false + + javascript + + + true + // Import the required Java classes +var Base64 = Java.type('java.util.Base64'); +var StandardCharsets = Java.type('java.nio.charset.StandardCharsets'); + +// Retrieve the previous response value +var jsonResponse = prev.getResponseDataAsString(); + +// Print the previous response value +log.info("Previous Response: " + jsonResponse); + +// Parse the JSON response +var jsonObject = JSON.parse(jsonResponse); +var responseObjectString = JSON.stringify(jsonObject.response); + +log.info("Previous Response: " + responseObjectString); + +// Convert JSON to base64 URL-encoded SHA-256 hash +var sha256Hash = hashSHA256(responseObjectString); +var base64UrlEncodedHash = encodeBase64Url(sha256Hash); + +//Print the sha256 value +log.info("sha256Hash Value: " + sha256Hash); + +// Print the final hash value +log.info("Final Hash Value: " + base64UrlEncodedHash); + +// Set the new variable value in JMeter +vars.put("hashValue", base64UrlEncodedHash); + +// Function to compute the SHA-256 hash +function hashSHA256(value) { + var messageDigest = Java.type('java.security.MessageDigest').getInstance('SHA-256'); + var bytes = (value).getBytes(StandardCharsets.UTF_8); + var digest = messageDigest.digest(bytes); + return digest; +} + +// Function to base64 URL-encode the hash value +function encodeBase64Url(value) { + var base64 = Base64.getUrlEncoder().withoutPadding().encodeToString(value); + return base64; +} + + + + false genLinkCode "linkCode":"(.*?)" $1$ @@ -4157,20 +4976,6 @@ vars.put("utcTime", utcTime); - - - - false - import java.text.SimpleDateFormat; -import java.util.Calendar; -import java.util.TimeZone;//Set the format for the date-time -SimpleDateFormat dateFormat = new SimpleDateFormat("yyyy-MM-dd'T'HH:mm:ss.sss"); -dateFormat.setTimeZone(TimeZone.getTimeZone("UTC"));// Get the current time in UTC -Calendar cal = Calendar.getInstance(); -String utcTime = dateFormat.format(cal.getTime()); -vars.put("utcTime", utcTime); - - continue @@ -4198,6 +5003,20 @@ vars.put("utcTime", utcTime); linkTransactionCode + + + + false + import java.text.SimpleDateFormat; +import java.util.Calendar; +import java.util.TimeZone;//Set the format for the date-time +SimpleDateFormat dateFormat = new SimpleDateFormat("yyyy-MM-dd'T'HH:mm:ss.sss"); +dateFormat.setTimeZone(TimeZone.getTimeZone("UTC"));// Get the current time in UTC +Calendar cal = Calendar.getInstance(); +String utcTime = dateFormat.format(cal.getTime()); +vars.put("utcTime", utcTime); + + true @@ -4218,7 +5037,7 @@ vars.put("utcTime", utcTime); ${serverPortNo} ${protocol} - /v1/idp/linked-authorization/link-transaction + /v1/esignet/linked-authorization/link-transaction POST true false @@ -4267,20 +5086,6 @@ vars.put("utcTime", utcTime); - - - - false - import java.text.SimpleDateFormat; -import java.util.Calendar; -import java.util.TimeZone;//Set the format for the date-time -SimpleDateFormat dateFormat = new SimpleDateFormat("yyyy-MM-dd'T'HH:mm:ss.sss"); -dateFormat.setTimeZone(TimeZone.getTimeZone("UTC"));// Get the current time in UTC -Calendar cal = Calendar.getInstance(); -String utcTime = dateFormat.format(cal.getTime()); -vars.put("utcTime", utcTime); - - continue @@ -4299,7 +5104,7 @@ vars.put("utcTime", utcTime); , - ./client_id.csv + ./client_id_esignet.csv true false true @@ -4308,6 +5113,20 @@ vars.put("utcTime", utcTime); sendOtpLinkedAuthClientId + + + + false + import java.text.SimpleDateFormat; +import java.util.Calendar; +import java.util.TimeZone;//Set the format for the date-time +SimpleDateFormat dateFormat = new SimpleDateFormat("yyyy-MM-dd'T'HH:mm:ss.sss"); +dateFormat.setTimeZone(TimeZone.getTimeZone("UTC"));// Get the current time in UTC +Calendar cal = Calendar.getInstance(); +String utcTime = dateFormat.format(cal.getTime()); +vars.put("utcTime", utcTime); + + true @@ -4355,7 +5174,7 @@ vars.put("utcTime", utcTime); ${serverPortNo} ${protocol} - /v1/idp/authorization/oauth-details + /v1/esignet/authorization/oauth-details POST true false @@ -4405,7 +5224,7 @@ vars.put("utcTime", utcTime); false - sentOtpTransactionID + sentOtpTransactionId "transactionId":"(.*?)" $1$ transactionID not found @@ -4422,7 +5241,7 @@ vars.put("utcTime", utcTime); { "requestTime": "${utcTime}Z", "request": { - "transactionId": "${sentOtpTransactionID}" + "transactionId": "${sentOtpTransactionId}" } } @@ -4434,7 +5253,7 @@ vars.put("utcTime", utcTime); ${serverPortNo} ${protocol} - /v1/idp/linked-authorization/link-code + /v1/esignet/linked-authorization/link-code POST true false @@ -4459,6 +5278,14 @@ vars.put("utcTime", utcTime); Cookie XSRF-TOKEN=${loadCsrfToken} + + oauth-details-hash + ${hashValue} + + + oauth-details-key + ${sentOtpTransactionId} + @@ -4491,6 +5318,55 @@ vars.put("utcTime", utcTime); 1 + + javascript + + + true + // Import the required Java classes +var Base64 = Java.type('java.util.Base64'); +var StandardCharsets = Java.type('java.nio.charset.StandardCharsets'); + +// Retrieve the previous response value +var jsonResponse = prev.getResponseDataAsString(); + +// Print the previous response value +log.info("Previous Response: " + jsonResponse); + +// Parse the JSON response +var jsonObject = JSON.parse(jsonResponse); +var responseObjectString = JSON.stringify(jsonObject.response); + +log.info("Previous Response: " + responseObjectString); + +// Convert JSON to base64 URL-encoded SHA-256 hash +var sha256Hash = hashSHA256(responseObjectString); +var base64UrlEncodedHash = encodeBase64Url(sha256Hash); + +//Print the sha256 value +log.info("sha256Hash Value: " + sha256Hash); + +// Print the final hash value +log.info("Final Hash Value: " + base64UrlEncodedHash); + +// Set the new variable value in JMeter +vars.put("hashValue", base64UrlEncodedHash); + +// Function to compute the SHA-256 hash +function hashSHA256(value) { + var messageDigest = Java.type('java.security.MessageDigest').getInstance('SHA-256'); + var bytes = (value).getBytes(StandardCharsets.UTF_8); + var digest = messageDigest.digest(bytes); + return digest; +} + +// Function to base64 URL-encode the hash value +function encodeBase64Url(value) { + var base64 = Base64.getUrlEncoder().withoutPadding().encodeToString(value); + return base64; +} + + true @@ -4512,7 +5388,7 @@ vars.put("utcTime", utcTime); ${serverPortNo} ${protocol} - /v1/idp/linked-authorization/link-transaction + /v1/esignet/linked-authorization/link-transaction POST true false @@ -4562,7 +5438,7 @@ vars.put("utcTime", utcTime); false - linkTransactionID + linkTransactionId "linkTransactionId":"(.*?)" $1$ linkTransactionID not found @@ -4573,24 +5449,10 @@ vars.put("utcTime", utcTime); false - ${__StringToFile(transaction_id_send_otp_linked_auth_endpoint.txt,${linkTransactionID}\n,true,)} + ${__StringToFile(transaction_id_send_otp_linked_auth_endpoint.txt,${linkTransactionId}\n,true,)} - - - - false - import java.text.SimpleDateFormat; -import java.util.Calendar; -import java.util.TimeZone;//Set the format for the date-time -SimpleDateFormat dateFormat = new SimpleDateFormat("yyyy-MM-dd'T'HH:mm:ss.sss"); -dateFormat.setTimeZone(TimeZone.getTimeZone("UTC"));// Get the current time in UTC -Calendar cal = Calendar.getInstance(); -String utcTime = dateFormat.format(cal.getTime()); -vars.put("utcTime", utcTime); - - continue @@ -4621,7 +5483,7 @@ vars.put("utcTime", utcTime); , - ./individualid_idp.txt + ./individualid_esignet.txt true false true @@ -4630,6 +5492,20 @@ vars.put("utcTime", utcTime); sendOtpLinkedIndividualId + + + + false + import java.text.SimpleDateFormat; +import java.util.Calendar; +import java.util.TimeZone;//Set the format for the date-time +SimpleDateFormat dateFormat = new SimpleDateFormat("yyyy-MM-dd'T'HH:mm:ss.sss"); +dateFormat.setTimeZone(TimeZone.getTimeZone("UTC"));// Get the current time in UTC +Calendar cal = Calendar.getInstance(); +String utcTime = dateFormat.format(cal.getTime()); +vars.put("utcTime", utcTime); + + true @@ -4639,11 +5515,12 @@ vars.put("utcTime", utcTime); { "requestTime": "${utcTime}Z", "request": { - "transactionId": "${tidSendOtpLinked}", + "transactionId": "${tidSendOtpLinked}", "individualId": "${sendOtpLinkedIndividualId}", "otpChannels": ["EMAIL"] } -} +} + = @@ -4652,7 +5529,7 @@ vars.put("utcTime", utcTime); ${serverPortNo} ${protocol} - /v1/idp/linked-authorization/send-otp + /v1/esignet/linked-authorization/send-otp POST true false @@ -4701,20 +5578,6 @@ vars.put("utcTime", utcTime); - - - - false - import java.text.SimpleDateFormat; -import java.util.Calendar; -import java.util.TimeZone;//Set the format for the date-time -SimpleDateFormat dateFormat = new SimpleDateFormat("yyyy-MM-dd'T'HH:mm:ss.sss"); -dateFormat.setTimeZone(TimeZone.getTimeZone("UTC"));// Get the current time in UTC -Calendar cal = Calendar.getInstance(); -String utcTime = dateFormat.format(cal.getTime()); -vars.put("utcTime", utcTime); - - continue @@ -4733,7 +5596,7 @@ vars.put("utcTime", utcTime); , - ./client_id.csv + ./client_id_esignet.csv true false true @@ -4745,7 +5608,7 @@ vars.put("utcTime", utcTime); , - ./individualid_idp.txt + ./individualid_esignet.txt true false true @@ -4754,6 +5617,20 @@ vars.put("utcTime", utcTime); linkedIndividualId + + + + false + import java.text.SimpleDateFormat; +import java.util.Calendar; +import java.util.TimeZone;//Set the format for the date-time +SimpleDateFormat dateFormat = new SimpleDateFormat("yyyy-MM-dd'T'HH:mm:ss.sss"); +dateFormat.setTimeZone(TimeZone.getTimeZone("UTC"));// Get the current time in UTC +Calendar cal = Calendar.getInstance(); +String utcTime = dateFormat.format(cal.getTime()); +vars.put("utcTime", utcTime); + + true @@ -4801,7 +5678,7 @@ vars.put("utcTime", utcTime); ${serverPortNo} ${protocol} - /v1/idp/authorization/oauth-details + /v1/esignet/authorization/oauth-details POST true false @@ -4851,7 +5728,7 @@ vars.put("utcTime", utcTime); false - linkedAuthTransactionID + linkedAuthTransactionId "transactionId":"(.*?)" $1$ transactionID not found @@ -4868,7 +5745,7 @@ vars.put("utcTime", utcTime); { "requestTime": "${utcTime}Z", "request": { - "transactionId": "${linkedAuthTransactionID}" + "transactionId": "${linkedAuthTransactionId}" } } @@ -4880,7 +5757,7 @@ vars.put("utcTime", utcTime); ${serverPortNo} ${protocol} - /v1/idp/linked-authorization/link-code + /v1/esignet/linked-authorization/link-code POST true false @@ -4905,6 +5782,14 @@ vars.put("utcTime", utcTime); Cookie XSRF-TOKEN=${loadCsrfToken} + + oauth-details-hash + ${hashValue} + + + oauth-details-key + ${linkedAuthTransactionId} + @@ -4937,6 +5822,55 @@ vars.put("utcTime", utcTime); 1 + + javascript + + + true + // Import the required Java classes +var Base64 = Java.type('java.util.Base64'); +var StandardCharsets = Java.type('java.nio.charset.StandardCharsets'); + +// Retrieve the previous response value +var jsonResponse = prev.getResponseDataAsString(); + +// Print the previous response value +log.info("Previous Response: " + jsonResponse); + +// Parse the JSON response +var jsonObject = JSON.parse(jsonResponse); +var responseObjectString = JSON.stringify(jsonObject.response); + +log.info("Previous Response: " + responseObjectString); + +// Convert JSON to base64 URL-encoded SHA-256 hash +var sha256Hash = hashSHA256(responseObjectString); +var base64UrlEncodedHash = encodeBase64Url(sha256Hash); + +//Print the sha256 value +log.info("sha256Hash Value: " + sha256Hash); + +// Print the final hash value +log.info("Final Hash Value: " + base64UrlEncodedHash); + +// Set the new variable value in JMeter +vars.put("hashValue", base64UrlEncodedHash); + +// Function to compute the SHA-256 hash +function hashSHA256(value) { + var messageDigest = Java.type('java.security.MessageDigest').getInstance('SHA-256'); + var bytes = (value).getBytes(StandardCharsets.UTF_8); + var digest = messageDigest.digest(bytes); + return digest; +} + +// Function to base64 URL-encode the hash value +function encodeBase64Url(value) { + var base64 = Base64.getUrlEncoder().withoutPadding().encodeToString(value); + return base64; +} + + true @@ -4958,7 +5892,7 @@ vars.put("utcTime", utcTime); ${serverPortNo} ${protocol} - /v1/idp/linked-authorization/link-transaction + /v1/esignet/linked-authorization/link-transaction POST true false @@ -5025,7 +5959,7 @@ vars.put("utcTime", utcTime); { "requestTime": "${utcTime}Z", "request": { - "transactionId": "${linkedTransactionID}", + "transactionId": "${linkedTransactionId}", "individualId": "${linkedIndividualId}", "otpChannels": ["EMAIL"] } @@ -5038,7 +5972,7 @@ vars.put("utcTime", utcTime); ${serverPortNo} ${protocol} - /v1/idp/linked-authorization/send-otp + /v1/esignet/linked-authorization/send-otp POST true false @@ -5094,20 +6028,6 @@ vars.put("utcTime", utcTime); - - - - false - import java.text.SimpleDateFormat; -import java.util.Calendar; -import java.util.TimeZone;//Set the format for the date-time -SimpleDateFormat dateFormat = new SimpleDateFormat("yyyy-MM-dd'T'HH:mm:ss.sss"); -dateFormat.setTimeZone(TimeZone.getTimeZone("UTC"));// Get the current time in UTC -Calendar cal = Calendar.getInstance(); -String utcTime = dateFormat.format(cal.getTime()); -vars.put("utcTime", utcTime); - - continue @@ -5135,6 +6055,20 @@ vars.put("utcTime", utcTime); tidLinkedAuth,linkedAuthIndividualId + + + + false + import java.text.SimpleDateFormat; +import java.util.Calendar; +import java.util.TimeZone;//Set the format for the date-time +SimpleDateFormat dateFormat = new SimpleDateFormat("yyyy-MM-dd'T'HH:mm:ss.sss"); +dateFormat.setTimeZone(TimeZone.getTimeZone("UTC"));// Get the current time in UTC +Calendar cal = Calendar.getInstance(); +String utcTime = dateFormat.format(cal.getTime()); +vars.put("utcTime", utcTime); + + true @@ -5149,7 +6083,8 @@ vars.put("utcTime", utcTime); "challengeList": [ { "authFactorType": "OTP", - "challenge": "111111" + "challenge": "111111", + "format": "alpha-numeric" } ] @@ -5163,7 +6098,7 @@ vars.put("utcTime", utcTime); ${serverPortNo} ${protocol} - /v1/idp/linked-authorization/authenticate + /v1/esignet/linked-authorization/authenticate POST true false @@ -5212,20 +6147,6 @@ vars.put("utcTime", utcTime); - - - - false - import java.text.SimpleDateFormat; -import java.util.Calendar; -import java.util.TimeZone;//Set the format for the date-time -SimpleDateFormat dateFormat = new SimpleDateFormat("yyyy-MM-dd'T'HH:mm:ss.sss"); -dateFormat.setTimeZone(TimeZone.getTimeZone("UTC"));// Get the current time in UTC -Calendar cal = Calendar.getInstance(); -String utcTime = dateFormat.format(cal.getTime()); -vars.put("utcTime", utcTime); - - continue @@ -5244,7 +6165,7 @@ vars.put("utcTime", utcTime); , - ./client_id.csv + ./client_id_esignet.csv true false true @@ -5256,7 +6177,7 @@ vars.put("utcTime", utcTime); , - ./individualid_idp.txt + ./individualid_esignet.txt true false true @@ -5265,6 +6186,20 @@ vars.put("utcTime", utcTime); linkedConsentIndividualId + + + + false + import java.text.SimpleDateFormat; +import java.util.Calendar; +import java.util.TimeZone;//Set the format for the date-time +SimpleDateFormat dateFormat = new SimpleDateFormat("yyyy-MM-dd'T'HH:mm:ss.sss"); +dateFormat.setTimeZone(TimeZone.getTimeZone("UTC"));// Get the current time in UTC +Calendar cal = Calendar.getInstance(); +String utcTime = dateFormat.format(cal.getTime()); +vars.put("utcTime", utcTime); + + true @@ -5275,7 +6210,7 @@ vars.put("utcTime", utcTime); "requestTime": "${utcTime}Z", "request": { "clientId": "${linkedConsentClientId}", - "scope": "${scope} ${linkedConsentScope}", + "scope": "${scope}", "responseType": "code", "redirectUri": "${redirectUri}", "display": "popup", @@ -5312,7 +6247,7 @@ vars.put("utcTime", utcTime); ${serverPortNo} ${protocol} - /v1/idp/authorization/oauth-details + /v1/esignet/authorization/oauth-details POST true false @@ -5362,7 +6297,7 @@ vars.put("utcTime", utcTime); false - consentTransactionID + consentTransactionId "transactionId":"(.*?)" $1$ transactionID not found @@ -5379,7 +6314,7 @@ vars.put("utcTime", utcTime); { "requestTime": "${utcTime}Z", "request": { - "transactionId": "${consentTransactionID}" + "transactionId": "${consentTransactionId}" } } @@ -5391,7 +6326,7 @@ vars.put("utcTime", utcTime); ${serverPortNo} ${protocol} - /v1/idp/linked-authorization/link-code + /v1/esignet/linked-authorization/link-code POST true false @@ -5416,6 +6351,14 @@ vars.put("utcTime", utcTime); Cookie XSRF-TOKEN=${loadCsrfToken} + + oauth-details-hash + ${hashValue} + + + oauth-details-key + ${consentTransactionId} + @@ -5448,6 +6391,55 @@ vars.put("utcTime", utcTime); 1 + + javascript + + + true + // Import the required Java classes +var Base64 = Java.type('java.util.Base64'); +var StandardCharsets = Java.type('java.nio.charset.StandardCharsets'); + +// Retrieve the previous response value +var jsonResponse = prev.getResponseDataAsString(); + +// Print the previous response value +log.info("Previous Response: " + jsonResponse); + +// Parse the JSON response +var jsonObject = JSON.parse(jsonResponse); +var responseObjectString = JSON.stringify(jsonObject.response); + +log.info("Previous Response: " + responseObjectString); + +// Convert JSON to base64 URL-encoded SHA-256 hash +var sha256Hash = hashSHA256(responseObjectString); +var base64UrlEncodedHash = encodeBase64Url(sha256Hash); + +//Print the sha256 value +log.info("sha256Hash Value: " + sha256Hash); + +// Print the final hash value +log.info("Final Hash Value: " + base64UrlEncodedHash); + +// Set the new variable value in JMeter +vars.put("hashValue", base64UrlEncodedHash); + +// Function to compute the SHA-256 hash +function hashSHA256(value) { + var messageDigest = Java.type('java.security.MessageDigest').getInstance('SHA-256'); + var bytes = (value).getBytes(StandardCharsets.UTF_8); + var digest = messageDigest.digest(bytes); + return digest; +} + +// Function to base64 URL-encode the hash value +function encodeBase64Url(value) { + var base64 = Base64.getUrlEncoder().withoutPadding().encodeToString(value); + return base64; +} + + true @@ -5469,7 +6461,7 @@ vars.put("utcTime", utcTime); ${serverPortNo} ${protocol} - /v1/idp/linked-authorization/link-transaction + /v1/esignet/linked-authorization/link-transaction POST true false @@ -5519,7 +6511,7 @@ vars.put("utcTime", utcTime); false - linkedConsentTransactionID + linkedConsentTransactionId "linkTransactionId":"(.*?)" $1$ linkTransactionID not found @@ -5536,7 +6528,7 @@ vars.put("utcTime", utcTime); { "requestTime": "${utcTime}Z", "request": { - "transactionId": "${linkedConsentTransactionID}", + "transactionId": "${linkedConsentTransactionId}", "individualId": "${linkedConsentIndividualId}", "otpChannels": ["EMAIL"] } @@ -5549,7 +6541,7 @@ vars.put("utcTime", utcTime); ${serverPortNo} ${protocol} - /v1/idp/linked-authorization/send-otp + /v1/esignet/linked-authorization/send-otp POST true false @@ -5607,12 +6599,13 @@ vars.put("utcTime", utcTime); { "requestTime": "${utcTime}Z", "request": { - "linkedTransactionId": "${linkedConsentTransactionID}", + "linkedTransactionId": "${linkedConsentTransactionId}", "individualId": "${linkedConsentIndividualId}", "challengeList": [ { "authFactorType": "OTP", - "challenge": "111111" + "challenge": "111111", + "format": "alpha-numeric" } ] @@ -5626,7 +6619,7 @@ vars.put("utcTime", utcTime); ${serverPortNo} ${protocol} - /v1/idp/linked-authorization/authenticate + /v1/esignet/linked-authorization/authenticate POST true false @@ -5678,24 +6671,10 @@ vars.put("utcTime", utcTime); false - ${__StringToFile(transaction_id_linked_consent_endpoint.txt,${linkedConsentTransactionID}\n,true,)} + ${__StringToFile(transaction_id_linked_consent_endpoint.txt,${linkedConsentTransactionId}\n,true,)} - - - - false - import java.text.SimpleDateFormat; -import java.util.Calendar; -import java.util.TimeZone;//Set the format for the date-time -SimpleDateFormat dateFormat = new SimpleDateFormat("yyyy-MM-dd'T'HH:mm:ss.sss"); -dateFormat.setTimeZone(TimeZone.getTimeZone("UTC"));// Get the current time in UTC -Calendar cal = Calendar.getInstance(); -String utcTime = dateFormat.format(cal.getTime()); -vars.put("utcTime", utcTime); - - continue @@ -5723,6 +6702,20 @@ vars.put("utcTime", utcTime); tidLinkedConsent + + + + false + import java.text.SimpleDateFormat; +import java.util.Calendar; +import java.util.TimeZone;//Set the format for the date-time +SimpleDateFormat dateFormat = new SimpleDateFormat("yyyy-MM-dd'T'HH:mm:ss.sss"); +dateFormat.setTimeZone(TimeZone.getTimeZone("UTC"));// Get the current time in UTC +Calendar cal = Calendar.getInstance(); +String utcTime = dateFormat.format(cal.getTime()); +vars.put("utcTime", utcTime); + + true @@ -5734,7 +6727,7 @@ vars.put("utcTime", utcTime); "request": { "linkedTransactionId": "${tidLinkedConsent}", "permittedAuthorizeScopes": [ - "${linkedConsentScope}" + ${permittedAuthorizeScopes} ], "acceptedClaims": [ ${acceptedClaims} @@ -5750,7 +6743,7 @@ vars.put("utcTime", utcTime); ${serverPortNo} ${protocol} - /v1/idp/linked-authorization/consent + /v1/esignet/linked-authorization/consent POST true false @@ -5799,20 +6792,6 @@ vars.put("utcTime", utcTime); - - - - false - import java.text.SimpleDateFormat; -import java.util.Calendar; -import java.util.TimeZone;//Set the format for the date-time -SimpleDateFormat dateFormat = new SimpleDateFormat("yyyy-MM-dd'T'HH:mm:ss.sss"); -dateFormat.setTimeZone(TimeZone.getTimeZone("UTC"));// Get the current time in UTC -Calendar cal = Calendar.getInstance(); -String utcTime = dateFormat.format(cal.getTime()); -vars.put("utcTime", utcTime); - - continue @@ -5831,7 +6810,7 @@ vars.put("utcTime", utcTime); , - ./client_id.csv + ./client_id_esignet.csv true false true @@ -5843,7 +6822,7 @@ vars.put("utcTime", utcTime); , - ./individualid_idp.txt + ./individualid_esignet.txt true false true @@ -5852,6 +6831,20 @@ vars.put("utcTime", utcTime); linkAuthCodeIndividualId + + + + false + import java.text.SimpleDateFormat; +import java.util.Calendar; +import java.util.TimeZone;//Set the format for the date-time +SimpleDateFormat dateFormat = new SimpleDateFormat("yyyy-MM-dd'T'HH:mm:ss.sss"); +dateFormat.setTimeZone(TimeZone.getTimeZone("UTC"));// Get the current time in UTC +Calendar cal = Calendar.getInstance(); +String utcTime = dateFormat.format(cal.getTime()); +vars.put("utcTime", utcTime); + + true @@ -5862,7 +6855,7 @@ vars.put("utcTime", utcTime); "requestTime": "${utcTime}Z", "request": { "clientId": "${linkAuthCodeClientId}", - "scope": "${scope} ${linkedConsentScope}", + "scope": "${scope}", "responseType": "code", "redirectUri": "${redirectUri}", "display": "popup", @@ -5899,7 +6892,7 @@ vars.put("utcTime", utcTime); ${serverPortNo} ${protocol} - /v1/idp/authorization/oauth-details + /v1/esignet/authorization/oauth-details POST true false @@ -5949,7 +6942,7 @@ vars.put("utcTime", utcTime); false - linkedAuthCodeTransactionID + linkedAuthCodeTransactionId "transactionId":"(.*?)" $1$ transactionID not found @@ -5966,7 +6959,7 @@ vars.put("utcTime", utcTime); { "requestTime": "${utcTime}Z", "request": { - "transactionId": "${linkedAuthCodeTransactionID}" + "transactionId": "${linkedAuthCodeTransactionId}" } } @@ -5978,7 +6971,7 @@ vars.put("utcTime", utcTime); ${serverPortNo} ${protocol} - /v1/idp/linked-authorization/link-code + /v1/esignet/linked-authorization/link-code POST true false @@ -6003,6 +6996,14 @@ vars.put("utcTime", utcTime); Cookie XSRF-TOKEN=${loadCsrfToken} + + oauth-details-hash + ${hashValue} + + + oauth-details-key + ${linkedAuthCodeTransactionId} + @@ -6039,9 +7040,58 @@ vars.put("utcTime", utcTime); false - ${__StringToFile(transaction_id_linked_authcode_endpoint.txt,${linkedAuthCodeTransactionID}\,${linkAuthCode}\n,true,)} + ${__StringToFile(transaction_id_linked_authcode_endpoint.txt,${linkedAuthCodeTransactionID}\,${linkAuthCode}\,${hashValue}\n,true,)} + + javascript + + + true + // Import the required Java classes +var Base64 = Java.type('java.util.Base64'); +var StandardCharsets = Java.type('java.nio.charset.StandardCharsets'); + +// Retrieve the previous response value +var jsonResponse = prev.getResponseDataAsString(); + +// Print the previous response value +log.info("Previous Response: " + jsonResponse); + +// Parse the JSON response +var jsonObject = JSON.parse(jsonResponse); +var responseObjectString = JSON.stringify(jsonObject.response); + +log.info("Previous Response: " + responseObjectString); + +// Convert JSON to base64 URL-encoded SHA-256 hash +var sha256Hash = hashSHA256(responseObjectString); +var base64UrlEncodedHash = encodeBase64Url(sha256Hash); + +//Print the sha256 value +log.info("sha256Hash Value: " + sha256Hash); + +// Print the final hash value +log.info("Final Hash Value: " + base64UrlEncodedHash); + +// Set the new variable value in JMeter +vars.put("hashValue", base64UrlEncodedHash); + +// Function to compute the SHA-256 hash +function hashSHA256(value) { + var messageDigest = Java.type('java.security.MessageDigest').getInstance('SHA-256'); + var bytes = (value).getBytes(StandardCharsets.UTF_8); + var digest = messageDigest.digest(bytes); + return digest; +} + +// Function to base64 URL-encode the hash value +function encodeBase64Url(value) { + var base64 = Base64.getUrlEncoder().withoutPadding().encodeToString(value); + return base64; +} + + true @@ -6063,7 +7113,7 @@ vars.put("utcTime", utcTime); ${serverPortNo} ${protocol} - /v1/idp/linked-authorization/link-transaction + /v1/esignet/linked-authorization/link-transaction POST true false @@ -6130,7 +7180,7 @@ vars.put("utcTime", utcTime); { "requestTime": "${utcTime}Z", "request": { - "transactionId": "${linkAuthCodeTransactionID}", + "transactionId": "${linkAuthCodeTransactionId}", "individualId": "${linkAuthCodeIndividualId}", "otpChannels": ["EMAIL"] } @@ -6143,7 +7193,7 @@ vars.put("utcTime", utcTime); ${serverPortNo} ${protocol} - /v1/idp/linked-authorization/send-otp + /v1/esignet/linked-authorization/send-otp POST true false @@ -6201,12 +7251,13 @@ vars.put("utcTime", utcTime); { "requestTime": "${utcTime}Z", "request": { - "linkedTransactionId": "${linkAuthCodeTransactionID}", + "linkedTransactionId": "${linkAuthCodeTransactionId}", "individualId": "${linkAuthCodeIndividualId}", "challengeList": [ { "authFactorType": "OTP", - "challenge": "111111" + "challenge": "111111", + "format": "alpha-numeric" } ] @@ -6220,7 +7271,7 @@ vars.put("utcTime", utcTime); ${serverPortNo} ${protocol} - /v1/idp/linked-authorization/authenticate + /v1/esignet/linked-authorization/authenticate POST true false @@ -6278,9 +7329,9 @@ vars.put("utcTime", utcTime); { "requestTime": "${utcTime}Z", "request": { - "linkedTransactionId": "${linkAuthCodeTransactionID}", + "linkedTransactionId": "${linkAuthCodeTransactionId}", "permittedAuthorizeScopes": [ - "${linkedConsentScope}" + ${permittedAuthorizeScopes} ], "acceptedClaims": [ ${acceptedClaims} @@ -6296,7 +7347,7 @@ vars.put("utcTime", utcTime); ${serverPortNo} ${protocol} - /v1/idp/linked-authorization/consent + /v1/esignet/linked-authorization/consent POST true false @@ -6345,7 +7396,34 @@ vars.put("utcTime", utcTime); - + + + continue + + false + 1 + + 1 + 1 + false + + + true + + + + , + + ./transaction_id_linked_authcode_endpoint.txt + true + false + true + shareMode.all + false + tidLinkedAuthCode,linkedAuthCode,hashValue + + + false @@ -6359,8 +7437,87 @@ String utcTime = dateFormat.format(cal.getTime()); vars.put("utcTime", utcTime); + + true + + + + false + { + "requestTime": "${utcTime}Z", + "request": { + "transactionId": "${tidLinkedAuthCode}", + "linkedCode": "${linkedAuthCode}" + } +} + + = + + + + ${serverIP} + ${serverPortNo} + ${protocol} + + /v1/esignet/linked-authorization/link-auth-code + POST + true + false + true + false + + + + + + + + + Content-Type + application/json + + + X-XSRF-TOKEN + ${loadCsrfToken} + + + Cookie + XSRF-TOKEN=${loadCsrfToken} + + + oauth-details-hash + ${hashValue} + + + oauth-details-key + ${tidLinkedAuthCode} + + + + + + + "errors":[] + + + Assertion.response_data + false + 16 + + + + + 200 + + + Assertion.response_code + false + 2 + + + - + continue false @@ -6374,32 +7531,55 @@ vars.put("utcTime", utcTime); true - + , - ./transaction_id_linked_authcode_endpoint.txt + ./client_id_esignet.csv true false true shareMode.all false - tidLinkedAuthCode,linkedAuthCode + oAuthDetailsEndpointClientId,encodedPrivateKey - + + + + false + import java.text.SimpleDateFormat; +import java.util.Calendar; +import java.util.TimeZone;//Set the format for the date-time +SimpleDateFormat dateFormat = new SimpleDateFormat("yyyy-MM-dd'T'HH:mm:ss.sss"); +dateFormat.setTimeZone(TimeZone.getTimeZone("UTC"));// Get the current time in UTC +Calendar cal = Calendar.getInstance(); +String utcTime = dateFormat.format(cal.getTime()); +vars.put("utcTime", utcTime); + + + true false { - "requestTime": "${utcTime}Z", - "request": { - "transactionId": "${tidLinkedAuthCode}", - "linkedCode": "${linkedAuthCode}" - } -} - + "requestTime": "${utcTime}Z", + "request": { + "clientId": "${oAuthDetailsEndpointClientId}", + "scope": "${scopeVci}", + "responseType": "code", + "redirectUri": "${redirectUri}", + "display": "popup", + "prompt": "login", + "acrValues": "${acrValues}", + "nonce" : "973eieljzng", + "state" : "eree2311", + "claimsLocales" : "en", + "codeChallenge" : "${codeChallenge}", + "codeChallengeMethod" : "S256" + } +} = @@ -6408,7 +7588,7 @@ vars.put("utcTime", utcTime); ${serverPortNo} ${protocol} - /v1/idp/linked-authorization/link-auth-code + /v1/esignet/authorization/v2/oauth-details POST true false @@ -6456,8 +7636,64 @@ vars.put("utcTime", utcTime); 2 + + groovy + + + true + import org.apache.commons.codec.binary.Base64; +import java.security.SecureRandom; +import java.security.MessageDigest; + +SecureRandom secureRandom = new SecureRandom(); +byte[] codeVerifierBytes = new byte[32]; // 256 bits +secureRandom.nextBytes(codeVerifierBytes); + +String codeVerifier = Base64.encodeBase64URLSafeString(codeVerifierBytes); +vars.put("codeVerifier", codeVerifier); +log.info("codeVerifier: " + codeVerifier); + +MessageDigest digest = MessageDigest.getInstance("SHA-256"); +byte[] hash = digest.digest(codeVerifier.getBytes("UTF-8")); +String codeChallenge = Base64.encodeBase64URLSafeString(hash); +vars.put("codeChallenge", codeChallenge); +log.info("codeChallenge: " + codeChallenge); + + + + + ${delay} + + - + + + continue + + false + 1 + + 1 + 1 + false + + + true + + + + , + + ./client_id_esignet.csv + true + false + true + shareMode.all + false + oAuthDetailsEndpointClientId,encodedPrivateKey + + + false @@ -6471,6 +7707,2017 @@ String utcTime = dateFormat.format(cal.getTime()); vars.put("utcTime", utcTime); + + true + + + + false + { + "requestTime": "${utcTime}Z", + "request": { + "clientId": "${oAuthDetailsEndpointClientId}", + "scope": "${scopeVci}", + "responseType": "code", + "redirectUri": "${redirectUri}", + "display": "popup", + "prompt": "login", + "acrValues": "${acrValues}", + "nonce" : "973eieljzng", + "state" : "eree2311", + "claimsLocales" : "en", + "codeChallenge" : "${codeChallenge}", + "codeChallengeMethod" : "S256" + } +} + = + + + + ${serverIP} + ${serverPortNo} + ${protocol} + + /v1/esignet/authorization/v2/oauth-details + POST + true + false + true + false + + + + + + + + + Content-Type + application/json + + + X-XSRF-TOKEN + ${loadCsrfToken} + + + Cookie + XSRF-TOKEN=${loadCsrfToken} + + + + + + + "errors":[] + + + Assertion.response_data + false + 16 + + + + + 200 + + + Assertion.response_code + false + 2 + + + + false + captcha + "captcha.sitekey":"(.*?)" + $1$ + Captcha not found + 1 + + + + false + tidVci + "transactionId":"(.*?)" + $1$ + transactionID not found + 1 + + + + groovy + + + true + import org.apache.commons.codec.binary.Base64; +import java.security.SecureRandom; +import java.security.MessageDigest; + +SecureRandom secureRandom = new SecureRandom(); +byte[] codeVerifierBytes = new byte[32]; // 256 bits +secureRandom.nextBytes(codeVerifierBytes); + +String codeVerifier = Base64.encodeBase64URLSafeString(codeVerifierBytes); +vars.put("codeVerifier", codeVerifier); +log.info("codeVerifier: " + codeVerifier); + +MessageDigest digest = MessageDigest.getInstance("SHA-256"); +byte[] hash = digest.digest(codeVerifier.getBytes("UTF-8")); +String codeChallenge = Base64.encodeBase64URLSafeString(hash); +vars.put("codeChallenge", codeChallenge); +log.info("codeChallenge: " + codeChallenge); + + + + + javascript + + + true + // Import the required Java classes +var Base64 = Java.type('java.util.Base64'); +var StandardCharsets = Java.type('java.nio.charset.StandardCharsets'); + +// Retrieve the previous response value +var jsonResponse = prev.getResponseDataAsString(); + +// Print the previous response value +log.info("Previous Response: " + jsonResponse); + +// Parse the JSON response +var jsonObject = JSON.parse(jsonResponse); +var responseObjectString = JSON.stringify(jsonObject.response); + +log.info("Previous Response: " + responseObjectString); + +// Convert JSON to base64 URL-encoded SHA-256 hash +var sha256Hash = hashSHA256(responseObjectString); +var base64UrlEncodedHash = encodeBase64Url(sha256Hash); + +//Print the sha256 value +log.info("sha256Hash Value: " + sha256Hash); + +// Print the final hash value +log.info("Final Hash Value: " + base64UrlEncodedHash); + +// Set the new variable value in JMeter +vars.put("hashValue", base64UrlEncodedHash); + +// Function to compute the SHA-256 hash +function hashSHA256(value) { + var messageDigest = Java.type('java.security.MessageDigest').getInstance('SHA-256'); + var bytes = (value).getBytes(StandardCharsets.UTF_8); + var digest = messageDigest.digest(bytes); + return digest; +} + +// Function to base64 URL-encode the hash value +function encodeBase64Url(value) { + var base64 = Base64.getUrlEncoder().withoutPadding().encodeToString(value); + return base64; +} + + + + + + false + ${__StringToFile(transaction_id_send_otp_endpoint_vci.txt,${captcha}\,${tidVci}\,${hashValue}\n,true,)} + + + + ${delay} + + + + + + continue + + false + 1 + + 1 + 1 + false + + + true + + + + , + + ./transaction_id_send_otp_endpoint_vci.txt + true + false + true + shareMode.all + false + captcha,tidSendOtpVci,hashValue + + + + , + + ./individualid_esignet.txt + true + false + true + shareMode.all + false + sendOtpIndividualId + + + + + + false + import java.text.SimpleDateFormat; +import java.util.Calendar; +import java.util.TimeZone;//Set the format for the date-time +SimpleDateFormat dateFormat = new SimpleDateFormat("yyyy-MM-dd'T'HH:mm:ss.sss"); +dateFormat.setTimeZone(TimeZone.getTimeZone("UTC"));// Get the current time in UTC +Calendar cal = Calendar.getInstance(); +String utcTime = dateFormat.format(cal.getTime()); +vars.put("utcTime", utcTime); + + + + true + + + + false + { + "requestTime": "${utcTime}Z", + "request": { + "transactionId": "${tidSendOtpVci}", + "individualId": "${sendOtpIndividualId}", + "otpChannels": ["EMAIL"], + "captchaToken" : "${captcha}" + } +} + = + + + + ${serverIP} + ${serverPortNo} + ${protocol} + + /v1/esignet/authorization/send-otp + POST + true + false + true + false + + + + + + + + + Content-Type + application/json + + + X-XSRF-TOKEN + ${loadCsrfToken} + + + Cookie + XSRF-TOKEN=${loadCsrfToken} + + + oauth-details-hash + ${hashValue} + + + oauth-details-key + ${tidSendOtpVci} + + + + + + + "errors":[] + + + Assertion.response_data + false + 16 + + + + + 200 + + + Assertion.response_code + false + 2 + + + + + + continue + + false + 1 + + 1 + 1 + false + + + true + + + + , + + ./client_id_esignet.csv + true + false + true + shareMode.all + false + oAuthDetailsEndpointClientId,encodedPrivateKey + + + + , + + ./individualid_esignet.txt + true + false + true + shareMode.all + false + authIndividualId + + + + + + false + import java.text.SimpleDateFormat; +import java.util.Calendar; +import java.util.TimeZone;//Set the format for the date-time +SimpleDateFormat dateFormat = new SimpleDateFormat("yyyy-MM-dd'T'HH:mm:ss.sss"); +dateFormat.setTimeZone(TimeZone.getTimeZone("UTC"));// Get the current time in UTC +Calendar cal = Calendar.getInstance(); +String utcTime = dateFormat.format(cal.getTime()); +vars.put("utcTime", utcTime); + + + + true + + + + false + { + "requestTime": "${utcTime}Z", + "request": { + "clientId": "${oAuthDetailsEndpointClientId}", + "scope": "${scopeVci}", + "responseType": "code", + "redirectUri": "${redirectUri}", + "display": "popup", + "prompt": "login", + "acrValues": "${acrValues}", + "nonce" : "973eieljzng", + "state" : "eree2311", + "claimsLocales" : "en", + "codeChallenge" : "${codeChallenge}", + "codeChallengeMethod" : "S256" + } +} + = + + + + ${serverIP} + ${serverPortNo} + ${protocol} + + /v1/esignet/authorization/v2/oauth-details + POST + true + false + true + false + + + + + + + + + Content-Type + application/json + + + X-XSRF-TOKEN + ${loadCsrfToken} + + + Cookie + XSRF-TOKEN=${loadCsrfToken} + + + + + + + "errors":[] + + + Assertion.response_data + false + 16 + + + + + 200 + + + Assertion.response_code + false + 2 + + + + false + captcha + "captcha.sitekey":"(.*?)" + $1$ + Captcha not found + 1 + + + + false + tidAuthVci + "transactionId":"(.*?)" + $1$ + transactionID not found + 1 + + + + groovy + + + true + import org.apache.commons.codec.binary.Base64; +import java.security.SecureRandom; +import java.security.MessageDigest; + +SecureRandom secureRandom = new SecureRandom(); +byte[] codeVerifierBytes = new byte[32]; // 256 bits +secureRandom.nextBytes(codeVerifierBytes); + +String codeVerifier = Base64.encodeBase64URLSafeString(codeVerifierBytes); +vars.put("codeVerifier", codeVerifier); +log.info("codeVerifier: " + codeVerifier); + +MessageDigest digest = MessageDigest.getInstance("SHA-256"); +byte[] hash = digest.digest(codeVerifier.getBytes("UTF-8")); +String codeChallenge = Base64.encodeBase64URLSafeString(hash); +vars.put("codeChallenge", codeChallenge); +log.info("codeChallenge: " + codeChallenge); + + + + + + true + + + + false + { + "requestTime": "${utcTime}Z", + "request": { + "transactionId": "${tidAuthVci}", + "individualId": "${authIndividualId}", + "otpChannels": ["EMAIL"], + "captchaToken" : "${captcha}" + } +} + = + + + + ${serverIP} + ${serverPortNo} + ${protocol} + + /v1/esignet/authorization/send-otp + POST + true + false + true + false + + + + + + + + + Content-Type + application/json + + + X-XSRF-TOKEN + ${loadCsrfToken} + + + Cookie + XSRF-TOKEN=${loadCsrfToken} + + + oauth-details-hash + ${hashValue} + + + oauth-details-key + ${tidAuthVci} + + + + + + + "errors":[] + + + Assertion.response_data + false + 16 + + + + + 200 + + + Assertion.response_code + false + 2 + + + + javascript + + + true + // Import the required Java classes +var Base64 = Java.type('java.util.Base64'); +var StandardCharsets = Java.type('java.nio.charset.StandardCharsets'); + +// Retrieve the previous response value +var jsonResponse = prev.getResponseDataAsString(); + +// Print the previous response value +log.info("Previous Response: " + jsonResponse); + +// Parse the JSON response +var jsonObject = JSON.parse(jsonResponse); +var responseObjectString = JSON.stringify(jsonObject.response); + +log.info("Previous Response: " + responseObjectString); + +// Convert JSON to base64 URL-encoded SHA-256 hash +var sha256Hash = hashSHA256(responseObjectString); +var base64UrlEncodedHash = encodeBase64Url(sha256Hash); + +//Print the sha256 value +log.info("sha256Hash Value: " + sha256Hash); + +// Print the final hash value +log.info("Final Hash Value: " + base64UrlEncodedHash); + +// Set the new variable value in JMeter +vars.put("hashValue", base64UrlEncodedHash); + +// Function to compute the SHA-256 hash +function hashSHA256(value) { + var messageDigest = Java.type('java.security.MessageDigest').getInstance('SHA-256'); + var bytes = (value).getBytes(StandardCharsets.UTF_8); + var digest = messageDigest.digest(bytes); + return digest; +} + +// Function to base64 URL-encode the hash value +function encodeBase64Url(value) { + var base64 = Base64.getUrlEncoder().withoutPadding().encodeToString(value); + return base64; +} + + + + false + tidSendOtpVci + "transactionId":"(.*?)" + $1$ + transactionID not found + 1 + + + + + + false + ${__StringToFile(transaction_id_auth_endpoint_vci.txt,${authIndividualId}\,${tidSendOtpVci}\,${hashValue}\n,true,)} + + + + + + continue + + false + 1 + + 1 + 1 + false + + + true + + + + , + + ./transaction_id_auth_endpoint_vci.txt + true + false + true + shareMode.all + false + authIndividualId,tidAuthVci,hashValue + + + + + + false + import java.text.SimpleDateFormat; +import java.util.Calendar; +import java.util.TimeZone;//Set the format for the date-time +SimpleDateFormat dateFormat = new SimpleDateFormat("yyyy-MM-dd'T'HH:mm:ss.sss"); +dateFormat.setTimeZone(TimeZone.getTimeZone("UTC"));// Get the current time in UTC +Calendar cal = Calendar.getInstance(); +String utcTime = dateFormat.format(cal.getTime()); +vars.put("utcTime", utcTime); + + + + true + + + + false + { + "requestTime": "${utcTime}Z", + "request": { + "transactionId": "${tidAuthVci}", + "individualId": "${authIndividualId}", + "challengeList": [ + { + "authFactorType": "OTP", + "challenge": "111111", + "format": "alpha-numeric" + } + ] + } +} + = + + + + ${serverIP} + ${serverPortNo} + ${protocol} + + /v1/esignet/authorization/v2/authenticate + POST + true + false + true + false + + + + + + + + + Content-Type + application/json + + + X-XSRF-TOKEN + ${loadCsrfToken} + + + Cookie + XSRF-TOKEN=${loadCsrfToken} + + + oauth-details-hash + ${hashValue} + + + oauth-details-key + ${tidSendOtpVci} + + + + + + + "errors":[] + + + Assertion.response_data + false + 16 + + + + + 200 + + + Assertion.response_code + false + 2 + + + + + + continue + + false + 1 + + 1 + 1 + false + + + true + + + + , + + ./client_id_esignet.csv + true + false + true + shareMode.all + false + oAuthDetailsEndpointClientId,encodedPrivateKey + + + + , + + ./individualid_esignet.txt + true + false + true + shareMode.all + false + authCodeIndividualId + + + + + + false + import java.text.SimpleDateFormat; +import java.util.Calendar; +import java.util.TimeZone;//Set the format for the date-time +SimpleDateFormat dateFormat = new SimpleDateFormat("yyyy-MM-dd'T'HH:mm:ss.sss"); +dateFormat.setTimeZone(TimeZone.getTimeZone("UTC"));// Get the current time in UTC +Calendar cal = Calendar.getInstance(); +String utcTime = dateFormat.format(cal.getTime()); +vars.put("utcTime", utcTime); + + + + true + + + + false + { + "requestTime": "${utcTime}Z", + "request": { + "clientId": "${oAuthDetailsEndpointClientId}", + "scope": "${scopeVci}", + "responseType": "code", + "redirectUri": "${redirectUri}", + "display": "popup", + "prompt": "login", + "acrValues": "${acrValues}", + "nonce" : "973eieljzng", + "state" : "eree2311", + "claimsLocales" : "en", + "codeChallenge" : "${codeChallenge}", + "codeChallengeMethod" : "S256" + } +} + = + + + + ${serverIP} + ${serverPortNo} + ${protocol} + + /v1/esignet/authorization/v2/oauth-details + POST + true + false + true + false + + + + + + + + + Content-Type + application/json + + + X-XSRF-TOKEN + ${loadCsrfToken} + + + Cookie + XSRF-TOKEN=${loadCsrfToken} + + + + + + + "errors":[] + + + Assertion.response_data + false + 16 + + + + + 200 + + + Assertion.response_code + false + 2 + + + + false + captcha + "captcha.sitekey":"(.*?)" + $1$ + Captcha not found + 1 + + + + false + tidVci + "transactionId":"(.*?)" + $1$ + transactionID not found + 1 + + + + groovy + + + true + import org.apache.commons.codec.binary.Base64; +import java.security.SecureRandom; +import java.security.MessageDigest; + +SecureRandom secureRandom = new SecureRandom(); +byte[] codeVerifierBytes = new byte[32]; // 256 bits +secureRandom.nextBytes(codeVerifierBytes); + +String codeVerifier = Base64.encodeBase64URLSafeString(codeVerifierBytes); +vars.put("codeVerifier", codeVerifier); +log.info("codeVerifier: " + codeVerifier); + +MessageDigest digest = MessageDigest.getInstance("SHA-256"); +byte[] hash = digest.digest(codeVerifier.getBytes("UTF-8")); +String codeChallenge = Base64.encodeBase64URLSafeString(hash); +vars.put("codeChallenge", codeChallenge); +log.info("codeChallenge: " + codeChallenge); + + + + + + true + + + + false + { + "requestTime": "${utcTime}Z", + "request": { + "transactionId": "${tidVci}", + "individualId": "${authCodeIndividualId}", + "otpChannels": ["EMAIL"], + "captchaToken" : "${captcha}" + } +} + = + + + + ${serverIP} + ${serverPortNo} + ${protocol} + + /v1/esignet/authorization/send-otp + POST + true + false + true + false + + + + + + + + + Content-Type + application/json + + + X-XSRF-TOKEN + ${loadCsrfToken} + + + Cookie + XSRF-TOKEN=${loadCsrfToken} + + + oauth-details-hash + ${hashValue} + + + oauth-details-key + ${tidVci} + + + + + + + "errors":[] + + + Assertion.response_data + false + 16 + + + + + 200 + + + Assertion.response_code + false + 2 + + + + false + tidSendOtpVci + "transactionId":"(.*?)" + $1$ + transactionID not found + 1 + + + + javascript + + + true + // Import the required Java classes +var Base64 = Java.type('java.util.Base64'); +var StandardCharsets = Java.type('java.nio.charset.StandardCharsets'); + +// Retrieve the previous response value +var jsonResponse = prev.getResponseDataAsString(); + +// Print the previous response value +log.info("Previous Response: " + jsonResponse); + +// Parse the JSON response +var jsonObject = JSON.parse(jsonResponse); +var responseObjectString = JSON.stringify(jsonObject.response); + +log.info("Previous Response: " + responseObjectString); + +// Convert JSON to base64 URL-encoded SHA-256 hash +var sha256Hash = hashSHA256(responseObjectString); +var base64UrlEncodedHash = encodeBase64Url(sha256Hash); + +//Print the sha256 value +log.info("sha256Hash Value: " + sha256Hash); + +// Print the final hash value +log.info("Final Hash Value: " + base64UrlEncodedHash); + +// Set the new variable value in JMeter +vars.put("hashValue", base64UrlEncodedHash); + +// Function to compute the SHA-256 hash +function hashSHA256(value) { + var messageDigest = Java.type('java.security.MessageDigest').getInstance('SHA-256'); + var bytes = (value).getBytes(StandardCharsets.UTF_8); + var digest = messageDigest.digest(bytes); + return digest; +} + +// Function to base64 URL-encode the hash value +function encodeBase64Url(value) { + var base64 = Base64.getUrlEncoder().withoutPadding().encodeToString(value); + return base64; +} + + + + + true + + + + false + { + "requestTime": "${utcTime}Z", + "request": { + "transactionId": "${tidSendOtpVci}", + "individualId": "${authCodeIndividualId}", + "challengeList": [ + { + "authFactorType": "OTP", + "challenge": "111111", + "format": "alpha-numeric" + } + ] + } +} + = + + + + ${serverIP} + ${serverPortNo} + ${protocol} + + /v1/esignet/authorization/v2/authenticate + POST + true + false + true + false + + + + + + + + + Content-Type + application/json + + + X-XSRF-TOKEN + ${loadCsrfToken} + + + Cookie + XSRF-TOKEN=${loadCsrfToken} + + + oauth-details-hash + ${hashValue} + + + oauth-details-key + ${tidSendOtpVci} + + + + + + + "errors":[] + + + Assertion.response_data + false + 16 + + + + + 200 + + + Assertion.response_code + false + 2 + + + + + + false + ${__StringToFile(transaction_id_auth_code_endpoint_vci.txt,${tidSendOtpVci}\,${hashValue}\n,true,)} + + + + + + continue + + false + 1 + + 1 + 1 + false + + + true + + + + , + + ./transaction_id_auth_code_endpoint_vci.txt + true + false + true + shareMode.all + false + tidAuthCodeVci,hashValue + + + + + + false + import java.text.SimpleDateFormat; +import java.util.Calendar; +import java.util.TimeZone;//Set the format for the date-time +SimpleDateFormat dateFormat = new SimpleDateFormat("yyyy-MM-dd'T'HH:mm:ss.sss"); +dateFormat.setTimeZone(TimeZone.getTimeZone("UTC"));// Get the current time in UTC +Calendar cal = Calendar.getInstance(); +String utcTime = dateFormat.format(cal.getTime()); +vars.put("utcTime", utcTime); + + + + true + + + + false + { + "requestTime": "${utcTime}Z", + "request": { + "transactionId": "${tidAuthCodeVci}", + "permittedAuthorizeScopes": [], + "acceptedClaims": [ + ${acceptedClaims} + ] + } +} + = + + + + ${serverIP} + ${serverPortNo} + ${protocol} + + /v1/esignet/authorization/auth-code + POST + true + false + true + false + + + + + + + + + Content-Type + application/json + + + X-XSRF-TOKEN + ${loadCsrfToken} + + + Cookie + XSRF-TOKEN=${loadCsrfToken} + + + oauth-details-hash + ${hashValue} + + + oauth-details-key + ${tidAuthCodeVci} + + + + + + + "errors":[] + + + Assertion.response_data + false + 16 + + + + + 200 + + + Assertion.response_code + false + 2 + + + + false + codeVci + "code":"(.*?)" + $1$ + Code not found + 1 + + + + 4000 + + + + + + continue + + false + 1 + + 1 + 1 + false + + + true + + + + , + + ./client_id_esignet.csv + true + false + true + shareMode.all + false + oAuthDetailsEndpointClientId,encodedPrivateKey + + + + , + + ./individualid_esignet.txt + true + false + true + shareMode.all + false + tokenIndividualId + + + + + + false + import java.text.SimpleDateFormat; +import java.util.Calendar; +import java.util.TimeZone;//Set the format for the date-time +SimpleDateFormat dateFormat = new SimpleDateFormat("yyyy-MM-dd'T'HH:mm:ss.sss"); +dateFormat.setTimeZone(TimeZone.getTimeZone("UTC"));// Get the current time in UTC +Calendar cal = Calendar.getInstance(); +String utcTime = dateFormat.format(cal.getTime()); +vars.put("utcTime", utcTime); + + + + true + + + + false + { + "requestTime": "${utcTime}Z", + "request": { + "clientId": "${oAuthDetailsEndpointClientId}", + "scope": "${scopeVci}", + "responseType": "code", + "redirectUri": "${redirectUri}", + "display": "popup", + "prompt": "login", + "acrValues": "${acrValues}", + "nonce" : "973eieljzng", + "state" : "eree2311", + "claimsLocales" : "en", + "codeChallenge" : "${codeChallenge}", + "codeChallengeMethod" : "S256" + } +} + = + + + + ${serverIP} + ${serverPortNo} + ${protocol} + + /v1/esignet/authorization/v2/oauth-details + POST + true + false + true + false + + + + + + + + + Content-Type + application/json + + + X-XSRF-TOKEN + ${loadCsrfToken} + + + Cookie + XSRF-TOKEN=${loadCsrfToken} + + + + + + + "errors":[] + + + Assertion.response_data + false + 16 + + + + + 200 + + + Assertion.response_code + false + 2 + + + + false + captcha + "captcha.sitekey":"(.*?)" + $1$ + Captcha not found + 1 + + + + false + tidVci + "transactionId":"(.*?)" + $1$ + transactionID not found + 1 + + + + groovy + + + true + import org.apache.commons.codec.binary.Base64; +import java.security.SecureRandom; +import java.security.MessageDigest; + +SecureRandom secureRandom = new SecureRandom(); +byte[] codeVerifierBytes = new byte[32]; // 256 bits +secureRandom.nextBytes(codeVerifierBytes); + +String codeVerifier = Base64.encodeBase64URLSafeString(codeVerifierBytes); +vars.put("codeVerifier", codeVerifier); +log.info("codeVerifier: " + codeVerifier); + +MessageDigest digest = MessageDigest.getInstance("SHA-256"); +byte[] hash = digest.digest(codeVerifier.getBytes("UTF-8")); +String codeChallenge = Base64.encodeBase64URLSafeString(hash); +vars.put("codeChallenge", codeChallenge); +log.info("codeChallenge: " + codeChallenge); + + + + + + true + + + + false + { + "requestTime": "${utcTime}Z", + "request": { + "transactionId": "${tidVci}", + "individualId": "${tokenIndividualId}", + "otpChannels": ["EMAIL"], + "captchaToken" : "${captcha}" + } +} + = + + + + ${serverIP} + ${serverPortNo} + ${protocol} + + /v1/esignet/authorization/send-otp + POST + true + false + true + false + + + + + + + + + Content-Type + application/json + + + X-XSRF-TOKEN + ${loadCsrfToken} + + + Cookie + XSRF-TOKEN=${loadCsrfToken} + + + oauth-details-hash + ${hashValue} + + + oauth-details-key + ${tidVci} + + + + + + + "errors":[] + + + Assertion.response_data + false + 16 + + + + + 200 + + + Assertion.response_code + false + 2 + + + + false + tidSendOtpVci + "transactionId":"(.*?)" + $1$ + transactionID not found + 1 + + + + javascript + + + true + // Import the required Java classes +var Base64 = Java.type('java.util.Base64'); +var StandardCharsets = Java.type('java.nio.charset.StandardCharsets'); + +// Retrieve the previous response value +var jsonResponse = prev.getResponseDataAsString(); + +// Print the previous response value +log.info("Previous Response: " + jsonResponse); + +// Parse the JSON response +var jsonObject = JSON.parse(jsonResponse); +var responseObjectString = JSON.stringify(jsonObject.response); + +log.info("Previous Response: " + responseObjectString); + +// Convert JSON to base64 URL-encoded SHA-256 hash +var sha256Hash = hashSHA256(responseObjectString); +var base64UrlEncodedHash = encodeBase64Url(sha256Hash); + +//Print the sha256 value +log.info("sha256Hash Value: " + sha256Hash); + +// Print the final hash value +log.info("Final Hash Value: " + base64UrlEncodedHash); + +// Set the new variable value in JMeter +vars.put("hashValue", base64UrlEncodedHash); + +// Function to compute the SHA-256 hash +function hashSHA256(value) { + var messageDigest = Java.type('java.security.MessageDigest').getInstance('SHA-256'); + var bytes = (value).getBytes(StandardCharsets.UTF_8); + var digest = messageDigest.digest(bytes); + return digest; +} + +// Function to base64 URL-encode the hash value +function encodeBase64Url(value) { + var base64 = Base64.getUrlEncoder().withoutPadding().encodeToString(value); + return base64; +} + + + + + true + + + + false + { + "requestTime": "${utcTime}Z", + "request": { + "transactionId": "${tidSendOtpVci}", + "individualId": "${tokenIndividualId}", + "challengeList": [ + { + "authFactorType": "OTP", + "challenge": "111111", + "format": "alpha-numeric" + } + ] + } +} + = + + + + ${serverIP} + ${serverPortNo} + ${protocol} + + /v1/esignet/authorization/v2/authenticate + POST + true + false + true + false + + + + + + + + + Content-Type + application/json + + + X-XSRF-TOKEN + ${loadCsrfToken} + + + Cookie + XSRF-TOKEN=${loadCsrfToken} + + + oauth-details-hash + ${hashValue} + + + oauth-details-key + ${tidSendOtpVci} + + + + + + + "errors":[] + + + Assertion.response_data + false + 16 + + + + + 200 + + + Assertion.response_code + false + 2 + + + + false + tidAuthCodeVci + "transactionId":"(.*?)" + $1$ + transactionID not found + 1 + + + + + true + + + + false + { + "requestTime": "${utcTime}Z", + "request": { + "transactionId": "${tidAuthCodeVci}", + "permittedAuthorizeScopes": [], + "acceptedClaims": [ + ${acceptedClaims} + ] + } +} + = + + + + ${serverIP} + ${serverPortNo} + ${protocol} + + /v1/esignet/authorization/auth-code + POST + true + false + true + false + + + + + + + + + Content-Type + application/json + + + X-XSRF-TOKEN + ${loadCsrfToken} + + + Cookie + XSRF-TOKEN=${loadCsrfToken} + + + oauth-details-hash + ${hashValue} + + + oauth-details-key + ${tidAuthCodeVci} + + + + + + + "errors":[] + + + Assertion.response_data + false + 16 + + + + + 200 + + + Assertion.response_code + false + 2 + + + + false + codeVci + "code":"(.*?)" + $1$ + Code not found + 1 + + + + + + false + ${__StringToFile(transaction_id_token_endpoint_vci.txt,${oAuthDetailsEndpointClientId}\,${encodedPrivateKey}\,${codeVci}\,${codeVerifier}\n,true,)} + + + + + + continue + + false + 1 + + 1 + 1 + false + + + true + + + + , + + ./transaction_id_token_endpoint_vci.txt + true + false + true + shareMode.all + false + tokenClientId,encodedPrivateKey,tokencodeVci,codeVerifier + + + + + + false + import java.text.SimpleDateFormat; +import java.util.Calendar; +import java.util.TimeZone;//Set the format for the date-time +SimpleDateFormat dateFormat = new SimpleDateFormat("yyyy-MM-dd'T'HH:mm:ss.sss"); +dateFormat.setTimeZone(TimeZone.getTimeZone("UTC"));// Get the current time in UTC +Calendar cal = Calendar.getInstance(); +String utcTime = dateFormat.format(cal.getTime()); +vars.put("utcTime", utcTime); + + + + true + + + +import java.security.KeyFactory; +import java.security.NoSuchAlgorithmException; +import java.security.PrivateKey; +import java.security.spec.InvalidKeySpecException; +import java.security.spec.PKCS8EncodedKeySpec; +import org.bouncycastle.util.io.pem.PemObject; +import org.bouncycastle.util.io.pem.PemReader; +import io.jsonwebtoken.*; +import java.util.Date; +import io.jsonwebtoken.security.Keys; +import java.security.KeyPair; + +java.security.Security.addProvider(new org.bouncycastle.jce.provider.BouncyCastleProvider()); + +String clientId = vars.get("tokenClientId") ; +log.info("clientId: " + clientId); + + +String pemPrivateKey = "-----BEGIN RSA PRIVATE KEY-----\n"+ vars.get("encodedPrivateKey") +"\n-----END RSA PRIVATE KEY-----" ; + +String audience = "${protocol}"+ ":" + "//" + "${serverIpEsignet}" +"/v1/esignet/oauth/token" ; + +PemReader pemReader = new PemReader(new StringReader (pemPrivateKey)); +PemObject pemObject = pemReader.readPemObject(); +KeyFactory kf = KeyFactory.getInstance("RSA"); +byte[] content = pemObject.getContent (); +PKCS8EncodedKeySpec keySpec = new PKCS8EncodedKeySpec(content); +PrivateKey pk = kf.generatePrivate (keySpec); +//The RS256 signature algorithm will be used to sign the token in this example +SignatureAlgorithm signatureAlgorithm = SignatureAlgorithm.RS256; +//Set the Issued date and expiry date to now +long nowMillis = System.currentTimeMillis(); +Date now = new Date(nowMillis); +long expMillis = nowMillis + ${jwtExpireInterval}; +Date exp = new Date(expMillis); + +//Build the JWT with the JwtBuilder +JwtBuilder builder = Jwts.builder() + .signWith(signatureAlgorithm,pk) + .setIssuedAt(now) + .setExpiration(exp) + .setIssuer(clientId) + .setSubject(clientId) + .setAudience(audience); + +//Save the JWT in the compact string in the jmeter variables +log.info(builder.compact().toString()); +String JWT = builder.compact().toString(); +vars.put("clientAssertionJWT", JWT); +log.info("clientAssertionJWT: ${vars.get("clientAssertionJWT")}") + groovy + + + + + + + false + authorization_code + = + true + grant_type + + + false + ${tokencodeVci} + = + true + code + + + false + ${tokenClientId} + = + true + client_id + + + false + urn:ietf:params:oauth:client-assertion-type:jwt-bearer + = + true + client_assertion_type + + + false + ${clientAssertionJWT} + = + true + client_assertion + + + false + ${redirectUri} + = + true + redirect_uri + + + false + ${codeVerifier} + = + true + code_verifier + + + + ${serverIP} + ${serverPortNo} + ${protocol} + + /v1/esignet/oauth/v2/token + POST + true + false + true + false + + + + + + + + + Content-Type + application/x-www-form-urlencoded + + + + + + + "token_type":"Bearer","access_token": + + + Assertion.response_data + false + 16 + + + + + 200 + + + Assertion.response_code + false + 2 + + + + ${delay} + + + true diff --git a/idp/support-files/add_identity_request_details.csv b/Esignet/support-files/add_identity_request_details.csv similarity index 100% rename from idp/support-files/add_identity_request_details.csv rename to Esignet/support-files/add_identity_request_details.csv diff --git a/idp/support-files/biometrics_mb.txt b/Esignet/support-files/biometrics_mb.txt similarity index 100% rename from idp/support-files/biometrics_mb.txt rename to Esignet/support-files/biometrics_mb.txt diff --git a/idp/support-files/center_machine_id_values.csv b/Esignet/support-files/center_machine_id_values.csv similarity index 100% rename from idp/support-files/center_machine_id_values.csv rename to Esignet/support-files/center_machine_id_values.csv From 570a97835035547ffb443efd004e4f8e720f2045 Mon Sep 17 00:00:00 2001 From: Sanjayss04 Date: Fri, 12 Jan 2024 12:30:13 +0000 Subject: [PATCH 2/2] Updating the Esignet Test Script with VCI Credential API and also updating the Readme file Signed-off-by: Sanjayss04 --- Esignet/README.md | 10 +- Esignet/scripts/Esignet_Test_Script.jmx | 2084 +++++------------------ 2 files changed, 436 insertions(+), 1658 deletions(-) diff --git a/Esignet/README.md b/Esignet/README.md index c28f466c..9d8f0df9 100644 --- a/Esignet/README.md +++ b/Esignet/README.md @@ -3,7 +3,8 @@ * This folder contains performance helper script and test script of below API endpoint categories. 1. Management API Endpoints 2. UI API Endpoints - 3. OIDC API Endpoints + 3. OIDC API Endpoints + 4. VCI API Endpoint * Open source Tools used, 1. [Apache JMeter](https://jmeter.apache.org/) @@ -133,4 +134,9 @@ * OIDC - Configuration (Execution) : Open ID Connect dynamic provider discovery is not supported currently, this endpoint is only for facilitating the OIDC provider details in a standard way. -* OIDC - JSON Web Key Set (Execution) : Endpoint to fetch all the public keys of the Esignet server.Returns public key set in the JWKS format. +* OIDC - JSON Web Key Set (Execution) : Endpoint to fetch all the public keys of the Esignet server.Returns public key set in the JWKS format. + +### Execution points for Esignet VCI API +* VCI - Get Credential (Praparation) - For the preparation we need 5 api's OAuth Details, Send OTP, Authentication, Authorization Code and Token Endpoint api from which a access token will be generated. Will also use a JSR223 Post processor in which we are having a groovy code which is generating a proof jwt value which will be used in the execution. Both access token and proof jwt values will be stored in a text file which will be used for execution. + +* VCI - Get Credential (Execution) - In this thread group will have the get credential endpoint API for execution which will use the generated access token and proof jwt values from the preparation part. We cant use the preparation file for multiple runs so the total number of samples generated from preparation should be equal or higher in number as compared to execution. diff --git a/Esignet/scripts/Esignet_Test_Script.jmx b/Esignet/scripts/Esignet_Test_Script.jmx index 40c4240b..c6912eeb 100644 --- a/Esignet/scripts/Esignet_Test_Script.jmx +++ b/Esignet/scripts/Esignet_Test_Script.jmx @@ -1371,7 +1371,9 @@ vars.put("utcTime", utcTime); }, "nonce": "973eieljzng", "state": "eree2311", - "claimsLocales": "en" + "claimsLocales": "en", + "codeChallenge" : "${codeChallenge}", + "codeChallengeMethod" : "S256" } } = @@ -1382,7 +1384,7 @@ vars.put("utcTime", utcTime); ${serverPortNo} ${protocol} - /v1/esignet/authorization/oauth-details + /v1/esignet/authorization/v2/oauth-details POST true false @@ -1430,6 +1432,31 @@ vars.put("utcTime", utcTime); 2 + + groovy + + + true + import org.apache.commons.codec.binary.Base64; +import java.security.SecureRandom; +import java.security.MessageDigest; + +SecureRandom secureRandom = new SecureRandom(); +byte[] codeVerifierBytes = new byte[32]; // 256 bits +secureRandom.nextBytes(codeVerifierBytes); + +String codeVerifier = Base64.encodeBase64URLSafeString(codeVerifierBytes); +vars.put("codeVerifier", codeVerifier); +log.info("codeVerifier: " + codeVerifier); + +MessageDigest digest = MessageDigest.getInstance("SHA-256"); +byte[] hash = digest.digest(codeVerifier.getBytes("UTF-8")); +String codeChallenge = Base64.encodeBase64URLSafeString(hash); +vars.put("codeChallenge", codeChallenge); +log.info("codeChallenge: " + codeChallenge); + + + @@ -1508,7 +1535,9 @@ vars.put("utcTime", utcTime); }, "nonce": "973eieljzng", "state": "eree2311", - "claimsLocales": "en" + "claimsLocales": "en", + "codeChallenge" : "${codeChallenge}", + "codeChallengeMethod" : "S256" } } = @@ -1519,7 +1548,7 @@ vars.put("utcTime", utcTime); ${serverPortNo} ${protocol} - /v1/esignet/authorization/oauth-details + /v1/esignet/authorization/v2/oauth-details POST true false @@ -1567,6 +1596,31 @@ vars.put("utcTime", utcTime); 2 + + groovy + + + true + import org.apache.commons.codec.binary.Base64; +import java.security.SecureRandom; +import java.security.MessageDigest; + +SecureRandom secureRandom = new SecureRandom(); +byte[] codeVerifierBytes = new byte[32]; // 256 bits +secureRandom.nextBytes(codeVerifierBytes); + +String codeVerifier = Base64.encodeBase64URLSafeString(codeVerifierBytes); +vars.put("codeVerifier", codeVerifier); +log.info("codeVerifier: " + codeVerifier); + +MessageDigest digest = MessageDigest.getInstance("SHA-256"); +byte[] hash = digest.digest(codeVerifier.getBytes("UTF-8")); +String codeChallenge = Base64.encodeBase64URLSafeString(hash); +vars.put("codeChallenge", codeChallenge); +log.info("codeChallenge: " + codeChallenge); + + + false transactionID @@ -1576,15 +1630,6 @@ vars.put("utcTime", utcTime); 1 - - false - captcha - "captcha.sitekey":"(.*?)" - $1$ - Captcha not found - 1 - - true @@ -1637,7 +1682,7 @@ function encodeBase64Url(value) { false - ${__StringToFile(transaction_id_send_otp_endpoint.txt,${transactionID}\,${hashValue}\,${captcha}\n,true,)} + ${__StringToFile(transaction_id_send_otp_endpoint.txt,${transactionID}\,${hashValue}\n,true,)} @@ -1665,7 +1710,7 @@ function encodeBase64Url(value) { true shareMode.all false - tidSendOtp,hashValue,captcha + tidSendOtp,hashValue @@ -1706,7 +1751,7 @@ vars.put("utcTime", utcTime); "transactionId": "${tidSendOtp}", "individualId": "${sendOtpIndividualId}", "otpChannels": ["EMAIL"], - "captchaToken" : "${captcha}" + "captchaToken" : "" } } @@ -1865,7 +1910,9 @@ vars.put("utcTime", utcTime); }, "nonce": "973eieljzng", "state": "eree2311", - "claimsLocales": "en" + "claimsLocales": "en", + "codeChallenge" : "${codeChallenge}", + "codeChallengeMethod" : "S256" } } = @@ -1876,7 +1923,7 @@ vars.put("utcTime", utcTime); ${serverPortNo} ${protocol} - /v1/esignet/authorization/oauth-details + /v1/esignet/authorization/v2/oauth-details POST true false @@ -1924,6 +1971,31 @@ vars.put("utcTime", utcTime); 2 + + groovy + + + true + import org.apache.commons.codec.binary.Base64; +import java.security.SecureRandom; +import java.security.MessageDigest; + +SecureRandom secureRandom = new SecureRandom(); +byte[] codeVerifierBytes = new byte[32]; // 256 bits +secureRandom.nextBytes(codeVerifierBytes); + +String codeVerifier = Base64.encodeBase64URLSafeString(codeVerifierBytes); +vars.put("codeVerifier", codeVerifier); +log.info("codeVerifier: " + codeVerifier); + +MessageDigest digest = MessageDigest.getInstance("SHA-256"); +byte[] hash = digest.digest(codeVerifier.getBytes("UTF-8")); +String codeChallenge = Base64.encodeBase64URLSafeString(hash); +vars.put("codeChallenge", codeChallenge); +log.info("codeChallenge: " + codeChallenge); + + + false tidAuthEndpoint @@ -1933,15 +2005,6 @@ vars.put("utcTime", utcTime); 1 - - false - captcha - "captcha.sitekey":"(.*?)" - $1$ - Captcha not found - 1 - - true @@ -1955,7 +2018,7 @@ vars.put("utcTime", utcTime); "transactionId": "${tidAuthEndpoint}", "individualId": "${authIndividualId}", "otpChannels": ["EMAIL"], - "captchaToken": "${captcha}" + "captchaToken": "" } } = @@ -2294,7 +2357,9 @@ vars.put("utcTime", utcTime); }, "nonce": "973eieljzng", "state": "eree2311", - "claimsLocales": "en" + "claimsLocales": "en", + "codeChallenge" : "${codeChallenge}", + "codeChallengeMethod" : "S256" } } = @@ -2305,7 +2370,7 @@ vars.put("utcTime", utcTime); ${serverPortNo} ${protocol} - /v1/esignet/authorization/oauth-details + /v1/esignet/authorization/v2/oauth-details POST true false @@ -2353,6 +2418,31 @@ vars.put("utcTime", utcTime); 2 + + groovy + + + true + import org.apache.commons.codec.binary.Base64; +import java.security.SecureRandom; +import java.security.MessageDigest; + +SecureRandom secureRandom = new SecureRandom(); +byte[] codeVerifierBytes = new byte[32]; // 256 bits +secureRandom.nextBytes(codeVerifierBytes); + +String codeVerifier = Base64.encodeBase64URLSafeString(codeVerifierBytes); +vars.put("codeVerifier", codeVerifier); +log.info("codeVerifier: " + codeVerifier); + +MessageDigest digest = MessageDigest.getInstance("SHA-256"); +byte[] hash = digest.digest(codeVerifier.getBytes("UTF-8")); +String codeChallenge = Base64.encodeBase64URLSafeString(hash); +vars.put("codeChallenge", codeChallenge); +log.info("codeChallenge: " + codeChallenge); + + + false transactionIdAuthCodePrep @@ -2362,15 +2452,6 @@ vars.put("utcTime", utcTime); 1 - - false - captcha - "captcha.sitekey":"(.*?)" - $1$ - Captcha not found - 1 - - true @@ -2384,7 +2465,7 @@ vars.put("utcTime", utcTime); "transactionId": "${transactionIdAuthCodePrep}", "individualId": "${authCodeIndividualId}", "otpChannels": ["EMAIL"], - "captchaToken" : "${captcha}" + "captchaToken" : "" } } = @@ -2922,7 +3003,9 @@ vars.put("utcTime", utcTime); }, "nonce": "973eieljzng", "state": "eree2311", - "claimsLocales": "en" + "claimsLocales": "en", + "codeChallenge" : "${codeChallenge}", + "codeChallengeMethod" : "S256" } } = @@ -2933,7 +3016,7 @@ vars.put("utcTime", utcTime); ${serverPortNo} ${protocol} - /v1/esignet/authorization/oauth-details + /v1/esignet/authorization/v2/oauth-details POST true false @@ -2981,6 +3064,31 @@ vars.put("utcTime", utcTime); 2 + + groovy + + + true + import org.apache.commons.codec.binary.Base64; +import java.security.SecureRandom; +import java.security.MessageDigest; + +SecureRandom secureRandom = new SecureRandom(); +byte[] codeVerifierBytes = new byte[32]; // 256 bits +secureRandom.nextBytes(codeVerifierBytes); + +String codeVerifier = Base64.encodeBase64URLSafeString(codeVerifierBytes); +vars.put("codeVerifier", codeVerifier); +log.info("codeVerifier: " + codeVerifier); + +MessageDigest digest = MessageDigest.getInstance("SHA-256"); +byte[] hash = digest.digest(codeVerifier.getBytes("UTF-8")); +String codeChallenge = Base64.encodeBase64URLSafeString(hash); +vars.put("codeChallenge", codeChallenge); +log.info("codeChallenge: " + codeChallenge); + + + false tidTokenPrep @@ -2990,15 +3098,6 @@ vars.put("utcTime", utcTime); 1 - - false - captcha - "captcha.sitekey":"(.*?)" - $1$ - Captcha not found - 1 - - true @@ -3012,7 +3111,7 @@ vars.put("utcTime", utcTime); "transactionId": "${tidTokenPrep}", "individualId": "${tokenIndividualId}", "otpChannels": ["EMAIL"], - "captchaToken" : "${captcha}" + "captchaToken" : "" } } = @@ -3307,7 +3406,7 @@ function encodeBase64Url(value) { false - ${__StringToFile(code_authorization_code_endpoint.txt,${code}\,${tokenClientId}\,${tokenPrivateKey}\n,true,)} + ${__StringToFile(code_authorization_code_endpoint.txt,${code}\,${tokenClientId}\,${tokenPrivateKey},${codeVerifier}\n,true,)} @@ -3335,7 +3434,7 @@ function encodeBase64Url(value) { true shareMode.all false - tokenEndpointCode,tokenEndpointClientId,tokenEncodedPrivateKey + tokenEndpointCode,tokenEndpointClientId,tokenEncodedPrivateKey,codeVerifier @@ -3454,13 +3553,20 @@ vars.put("utcTime", utcTime); true redirect_uri + + false + ${codeVerifier} + = + true + code_verifier + ${serverIP} ${serverPortNo} ${protocol} - /v1/esignet/oauth/token + /v1/esignet/oauth/v2/token POST true false @@ -3590,7 +3696,9 @@ vars.put("utcTime", utcTime); }, "nonce": "973eieljzng", "state": "eree2311", - "claimsLocales": "en" + "claimsLocales": "en", + "codeChallenge" : "${codeChallenge}", + "codeChallengeMethod" : "S256" } } = @@ -3601,7 +3709,7 @@ vars.put("utcTime", utcTime); ${serverPortNo} ${protocol} - /v1/esignet/authorization/oauth-details + /v1/esignet/authorization/v2/oauth-details POST true false @@ -3649,6 +3757,31 @@ vars.put("utcTime", utcTime); 2 + + groovy + + + true + import org.apache.commons.codec.binary.Base64; +import java.security.SecureRandom; +import java.security.MessageDigest; + +SecureRandom secureRandom = new SecureRandom(); +byte[] codeVerifierBytes = new byte[32]; // 256 bits +secureRandom.nextBytes(codeVerifierBytes); + +String codeVerifier = Base64.encodeBase64URLSafeString(codeVerifierBytes); +vars.put("codeVerifier", codeVerifier); +log.info("codeVerifier: " + codeVerifier); + +MessageDigest digest = MessageDigest.getInstance("SHA-256"); +byte[] hash = digest.digest(codeVerifier.getBytes("UTF-8")); +String codeChallenge = Base64.encodeBase64URLSafeString(hash); +vars.put("codeChallenge", codeChallenge); +log.info("codeChallenge: " + codeChallenge); + + + false tidUserInfoPrep @@ -3658,15 +3791,6 @@ vars.put("utcTime", utcTime); 1 - - false - captcha - "captcha.sitekey":"(.*?)" - $1$ - Captcha not found - 1 - - true @@ -3680,7 +3804,7 @@ vars.put("utcTime", utcTime); "transactionId": "${tidUserInfoPrep}", "individualId": "${userInfoIndividualId}", "otpChannels": ["EMAIL"], - "captchaToken" : "${captcha}" + "captchaToken" : "" } } = @@ -4074,13 +4198,20 @@ vars.put("clientAssertionJWT", JWT); true redirect_uri + + false + ${codeVerifier} + = + true + code_verifier + ${serverIP} ${serverPortNo} ${protocol} - /v1/esignet/oauth/token + /v1/esignet/oauth/v2/token POST true false @@ -7517,7 +7648,7 @@ vars.put("utcTime", utcTime); - + continue false @@ -7543,6 +7674,18 @@ vars.put("utcTime", utcTime); oAuthDetailsEndpointClientId,encodedPrivateKey + + , + + ./individualid_esignet1.txt + true + false + true + shareMode.all + false + credentialIndividualId + + @@ -7557,7 +7700,7 @@ String utcTime = dateFormat.format(cal.getTime()); vars.put("utcTime", utcTime); - + true @@ -7636,6 +7779,15 @@ vars.put("utcTime", utcTime); 2 + + false + tidVci + "transactionId":"(.*?)" + $1$ + transactionID not found + 1 + + groovy @@ -7661,1533 +7813,8 @@ log.info("codeChallenge: " + codeChallenge); - - ${delay} - - - - - continue - - false - 1 - - 1 - 1 - false - - - true - - - - , - - ./client_id_esignet.csv - true - false - true - shareMode.all - false - oAuthDetailsEndpointClientId,encodedPrivateKey - - - - - - false - import java.text.SimpleDateFormat; -import java.util.Calendar; -import java.util.TimeZone;//Set the format for the date-time -SimpleDateFormat dateFormat = new SimpleDateFormat("yyyy-MM-dd'T'HH:mm:ss.sss"); -dateFormat.setTimeZone(TimeZone.getTimeZone("UTC"));// Get the current time in UTC -Calendar cal = Calendar.getInstance(); -String utcTime = dateFormat.format(cal.getTime()); -vars.put("utcTime", utcTime); - - - - true - - - - false - { - "requestTime": "${utcTime}Z", - "request": { - "clientId": "${oAuthDetailsEndpointClientId}", - "scope": "${scopeVci}", - "responseType": "code", - "redirectUri": "${redirectUri}", - "display": "popup", - "prompt": "login", - "acrValues": "${acrValues}", - "nonce" : "973eieljzng", - "state" : "eree2311", - "claimsLocales" : "en", - "codeChallenge" : "${codeChallenge}", - "codeChallengeMethod" : "S256" - } -} - = - - - - ${serverIP} - ${serverPortNo} - ${protocol} - - /v1/esignet/authorization/v2/oauth-details - POST - true - false - true - false - - - - - - - - - Content-Type - application/json - - - X-XSRF-TOKEN - ${loadCsrfToken} - - - Cookie - XSRF-TOKEN=${loadCsrfToken} - - - - - - - "errors":[] - - - Assertion.response_data - false - 16 - - - - - 200 - - - Assertion.response_code - false - 2 - - - - false - captcha - "captcha.sitekey":"(.*?)" - $1$ - Captcha not found - 1 - - - - false - tidVci - "transactionId":"(.*?)" - $1$ - transactionID not found - 1 - - - - groovy - - - true - import org.apache.commons.codec.binary.Base64; -import java.security.SecureRandom; -import java.security.MessageDigest; - -SecureRandom secureRandom = new SecureRandom(); -byte[] codeVerifierBytes = new byte[32]; // 256 bits -secureRandom.nextBytes(codeVerifierBytes); - -String codeVerifier = Base64.encodeBase64URLSafeString(codeVerifierBytes); -vars.put("codeVerifier", codeVerifier); -log.info("codeVerifier: " + codeVerifier); - -MessageDigest digest = MessageDigest.getInstance("SHA-256"); -byte[] hash = digest.digest(codeVerifier.getBytes("UTF-8")); -String codeChallenge = Base64.encodeBase64URLSafeString(hash); -vars.put("codeChallenge", codeChallenge); -log.info("codeChallenge: " + codeChallenge); - - - - - javascript - - - true - // Import the required Java classes -var Base64 = Java.type('java.util.Base64'); -var StandardCharsets = Java.type('java.nio.charset.StandardCharsets'); - -// Retrieve the previous response value -var jsonResponse = prev.getResponseDataAsString(); - -// Print the previous response value -log.info("Previous Response: " + jsonResponse); - -// Parse the JSON response -var jsonObject = JSON.parse(jsonResponse); -var responseObjectString = JSON.stringify(jsonObject.response); - -log.info("Previous Response: " + responseObjectString); - -// Convert JSON to base64 URL-encoded SHA-256 hash -var sha256Hash = hashSHA256(responseObjectString); -var base64UrlEncodedHash = encodeBase64Url(sha256Hash); - -//Print the sha256 value -log.info("sha256Hash Value: " + sha256Hash); - -// Print the final hash value -log.info("Final Hash Value: " + base64UrlEncodedHash); - -// Set the new variable value in JMeter -vars.put("hashValue", base64UrlEncodedHash); - -// Function to compute the SHA-256 hash -function hashSHA256(value) { - var messageDigest = Java.type('java.security.MessageDigest').getInstance('SHA-256'); - var bytes = (value).getBytes(StandardCharsets.UTF_8); - var digest = messageDigest.digest(bytes); - return digest; -} - -// Function to base64 URL-encode the hash value -function encodeBase64Url(value) { - var base64 = Base64.getUrlEncoder().withoutPadding().encodeToString(value); - return base64; -} - - - - - - false - ${__StringToFile(transaction_id_send_otp_endpoint_vci.txt,${captcha}\,${tidVci}\,${hashValue}\n,true,)} - - - - ${delay} - - - - - - continue - - false - 1 - - 1 - 1 - false - - - true - - - - , - - ./transaction_id_send_otp_endpoint_vci.txt - true - false - true - shareMode.all - false - captcha,tidSendOtpVci,hashValue - - - - , - - ./individualid_esignet.txt - true - false - true - shareMode.all - false - sendOtpIndividualId - - - - - - false - import java.text.SimpleDateFormat; -import java.util.Calendar; -import java.util.TimeZone;//Set the format for the date-time -SimpleDateFormat dateFormat = new SimpleDateFormat("yyyy-MM-dd'T'HH:mm:ss.sss"); -dateFormat.setTimeZone(TimeZone.getTimeZone("UTC"));// Get the current time in UTC -Calendar cal = Calendar.getInstance(); -String utcTime = dateFormat.format(cal.getTime()); -vars.put("utcTime", utcTime); - - - - true - - - - false - { - "requestTime": "${utcTime}Z", - "request": { - "transactionId": "${tidSendOtpVci}", - "individualId": "${sendOtpIndividualId}", - "otpChannels": ["EMAIL"], - "captchaToken" : "${captcha}" - } -} - = - - - - ${serverIP} - ${serverPortNo} - ${protocol} - - /v1/esignet/authorization/send-otp - POST - true - false - true - false - - - - - - - - - Content-Type - application/json - - - X-XSRF-TOKEN - ${loadCsrfToken} - - - Cookie - XSRF-TOKEN=${loadCsrfToken} - - - oauth-details-hash - ${hashValue} - - - oauth-details-key - ${tidSendOtpVci} - - - - - - - "errors":[] - - - Assertion.response_data - false - 16 - - - - - 200 - - - Assertion.response_code - false - 2 - - - - - - continue - - false - 1 - - 1 - 1 - false - - - true - - - - , - - ./client_id_esignet.csv - true - false - true - shareMode.all - false - oAuthDetailsEndpointClientId,encodedPrivateKey - - - - , - - ./individualid_esignet.txt - true - false - true - shareMode.all - false - authIndividualId - - - - - - false - import java.text.SimpleDateFormat; -import java.util.Calendar; -import java.util.TimeZone;//Set the format for the date-time -SimpleDateFormat dateFormat = new SimpleDateFormat("yyyy-MM-dd'T'HH:mm:ss.sss"); -dateFormat.setTimeZone(TimeZone.getTimeZone("UTC"));// Get the current time in UTC -Calendar cal = Calendar.getInstance(); -String utcTime = dateFormat.format(cal.getTime()); -vars.put("utcTime", utcTime); - - - - true - - - - false - { - "requestTime": "${utcTime}Z", - "request": { - "clientId": "${oAuthDetailsEndpointClientId}", - "scope": "${scopeVci}", - "responseType": "code", - "redirectUri": "${redirectUri}", - "display": "popup", - "prompt": "login", - "acrValues": "${acrValues}", - "nonce" : "973eieljzng", - "state" : "eree2311", - "claimsLocales" : "en", - "codeChallenge" : "${codeChallenge}", - "codeChallengeMethod" : "S256" - } -} - = - - - - ${serverIP} - ${serverPortNo} - ${protocol} - - /v1/esignet/authorization/v2/oauth-details - POST - true - false - true - false - - - - - - - - - Content-Type - application/json - - - X-XSRF-TOKEN - ${loadCsrfToken} - - - Cookie - XSRF-TOKEN=${loadCsrfToken} - - - - - - - "errors":[] - - - Assertion.response_data - false - 16 - - - - - 200 - - - Assertion.response_code - false - 2 - - - - false - captcha - "captcha.sitekey":"(.*?)" - $1$ - Captcha not found - 1 - - - - false - tidAuthVci - "transactionId":"(.*?)" - $1$ - transactionID not found - 1 - - - - groovy - - - true - import org.apache.commons.codec.binary.Base64; -import java.security.SecureRandom; -import java.security.MessageDigest; - -SecureRandom secureRandom = new SecureRandom(); -byte[] codeVerifierBytes = new byte[32]; // 256 bits -secureRandom.nextBytes(codeVerifierBytes); - -String codeVerifier = Base64.encodeBase64URLSafeString(codeVerifierBytes); -vars.put("codeVerifier", codeVerifier); -log.info("codeVerifier: " + codeVerifier); - -MessageDigest digest = MessageDigest.getInstance("SHA-256"); -byte[] hash = digest.digest(codeVerifier.getBytes("UTF-8")); -String codeChallenge = Base64.encodeBase64URLSafeString(hash); -vars.put("codeChallenge", codeChallenge); -log.info("codeChallenge: " + codeChallenge); - - - - - - true - - - - false - { - "requestTime": "${utcTime}Z", - "request": { - "transactionId": "${tidAuthVci}", - "individualId": "${authIndividualId}", - "otpChannels": ["EMAIL"], - "captchaToken" : "${captcha}" - } -} - = - - - - ${serverIP} - ${serverPortNo} - ${protocol} - - /v1/esignet/authorization/send-otp - POST - true - false - true - false - - - - - - - - - Content-Type - application/json - - - X-XSRF-TOKEN - ${loadCsrfToken} - - - Cookie - XSRF-TOKEN=${loadCsrfToken} - - - oauth-details-hash - ${hashValue} - - - oauth-details-key - ${tidAuthVci} - - - - - - - "errors":[] - - - Assertion.response_data - false - 16 - - - - - 200 - - - Assertion.response_code - false - 2 - - - - javascript - - - true - // Import the required Java classes -var Base64 = Java.type('java.util.Base64'); -var StandardCharsets = Java.type('java.nio.charset.StandardCharsets'); - -// Retrieve the previous response value -var jsonResponse = prev.getResponseDataAsString(); - -// Print the previous response value -log.info("Previous Response: " + jsonResponse); - -// Parse the JSON response -var jsonObject = JSON.parse(jsonResponse); -var responseObjectString = JSON.stringify(jsonObject.response); - -log.info("Previous Response: " + responseObjectString); - -// Convert JSON to base64 URL-encoded SHA-256 hash -var sha256Hash = hashSHA256(responseObjectString); -var base64UrlEncodedHash = encodeBase64Url(sha256Hash); - -//Print the sha256 value -log.info("sha256Hash Value: " + sha256Hash); - -// Print the final hash value -log.info("Final Hash Value: " + base64UrlEncodedHash); - -// Set the new variable value in JMeter -vars.put("hashValue", base64UrlEncodedHash); - -// Function to compute the SHA-256 hash -function hashSHA256(value) { - var messageDigest = Java.type('java.security.MessageDigest').getInstance('SHA-256'); - var bytes = (value).getBytes(StandardCharsets.UTF_8); - var digest = messageDigest.digest(bytes); - return digest; -} - -// Function to base64 URL-encode the hash value -function encodeBase64Url(value) { - var base64 = Base64.getUrlEncoder().withoutPadding().encodeToString(value); - return base64; -} - - - - false - tidSendOtpVci - "transactionId":"(.*?)" - $1$ - transactionID not found - 1 - - - - - - false - ${__StringToFile(transaction_id_auth_endpoint_vci.txt,${authIndividualId}\,${tidSendOtpVci}\,${hashValue}\n,true,)} - - - - - - continue - - false - 1 - - 1 - 1 - false - - - true - - - - , - - ./transaction_id_auth_endpoint_vci.txt - true - false - true - shareMode.all - false - authIndividualId,tidAuthVci,hashValue - - - - - - false - import java.text.SimpleDateFormat; -import java.util.Calendar; -import java.util.TimeZone;//Set the format for the date-time -SimpleDateFormat dateFormat = new SimpleDateFormat("yyyy-MM-dd'T'HH:mm:ss.sss"); -dateFormat.setTimeZone(TimeZone.getTimeZone("UTC"));// Get the current time in UTC -Calendar cal = Calendar.getInstance(); -String utcTime = dateFormat.format(cal.getTime()); -vars.put("utcTime", utcTime); - - - - true - - - - false - { - "requestTime": "${utcTime}Z", - "request": { - "transactionId": "${tidAuthVci}", - "individualId": "${authIndividualId}", - "challengeList": [ - { - "authFactorType": "OTP", - "challenge": "111111", - "format": "alpha-numeric" - } - ] - } -} - = - - - - ${serverIP} - ${serverPortNo} - ${protocol} - - /v1/esignet/authorization/v2/authenticate - POST - true - false - true - false - - - - - - - - - Content-Type - application/json - - - X-XSRF-TOKEN - ${loadCsrfToken} - - - Cookie - XSRF-TOKEN=${loadCsrfToken} - - - oauth-details-hash - ${hashValue} - - - oauth-details-key - ${tidSendOtpVci} - - - - - - - "errors":[] - - - Assertion.response_data - false - 16 - - - - - 200 - - - Assertion.response_code - false - 2 - - - - - - continue - - false - 1 - - 1 - 1 - false - - - true - - - - , - - ./client_id_esignet.csv - true - false - true - shareMode.all - false - oAuthDetailsEndpointClientId,encodedPrivateKey - - - - , - - ./individualid_esignet.txt - true - false - true - shareMode.all - false - authCodeIndividualId - - - - - - false - import java.text.SimpleDateFormat; -import java.util.Calendar; -import java.util.TimeZone;//Set the format for the date-time -SimpleDateFormat dateFormat = new SimpleDateFormat("yyyy-MM-dd'T'HH:mm:ss.sss"); -dateFormat.setTimeZone(TimeZone.getTimeZone("UTC"));// Get the current time in UTC -Calendar cal = Calendar.getInstance(); -String utcTime = dateFormat.format(cal.getTime()); -vars.put("utcTime", utcTime); - - - - true - - - - false - { - "requestTime": "${utcTime}Z", - "request": { - "clientId": "${oAuthDetailsEndpointClientId}", - "scope": "${scopeVci}", - "responseType": "code", - "redirectUri": "${redirectUri}", - "display": "popup", - "prompt": "login", - "acrValues": "${acrValues}", - "nonce" : "973eieljzng", - "state" : "eree2311", - "claimsLocales" : "en", - "codeChallenge" : "${codeChallenge}", - "codeChallengeMethod" : "S256" - } -} - = - - - - ${serverIP} - ${serverPortNo} - ${protocol} - - /v1/esignet/authorization/v2/oauth-details - POST - true - false - true - false - - - - - - - - - Content-Type - application/json - - - X-XSRF-TOKEN - ${loadCsrfToken} - - - Cookie - XSRF-TOKEN=${loadCsrfToken} - - - - - - - "errors":[] - - - Assertion.response_data - false - 16 - - - - - 200 - - - Assertion.response_code - false - 2 - - - - false - captcha - "captcha.sitekey":"(.*?)" - $1$ - Captcha not found - 1 - - - - false - tidVci - "transactionId":"(.*?)" - $1$ - transactionID not found - 1 - - - - groovy - - - true - import org.apache.commons.codec.binary.Base64; -import java.security.SecureRandom; -import java.security.MessageDigest; - -SecureRandom secureRandom = new SecureRandom(); -byte[] codeVerifierBytes = new byte[32]; // 256 bits -secureRandom.nextBytes(codeVerifierBytes); - -String codeVerifier = Base64.encodeBase64URLSafeString(codeVerifierBytes); -vars.put("codeVerifier", codeVerifier); -log.info("codeVerifier: " + codeVerifier); - -MessageDigest digest = MessageDigest.getInstance("SHA-256"); -byte[] hash = digest.digest(codeVerifier.getBytes("UTF-8")); -String codeChallenge = Base64.encodeBase64URLSafeString(hash); -vars.put("codeChallenge", codeChallenge); -log.info("codeChallenge: " + codeChallenge); - - - - - - true - - - - false - { - "requestTime": "${utcTime}Z", - "request": { - "transactionId": "${tidVci}", - "individualId": "${authCodeIndividualId}", - "otpChannels": ["EMAIL"], - "captchaToken" : "${captcha}" - } -} - = - - - - ${serverIP} - ${serverPortNo} - ${protocol} - - /v1/esignet/authorization/send-otp - POST - true - false - true - false - - - - - - - - - Content-Type - application/json - - - X-XSRF-TOKEN - ${loadCsrfToken} - - - Cookie - XSRF-TOKEN=${loadCsrfToken} - - - oauth-details-hash - ${hashValue} - - - oauth-details-key - ${tidVci} - - - - - - - "errors":[] - - - Assertion.response_data - false - 16 - - - - - 200 - - - Assertion.response_code - false - 2 - - - - false - tidSendOtpVci - "transactionId":"(.*?)" - $1$ - transactionID not found - 1 - - - - javascript - - - true - // Import the required Java classes -var Base64 = Java.type('java.util.Base64'); -var StandardCharsets = Java.type('java.nio.charset.StandardCharsets'); - -// Retrieve the previous response value -var jsonResponse = prev.getResponseDataAsString(); - -// Print the previous response value -log.info("Previous Response: " + jsonResponse); - -// Parse the JSON response -var jsonObject = JSON.parse(jsonResponse); -var responseObjectString = JSON.stringify(jsonObject.response); - -log.info("Previous Response: " + responseObjectString); - -// Convert JSON to base64 URL-encoded SHA-256 hash -var sha256Hash = hashSHA256(responseObjectString); -var base64UrlEncodedHash = encodeBase64Url(sha256Hash); - -//Print the sha256 value -log.info("sha256Hash Value: " + sha256Hash); - -// Print the final hash value -log.info("Final Hash Value: " + base64UrlEncodedHash); - -// Set the new variable value in JMeter -vars.put("hashValue", base64UrlEncodedHash); - -// Function to compute the SHA-256 hash -function hashSHA256(value) { - var messageDigest = Java.type('java.security.MessageDigest').getInstance('SHA-256'); - var bytes = (value).getBytes(StandardCharsets.UTF_8); - var digest = messageDigest.digest(bytes); - return digest; -} - -// Function to base64 URL-encode the hash value -function encodeBase64Url(value) { - var base64 = Base64.getUrlEncoder().withoutPadding().encodeToString(value); - return base64; -} - - - - - true - - - - false - { - "requestTime": "${utcTime}Z", - "request": { - "transactionId": "${tidSendOtpVci}", - "individualId": "${authCodeIndividualId}", - "challengeList": [ - { - "authFactorType": "OTP", - "challenge": "111111", - "format": "alpha-numeric" - } - ] - } -} - = - - - - ${serverIP} - ${serverPortNo} - ${protocol} - - /v1/esignet/authorization/v2/authenticate - POST - true - false - true - false - - - - - - - - - Content-Type - application/json - - - X-XSRF-TOKEN - ${loadCsrfToken} - - - Cookie - XSRF-TOKEN=${loadCsrfToken} - - - oauth-details-hash - ${hashValue} - - - oauth-details-key - ${tidSendOtpVci} - - - - - - - "errors":[] - - - Assertion.response_data - false - 16 - - - - - 200 - - - Assertion.response_code - false - 2 - - - - - - false - ${__StringToFile(transaction_id_auth_code_endpoint_vci.txt,${tidSendOtpVci}\,${hashValue}\n,true,)} - - - - - - continue - - false - 1 - - 1 - 1 - false - - - true - - - - , - - ./transaction_id_auth_code_endpoint_vci.txt - true - false - true - shareMode.all - false - tidAuthCodeVci,hashValue - - - - - - false - import java.text.SimpleDateFormat; -import java.util.Calendar; -import java.util.TimeZone;//Set the format for the date-time -SimpleDateFormat dateFormat = new SimpleDateFormat("yyyy-MM-dd'T'HH:mm:ss.sss"); -dateFormat.setTimeZone(TimeZone.getTimeZone("UTC"));// Get the current time in UTC -Calendar cal = Calendar.getInstance(); -String utcTime = dateFormat.format(cal.getTime()); -vars.put("utcTime", utcTime); - - - - true - - - - false - { - "requestTime": "${utcTime}Z", - "request": { - "transactionId": "${tidAuthCodeVci}", - "permittedAuthorizeScopes": [], - "acceptedClaims": [ - ${acceptedClaims} - ] - } -} - = - - - - ${serverIP} - ${serverPortNo} - ${protocol} - - /v1/esignet/authorization/auth-code - POST - true - false - true - false - - - - - - - - - Content-Type - application/json - - - X-XSRF-TOKEN - ${loadCsrfToken} - - - Cookie - XSRF-TOKEN=${loadCsrfToken} - - - oauth-details-hash - ${hashValue} - - - oauth-details-key - ${tidAuthCodeVci} - - - - - - - "errors":[] - - - Assertion.response_data - false - 16 - - - - - 200 - - - Assertion.response_code - false - 2 - - - - false - codeVci - "code":"(.*?)" - $1$ - Code not found - 1 - - - - 4000 - - - - - - continue - - false - 1 - - 1 - 1 - false - - - true - - - - , - - ./client_id_esignet.csv - true - false - true - shareMode.all - false - oAuthDetailsEndpointClientId,encodedPrivateKey - - - - , - - ./individualid_esignet.txt - true - false - true - shareMode.all - false - tokenIndividualId - - - - - - false - import java.text.SimpleDateFormat; -import java.util.Calendar; -import java.util.TimeZone;//Set the format for the date-time -SimpleDateFormat dateFormat = new SimpleDateFormat("yyyy-MM-dd'T'HH:mm:ss.sss"); -dateFormat.setTimeZone(TimeZone.getTimeZone("UTC"));// Get the current time in UTC -Calendar cal = Calendar.getInstance(); -String utcTime = dateFormat.format(cal.getTime()); -vars.put("utcTime", utcTime); - - - - true - - - - false - { - "requestTime": "${utcTime}Z", - "request": { - "clientId": "${oAuthDetailsEndpointClientId}", - "scope": "${scopeVci}", - "responseType": "code", - "redirectUri": "${redirectUri}", - "display": "popup", - "prompt": "login", - "acrValues": "${acrValues}", - "nonce" : "973eieljzng", - "state" : "eree2311", - "claimsLocales" : "en", - "codeChallenge" : "${codeChallenge}", - "codeChallengeMethod" : "S256" - } -} - = - - - - ${serverIP} - ${serverPortNo} - ${protocol} - - /v1/esignet/authorization/v2/oauth-details - POST - true - false - true - false - - - - - - - - - Content-Type - application/json - - - X-XSRF-TOKEN - ${loadCsrfToken} - - - Cookie - XSRF-TOKEN=${loadCsrfToken} - - - - - - - "errors":[] - - - Assertion.response_data - false - 16 - - - - - 200 - - - Assertion.response_code - false - 2 - - - - false - captcha - "captcha.sitekey":"(.*?)" - $1$ - Captcha not found - 1 - - - - false - tidVci - "transactionId":"(.*?)" - $1$ - transactionID not found - 1 - - - - groovy - - - true - import org.apache.commons.codec.binary.Base64; -import java.security.SecureRandom; -import java.security.MessageDigest; - -SecureRandom secureRandom = new SecureRandom(); -byte[] codeVerifierBytes = new byte[32]; // 256 bits -secureRandom.nextBytes(codeVerifierBytes); - -String codeVerifier = Base64.encodeBase64URLSafeString(codeVerifierBytes); -vars.put("codeVerifier", codeVerifier); -log.info("codeVerifier: " + codeVerifier); - -MessageDigest digest = MessageDigest.getInstance("SHA-256"); -byte[] hash = digest.digest(codeVerifier.getBytes("UTF-8")); -String codeChallenge = Base64.encodeBase64URLSafeString(hash); -vars.put("codeChallenge", codeChallenge); -log.info("codeChallenge: " + codeChallenge); - - - - - + true @@ -9197,9 +7824,9 @@ log.info("codeChallenge: " + codeChallenge); "requestTime": "${utcTime}Z", "request": { "transactionId": "${tidVci}", - "individualId": "${tokenIndividualId}", + "individualId": "${credentialIndividualId}", "otpChannels": ["EMAIL"], - "captchaToken" : "${captcha}" + "captchaToken" : "" } } = @@ -9325,7 +7952,7 @@ function encodeBase64Url(value) { - + true @@ -9335,7 +7962,7 @@ function encodeBase64Url(value) { "requestTime": "${utcTime}Z", "request": { "transactionId": "${tidSendOtpVci}", - "individualId": "${tokenIndividualId}", + "individualId": "${credentialIndividualId}", "challengeList": [ { "authFactorType": "OTP", @@ -9419,7 +8046,7 @@ function encodeBase64Url(value) { - + true @@ -9508,55 +8135,7 @@ function encodeBase64Url(value) { 1 - - - - false - ${__StringToFile(transaction_id_token_endpoint_vci.txt,${oAuthDetailsEndpointClientId}\,${encodedPrivateKey}\,${codeVci}\,${codeVerifier}\n,true,)} - - - - - continue - - false - 1 - - 1 - 1 - false - - - true - - - - , - - ./transaction_id_token_endpoint_vci.txt - true - false - true - shareMode.all - false - tokenClientId,encodedPrivateKey,tokencodeVci,codeVerifier - - - - - - false - import java.text.SimpleDateFormat; -import java.util.Calendar; -import java.util.TimeZone;//Set the format for the date-time -SimpleDateFormat dateFormat = new SimpleDateFormat("yyyy-MM-dd'T'HH:mm:ss.sss"); -dateFormat.setTimeZone(TimeZone.getTimeZone("UTC"));// Get the current time in UTC -Calendar cal = Calendar.getInstance(); -String utcTime = dateFormat.format(cal.getTime()); -vars.put("utcTime", utcTime); - - true @@ -9576,10 +8155,9 @@ import java.security.KeyPair; java.security.Security.addProvider(new org.bouncycastle.jce.provider.BouncyCastleProvider()); -String clientId = vars.get("tokenClientId") ; +String clientId = vars.get("oAuthDetailsEndpointClientId") ; log.info("clientId: " + clientId); - String pemPrivateKey = "-----BEGIN RSA PRIVATE KEY-----\n"+ vars.get("encodedPrivateKey") +"\n-----END RSA PRIVATE KEY-----" ; String audience = "${protocol}"+ ":" + "//" + "${serverIpEsignet}" +"/v1/esignet/oauth/token" ; @@ -9627,14 +8205,14 @@ log.info("clientAssertionJWT: ${vars.get("clientAssertionJWT")}&q false - ${tokencodeVci} + ${codeVci} = true code false - ${tokenClientId} + ${oAuthDetailsEndpointClientId} = true client_id @@ -9713,9 +8291,203 @@ log.info("clientAssertionJWT: ${vars.get("clientAssertionJWT")}&q 2 - - ${delay} - + + false + accessToken + "access_token":"(.*?)" + $1$ + access_token not found + 1 + + + + false + cNonce + "c_nonce":"(.*?)" + $1$ + cNonce not found + 1 + + + + groovy + + + true + // Import necessary libraries +import java.security.KeyFactory; +import com.nimbusds.jose.jwk.RSAKey; +import com.nimbusds.jose.jwk.gen.RSAKeyGenerator; +import com.nimbusds.jose.util.JSONObjectUtils; +import net.minidev.json.JSONObject; +import io.jsonwebtoken.SignatureAlgorithm; +import io.jsonwebtoken.security.Keys; +import java.security.PrivateKey; +import java.security.spec.InvalidKeySpecException; +import io.jsonwebtoken.*; +import java.util.Date; +import java.security.KeyPair; + +def keyPair = Keys.keyPairFor(SignatureAlgorithm.RS256) +def privateKey = keyPair.private +def publicKey = keyPair.public + +vars.put("holderPrivateKey", privateKey.getEncoded().encodeBase64().toString()) + +// Create JSON representation of RSA public key +def rsaPublicKeyJson = [ + "kty": "RSA", + "n" : Base64.getUrlEncoder().withoutPadding().encodeToString(publicKey.getModulus().toByteArray()), + "e" : Base64.getUrlEncoder().withoutPadding().encodeToString(publicKey.getPublicExponent().toByteArray()), + "alg": "RS256", + "use": "sig" +] + +vars.put("holderPublicKey", JSONObjectUtils.toJSONString(rsaPublicKeyJson)) +// Set headers for JWT +def header = [ + "alg": "RS256", + "typ": "openid4vci-proof+jwt", + "jwk": rsaPublicKeyJson +] + + +String audience = "${protocol}"+ ":" + "//" + "${serverIpEsignet}" +"/v1/esignet" ; +log.info("audience: " + audience); +String clientId = vars.get("oAuthDetailsEndpointClientId") ; +log.info("clientId: " + clientId); +long nowMillis = System.currentTimeMillis(); +Date now = new Date(nowMillis); + +// Set JWT payload +def payload = [ + "nonce": vars.get("cNonce") +] + +//Build the JWT with the JwtBuilder +JwtBuilder builder = Jwts.builder() + .setHeader(header) + .setClaims(payload) + .setIssuedAt(now) + .setIssuer(clientId) + .setAudience(audience) + .setExpiration(new Date(System.currentTimeMillis() + 600000)) + .signWith(SignatureAlgorithm.RS256,privateKey); + +String JWT = builder.compact().toString(); +vars.put("proofJwt", JWT) +log.info("proofJwt: ${vars.get("proofJwt")}") + + + + + + + false + ${__StringToFile(accesstoken_proofjwt_credential_endpoint_vci.txt,${accessToken}\,${proofJwt}\n,true,)} + + + + + + continue + + false + 1 + + 1 + 1 + false + + + true + + + + , + + ./accesstoken_proofjwt_credential_endpoint_vci.txt + true + false + true + shareMode.all + false + accessToken,proofJwt + + + + true + + + + false + { + "format": "ldp_vc", + "credential_definition" : { "type" : ["VerifiableCredential", "MOSIPVerifiableCredential"], "@context" : ["https://www.w3.org/2018/credentials/v1"]}, + "proof": { + "proof_type": "jwt", + "jwt": "${proofJwt}" + } +} + = + + + + ${serverIP} + ${serverPortNo} + ${protocol} + + /v1/esignet/vci/credential + POST + true + false + true + false + + + + + + + + + Content-Type + application/json + + + X-XSRF-TOKEN + ${loadCsrfToken} + + + Cookie + XSRF-TOKEN=${loadCsrfToken} + + + Authorization + Bearer ${accessToken} + + + + + + + {"format":"ldp_vc","credential": + + + Assertion.response_data + false + 16 + + + + + 200 + + + Assertion.response_code + false + 2 +