aboutsummaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorThomas Lenz <thomas.lenz@egiz.gv.at>2021-12-13 09:23:09 +0100
committerThomas Lenz <thomas.lenz@egiz.gv.at>2021-12-13 09:23:09 +0100
commit0436de6184c1a95d463da52929e3bf60923d6e04 (patch)
treef46beaef0195bde28b758e9144d6b6184ccb9ef5
parent1fdd559a00ad852fe8436a8ca67b36e95b1027a0 (diff)
downloadmoa-id-spss-0436de6184c1a95d463da52929e3bf60923d6e04.tar.gz
moa-id-spss-0436de6184c1a95d463da52929e3bf60923d6e04.tar.bz2
moa-id-spss-0436de6184c1a95d463da52929e3bf60923d6e04.zip
update third-party libs and resolve API issues
-rw-r--r--id/ConfigWebTool/pom.xml16
-rw-r--r--id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/auth/pvp2/servlets/Authenticate.java313
-rw-r--r--id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/auth/pvp2/servlets/BuildMetadata.java531
-rw-r--r--id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/auth/pvp2/servlets/SLOBackChannelServlet.java203
-rw-r--r--id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/auth/pvp2/servlets/SLOBasicServlet.java433
-rw-r--r--id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/auth/pvp2/servlets/SLOFrontChannelServlet.java443
-rw-r--r--id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/config/ConfigurationProvider.java1235
-rw-r--r--id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/data/FormularCustomization.java1564
-rw-r--r--id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/data/GeneralMOAIDConfig.java2183
-rw-r--r--id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/data/GeneralStorkConfig.java274
-rw-r--r--id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/data/OAListElement.java187
-rw-r--r--id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/data/StorkAttributes.java42
-rw-r--r--id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/data/UserDatabaseFrom.java630
-rw-r--r--id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/data/oa/AttributeHelper.java92
-rw-r--r--id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/data/oa/IOnlineApplicationData.java55
-rw-r--r--id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/data/oa/OAAuthenticationData.java1572
-rw-r--r--id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/data/oa/OABPKEncryption.java633
-rw-r--r--id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/data/oa/OAGeneralConfig.java275
-rw-r--r--id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/data/oa/OAMOAIDPInterfederationConfig.java362
-rw-r--r--id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/data/oa/OAOAuth20Config.java267
-rw-r--r--id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/data/oa/OAPVP2Config.java439
-rw-r--r--id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/data/oa/OARevisionsLogData.java237
-rw-r--r--id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/data/oa/OASAML1Config.java383
-rw-r--r--id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/data/oa/OASSOConfig.java184
-rw-r--r--id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/data/oa/OASTORKConfig.java623
-rw-r--r--id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/data/oa/OATargetConfiguration.java851
-rw-r--r--id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/data/oa/PVPGatewayInterfederationConfig.java202
-rw-r--r--id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/filter/AuthenticationFilter.java6
-rw-r--r--id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/filter/EncodingFilter.java6
-rw-r--r--id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/helper/AuthenticationHelper.java40
-rw-r--r--id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/helper/DateTimeHelper.java50
-rw-r--r--id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/helper/FormDataHelper.java131
-rw-r--r--id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/helper/LanguageHelper.java106
-rw-r--r--id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/helper/MailHelper.java435
-rw-r--r--id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/helper/StringHelper.java62
-rw-r--r--id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/struts/action/BasicAction.java175
-rw-r--r--id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/struts/action/BasicOAAction.java1187
-rw-r--r--id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/struts/action/EditGeneralConfigAction.java1548
-rw-r--r--id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/struts/action/EditOAAction.java981
-rw-r--r--id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/struts/action/IDPGatewayAction.java36
-rw-r--r--id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/struts/action/ImportExportAction.java929
-rw-r--r--id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/struts/action/IndexAction.java1643
-rw-r--r--id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/struts/action/InterfederationIDPAction.java822
-rw-r--r--id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/struts/action/ListOAsAction.java307
-rw-r--r--id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/struts/action/MOAIDPAction.java41
-rw-r--r--id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/struts/action/MainAction.java66
-rw-r--r--id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/struts/action/OpenAdminRequestsAction.java125
-rw-r--r--id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/struts/action/UserManagementAction.java1130
-rw-r--r--id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/struts/action/VIDPAction.java63
-rw-r--r--id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/utils/ConfigurationEncryptionUtils.java84
-rw-r--r--id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/utils/SAML2Utils.java97
-rw-r--r--id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/utils/UserRequestCleaner.java110
-rw-r--r--id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/validation/CompanyNumberValidator.java92
-rw-r--r--id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/validation/FormularCustomizationValitator.java284
-rw-r--r--id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/validation/IdentificationNumberValidator.java4
-rw-r--r--id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/validation/UserDatabaseFormValidator.java312
-rw-r--r--id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/validation/moaconfig/MOAConfigValidator.java857
-rw-r--r--id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/validation/moaconfig/PVP2ContactValidator.java130
-rw-r--r--id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/validation/moaconfig/StorkConfigValidator.java187
-rw-r--r--id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/validation/oa/OAAuthenticationDataValidation.java419
-rw-r--r--id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/validation/oa/OAFileUploadValidation.java89
-rw-r--r--id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/validation/oa/OAOAUTH20ConfigValidation.java33
-rw-r--r--id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/validation/oa/OAPVP2ConfigValidation.java362
-rw-r--r--id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/validation/oa/OASAML1ConfigValidation.java28
-rw-r--r--id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/validation/oa/OASSOConfigValidation.java44
-rw-r--r--id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/validation/oa/OASTORKConfigValidation.java85
-rw-r--r--id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/validation/oa/OATargetConfigValidation.java254
-rw-r--r--id/moa-id-webgui/pom.xml6
-rw-r--r--id/moa-spss-container/pom.xml59
-rw-r--r--id/oa/pom.xml8
-rw-r--r--id/oa/src/main/java/at/gv/egovernment/moa/id/demoOA/Configuration.java6
-rw-r--r--id/oa/src/main/java/at/gv/egovernment/moa/id/demoOA/servlet/pvp2/Authenticate.java529
-rw-r--r--id/oa/src/main/java/at/gv/egovernment/moa/id/demoOA/servlet/pvp2/BuildMetadata.java509
-rw-r--r--id/oa/src/main/java/at/gv/egovernment/moa/id/demoOA/servlet/pvp2/DemoApplication.java554
-rw-r--r--id/oa/src/main/java/at/gv/egovernment/moa/id/demoOA/servlet/pvp2/Index.java467
-rw-r--r--id/oa/src/main/java/at/gv/egovernment/moa/id/demoOA/servlet/pvp2/SingleLogOut.java296
-rw-r--r--id/server/idserverlib/pom.xml20
-rw-r--r--id/server/moa-id-commons/pom.xml10
-rw-r--r--id/server/modules/moa-id-module-bkaMobilaAuthSAML2Test/pom.xml4
-rw-r--r--id/server/modules/moa-id-module-eIDAS/pom.xml4
-rw-r--r--id/server/modules/moa-id-module-ehvd_integration/pom.xml1
-rw-r--r--id/server/modules/moa-id-module-openID/pom.xml5
-rw-r--r--id/server/modules/moa-id-module-sl20_authentication/pom.xml6
-rw-r--r--id/server/modules/moa-id-module-sl20_authentication/src/main/java/at/gv/egovernment/moa/id/auth/modules/sl20_auth/sl20/SL20JSONExtractorUtils.java664
-rw-r--r--id/server/modules/moa-id-module-ssoTransfer/pom.xml4
-rw-r--r--pom.xml59
86 files changed, 15551 insertions, 15249 deletions
diff --git a/id/ConfigWebTool/pom.xml b/id/ConfigWebTool/pom.xml
index 63db8f8db..fd896efe7 100644
--- a/id/ConfigWebTool/pom.xml
+++ b/id/ConfigWebTool/pom.xml
@@ -64,11 +64,23 @@
<dependency>
<groupId>MOA.id.server</groupId>
<artifactId>moa-id-commons</artifactId>
+ <exclusions>
+ <exclusion>
+ <groupId>org.apache.logging.log4j</groupId>
+ <artifactId>log4j-api</artifactId>
+ </exclusion>
+ </exclusions>
</dependency>
<dependency>
<groupId>at.gv.egiz.eaaf</groupId>
<artifactId>eaaf_module_pvp2_core</artifactId>
+ <exclusions>
+ <exclusion>
+ <groupId>log4j</groupId>
+ <artifactId>log4j</artifactId>
+ </exclusion>
+ </exclusions>
</dependency>
<dependency>
<groupId>at.gv.egiz.eaaf</groupId>
@@ -206,6 +218,10 @@
<artifactId>javassist</artifactId>
<groupId>javassist</groupId>
</exclusion>
+ <exclusion>
+ <groupId>org.apache.logging.log4j</groupId>
+ <artifactId>log4j-api</artifactId>
+ </exclusion>
</exclusions>
</dependency>
<dependency>
diff --git a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/auth/pvp2/servlets/Authenticate.java b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/auth/pvp2/servlets/Authenticate.java
index 84fbec0e8..c6946e509 100644
--- a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/auth/pvp2/servlets/Authenticate.java
+++ b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/auth/pvp2/servlets/Authenticate.java
@@ -36,7 +36,6 @@ import javax.xml.parsers.ParserConfigurationException;
import javax.xml.transform.TransformerException;
import org.joda.time.DateTime;
-import org.opensaml.Configuration;
import org.opensaml.common.impl.SecureRandomIdentifierGenerator;
import org.opensaml.common.xml.SAMLConstants;
import org.opensaml.saml2.core.AuthnContextClassRef;
@@ -67,163 +66,167 @@ import at.gv.egovernment.moa.id.configuration.config.ConfigurationProvider;
import at.gv.egovernment.moa.id.configuration.utils.SAML2Utils;
import at.gv.egovernment.moa.util.MiscUtil;
-
/**
* Servlet implementation class Authenticate
*/
public class Authenticate extends HttpServlet {
- private static final long serialVersionUID = 1L;
-
- private static final Logger log = LoggerFactory
- .getLogger(Authenticate.class);
-
- private static DocumentBuilderFactory factory = null;
-
- static {
- initialDocumentBuilderFactory();
- }
-
- synchronized private static void initialDocumentBuilderFactory() {
- factory = DocumentBuilderFactory.newInstance();
- factory.setNamespaceAware(true);
-
- }
-
- public Document asDOMDocument(XMLObject object) throws IOException,
- MarshallingException, TransformerException, ParserConfigurationException {
- try {
- DocumentBuilder builder = null;
- synchronized (factory) {
- builder = factory.newDocumentBuilder();
-
- }
-
- Document document = builder.newDocument();
- Marshaller out = Configuration.getMarshallerFactory().getMarshaller(
- object);
- out.marshall(object, document);
- return document;
-
- } catch (ParserConfigurationException e) {
- log.warn("PVP2 AuthenticationServlet can not be initialized.", e);
- throw e;
- }
-
- }
-
- protected void process(HttpServletRequest request,
- HttpServletResponse response, Map<String,String> legacyParameter) throws ServletException, IOException {
- try {
-
- ConfigurationProvider config = ConfigurationProvider.getInstance();
- config.initializePVP2Login();
-
- AuthnRequest authReq = SAML2Utils
- .createSAMLObject(AuthnRequest.class);
- SecureRandomIdentifierGenerator gen = new SecureRandomIdentifierGenerator();
- authReq.setID(gen.generateIdentifier());
-
- HttpSession session = request.getSession();
- if (session != null) {
- session.setAttribute(Constants.SESSION_PVP2REQUESTID, authReq.getID());
- }
-
- authReq.setAssertionConsumerServiceIndex(0);
- authReq.setAttributeConsumingServiceIndex(0);
- authReq.setIssueInstant(new DateTime());
- Subject subject = SAML2Utils.createSAMLObject(Subject.class);
- NameID name = SAML2Utils.createSAMLObject(NameID.class);
- Issuer issuer = SAML2Utils.createSAMLObject(Issuer.class);
-
- String serviceURL = config.getPublicUrlPreFix(request);
- if (!serviceURL.endsWith("/"))
- serviceURL = serviceURL + "/";
- name.setValue(serviceURL);
- issuer.setValue(serviceURL);
-
- subject.setNameID(name);
- authReq.setSubject(subject);
- issuer.setFormat(NameIDType.ENTITY);
- authReq.setIssuer(issuer);
- NameIDPolicy policy = SAML2Utils
- .createSAMLObject(NameIDPolicy.class);
- policy.setAllowCreate(true);
- policy.setFormat(NameID.PERSISTENT);
- authReq.setNameIDPolicy(policy);
-
- String entityname = config.getPVP2IDPMetadataEntityName();
- if (MiscUtil.isEmpty(entityname)) {
- log.info("No IDP EntityName configurated");
- throw new ConfigurationException("No IDP EntityName configurated");
- }
-
- HTTPMetadataProvider idpmetadata = config.getMetaDataProvier();
- EntityDescriptor idpEntity = idpmetadata.getEntityDescriptor(entityname);
- if (idpEntity == null) {
- log.info("IDP EntityName is not found in IDP Metadata");
- throw new ConfigurationException("IDP EntityName is not found in IDP Metadata");
- }
-
- SingleSignOnService redirectEndpoint = null;
- for (SingleSignOnService sss :
- idpEntity.getIDPSSODescriptor(SAMLConstants.SAML20P_NS).getSingleSignOnServices()) {
-
- //Get the service address for the binding you wish to use
- if (sss.getBinding().equals(SAMLConstants.SAML2_POST_BINDING_URI)) {
- redirectEndpoint = sss;
- }
- }
-
- authReq.setDestination(redirectEndpoint.getLocation());
-
- RequestedAuthnContext reqAuthContext =
- SAML2Utils.createSAMLObject(RequestedAuthnContext.class);
-
- AuthnContextClassRef authnClassRef =
- SAML2Utils.createSAMLObject(AuthnContextClassRef.class);
-
- authnClassRef.setAuthnContextClassRef("http://www.stork.gov.eu/1.0/citizenQAALevel/4");
-
- reqAuthContext.setComparison(AuthnContextComparisonTypeEnumeration.MINIMUM);
-
- reqAuthContext.getAuthnContextClassRefs().add(authnClassRef);
-
- authReq.setRequestedAuthnContext(reqAuthContext);
-
- //sign Message
- X509Credential authcredential = PVP2Utils.signMessage((AbstractSignableXMLObject) authReq, config);
-
- //encode message
- PVP2Utils.postBindingEncoder(request,
- response,
- authReq,
- authcredential,
- redirectEndpoint.getLocation(),
- null);
-
- } catch (Exception e) {
- log.warn("Authentication Request can not be generated", e);
- throw new ServletException("Authentication Request can not be generated.", e);
- }
- }
-
- /**
- * @see HttpServlet#doGet(HttpServletRequest request, HttpServletResponse
- * response)
- */
- protected void doGet(HttpServletRequest request,
- HttpServletResponse response) throws ServletException, IOException {
-
- process(request, response, null);
- }
-
- /**
- * @see HttpServlet#doPost(HttpServletRequest request, HttpServletResponse
- * response)
- */
- protected void doPost(HttpServletRequest request,
- HttpServletResponse response) throws ServletException, IOException {
- process(request, response, null);
- }
+ private static final long serialVersionUID = 1L;
+
+ private static final Logger log = LoggerFactory
+ .getLogger(Authenticate.class);
+
+ private static DocumentBuilderFactory factory = null;
+
+ static {
+ initialDocumentBuilderFactory();
+ }
+
+ synchronized private static void initialDocumentBuilderFactory() {
+ factory = DocumentBuilderFactory.newInstance();
+ factory.setNamespaceAware(true);
+
+ }
+
+ public Document asDOMDocument(XMLObject object) throws IOException,
+ MarshallingException, TransformerException, ParserConfigurationException {
+ try {
+ DocumentBuilder builder = null;
+ synchronized (factory) {
+ builder = factory.newDocumentBuilder();
+
+ }
+
+ final Document document = builder.newDocument();
+ final Marshaller out = org.opensaml.xml.Configuration.getMarshallerFactory().getMarshaller(
+ object);
+ out.marshall(object, document);
+ return document;
+
+ } catch (final ParserConfigurationException e) {
+ log.warn("PVP2 AuthenticationServlet can not be initialized.", e);
+ throw e;
+ }
+
+ }
+
+ protected void process(HttpServletRequest request,
+ HttpServletResponse response, Map<String, String> legacyParameter) throws ServletException,
+ IOException {
+ try {
+
+ final ConfigurationProvider config = ConfigurationProvider.getInstance();
+ config.initializePVP2Login();
+
+ final AuthnRequest authReq = SAML2Utils
+ .createSAMLObject(AuthnRequest.class);
+ final SecureRandomIdentifierGenerator gen = new SecureRandomIdentifierGenerator();
+ authReq.setID(gen.generateIdentifier());
+
+ final HttpSession session = request.getSession();
+ if (session != null) {
+ session.setAttribute(Constants.SESSION_PVP2REQUESTID, authReq.getID());
+ }
+
+ authReq.setAssertionConsumerServiceIndex(0);
+ authReq.setAttributeConsumingServiceIndex(0);
+ authReq.setIssueInstant(new DateTime());
+ final Subject subject = SAML2Utils.createSAMLObject(Subject.class);
+ final NameID name = SAML2Utils.createSAMLObject(NameID.class);
+ final Issuer issuer = SAML2Utils.createSAMLObject(Issuer.class);
+
+ String serviceURL = config.getPublicUrlPreFix(request);
+ if (!serviceURL.endsWith("/")) {
+ serviceURL = serviceURL + "/";
+ }
+ name.setValue(serviceURL);
+ issuer.setValue(serviceURL);
+
+ subject.setNameID(name);
+ authReq.setSubject(subject);
+ issuer.setFormat(NameIDType.ENTITY);
+ authReq.setIssuer(issuer);
+ final NameIDPolicy policy = SAML2Utils
+ .createSAMLObject(NameIDPolicy.class);
+ policy.setAllowCreate(true);
+ policy.setFormat(NameIDType.PERSISTENT);
+ authReq.setNameIDPolicy(policy);
+
+ final String entityname = config.getPVP2IDPMetadataEntityName();
+ if (MiscUtil.isEmpty(entityname)) {
+ log.info("No IDP EntityName configurated");
+ throw new ConfigurationException("No IDP EntityName configurated");
+ }
+
+ final HTTPMetadataProvider idpmetadata = config.getMetaDataProvier();
+ final EntityDescriptor idpEntity = idpmetadata.getEntityDescriptor(entityname);
+ if (idpEntity == null) {
+ log.info("IDP EntityName is not found in IDP Metadata");
+ throw new ConfigurationException("IDP EntityName is not found in IDP Metadata");
+ }
+
+ SingleSignOnService redirectEndpoint = null;
+ for (final SingleSignOnService sss : idpEntity.getIDPSSODescriptor(SAMLConstants.SAML20P_NS)
+ .getSingleSignOnServices()) {
+
+ // Get the service address for the binding you wish to use
+ if (sss.getBinding().equals(SAMLConstants.SAML2_POST_BINDING_URI)) {
+ redirectEndpoint = sss;
+ }
+ }
+
+ authReq.setDestination(redirectEndpoint.getLocation());
+
+ final RequestedAuthnContext reqAuthContext =
+ SAML2Utils.createSAMLObject(RequestedAuthnContext.class);
+
+ final AuthnContextClassRef authnClassRef =
+ SAML2Utils.createSAMLObject(AuthnContextClassRef.class);
+
+ authnClassRef.setAuthnContextClassRef("http://www.stork.gov.eu/1.0/citizenQAALevel/4");
+
+ reqAuthContext.setComparison(AuthnContextComparisonTypeEnumeration.MINIMUM);
+
+ reqAuthContext.getAuthnContextClassRefs().add(authnClassRef);
+
+ authReq.setRequestedAuthnContext(reqAuthContext);
+
+ // sign Message
+ final X509Credential authcredential = PVP2Utils.signMessage((AbstractSignableXMLObject) authReq,
+ config);
+
+ // encode message
+ PVP2Utils.postBindingEncoder(request,
+ response,
+ authReq,
+ authcredential,
+ redirectEndpoint.getLocation(),
+ null);
+
+ } catch (final Exception e) {
+ log.warn("Authentication Request can not be generated", e);
+ throw new ServletException("Authentication Request can not be generated.", e);
+ }
+ }
+
+ /**
+ * @see HttpServlet#doGet(HttpServletRequest request, HttpServletResponse
+ * response)
+ */
+ @Override
+ protected void doGet(HttpServletRequest request,
+ HttpServletResponse response) throws ServletException, IOException {
+
+ process(request, response, null);
+ }
+
+ /**
+ * @see HttpServlet#doPost(HttpServletRequest request, HttpServletResponse
+ * response)
+ */
+ @Override
+ protected void doPost(HttpServletRequest request,
+ HttpServletResponse response) throws ServletException, IOException {
+ process(request, response, null);
+ }
}
diff --git a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/auth/pvp2/servlets/BuildMetadata.java b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/auth/pvp2/servlets/BuildMetadata.java
index 7256d8688..ca03054aa 100644
--- a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/auth/pvp2/servlets/BuildMetadata.java
+++ b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/auth/pvp2/servlets/BuildMetadata.java
@@ -44,9 +44,7 @@ import javax.xml.transform.TransformerFactoryConfigurationError;
import javax.xml.transform.dom.DOMSource;
import javax.xml.transform.stream.StreamResult;
-import org.apache.log4j.Logger;
import org.joda.time.DateTime;
-import org.opensaml.Configuration;
import org.opensaml.common.impl.SecureRandomIdentifierGenerator;
import org.opensaml.common.xml.SAMLConstants;
import org.opensaml.saml2.core.NameIDType;
@@ -81,275 +79,274 @@ import at.gv.egovernment.moa.id.configuration.auth.pvp2.AttributeListBuilder;
import at.gv.egovernment.moa.id.configuration.config.ConfigurationProvider;
import at.gv.egovernment.moa.id.configuration.utils.SAML2Utils;
import at.gv.egovernment.moa.util.MiscUtil;
+import lombok.extern.slf4j.Slf4j;
/**
* Servlet implementation class BuildMetadata
*/
+@Slf4j
public class BuildMetadata extends HttpServlet {
- private static final long serialVersionUID = 1L;
-
- private static final Logger log = Logger.getLogger(BuildMetadata.class);
-
- private static final int VALIDUNTIL_IN_HOURS = 24;
-
- /**
- * @see HttpServlet#HttpServlet()
- */
- public BuildMetadata() {
- super();
- }
-
- protected static Signature getSignature(Credential credentials) {
- Signature signer = SAML2Utils.createSAMLObject(Signature.class);
- signer.setSignatureAlgorithm(SignatureConstants.ALGO_ID_SIGNATURE_RSA_SHA256);
- signer.setCanonicalizationAlgorithm(SignatureConstants.ALGO_ID_C14N_EXCL_OMIT_COMMENTS);
- signer.setSigningCredential(credentials);
- return signer;
- }
-
- /**
- * @see HttpServlet#doGet(HttpServletRequest request, HttpServletResponse
- * response)
- */
- protected void doGet(HttpServletRequest request,
- HttpServletResponse response) throws ServletException, IOException {
- try {
- ConfigurationProvider config = ConfigurationProvider.getInstance();
-
- //config.initializePVP2Login();
-
- SecureRandomIdentifierGenerator idGen = new SecureRandomIdentifierGenerator();
-
- EntitiesDescriptor spEntitiesDescriptor = SAML2Utils.
- createSAMLObject(EntitiesDescriptor.class);
-
- DateTime date = new DateTime();
- spEntitiesDescriptor.setValidUntil(date.plusHours(VALIDUNTIL_IN_HOURS));
-
- String name = config.getPVP2MetadataEntitiesName();
- if (MiscUtil.isEmpty(name)) {
- log.info("NO Metadata EntitiesName configurated");
- throw new ConfigurationException("NO Metadata EntitiesName configurated");
- }
-
- spEntitiesDescriptor.setName(name);
- spEntitiesDescriptor.setID(idGen.generateIdentifier());
-
- EntityDescriptor spEntityDescriptor = SAML2Utils
- .createSAMLObject(EntityDescriptor.class);
-
- spEntityDescriptor.setValidUntil(date.plusDays(VALIDUNTIL_IN_HOURS));
-
- spEntitiesDescriptor.getEntityDescriptors().add(spEntityDescriptor);
-
- String serviceURL = config.getPublicUrlPreFix(request);
- if (!serviceURL.endsWith("/"))
- serviceURL = serviceURL + "/";
-
- log.debug("Set OnlineApplicationURL to " + serviceURL);
- spEntityDescriptor.setEntityID(serviceURL);
-
- SPSSODescriptor spSSODescriptor = SAML2Utils
- .createSAMLObject(SPSSODescriptor.class);
-
- spSSODescriptor.setAuthnRequestsSigned(true);
- spSSODescriptor.setWantAssertionsSigned(true);
-
- X509KeyInfoGeneratorFactory keyInfoFactory = new X509KeyInfoGeneratorFactory();
- keyInfoFactory.setEmitEntityCertificate(true);
- KeyInfoGenerator keyInfoGenerator = keyInfoFactory.newInstance();
-
- KeyStore keyStore = config.getPVP2KeyStore();
-
- X509Credential signingcredential = new KeyStoreX509CredentialAdapter(
- keyStore,
- config.getPVP2KeystoreMetadataKeyAlias(),
- config.getPVP2KeystoreMetadataKeyPassword().toCharArray());
-
-
- log.debug("Set Metadata key information");
- //Set MetaData Signing key
- KeyDescriptor entitiesSignKeyDescriptor = SAML2Utils
- .createSAMLObject(KeyDescriptor.class);
- entitiesSignKeyDescriptor.setUse(UsageType.SIGNING);
- entitiesSignKeyDescriptor.setKeyInfo(keyInfoGenerator.generate(signingcredential));
- Signature entitiesSignature = getSignature(signingcredential);
- spEntitiesDescriptor.setSignature(entitiesSignature);
-
- //Set AuthRequest Signing certificate
- X509Credential authcredential = new KeyStoreX509CredentialAdapter(
- keyStore,
- config.getPVP2KeystoreAuthRequestKeyAlias(),
- config.getPVP2KeystoreAuthRequestKeyPassword().toCharArray());
- KeyDescriptor signKeyDescriptor = SAML2Utils
- .createSAMLObject(KeyDescriptor.class);
- signKeyDescriptor.setUse(UsageType.SIGNING);
- signKeyDescriptor.setKeyInfo(keyInfoGenerator.generate(authcredential));
- spSSODescriptor.getKeyDescriptors().add(signKeyDescriptor);
-
-
- //set AuthRequest encryption certificate
- if (MiscUtil.isNotEmpty(config.getPVP2KeystoreAuthRequestEncryptionKeyAlias())) {
- X509Credential authEncCredential = new KeyStoreX509CredentialAdapter(
- keyStore,
- config.getPVP2KeystoreAuthRequestEncryptionKeyAlias(),
- config.getPVP2KeystoreAuthRequestEncryptionKeyPassword().toCharArray());
- KeyDescriptor encryKeyDescriptor = SAML2Utils
- .createSAMLObject(KeyDescriptor.class);
- encryKeyDescriptor.setUse(UsageType.ENCRYPTION);
- encryKeyDescriptor.setKeyInfo(keyInfoGenerator.generate(authEncCredential));
- spSSODescriptor.getKeyDescriptors().add(encryKeyDescriptor);
-
- } else {
- log.warn("No Assertion Encryption-Key defined. This setting is not recommended!");
-
- }
-
-
- NameIDFormat persistentnameIDFormat = SAML2Utils.createSAMLObject(NameIDFormat.class);
- persistentnameIDFormat.setFormat(NameIDType.PERSISTENT);
-
- spSSODescriptor.getNameIDFormats().add(persistentnameIDFormat);
-
- NameIDFormat transientnameIDFormat = SAML2Utils.createSAMLObject(NameIDFormat.class);
- transientnameIDFormat.setFormat(NameIDType.TRANSIENT);
-
- spSSODescriptor.getNameIDFormats().add(transientnameIDFormat);
-
- NameIDFormat unspecifiednameIDFormat = SAML2Utils.createSAMLObject(NameIDFormat.class);
- unspecifiednameIDFormat.setFormat(NameIDType.UNSPECIFIED);
-
- spSSODescriptor.getNameIDFormats().add(unspecifiednameIDFormat);
-
- AssertionConsumerService postassertionConsumerService =
- SAML2Utils.createSAMLObject(AssertionConsumerService.class);
-
- postassertionConsumerService.setIndex(0);
- postassertionConsumerService.setBinding(SAMLConstants.SAML2_POST_BINDING_URI);
- postassertionConsumerService.setLocation(serviceURL + Constants.SERVLET_PVP2ASSERTION);
-
- spSSODescriptor.getAssertionConsumerServices().add(postassertionConsumerService);
-
-
- //add SLO services
- SingleLogoutService postBindingService = SAML2Utils.createSAMLObject(SingleLogoutService.class);
- postBindingService.setBinding(SAMLConstants.SAML2_POST_BINDING_URI);
- postBindingService.setLocation(serviceURL + Constants.SERVLET_SLO_FRONT);
- spSSODescriptor.getSingleLogoutServices().add(postBindingService);
-
- SingleLogoutService redirectBindingService = SAML2Utils.createSAMLObject(SingleLogoutService.class);
- redirectBindingService.setBinding(SAMLConstants.SAML2_REDIRECT_BINDING_URI);
- redirectBindingService.setLocation(serviceURL + Constants.SERVLET_SLO_FRONT);
- spSSODescriptor.getSingleLogoutServices().add(redirectBindingService);
-
- SingleLogoutService soapBindingService = SAML2Utils.createSAMLObject(SingleLogoutService.class);
- soapBindingService.setBinding(SAMLConstants.SAML2_SOAP11_BINDING_URI);
- soapBindingService.setLocation(serviceURL + Constants.SERVLET_SLO_BACK);
- spSSODescriptor.getSingleLogoutServices().add(soapBindingService);
-
- spSSODescriptor.addSupportedProtocol(SAMLConstants.SAML20P_NS);
-
- spEntityDescriptor.getRoleDescriptors().add(spSSODescriptor);
-
- spSSODescriptor.setWantAssertionsSigned(true);
- spSSODescriptor.setAuthnRequestsSigned(true);
-
- AttributeConsumingService attributeService =
- SAML2Utils.createSAMLObject(AttributeConsumingService.class);
-
- attributeService.setIndex(0);
- attributeService.setIsDefault(true);
- ServiceName serviceName = SAML2Utils.createSAMLObject(ServiceName.class);
- serviceName.setName(new LocalizedString("Default Service", "de"));
- attributeService.getNames().add(serviceName);
-
- attributeService.getRequestAttributes().addAll(AttributeListBuilder.getRequestedAttributes());
-
- spSSODescriptor.getAttributeConsumingServices().add(attributeService);
-
- DocumentBuilder builder;
- DocumentBuilderFactory factory = DocumentBuilderFactory.newInstance();
-
- builder = factory.newDocumentBuilder();
- Document document = builder.newDocument();
- Marshaller out = Configuration.getMarshallerFactory().getMarshaller(spEntitiesDescriptor);
- out.marshall(spEntitiesDescriptor, document);
-
- Signer.signObject(entitiesSignature);
-
- Transformer transformer = TransformerFactory.newInstance().newTransformer();
-
- StringWriter sw = new StringWriter();
- StreamResult sr = new StreamResult(sw);
- DOMSource source = new DOMSource(document);
- transformer.transform(source, sr);
- sw.close();
-
- byte[] metadataXML = sw.toString().getBytes("UTF-8");
-
- response.setContentType("text/xml");
- response.setContentLength(metadataXML.length);
- response.getOutputStream().write(metadataXML);
-
-
- } catch (ConfigurationException e) {
- log.warn("Configuration can not be loaded.", e);
- throw new ServletException("MetaData can not be created. Look into LogFiles for more details.");
-
- } catch (NoSuchAlgorithmException e) {
- log.warn("Requested Algorithm could not found.", e);
- throw new ServletException("MetaData can not be created. Look into LogFiles for more details.");
-
- } catch (KeyStoreException e) {
- log.warn("Requested KeyStoreType is not implemented.", e);
- throw new ServletException("MetaData can not be created. Look into LogFiles for more details.");
-
- } catch (CertificateException e) {
- log.warn("KeyStore can not be opend or userd.", e);
- throw new ServletException("MetaData can not be created. Look into LogFiles for more details.");
-
- } catch (SecurityException e) {
- log.warn("KeyStore can not be opend or used", e);
- throw new ServletException("MetaData can not be created. Look into LogFiles for more details.");
-
- } catch (ParserConfigurationException e) {
- log.warn("PVP2 Metadata createn error", e);
- throw new ServletException("MetaData can not be created. Look into LogFiles for more details.");
-
- } catch (MarshallingException e) {
- log.warn("PVP2 Metadata createn error", e);
- throw new ServletException("MetaData can not be created. Look into LogFiles for more details.");
-
- } catch (SignatureException e) {
- log.warn("PVP2 Metadata can not be signed", e);
- throw new ServletException("MetaData can not be created. Look into LogFiles for more details.");
-
- } catch (TransformerConfigurationException e) {
- log.warn("PVP2 Metadata createn error", e);
- throw new ServletException("MetaData can not be created. Look into LogFiles for more details.");
-
- } catch (TransformerFactoryConfigurationError e) {
- log.warn("PVP2 Metadata createn error", e);
- throw new ServletException("MetaData can not be created. Look into LogFiles for more details.");
-
- } catch (TransformerException e) {
- log.warn("PVP2 Metadata createn error", e);
- throw new ServletException("MetaData can not be created. Look into LogFiles for more details.");
- }
-
- catch (Exception e) {
- log.warn("Unspecific PVP2 Metadata createn error", e);
- throw new ServletException("MetaData can not be created. Look into LogFiles for more details.");
- }
-
- }
-
- /**
- * @see HttpServlet#doPost(HttpServletRequest request, HttpServletResponse
- * response)
- */
- protected void doPost(HttpServletRequest request,
- HttpServletResponse response) throws ServletException, IOException {
- }
+ private static final long serialVersionUID = 1L;
+
+ private static final int VALIDUNTIL_IN_HOURS = 24;
+
+ /**
+ * @see HttpServlet#HttpServlet()
+ */
+ public BuildMetadata() {
+ super();
+ }
+
+ protected static Signature getSignature(Credential credentials) {
+ final Signature signer = SAML2Utils.createSAMLObject(Signature.class);
+ signer.setSignatureAlgorithm(SignatureConstants.ALGO_ID_SIGNATURE_RSA_SHA256);
+ signer.setCanonicalizationAlgorithm(SignatureConstants.ALGO_ID_C14N_EXCL_OMIT_COMMENTS);
+ signer.setSigningCredential(credentials);
+ return signer;
+ }
+
+ /**
+ * @see HttpServlet#doGet(HttpServletRequest request, HttpServletResponse
+ * response)
+ */
+ @Override
+ protected void doGet(HttpServletRequest request,
+ HttpServletResponse response) throws ServletException, IOException {
+ try {
+ final ConfigurationProvider config = ConfigurationProvider.getInstance();
+
+ // config.initializePVP2Login();
+
+ final SecureRandomIdentifierGenerator idGen = new SecureRandomIdentifierGenerator();
+
+ final EntitiesDescriptor spEntitiesDescriptor = SAML2Utils.createSAMLObject(EntitiesDescriptor.class);
+
+ final DateTime date = new DateTime();
+ spEntitiesDescriptor.setValidUntil(date.plusHours(VALIDUNTIL_IN_HOURS));
+
+ final String name = config.getPVP2MetadataEntitiesName();
+ if (MiscUtil.isEmpty(name)) {
+ log.info("NO Metadata EntitiesName configurated");
+ throw new ConfigurationException("NO Metadata EntitiesName configurated");
+ }
+
+ spEntitiesDescriptor.setName(name);
+ spEntitiesDescriptor.setID(idGen.generateIdentifier());
+
+ final EntityDescriptor spEntityDescriptor = SAML2Utils
+ .createSAMLObject(EntityDescriptor.class);
+
+ spEntityDescriptor.setValidUntil(date.plusDays(VALIDUNTIL_IN_HOURS));
+
+ spEntitiesDescriptor.getEntityDescriptors().add(spEntityDescriptor);
+
+ String serviceURL = config.getPublicUrlPreFix(request);
+ if (!serviceURL.endsWith("/")) {
+ serviceURL = serviceURL + "/";
+ }
+
+ log.debug("Set OnlineApplicationURL to " + serviceURL);
+ spEntityDescriptor.setEntityID(serviceURL);
+
+ final SPSSODescriptor spSSODescriptor = SAML2Utils
+ .createSAMLObject(SPSSODescriptor.class);
+
+ spSSODescriptor.setAuthnRequestsSigned(true);
+ spSSODescriptor.setWantAssertionsSigned(true);
+
+ final X509KeyInfoGeneratorFactory keyInfoFactory = new X509KeyInfoGeneratorFactory();
+ keyInfoFactory.setEmitEntityCertificate(true);
+ final KeyInfoGenerator keyInfoGenerator = keyInfoFactory.newInstance();
+
+ final KeyStore keyStore = config.getPVP2KeyStore();
+
+ final X509Credential signingcredential = new KeyStoreX509CredentialAdapter(
+ keyStore,
+ config.getPVP2KeystoreMetadataKeyAlias(),
+ config.getPVP2KeystoreMetadataKeyPassword().toCharArray());
+
+ log.debug("Set Metadata key information");
+ // Set MetaData Signing key
+ final KeyDescriptor entitiesSignKeyDescriptor = SAML2Utils
+ .createSAMLObject(KeyDescriptor.class);
+ entitiesSignKeyDescriptor.setUse(UsageType.SIGNING);
+ entitiesSignKeyDescriptor.setKeyInfo(keyInfoGenerator.generate(signingcredential));
+ final Signature entitiesSignature = getSignature(signingcredential);
+ spEntitiesDescriptor.setSignature(entitiesSignature);
+
+ // Set AuthRequest Signing certificate
+ final X509Credential authcredential = new KeyStoreX509CredentialAdapter(
+ keyStore,
+ config.getPVP2KeystoreAuthRequestKeyAlias(),
+ config.getPVP2KeystoreAuthRequestKeyPassword().toCharArray());
+ final KeyDescriptor signKeyDescriptor = SAML2Utils
+ .createSAMLObject(KeyDescriptor.class);
+ signKeyDescriptor.setUse(UsageType.SIGNING);
+ signKeyDescriptor.setKeyInfo(keyInfoGenerator.generate(authcredential));
+ spSSODescriptor.getKeyDescriptors().add(signKeyDescriptor);
+
+ // set AuthRequest encryption certificate
+ if (MiscUtil.isNotEmpty(config.getPVP2KeystoreAuthRequestEncryptionKeyAlias())) {
+ final X509Credential authEncCredential = new KeyStoreX509CredentialAdapter(
+ keyStore,
+ config.getPVP2KeystoreAuthRequestEncryptionKeyAlias(),
+ config.getPVP2KeystoreAuthRequestEncryptionKeyPassword().toCharArray());
+ final KeyDescriptor encryKeyDescriptor = SAML2Utils
+ .createSAMLObject(KeyDescriptor.class);
+ encryKeyDescriptor.setUse(UsageType.ENCRYPTION);
+ encryKeyDescriptor.setKeyInfo(keyInfoGenerator.generate(authEncCredential));
+ spSSODescriptor.getKeyDescriptors().add(encryKeyDescriptor);
+
+ } else {
+ log.warn("No Assertion Encryption-Key defined. This setting is not recommended!");
+
+ }
+
+ final NameIDFormat persistentnameIDFormat = SAML2Utils.createSAMLObject(NameIDFormat.class);
+ persistentnameIDFormat.setFormat(NameIDType.PERSISTENT);
+
+ spSSODescriptor.getNameIDFormats().add(persistentnameIDFormat);
+
+ final NameIDFormat transientnameIDFormat = SAML2Utils.createSAMLObject(NameIDFormat.class);
+ transientnameIDFormat.setFormat(NameIDType.TRANSIENT);
+
+ spSSODescriptor.getNameIDFormats().add(transientnameIDFormat);
+
+ final NameIDFormat unspecifiednameIDFormat = SAML2Utils.createSAMLObject(NameIDFormat.class);
+ unspecifiednameIDFormat.setFormat(NameIDType.UNSPECIFIED);
+
+ spSSODescriptor.getNameIDFormats().add(unspecifiednameIDFormat);
+
+ final AssertionConsumerService postassertionConsumerService =
+ SAML2Utils.createSAMLObject(AssertionConsumerService.class);
+
+ postassertionConsumerService.setIndex(0);
+ postassertionConsumerService.setBinding(SAMLConstants.SAML2_POST_BINDING_URI);
+ postassertionConsumerService.setLocation(serviceURL + Constants.SERVLET_PVP2ASSERTION);
+
+ spSSODescriptor.getAssertionConsumerServices().add(postassertionConsumerService);
+
+ // add SLO services
+ final SingleLogoutService postBindingService = SAML2Utils.createSAMLObject(SingleLogoutService.class);
+ postBindingService.setBinding(SAMLConstants.SAML2_POST_BINDING_URI);
+ postBindingService.setLocation(serviceURL + Constants.SERVLET_SLO_FRONT);
+ spSSODescriptor.getSingleLogoutServices().add(postBindingService);
+
+ final SingleLogoutService redirectBindingService = SAML2Utils.createSAMLObject(
+ SingleLogoutService.class);
+ redirectBindingService.setBinding(SAMLConstants.SAML2_REDIRECT_BINDING_URI);
+ redirectBindingService.setLocation(serviceURL + Constants.SERVLET_SLO_FRONT);
+ spSSODescriptor.getSingleLogoutServices().add(redirectBindingService);
+
+ final SingleLogoutService soapBindingService = SAML2Utils.createSAMLObject(SingleLogoutService.class);
+ soapBindingService.setBinding(SAMLConstants.SAML2_SOAP11_BINDING_URI);
+ soapBindingService.setLocation(serviceURL + Constants.SERVLET_SLO_BACK);
+ spSSODescriptor.getSingleLogoutServices().add(soapBindingService);
+
+ spSSODescriptor.addSupportedProtocol(SAMLConstants.SAML20P_NS);
+
+ spEntityDescriptor.getRoleDescriptors().add(spSSODescriptor);
+
+ spSSODescriptor.setWantAssertionsSigned(true);
+ spSSODescriptor.setAuthnRequestsSigned(true);
+
+ final AttributeConsumingService attributeService =
+ SAML2Utils.createSAMLObject(AttributeConsumingService.class);
+
+ attributeService.setIndex(0);
+ attributeService.setIsDefault(true);
+ final ServiceName serviceName = SAML2Utils.createSAMLObject(ServiceName.class);
+ serviceName.setName(new LocalizedString("Default Service", "de"));
+ attributeService.getNames().add(serviceName);
+
+ attributeService.getRequestAttributes().addAll(AttributeListBuilder.getRequestedAttributes());
+
+ spSSODescriptor.getAttributeConsumingServices().add(attributeService);
+
+ DocumentBuilder builder;
+ final DocumentBuilderFactory factory = DocumentBuilderFactory.newInstance();
+
+ builder = factory.newDocumentBuilder();
+ final Document document = builder.newDocument();
+ final Marshaller out = org.opensaml.xml.Configuration.getMarshallerFactory().getMarshaller(
+ spEntitiesDescriptor);
+ out.marshall(spEntitiesDescriptor, document);
+
+ Signer.signObject(entitiesSignature);
+
+ final Transformer transformer = TransformerFactory.newInstance().newTransformer();
+
+ final StringWriter sw = new StringWriter();
+ final StreamResult sr = new StreamResult(sw);
+ final DOMSource source = new DOMSource(document);
+ transformer.transform(source, sr);
+ sw.close();
+
+ final byte[] metadataXML = sw.toString().getBytes("UTF-8");
+
+ response.setContentType("text/xml");
+ response.setContentLength(metadataXML.length);
+ response.getOutputStream().write(metadataXML);
+
+ } catch (final ConfigurationException e) {
+ log.warn("Configuration can not be loaded.", e);
+ throw new ServletException("MetaData can not be created. Look into LogFiles for more details.");
+
+ } catch (final NoSuchAlgorithmException e) {
+ log.warn("Requested Algorithm could not found.", e);
+ throw new ServletException("MetaData can not be created. Look into LogFiles for more details.");
+
+ } catch (final KeyStoreException e) {
+ log.warn("Requested KeyStoreType is not implemented.", e);
+ throw new ServletException("MetaData can not be created. Look into LogFiles for more details.");
+
+ } catch (final CertificateException e) {
+ log.warn("KeyStore can not be opend or userd.", e);
+ throw new ServletException("MetaData can not be created. Look into LogFiles for more details.");
+
+ } catch (final SecurityException e) {
+ log.warn("KeyStore can not be opend or used", e);
+ throw new ServletException("MetaData can not be created. Look into LogFiles for more details.");
+
+ } catch (final ParserConfigurationException e) {
+ log.warn("PVP2 Metadata createn error", e);
+ throw new ServletException("MetaData can not be created. Look into LogFiles for more details.");
+
+ } catch (final MarshallingException e) {
+ log.warn("PVP2 Metadata createn error", e);
+ throw new ServletException("MetaData can not be created. Look into LogFiles for more details.");
+
+ } catch (final SignatureException e) {
+ log.warn("PVP2 Metadata can not be signed", e);
+ throw new ServletException("MetaData can not be created. Look into LogFiles for more details.");
+
+ } catch (final TransformerConfigurationException e) {
+ log.warn("PVP2 Metadata createn error", e);
+ throw new ServletException("MetaData can not be created. Look into LogFiles for more details.");
+
+ } catch (final TransformerFactoryConfigurationError e) {
+ log.warn("PVP2 Metadata createn error", e);
+ throw new ServletException("MetaData can not be created. Look into LogFiles for more details.");
+
+ } catch (final TransformerException e) {
+ log.warn("PVP2 Metadata createn error", e);
+ throw new ServletException("MetaData can not be created. Look into LogFiles for more details.");
+ }
+
+ catch (final Exception e) {
+ log.warn("Unspecific PVP2 Metadata createn error", e);
+ throw new ServletException("MetaData can not be created. Look into LogFiles for more details.");
+ }
+
+ }
+
+ /**
+ * @see HttpServlet#doPost(HttpServletRequest request, HttpServletResponse
+ * response)
+ */
+ @Override
+ protected void doPost(HttpServletRequest request,
+ HttpServletResponse response) throws ServletException, IOException {
+ }
}
diff --git a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/auth/pvp2/servlets/SLOBackChannelServlet.java b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/auth/pvp2/servlets/SLOBackChannelServlet.java
index f2c95f391..01bf39696 100644
--- a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/auth/pvp2/servlets/SLOBackChannelServlet.java
+++ b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/auth/pvp2/servlets/SLOBackChannelServlet.java
@@ -64,111 +64,116 @@ import at.gv.egovernment.moa.id.configuration.auth.pvp2.PVP2Utils;
*/
public class SLOBackChannelServlet extends SLOBasicServlet {
- private static final long serialVersionUID = 1481623547633064922L;
- private static final Logger log = LoggerFactory
- .getLogger(SLOBackChannelServlet.class);
-
- /**
- * @throws ConfigurationException
- */
- public SLOBackChannelServlet() throws ConfigurationException {
- super();
- }
-
-
- protected void doPost(HttpServletRequest request,
- HttpServletResponse response) throws ServletException, IOException {
-
- try {
- HTTPSOAP11Decoder soapDecoder = new HTTPSOAP11Decoder(new BasicParserPool());
-
- BasicSOAPMessageContext messageContext = new BasicSOAPMessageContext();
-
-// BasicSAMLMessageContext<SAMLObject, ?, ?> messageContext =
+ private static final long serialVersionUID = 1481623547633064922L;
+ private static final Logger log = LoggerFactory
+ .getLogger(SLOBackChannelServlet.class);
+
+ /**
+ * @throws ConfigurationException
+ */
+ public SLOBackChannelServlet() throws ConfigurationException {
+ super();
+ }
+
+ @Override
+ protected void doPost(HttpServletRequest request,
+ HttpServletResponse response) throws ServletException, IOException {
+
+ try {
+ final HTTPSOAP11Decoder soapDecoder = new HTTPSOAP11Decoder(new BasicParserPool());
+
+ final BasicSOAPMessageContext messageContext = new BasicSOAPMessageContext();
+
+// BasicSAMLMessageContext<SAMLObject, ?, ?> messageContext =
// new BasicSAMLMessageContext<SAMLObject, SAMLObject, SAMLObject>();
-
- messageContext.setInboundMessageTransport(new HttpServletRequestAdapter(request));
- //messageContext.setMetadataProvider(getConfig().getMetaDataProvier());
-
- //set trustPolicy
+ messageContext.setInboundMessageTransport(new HttpServletRequestAdapter(request));
+
+ // messageContext.setMetadataProvider(getConfig().getMetaDataProvier());
+
+ // set trustPolicy
// BasicSecurityPolicy policy = new BasicSecurityPolicy();
// policy.getPolicyRules().add(
// new PVPSOAPRequestSecurityPolicy(
// PVP2Utils.getTrustEngine(getConfig()),
-// IDPSSODescriptor.DEFAULT_ELEMENT_NAME));
+// IDPSSODescriptor.DEFAULT_ELEMENT_NAME));
// SecurityPolicyResolver resolver = new StaticSecurityPolicyResolver(
-// policy);
+// policy);
// messageContext.setSecurityPolicyResolver(resolver);
-
- soapDecoder.decode(messageContext);
-
- Envelope inboundMessage = (Envelope) messageContext
- .getInboundMessage();
-
- LogoutResponse sloResp = null;
-
- if (inboundMessage.getBody() != null) {
- List<XMLObject> xmlElemList = inboundMessage.getBody().getUnknownXMLObjects();
-
- if (!xmlElemList.isEmpty() && xmlElemList.get(0) instanceof LogoutRequest) {
- LogoutRequest sloReq = (LogoutRequest) xmlElemList.get(0);
-
- //validate request signature
- PVP2Utils.validateSignature(sloReq, getConfig());
-
- sloResp = processLogOutRequest(sloReq, request);
-
- KeyStore keyStore = getConfig().getPVP2KeyStore();
- X509Credential authcredential = new KeyStoreX509CredentialAdapter(
- keyStore,
- getConfig().getPVP2KeystoreAuthRequestKeyAlias(),
- getConfig().getPVP2KeystoreAuthRequestKeyPassword().toCharArray());
-
- HTTPSOAP11Encoder encoder = new HTTPSOAP11Encoder();
- HttpServletResponseAdapter responseAdapter = new HttpServletResponseAdapter(
- response, true);
- BasicSAMLMessageContext<SAMLObject, SAMLObject, SAMLObject> context = new BasicSAMLMessageContext<SAMLObject, SAMLObject, SAMLObject>();
- context.setOutboundSAMLMessageSigningCredential(authcredential);
- context.setOutboundSAMLMessage(sloResp);
- context.setOutboundMessageTransport(responseAdapter);
-
- encoder.encode(context);
-
- } else {
- log.warn("Received request ist not of type LogOutRequest");
- response.setStatus(HttpServletResponse.SC_BAD_REQUEST);
- return;
-
- }
- }
-
- } catch (MessageDecodingException | SecurityException | NoSuchAlgorithmException | ConfigurationException | ValidationException e) {
- log.error("SLO message processing FAILED." , e);
- response.sendError(HttpServletResponse.SC_INTERNAL_SERVER_ERROR, StringEscapeUtils.escapeHtml(e.getMessage()));
-
- } catch (CertificateException e) {
- log.error("SLO message processing FAILED." , e);
- response.sendError(HttpServletResponse.SC_INTERNAL_SERVER_ERROR, StringEscapeUtils.escapeHtml(e.getMessage()));
-
- } catch (KeyStoreException e) {
- log.error("SLO message processing FAILED." , e);
- response.sendError(HttpServletResponse.SC_INTERNAL_SERVER_ERROR, StringEscapeUtils.escapeHtml(e.getMessage()));
-
- } catch (MessageEncodingException e) {
- log.error("SLO message processing FAILED." , e);
- response.sendError(HttpServletResponse.SC_INTERNAL_SERVER_ERROR, StringEscapeUtils.escapeHtml(e.getMessage()));
-
- }
-
-
-
- }
-
- protected void doGet(HttpServletRequest request,
- HttpServletResponse response) throws ServletException, IOException {
- response.setStatus(HttpServletResponse.SC_NOT_FOUND);
-
- }
-
+
+ soapDecoder.decode(messageContext);
+
+ final Envelope inboundMessage = (Envelope) messageContext
+ .getInboundMessage();
+
+ LogoutResponse sloResp = null;
+
+ if (inboundMessage.getBody() != null) {
+ final List<XMLObject> xmlElemList = inboundMessage.getBody().getUnknownXMLObjects();
+
+ if (!xmlElemList.isEmpty() && xmlElemList.get(0) instanceof LogoutRequest) {
+ final LogoutRequest sloReq = (LogoutRequest) xmlElemList.get(0);
+
+ // validate request signature
+ PVP2Utils.validateSignature(sloReq, getConfig());
+
+ sloResp = processLogOutRequest(sloReq, request);
+
+ final KeyStore keyStore = getConfig().getPVP2KeyStore();
+ final X509Credential authcredential = new KeyStoreX509CredentialAdapter(
+ keyStore,
+ getConfig().getPVP2KeystoreAuthRequestKeyAlias(),
+ getConfig().getPVP2KeystoreAuthRequestKeyPassword().toCharArray());
+
+ final HTTPSOAP11Encoder encoder = new HTTPSOAP11Encoder();
+ final HttpServletResponseAdapter responseAdapter = new HttpServletResponseAdapter(
+ response, true);
+ final BasicSAMLMessageContext<SAMLObject, SAMLObject, SAMLObject> context =
+ new BasicSAMLMessageContext<>();
+ context.setOutboundSAMLMessageSigningCredential(authcredential);
+ context.setOutboundSAMLMessage(sloResp);
+ context.setOutboundMessageTransport(responseAdapter);
+
+ encoder.encode(context);
+
+ } else {
+ log.warn("Received request ist not of type LogOutRequest");
+ response.setStatus(HttpServletResponse.SC_BAD_REQUEST);
+ return;
+
+ }
+ }
+
+ } catch (MessageDecodingException | SecurityException | NoSuchAlgorithmException | ConfigurationException
+ | ValidationException e) {
+ log.error("SLO message processing FAILED.", e);
+ response.sendError(HttpServletResponse.SC_INTERNAL_SERVER_ERROR, StringEscapeUtils.escapeHtml(e
+ .getMessage()));
+
+ } catch (final CertificateException e) {
+ log.error("SLO message processing FAILED.", e);
+ response.sendError(HttpServletResponse.SC_INTERNAL_SERVER_ERROR, StringEscapeUtils.escapeHtml(e
+ .getMessage()));
+
+ } catch (final KeyStoreException e) {
+ log.error("SLO message processing FAILED.", e);
+ response.sendError(HttpServletResponse.SC_INTERNAL_SERVER_ERROR, StringEscapeUtils.escapeHtml(e
+ .getMessage()));
+
+ } catch (final MessageEncodingException e) {
+ log.error("SLO message processing FAILED.", e);
+ response.sendError(HttpServletResponse.SC_INTERNAL_SERVER_ERROR, StringEscapeUtils.escapeHtml(e
+ .getMessage()));
+
+ }
+
+ }
+
+ @Override
+ protected void doGet(HttpServletRequest request,
+ HttpServletResponse response) throws ServletException, IOException {
+ response.setStatus(HttpServletResponse.SC_NOT_FOUND);
+
+ }
+
}
diff --git a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/auth/pvp2/servlets/SLOBasicServlet.java b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/auth/pvp2/servlets/SLOBasicServlet.java
index c70d34d7e..a880e800b 100644
--- a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/auth/pvp2/servlets/SLOBasicServlet.java
+++ b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/auth/pvp2/servlets/SLOBasicServlet.java
@@ -62,217 +62,226 @@ import at.gv.egovernment.moa.util.MiscUtil;
*
*/
public class SLOBasicServlet extends HttpServlet {
- private static final long serialVersionUID = -4547240664871845098L;
- private static final Logger log = LoggerFactory
- .getLogger(SLOBasicServlet.class);
-
- private ConfigurationProvider config;
-
- public SLOBasicServlet() throws ConfigurationException {
- config = ConfigurationProvider.getInstance();
- config.initializePVP2Login();
- }
-
- protected LogoutRequest createLogOutRequest(String nameID, String nameIDFormat, HttpServletRequest request) throws SLOException {
- try {
- LogoutRequest sloReq = SAML2Utils.createSAMLObject(LogoutRequest.class);
- SecureRandomIdentifierGenerator gen = new SecureRandomIdentifierGenerator();
- sloReq.setID(gen.generateIdentifier());
- sloReq.setIssueInstant(new DateTime());
- NameID name = SAML2Utils.createSAMLObject(NameID.class);
- Issuer issuer = SAML2Utils.createSAMLObject(Issuer.class);
-
- String serviceURL = config.getPublicUrlPreFix(request);
- if (!serviceURL.endsWith("/"))
- serviceURL = serviceURL + "/";
- name.setValue(serviceURL);
- issuer.setValue(serviceURL);
- issuer.setFormat(NameIDType.ENTITY);
- sloReq.setIssuer(issuer);
-
- NameID userNameID = SAML2Utils.createSAMLObject(NameID.class);
- sloReq.setNameID(userNameID);
- userNameID.setFormat(nameIDFormat);
- userNameID.setValue(nameID);
-
- return sloReq;
-
- } catch (NoSuchAlgorithmException e) {
- log.warn("Single LogOut request createn FAILED. ", e);
- throw new SLOException();
-
- }
-
- }
-
- protected LogoutResponse processLogOutRequest(LogoutRequest sloReq, HttpServletRequest request) throws NoSuchAlgorithmException {
- //check response destination
- String serviceURL = config.getPublicUrlPreFix(request);
- if (!serviceURL.endsWith("/"))
- serviceURL = serviceURL + "/";
-
- String responseDestination = sloReq.getDestination();
- if (MiscUtil.isEmpty(responseDestination) ||
- !responseDestination.startsWith(serviceURL)) {
- log.warn("PVPResponse destination does not match requested destination");
- return createSLOResponse(sloReq, StatusCode.REQUESTER_URI, request);
- }
-
- AuthenticationManager authManager = AuthenticationManager.getInstance();
- if (authManager.isActiveUser(sloReq.getNameID().getValue())) {
- AuthenticatedUser authUser = authManager.getActiveUser(sloReq.getNameID().getValue());
- log.info("User " + authUser.getGivenName() + " " + authUser.getFamilyName() + " with nameID:"
- + authUser.getNameID() + " get logged out by Single LogOut request.");
- authManager.removeActiveUser(authUser);
- HttpSession session = request.getSession(false);
- if (session != null)
- session.invalidate();
- return createSLOResponse(sloReq, StatusCode.SUCCESS_URI, request);
-
- } else {
- log.debug("Single LogOut not possible! User with nameID:" + sloReq.getNameID().getValue() + " is not found.");
- return createSLOResponse(sloReq, StatusCode.SUCCESS_URI, request);
-
- }
-
- }
-
- protected LogoutResponse createSLOResponse(LogoutRequest sloReq, String statusCodeURI, HttpServletRequest request) throws NoSuchAlgorithmException {
- LogoutResponse sloResp = SAML2Utils.createSAMLObject(LogoutResponse.class);
- SecureRandomIdentifierGenerator gen = new SecureRandomIdentifierGenerator();
- sloResp.setID(gen.generateIdentifier());
- sloResp.setInResponseTo(sloReq.getID());
- sloResp.setIssueInstant(new DateTime());
- NameID name = SAML2Utils.createSAMLObject(NameID.class);
- Issuer issuer = SAML2Utils.createSAMLObject(Issuer.class);
-
- String serviceURL = config.getPublicUrlPreFix(request);
- if (!serviceURL.endsWith("/"))
- serviceURL = serviceURL + "/";
- name.setValue(serviceURL);
- issuer.setValue(serviceURL);
- issuer.setFormat(NameIDType.ENTITY);
- sloResp.setIssuer(issuer);
-
- Status status = SAML2Utils.createSAMLObject(Status.class);
- sloResp.setStatus(status);
- StatusCode statusCode = SAML2Utils.createSAMLObject(StatusCode.class);
- statusCode.setValue(statusCodeURI);
- status.setStatusCode(statusCode );
-
- return sloResp;
- }
-
- protected void validateLogOutResponse(LogoutResponse sloResp, String reqID, HttpServletRequest request, HttpServletResponse response) throws PVP2Exception {
- //ckeck InResponseTo matchs requestID
- if (MiscUtil.isEmpty(reqID)) {
- log.info("NO Sigle LogOut request ID");
- throw new PVP2Exception("NO Sigle LogOut request ID");
- }
-
- if (!reqID.equals(sloResp.getInResponseTo())) {
- log.warn("SLORequestID does not match SLO Response ID!");
- throw new PVP2Exception("SLORequestID does not match SLO Response ID!");
-
- }
-
- //check response destination
- String serviceURL = config.getPublicUrlPreFix(request);
- if (!serviceURL.endsWith("/"))
- serviceURL = serviceURL + "/";
-
- String responseDestination = sloResp.getDestination();
- if (MiscUtil.isEmpty(responseDestination) ||
- !responseDestination.startsWith(serviceURL)) {
- log.warn("PVPResponse destination does not match requested destination");
- throw new PVP2Exception("SLO response destination does not match requested destination");
- }
-
- request.getSession().invalidate();
-
- if (sloResp.getStatus().getStatusCode().getValue().equals(StatusCode.PARTIAL_LOGOUT_URI)) {
- log.warn("Single LogOut process is not completed.");
- request.getSession().setAttribute(Constants.SESSION_SLOERROR,
- LanguageHelper.getErrorString("webpages.slo.error", request));
-
-
- } else if (sloResp.getStatus().getStatusCode().getValue().equals(StatusCode.SUCCESS_URI)) {
-
- if (sloResp.getStatus().getStatusCode().getStatusCode() != null &&
- !sloResp.getStatus().getStatusCode().getStatusCode().equals(StatusCode.PARTIAL_LOGOUT_URI)) {
- log.info("Single LogOut process complete.");
- request.getSession().setAttribute(Constants.SESSION_SLOSUCCESS,
- LanguageHelper.getErrorString("webpages.slo.success", request));
-
- } else {
- log.warn("Single LogOut process is not completed.");
- request.getSession().setAttribute(Constants.SESSION_SLOERROR,
- LanguageHelper.getErrorString("webpages.slo.error", request));
-
- }
-
- } else {
- log.warn("Single LogOut response sends an unsupported statustype " + sloResp.getStatus().getStatusCode().getValue());
- request.getSession().setAttribute(Constants.SESSION_SLOERROR,
- LanguageHelper.getErrorString("webpages.slo.error", request));
-
- }
- String redirectURL = serviceURL + Constants.SERVLET_LOGOUT;
- redirectURL = response.encodeRedirectURL(redirectURL);
- response.setContentType("text/html");
- response.setStatus(302);
- response.addHeader("Location", redirectURL);
-
- }
-
- protected SingleLogoutService findIDPFrontChannelSLOService() throws
- ConfigurationException, SLOException {
-
- String entityname = config.getPVP2IDPMetadataEntityName();
- if (MiscUtil.isEmpty(entityname)) {
- log.info("No IDP EntityName configurated");
- throw new ConfigurationException("No IDP EntityName configurated");
- }
-
- //get IDP metadata from metadataprovider
- HTTPMetadataProvider idpmetadata = config.getMetaDataProvier();
- try {
- EntityDescriptor idpEntity = idpmetadata.getEntityDescriptor(entityname);
- if (idpEntity == null) {
- log.info("IDP EntityName is not found in IDP Metadata");
- throw new ConfigurationException("IDP EntityName is not found in IDP Metadata");
-
- }
-
- //select authentication-service url from metadata
- SingleLogoutService redirectEndpoint = null;
- for (SingleLogoutService sss :
- idpEntity.getIDPSSODescriptor(SAMLConstants.SAML20P_NS).getSingleLogoutServices()) {
-
- //Get the service address for the binding you wish to use
- if (sss.getBinding().equals(SAMLConstants.SAML2_REDIRECT_BINDING_URI))
- redirectEndpoint = sss;
-
- else if (sss.getBinding().equals(SAMLConstants.SAML2_POST_BINDING_URI) &&
- redirectEndpoint == null)
- redirectEndpoint = sss;
- }
-
- if (redirectEndpoint == null) {
- log.warn("Single LogOut FAILED: IDP implements no frontchannel SLO service.");
- throw new SLOException("Single LogOut FAILED: IDP implements no frontchannel SLO service.");
- }
-
- return redirectEndpoint;
- } catch (MetadataProviderException e) {
- log.info("IDP EntityName is not found in IDP Metadata", e);
- throw new ConfigurationException("IDP EntityName is not found in IDP Metadata");
-
- }
- }
-
- protected ConfigurationProvider getConfig() {
- return config;
- }
+ private static final long serialVersionUID = -4547240664871845098L;
+ private static final Logger log = LoggerFactory
+ .getLogger(SLOBasicServlet.class);
+
+ private final ConfigurationProvider config;
+
+ public SLOBasicServlet() throws ConfigurationException {
+ config = ConfigurationProvider.getInstance();
+ config.initializePVP2Login();
+ }
+
+ protected LogoutRequest createLogOutRequest(String nameID, String nameIDFormat, HttpServletRequest request)
+ throws SLOException {
+ try {
+ final LogoutRequest sloReq = SAML2Utils.createSAMLObject(LogoutRequest.class);
+ final SecureRandomIdentifierGenerator gen = new SecureRandomIdentifierGenerator();
+ sloReq.setID(gen.generateIdentifier());
+ sloReq.setIssueInstant(new DateTime());
+ final NameID name = SAML2Utils.createSAMLObject(NameID.class);
+ final Issuer issuer = SAML2Utils.createSAMLObject(Issuer.class);
+
+ String serviceURL = config.getPublicUrlPreFix(request);
+ if (!serviceURL.endsWith("/")) {
+ serviceURL = serviceURL + "/";
+ }
+ name.setValue(serviceURL);
+ issuer.setValue(serviceURL);
+ issuer.setFormat(NameIDType.ENTITY);
+ sloReq.setIssuer(issuer);
+
+ final NameID userNameID = SAML2Utils.createSAMLObject(NameID.class);
+ sloReq.setNameID(userNameID);
+ userNameID.setFormat(nameIDFormat);
+ userNameID.setValue(nameID);
+
+ return sloReq;
+
+ } catch (final NoSuchAlgorithmException e) {
+ log.warn("Single LogOut request createn FAILED. ", e);
+ throw new SLOException();
+
+ }
+
+ }
+
+ protected LogoutResponse processLogOutRequest(LogoutRequest sloReq, HttpServletRequest request)
+ throws NoSuchAlgorithmException {
+ // check response destination
+ String serviceURL = config.getPublicUrlPreFix(request);
+ if (!serviceURL.endsWith("/")) {
+ serviceURL = serviceURL + "/";
+ }
+
+ final String responseDestination = sloReq.getDestination();
+ if (MiscUtil.isEmpty(responseDestination) ||
+ !responseDestination.startsWith(serviceURL)) {
+ log.warn("PVPResponse destination does not match requested destination");
+ return createSLOResponse(sloReq, StatusCode.REQUESTER_URI, request);
+ }
+
+ final AuthenticationManager authManager = AuthenticationManager.getInstance();
+ if (authManager.isActiveUser(sloReq.getNameID().getValue())) {
+ final AuthenticatedUser authUser = authManager.getActiveUser(sloReq.getNameID().getValue());
+ log.info("User " + authUser.getGivenName() + " " + authUser.getFamilyName() + " with nameID:"
+ + authUser.getNameID() + " get logged out by Single LogOut request.");
+ authManager.removeActiveUser(authUser);
+ final HttpSession session = request.getSession(false);
+ if (session != null) {
+ session.invalidate();
+ }
+ return createSLOResponse(sloReq, StatusCode.SUCCESS_URI, request);
+
+ } else {
+ log.debug("Single LogOut not possible! User with nameID:" + sloReq.getNameID().getValue()
+ + " is not found.");
+ return createSLOResponse(sloReq, StatusCode.SUCCESS_URI, request);
+
+ }
+
+ }
+
+ protected LogoutResponse createSLOResponse(LogoutRequest sloReq, String statusCodeURI,
+ HttpServletRequest request) throws NoSuchAlgorithmException {
+ final LogoutResponse sloResp = SAML2Utils.createSAMLObject(LogoutResponse.class);
+ final SecureRandomIdentifierGenerator gen = new SecureRandomIdentifierGenerator();
+ sloResp.setID(gen.generateIdentifier());
+ sloResp.setInResponseTo(sloReq.getID());
+ sloResp.setIssueInstant(new DateTime());
+ final NameID name = SAML2Utils.createSAMLObject(NameID.class);
+ final Issuer issuer = SAML2Utils.createSAMLObject(Issuer.class);
+
+ String serviceURL = config.getPublicUrlPreFix(request);
+ if (!serviceURL.endsWith("/")) {
+ serviceURL = serviceURL + "/";
+ }
+ name.setValue(serviceURL);
+ issuer.setValue(serviceURL);
+ issuer.setFormat(NameIDType.ENTITY);
+ sloResp.setIssuer(issuer);
+
+ final Status status = SAML2Utils.createSAMLObject(Status.class);
+ sloResp.setStatus(status);
+ final StatusCode statusCode = SAML2Utils.createSAMLObject(StatusCode.class);
+ statusCode.setValue(statusCodeURI);
+ status.setStatusCode(statusCode);
+
+ return sloResp;
+ }
+
+ protected void validateLogOutResponse(LogoutResponse sloResp, String reqID, HttpServletRequest request,
+ HttpServletResponse response) throws PVP2Exception {
+ // ckeck InResponseTo matchs requestID
+ if (MiscUtil.isEmpty(reqID)) {
+ log.info("NO Sigle LogOut request ID");
+ throw new PVP2Exception("NO Sigle LogOut request ID");
+ }
+
+ if (!reqID.equals(sloResp.getInResponseTo())) {
+ log.warn("SLORequestID does not match SLO Response ID!");
+ throw new PVP2Exception("SLORequestID does not match SLO Response ID!");
+
+ }
+
+ // check response destination
+ String serviceURL = config.getPublicUrlPreFix(request);
+ if (!serviceURL.endsWith("/")) {
+ serviceURL = serviceURL + "/";
+ }
+
+ final String responseDestination = sloResp.getDestination();
+ if (MiscUtil.isEmpty(responseDestination) ||
+ !responseDestination.startsWith(serviceURL)) {
+ log.warn("PVPResponse destination does not match requested destination");
+ throw new PVP2Exception("SLO response destination does not match requested destination");
+ }
+
+ request.getSession().invalidate();
+
+ if (sloResp.getStatus().getStatusCode().getValue().equals(StatusCode.PARTIAL_LOGOUT_URI)) {
+ log.warn("Single LogOut process is not completed.");
+ request.getSession().setAttribute(Constants.SESSION_SLOERROR,
+ LanguageHelper.getErrorString("webpages.slo.error", request));
+
+ } else if (sloResp.getStatus().getStatusCode().getValue().equals(StatusCode.SUCCESS_URI)) {
+
+ if (sloResp.getStatus().getStatusCode().getStatusCode() != null &&
+ !sloResp.getStatus().getStatusCode().getStatusCode().equals(StatusCode.PARTIAL_LOGOUT_URI)) {
+ log.info("Single LogOut process complete.");
+ request.getSession().setAttribute(Constants.SESSION_SLOSUCCESS,
+ LanguageHelper.getErrorString("webpages.slo.success", request));
+
+ } else {
+ log.warn("Single LogOut process is not completed.");
+ request.getSession().setAttribute(Constants.SESSION_SLOERROR,
+ LanguageHelper.getErrorString("webpages.slo.error", request));
+
+ }
+
+ } else {
+ log.warn("Single LogOut response sends an unsupported statustype " + sloResp.getStatus().getStatusCode()
+ .getValue());
+ request.getSession().setAttribute(Constants.SESSION_SLOERROR,
+ LanguageHelper.getErrorString("webpages.slo.error", request));
+
+ }
+ String redirectURL = serviceURL + Constants.SERVLET_LOGOUT;
+ redirectURL = response.encodeRedirectURL(redirectURL);
+ response.setContentType("text/html");
+ response.setStatus(302);
+ response.addHeader("Location", redirectURL);
+
+ }
+
+ protected SingleLogoutService findIDPFrontChannelSLOService() throws ConfigurationException, SLOException {
+
+ final String entityname = config.getPVP2IDPMetadataEntityName();
+ if (MiscUtil.isEmpty(entityname)) {
+ log.info("No IDP EntityName configurated");
+ throw new ConfigurationException("No IDP EntityName configurated");
+ }
+
+ // get IDP metadata from metadataprovider
+ final HTTPMetadataProvider idpmetadata = config.getMetaDataProvier();
+ try {
+ final EntityDescriptor idpEntity = idpmetadata.getEntityDescriptor(entityname);
+ if (idpEntity == null) {
+ log.info("IDP EntityName is not found in IDP Metadata");
+ throw new ConfigurationException("IDP EntityName is not found in IDP Metadata");
+
+ }
+
+ // select authentication-service url from metadata
+ SingleLogoutService redirectEndpoint = null;
+ for (final SingleLogoutService sss : idpEntity.getIDPSSODescriptor(SAMLConstants.SAML20P_NS)
+ .getSingleLogoutServices()) {
+
+ // Get the service address for the binding you wish to use
+ if (sss.getBinding().equals(SAMLConstants.SAML2_REDIRECT_BINDING_URI)) {
+ redirectEndpoint = sss;
+ } else if (sss.getBinding().equals(SAMLConstants.SAML2_POST_BINDING_URI) &&
+ redirectEndpoint == null) {
+ redirectEndpoint = sss;
+ }
+ }
+
+ if (redirectEndpoint == null) {
+ log.warn("Single LogOut FAILED: IDP implements no frontchannel SLO service.");
+ throw new SLOException("Single LogOut FAILED: IDP implements no frontchannel SLO service.");
+ }
+
+ return redirectEndpoint;
+ } catch (final MetadataProviderException e) {
+ log.info("IDP EntityName is not found in IDP Metadata", e);
+ throw new ConfigurationException("IDP EntityName is not found in IDP Metadata");
+
+ }
+ }
+
+ protected ConfigurationProvider getConfig() {
+ return config;
+ }
}
diff --git a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/auth/pvp2/servlets/SLOFrontChannelServlet.java b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/auth/pvp2/servlets/SLOFrontChannelServlet.java
index 274aa21bf..ac9d65cbf 100644
--- a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/auth/pvp2/servlets/SLOFrontChannelServlet.java
+++ b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/auth/pvp2/servlets/SLOFrontChannelServlet.java
@@ -77,221 +77,230 @@ import at.gv.egovernment.moa.util.MiscUtil;
*/
public class SLOFrontChannelServlet extends SLOBasicServlet {
- private static final long serialVersionUID = -6280199681356977759L;
- private static final Logger log = LoggerFactory
- .getLogger(SLOFrontChannelServlet.class);
-
- /**
- * @throws ConfigurationException
- */
- public SLOFrontChannelServlet() throws ConfigurationException {
- super();
- }
-
- /**
- * @see HttpServlet#doGet(HttpServletRequest request, HttpServletResponse
- * response)
- */
- protected void doGet(HttpServletRequest request,
- HttpServletResponse response) throws ServletException, IOException {
- try {
- if (MiscUtil.isNotEmpty(request.getParameter(Constants.REQUEST_USERSLO))) {
- //process user initiated single logout process
- Object authUserObj = request.getSession().getAttribute(Constants.SESSION_AUTH);
-
- if (authUserObj == null) {
- log.warn("No user information found. Single Log-Out not possible");
- buildErrorMessage(request, response);
-
- }
-
- AuthenticatedUser authUser = (AuthenticatedUser) authUserObj;
-
- String nameIDFormat = authUser.getNameIDFormat();
- String nameID = authUser.getNameID();
-
- //remove user
- AuthenticationManager authManager = AuthenticationManager.getInstance();
- authManager.removeActiveUser(authUser);
-
- if (MiscUtil.isEmpty(nameID) || MiscUtil.isEmpty(nameIDFormat)) {
- log.warn("No user information found. Single Log-Out not possible");
- buildErrorMessage(request, response);
-
- } else
- log.info("Fount user information for user nameID: " + nameID
- + " , nameIDFormat: " + nameIDFormat
- + ". Build Single Log-Out request ...");
-
- //build SLO request to IDP
- LogoutRequest sloReq = createLogOutRequest(nameID, nameIDFormat, request);
-
- request.getSession().setAttribute(Constants.SESSION_PVP2REQUESTID, sloReq.getID());
-
- //send message
- sendMessage(request, response, sloReq, null);
-
- } else {
- //process PVP 2.1 single logout process
- HTTPRedirectDeflateDecoder decode = new HTTPRedirectDeflateDecoder(
- new BasicParserPool());
- BasicSAMLMessageContext<SAMLObject, ?, ?> messageContext = new BasicSAMLMessageContext<SAMLObject, SAMLObject, SAMLObject>();
- messageContext.setInboundMessageTransport(new HttpServletRequestAdapter(request));
- messageContext.setMetadataProvider(getConfig().getMetaDataProvier());
-
- SAML2HTTPRedirectDeflateSignatureRule signatureRule = new SAML2HTTPRedirectDeflateSignatureRule(
- PVP2Utils.getTrustEngine(getConfig()));
- SAML2AuthnRequestsSignedRule signedRole = new SAML2AuthnRequestsSignedRule();
- BasicSecurityPolicy policy = new BasicSecurityPolicy();
- policy.getPolicyRules().add(signatureRule);
- policy.getPolicyRules().add(signedRole);
- SecurityPolicyResolver resolver = new StaticSecurityPolicyResolver(
- policy);
- messageContext.setSecurityPolicyResolver(resolver);
- messageContext.setPeerEntityRole(IDPSSODescriptor.DEFAULT_ELEMENT_NAME);
-
- decode.decode(messageContext);
-
- signatureRule.evaluate(messageContext);
-
-
- processMessage(request, response,
- messageContext.getInboundMessage(), messageContext.getRelayState());
-
- }
-
- } catch (SLOException e) {
- log.error("Single LogOut processing error.", e);
- buildErrorMessage(request, response);
-
- } catch (ConfigurationException e) {
- log.error("Single LogOut processing error.", e);
- buildErrorMessage(request, response);
-
- } catch (PVP2Exception e) {
- log.error("Single LogOut processing error.", e);
- buildErrorMessage(request, response);
-
- } catch (SecurityPolicyException e) {
- log.error("Single LogOut processing error.", e);
- buildErrorMessage(request, response);
-
- } catch (MessageDecodingException e) {
- log.error("Single LogOut processing error.", e);
- buildErrorMessage(request, response);
-
- } catch (SecurityException e) {
- log.error("Single LogOut processing error.", e);
- buildErrorMessage(request, response);
-
- } catch (NoSuchAlgorithmException e) {
- log.error("Single LogOut processing error.", e);
- buildErrorMessage(request, response);
-
- }
- }
-
- /**
- * @see HttpServlet#doPost(HttpServletRequest request, HttpServletResponse
- * response)
- */
- protected void doPost(HttpServletRequest request,
- HttpServletResponse response) throws ServletException, IOException {
- try {
- HTTPPostDecoder decode = new HTTPPostDecoder(new BasicParserPool());
- BasicSAMLMessageContext<Response, ?, ?> messageContext = new BasicSAMLMessageContext<Response, SAMLObject, SAMLObject>();
- messageContext.setInboundMessageTransport(new HttpServletRequestAdapter(request));
- decode.decode(messageContext);
-
- PVP2Utils.validateSignature((SignableXMLObject) messageContext.getInboundMessage(), getConfig());
-
- processMessage(request, response,
- messageContext.getInboundMessage(), messageContext.getRelayState());
-
-
- } catch (MessageDecodingException e) {
- log.error("Single LogOut processing error.", e);
- buildErrorMessage(request, response);
-
- } catch (SecurityException e) {
- log.error("Single LogOut processing error.", e);
- buildErrorMessage(request, response);
-
- } catch (ValidationException e) {
- log.error("Single LogOut processing error.", e);
- buildErrorMessage(request, response);
-
- } catch (ConfigurationException e) {
- log.error("Single LogOut processing error.", e);
- buildErrorMessage(request, response);
-
- } catch (PVP2Exception e) {
- log.error("Single LogOut processing error.", e);
- buildErrorMessage(request, response);
-
- } catch (NoSuchAlgorithmException e) {
- log.error("Single LogOut processing error.", e);
- buildErrorMessage(request, response);
-
- }
- }
-
- private void buildErrorMessage(HttpServletRequest request, HttpServletResponse response) {
-
- request.getSession().setAttribute(Constants.SESSION_SLOERROR,
- LanguageHelper.getErrorString("webpages.slo.error", request));
-
- //check response destination
- String serviceURL = getConfig().getPublicUrlPreFix(request);
- if (!serviceURL.endsWith("/"))
- serviceURL = serviceURL + "/";
-
- String redirectURL = serviceURL + Constants.SERVLET_LOGOUT;
- redirectURL = response.encodeRedirectURL(redirectURL);
- response.setContentType("text/html");
- response.setStatus(302);
- response.addHeader("Location", redirectURL);
- }
-
- private void processMessage(HttpServletRequest request, HttpServletResponse response,
- XMLObject xmlObject, String relayState) throws ConfigurationException, PVP2Exception, NoSuchAlgorithmException {
- if (xmlObject instanceof LogoutRequest) {
- LogoutResponse sloResp =
- processLogOutRequest((LogoutRequest) xmlObject, request);
- sendMessage(request, response, sloResp, relayState);
-
- } else if (xmlObject instanceof LogoutResponse) {
- LogoutResponse sloResp = (LogoutResponse) xmlObject;
-
- String reqID = (String) request.getSession().getAttribute(Constants.SESSION_PVP2REQUESTID);
- request.getSession().setAttribute(Constants.SESSION_PVP2REQUESTID, null);
- validateLogOutResponse(sloResp, reqID, request, response);
-
- }
- }
-
- private void sendMessage(HttpServletRequest request, HttpServletResponse response,
- RequestAbstractType sloReq, String relayState) throws ConfigurationException, PVP2Exception {
- SingleLogoutService sloService = findIDPFrontChannelSLOService();
- sloReq.setDestination(sloService.getLocation());
- sendMessage(request, response, sloReq, sloService, relayState);
- }
-
- private void sendMessage(HttpServletRequest request, HttpServletResponse response,
- StatusResponseType sloReq, String relayState) throws ConfigurationException, PVP2Exception {
- SingleLogoutService sloService = findIDPFrontChannelSLOService();
- sloReq.setDestination(sloService.getLocation());
- sendMessage(request, response, sloReq, sloService, relayState);
- }
-
- private void sendMessage(HttpServletRequest request, HttpServletResponse response,
- SignableSAMLObject sloReq, SingleLogoutService sloService, String relayState) throws ConfigurationException, PVP2Exception {
- X509Credential authcredential = PVP2Utils.signMessage((AbstractSignableXMLObject) sloReq, getConfig());
- if (sloService.getBinding().equals(SAMLConstants.SAML2_POST_BINDING_URI))
- PVP2Utils.postBindingEncoder(request, response, sloReq, authcredential, sloService.getLocation(), relayState);
-
- else if (sloService.getBinding().equals(SAMLConstants.SAML2_REDIRECT_BINDING_URI))
- PVP2Utils.redirectBindingEncoder(request, response, sloReq, authcredential, sloService.getLocation(), relayState);
- }
-
+ private static final long serialVersionUID = -6280199681356977759L;
+ private static final Logger log = LoggerFactory
+ .getLogger(SLOFrontChannelServlet.class);
+
+ /**
+ * @throws ConfigurationException
+ */
+ public SLOFrontChannelServlet() throws ConfigurationException {
+ super();
+ }
+
+ /**
+ * @see HttpServlet#doGet(HttpServletRequest request, HttpServletResponse
+ * response)
+ */
+ @Override
+ protected void doGet(HttpServletRequest request,
+ HttpServletResponse response) throws ServletException, IOException {
+ try {
+ if (MiscUtil.isNotEmpty(request.getParameter(Constants.REQUEST_USERSLO))) {
+ // process user initiated single logout process
+ final Object authUserObj = request.getSession().getAttribute(Constants.SESSION_AUTH);
+
+ if (authUserObj == null) {
+ log.warn("No user information found. Single Log-Out not possible");
+ buildErrorMessage(request, response);
+
+ }
+
+ final AuthenticatedUser authUser = (AuthenticatedUser) authUserObj;
+
+ final String nameIDFormat = authUser.getNameIDFormat();
+ final String nameID = authUser.getNameID();
+
+ // remove user
+ final AuthenticationManager authManager = AuthenticationManager.getInstance();
+ authManager.removeActiveUser(authUser);
+
+ if (MiscUtil.isEmpty(nameID) || MiscUtil.isEmpty(nameIDFormat)) {
+ log.warn("No user information found. Single Log-Out not possible");
+ buildErrorMessage(request, response);
+
+ } else {
+ log.info("Fount user information for user nameID: " + nameID
+ + " , nameIDFormat: " + nameIDFormat
+ + ". Build Single Log-Out request ...");
+ }
+
+ // build SLO request to IDP
+ final LogoutRequest sloReq = createLogOutRequest(nameID, nameIDFormat, request);
+
+ request.getSession().setAttribute(Constants.SESSION_PVP2REQUESTID, sloReq.getID());
+
+ // send message
+ sendMessage(request, response, sloReq, null);
+
+ } else {
+ // process PVP 2.1 single logout process
+ final HTTPRedirectDeflateDecoder decode = new HTTPRedirectDeflateDecoder(
+ new BasicParserPool());
+ final BasicSAMLMessageContext<SAMLObject, ?, ?> messageContext =
+ new BasicSAMLMessageContext<>();
+ messageContext.setInboundMessageTransport(new HttpServletRequestAdapter(request));
+ messageContext.setMetadataProvider(getConfig().getMetaDataProvier());
+
+ final SAML2HTTPRedirectDeflateSignatureRule signatureRule = new SAML2HTTPRedirectDeflateSignatureRule(
+ PVP2Utils.getTrustEngine(getConfig()));
+ final SAML2AuthnRequestsSignedRule signedRole = new SAML2AuthnRequestsSignedRule();
+ final BasicSecurityPolicy policy = new BasicSecurityPolicy();
+ policy.getPolicyRules().add(signatureRule);
+ policy.getPolicyRules().add(signedRole);
+ final SecurityPolicyResolver resolver = new StaticSecurityPolicyResolver(
+ policy);
+ messageContext.setSecurityPolicyResolver(resolver);
+ messageContext.setPeerEntityRole(IDPSSODescriptor.DEFAULT_ELEMENT_NAME);
+
+ decode.decode(messageContext);
+
+ signatureRule.evaluate(messageContext);
+
+ processMessage(request, response,
+ messageContext.getInboundMessage(), messageContext.getRelayState());
+
+ }
+
+ } catch (final SLOException e) {
+ log.error("Single LogOut processing error.", e);
+ buildErrorMessage(request, response);
+
+ } catch (final ConfigurationException e) {
+ log.error("Single LogOut processing error.", e);
+ buildErrorMessage(request, response);
+
+ } catch (final PVP2Exception e) {
+ log.error("Single LogOut processing error.", e);
+ buildErrorMessage(request, response);
+
+ } catch (final SecurityPolicyException e) {
+ log.error("Single LogOut processing error.", e);
+ buildErrorMessage(request, response);
+
+ } catch (final MessageDecodingException e) {
+ log.error("Single LogOut processing error.", e);
+ buildErrorMessage(request, response);
+
+ } catch (final SecurityException e) {
+ log.error("Single LogOut processing error.", e);
+ buildErrorMessage(request, response);
+
+ } catch (final NoSuchAlgorithmException e) {
+ log.error("Single LogOut processing error.", e);
+ buildErrorMessage(request, response);
+
+ }
+ }
+
+ /**
+ * @see HttpServlet#doPost(HttpServletRequest request, HttpServletResponse
+ * response)
+ */
+ @Override
+ protected void doPost(HttpServletRequest request,
+ HttpServletResponse response) throws ServletException, IOException {
+ try {
+ final HTTPPostDecoder decode = new HTTPPostDecoder(new BasicParserPool());
+ final BasicSAMLMessageContext<Response, ?, ?> messageContext =
+ new BasicSAMLMessageContext<>();
+ messageContext.setInboundMessageTransport(new HttpServletRequestAdapter(request));
+ decode.decode(messageContext);
+
+ PVP2Utils.validateSignature((SignableXMLObject) messageContext.getInboundMessage(), getConfig());
+
+ processMessage(request, response,
+ messageContext.getInboundMessage(), messageContext.getRelayState());
+
+ } catch (final MessageDecodingException e) {
+ log.error("Single LogOut processing error.", e);
+ buildErrorMessage(request, response);
+
+ } catch (final SecurityException e) {
+ log.error("Single LogOut processing error.", e);
+ buildErrorMessage(request, response);
+
+ } catch (final ValidationException e) {
+ log.error("Single LogOut processing error.", e);
+ buildErrorMessage(request, response);
+
+ } catch (final ConfigurationException e) {
+ log.error("Single LogOut processing error.", e);
+ buildErrorMessage(request, response);
+
+ } catch (final PVP2Exception e) {
+ log.error("Single LogOut processing error.", e);
+ buildErrorMessage(request, response);
+
+ } catch (final NoSuchAlgorithmException e) {
+ log.error("Single LogOut processing error.", e);
+ buildErrorMessage(request, response);
+
+ }
+ }
+
+ private void buildErrorMessage(HttpServletRequest request, HttpServletResponse response) {
+
+ request.getSession().setAttribute(Constants.SESSION_SLOERROR,
+ LanguageHelper.getErrorString("webpages.slo.error", request));
+
+ // check response destination
+ String serviceURL = getConfig().getPublicUrlPreFix(request);
+ if (!serviceURL.endsWith("/")) {
+ serviceURL = serviceURL + "/";
+ }
+
+ String redirectURL = serviceURL + Constants.SERVLET_LOGOUT;
+ redirectURL = response.encodeRedirectURL(redirectURL);
+ response.setContentType("text/html");
+ response.setStatus(302);
+ response.addHeader("Location", redirectURL);
+ }
+
+ private void processMessage(HttpServletRequest request, HttpServletResponse response,
+ XMLObject xmlObject, String relayState) throws ConfigurationException, PVP2Exception,
+ NoSuchAlgorithmException {
+ if (xmlObject instanceof LogoutRequest) {
+ final LogoutResponse sloResp =
+ processLogOutRequest((LogoutRequest) xmlObject, request);
+ sendMessage(request, response, sloResp, relayState);
+
+ } else if (xmlObject instanceof LogoutResponse) {
+ final LogoutResponse sloResp = (LogoutResponse) xmlObject;
+
+ final String reqID = (String) request.getSession().getAttribute(Constants.SESSION_PVP2REQUESTID);
+ request.getSession().setAttribute(Constants.SESSION_PVP2REQUESTID, null);
+ validateLogOutResponse(sloResp, reqID, request, response);
+
+ }
+ }
+
+ private void sendMessage(HttpServletRequest request, HttpServletResponse response,
+ RequestAbstractType sloReq, String relayState) throws ConfigurationException, PVP2Exception {
+ final SingleLogoutService sloService = findIDPFrontChannelSLOService();
+ sloReq.setDestination(sloService.getLocation());
+ sendMessage(request, response, sloReq, sloService, relayState);
+ }
+
+ private void sendMessage(HttpServletRequest request, HttpServletResponse response,
+ StatusResponseType sloReq, String relayState) throws ConfigurationException, PVP2Exception {
+ final SingleLogoutService sloService = findIDPFrontChannelSLOService();
+ sloReq.setDestination(sloService.getLocation());
+ sendMessage(request, response, sloReq, sloService, relayState);
+ }
+
+ private void sendMessage(HttpServletRequest request, HttpServletResponse response,
+ SignableSAMLObject sloReq, SingleLogoutService sloService, String relayState)
+ throws ConfigurationException, PVP2Exception {
+ final X509Credential authcredential = PVP2Utils.signMessage((AbstractSignableXMLObject) sloReq,
+ getConfig());
+ if (sloService.getBinding().equals(SAMLConstants.SAML2_POST_BINDING_URI)) {
+ PVP2Utils.postBindingEncoder(request, response, sloReq, authcredential, sloService.getLocation(),
+ relayState);
+ } else if (sloService.getBinding().equals(SAMLConstants.SAML2_REDIRECT_BINDING_URI)) {
+ PVP2Utils.redirectBindingEncoder(request, response, sloReq, authcredential, sloService.getLocation(),
+ relayState);
+ }
+ }
+
}
diff --git a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/config/ConfigurationProvider.java b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/config/ConfigurationProvider.java
index ef6c951c2..8eb4db4a2 100644
--- a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/config/ConfigurationProvider.java
+++ b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/config/ConfigurationProvider.java
@@ -44,7 +44,6 @@ import java.util.jar.Manifest;
import javax.servlet.http.HttpServletRequest;
import org.apache.commons.httpclient.MOAHttpClient;
-import org.apache.log4j.Logger;
import org.opensaml.DefaultBootstrap;
import org.opensaml.saml2.metadata.provider.HTTPMetadataProvider;
import org.opensaml.xml.parse.BasicParserPool;
@@ -68,649 +67,635 @@ import at.gv.egovernment.moa.id.configuration.utils.UserRequestCleaner;
import at.gv.egovernment.moa.util.MiscUtil;
import iaik.asn1.structures.AlgorithmID;
import iaik.x509.X509Certificate;
+import lombok.extern.slf4j.Slf4j;
-
+@Slf4j
public class ConfigurationProvider {
- public static final String HTMLTEMPLATE_DIR = "/htmlTemplates";
- public static final String HTMLTEMPLATE_FILE = "/loginFormFull.html";
-
- private static final Logger log = Logger.getLogger(ConfigurationProvider.class);
-
- private static final String SYSTEM_PROP_CONFIG = "moa.id.webconfig";
-
- private static ConfigurationProvider instance;
- private Properties props;
- private String configFileName;
- private String configRootDir;
-
- private HTTPMetadataProvider idpMetadataProvider = null;
- private KeyStore keyStore = null;
-
- private String publicURLPreFix = null;
-
- private boolean pvp2logininitialzied = false;
-
- private ClassPathXmlApplicationContext context = null;
- private MOAIDConfigurationModul configModule = null;
- private NewConfigurationDBRead deprecatedDBRead = null;
- private FileBasedUserConfiguration userManagement = null;
-
- private ArrayList<String> activeProfiles = new ArrayList<String>();
-
- public static ConfigurationProvider getInstance() throws ConfigurationException {
-
- if (instance == null) {
- instance = new ConfigurationProvider();
- instance.inizialize();
-
- }
-
- return instance;
- }
-
- private void inizialize() throws ConfigurationException {
-
- log.info("Set SystemProperty for UTF-8 file.encoding as default");
- System.setProperty("file.encoding", "UTF-8");
-
- configFileName = System.getProperty(SYSTEM_PROP_CONFIG);
-
- if (configFileName == null) {
- throw new ConfigurationException("config.05");
- }
- try {
- URI fileURI = new URI(configFileName);
- File propertiesFile = new File(fileURI);
-
- // determine the directory of the root config file
- String rootConfigFileDir = propertiesFile.getParent();
- configRootDir = new File(rootConfigFileDir).toURI().toURL().toString();;
-
- log.info("Loading MOA-ID-AUTH configuration " + configFileName);
-
- //Initial Hibernate Framework
- log.trace("Initializing Hibernate framework.");
-
- //Load MOAID-2.0 properties file
-
-
- FileInputStream fis;
- props = new Properties();
-
- fis = new FileInputStream(propertiesFile);
- props.load(fis);
- fis.close();
+ public static final String HTMLTEMPLATE_DIR = "/htmlTemplates";
+ public static final String HTMLTEMPLATE_FILE = "/loginFormFull.html";
+
+ private static final String SYSTEM_PROP_CONFIG = "moa.id.webconfig";
+
+ private static ConfigurationProvider instance;
+ private Properties props;
+ private String configFileName;
+ private String configRootDir;
+
+ private HTTPMetadataProvider idpMetadataProvider = null;
+ private KeyStore keyStore = null;
+
+ private String publicURLPreFix = null;
+
+ private boolean pvp2logininitialzied = false;
+
+ private ClassPathXmlApplicationContext context = null;
+ private MOAIDConfigurationModul configModule = null;
+ private NewConfigurationDBRead deprecatedDBRead = null;
+ private FileBasedUserConfiguration userManagement = null;
+
+ private final ArrayList<String> activeProfiles = new ArrayList<>();
+
+ public static ConfigurationProvider getInstance() throws ConfigurationException {
+
+ if (instance == null) {
+ instance = new ConfigurationProvider();
+ instance.inizialize();
+
+ }
+
+ return instance;
+ }
+
+ private void inizialize() throws ConfigurationException {
+
+ log.info("Set SystemProperty for UTF-8 file.encoding as default");
+ System.setProperty("file.encoding", "UTF-8");
+
+ configFileName = System.getProperty(SYSTEM_PROP_CONFIG);
+
+ if (configFileName == null) {
+ throw new ConfigurationException("config.05");
+ }
+ try {
+ final URI fileURI = new URI(configFileName);
+ final File propertiesFile = new File(fileURI);
+
+ // determine the directory of the root config file
+ final String rootConfigFileDir = propertiesFile.getParent();
+ configRootDir = new File(rootConfigFileDir).toURI().toURL().toString();
+
+ log.info("Loading MOA-ID-AUTH configuration " + configFileName);
+
+ // Initial Hibernate Framework
+ log.trace("Initializing Hibernate framework.");
+
+ // Load MOAID-2.0 properties file
+
+ FileInputStream fis;
+ props = new Properties();
+
+ fis = new FileInputStream(propertiesFile);
+ props.load(fis);
+ fis.close();
// //Workaround -> can be removed in next version
// if (MiscUtil.isEmpty(System.getProperty("spring.profiles.active"))) {
// log.info("Set System-Property to activate 'byteBased' config values");
// System.setProperty("spring.profiles.active", "byteBasedConfig");
-//
+//
// }
-
- //initialize generic SpringContext to set profiles
- GenericApplicationContext rootContext = new GenericApplicationContext();
+
+ // initialize generic SpringContext to set profiles
+ final GenericApplicationContext rootContext = new GenericApplicationContext();
// if (Boolean.valueOf(props.getProperty("configuration.database.byteBasedValues", "false")))
-// activeProfiles.add(SpringProfileConstants.BYTEBASEDCONFIG);
+// activeProfiles.add(SpringProfileConstants.BYTEBASEDCONFIG);
// for (String el: activeProfiles)
// rootContext.getEnvironment().addActiveProfile(el);
- //refresh generic context
- rootContext.refresh();
-
- //initialize SpringContext
- context = new ClassPathXmlApplicationContext(
- new String[] { "configuration.beans.xml",
- "moaid.webgui.beans.xml",
- "moaid.migration.beans.xml",
- "moaid.configurationtool.beans.xml"
- }, rootContext);
-
-
- log.info("Spring-context was initialized with active profiles: "
- + Arrays.asList(context.getEnvironment().getActiveProfiles()));
-
- //Autowire beans in these context
- AutowireCapableBeanFactory acbFactory = context.getAutowireCapableBeanFactory();
- acbFactory.autowireBean(this);
-
-
- log.info("Hibernate initialization finished.");
-
- DefaultBootstrap.bootstrap();
- log.info("OPENSAML initialized");
-
- UserRequestCleaner.start();
-
- fixJava8_141ProblemWithSSLAlgorithms();
-
- log.info("MOA-ID-Configuration initialization completed");
-
-
- } catch (FileNotFoundException e) {
- throw new ConfigurationException("config.01", new Object[]{configFileName}, e);
-
- } catch (IOException e) {
- throw new ConfigurationException("config.02", new Object[]{configFileName}, e);
-
- } catch (org.opensaml.xml.ConfigurationException e) {
- throw new ConfigurationException("config.04", e);
-
- } catch (URISyntaxException e) {
- throw new ConfigurationException("config.01", new Object[]{configFileName}, e);
- }
-
- }
-
- private static void fixJava8_141ProblemWithSSLAlgorithms() {
- log.info("Change AlgorithmIDs to fix problems with Java8 >= 141 ...");
- //new AlgorithmID("1.2.840.113549.1.1.4", "md5WithRSAEncryption", new String[] { "MD5withRSA", "MD5/RSA", }, null, true);
- new AlgorithmID("1.2.840.113549.1.1.5", "sha1WithRSAEncryption",
- new String[] { "SHA1withRSA" , "SHA1/RSA", "SHA-1/RSA", "SHA/RSA", }, null, true);
- new AlgorithmID("1.2.840.113549.1.1.14", "sha224WithRSAEncryption",
- new String[] { "SHA224withRSA", "SHA224/RSA", "SHA-224/RSA", }, null, true);
- new AlgorithmID("1.2.840.113549.1.1.11", "sha256WithRSAEncryption",
- new String[] { "SHA256withRSA", "SHA256/RSA", "SHA-256/RSA", }, null, true);
- new AlgorithmID("1.2.840.113549.1.1.12", "sha384WithRSAEncryption",
- new String[] { "SHA384withRSA", "SHA384/RSA", "SHA-384/RSA", }, null, true);
- new AlgorithmID("1.2.840.113549.1.1.13", "sha512WithRSAEncryption",
- new String[] { "SHA512withRSA", "SHA512/RSA", "SHA-512/RSA" }, null, true);
-
- log.info("Change AlgorithmIDs finished");
+ // refresh generic context
+ rootContext.refresh();
+
+ // initialize SpringContext
+ context = new ClassPathXmlApplicationContext(
+ new String[] { "configuration.beans.xml",
+ "moaid.webgui.beans.xml",
+ "moaid.migration.beans.xml",
+ "moaid.configurationtool.beans.xml"
+ }, rootContext);
+
+ log.info("Spring-context was initialized with active profiles: "
+ + Arrays.asList(context.getEnvironment().getActiveProfiles()));
+
+ // Autowire beans in these context
+ final AutowireCapableBeanFactory acbFactory = context.getAutowireCapableBeanFactory();
+ acbFactory.autowireBean(this);
+
+ log.info("Hibernate initialization finished.");
+
+ DefaultBootstrap.bootstrap();
+ log.info("OPENSAML initialized");
+
+ UserRequestCleaner.start();
+
+ fixJava8_141ProblemWithSSLAlgorithms();
+
+ log.info("MOA-ID-Configuration initialization completed");
+
+ } catch (final FileNotFoundException e) {
+ throw new ConfigurationException("config.01", new Object[] { configFileName }, e);
+
+ } catch (final IOException e) {
+ throw new ConfigurationException("config.02", new Object[] { configFileName }, e);
+
+ } catch (final org.opensaml.xml.ConfigurationException e) {
+ throw new ConfigurationException("config.04", e);
+
+ } catch (final URISyntaxException e) {
+ throw new ConfigurationException("config.01", new Object[] { configFileName }, e);
}
-
- @Autowired(required = true)
- public void setMOAIDConfigurationModul(MOAIDConfigurationModul module) {
- this.configModule = module;
- }
-
-
-
- /**
- * @param dbRead the dbRead to set
- */
- @Autowired(required = true)
- public void setDbRead(NewConfigurationDBRead dbRead) {
- this.deprecatedDBRead = dbRead;
- }
-
-
-
- /**
- * @return the props
- */
- public Properties getConfigurationProperties() {
- return props;
- }
-
- /**
- * @return the deprecatedDBWrite
- */
- public FileBasedUserConfiguration getUserManagement() {
- return userManagement;
- }
-
- /**
- * @param deprecatedDBWrite the deprecatedDBWrite to set
- */
- @Autowired(required = true)
- public void setUserManagement(FileBasedUserConfiguration userManagement) {
- this.userManagement = userManagement;
- }
-
-
- public String getPublicUrlPreFix(HttpServletRequest request) {
- publicURLPreFix = props.getProperty("general.publicURLContext");
-
- if (MiscUtil.isEmpty(publicURLPreFix) && request != null) {
- String url = request.getRequestURL().toString();
- String contextpath = request.getContextPath();
- int index = url.indexOf(contextpath);
- publicURLPreFix = url.substring(0, index + contextpath.length() + 1);
- }
-
- return publicURLPreFix;
- }
-
- public int getUserRequestCleanUpDelay() {
- String delay = props.getProperty("general.userrequests.cleanup.delay");
- return Integer.getInteger(delay, 12);
- }
-
+
+ }
+
+ private static void fixJava8_141ProblemWithSSLAlgorithms() {
+ log.info("Change AlgorithmIDs to fix problems with Java8 >= 141 ...");
+ // new AlgorithmID("1.2.840.113549.1.1.4", "md5WithRSAEncryption", new String[]
+ // { "MD5withRSA", "MD5/RSA", }, null, true);
+ new AlgorithmID("1.2.840.113549.1.1.5", "sha1WithRSAEncryption",
+ new String[] { "SHA1withRSA", "SHA1/RSA", "SHA-1/RSA", "SHA/RSA", }, null, true);
+ new AlgorithmID("1.2.840.113549.1.1.14", "sha224WithRSAEncryption",
+ new String[] { "SHA224withRSA", "SHA224/RSA", "SHA-224/RSA", }, null, true);
+ new AlgorithmID("1.2.840.113549.1.1.11", "sha256WithRSAEncryption",
+ new String[] { "SHA256withRSA", "SHA256/RSA", "SHA-256/RSA", }, null, true);
+ new AlgorithmID("1.2.840.113549.1.1.12", "sha384WithRSAEncryption",
+ new String[] { "SHA384withRSA", "SHA384/RSA", "SHA-384/RSA", }, null, true);
+ new AlgorithmID("1.2.840.113549.1.1.13", "sha512WithRSAEncryption",
+ new String[] { "SHA512withRSA", "SHA512/RSA", "SHA-512/RSA" }, null, true);
+
+ log.info("Change AlgorithmIDs finished");
+ }
+
+ @Autowired(required = true)
+ public void setMOAIDConfigurationModul(MOAIDConfigurationModul module) {
+ this.configModule = module;
+ }
+
+ /**
+ * @param dbRead the dbRead to set
+ */
+ @Autowired(required = true)
+ public void setDbRead(NewConfigurationDBRead dbRead) {
+ this.deprecatedDBRead = dbRead;
+ }
+
+ /**
+ * @return the props
+ */
+ public Properties getConfigurationProperties() {
+ return props;
+ }
+
+ /**
+ * @return the deprecatedDBWrite
+ */
+ public FileBasedUserConfiguration getUserManagement() {
+ return userManagement;
+ }
+
+ /**
+ * @param deprecatedDBWrite the deprecatedDBWrite to set
+ */
+ @Autowired(required = true)
+ public void setUserManagement(FileBasedUserConfiguration userManagement) {
+ this.userManagement = userManagement;
+ }
+
+ public String getPublicUrlPreFix(HttpServletRequest request) {
+ publicURLPreFix = props.getProperty("general.publicURLContext");
+
+ if (MiscUtil.isEmpty(publicURLPreFix) && request != null) {
+ final String url = request.getRequestURL().toString();
+ final String contextpath = request.getContextPath();
+ final int index = url.indexOf(contextpath);
+ publicURLPreFix = url.substring(0, index + contextpath.length() + 1);
+ }
+
+ return publicURLPreFix;
+ }
+
+ public int getUserRequestCleanUpDelay() {
+ final String delay = props.getProperty("general.userrequests.cleanup.delay");
+ return Integer.getInteger(delay, 12);
+ }
+
// public String getContactMailAddress() {
// return props.getProperty("general.contact.mail");
// }
-
- public String getSSOLogOutURL() {
- return props.getProperty("general.login.pvp2.idp.sso.logout.url");
- }
-
- public KeyStore getPVP2KeyStore() throws ConfigurationException, IOException, NoSuchAlgorithmException, CertificateException, KeyStoreException {
- if (keyStore == null) {
- String keystoretype = getPVP2MetadataKeystoreType();
- if (MiscUtil.isEmpty(keystoretype)) {
- log.debug("No KeyStoreType defined. Using default KeyStoreType.");
- keyStore = KeyStore.getInstance(KeyStore.getDefaultType());
-
- } else {
- log.debug("Using " + keystoretype + " KeyStoreType.");
- keyStore = KeyStore.getInstance(keystoretype);
-
- }
-
-
- String fileURL = getPVP2MetadataKeystoreURL();
- log.debug("Load KeyStore from URL " + fileURL);
- if (MiscUtil.isEmpty(fileURL)) {
- log.info("Metadata KeyStoreURL is empty");
- throw new ConfigurationException("Metadata KeyStoreURL is empty");
- }
-
- URL keystoreURL = new URL((FileUtils.makeAbsoluteURL(fileURL, getConfigRootDir())));
- InputStream inputStream = keystoreURL.openStream();
- keyStore.load(inputStream, getPVP2MetadataKeystorePassword().toCharArray());
- inputStream.close();
- }
-
- return keyStore;
-
- }
-
- public String getConfigFile() {
- return configFileName;
- }
-
- public String getConfigRootDir() {
- return configRootDir;
- }
-
- public boolean isMOAIDMode() {
- String result = props.getProperty("general.moaidmode.active", "true");
- return Boolean.parseBoolean(result);
- }
-
- public String getMOAIDInstanceURL() {
- return props.getProperty("general.moaid.instance.url");
- }
-
- public boolean isLoginDeaktivated() {
- String result = props.getProperty("general.login.deaktivate", "false");
- return Boolean.parseBoolean(result);
- }
-
- public boolean isOATargetVerificationDeaktivated() {
- String result = props.getProperty("general.OATargetVerification.deaktivate", "false");
- return Boolean.parseBoolean(result);
- }
-
- //PVP2 Login configuration
-
- public void initializePVP2Login() throws ConfigurationException {
- if (!pvp2logininitialzied)
- initalPVP2Login();
- }
-
- public boolean isPVP2LoginActive() {
-
- return Boolean.parseBoolean(props.getProperty("general.login.pvp2.isactive", "false"));
- }
-
- public boolean isPVP2LoginBusinessService() {
- String result = props.getProperty("general.login.pvp2.isbusinessservice", "false");
- return Boolean.parseBoolean(result);
- }
-
- public String getPVP2LoginTarget() {
- return props.getProperty("general.login.pvp2.target");
- }
-
- public String getPVP2LoginIdenificationValue() {
- return props.getProperty("general.login.pvp2.identificationvalue");
- }
-
- public String getPVP2MetadataEntitiesName() {
- return props.getProperty("general.login.pvp2.metadata.entities.name");
- }
-
- public String getPVP2MetadataKeystoreURL() {
- return props.getProperty("general.login.pvp2.keystore.url");
- }
-
- public String getPVP2MetadataKeystorePassword() {
- return props.getProperty("general.login.pvp2.keystore.password");
- }
-
- public String getPVP2MetadataKeystoreType() {
- return props.getProperty("general.login.pvp2.keystore.type");
- }
-
- public String getPVP2KeystoreMetadataKeyAlias() {
- return props.getProperty("general.login.pvp2.keystore.metadata.key.alias");
- }
-
- public String getPVP2KeystoreMetadataKeyPassword() {
- return props.getProperty("general.login.pvp2.keystore.metadata.key.password");
- }
-
- public String getPVP2KeystoreAuthRequestKeyAlias() {
- return props.getProperty("general.login.pvp2.keystore.authrequest.key.alias");
- }
-
- public String getPVP2KeystoreAuthRequestKeyPassword() {
- return props.getProperty("general.login.pvp2.keystore.authrequest.key.password");
- }
-
- public String getPVP2KeystoreAuthRequestEncryptionKeyAlias() {
- return props.getProperty("general.login.pvp2.keystore.authrequest.encryption.key.alias");
- }
-
- public String getPVP2KeystoreAuthRequestEncryptionKeyPassword() {
- return props.getProperty("general.login.pvp2.keystore.authrequest.encryption.key.password");
- }
-
- public String getPVP2IDPMetadataURL() {
- return props.getProperty("general.login.pvp2.idp.metadata.url");
- }
-
- public String getPVP2IDPMetadataCertificate() {
- return props.getProperty("general.login.pvp2.idp.metadata.certificate");
- }
-
- public String getPVP2IDPMetadataEntityName() {
- return props.getProperty("general.login.pvp2.idp.metadata.entityID");
- }
-
- public HTTPMetadataProvider getMetaDataProvier() {
- return idpMetadataProvider;
- }
-
-
- //SMTP Server
- public String getSMTPMailHost() {
- return props.getProperty("general.mail.host");
- }
-
- public String getSMTPMailPort() {
- return props.getProperty("general.mail.host.port");
- }
-
- public String getSMTPMailUsername() {
- return props.getProperty("general.mail.host.username");
- }
-
- public String getSMTPMailPassword() {
- return props.getProperty("general.mail.host.password");
- }
-
- //Mail Configuration
- public String getMailFromName() {
- return props.getProperty("general.mail.from.name");
- }
-
- public String getMailFromAddress() {
- return props.getProperty("general.mail.from.address");
- }
-
- public String getMailUserAcountVerificationSubject() {
- return props.getProperty("general.mail.useraccountrequest.verification.subject");
- }
-
- public String getMailUserAcountVerificationTemplate() throws ConfigurationException {
- String url = props.getProperty("general.mail.useraccountrequest.verification.template");
-
- if (MiscUtil.isNotEmpty(url)) {
- return url;
-
- } else {
- log.warn("MailUserAcountVerificationTemplate is empty");
- throw new ConfigurationException("MailUserAcountVerificationTemplate is empty");
-
- }
- }
-
- public String getMailUserAcountActivationSubject() {
- return props.getProperty("general.mail.useraccountrequest.isactive.subject");
- }
-
- public String getMailUserAcountActivationTemplate() throws ConfigurationException {
- String url = props.getProperty("general.mail.useraccountrequest.isactive.template");
- if (MiscUtil.isNotEmpty(url)) {
- return url;
-
- } else {
- log.warn("MailUserAcountActivationTemplate is empty");
- throw new ConfigurationException("MailUserAcountActivationTemplate is empty");
-
- }
-
- }
-
- public String getMailOAActivationSubject() {
- return props.getProperty("general.mail.createOArequest.isactive.subject");
- }
-
- public String getDefaultLanguage() {
+
+ public String getSSOLogOutURL() {
+ return props.getProperty("general.login.pvp2.idp.sso.logout.url");
+ }
+
+ public KeyStore getPVP2KeyStore() throws ConfigurationException, IOException, NoSuchAlgorithmException,
+ CertificateException, KeyStoreException {
+ if (keyStore == null) {
+ final String keystoretype = getPVP2MetadataKeystoreType();
+ if (MiscUtil.isEmpty(keystoretype)) {
+ log.debug("No KeyStoreType defined. Using default KeyStoreType.");
+ keyStore = KeyStore.getInstance(KeyStore.getDefaultType());
+
+ } else {
+ log.debug("Using " + keystoretype + " KeyStoreType.");
+ keyStore = KeyStore.getInstance(keystoretype);
+
+ }
+
+ final String fileURL = getPVP2MetadataKeystoreURL();
+ log.debug("Load KeyStore from URL " + fileURL);
+ if (MiscUtil.isEmpty(fileURL)) {
+ log.info("Metadata KeyStoreURL is empty");
+ throw new ConfigurationException("Metadata KeyStoreURL is empty");
+ }
+
+ final URL keystoreURL = new URL(FileUtils.makeAbsoluteURL(fileURL, getConfigRootDir()));
+ final InputStream inputStream = keystoreURL.openStream();
+ keyStore.load(inputStream, getPVP2MetadataKeystorePassword().toCharArray());
+ inputStream.close();
+ }
+
+ return keyStore;
+
+ }
+
+ public String getConfigFile() {
+ return configFileName;
+ }
+
+ public String getConfigRootDir() {
+ return configRootDir;
+ }
+
+ public boolean isMOAIDMode() {
+ final String result = props.getProperty("general.moaidmode.active", "true");
+ return Boolean.parseBoolean(result);
+ }
+
+ public String getMOAIDInstanceURL() {
+ return props.getProperty("general.moaid.instance.url");
+ }
+
+ public boolean isLoginDeaktivated() {
+ final String result = props.getProperty("general.login.deaktivate", "false");
+ return Boolean.parseBoolean(result);
+ }
+
+ public boolean isOATargetVerificationDeaktivated() {
+ final String result = props.getProperty("general.OATargetVerification.deaktivate", "false");
+ return Boolean.parseBoolean(result);
+ }
+
+ // PVP2 Login configuration
+
+ public void initializePVP2Login() throws ConfigurationException {
+ if (!pvp2logininitialzied) {
+ initalPVP2Login();
+ }
+ }
+
+ public boolean isPVP2LoginActive() {
+
+ return Boolean.parseBoolean(props.getProperty("general.login.pvp2.isactive", "false"));
+ }
+
+ public boolean isPVP2LoginBusinessService() {
+ final String result = props.getProperty("general.login.pvp2.isbusinessservice", "false");
+ return Boolean.parseBoolean(result);
+ }
+
+ public String getPVP2LoginTarget() {
+ return props.getProperty("general.login.pvp2.target");
+ }
+
+ public String getPVP2LoginIdenificationValue() {
+ return props.getProperty("general.login.pvp2.identificationvalue");
+ }
+
+ public String getPVP2MetadataEntitiesName() {
+ return props.getProperty("general.login.pvp2.metadata.entities.name");
+ }
+
+ public String getPVP2MetadataKeystoreURL() {
+ return props.getProperty("general.login.pvp2.keystore.url");
+ }
+
+ public String getPVP2MetadataKeystorePassword() {
+ return props.getProperty("general.login.pvp2.keystore.password");
+ }
+
+ public String getPVP2MetadataKeystoreType() {
+ return props.getProperty("general.login.pvp2.keystore.type");
+ }
+
+ public String getPVP2KeystoreMetadataKeyAlias() {
+ return props.getProperty("general.login.pvp2.keystore.metadata.key.alias");
+ }
+
+ public String getPVP2KeystoreMetadataKeyPassword() {
+ return props.getProperty("general.login.pvp2.keystore.metadata.key.password");
+ }
+
+ public String getPVP2KeystoreAuthRequestKeyAlias() {
+ return props.getProperty("general.login.pvp2.keystore.authrequest.key.alias");
+ }
+
+ public String getPVP2KeystoreAuthRequestKeyPassword() {
+ return props.getProperty("general.login.pvp2.keystore.authrequest.key.password");
+ }
+
+ public String getPVP2KeystoreAuthRequestEncryptionKeyAlias() {
+ return props.getProperty("general.login.pvp2.keystore.authrequest.encryption.key.alias");
+ }
+
+ public String getPVP2KeystoreAuthRequestEncryptionKeyPassword() {
+ return props.getProperty("general.login.pvp2.keystore.authrequest.encryption.key.password");
+ }
+
+ public String getPVP2IDPMetadataURL() {
+ return props.getProperty("general.login.pvp2.idp.metadata.url");
+ }
+
+ public String getPVP2IDPMetadataCertificate() {
+ return props.getProperty("general.login.pvp2.idp.metadata.certificate");
+ }
+
+ public String getPVP2IDPMetadataEntityName() {
+ return props.getProperty("general.login.pvp2.idp.metadata.entityID");
+ }
+
+ public HTTPMetadataProvider getMetaDataProvier() {
+ return idpMetadataProvider;
+ }
+
+ // SMTP Server
+ public String getSMTPMailHost() {
+ return props.getProperty("general.mail.host");
+ }
+
+ public String getSMTPMailPort() {
+ return props.getProperty("general.mail.host.port");
+ }
+
+ public String getSMTPMailUsername() {
+ return props.getProperty("general.mail.host.username");
+ }
+
+ public String getSMTPMailPassword() {
+ return props.getProperty("general.mail.host.password");
+ }
+
+ // Mail Configuration
+ public String getMailFromName() {
+ return props.getProperty("general.mail.from.name");
+ }
+
+ public String getMailFromAddress() {
+ return props.getProperty("general.mail.from.address");
+ }
+
+ public String getMailUserAcountVerificationSubject() {
+ return props.getProperty("general.mail.useraccountrequest.verification.subject");
+ }
+
+ public String getMailUserAcountVerificationTemplate() throws ConfigurationException {
+ final String url = props.getProperty("general.mail.useraccountrequest.verification.template");
+
+ if (MiscUtil.isNotEmpty(url)) {
+ return url;
+
+ } else {
+ log.warn("MailUserAcountVerificationTemplate is empty");
+ throw new ConfigurationException("MailUserAcountVerificationTemplate is empty");
+
+ }
+ }
+
+ public String getMailUserAcountActivationSubject() {
+ return props.getProperty("general.mail.useraccountrequest.isactive.subject");
+ }
+
+ public String getMailUserAcountActivationTemplate() throws ConfigurationException {
+ final String url = props.getProperty("general.mail.useraccountrequest.isactive.template");
+ if (MiscUtil.isNotEmpty(url)) {
+ return url;
+
+ } else {
+ log.warn("MailUserAcountActivationTemplate is empty");
+ throw new ConfigurationException("MailUserAcountActivationTemplate is empty");
+
+ }
+
+ }
+
+ public String getMailOAActivationSubject() {
+ return props.getProperty("general.mail.createOArequest.isactive.subject");
+ }
+
+ public String getDefaultLanguage() {
+ try {
+ return props.getProperty("general.defaultlanguage", "de").toLowerCase();
+ } catch (final Exception ex) {
+ return "de";
+ }
+ }
+
+ public String getMailOAActivationTemplate() throws ConfigurationException {
+ final String url = props.getProperty("general.mail.createOArequest.isactive.template");
+
+ if (MiscUtil.isNotEmpty(url)) {
+ return url;
+
+ } else {
+ log.warn("MailOAActivationTemplate is empty");
+ throw new ConfigurationException("MailOAActivationTemplate is empty");
+
+ }
+
+ }
+
+ public String getMailUserAcountRevocationTemplate() throws ConfigurationException {
+ final String url = props.getProperty("general.mail.useraccountrequest.rejected.template");
+
+ if (MiscUtil.isNotEmpty(url)) {
+ return url;
+
+ } else {
+ log.warn("MailUserAcountVerificationTemplate is empty");
+ throw new ConfigurationException("MailUserAcountRevocationTemplate is empty");
+
+ }
+ }
+
+ public String getMailAdminSubject() {
+ return props.getProperty("general.mail.admin.subject");
+ }
+
+ public String getMailAdminTemplate() throws ConfigurationException {
+ final String url = props.getProperty("general.mail.admin.adresses.template");
+
+ if (MiscUtil.isNotEmpty(url)) {
+ return url;
+
+ } else {
+ log.warn("MailUserAcountVerificationTemplate is empty");
+ throw new ConfigurationException("MailAdminTemplate is empty");
+
+ }
+ }
+
+ public String getMailAdminAddress() {
+ return props.getProperty("general.mail.admin.adress");
+ }
+
+ public String getConfigToolVersion() {
+ return parseVersionFromManifest();
+ }
+
+ public String getCertStoreDirectory() throws ConfigurationException {
+ final String dir = props.getProperty("general.ssl.certstore");
+ if (MiscUtil.isNotEmpty(dir)) {
+ return FileUtils.makeAbsoluteURL(dir, configRootDir);
+ } else {
+ throw new ConfigurationException("No SSLCertStore configured use default JAVA TrustStore.");
+ }
+
+ }
+
+ public String getTrustStoreDirectory() throws ConfigurationException {
+ final String dir = props.getProperty("general.ssl.truststore");
+ if (MiscUtil.isNotEmpty(dir)) {
+ return FileUtils.makeAbsoluteURL(dir, configRootDir);
+ } else {
+ throw new ConfigurationException("No SSLTrustStore configured use default JAVA TrustStore.");
+ }
+
+ }
+
+ public String getConfigurationEncryptionKey() {
+ return props.getProperty("general.moaconfig.key");
+
+ }
+
+ public boolean isPVPMetadataSchemaValidationActive() {
+ return Boolean.parseBoolean(props.getProperty("general.pvp.schemavalidation", "true"));
+
+ }
+
+ /**
+ * @return
+ */
+ private boolean isHostNameValidationEnabled() {
+ return Boolean.parseBoolean(props.getProperty("general.ssl.hostnamevalidation", "true"));
+
+ }
+
+ /**
+ * @return the context
+ */
+ public ApplicationContext getContext() {
+ return context;
+ }
+
+ /**
+ * @return the configModule
+ */
+ public MOAIDConfigurationModul getConfigModule() {
+ return configModule;
+ }
+
+ /**
+ * @return the dbRead
+ */
+ public NewConfigurationDBRead getDbRead() {
+ return deprecatedDBRead;
+ }
+
+ private void initalPVP2Login() throws ConfigurationException {
+ try {
+
+ final String metadataCert = getPVP2IDPMetadataCertificate();
+ if (MiscUtil.isEmpty(metadataCert)) {
+ log.info("NO IDP Certificate to verify IDP Metadata");
+ throw new ConfigurationException("NO IDP Certificate to verify IDP Metadata");
+ }
+
+ final URL keystoreURL = new URL(FileUtils.makeAbsoluteURL(metadataCert, getConfigRootDir()));
+ final InputStream certstream = keystoreURL.openStream();
+ final X509Certificate cert = new X509Certificate(certstream);
+ final BasicX509Credential idpCredential = new BasicX509Credential();
+ idpCredential.setEntityCertificate(cert);
+
+ log.debug("IDP Certificate loading finished");
+
+ final String metadataurl = getPVP2IDPMetadataURL();
+ if (MiscUtil.isEmpty(metadataurl)) {
+ log.info("NO IDP Metadata URL.");
+ throw new ConfigurationException("NO IDP Metadata URL.");
+ }
+
+ final MOAHttpClient httpClient = new MOAHttpClient();
+
+ if (metadataurl.startsWith("https:")) {
try {
- return props.getProperty("general.defaultlanguage", "de").toLowerCase();
- } catch (Exception ex) {
- return "de";
+ final MOAHttpProtocolSocketFactory protoSocketFactory = new MOAHttpProtocolSocketFactory(
+ "MOAMetaDataProvider",
+ true,
+ ConfigurationProvider.getInstance().getCertStoreDirectory(),
+ ConfigurationProvider.getInstance().getTrustStoreDirectory(),
+ null,
+ "pkix",
+ true,
+ new String[] { "crl" },
+ ConfigurationProvider.getInstance().isHostNameValidationEnabled());
+
+ httpClient.setCustomSSLTrustStore(metadataurl, protoSocketFactory);
+
+ } catch (final MOAHttpProtocolSocketFactoryException e) {
+ log.warn("MOA SSL-TrustStore can not initialized. Use default Java TrustStore.");
+
}
+ }
+
+ idpMetadataProvider = new HTTPMetadataProvider(new Timer(true), httpClient, metadataurl);
+ idpMetadataProvider.setRequireValidMetadata(true);
+ idpMetadataProvider.setParserPool(new BasicParserPool());
+ idpMetadataProvider.setMetadataFilter(new MetaDataVerificationFilter(idpCredential));
+ idpMetadataProvider.setMaxRefreshDelay(1000 * 3600 * 12); // refresh Metadata every 12h
+ idpMetadataProvider.initialize();
+
+ pvp2logininitialzied = true;
+
+ } catch (final Exception e) {
+ log.warn("PVP2 authentification can not be initialized.");
+ throw new ConfigurationException("error.initialization.pvplogin", e);
}
-
- public String getMailOAActivationTemplate() throws ConfigurationException {
- String url = props.getProperty("general.mail.createOArequest.isactive.template");
-
- if (MiscUtil.isNotEmpty(url)) {
- return url;
-
- } else {
- log.warn("MailOAActivationTemplate is empty");
- throw new ConfigurationException("MailOAActivationTemplate is empty");
-
- }
-
- }
-
- public String getMailUserAcountRevocationTemplate() throws ConfigurationException {
- String url = props.getProperty("general.mail.useraccountrequest.rejected.template");
-
- if (MiscUtil.isNotEmpty(url)) {
- return url;
-
- } else {
- log.warn("MailUserAcountVerificationTemplate is empty");
- throw new ConfigurationException("MailUserAcountRevocationTemplate is empty");
-
- }
- }
-
- public String getMailAdminSubject() {
- return props.getProperty("general.mail.admin.subject");
- }
-
- public String getMailAdminTemplate() throws ConfigurationException {
- String url = props.getProperty("general.mail.admin.adresses.template");
-
- if (MiscUtil.isNotEmpty(url)) {
- return url;
-
- } else {
- log.warn("MailUserAcountVerificationTemplate is empty");
- throw new ConfigurationException("MailAdminTemplate is empty");
-
- }
- }
-
- public String getMailAdminAddress() {
- return props.getProperty("general.mail.admin.adress");
- }
-
- public String getConfigToolVersion() {
- return parseVersionFromManifest();
- }
-
- public String getCertStoreDirectory() throws ConfigurationException {
- String dir = props.getProperty("general.ssl.certstore");
- if (MiscUtil.isNotEmpty(dir))
- return FileUtils.makeAbsoluteURL(dir, configRootDir);
-
- else
- throw new ConfigurationException("No SSLCertStore configured use default JAVA TrustStore.");
-
- }
-
- public String getTrustStoreDirectory() throws ConfigurationException {
- String dir = props.getProperty("general.ssl.truststore");
- if (MiscUtil.isNotEmpty(dir))
- return FileUtils.makeAbsoluteURL(dir, configRootDir);
-
- else
- throw new ConfigurationException("No SSLTrustStore configured use default JAVA TrustStore.");
-
- }
-
- public String getConfigurationEncryptionKey() {
- return props.getProperty("general.moaconfig.key");
-
- }
-
- public boolean isPVPMetadataSchemaValidationActive() {
- return Boolean.parseBoolean(props.getProperty("general.pvp.schemavalidation", "true"));
-
- }
-
- /**
- * @return
- */
- private boolean isHostNameValidationEnabled() {
- return Boolean.parseBoolean(props.getProperty("general.ssl.hostnamevalidation", "true"));
-
- }
-
- /**
- * @return the context
- */
- public ApplicationContext getContext() {
- return context;
- }
-
- /**
- * @return the configModule
- */
- public MOAIDConfigurationModul getConfigModule() {
- return configModule;
- }
-
-
-
- /**
- * @return the dbRead
- */
- public NewConfigurationDBRead getDbRead() {
- return deprecatedDBRead;
- }
-
- private void initalPVP2Login() throws ConfigurationException {
- try {
-
- String metadataCert = getPVP2IDPMetadataCertificate();
- if (MiscUtil.isEmpty(metadataCert)) {
- log.info("NO IDP Certificate to verify IDP Metadata");
- throw new ConfigurationException("NO IDP Certificate to verify IDP Metadata");
- }
-
- URL keystoreURL = new URL((FileUtils.makeAbsoluteURL(metadataCert, getConfigRootDir())));
- InputStream certstream = keystoreURL.openStream();
- X509Certificate cert = new X509Certificate(certstream);
- BasicX509Credential idpCredential = new BasicX509Credential();
- idpCredential.setEntityCertificate(cert);
-
- log.debug("IDP Certificate loading finished");
-
- String metadataurl = getPVP2IDPMetadataURL();
- if (MiscUtil.isEmpty(metadataurl)) {
- log.info("NO IDP Metadata URL.");
- throw new ConfigurationException("NO IDP Metadata URL.");
- }
-
- MOAHttpClient httpClient = new MOAHttpClient();
-
- if (metadataurl.startsWith("https:")) {
- try {
- MOAHttpProtocolSocketFactory protoSocketFactory = new MOAHttpProtocolSocketFactory(
- "MOAMetaDataProvider",
- true,
- ConfigurationProvider.getInstance().getCertStoreDirectory(),
- ConfigurationProvider.getInstance().getTrustStoreDirectory(),
- null,
- "pkix",
- true,
- new String[]{"crl"},
- ConfigurationProvider.getInstance().isHostNameValidationEnabled());
-
- httpClient.setCustomSSLTrustStore(metadataurl, protoSocketFactory);
-
- } catch (MOAHttpProtocolSocketFactoryException e) {
- log.warn("MOA SSL-TrustStore can not initialized. Use default Java TrustStore.");
-
- }
- }
-
- idpMetadataProvider = new HTTPMetadataProvider(new Timer(true), httpClient, metadataurl);
- idpMetadataProvider.setRequireValidMetadata(true);
- idpMetadataProvider.setParserPool(new BasicParserPool());
- idpMetadataProvider.setMetadataFilter(new MetaDataVerificationFilter(idpCredential));
- idpMetadataProvider.setMaxRefreshDelay(1000 * 3600 * 12 ); //refresh Metadata every 12h
- idpMetadataProvider.initialize();
-
- pvp2logininitialzied = true;
-
- } catch (Exception e) {
- log.warn("PVP2 authentification can not be initialized.");
- throw new ConfigurationException("error.initialization.pvplogin", e);
- }
- }
-
- private String parseVersionFromManifest() {
-
-
-
- try {
- Class clazz = ConfigurationProvider.class;
- String className = clazz.getSimpleName() + ".class";
- String classPath = clazz.getResource(className).toString();
-
- if (classPath.startsWith("jar")) {
- log.info("MOA-ID-Configuration Version can NOT parsed from Manifest. Set blank Version");
- return Constants.DEFAULT_VERSION;
-
- }
-
- String manifestPath = classPath.substring(0, classPath.lastIndexOf("WEB-INF/classes/") + "WEB-INF/classes/".length()) +
- "../../META-INF/MANIFEST.MF";
-
- Manifest manifest = new Manifest(new URL(manifestPath).openStream());;
-
- Attributes attributes = manifest.getMainAttributes();
- String version = attributes.getValue("version");
-
- if (MiscUtil.isNotEmpty(version))
- return version;
-
- else {
- log.info("MOA-ID-Configuration Version not found in Manifest. Set blank Version");
- return Constants.DEFAULT_VERSION;
-
- }
-
- } catch (Throwable e) {
- log.info("MOA-ID Version can NOT parsed from Manifest. Set blank Version");
-
- return Constants.DEFAULT_VERSION;
- }
-
-
- }
+ }
+
+ private String parseVersionFromManifest() {
+
+ try {
+ final Class clazz = ConfigurationProvider.class;
+ final String className = clazz.getSimpleName() + ".class";
+ final String classPath = clazz.getResource(className).toString();
+
+ if (classPath.startsWith("jar")) {
+ log.info("MOA-ID-Configuration Version can NOT parsed from Manifest. Set blank Version");
+ return Constants.DEFAULT_VERSION;
+
+ }
+
+ final String manifestPath = classPath.substring(0, classPath.lastIndexOf("WEB-INF/classes/")
+ + "WEB-INF/classes/".length()) +
+ "../../META-INF/MANIFEST.MF";
+
+ final Manifest manifest = new Manifest(new URL(manifestPath).openStream());
+
+ final Attributes attributes = manifest.getMainAttributes();
+ final String version = attributes.getValue("version");
+
+ if (MiscUtil.isNotEmpty(version)) {
+ return version;
+ } else {
+ log.info("MOA-ID-Configuration Version not found in Manifest. Set blank Version");
+ return Constants.DEFAULT_VERSION;
+
+ }
+
+ } catch (final Throwable e) {
+ log.info("MOA-ID Version can NOT parsed from Manifest. Set blank Version");
+
+ return Constants.DEFAULT_VERSION;
+ }
+
+ }
}
diff --git a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/data/FormularCustomization.java b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/data/FormularCustomization.java
index ca0bb8ac4..a45bec654 100644
--- a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/data/FormularCustomization.java
+++ b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/data/FormularCustomization.java
@@ -34,8 +34,6 @@ import java.util.Map;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpSession;
-import org.apache.log4j.Logger;
-
import at.gv.egovernment.moa.id.auth.frontend.utils.FormBuildUtils;
import at.gv.egovernment.moa.id.commons.config.MOAIDConfigurationConstants;
import at.gv.egovernment.moa.id.commons.db.dao.config.deprecated.AuthComponentOA;
@@ -52,821 +50,815 @@ import at.gv.egovernment.moa.id.configuration.helper.LanguageHelper;
import at.gv.egovernment.moa.id.configuration.validation.FormularCustomizationValitator;
import at.gv.egovernment.moa.id.configuration.validation.oa.OAFileUploadValidation;
import at.gv.egovernment.moa.util.MiscUtil;
+import lombok.extern.slf4j.Slf4j;
+@Slf4j
public class FormularCustomization implements IOnlineApplicationData {
- private static final Logger log = Logger.getLogger(FormularCustomization.class);
-
- private boolean showMandateLoginButton = true;
- private boolean onlyMandateAllowed = false;
-
- private String fontType = null;
-
- private String frontColor = null;
- private String backGroundColor = null;
- private String header_FrontColor = null;
- private String header_BackGroundColor = null;
- private String header_text = null;
- private String button_BackGroundColor = null;
- private String button_BackGroundColorFocus = null;
- private String button_FrontColor = null;
- private String applet_height = null;
- private String applet_width = null;
-
- private Map<String, String> map = null;
-
- private String appletRedirectTarget = null;
- public static List<String> appletRedirectTargetList = null;
-
- public static List<String> fontTypeList = null;
- public String fontTypeListValue = null;
-
- private Map<String, byte[]> sendAssertionForm = new HashMap<String, byte[]>();
- private Map<String, byte[]> bkuSelectionForm = new HashMap<String, byte[]>();
-
- private List<File> bkuSelectionFileUpload = null;
- private List<String> bkuSelectionFileUploadContentType = null;
- private List<String> bkuSelectionFileUploadFileName = new ArrayList<String>();
- private boolean deleteBKUTemplate = false;
-
- private List<File> sendAssertionFileUpload = null;
- private List<String> sendAssertionFileUploadContentType = null;
- private List<String> sendAssertionFileUploadFileName = new ArrayList<String>();;
- private boolean deleteSendAssertionTemplate = false;
-
- private String aditionalAuthBlockText = null;
- private boolean isHideBPKAuthBlock = false;
-
- private String saml2PostBindingTemplate = null;
- private String mandateServiceSelectionTemplate = null;
-
- public FormularCustomization() {
- new FormularCustomization(null);
- }
-
- public FormularCustomization(Map<String, String> map) {
- appletRedirectTargetList = Arrays.asList("","_blank","_self","_parent","_top");
- fontTypeList = Arrays.asList("","Verdana","Geneva","Arial","Helvetica","sans-serif","Times New Roman");
- Collections.sort(fontTypeList);
-
- if (map == null)
- this.map = FormBuildUtils.getDefaultMap();
- else
- this.map = map;
-
- }
-
- /* (non-Javadoc)
- * @see at.gv.egovernment.moa.id.configuration.data.oa.IOnlineApplicationData#getName()
- */
- @Override
- public String getName() {
- return "OAFormularCustomization";
- }
-
- /* (non-Javadoc)
- * @see at.gv.egovernment.moa.id.configuration.data.oa.IOnlineApplicationData#parse(at.gv.egovernment.moa.id.commons.db.dao.config.OnlineApplication, javax.servlet.http.HttpServletRequest)
- */
- @Override
- public List<String> parse(OnlineApplication dbOA, AuthenticatedUser authUser, HttpServletRequest request) {
- AuthComponentOA auth = dbOA.getAuthComponentOA();
-
- mandateServiceSelectionTemplate = dbOA.getMandateServiceSelectionTemplateURL();
- saml2PostBindingTemplate = dbOA.getSaml2PostBindingTemplateURL();
-
- if (dbOA.getAuthComponentOA() != null)
- isHideBPKAuthBlock = dbOA.isRemoveBPKFromAuthBlock();
-
- if (auth != null) {
- TemplatesType templates = auth.getTemplates();
-
- if (templates != null) {
- aditionalAuthBlockText = templates.getAditionalAuthBlockText();
-
- TransformsInfoType bkuSelectTemplate = templates.getBKUSelectionTemplate();
- if (bkuSelectTemplate != null
- && MiscUtil.isNotEmpty(bkuSelectTemplate.getFilename())
- && !bkuSelectTemplate.getFilename().equals(MOAIDConfigurationConstants.WEBGUI_EMPTY_ELEMENT)
- && !bkuSelectTemplate.getFilename().equals(MOAIDConfigurationConstants.WEBGUI_EMPTY_ELEMENT_EMPTY)) {
- bkuSelectionFileUploadFileName.add(bkuSelectTemplate.getFilename());
- }
-
- TransformsInfoType sendAssertionTemplate = templates.getSendAssertionTemplate();
- if (sendAssertionTemplate != null
- && MiscUtil.isNotEmpty(sendAssertionTemplate.getFilename())
- && !sendAssertionTemplate.getFilename().equals(MOAIDConfigurationConstants.WEBGUI_EMPTY_ELEMENT)
- && !sendAssertionTemplate.getFilename().equals(MOAIDConfigurationConstants.WEBGUI_EMPTY_ELEMENT_EMPTY)) {
- sendAssertionFileUploadFileName.add(sendAssertionTemplate.getFilename());
- }
-
- BKUSelectionCustomizationType formcustom = templates.getBKUSelectionCustomization();
- if (formcustom != null) {
-
- if (formcustom.isMandateLoginButton() != null) {
- showMandateLoginButton = formcustom.isMandateLoginButton();
- }
-
- if (formcustom.isOnlyMandateLoginAllowed() != null) {
- onlyMandateAllowed = formcustom.isOnlyMandateLoginAllowed();
- }
-
- if (formcustom.getAppletHeight() != null) {
- applet_height = formcustom.getAppletHeight();
- }
-
- if (formcustom.getAppletHeight() != null) {
- applet_width = formcustom.getAppletWidth();
- }
-
- if (MiscUtil.isNotEmpty(formcustom.getAppletRedirectTarget()))
- appletRedirectTarget = formcustom.getAppletRedirectTarget();
-
- if (MiscUtil.isNotEmpty(formcustom.getBackGroundColor())) {
- backGroundColor = formcustom.getBackGroundColor();
- map.put(FormBuildUtils.PARAM_MAIN_BACKGROUNDCOLOR, formcustom.getBackGroundColor());
- }
-
- if (MiscUtil.isNotEmpty(formcustom.getButtonBackGroundColor())) {
- button_BackGroundColor = formcustom.getButtonBackGroundColor();
- map.put(FormBuildUtils.PARAM_BUTTON_BACKGROUNDCOLOR, formcustom.getButtonBackGroundColor());
- }
-
- if (MiscUtil.isNotEmpty(formcustom.getButtonBackGroundColorFocus())) {
- button_BackGroundColorFocus = formcustom.getButtonBackGroundColorFocus();
- map.put(FormBuildUtils.PARAM_BUTTON_BACKGROUNDCOLOR_FOCUS, formcustom.getButtonBackGroundColorFocus());
- }
-
- if (MiscUtil.isNotEmpty(formcustom.getButtonFontColor())) {
- button_FrontColor = formcustom.getButtonFontColor();
- map.put(FormBuildUtils.PARAM_BUTTON_COLOR, formcustom.getButtonFontColor());
- }
-
- if (MiscUtil.isNotEmpty(formcustom.getFontType())) {
- fontType = formcustom.getFontType();
- map.put(FormBuildUtils.PARAM_FONTFAMILY, formcustom.getFontType());
- }
-
- if (MiscUtil.isNotEmpty(formcustom.getFrontColor())) {
- frontColor = formcustom.getFrontColor();
- map.put(FormBuildUtils.PARAM_MAIN_COLOR, formcustom.getFrontColor());
- }
-
- if (MiscUtil.isNotEmpty(formcustom.getHeaderBackGroundColor())) {
- header_BackGroundColor = formcustom.getHeaderBackGroundColor();
- map.put(FormBuildUtils.PARAM_HEADER_BACKGROUNDCOLOR, formcustom.getHeaderBackGroundColor());
- }
-
- if (MiscUtil.isNotEmpty(formcustom.getHeaderFrontColor())) {
- header_FrontColor = formcustom.getHeaderFrontColor();
- map.put(FormBuildUtils.PARAM_HEADER_COLOR, formcustom.getHeaderFrontColor());
- }
-
- if (MiscUtil.isNotEmpty(formcustom.getHeaderText())) {
- header_text = formcustom.getHeaderText();
- map.put(FormBuildUtils.PARAM_HEADER_TEXT, formcustom.getHeaderText());
- }
- }
- }
- }
-
- request.getSession().setAttribute(Constants.SESSION_BKUFORMPREVIEW, map);
-
- return null;
- }
-
- /* (non-Javadoc)
- * @see at.gv.egovernment.moa.id.configuration.data.oa.IOnlineApplicationData#store(at.gv.egovernment.moa.id.commons.db.dao.config.OnlineApplication, at.gv.egovernment.moa.id.configuration.auth.AuthenticatedUser, javax.servlet.http.HttpServletRequest)
- */
- @Override
- public String store(OnlineApplication dbOA, AuthenticatedUser authUser,
- HttpServletRequest request) {
-
- AuthComponentOA authoa = dbOA.getAuthComponentOA();
- if (authoa == null) {
- authoa = new AuthComponentOA();
- dbOA.setAuthComponentOA(authoa);
- }
-
- dbOA.setRemoveBPKFromAuthBlock(isHideBPKAuthBlock());
-
- dbOA.setMandateServiceSelectionTemplateURL(mandateServiceSelectionTemplate);
- dbOA.setSaml2PostBindingTemplateURL(saml2PostBindingTemplate);
-
- TemplatesType templates = authoa.getTemplates();
- if (templates == null) {
- templates = new TemplatesType();
- authoa.setTemplates(templates);
- }
-
- templates.setAditionalAuthBlockText(getAditionalAuthBlockText());
-
- //store BKU-selection and send-assertion templates
- if (authUser.isAdmin()) {
-
- if (isDeleteBKUTemplate() && templates.getBKUSelectionTemplate() != null) {
- //templates.setBKUSelectionTemplate(null);
- templates.getBKUSelectionTemplate().setDelete(true);
- }
-
- if (isDeleteSendAssertionTemplate() && templates.getSendAssertionTemplate() != null) {
- //templates.setSendAssertionTemplate(null);
- templates.getSendAssertionTemplate().setDelete(true);
- }
-
-
- if (bkuSelectionForm != null && bkuSelectionForm.size() > 0) {
- TransformsInfoType template = new TransformsInfoType();
-
- Iterator<String> interator = bkuSelectionForm.keySet().iterator();
- template.setFilename(interator.next());
- template.setTransformation(bkuSelectionForm.get(
- template.getFilename()));
-
- templates.setBKUSelectionTemplate(template);
- }
-
- if (sendAssertionForm != null && sendAssertionForm.size() > 0) {
- TransformsInfoType template = new TransformsInfoType();
-
- Iterator<String> interator = sendAssertionForm.keySet().iterator();
- template.setFilename(interator.next());
- template.setTransformation(sendAssertionForm.get(
- template.getFilename()));
-
- templates.setSendAssertionTemplate(template);
- }
+ private boolean showMandateLoginButton = true;
+ private boolean onlyMandateAllowed = false;
+
+ private String fontType = null;
+
+ private String frontColor = null;
+ private String backGroundColor = null;
+ private String header_FrontColor = null;
+ private String header_BackGroundColor = null;
+ private String header_text = null;
+ private String button_BackGroundColor = null;
+ private String button_BackGroundColorFocus = null;
+ private String button_FrontColor = null;
+ private String applet_height = null;
+ private String applet_width = null;
+
+ private Map<String, String> map = null;
+
+ private String appletRedirectTarget = null;
+ public static List<String> appletRedirectTargetList = null;
+
+ public static List<String> fontTypeList = null;
+ public String fontTypeListValue = null;
+
+ private Map<String, byte[]> sendAssertionForm = new HashMap<>();
+ private Map<String, byte[]> bkuSelectionForm = new HashMap<>();
+
+ private List<File> bkuSelectionFileUpload = null;
+ private List<String> bkuSelectionFileUploadContentType = null;
+ private List<String> bkuSelectionFileUploadFileName = new ArrayList<>();
+ private boolean deleteBKUTemplate = false;
+
+ private List<File> sendAssertionFileUpload = null;
+ private List<String> sendAssertionFileUploadContentType = null;
+ private List<String> sendAssertionFileUploadFileName = new ArrayList<>();
+ private boolean deleteSendAssertionTemplate = false;
+
+ private String aditionalAuthBlockText = null;
+ private boolean isHideBPKAuthBlock = false;
+
+ private String saml2PostBindingTemplate = null;
+ private String mandateServiceSelectionTemplate = null;
+
+ public FormularCustomization() {
+ new FormularCustomization(null);
+ }
+
+ public FormularCustomization(Map<String, String> map) {
+ appletRedirectTargetList = Arrays.asList("", "_blank", "_self", "_parent", "_top");
+ fontTypeList = Arrays.asList("", "Verdana", "Geneva", "Arial", "Helvetica", "sans-serif",
+ "Times New Roman");
+ Collections.sort(fontTypeList);
+
+ if (map == null) {
+ this.map = FormBuildUtils.getDefaultMap();
+ } else {
+ this.map = map;
+ }
+
+ }
+
+ /*
+ * (non-Javadoc)
+ *
+ * @see
+ * at.gv.egovernment.moa.id.configuration.data.oa.IOnlineApplicationData#getName
+ * ()
+ */
+ @Override
+ public String getName() {
+ return "OAFormularCustomization";
+ }
+
+ /*
+ * (non-Javadoc)
+ *
+ * @see
+ * at.gv.egovernment.moa.id.configuration.data.oa.IOnlineApplicationData#parse(
+ * at.gv.egovernment.moa.id.commons.db.dao.config.OnlineApplication,
+ * javax.servlet.http.HttpServletRequest)
+ */
+ @Override
+ public List<String> parse(OnlineApplication dbOA, AuthenticatedUser authUser, HttpServletRequest request) {
+ final AuthComponentOA auth = dbOA.getAuthComponentOA();
+
+ mandateServiceSelectionTemplate = dbOA.getMandateServiceSelectionTemplateURL();
+ saml2PostBindingTemplate = dbOA.getSaml2PostBindingTemplateURL();
+
+ if (dbOA.getAuthComponentOA() != null) {
+ isHideBPKAuthBlock = dbOA.isRemoveBPKFromAuthBlock();
+ }
+
+ if (auth != null) {
+ final TemplatesType templates = auth.getTemplates();
+
+ if (templates != null) {
+ aditionalAuthBlockText = templates.getAditionalAuthBlockText();
+
+ final TransformsInfoType bkuSelectTemplate = templates.getBKUSelectionTemplate();
+ if (bkuSelectTemplate != null
+ && MiscUtil.isNotEmpty(bkuSelectTemplate.getFilename())
+ && !bkuSelectTemplate.getFilename().equals(MOAIDConfigurationConstants.WEBGUI_EMPTY_ELEMENT)
+ && !bkuSelectTemplate.getFilename().equals(
+ MOAIDConfigurationConstants.WEBGUI_EMPTY_ELEMENT_EMPTY)) {
+ bkuSelectionFileUploadFileName.add(bkuSelectTemplate.getFilename());
}
-
- BKUSelectionCustomizationType bkuselectioncustom = templates.getBKUSelectionCustomization();
- if (bkuselectioncustom == null) {
- bkuselectioncustom = new BKUSelectionCustomizationType();
- templates.setBKUSelectionCustomization(bkuselectioncustom);
+
+ final TransformsInfoType sendAssertionTemplate = templates.getSendAssertionTemplate();
+ if (sendAssertionTemplate != null
+ && MiscUtil.isNotEmpty(sendAssertionTemplate.getFilename())
+ && !sendAssertionTemplate.getFilename().equals(MOAIDConfigurationConstants.WEBGUI_EMPTY_ELEMENT)
+ && !sendAssertionTemplate.getFilename().equals(
+ MOAIDConfigurationConstants.WEBGUI_EMPTY_ELEMENT_EMPTY)) {
+ sendAssertionFileUploadFileName.add(sendAssertionTemplate.getFilename());
}
-
- if (authoa.getMandates() != null &&
- ((authoa.getMandates().getProfileName() != null
- && authoa.getMandates().getProfileName().size() > 0)
- || MiscUtil.isNotEmpty(authoa.getMandates().getProfiles())))
-
- bkuselectioncustom.setMandateLoginButton(true);
- else
- bkuselectioncustom.setMandateLoginButton(false);
-
- bkuselectioncustom.setOnlyMandateLoginAllowed(isOnlyMandateAllowed());
-
- bkuselectioncustom.setBackGroundColor(parseColor(getBackGroundColor()));
- bkuselectioncustom.setFrontColor(parseColor(getFrontColor()));
-
- bkuselectioncustom.setHeaderBackGroundColor(parseColor(getHeader_BackGroundColor()));
- bkuselectioncustom.setHeaderFrontColor(parseColor(getHeader_FrontColor()));
- bkuselectioncustom.setHeaderText(getHeader_text());
-
- bkuselectioncustom.setButtonBackGroundColor(parseColor(getButton_BackGroundColor()));
- bkuselectioncustom.setButtonBackGroundColorFocus(parseColor(getButton_BackGroundColorFocus()));
- bkuselectioncustom.setButtonFontColor(parseColor(getButton_FrontColor()));
-
- if (MiscUtil.isNotEmpty(getAppletRedirectTarget()))
- bkuselectioncustom.setAppletRedirectTarget(getAppletRedirectTarget());
-
- bkuselectioncustom.setFontType(getFontType());
-
- bkuselectioncustom.setAppletHeight(getApplet_height());
- bkuselectioncustom.setAppletWidth(getApplet_width());
-
-
- return null;
- }
-
- /* (non-Javadoc)
- * @see at.gv.egovernment.moa.id.configuration.data.oa.IOnlineApplicationData#validate(at.gv.egovernment.moa.id.configuration.data.oa.OAGeneralConfig, at.gv.egovernment.moa.id.configuration.auth.AuthenticatedUser, javax.servlet.http.HttpServletRequest)
- */
- @Override
- public List<String> validate(OAGeneralConfig general,
- AuthenticatedUser authUser, HttpServletRequest request) {
-
- HttpSession session = request.getSession();
- List<String> errors = new ArrayList<String>();
-
- String check = null;
- if (authUser.isAdmin()) {
- //validate aditionalAuthBlockText
- check = getAditionalAuthBlockText();
- if (MiscUtil.isNotEmpty(check)) {
- if (ValidationHelper.containsNotValidCharacter(check, false)) {
- log.warn("AditionalAuthBlockText contains potentail XSS characters: " + check);
- errors.add(LanguageHelper.getErrorString("validation.general.aditionalauthblocktext",
- new Object[] {ValidationHelper.getNotValidCharacter(false)}, request ));
- }
- }
- }
-
- OAFileUploadValidation valiator_fileUpload = new OAFileUploadValidation();
- //validate BKU-selection template
- List<String> templateError = valiator_fileUpload.validate(getBkuSelectionFileUploadFileName()
- , getBkuSelectionFileUpload(), "validation.general.bkuselection", bkuSelectionForm, request);
- if (templateError != null && templateError.size() == 0) {
- if (bkuSelectionForm != null && bkuSelectionForm.size() > 0)
- session.setAttribute(Constants.SESSION_BKUSELECTIONTEMPLATE, bkuSelectionForm);
-
- else
- bkuSelectionForm = (Map<String, byte[]>) session.getAttribute(Constants.SESSION_BKUSELECTIONTEMPLATE);
-
- } else {
- errors.addAll(templateError);
+ final BKUSelectionCustomizationType formcustom = templates.getBKUSelectionCustomization();
+ if (formcustom != null) {
+
+ if (formcustom.isMandateLoginButton() != null) {
+ showMandateLoginButton = formcustom.isMandateLoginButton();
+ }
+
+ if (formcustom.isOnlyMandateLoginAllowed() != null) {
+ onlyMandateAllowed = formcustom.isOnlyMandateLoginAllowed();
+ }
+
+ if (formcustom.getAppletHeight() != null) {
+ applet_height = formcustom.getAppletHeight();
+ }
+
+ if (formcustom.getAppletHeight() != null) {
+ applet_width = formcustom.getAppletWidth();
+ }
+
+ if (MiscUtil.isNotEmpty(formcustom.getAppletRedirectTarget())) {
+ appletRedirectTarget = formcustom.getAppletRedirectTarget();
+ }
+
+ if (MiscUtil.isNotEmpty(formcustom.getBackGroundColor())) {
+ backGroundColor = formcustom.getBackGroundColor();
+ map.put(FormBuildUtils.PARAM_MAIN_BACKGROUNDCOLOR, formcustom.getBackGroundColor());
+ }
+
+ if (MiscUtil.isNotEmpty(formcustom.getButtonBackGroundColor())) {
+ button_BackGroundColor = formcustom.getButtonBackGroundColor();
+ map.put(FormBuildUtils.PARAM_BUTTON_BACKGROUNDCOLOR, formcustom.getButtonBackGroundColor());
+ }
+
+ if (MiscUtil.isNotEmpty(formcustom.getButtonBackGroundColorFocus())) {
+ button_BackGroundColorFocus = formcustom.getButtonBackGroundColorFocus();
+ map.put(FormBuildUtils.PARAM_BUTTON_BACKGROUNDCOLOR_FOCUS, formcustom
+ .getButtonBackGroundColorFocus());
+ }
+
+ if (MiscUtil.isNotEmpty(formcustom.getButtonFontColor())) {
+ button_FrontColor = formcustom.getButtonFontColor();
+ map.put(FormBuildUtils.PARAM_BUTTON_COLOR, formcustom.getButtonFontColor());
+ }
+
+ if (MiscUtil.isNotEmpty(formcustom.getFontType())) {
+ fontType = formcustom.getFontType();
+ map.put(FormBuildUtils.PARAM_FONTFAMILY, formcustom.getFontType());
+ }
+
+ if (MiscUtil.isNotEmpty(formcustom.getFrontColor())) {
+ frontColor = formcustom.getFrontColor();
+ map.put(FormBuildUtils.PARAM_MAIN_COLOR, formcustom.getFrontColor());
+ }
+
+ if (MiscUtil.isNotEmpty(formcustom.getHeaderBackGroundColor())) {
+ header_BackGroundColor = formcustom.getHeaderBackGroundColor();
+ map.put(FormBuildUtils.PARAM_HEADER_BACKGROUNDCOLOR, formcustom.getHeaderBackGroundColor());
+ }
+
+ if (MiscUtil.isNotEmpty(formcustom.getHeaderFrontColor())) {
+ header_FrontColor = formcustom.getHeaderFrontColor();
+ map.put(FormBuildUtils.PARAM_HEADER_COLOR, formcustom.getHeaderFrontColor());
+ }
+
+ if (MiscUtil.isNotEmpty(formcustom.getHeaderText())) {
+ header_text = formcustom.getHeaderText();
+ map.put(FormBuildUtils.PARAM_HEADER_TEXT, formcustom.getHeaderText());
+ }
}
+ }
+ }
+
+ request.getSession().setAttribute(Constants.SESSION_BKUFORMPREVIEW, map);
+
+ return null;
+ }
+
+ /*
+ * (non-Javadoc)
+ *
+ * @see
+ * at.gv.egovernment.moa.id.configuration.data.oa.IOnlineApplicationData#store(
+ * at.gv.egovernment.moa.id.commons.db.dao.config.OnlineApplication,
+ * at.gv.egovernment.moa.id.configuration.auth.AuthenticatedUser,
+ * javax.servlet.http.HttpServletRequest)
+ */
+ @Override
+ public String store(OnlineApplication dbOA, AuthenticatedUser authUser,
+ HttpServletRequest request) {
+
+ AuthComponentOA authoa = dbOA.getAuthComponentOA();
+ if (authoa == null) {
+ authoa = new AuthComponentOA();
+ dbOA.setAuthComponentOA(authoa);
+ }
- //validate send-assertion template
- templateError = valiator_fileUpload.validate(getSendAssertionFileUploadFileName()
- , getSendAssertionFileUpload(), "validation.general.sendassertion", sendAssertionForm, request);
- if (templateError != null && templateError.size() == 0) {
- if (sendAssertionForm != null && sendAssertionForm.size() > 0)
- session.setAttribute(Constants.SESSION_SENDASSERTIONTEMPLATE, sendAssertionForm);
+ dbOA.setRemoveBPKFromAuthBlock(isHideBPKAuthBlock());
- else
- sendAssertionForm = (Map<String, byte[]>) session.getAttribute(Constants.SESSION_SENDASSERTIONTEMPLATE);
+ dbOA.setMandateServiceSelectionTemplateURL(mandateServiceSelectionTemplate);
+ dbOA.setSaml2PostBindingTemplateURL(saml2PostBindingTemplate);
- } else {
- errors.addAll(templateError);
+ TemplatesType templates = authoa.getTemplates();
+ if (templates == null) {
+ templates = new TemplatesType();
+ authoa.setTemplates(templates);
+ }
- }
-
- check = getSaml2PostBindingTemplate();
- if (MiscUtil.isNotEmpty(check) && ValidationHelper.isNotValidIdentityLinkSigner(check) ) {
- log.info("URL to SAML2 POST-Binding template is not valid");
- errors.add(LanguageHelper.getErrorString("validation.general.templates.saml2.postbinding.valid", request));
-
- }
-
- check = getMandateServiceSelectionTemplate();
- if (MiscUtil.isNotEmpty(check) && ValidationHelper.isNotValidIdentityLinkSigner(check) ) {
- log.info("URL to mandate-service selection-template is not valid");
- errors.add(LanguageHelper.getErrorString("validation.general.templates.mandateserviceselection.valid", request));
-
- }
-
-
- //validate BKUFormCustomization
- errors.addAll(new FormularCustomizationValitator().validate(this, request));
-
- return errors;
- }
-
- private String parseColor(String color) {
- String value = "";
-
- if (MiscUtil.isNotEmpty(color)) {
- if (!color.startsWith("#"))
- value = "#" + color;
- else
- value = color;
- }
- return value;
+ templates.setAditionalAuthBlockText(getAditionalAuthBlockText());
+
+ // store BKU-selection and send-assertion templates
+ if (authUser.isAdmin()) {
+
+ if (isDeleteBKUTemplate() && templates.getBKUSelectionTemplate() != null) {
+ // templates.setBKUSelectionTemplate(null);
+ templates.getBKUSelectionTemplate().setDelete(true);
+ }
+
+ if (isDeleteSendAssertionTemplate() && templates.getSendAssertionTemplate() != null) {
+ // templates.setSendAssertionTemplate(null);
+ templates.getSendAssertionTemplate().setDelete(true);
+ }
+
+ if (bkuSelectionForm != null && bkuSelectionForm.size() > 0) {
+ final TransformsInfoType template = new TransformsInfoType();
+
+ final Iterator<String> interator = bkuSelectionForm.keySet().iterator();
+ template.setFilename(interator.next());
+ template.setTransformation(bkuSelectionForm.get(
+ template.getFilename()));
+
+ templates.setBKUSelectionTemplate(template);
+ }
+
+ if (sendAssertionForm != null && sendAssertionForm.size() > 0) {
+ final TransformsInfoType template = new TransformsInfoType();
+
+ final Iterator<String> interator = sendAssertionForm.keySet().iterator();
+ template.setFilename(interator.next());
+ template.setTransformation(sendAssertionForm.get(
+ template.getFilename()));
+
+ templates.setSendAssertionTemplate(template);
+ }
}
- /**
- * @return the showMandateLoginButton
- */
- public boolean isShowMandateLoginButton() {
- return showMandateLoginButton;
- }
+ BKUSelectionCustomizationType bkuselectioncustom = templates.getBKUSelectionCustomization();
+ if (bkuselectioncustom == null) {
+ bkuselectioncustom = new BKUSelectionCustomizationType();
+ templates.setBKUSelectionCustomization(bkuselectioncustom);
+ }
+
+ if (authoa.getMandates() != null &&
+ (authoa.getMandates().getProfileName() != null
+ && authoa.getMandates().getProfileName().size() > 0
+ || MiscUtil.isNotEmpty(authoa.getMandates().getProfiles()))) {
+ bkuselectioncustom.setMandateLoginButton(true);
+ } else {
+ bkuselectioncustom.setMandateLoginButton(false);
+ }
+ bkuselectioncustom.setOnlyMandateLoginAllowed(isOnlyMandateAllowed());
- /**
- * @param showMandateLoginButton the showMandateLoginButton to set
- */
- public void setShowMandateLoginButton(boolean showMandateLoginButton) {
- this.showMandateLoginButton = showMandateLoginButton;
- }
+ bkuselectioncustom.setBackGroundColor(parseColor(getBackGroundColor()));
+ bkuselectioncustom.setFrontColor(parseColor(getFrontColor()));
+ bkuselectioncustom.setHeaderBackGroundColor(parseColor(getHeader_BackGroundColor()));
+ bkuselectioncustom.setHeaderFrontColor(parseColor(getHeader_FrontColor()));
+ bkuselectioncustom.setHeaderText(getHeader_text());
- /**
- * @return the onlyMandateAllowed
- */
- public boolean isOnlyMandateAllowed() {
- return onlyMandateAllowed;
- }
+ bkuselectioncustom.setButtonBackGroundColor(parseColor(getButton_BackGroundColor()));
+ bkuselectioncustom.setButtonBackGroundColorFocus(parseColor(getButton_BackGroundColorFocus()));
+ bkuselectioncustom.setButtonFontColor(parseColor(getButton_FrontColor()));
+ if (MiscUtil.isNotEmpty(getAppletRedirectTarget())) {
+ bkuselectioncustom.setAppletRedirectTarget(getAppletRedirectTarget());
+ }
+
+ bkuselectioncustom.setFontType(getFontType());
+
+ bkuselectioncustom.setAppletHeight(getApplet_height());
+ bkuselectioncustom.setAppletWidth(getApplet_width());
+
+ return null;
+ }
+
+ /*
+ * (non-Javadoc)
+ *
+ * @see at.gv.egovernment.moa.id.configuration.data.oa.IOnlineApplicationData#
+ * validate(at.gv.egovernment.moa.id.configuration.data.oa.OAGeneralConfig,
+ * at.gv.egovernment.moa.id.configuration.auth.AuthenticatedUser,
+ * javax.servlet.http.HttpServletRequest)
+ */
+ @Override
+ public List<String> validate(OAGeneralConfig general,
+ AuthenticatedUser authUser, HttpServletRequest request) {
+
+ final HttpSession session = request.getSession();
+ final List<String> errors = new ArrayList<>();
+
+ String check = null;
+ if (authUser.isAdmin()) {
+ // validate aditionalAuthBlockText
+ check = getAditionalAuthBlockText();
+ if (MiscUtil.isNotEmpty(check)) {
+ if (ValidationHelper.containsNotValidCharacter(check, false)) {
+ log.warn("AditionalAuthBlockText contains potentail XSS characters: " + check);
+ errors.add(LanguageHelper.getErrorString("validation.general.aditionalauthblocktext",
+ new Object[] { ValidationHelper.getNotValidCharacter(false) }, request));
+ }
+ }
+ }
- /**
- * @param onlyMandateAllowed the onlyMandateAllowed to set
- */
- public void setOnlyMandateAllowed(boolean onlyMandateAllowed) {
- this.onlyMandateAllowed = onlyMandateAllowed;
- }
+ final OAFileUploadValidation valiator_fileUpload = new OAFileUploadValidation();
+ // validate BKU-selection template
+ List<String> templateError = valiator_fileUpload.validate(getBkuSelectionFileUploadFileName(),
+ getBkuSelectionFileUpload(), "validation.general.bkuselection", bkuSelectionForm, request);
+ if (templateError != null && templateError.size() == 0) {
+ if (bkuSelectionForm != null && bkuSelectionForm.size() > 0) {
+ session.setAttribute(Constants.SESSION_BKUSELECTIONTEMPLATE, bkuSelectionForm);
+ } else {
+ bkuSelectionForm = (Map<String, byte[]>) session.getAttribute(Constants.SESSION_BKUSELECTIONTEMPLATE);
+ }
+ } else {
+ errors.addAll(templateError);
- /**
- * @return the fontType
- */
- public String getFontType() {
- return fontType;
- }
+ }
+ // validate send-assertion template
+ templateError = valiator_fileUpload.validate(getSendAssertionFileUploadFileName(),
+ getSendAssertionFileUpload(), "validation.general.sendassertion", sendAssertionForm, request);
+ if (templateError != null && templateError.size() == 0) {
+ if (sendAssertionForm != null && sendAssertionForm.size() > 0) {
+ session.setAttribute(Constants.SESSION_SENDASSERTIONTEMPLATE, sendAssertionForm);
+ } else {
+ sendAssertionForm = (Map<String, byte[]>) session.getAttribute(
+ Constants.SESSION_SENDASSERTIONTEMPLATE);
+ }
- /**
- * @param fontType the fontType to set
- */
- public void setFontType(String fontType) {
- this.fontType = fontType;
- }
+ } else {
+ errors.addAll(templateError);
+ }
- /**
- * @return the frontColor
- */
- public String getFrontColor() {
- return frontColor;
- }
+ check = getSaml2PostBindingTemplate();
+ if (MiscUtil.isNotEmpty(check) && ValidationHelper.isNotValidIdentityLinkSigner(check)) {
+ log.info("URL to SAML2 POST-Binding template is not valid");
+ errors.add(LanguageHelper.getErrorString("validation.general.templates.saml2.postbinding.valid",
+ request));
+ }
- /**
- * @param frontColor the frontColor to set
- */
- public void setFrontColor(String frontColor) {
- this.frontColor = frontColor;
- }
+ check = getMandateServiceSelectionTemplate();
+ if (MiscUtil.isNotEmpty(check) && ValidationHelper.isNotValidIdentityLinkSigner(check)) {
+ log.info("URL to mandate-service selection-template is not valid");
+ errors.add(LanguageHelper.getErrorString("validation.general.templates.mandateserviceselection.valid",
+ request));
+ }
- /**
- * @return the backGroundColor
- */
- public String getBackGroundColor() {
- return backGroundColor;
- }
+ // validate BKUFormCustomization
+ errors.addAll(new FormularCustomizationValitator().validate(this, request));
+ return errors;
+ }
- /**
- * @param backGroundColor the backGroundColor to set
- */
- public void setBackGroundColor(String backGroundColor) {
- this.backGroundColor = backGroundColor;
- }
+ private String parseColor(String color) {
+ String value = "";
+ if (MiscUtil.isNotEmpty(color)) {
+ if (!color.startsWith("#")) {
+ value = "#" + color;
+ } else {
+ value = color;
+ }
+ }
+ return value;
+ }
+
+ /**
+ * @return the showMandateLoginButton
+ */
+ public boolean isShowMandateLoginButton() {
+ return showMandateLoginButton;
+ }
+
+ /**
+ * @param showMandateLoginButton the showMandateLoginButton to set
+ */
+ public void setShowMandateLoginButton(boolean showMandateLoginButton) {
+ this.showMandateLoginButton = showMandateLoginButton;
+ }
+
+ /**
+ * @return the onlyMandateAllowed
+ */
+ public boolean isOnlyMandateAllowed() {
+ return onlyMandateAllowed;
+ }
+
+ /**
+ * @param onlyMandateAllowed the onlyMandateAllowed to set
+ */
+ public void setOnlyMandateAllowed(boolean onlyMandateAllowed) {
+ this.onlyMandateAllowed = onlyMandateAllowed;
+ }
+
+ /**
+ * @return the fontType
+ */
+ public String getFontType() {
+ return fontType;
+ }
+
+ /**
+ * @param fontType the fontType to set
+ */
+ public void setFontType(String fontType) {
+ this.fontType = fontType;
+ }
+
+ /**
+ * @return the frontColor
+ */
+ public String getFrontColor() {
+ return frontColor;
+ }
+
+ /**
+ * @param frontColor the frontColor to set
+ */
+ public void setFrontColor(String frontColor) {
+ this.frontColor = frontColor;
+ }
+
+ /**
+ * @return the backGroundColor
+ */
+ public String getBackGroundColor() {
+ return backGroundColor;
+ }
+
+ /**
+ * @param backGroundColor the backGroundColor to set
+ */
+ public void setBackGroundColor(String backGroundColor) {
+ this.backGroundColor = backGroundColor;
+ }
+
+ /**
+ * @return the header_FrontColor
+ */
+ public String getHeader_FrontColor() {
+ return header_FrontColor;
+ }
+
+ /**
+ * @param header_FrontColor the header_FrontColor to set
+ */
+ public void setHeader_FrontColor(String header_FrontColor) {
+ this.header_FrontColor = header_FrontColor;
+ }
+
+ /**
+ * @return the header_BackGroundColor
+ */
+ public String getHeader_BackGroundColor() {
+ return header_BackGroundColor;
+ }
+
+ /**
+ * @param header_BackGroundColor the header_BackGroundColor to set
+ */
+ public void setHeader_BackGroundColor(String header_BackGroundColor) {
+ this.header_BackGroundColor = header_BackGroundColor;
+ }
+
+ /**
+ * @return the header_text
+ */
+ public String getHeader_text() {
+ return header_text;
+ }
+
+ /**
+ * @param header_text the header_text to set
+ */
+ public void setHeader_text(String header_text) {
+ this.header_text = header_text;
+ }
+
+ /**
+ * @return the button_BackGroundColor
+ */
+ public String getButton_BackGroundColor() {
+ return button_BackGroundColor;
+ }
+
+ /**
+ * @param button_BackGroundColor the button_BackGroundColor to set
+ */
+ public void setButton_BackGroundColor(String button_BackGroundColor) {
+ this.button_BackGroundColor = button_BackGroundColor;
+ }
+
+ /**
+ * @return the button_BackGroundColorFocus
+ */
+ public String getButton_BackGroundColorFocus() {
+ return button_BackGroundColorFocus;
+ }
+
+ /**
+ * @param button_BackGroundColorFocus the button_BackGroundColorFocus to set
+ */
+ public void setButton_BackGroundColorFocus(String button_BackGroundColorFocus) {
+ this.button_BackGroundColorFocus = button_BackGroundColorFocus;
+ }
+
+ /**
+ * @return the button_FrontColor
+ */
+ public String getButton_FrontColor() {
+ return button_FrontColor;
+ }
+
+ /**
+ * @param button_FrontColor the button_FrontColor to set
+ */
+ public void setButton_FrontColor(String button_FrontColor) {
+ this.button_FrontColor = button_FrontColor;
+ }
+
+ /**
+ * @return the appletRedirectTarget
+ */
+ public String getAppletRedirectTarget() {
+ return appletRedirectTarget;
+ }
+
+ /**
+ * @param appletRedirectTarget the appletRedirectTarget to set
+ */
+ public void setAppletRedirectTarget(String appletRedirectTarget) {
+ this.appletRedirectTarget = appletRedirectTarget;
+ }
+
+ /**
+ * @return the appletredirecttargetlist
+ */
+ public List<String> getAppletRedirectTargetList() {
+ return appletRedirectTargetList;
+ }
+
+ /**
+ * @return the fontTypeList
+ */
+ public List<String> getFontTypeList() {
+ return fontTypeList;
+ }
+
+ /**
+ * @return the fontTypeListValue
+ */
+ public String getFontTypeListValue() {
+ return fontTypeListValue;
+ }
+
+ /**
+ * @param fontTypeListValue the fontTypeListValue to set
+ */
+ public void setFontTypeListValue(String fontTypeListValue) {
+ this.fontTypeListValue = fontTypeListValue;
+ }
+
+ /**
+ * @return the applet_height
+ */
+ public String getApplet_height() {
+ return applet_height;
+ }
+
+ /**
+ * @param applet_height the applet_height to set
+ */
+ public void setApplet_height(String applet_height) {
+ this.applet_height = applet_height;
+ }
+
+ /**
+ * @return the applet_width
+ */
+ public String getApplet_width() {
+ return applet_width;
+ }
+
+ /**
+ * @param applet_width the applet_width to set
+ */
+ public void setApplet_width(String applet_width) {
+ this.applet_width = applet_width;
+ }
+
+ /**
+ * @return the bkuSelectionFileUpload
+ */
+ public List<File> getBkuSelectionFileUpload() {
+ return bkuSelectionFileUpload;
+ }
+
+ /**
+ * @param bkuSelectionFileUpload the bkuSelectionFileUpload to set
+ */
+ public void setBkuSelectionFileUpload(List<File> bkuSelectionFileUpload) {
+ this.bkuSelectionFileUpload = bkuSelectionFileUpload;
+ }
+
+ /**
+ * @return the bkuSelectionFileUploadContentType
+ */
+ public List<String> getBkuSelectionFileUploadContentType() {
+ return bkuSelectionFileUploadContentType;
+ }
+
+ /**
+ * @param bkuSelectionFileUploadContentType the
+ * bkuSelectionFileUploadContentType to
+ * set
+ */
+ public void setBkuSelectionFileUploadContentType(
+ List<String> bkuSelectionFileUploadContentType) {
+ this.bkuSelectionFileUploadContentType = bkuSelectionFileUploadContentType;
+ }
+
+ /**
+ * @return the bkuSelectionFileUploadFileName
+ */
+ public List<String> getBkuSelectionFileUploadFileName() {
+ return bkuSelectionFileUploadFileName;
+ }
+
+ /**
+ * @param bkuSelectionFileUploadFileName the bkuSelectionFileUploadFileName to
+ * set
+ */
+ public void setBkuSelectionFileUploadFileName(
+ List<String> bkuSelectionFileUploadFileName) {
+ this.bkuSelectionFileUploadFileName = bkuSelectionFileUploadFileName;
+ }
+
+ /**
+ * @return the sendAssertionFileUpload
+ */
+ public List<File> getSendAssertionFileUpload() {
+ return sendAssertionFileUpload;
+ }
+
+ /**
+ * @param sendAssertionFileUpload the sendAssertionFileUpload to set
+ */
+ public void setSendAssertionFileUpload(List<File> sendAssertionFileUpload) {
+ this.sendAssertionFileUpload = sendAssertionFileUpload;
+ }
+
+ /**
+ * @return the sendAssertionFileUploadContentType
+ */
+ public List<String> getSendAssertionFileUploadContentType() {
+ return sendAssertionFileUploadContentType;
+ }
+
+ /**
+ * @param sendAssertionFileUploadContentType the
+ * sendAssertionFileUploadContentType
+ * to set
+ */
+ public void setSendAssertionFileUploadContentType(
+ List<String> sendAssertionFileUploadContentType) {
+ this.sendAssertionFileUploadContentType = sendAssertionFileUploadContentType;
+ }
+
+ /**
+ * @return the sendAssertionFileUploadFileName
+ */
+ public List<String> getSendAssertionFileUploadFileName() {
+ return sendAssertionFileUploadFileName;
+ }
+
+ /**
+ * @param sendAssertionFileUploadFileName the sendAssertionFileUploadFileName to
+ * set
+ */
+ public void setSendAssertionFileUploadFileName(
+ List<String> sendAssertionFileUploadFileName) {
+ this.sendAssertionFileUploadFileName = sendAssertionFileUploadFileName;
+ }
+
+ /**
+ * @return the deleteBKUTemplate
+ */
+ public boolean isDeleteBKUTemplate() {
+ return deleteBKUTemplate;
+ }
+
+ /**
+ * @param deleteBKUTemplate the deleteBKUTemplate to set
+ */
+ public void setDeleteBKUTemplate(boolean deleteBKUTemplate) {
+ this.deleteBKUTemplate = deleteBKUTemplate;
+ }
+
+ /**
+ * @return the deleteSendAssertionTemplate
+ */
+ public boolean isDeleteSendAssertionTemplate() {
+ return deleteSendAssertionTemplate;
+ }
+
+ /**
+ * @param deleteSendAssertionTemplate the deleteSendAssertionTemplate to set
+ */
+ public void setDeleteSendAssertionTemplate(boolean deleteSendAssertionTemplate) {
+ this.deleteSendAssertionTemplate = deleteSendAssertionTemplate;
+ }
+
+ /**
+ * @return the aditionalAuthBlockText
+ */
+ public String getAditionalAuthBlockText() {
+ return aditionalAuthBlockText;
+ }
+
+ /**
+ * @param aditionalAuthBlockText the aditionalAuthBlockText to set
+ */
+ public void setAditionalAuthBlockText(String aditionalAuthBlockText) {
+ this.aditionalAuthBlockText = aditionalAuthBlockText;
+ }
+
+ /**
+ * @return the isHideBPKAuthBlock
+ */
+ public boolean isHideBPKAuthBlock() {
+ return isHideBPKAuthBlock;
+ }
+
+ /**
+ * @param isHideBPKAuthBlock the isHideBPKAuthBlock to set
+ */
+ public void setHideBPKAuthBlock(boolean isHideBPKAuthBlock) {
+ this.isHideBPKAuthBlock = isHideBPKAuthBlock;
+ }
+
+ /**
+ * @return the map
+ */
+ public Map<String, String> getFormMap() {
+ return map;
+ }
+
+ /**
+ * @return the saml2PostBindingTemplate
+ */
+ public String getSaml2PostBindingTemplate() {
+ return saml2PostBindingTemplate;
+ }
+
+ /**
+ * @param saml2PostBindingTemplate the saml2PostBindingTemplate to set
+ */
+ public void setSaml2PostBindingTemplate(String saml2PostBindingTemplate) {
+ this.saml2PostBindingTemplate = saml2PostBindingTemplate;
+ }
+
+ /**
+ * @return the mandateServiceSelectionTemplate
+ */
+ public String getMandateServiceSelectionTemplate() {
+ return mandateServiceSelectionTemplate;
+ }
+
+ /**
+ * @param mandateServiceSelectionTemplate the mandateServiceSelectionTemplate to
+ * set
+ */
+ public void setMandateServiceSelectionTemplate(String mandateServiceSelectionTemplate) {
+ this.mandateServiceSelectionTemplate = mandateServiceSelectionTemplate;
+ }
- /**
- * @return the header_FrontColor
- */
- public String getHeader_FrontColor() {
- return header_FrontColor;
- }
-
-
- /**
- * @param header_FrontColor the header_FrontColor to set
- */
- public void setHeader_FrontColor(String header_FrontColor) {
- this.header_FrontColor = header_FrontColor;
- }
-
-
- /**
- * @return the header_BackGroundColor
- */
- public String getHeader_BackGroundColor() {
- return header_BackGroundColor;
- }
-
-
- /**
- * @param header_BackGroundColor the header_BackGroundColor to set
- */
- public void setHeader_BackGroundColor(String header_BackGroundColor) {
- this.header_BackGroundColor = header_BackGroundColor;
- }
-
-
- /**
- * @return the header_text
- */
- public String getHeader_text() {
- return header_text;
- }
-
-
- /**
- * @param header_text the header_text to set
- */
- public void setHeader_text(String header_text) {
- this.header_text = header_text;
- }
-
-
- /**
- * @return the button_BackGroundColor
- */
- public String getButton_BackGroundColor() {
- return button_BackGroundColor;
- }
-
-
- /**
- * @param button_BackGroundColor the button_BackGroundColor to set
- */
- public void setButton_BackGroundColor(String button_BackGroundColor) {
- this.button_BackGroundColor = button_BackGroundColor;
- }
-
-
- /**
- * @return the button_BackGroundColorFocus
- */
- public String getButton_BackGroundColorFocus() {
- return button_BackGroundColorFocus;
- }
-
-
- /**
- * @param button_BackGroundColorFocus the button_BackGroundColorFocus to set
- */
- public void setButton_BackGroundColorFocus(String button_BackGroundColorFocus) {
- this.button_BackGroundColorFocus = button_BackGroundColorFocus;
- }
-
-
- /**
- * @return the button_FrontColor
- */
- public String getButton_FrontColor() {
- return button_FrontColor;
- }
-
-
- /**
- * @param button_FrontColor the button_FrontColor to set
- */
- public void setButton_FrontColor(String button_FrontColor) {
- this.button_FrontColor = button_FrontColor;
- }
-
-
- /**
- * @return the appletRedirectTarget
- */
- public String getAppletRedirectTarget() {
- return appletRedirectTarget;
- }
-
- /**
- * @param appletRedirectTarget the appletRedirectTarget to set
- */
- public void setAppletRedirectTarget(String appletRedirectTarget) {
- this.appletRedirectTarget = appletRedirectTarget;
- }
-
-
- /**
- * @return the appletredirecttargetlist
- */
- public List<String> getAppletRedirectTargetList() {
- return appletRedirectTargetList;
- }
-
- /**
- * @return the fontTypeList
- */
- public List<String> getFontTypeList() {
- return fontTypeList;
- }
-
- /**
- * @return the fontTypeListValue
- */
- public String getFontTypeListValue() {
- return fontTypeListValue;
- }
-
- /**
- * @param fontTypeListValue the fontTypeListValue to set
- */
- public void setFontTypeListValue(String fontTypeListValue) {
- this.fontTypeListValue = fontTypeListValue;
- }
-
- /**
- * @return the applet_height
- */
- public String getApplet_height() {
- return applet_height;
- }
-
- /**
- * @param applet_height the applet_height to set
- */
- public void setApplet_height(String applet_height) {
- this.applet_height = applet_height;
- }
-
- /**
- * @return the applet_width
- */
- public String getApplet_width() {
- return applet_width;
- }
-
- /**
- * @param applet_width the applet_width to set
- */
- public void setApplet_width(String applet_width) {
- this.applet_width = applet_width;
- }
-
-
-
- /**
- * @return the bkuSelectionFileUpload
- */
- public List<File> getBkuSelectionFileUpload() {
- return bkuSelectionFileUpload;
- }
-
-
- /**
- * @param bkuSelectionFileUpload the bkuSelectionFileUpload to set
- */
- public void setBkuSelectionFileUpload(List<File> bkuSelectionFileUpload) {
- this.bkuSelectionFileUpload = bkuSelectionFileUpload;
- }
-
-
- /**
- * @return the bkuSelectionFileUploadContentType
- */
- public List<String> getBkuSelectionFileUploadContentType() {
- return bkuSelectionFileUploadContentType;
- }
-
-
- /**
- * @param bkuSelectionFileUploadContentType the bkuSelectionFileUploadContentType to set
- */
- public void setBkuSelectionFileUploadContentType(
- List<String> bkuSelectionFileUploadContentType) {
- this.bkuSelectionFileUploadContentType = bkuSelectionFileUploadContentType;
- }
-
-
- /**
- * @return the bkuSelectionFileUploadFileName
- */
- public List<String> getBkuSelectionFileUploadFileName() {
- return bkuSelectionFileUploadFileName;
- }
-
-
- /**
- * @param bkuSelectionFileUploadFileName the bkuSelectionFileUploadFileName to set
- */
- public void setBkuSelectionFileUploadFileName(
- List<String> bkuSelectionFileUploadFileName) {
- this.bkuSelectionFileUploadFileName = bkuSelectionFileUploadFileName;
- }
-
-
- /**
- * @return the sendAssertionFileUpload
- */
- public List<File> getSendAssertionFileUpload() {
- return sendAssertionFileUpload;
- }
-
-
- /**
- * @param sendAssertionFileUpload the sendAssertionFileUpload to set
- */
- public void setSendAssertionFileUpload(List<File> sendAssertionFileUpload) {
- this.sendAssertionFileUpload = sendAssertionFileUpload;
- }
-
-
- /**
- * @return the sendAssertionFileUploadContentType
- */
- public List<String> getSendAssertionFileUploadContentType() {
- return sendAssertionFileUploadContentType;
- }
-
-
- /**
- * @param sendAssertionFileUploadContentType the sendAssertionFileUploadContentType to set
- */
- public void setSendAssertionFileUploadContentType(
- List<String> sendAssertionFileUploadContentType) {
- this.sendAssertionFileUploadContentType = sendAssertionFileUploadContentType;
- }
-
-
- /**
- * @return the sendAssertionFileUploadFileName
- */
- public List<String> getSendAssertionFileUploadFileName() {
- return sendAssertionFileUploadFileName;
- }
-
-
- /**
- * @param sendAssertionFileUploadFileName the sendAssertionFileUploadFileName to set
- */
- public void setSendAssertionFileUploadFileName(
- List<String> sendAssertionFileUploadFileName) {
- this.sendAssertionFileUploadFileName = sendAssertionFileUploadFileName;
- }
-
-
- /**
- * @return the deleteBKUTemplate
- */
- public boolean isDeleteBKUTemplate() {
- return deleteBKUTemplate;
- }
-
-
- /**
- * @param deleteBKUTemplate the deleteBKUTemplate to set
- */
- public void setDeleteBKUTemplate(boolean deleteBKUTemplate) {
- this.deleteBKUTemplate = deleteBKUTemplate;
- }
-
-
- /**
- * @return the deleteSendAssertionTemplate
- */
- public boolean isDeleteSendAssertionTemplate() {
- return deleteSendAssertionTemplate;
- }
-
-
- /**
- * @param deleteSendAssertionTemplate the deleteSendAssertionTemplate to set
- */
- public void setDeleteSendAssertionTemplate(boolean deleteSendAssertionTemplate) {
- this.deleteSendAssertionTemplate = deleteSendAssertionTemplate;
- }
-
- /**
- * @return the aditionalAuthBlockText
- */
- public String getAditionalAuthBlockText() {
- return aditionalAuthBlockText;
- }
-
- /**
- * @param aditionalAuthBlockText the aditionalAuthBlockText to set
- */
- public void setAditionalAuthBlockText(String aditionalAuthBlockText) {
- this.aditionalAuthBlockText = aditionalAuthBlockText;
- }
-
- /**
- * @return the isHideBPKAuthBlock
- */
- public boolean isHideBPKAuthBlock() {
- return isHideBPKAuthBlock;
- }
-
- /**
- * @param isHideBPKAuthBlock the isHideBPKAuthBlock to set
- */
- public void setHideBPKAuthBlock(boolean isHideBPKAuthBlock) {
- this.isHideBPKAuthBlock = isHideBPKAuthBlock;
- }
-
- /**
- * @return the map
- */
- public Map<String, String> getFormMap() {
- return map;
- }
-
- /**
- * @return the saml2PostBindingTemplate
- */
- public String getSaml2PostBindingTemplate() {
- return saml2PostBindingTemplate;
- }
-
- /**
- * @param saml2PostBindingTemplate the saml2PostBindingTemplate to set
- */
- public void setSaml2PostBindingTemplate(String saml2PostBindingTemplate) {
- this.saml2PostBindingTemplate = saml2PostBindingTemplate;
- }
-
- /**
- * @return the mandateServiceSelectionTemplate
- */
- public String getMandateServiceSelectionTemplate() {
- return mandateServiceSelectionTemplate;
- }
-
- /**
- * @param mandateServiceSelectionTemplate the mandateServiceSelectionTemplate to set
- */
- public void setMandateServiceSelectionTemplate(String mandateServiceSelectionTemplate) {
- this.mandateServiceSelectionTemplate = mandateServiceSelectionTemplate;
- }
-
-
-
}
diff --git a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/data/GeneralMOAIDConfig.java b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/data/GeneralMOAIDConfig.java
index 3929238f6..e7b4bfa3b 100644
--- a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/data/GeneralMOAIDConfig.java
+++ b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/data/GeneralMOAIDConfig.java
@@ -63,434 +63,444 @@ import at.gv.egovernment.moa.util.MiscUtil;
public class GeneralMOAIDConfig {
- public static final long DEFAULTTIMEOUTASSERTION = 120; //sec
- public static final long DEFAULTTIMEOUTMOASESSIONCREATED = 1200; //sec
- public static final long DEFAULTTIMEOUTMOASESSIONUPDATED = 2700; //sec
-
- public static final String LINE_DELIMITER = ";";
-
- private String alternativeSourceID = null;
+ public static final long DEFAULTTIMEOUTASSERTION = 120; // sec
+ public static final long DEFAULTTIMEOUTMOASESSIONCREATED = 1200; // sec
+ public static final long DEFAULTTIMEOUTMOASESSIONUPDATED = 2700; // sec
+
+ public static final String LINE_DELIMITER = ";";
+
+ private String alternativeSourceID = null;
// private String certStoreDirectory = null;
- private boolean trustmanagerrevocationcheck = true;
-
- private String timeoutAssertion = String.valueOf(DEFAULTTIMEOUTASSERTION);
- private String timeoutMOASessionCreated = String.valueOf(DEFAULTTIMEOUTMOASESSIONCREATED);
- private String timeoutMOASessionUpdated = String.valueOf(DEFAULTTIMEOUTMOASESSIONUPDATED);
-
- private String moaspssURL = null;
- private String moaspssAuthTrustProfile = null;
- private String moaspssAuthTransformations = "";
- private List<String> authTransformList = null;
- private String moaspssIdlTrustProfile = null;
-
- private String moaspssIdlTrustProfileTest = null;
- private String moaspssAuthTrustProfileTest = null;
-
- private String mandateURL = null;
- private String szrgwURL = null;
- private String elgaMandateServiceURL = null;
- private String eidSystemServiceURL = null;
-
- private boolean protocolActiveSAML1 = false;
- private boolean protocolActivePVP21 = true;
- private boolean protocolActiveOAuth = true;
-
- private boolean legacy_saml1 = false;
- private boolean legacy_pvp2 = false;
-
- private String saml1SourceID = null;
-
- private String pvp2IssuerName = null;
- private String pvp2OrgName = null;
- private String pvp2OrgDisplayName = null;
- private String pvp2OrgURL = null;
- private ContactForm pvp2Contact = null;
-
- private List<File> fileUpload = null;
- private List<String> fileUploadContentType;
- private List<String> fileUploadFileName = new ArrayList<String>();
- private Map<String, byte[]> secLayerTransformation = null;
-
- private String ssoTarget = null;
- private String ssoFriendlyName = null;
- private String ssoSpecialText = null;
- private String ssoIdentificationNumber = null;
-
- private String defaultchainigmode = null;
- private static Map<String, String> chainigmodelist;
-
- private String trustedCACerts = null;
-
-
- private String defaultBKUOnline = "";
- private String defaultBKULocal = "https://127.0.0.1:3496/https-security-layer-request";
- private String defaultBKUHandy = "https://www.handy-signatur.at/mobile/https-security-layer-request/default.aspx";
-
- private String SLRequestTemplateOnline = "SLTemplates/template_onlineBKU.html";
- private String SLRequestTemplateLocal = "SLTemplates/template_handyBKU.html";
- private String SLRequestTemplateHandy = "SLTemplates/template_handyBKU.html";
-
- private String publicURLPrefix = null;
- private boolean virtualPublicURLPrefixEnabled = false;
-
- private boolean moaidMode = false;
-
- public GeneralMOAIDConfig() {
- try {
- this.moaidMode = ConfigurationProvider.getInstance().isMOAIDMode();
- } catch (ConfigurationException e) {
- e.printStackTrace();
-
- }
-
- chainigmodelist = new HashMap<String, String>();
- ChainingModeType[] values = ChainingModeType.values();
- for (int i=0; i<values.length; i++) {
- chainigmodelist.put(values[i].value(), values[i].value());
- }
-
- try {
- ConfigurationProvider config = ConfigurationProvider.getInstance();
- if (config != null) {
- MOAIDConfiguration dbconfig = config.getDbRead().getMOAIDConfiguration();
- List<TransformsInfoType> authBlockTrans = dbconfig.getAuthComponentGeneral().getSecurityLayer().getTransformsInfo();
-
- if (authBlockTrans != null && !authBlockTrans.isEmpty()) {
- if (secLayerTransformation == null)
- secLayerTransformation = new HashMap<String, byte[]>();
- for (TransformsInfoType el : authBlockTrans)
- secLayerTransformation.put(el.getFilename(), el.getTransformation());
-
- }
- }
-
- } catch (Exception e) {
-
- }
-
- }
-
- public void parse(MOAIDConfiguration config) {
-
- if (config != null) {
- AuthComponentGeneral auth = config.getAuthComponentGeneral();
-
- //get ELGA mandate service URLs from configuration
- if (MiscUtil.isNotEmpty(config.getEidSystemServiceURLs())) {
- if (KeyValueUtils.isCSVValueString(config.getEidSystemServiceURLs()))
- eidSystemServiceURL = KeyValueUtils.normalizeCSVValueString(config.getEidSystemServiceURLs());
-
- else {
- if (config.getEidSystemServiceURLs().contains(KeyValueUtils.CSV_DELIMITER)) {
- //remove trailing comma if exist
- eidSystemServiceURL = config.getEidSystemServiceURLs().substring(0,
- config.getEidSystemServiceURLs().indexOf(KeyValueUtils.CSV_DELIMITER));
-
- } else
- eidSystemServiceURL = config.getEidSystemServiceURLs();
-
- }
- }
-
-
- //get ELGA mandate service URLs from configuration
- if (MiscUtil.isNotEmpty(config.getElgaMandateServiceURLs())) {
- if (KeyValueUtils.isCSVValueString(config.getElgaMandateServiceURLs()))
- elgaMandateServiceURL = KeyValueUtils.normalizeCSVValueString(config.getElgaMandateServiceURLs());
-
- else {
- if (config.getElgaMandateServiceURLs().contains(KeyValueUtils.CSV_DELIMITER)) {
- //remove trailing comma if exist
- elgaMandateServiceURL = config.getElgaMandateServiceURLs().substring(0,
- config.getElgaMandateServiceURLs().indexOf(KeyValueUtils.CSV_DELIMITER));
-
- } else
- elgaMandateServiceURL = config.getElgaMandateServiceURLs();
-
- }
- }
-
-
-
- if (auth != null) {
-
- GeneralConfiguration authgen = auth.getGeneralConfiguration();
- if (authgen != null) {
- alternativeSourceID = authgen.getAlternativeSourceID();
- //certStoreDirectory = authgen.getCertStoreDirectory();
- if (authgen.isTrustManagerRevocationChecking() != null)
- trustmanagerrevocationcheck = authgen.isTrustManagerRevocationChecking();
-
- virtualPublicURLPrefixEnabled =
- KeyValueUtils.isCSVValueString(authgen.getPublicURLPreFix());
-
- if (virtualPublicURLPrefixEnabled) {
- //format CSV values with newlines
- publicURLPrefix = KeyValueUtils.normalizeCSVValueString(
- authgen.getPublicURLPreFix());
-
- } else {
- String tmp = authgen.getPublicURLPreFix();
- if (tmp.contains(KeyValueUtils.CSV_DELIMITER)) {
- //remove trailing comma if exist
- publicURLPrefix = tmp.substring(0,
- tmp.indexOf(KeyValueUtils.CSV_DELIMITER));
-
- } else
- publicURLPrefix = tmp;
- }
-
- TimeOuts timeouts = authgen.getTimeOuts();
- if (timeouts != null) {
-
- if(timeouts.getAssertion() != null)
- timeoutAssertion = String.valueOf(timeouts.getAssertion().longValue());
- if(timeouts.getMOASessionCreated() != null)
- timeoutMOASessionCreated = String.valueOf(timeouts.getMOASessionCreated().longValue());
- if(timeouts.getMOASessionUpdated() != null)
- timeoutMOASessionUpdated = String.valueOf(timeouts.getMOASessionUpdated().longValue());
-
- }
-
-
- //deactive STORK
- if (isMoaidMode()) {
- ForeignIdentities foreign = auth.getForeignIdentities();
- if (foreign != null) {
- ConnectionParameterClientAuthType connect_foreign = foreign.getConnectionParameter();
- if (connect_foreign != null) {
- if (MiscUtil.isNotEmpty(connect_foreign.getURL())) {
- if (KeyValueUtils.isCSVValueString(connect_foreign.getURL()))
- szrgwURL = KeyValueUtils.normalizeCSVValueString(connect_foreign.getURL());
-
- else {
- if (connect_foreign.getURL().contains(KeyValueUtils.CSV_DELIMITER)) {
- //remove trailing comma if exist
- szrgwURL = connect_foreign.getURL().substring(0,
- connect_foreign.getURL().indexOf(KeyValueUtils.CSV_DELIMITER));
-
- } else
- szrgwURL = connect_foreign.getURL();
-
- }
-
- }
- }
-
- STORK stork = foreign.getSTORK();
- if (stork != null) {
- //TODO: add Stork config
-
- }
- }
- }
-
- }
-
- if (isMoaidMode()) {
- MOASP moaspss = auth.getMOASP();
- if (moaspss != null) {
- ConnectionParameterClientAuthType con = moaspss.getConnectionParameter();
- if (con != null)
- moaspssURL = con.getURL();
-
- VerifyAuthBlock authblock = moaspss.getVerifyAuthBlock();
- if (authblock != null) {
- moaspssAuthTrustProfile = authblock.getTrustProfileID();
- moaspssAuthTrustProfileTest = authblock.getTestTrustProfileID();
-
- List<String> list = authblock.getVerifyTransformsInfoProfileID();
- if (list.size() == 1)
- moaspssAuthTransformations += list.get(0);
- else {
- for (String el : list)
- moaspssAuthTransformations += el + LINE_DELIMITER + "\n";
- }
- }
-
- VerifyIdentityLink idl = moaspss.getVerifyIdentityLink();
- if (idl != null) {
- moaspssIdlTrustProfile = idl.getTrustProfileID();
- moaspssIdlTrustProfileTest = idl.getTestTrustProfileID();
- }
- }
-
- OnlineMandates mandates = auth.getOnlineMandates();
- if (mandates != null) {
- ConnectionParameterClientAuthType con = mandates.getConnectionParameter();
- if (con != null) {
- if (MiscUtil.isNotEmpty(con.getURL())) {
- if (KeyValueUtils.isCSVValueString(con.getURL()))
- mandateURL = KeyValueUtils.normalizeCSVValueString(con.getURL());
-
- else {
- if (con.getURL().contains(KeyValueUtils.CSV_DELIMITER)) {
- //remove trailing comma if exist
- mandateURL = con.getURL().substring(0,
- con.getURL().indexOf(KeyValueUtils.CSV_DELIMITER));
-
- } else
- mandateURL = con.getURL();
-
- }
-
- }
-
- }
- }
- }
-
- Protocols protocols = auth.getProtocols();
- if (protocols != null) {
- LegacyAllowed legacy = protocols.getLegacyAllowed();
-
- if (legacy != null) {
- List<String> list = legacy.getProtocolName();
- if (list.contains(Constants.MOA_CONFIG_PROTOCOL_SAML1))
- legacy_saml1 = true;
-
- if (list.contains(Constants.MOA_CONFIG_PROTOCOL_PVP2))
- legacy_pvp2 = true;
- }
-
- SAML1 saml1 = protocols.getSAML1();
- if (saml1 != null) {
- protocolActiveSAML1 = saml1.isIsActive();
- saml1SourceID = saml1.getSourceID();
-
- //TODO: could removed in a later version
- if (MiscUtil.isEmpty(saml1SourceID) && MiscUtil.isNotEmpty(alternativeSourceID))
- saml1SourceID = alternativeSourceID;
-
- }
-
- if (isMoaidMode()) {
- OAuth oauth = protocols.getOAuth();
- if (oauth != null) {
- protocolActiveOAuth = oauth.isIsActive();
-
- }
-
- }
-
- PVP2 pvp2 = protocols.getPVP2();
- if (pvp2 != null) {
-
- protocolActivePVP21 = pvp2.isIsActive();
-
- //INFO: only for backup
- if (MiscUtil.isEmpty(publicURLPrefix))
- publicURLPrefix = pvp2.getPublicURLPrefix();
-
- pvp2IssuerName = pvp2.getIssuerName();
-
- List<Contact> con = pvp2.getContact();
-
- //TODO: change to support more contacts
- if (con != null && con.size() > 0) {
- pvp2Contact = new ContactForm(con.get(0));
-
- }
-
- Organization org = pvp2.getOrganization();
- if (org != null) {
- pvp2OrgDisplayName = org.getDisplayName();
- pvp2OrgName = org.getName();
- pvp2OrgURL = org.getURL();
- }
- }
-
- }
-
- if (isMoaidMode()) {
- SecurityLayer seclayer = auth.getSecurityLayer();
- if (seclayer != null) {
- List<TransformsInfoType> list = seclayer.getTransformsInfo();
-
- for (TransformsInfoType el : list) {
- fileUploadFileName.add(el.getFilename());
- }
- }
-
- SSO sso = auth.getSSO();
- if (sso != null) {
- ssoFriendlyName = sso.getFriendlyName();
-
- // IdentificationNumber idl = sso.getIdentificationNumber();
- // if (idl != null)
- // ssoIdentificationNumber = idl.getValue();
-
- //INFO: only for backup
- if (MiscUtil.isEmpty(publicURLPrefix))
- publicURLPrefix = sso.getPublicURL();
-
- ssoSpecialText = sso.getSpecialText();
-
- if (MiscUtil.isNotEmpty(sso.getTarget()) &&
- sso.getTarget().startsWith(Constants.PREFIX_WPBK)) {
- ssoTarget = sso.getTarget().substring(Constants.PREFIX_WPBK.length()).
- replace("+", "");
-
- } else
- ssoTarget = sso.getTarget();
-
- }
- }
-
- ChainingModes modes = config.getChainingModes();
- if (modes != null) {
- ChainingModeType defaultmode = modes.getSystemDefaultMode();
- if (defaultmode != null) {
-
- defaultchainigmode = defaultmode.value();
-
- }
-
- List<TrustAnchor> trustanchor = modes.getTrustAnchor();
- if (trustanchor != null) {
- //TODO: set addional trust anchors!!!!
- }
- }
-
- DefaultBKUs defaultbkus = config.getDefaultBKUs();
- if (defaultbkus != null) {
- defaultBKUHandy = defaultbkus.getHandyBKU();
- defaultBKULocal = defaultbkus.getLocalBKU();
- defaultBKUOnline = defaultbkus.getOnlineBKU();
- }
-
- SLRequestTemplates slreq = config.getSLRequestTemplates();
- if (slreq != null) {
- SLRequestTemplateHandy = slreq.getHandyBKU();
- SLRequestTemplateLocal = slreq.getLocalBKU();
- SLRequestTemplateOnline = slreq.getOnlineBKU();
- }
-
- }
-
- trustedCACerts = config.getTrustedCACertificates();
-
-
-
- }
- }
-
- /**
- * @return the szrgwURL
- */
- public String getSzrgwURL() {
- return szrgwURL;
- }
-
- /**
- * @param szrgwURL the szrgwURL to set
- */
- public void setSzrgwURL(String szrgwURL) {
- if (MiscUtil.isNotEmpty(szrgwURL))
- this.szrgwURL = KeyValueUtils.removeAllNewlineFromString(szrgwURL);
- else
- this.szrgwURL = szrgwURL;
- }
+ private boolean trustmanagerrevocationcheck = true;
+
+ private String timeoutAssertion = String.valueOf(DEFAULTTIMEOUTASSERTION);
+ private String timeoutMOASessionCreated = String.valueOf(DEFAULTTIMEOUTMOASESSIONCREATED);
+ private String timeoutMOASessionUpdated = String.valueOf(DEFAULTTIMEOUTMOASESSIONUPDATED);
+
+ private String moaspssURL = null;
+ private String moaspssAuthTrustProfile = null;
+ private String moaspssAuthTransformations = "";
+ private List<String> authTransformList = null;
+ private String moaspssIdlTrustProfile = null;
+
+ private String moaspssIdlTrustProfileTest = null;
+ private String moaspssAuthTrustProfileTest = null;
+
+ private String mandateURL = null;
+ private String szrgwURL = null;
+ private String elgaMandateServiceURL = null;
+ private String eidSystemServiceURL = null;
+
+ private boolean protocolActiveSAML1 = false;
+ private boolean protocolActivePVP21 = true;
+ private boolean protocolActiveOAuth = true;
+
+ private boolean legacy_saml1 = false;
+ private boolean legacy_pvp2 = false;
+
+ private String saml1SourceID = null;
+
+ private String pvp2IssuerName = null;
+ private String pvp2OrgName = null;
+ private String pvp2OrgDisplayName = null;
+ private String pvp2OrgURL = null;
+ private ContactForm pvp2Contact = null;
+
+ private List<File> fileUpload = null;
+ private List<String> fileUploadContentType;
+ private List<String> fileUploadFileName = new ArrayList<>();
+ private Map<String, byte[]> secLayerTransformation = null;
+
+ private String ssoTarget = null;
+ private String ssoFriendlyName = null;
+ private String ssoSpecialText = null;
+ private String ssoIdentificationNumber = null;
+
+ private String defaultchainigmode = null;
+ private static Map<String, String> chainigmodelist;
+
+ private String trustedCACerts = null;
+
+ private String defaultBKUOnline = "";
+ private String defaultBKULocal = "https://127.0.0.1:3496/https-security-layer-request";
+ private String defaultBKUHandy =
+ "https://www.handy-signatur.at/mobile/https-security-layer-request/default.aspx";
+
+ private String SLRequestTemplateOnline = "SLTemplates/template_onlineBKU.html";
+ private String SLRequestTemplateLocal = "SLTemplates/template_handyBKU.html";
+ private String SLRequestTemplateHandy = "SLTemplates/template_handyBKU.html";
+
+ private String publicURLPrefix = null;
+ private boolean virtualPublicURLPrefixEnabled = false;
+
+ private boolean moaidMode = false;
+
+ public GeneralMOAIDConfig() {
+ try {
+ this.moaidMode = ConfigurationProvider.getInstance().isMOAIDMode();
+ } catch (final ConfigurationException e) {
+ e.printStackTrace();
+
+ }
+
+ chainigmodelist = new HashMap<>();
+ final ChainingModeType[] values = ChainingModeType.values();
+ for (final ChainingModeType value : values) {
+ chainigmodelist.put(value.value(), value.value());
+ }
+
+ try {
+ final ConfigurationProvider config = ConfigurationProvider.getInstance();
+ if (config != null) {
+ final MOAIDConfiguration dbconfig = config.getDbRead().getMOAIDConfiguration();
+ final List<TransformsInfoType> authBlockTrans = dbconfig.getAuthComponentGeneral().getSecurityLayer()
+ .getTransformsInfo();
+
+ if (authBlockTrans != null && !authBlockTrans.isEmpty()) {
+ if (secLayerTransformation == null) {
+ secLayerTransformation = new HashMap<>();
+ }
+ for (final TransformsInfoType el : authBlockTrans) {
+ secLayerTransformation.put(el.getFilename(), el.getTransformation());
+ }
+
+ }
+ }
+
+ } catch (final Exception e) {
+
+ }
+
+ }
+
+ public void parse(MOAIDConfiguration config) {
+
+ if (config != null) {
+ final AuthComponentGeneral auth = config.getAuthComponentGeneral();
+
+ // get ELGA mandate service URLs from configuration
+ if (MiscUtil.isNotEmpty(config.getEidSystemServiceURLs())) {
+ if (KeyValueUtils.isCSVValueString(config.getEidSystemServiceURLs())) {
+ eidSystemServiceURL = KeyValueUtils.normalizeCSVValueString(config.getEidSystemServiceURLs());
+ } else {
+ if (config.getEidSystemServiceURLs().contains(KeyValueUtils.CSV_DELIMITER)) {
+ // remove trailing comma if exist
+ eidSystemServiceURL = config.getEidSystemServiceURLs().substring(0,
+ config.getEidSystemServiceURLs().indexOf(KeyValueUtils.CSV_DELIMITER));
+
+ } else {
+ eidSystemServiceURL = config.getEidSystemServiceURLs();
+ }
+
+ }
+ }
+
+ // get ELGA mandate service URLs from configuration
+ if (MiscUtil.isNotEmpty(config.getElgaMandateServiceURLs())) {
+ if (KeyValueUtils.isCSVValueString(config.getElgaMandateServiceURLs())) {
+ elgaMandateServiceURL = KeyValueUtils.normalizeCSVValueString(config.getElgaMandateServiceURLs());
+ } else {
+ if (config.getElgaMandateServiceURLs().contains(KeyValueUtils.CSV_DELIMITER)) {
+ // remove trailing comma if exist
+ elgaMandateServiceURL = config.getElgaMandateServiceURLs().substring(0,
+ config.getElgaMandateServiceURLs().indexOf(KeyValueUtils.CSV_DELIMITER));
+
+ } else {
+ elgaMandateServiceURL = config.getElgaMandateServiceURLs();
+ }
+
+ }
+ }
+
+ if (auth != null) {
+
+ final GeneralConfiguration authgen = auth.getGeneralConfiguration();
+ if (authgen != null) {
+ alternativeSourceID = authgen.getAlternativeSourceID();
+ // certStoreDirectory = authgen.getCertStoreDirectory();
+ if (authgen.isTrustManagerRevocationChecking() != null) {
+ trustmanagerrevocationcheck = authgen.isTrustManagerRevocationChecking();
+ }
+
+ virtualPublicURLPrefixEnabled =
+ KeyValueUtils.isCSVValueString(authgen.getPublicURLPreFix());
+
+ if (virtualPublicURLPrefixEnabled) {
+ // format CSV values with newlines
+ publicURLPrefix = KeyValueUtils.normalizeCSVValueString(
+ authgen.getPublicURLPreFix());
+
+ } else {
+ final String tmp = authgen.getPublicURLPreFix();
+ if (tmp.contains(KeyValueUtils.CSV_DELIMITER)) {
+ // remove trailing comma if exist
+ publicURLPrefix = tmp.substring(0,
+ tmp.indexOf(KeyValueUtils.CSV_DELIMITER));
+
+ } else {
+ publicURLPrefix = tmp;
+ }
+ }
+
+ final TimeOuts timeouts = authgen.getTimeOuts();
+ if (timeouts != null) {
+
+ if (timeouts.getAssertion() != null) {
+ timeoutAssertion = String.valueOf(timeouts.getAssertion().longValue());
+ }
+ if (timeouts.getMOASessionCreated() != null) {
+ timeoutMOASessionCreated = String.valueOf(timeouts.getMOASessionCreated().longValue());
+ }
+ if (timeouts.getMOASessionUpdated() != null) {
+ timeoutMOASessionUpdated = String.valueOf(timeouts.getMOASessionUpdated().longValue());
+ }
+
+ }
+
+ // deactive STORK
+ if (isMoaidMode()) {
+ final ForeignIdentities foreign = auth.getForeignIdentities();
+ if (foreign != null) {
+ final ConnectionParameterClientAuthType connect_foreign = foreign.getConnectionParameter();
+ if (connect_foreign != null) {
+ if (MiscUtil.isNotEmpty(connect_foreign.getURL())) {
+ if (KeyValueUtils.isCSVValueString(connect_foreign.getURL())) {
+ szrgwURL = KeyValueUtils.normalizeCSVValueString(connect_foreign.getURL());
+ } else {
+ if (connect_foreign.getURL().contains(KeyValueUtils.CSV_DELIMITER)) {
+ // remove trailing comma if exist
+ szrgwURL = connect_foreign.getURL().substring(0,
+ connect_foreign.getURL().indexOf(KeyValueUtils.CSV_DELIMITER));
+
+ } else {
+ szrgwURL = connect_foreign.getURL();
+ }
+
+ }
+
+ }
+ }
+
+ final STORK stork = foreign.getSTORK();
+ if (stork != null) {
+ // TODO: add Stork config
+
+ }
+ }
+ }
+
+ }
+
+ if (isMoaidMode()) {
+ final MOASP moaspss = auth.getMOASP();
+ if (moaspss != null) {
+ final ConnectionParameterClientAuthType con = moaspss.getConnectionParameter();
+ if (con != null) {
+ moaspssURL = con.getURL();
+ }
+
+ final VerifyAuthBlock authblock = moaspss.getVerifyAuthBlock();
+ if (authblock != null) {
+ moaspssAuthTrustProfile = authblock.getTrustProfileID();
+ moaspssAuthTrustProfileTest = authblock.getTestTrustProfileID();
+
+ final List<String> list = authblock.getVerifyTransformsInfoProfileID();
+ if (list.size() == 1) {
+ moaspssAuthTransformations += list.get(0);
+ } else {
+ for (final String el : list) {
+ moaspssAuthTransformations += el + LINE_DELIMITER + "\n";
+ }
+ }
+ }
+
+ final VerifyIdentityLink idl = moaspss.getVerifyIdentityLink();
+ if (idl != null) {
+ moaspssIdlTrustProfile = idl.getTrustProfileID();
+ moaspssIdlTrustProfileTest = idl.getTestTrustProfileID();
+ }
+ }
+
+ final OnlineMandates mandates = auth.getOnlineMandates();
+ if (mandates != null) {
+ final ConnectionParameterClientAuthType con = mandates.getConnectionParameter();
+ if (con != null) {
+ if (MiscUtil.isNotEmpty(con.getURL())) {
+ if (KeyValueUtils.isCSVValueString(con.getURL())) {
+ mandateURL = KeyValueUtils.normalizeCSVValueString(con.getURL());
+ } else {
+ if (con.getURL().contains(KeyValueUtils.CSV_DELIMITER)) {
+ // remove trailing comma if exist
+ mandateURL = con.getURL().substring(0,
+ con.getURL().indexOf(KeyValueUtils.CSV_DELIMITER));
+
+ } else {
+ mandateURL = con.getURL();
+ }
+
+ }
+
+ }
+
+ }
+ }
+ }
+
+ final Protocols protocols = auth.getProtocols();
+ if (protocols != null) {
+ final LegacyAllowed legacy = protocols.getLegacyAllowed();
+
+ if (legacy != null) {
+ final List<String> list = legacy.getProtocolName();
+ if (list.contains(Constants.MOA_CONFIG_PROTOCOL_SAML1)) {
+ legacy_saml1 = true;
+ }
+
+ if (list.contains(Constants.MOA_CONFIG_PROTOCOL_PVP2)) {
+ legacy_pvp2 = true;
+ }
+ }
+
+ final SAML1 saml1 = protocols.getSAML1();
+ if (saml1 != null) {
+ protocolActiveSAML1 = saml1.isIsActive();
+ saml1SourceID = saml1.getSourceID();
+
+ // TODO: could removed in a later version
+ if (MiscUtil.isEmpty(saml1SourceID) && MiscUtil.isNotEmpty(alternativeSourceID)) {
+ saml1SourceID = alternativeSourceID;
+ }
+
+ }
+
+ if (isMoaidMode()) {
+ final OAuth oauth = protocols.getOAuth();
+ if (oauth != null) {
+ protocolActiveOAuth = oauth.isIsActive();
+
+ }
+
+ }
+
+ final PVP2 pvp2 = protocols.getPVP2();
+ if (pvp2 != null) {
+
+ protocolActivePVP21 = pvp2.isIsActive();
+
+ // INFO: only for backup
+ if (MiscUtil.isEmpty(publicURLPrefix)) {
+ publicURLPrefix = pvp2.getPublicURLPrefix();
+ }
+
+ pvp2IssuerName = pvp2.getIssuerName();
+
+ final List<Contact> con = pvp2.getContact();
+
+ // TODO: change to support more contacts
+ if (con != null && con.size() > 0) {
+ pvp2Contact = new ContactForm(con.get(0));
+
+ }
+
+ final Organization org = pvp2.getOrganization();
+ if (org != null) {
+ pvp2OrgDisplayName = org.getDisplayName();
+ pvp2OrgName = org.getName();
+ pvp2OrgURL = org.getURL();
+ }
+ }
+
+ }
+
+ if (isMoaidMode()) {
+ final SecurityLayer seclayer = auth.getSecurityLayer();
+ if (seclayer != null) {
+ final List<TransformsInfoType> list = seclayer.getTransformsInfo();
+
+ for (final TransformsInfoType el : list) {
+ fileUploadFileName.add(el.getFilename());
+ }
+ }
+
+ final SSO sso = auth.getSSO();
+ if (sso != null) {
+ ssoFriendlyName = sso.getFriendlyName();
+
+ // IdentificationNumber idl = sso.getIdentificationNumber();
+ // if (idl != null)
+ // ssoIdentificationNumber = idl.getValue();
+
+ // INFO: only for backup
+ if (MiscUtil.isEmpty(publicURLPrefix)) {
+ publicURLPrefix = sso.getPublicURL();
+ }
+
+ ssoSpecialText = sso.getSpecialText();
+
+ if (MiscUtil.isNotEmpty(sso.getTarget()) &&
+ sso.getTarget().startsWith(Constants.PREFIX_WPBK)) {
+ ssoTarget = sso.getTarget().substring(Constants.PREFIX_WPBK.length()).replace("+", "");
+
+ } else {
+ ssoTarget = sso.getTarget();
+ }
+
+ }
+ }
+
+ final ChainingModes modes = config.getChainingModes();
+ if (modes != null) {
+ final ChainingModeType defaultmode = modes.getSystemDefaultMode();
+ if (defaultmode != null) {
+
+ defaultchainigmode = defaultmode.value();
+
+ }
+
+ final List<TrustAnchor> trustanchor = modes.getTrustAnchor();
+ if (trustanchor != null) {
+ // TODO: set addional trust anchors!!!!
+ }
+ }
+
+ final DefaultBKUs defaultbkus = config.getDefaultBKUs();
+ if (defaultbkus != null) {
+ defaultBKUHandy = defaultbkus.getHandyBKU();
+ defaultBKULocal = defaultbkus.getLocalBKU();
+ defaultBKUOnline = defaultbkus.getOnlineBKU();
+ }
+
+ final SLRequestTemplates slreq = config.getSLRequestTemplates();
+ if (slreq != null) {
+ SLRequestTemplateHandy = slreq.getHandyBKU();
+ SLRequestTemplateLocal = slreq.getLocalBKU();
+ SLRequestTemplateOnline = slreq.getOnlineBKU();
+ }
+
+ }
+
+ trustedCACerts = config.getTrustedCACertificates();
+
+ }
+ }
+
+ /**
+ * @return the szrgwURL
+ */
+ public String getSzrgwURL() {
+ return szrgwURL;
+ }
+
+ /**
+ * @param szrgwURL the szrgwURL to set
+ */
+ public void setSzrgwURL(String szrgwURL) {
+ if (MiscUtil.isNotEmpty(szrgwURL)) {
+ this.szrgwURL = KeyValueUtils.removeAllNewlineFromString(szrgwURL);
+ } else {
+ this.szrgwURL = szrgwURL;
+ }
+ }
// /**
// * @return the certStoreDirectory
@@ -506,662 +516,665 @@ public class GeneralMOAIDConfig {
// this.certStoreDirectory = certStoreDirectory;
// }
- /**
- * @return the timeoutAssertion
- */
- public String getTimeoutAssertion() {
- return timeoutAssertion;
- }
-
- /**
- * @param timeoutAssertion the timeoutAssertion to set
- */
- public void setTimeoutAssertion(String timeoutAssertion) {
- this.timeoutAssertion = timeoutAssertion;
- }
-
- /**
- * @return the timeoutMOASessionCreated
- */
- public String getTimeoutMOASessionCreated() {
- return timeoutMOASessionCreated;
- }
-
- /**
- * @param timeoutMOASessionCreated the timeoutMOASessionCreated to set
- */
- public void setTimeoutMOASessionCreated(String timeoutMOASessionCreated) {
- this.timeoutMOASessionCreated = timeoutMOASessionCreated;
- }
-
- /**
- * @return the timeoutMOASessionUpdated
- */
- public String getTimeoutMOASessionUpdated() {
- return timeoutMOASessionUpdated;
- }
-
- /**
- * @param timeoutMOASessionUpdated the timeoutMOASessionUpdated to set
- */
- public void setTimeoutMOASessionUpdated(String timeoutMOASessionUpdated) {
- this.timeoutMOASessionUpdated = timeoutMOASessionUpdated;
- }
-
- /**
- * @return the moaspssURL
- */
- public String getMoaspssURL() {
- return moaspssURL;
- }
-
- /**
- * @param moaspssURL the moaspssURL to set
- */
- public void setMoaspssURL(String moaspssURL) {
- this.moaspssURL = moaspssURL;
- }
-
- /**
- * @return the moaspssAuthTrustProfile
- */
- public String getMoaspssAuthTrustProfile() {
- return moaspssAuthTrustProfile;
- }
-
- /**
- * @param moaspssAuthTrustProfile the moaspssAuthTrustProfile to set
- */
- public void setMoaspssAuthTrustProfile(String moaspssAuthTrustProfile) {
- this.moaspssAuthTrustProfile = moaspssAuthTrustProfile;
- }
-
- /**
- * @return the moaspssAuthTransformations
- */
- public String getMoaspssAuthTransformations() {
- return moaspssAuthTransformations;
- }
-
- /**
- * @param moaspssAuthTransformations the moaspssAuthTransformations to set
- */
- public void setMoaspssAuthTransformations(String moaspssAuthTransformations) {
- this.moaspssAuthTransformations = moaspssAuthTransformations;
- }
-
- /**
- * @return the moaspssIdlTrustProfile
- */
- public String getMoaspssIdlTrustProfile() {
- return moaspssIdlTrustProfile;
- }
-
- /**
- * @param moaspssIdlTrustProfile the moaspssIdlTrustProfile to set
- */
- public void setMoaspssIdlTrustProfile(String moaspssIdlTrustProfile) {
- this.moaspssIdlTrustProfile = moaspssIdlTrustProfile;
- }
-
- /**
- * @return the mandateURL
- */
- public String getMandateURL() {
- return mandateURL;
- }
-
- /**
- * @param mandateURL the mandateURL to set
- */
- public void setMandateURL(String mandateURL) {
- if (MiscUtil.isNotEmpty(mandateURL))
- this.mandateURL = KeyValueUtils.removeAllNewlineFromString(mandateURL);
- else
- this.mandateURL = mandateURL;
- }
-
- /**
- * @return the legacy_saml1
- */
- public boolean isLegacy_saml1() {
- return legacy_saml1;
- }
-
- /**
- * @param legacy_saml1 the legacy_saml1 to set
- */
- public void setLegacy_saml1(boolean legacy_saml1) {
- this.legacy_saml1 = legacy_saml1;
- }
-
- /**
- * @return the legacy_pvp2
- */
- public boolean isLegacy_pvp2() {
- return legacy_pvp2;
- }
-
- /**
- * @param legacy_pvp2 the legacy_pvp2 to set
- */
- public void setLegacy_pvp2(boolean legacy_pvp2) {
- this.legacy_pvp2 = legacy_pvp2;
- }
-
- /**
- * @return the pvp2IssuerName
- */
- public String getPvp2IssuerName() {
- return pvp2IssuerName;
- }
-
- /**
- * @param pvp2IssuerName the pvp2IssuerName to set
- */
- public void setPvp2IssuerName(String pvp2IssuerName) {
- this.pvp2IssuerName = pvp2IssuerName;
- }
-
- /**
- * @return the pvp2OrgName
- */
- public String getPvp2OrgName() {
- return pvp2OrgName;
- }
-
- /**
- * @param pvp2OrgName the pvp2OrgName to set
- */
- public void setPvp2OrgName(String pvp2OrgName) {
- this.pvp2OrgName = pvp2OrgName;
- }
-
- /**
- * @return the pvp2OrgDisplayName
- */
- public String getPvp2OrgDisplayName() {
- return pvp2OrgDisplayName;
- }
-
- /**
- * @param pvp2OrgDisplayName the pvp2OrgDisplayName to set
- */
- public void setPvp2OrgDisplayName(String pvp2OrgDisplayName) {
- this.pvp2OrgDisplayName = pvp2OrgDisplayName;
- }
-
- /**
- * @return the pvp2OrgURL
- */
- public String getPvp2OrgURL() {
- return pvp2OrgURL;
- }
-
- /**
- * @param pvp2OrgURL the pvp2OrgURL to set
- */
- public void setPvp2OrgURL(String pvp2OrgURL) {
- this.pvp2OrgURL = pvp2OrgURL;
- }
-
- /**
- * @return the pvp2Contact
- */
- public ContactForm getPvp2Contact() {
- return pvp2Contact;
- }
-
- /**
- * @param pvp2Contact the pvp2Contact to set
- */
- public void setPvp2Contact(ContactForm pvp2Contact) {
- this.pvp2Contact = pvp2Contact;
- }
-
- /**
- * @return the fileUpload
- */
- public List<File> getFileUpload() {
- return fileUpload;
- }
-
- /**
- * @param fileUpload the fileUpload to set
- */
- public void setFileUpload(List<File> fileUpload) {
- this.fileUpload = fileUpload;
- }
-
- /**
- * @return the fileUploadContentType
- */
- public List<String> getFileUploadContentType() {
- return fileUploadContentType;
- }
-
- /**
- * @param fileUploadContentType the fileUploadContentType to set
- */
- public void setFileUploadContentType(List<String> fileUploadContentType) {
- this.fileUploadContentType = fileUploadContentType;
- }
-
- /**
- * @return the fileUploadFileName
- */
- public List<String> getFileUploadFileName() {
- return fileUploadFileName;
- }
-
- /**
- * @param fileUploadFileName the fileUploadFileName to set
- */
- public void setFileUploadFileName(List<String> fileUploadFileName) {
- this.fileUploadFileName = fileUploadFileName;
- }
-
- /**
- * @return the ssoTarget
- */
- public String getSsoTarget() {
- return ssoTarget;
- }
-
- /**
- * @param ssoTarget the ssoTarget to set
- */
- public void setSsoTarget(String ssoTarget) {
- this.ssoTarget = ssoTarget;
- }
-
- /**
- * @return the ssoFriendlyName
- */
- public String getSsoFriendlyName() {
- return ssoFriendlyName;
- }
-
- /**
- * @param ssoFriendlyName the ssoFriendlyName to set
- */
- public void setSsoFriendlyName(String ssoFriendlyName) {
- this.ssoFriendlyName = ssoFriendlyName;
- }
-
- /**
- * @return the ssoSpecialText
- */
- public String getSsoSpecialText() {
- return ssoSpecialText;
- }
-
- /**
- * @param ssoSpecialText the ssoSpecialText to set
- */
- public void setSsoSpecialText(String ssoSpecialText) {
- this.ssoSpecialText = ssoSpecialText;
- }
-
- /**
- * @return the ssoIdentificationNumber
- */
- public String getSsoIdentificationNumber() {
- return ssoIdentificationNumber;
- }
-
- /**
- * @param ssoIdentificationNumber the ssoIdentificationNumber to set
- */
- public void setSsoIdentificationNumber(String ssoIdentificationNumber) {
- this.ssoIdentificationNumber = ssoIdentificationNumber;
- }
-
- /**
- * @return the defaultchainigmode
- */
- public String getDefaultchainigmode() {
- return defaultchainigmode;
- }
-
- /**
- * @param defaultchainigmode the defaultchainigmode to set
- */
- public void setDefaultchainigmode(String defaultchainigmode) {
- this.defaultchainigmode = defaultchainigmode;
- }
-
- /**
- * @return the defaultBKUOnline
- */
- public String getDefaultBKUOnline() {
- return defaultBKUOnline;
- }
-
- /**
- * @param defaultBKUOnline the defaultBKUOnline to set
- */
- public void setDefaultBKUOnline(String defaultBKUOnline) {
- this.defaultBKUOnline = defaultBKUOnline;
- }
-
- /**
- * @return the defaultBKULocal
- */
- public String getDefaultBKULocal() {
- return defaultBKULocal;
- }
-
- /**
- * @param defaultBKULocal the defaultBKULocal to set
- */
- public void setDefaultBKULocal(String defaultBKULocal) {
- this.defaultBKULocal = defaultBKULocal;
- }
-
- /**
- * @return the defaultBKUHandy
- */
- public String getDefaultBKUHandy() {
- return defaultBKUHandy;
- }
-
- /**
- * @param defaultBKUHandy the defaultBKUHandy to set
- */
- public void setDefaultBKUHandy(String defaultBKUHandy) {
- this.defaultBKUHandy = defaultBKUHandy;
- }
-
- /**
- * @return the sLRequestTemplateOnline
- */
- public String getSLRequestTemplateOnline() {
- return SLRequestTemplateOnline;
- }
-
- /**
- * @param sLRequestTemplateOnline the sLRequestTemplateOnline to set
- */
- public void setSLRequestTemplateOnline(String sLRequestTemplateOnline) {
- SLRequestTemplateOnline = sLRequestTemplateOnline;
- }
-
- /**
- * @return the sLRequestTemplateLocal
- */
- public String getSLRequestTemplateLocal() {
- return SLRequestTemplateLocal;
- }
-
- /**
- * @param sLRequestTemplateLocal the sLRequestTemplateLocal to set
- */
- public void setSLRequestTemplateLocal(String sLRequestTemplateLocal) {
- SLRequestTemplateLocal = sLRequestTemplateLocal;
- }
-
- /**
- * @return the sLRequestTemplateHandy
- */
- public String getSLRequestTemplateHandy() {
- return SLRequestTemplateHandy;
- }
-
- /**
- * @param sLRequestTemplateHandy the sLRequestTemplateHandy to set
- */
- public void setSLRequestTemplateHandy(String sLRequestTemplateHandy) {
- SLRequestTemplateHandy = sLRequestTemplateHandy;
- }
-
- /**
- * @return the trustmanagerrevocationcheck
- */
- public boolean isTrustmanagerrevocationcheck() {
- return trustmanagerrevocationcheck;
- }
-
- /**
- * @param trustmanagerrevocationcheck the trustmanagerrevocationcheck to set
- */
- public void setTrustmanagerrevocationcheck(boolean trustmanagerrevocationcheck) {
- this.trustmanagerrevocationcheck = trustmanagerrevocationcheck;
- }
-
- /**
- * @return the trustedCACerts
- */
- public String getTrustedCACerts() {
- return trustedCACerts;
- }
-
- /**
- * @param trustedCACerts the trustedCACerts to set
- */
- public void setTrustedCACerts(String trustedCACerts) {
- this.trustedCACerts = trustedCACerts;
- }
-
- /**
- * @return the chainigmodelist
- */
- public Map<String, String> getChainigmodelist() {
- return chainigmodelist;
- }
-
- /**
- * @param chainigmodelist the chainigmodelist to set
- */
- public void setChainigmodelist(Map<String, String> chainigmodelist) {
- GeneralMOAIDConfig.chainigmodelist = chainigmodelist;
- }
-
- /**
- * @return the secLayerTransformation
- */
- public Map<String, byte[]> getSecLayerTransformation() {
-
- return secLayerTransformation;
- }
-
- /**
- * @param secLayerTransformation the secLayerTransformation to set
- */
- public void setSecLayerTransformation(Map<String, byte[]> secLayerTransformation) {
- this.secLayerTransformation = secLayerTransformation;
- }
-
- /**
- * @return the authTransformList
- */
- public List<String> getAuthTransformList() {
- return authTransformList;
- }
-
- /**
- * @param authTransformList the authTransformList to set
- */
- public void setAuthTransformList(List<String> authTransformList) {
- this.authTransformList = authTransformList;
- }
-
-
-
-
- public void setFileUpload(File fileUpload) {
- if (this.fileUpload == null)
- this.fileUpload = new ArrayList<File>();
- this.fileUpload.add(fileUpload);
- }
-
- public void setFileUploadContentType(String fileUploadContentType) {
- if (this.fileUploadContentType == null)
- this.fileUploadContentType = new ArrayList<String>();
- this.fileUploadContentType.add(fileUploadContentType);
- }
-
- public void setFileUploadFileName(String fileUploadFileName) {
- if (this.fileUploadFileName == null)
- this.fileUploadFileName = new ArrayList<String>();
- this.fileUploadFileName.add(fileUploadFileName);
- }
-
- /**
- * @return the protocolActiveSAML1
- */
- public boolean isProtocolActiveSAML1() {
- return protocolActiveSAML1;
- }
-
- /**
- * @param protocolActiveSAML1 the protocolActiveSAML1 to set
- */
- public void setProtocolActiveSAML1(boolean protocolActiveSAML1) {
- this.protocolActiveSAML1 = protocolActiveSAML1;
- }
-
- /**
- * @return the protocolActivePVP21
- */
- public boolean isProtocolActivePVP21() {
- return protocolActivePVP21;
- }
-
- /**
- * @param protocolActivePVP21 the protocolActivePVP21 to set
- */
- public void setProtocolActivePVP21(boolean protocolActivePVP21) {
- this.protocolActivePVP21 = protocolActivePVP21;
- }
-
- /**
- * @return the protocolActiveOAuth
- */
- public boolean isProtocolActiveOAuth() {
- return protocolActiveOAuth;
- }
-
- /**
- * @param protocolActiveOAuth the protocolActiveOAuth to set
- */
- public void setProtocolActiveOAuth(boolean protocolActiveOAuth) {
- this.protocolActiveOAuth = protocolActiveOAuth;
- }
-
- /**
- * @return the saml1SourceID
- */
- public String getSaml1SourceID() {
- return saml1SourceID;
- }
-
- /**
- * @param saml1SourceID the saml1SourceID to set
- */
- public void setSaml1SourceID(String saml1SourceID) {
- this.saml1SourceID = saml1SourceID;
- }
-
- /**
- * @return the publicURLPrefix
- */
- public String getPublicURLPrefix() {
- return publicURLPrefix;
- }
-
- /**
- * @param publicURLPrefix the publicURLPrefix to set
- */
- public void setPublicURLPrefix(String publicURLPrefix) {
- if (MiscUtil.isNotEmpty(publicURLPrefix))
- this.publicURLPrefix =
- KeyValueUtils.removeAllNewlineFromString(publicURLPrefix);
- else
- this.publicURLPrefix = publicURLPrefix;
-
- }
-
- /**
- * @return the moaspssIdlTrustProfileTest
- */
- public String getMoaspssIdlTrustProfileTest() {
- return moaspssIdlTrustProfileTest;
- }
-
- /**
- * @param moaspssIdlTrustProfileTest the moaspssIdlTrustProfileTest to set
- */
- public void setMoaspssIdlTrustProfileTest(String moaspssIdlTrustProfileTest) {
- this.moaspssIdlTrustProfileTest = moaspssIdlTrustProfileTest;
- }
-
- /**
- * @return the moaspssAuthTrustProfileTest
- */
- public String getMoaspssAuthTrustProfileTest() {
- return moaspssAuthTrustProfileTest;
- }
-
- /**
- * @param moaspssAuthTrustProfileTest the moaspssAuthTrustProfileTest to set
- */
- public void setMoaspssAuthTrustProfileTest(String moaspssAuthTrustProfileTest) {
- this.moaspssAuthTrustProfileTest = moaspssAuthTrustProfileTest;
- }
-
- /**
- * @return the virtualPublicURLPrefixEnabled
- */
- public boolean isVirtualPublicURLPrefixEnabled() {
- return virtualPublicURLPrefixEnabled;
- }
-
- /**
- * @param virtualPublicURLPrefixEnabled the virtualPublicURLPrefixEnabled to set
- */
- public void setVirtualPublicURLPrefixEnabled(
- boolean virtualPublicURLPrefixEnabled) {
- this.virtualPublicURLPrefixEnabled = virtualPublicURLPrefixEnabled;
- }
-
- /**
- * @return the elgaMandateServiceURL
- */
- public String getElgaMandateServiceURL() {
- return elgaMandateServiceURL;
- }
-
- /**
- * @param elgaMandateServiceURL the elgaMandateServiceURL to set
- */
- public void setElgaMandateServiceURL(String elgaMandateServiceURL) {
- if (MiscUtil.isNotEmpty(elgaMandateServiceURL))
- this.elgaMandateServiceURL = KeyValueUtils.removeAllNewlineFromString(elgaMandateServiceURL);
- else
- this.elgaMandateServiceURL = elgaMandateServiceURL;
- }
-
- /**
- * @return the eidSystemServiceURL
- */
- public String getEidSystemServiceURL() {
- return eidSystemServiceURL;
- }
-
- public boolean isMoaidMode() {
- return moaidMode;
- }
-
- /**
- * @param eidSystemServiceURL the E-ID Service URL to set
- */
- public void setEidSystemServiceURL(String eidSystemServiceURL) {
- if (MiscUtil.isNotEmpty(eidSystemServiceURL))
- this.eidSystemServiceURL = KeyValueUtils.removeAllNewlineFromString(eidSystemServiceURL);
- else
- this.eidSystemServiceURL = eidSystemServiceURL;
- }
-
-
+ /**
+ * @return the timeoutAssertion
+ */
+ public String getTimeoutAssertion() {
+ return timeoutAssertion;
+ }
+
+ /**
+ * @param timeoutAssertion the timeoutAssertion to set
+ */
+ public void setTimeoutAssertion(String timeoutAssertion) {
+ this.timeoutAssertion = timeoutAssertion;
+ }
+
+ /**
+ * @return the timeoutMOASessionCreated
+ */
+ public String getTimeoutMOASessionCreated() {
+ return timeoutMOASessionCreated;
+ }
+
+ /**
+ * @param timeoutMOASessionCreated the timeoutMOASessionCreated to set
+ */
+ public void setTimeoutMOASessionCreated(String timeoutMOASessionCreated) {
+ this.timeoutMOASessionCreated = timeoutMOASessionCreated;
+ }
+
+ /**
+ * @return the timeoutMOASessionUpdated
+ */
+ public String getTimeoutMOASessionUpdated() {
+ return timeoutMOASessionUpdated;
+ }
+
+ /**
+ * @param timeoutMOASessionUpdated the timeoutMOASessionUpdated to set
+ */
+ public void setTimeoutMOASessionUpdated(String timeoutMOASessionUpdated) {
+ this.timeoutMOASessionUpdated = timeoutMOASessionUpdated;
+ }
+
+ /**
+ * @return the moaspssURL
+ */
+ public String getMoaspssURL() {
+ return moaspssURL;
+ }
+
+ /**
+ * @param moaspssURL the moaspssURL to set
+ */
+ public void setMoaspssURL(String moaspssURL) {
+ this.moaspssURL = moaspssURL;
+ }
+
+ /**
+ * @return the moaspssAuthTrustProfile
+ */
+ public String getMoaspssAuthTrustProfile() {
+ return moaspssAuthTrustProfile;
+ }
+
+ /**
+ * @param moaspssAuthTrustProfile the moaspssAuthTrustProfile to set
+ */
+ public void setMoaspssAuthTrustProfile(String moaspssAuthTrustProfile) {
+ this.moaspssAuthTrustProfile = moaspssAuthTrustProfile;
+ }
+
+ /**
+ * @return the moaspssAuthTransformations
+ */
+ public String getMoaspssAuthTransformations() {
+ return moaspssAuthTransformations;
+ }
+
+ /**
+ * @param moaspssAuthTransformations the moaspssAuthTransformations to set
+ */
+ public void setMoaspssAuthTransformations(String moaspssAuthTransformations) {
+ this.moaspssAuthTransformations = moaspssAuthTransformations;
+ }
+
+ /**
+ * @return the moaspssIdlTrustProfile
+ */
+ public String getMoaspssIdlTrustProfile() {
+ return moaspssIdlTrustProfile;
+ }
+
+ /**
+ * @param moaspssIdlTrustProfile the moaspssIdlTrustProfile to set
+ */
+ public void setMoaspssIdlTrustProfile(String moaspssIdlTrustProfile) {
+ this.moaspssIdlTrustProfile = moaspssIdlTrustProfile;
+ }
+
+ /**
+ * @return the mandateURL
+ */
+ public String getMandateURL() {
+ return mandateURL;
+ }
+
+ /**
+ * @param mandateURL the mandateURL to set
+ */
+ public void setMandateURL(String mandateURL) {
+ if (MiscUtil.isNotEmpty(mandateURL)) {
+ this.mandateURL = KeyValueUtils.removeAllNewlineFromString(mandateURL);
+ } else {
+ this.mandateURL = mandateURL;
+ }
+ }
+
+ /**
+ * @return the legacy_saml1
+ */
+ public boolean isLegacy_saml1() {
+ return legacy_saml1;
+ }
+
+ /**
+ * @param legacy_saml1 the legacy_saml1 to set
+ */
+ public void setLegacy_saml1(boolean legacy_saml1) {
+ this.legacy_saml1 = legacy_saml1;
+ }
+
+ /**
+ * @return the legacy_pvp2
+ */
+ public boolean isLegacy_pvp2() {
+ return legacy_pvp2;
+ }
+
+ /**
+ * @param legacy_pvp2 the legacy_pvp2 to set
+ */
+ public void setLegacy_pvp2(boolean legacy_pvp2) {
+ this.legacy_pvp2 = legacy_pvp2;
+ }
+
+ /**
+ * @return the pvp2IssuerName
+ */
+ public String getPvp2IssuerName() {
+ return pvp2IssuerName;
+ }
+
+ /**
+ * @param pvp2IssuerName the pvp2IssuerName to set
+ */
+ public void setPvp2IssuerName(String pvp2IssuerName) {
+ this.pvp2IssuerName = pvp2IssuerName;
+ }
+
+ /**
+ * @return the pvp2OrgName
+ */
+ public String getPvp2OrgName() {
+ return pvp2OrgName;
+ }
+
+ /**
+ * @param pvp2OrgName the pvp2OrgName to set
+ */
+ public void setPvp2OrgName(String pvp2OrgName) {
+ this.pvp2OrgName = pvp2OrgName;
+ }
+
+ /**
+ * @return the pvp2OrgDisplayName
+ */
+ public String getPvp2OrgDisplayName() {
+ return pvp2OrgDisplayName;
+ }
+
+ /**
+ * @param pvp2OrgDisplayName the pvp2OrgDisplayName to set
+ */
+ public void setPvp2OrgDisplayName(String pvp2OrgDisplayName) {
+ this.pvp2OrgDisplayName = pvp2OrgDisplayName;
+ }
+
+ /**
+ * @return the pvp2OrgURL
+ */
+ public String getPvp2OrgURL() {
+ return pvp2OrgURL;
+ }
+
+ /**
+ * @param pvp2OrgURL the pvp2OrgURL to set
+ */
+ public void setPvp2OrgURL(String pvp2OrgURL) {
+ this.pvp2OrgURL = pvp2OrgURL;
+ }
+
+ /**
+ * @return the pvp2Contact
+ */
+ public ContactForm getPvp2Contact() {
+ return pvp2Contact;
+ }
+
+ /**
+ * @param pvp2Contact the pvp2Contact to set
+ */
+ public void setPvp2Contact(ContactForm pvp2Contact) {
+ this.pvp2Contact = pvp2Contact;
+ }
+
+ /**
+ * @return the fileUpload
+ */
+ public List<File> getFileUpload() {
+ return fileUpload;
+ }
+
+ /**
+ * @param fileUpload the fileUpload to set
+ */
+ public void setFileUpload(List<File> fileUpload) {
+ this.fileUpload = fileUpload;
+ }
+
+ /**
+ * @return the fileUploadContentType
+ */
+ public List<String> getFileUploadContentType() {
+ return fileUploadContentType;
+ }
+
+ /**
+ * @param fileUploadContentType the fileUploadContentType to set
+ */
+ public void setFileUploadContentType(List<String> fileUploadContentType) {
+ this.fileUploadContentType = fileUploadContentType;
+ }
+
+ /**
+ * @return the fileUploadFileName
+ */
+ public List<String> getFileUploadFileName() {
+ return fileUploadFileName;
+ }
+
+ /**
+ * @param fileUploadFileName the fileUploadFileName to set
+ */
+ public void setFileUploadFileName(List<String> fileUploadFileName) {
+ this.fileUploadFileName = fileUploadFileName;
+ }
+
+ /**
+ * @return the ssoTarget
+ */
+ public String getSsoTarget() {
+ return ssoTarget;
+ }
+
+ /**
+ * @param ssoTarget the ssoTarget to set
+ */
+ public void setSsoTarget(String ssoTarget) {
+ this.ssoTarget = ssoTarget;
+ }
+
+ /**
+ * @return the ssoFriendlyName
+ */
+ public String getSsoFriendlyName() {
+ return ssoFriendlyName;
+ }
+
+ /**
+ * @param ssoFriendlyName the ssoFriendlyName to set
+ */
+ public void setSsoFriendlyName(String ssoFriendlyName) {
+ this.ssoFriendlyName = ssoFriendlyName;
+ }
+
+ /**
+ * @return the ssoSpecialText
+ */
+ public String getSsoSpecialText() {
+ return ssoSpecialText;
+ }
+
+ /**
+ * @param ssoSpecialText the ssoSpecialText to set
+ */
+ public void setSsoSpecialText(String ssoSpecialText) {
+ this.ssoSpecialText = ssoSpecialText;
+ }
+
+ /**
+ * @return the ssoIdentificationNumber
+ */
+ public String getSsoIdentificationNumber() {
+ return ssoIdentificationNumber;
+ }
+
+ /**
+ * @param ssoIdentificationNumber the ssoIdentificationNumber to set
+ */
+ public void setSsoIdentificationNumber(String ssoIdentificationNumber) {
+ this.ssoIdentificationNumber = ssoIdentificationNumber;
+ }
+
+ /**
+ * @return the defaultchainigmode
+ */
+ public String getDefaultchainigmode() {
+ return defaultchainigmode;
+ }
+
+ /**
+ * @param defaultchainigmode the defaultchainigmode to set
+ */
+ public void setDefaultchainigmode(String defaultchainigmode) {
+ this.defaultchainigmode = defaultchainigmode;
+ }
+
+ /**
+ * @return the defaultBKUOnline
+ */
+ public String getDefaultBKUOnline() {
+ return defaultBKUOnline;
+ }
+
+ /**
+ * @param defaultBKUOnline the defaultBKUOnline to set
+ */
+ public void setDefaultBKUOnline(String defaultBKUOnline) {
+ this.defaultBKUOnline = defaultBKUOnline;
+ }
+
+ /**
+ * @return the defaultBKULocal
+ */
+ public String getDefaultBKULocal() {
+ return defaultBKULocal;
+ }
+
+ /**
+ * @param defaultBKULocal the defaultBKULocal to set
+ */
+ public void setDefaultBKULocal(String defaultBKULocal) {
+ this.defaultBKULocal = defaultBKULocal;
+ }
+
+ /**
+ * @return the defaultBKUHandy
+ */
+ public String getDefaultBKUHandy() {
+ return defaultBKUHandy;
+ }
+
+ /**
+ * @param defaultBKUHandy the defaultBKUHandy to set
+ */
+ public void setDefaultBKUHandy(String defaultBKUHandy) {
+ this.defaultBKUHandy = defaultBKUHandy;
+ }
+
+ /**
+ * @return the sLRequestTemplateOnline
+ */
+ public String getSLRequestTemplateOnline() {
+ return SLRequestTemplateOnline;
+ }
+
+ /**
+ * @param sLRequestTemplateOnline the sLRequestTemplateOnline to set
+ */
+ public void setSLRequestTemplateOnline(String sLRequestTemplateOnline) {
+ SLRequestTemplateOnline = sLRequestTemplateOnline;
+ }
+
+ /**
+ * @return the sLRequestTemplateLocal
+ */
+ public String getSLRequestTemplateLocal() {
+ return SLRequestTemplateLocal;
+ }
+
+ /**
+ * @param sLRequestTemplateLocal the sLRequestTemplateLocal to set
+ */
+ public void setSLRequestTemplateLocal(String sLRequestTemplateLocal) {
+ SLRequestTemplateLocal = sLRequestTemplateLocal;
+ }
+
+ /**
+ * @return the sLRequestTemplateHandy
+ */
+ public String getSLRequestTemplateHandy() {
+ return SLRequestTemplateHandy;
+ }
+
+ /**
+ * @param sLRequestTemplateHandy the sLRequestTemplateHandy to set
+ */
+ public void setSLRequestTemplateHandy(String sLRequestTemplateHandy) {
+ SLRequestTemplateHandy = sLRequestTemplateHandy;
+ }
+
+ /**
+ * @return the trustmanagerrevocationcheck
+ */
+ public boolean isTrustmanagerrevocationcheck() {
+ return trustmanagerrevocationcheck;
+ }
+
+ /**
+ * @param trustmanagerrevocationcheck the trustmanagerrevocationcheck to set
+ */
+ public void setTrustmanagerrevocationcheck(boolean trustmanagerrevocationcheck) {
+ this.trustmanagerrevocationcheck = trustmanagerrevocationcheck;
+ }
+
+ /**
+ * @return the trustedCACerts
+ */
+ public String getTrustedCACerts() {
+ return trustedCACerts;
+ }
+
+ /**
+ * @param trustedCACerts the trustedCACerts to set
+ */
+ public void setTrustedCACerts(String trustedCACerts) {
+ this.trustedCACerts = trustedCACerts;
+ }
+
+ /**
+ * @return the chainigmodelist
+ */
+ public Map<String, String> getChainigmodelist() {
+ return chainigmodelist;
+ }
+
+ /**
+ * @param chainigmodelist the chainigmodelist to set
+ */
+ public void setChainigmodelist(Map<String, String> chainigmodelist) {
+ GeneralMOAIDConfig.chainigmodelist = chainigmodelist;
+ }
+
+ /**
+ * @return the secLayerTransformation
+ */
+ public Map<String, byte[]> getSecLayerTransformation() {
+
+ return secLayerTransformation;
+ }
+
+ /**
+ * @param secLayerTransformation the secLayerTransformation to set
+ */
+ public void setSecLayerTransformation(Map<String, byte[]> secLayerTransformation) {
+ this.secLayerTransformation = secLayerTransformation;
+ }
+
+ /**
+ * @return the authTransformList
+ */
+ public List<String> getAuthTransformList() {
+ return authTransformList;
+ }
+
+ /**
+ * @param authTransformList the authTransformList to set
+ */
+ public void setAuthTransformList(List<String> authTransformList) {
+ this.authTransformList = authTransformList;
+ }
+
+ public void setFileUpload(File fileUpload) {
+ if (this.fileUpload == null) {
+ this.fileUpload = new ArrayList<>();
+ }
+ this.fileUpload.add(fileUpload);
+ }
+
+ public void setFileUploadContentType(String fileUploadContentType) {
+ if (this.fileUploadContentType == null) {
+ this.fileUploadContentType = new ArrayList<>();
+ }
+ this.fileUploadContentType.add(fileUploadContentType);
+ }
+
+ public void setFileUploadFileName(String fileUploadFileName) {
+ if (this.fileUploadFileName == null) {
+ this.fileUploadFileName = new ArrayList<>();
+ }
+ this.fileUploadFileName.add(fileUploadFileName);
+ }
+
+ /**
+ * @return the protocolActiveSAML1
+ */
+ public boolean isProtocolActiveSAML1() {
+ return protocolActiveSAML1;
+ }
+
+ /**
+ * @param protocolActiveSAML1 the protocolActiveSAML1 to set
+ */
+ public void setProtocolActiveSAML1(boolean protocolActiveSAML1) {
+ this.protocolActiveSAML1 = protocolActiveSAML1;
+ }
+
+ /**
+ * @return the protocolActivePVP21
+ */
+ public boolean isProtocolActivePVP21() {
+ return protocolActivePVP21;
+ }
+
+ /**
+ * @param protocolActivePVP21 the protocolActivePVP21 to set
+ */
+ public void setProtocolActivePVP21(boolean protocolActivePVP21) {
+ this.protocolActivePVP21 = protocolActivePVP21;
+ }
+
+ /**
+ * @return the protocolActiveOAuth
+ */
+ public boolean isProtocolActiveOAuth() {
+ return protocolActiveOAuth;
+ }
+
+ /**
+ * @param protocolActiveOAuth the protocolActiveOAuth to set
+ */
+ public void setProtocolActiveOAuth(boolean protocolActiveOAuth) {
+ this.protocolActiveOAuth = protocolActiveOAuth;
+ }
+
+ /**
+ * @return the saml1SourceID
+ */
+ public String getSaml1SourceID() {
+ return saml1SourceID;
+ }
+
+ /**
+ * @param saml1SourceID the saml1SourceID to set
+ */
+ public void setSaml1SourceID(String saml1SourceID) {
+ this.saml1SourceID = saml1SourceID;
+ }
+
+ /**
+ * @return the publicURLPrefix
+ */
+ public String getPublicURLPrefix() {
+ return publicURLPrefix;
+ }
+
+ /**
+ * @param publicURLPrefix the publicURLPrefix to set
+ */
+ public void setPublicURLPrefix(String publicURLPrefix) {
+ if (MiscUtil.isNotEmpty(publicURLPrefix)) {
+ this.publicURLPrefix =
+ KeyValueUtils.removeAllNewlineFromString(publicURLPrefix);
+ } else {
+ this.publicURLPrefix = publicURLPrefix;
+ }
+
+ }
+
+ /**
+ * @return the moaspssIdlTrustProfileTest
+ */
+ public String getMoaspssIdlTrustProfileTest() {
+ return moaspssIdlTrustProfileTest;
+ }
+
+ /**
+ * @param moaspssIdlTrustProfileTest the moaspssIdlTrustProfileTest to set
+ */
+ public void setMoaspssIdlTrustProfileTest(String moaspssIdlTrustProfileTest) {
+ this.moaspssIdlTrustProfileTest = moaspssIdlTrustProfileTest;
+ }
+
+ /**
+ * @return the moaspssAuthTrustProfileTest
+ */
+ public String getMoaspssAuthTrustProfileTest() {
+ return moaspssAuthTrustProfileTest;
+ }
+
+ /**
+ * @param moaspssAuthTrustProfileTest the moaspssAuthTrustProfileTest to set
+ */
+ public void setMoaspssAuthTrustProfileTest(String moaspssAuthTrustProfileTest) {
+ this.moaspssAuthTrustProfileTest = moaspssAuthTrustProfileTest;
+ }
+
+ /**
+ * @return the virtualPublicURLPrefixEnabled
+ */
+ public boolean isVirtualPublicURLPrefixEnabled() {
+ return virtualPublicURLPrefixEnabled;
+ }
+
+ /**
+ * @param virtualPublicURLPrefixEnabled the virtualPublicURLPrefixEnabled to set
+ */
+ public void setVirtualPublicURLPrefixEnabled(
+ boolean virtualPublicURLPrefixEnabled) {
+ this.virtualPublicURLPrefixEnabled = virtualPublicURLPrefixEnabled;
+ }
+
+ /**
+ * @return the elgaMandateServiceURL
+ */
+ public String getElgaMandateServiceURL() {
+ return elgaMandateServiceURL;
+ }
+
+ /**
+ * @param elgaMandateServiceURL the elgaMandateServiceURL to set
+ */
+ public void setElgaMandateServiceURL(String elgaMandateServiceURL) {
+ if (MiscUtil.isNotEmpty(elgaMandateServiceURL)) {
+ this.elgaMandateServiceURL = KeyValueUtils.removeAllNewlineFromString(elgaMandateServiceURL);
+ } else {
+ this.elgaMandateServiceURL = elgaMandateServiceURL;
+ }
+ }
+
+ /**
+ * @return the eidSystemServiceURL
+ */
+ public String getEidSystemServiceURL() {
+ return eidSystemServiceURL;
+ }
+
+ public boolean isMoaidMode() {
+ return moaidMode;
+ }
+
+ /**
+ * @param eidSystemServiceURL the E-ID Service URL to set
+ */
+ public void setEidSystemServiceURL(String eidSystemServiceURL) {
+ if (MiscUtil.isNotEmpty(eidSystemServiceURL)) {
+ this.eidSystemServiceURL = KeyValueUtils.removeAllNewlineFromString(eidSystemServiceURL);
+ } else {
+ this.eidSystemServiceURL = eidSystemServiceURL;
+ }
+ }
+
}
diff --git a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/data/GeneralStorkConfig.java b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/data/GeneralStorkConfig.java
index b5c996c72..c833372c9 100644
--- a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/data/GeneralStorkConfig.java
+++ b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/data/GeneralStorkConfig.java
@@ -25,8 +25,6 @@ package at.gv.egovernment.moa.id.configuration.data;
import java.util.ArrayList;
import java.util.List;
-import org.apache.log4j.Logger;
-
import at.gv.egovernment.moa.id.commons.MOAIDConstants;
import at.gv.egovernment.moa.id.commons.db.dao.config.deprecated.AuthComponentGeneral;
import at.gv.egovernment.moa.id.commons.db.dao.config.deprecated.CPEPS;
@@ -36,141 +34,147 @@ import at.gv.egovernment.moa.id.commons.db.dao.config.deprecated.STORK;
import at.gv.egovernment.moa.id.commons.db.dao.config.deprecated.StorkAttribute;
import at.gv.egovernment.moa.id.config.webgui.exception.ConfigurationException;
import at.gv.egovernment.moa.id.configuration.config.ConfigurationProvider;
+import lombok.extern.slf4j.Slf4j;
+@Slf4j
public class GeneralStorkConfig {
- private List<CPEPS> cpepslist;
- private List<StorkAttribute> attributes;
- private String qaa;
- private static final Logger log = Logger.getLogger(GeneralStorkConfig.class);
-
- private MOAIDConfiguration dbconfig = null;
-
- /**
- *
- */
- public GeneralStorkConfig() {
- try {
- dbconfig = ConfigurationProvider.getInstance().getDbRead().getMOAIDConfiguration();
-
- } catch (ConfigurationException e) {
- log.error("MOA-ID-Configuration initialization FAILED.", e);
-
- }
-
- }
-
- public void parse(MOAIDConfiguration config) {
- log.info("Initializing general Stork config");
-
- cpepslist = new ArrayList<CPEPS>();
- attributes = new ArrayList<StorkAttribute>();
-
- if (config != null) {
- AuthComponentGeneral auth = config.getAuthComponentGeneral();
-
- if (auth != null) {
- ForeignIdentities foreign = auth.getForeignIdentities();
-
- if (foreign != null) {
- STORK stork = foreign.getSTORK();
-
- if (stork != null) {
- // deep clone all the things
- // to foreclose lazyloading session timeouts
- if (stork.getCPEPS() != null) {
- for(CPEPS current : stork.getCPEPS()) {
- cpepslist.add(current);
- }
- }
-
- List<StorkAttribute> tmp = stork.getAttributes();
- if(null != tmp) {
-
- for(StorkAttribute current : tmp)
- attributes.add(current);
- }
-
- try {
- qaa = stork.getGeneral_eIDAS_LOA();
-
- } catch(NullPointerException e) {
- qaa = MOAIDConstants.eIDAS_LOA_HIGH;
- }
- }
-
- }
- }
- }
-
- if (cpepslist.isEmpty()) {
- CPEPS defaultCPEPS = new CPEPS();
- defaultCPEPS.setCountryCode("CC");
- defaultCPEPS.setURL("http://");
- defaultCPEPS.setSupportsXMLSignature(true);
- cpepslist.add(defaultCPEPS );
-
- }
- if(attributes.isEmpty())
- attributes.add(new StorkAttribute());
- }
-
- public List<String> getAllowedLoALevels() {
- return MOAIDConstants.ALLOWED_eIDAS_LOA;
- }
-
- public List<CPEPS> getRawCPEPSList() {
- return cpepslist;
+ private List<CPEPS> cpepslist;
+ private List<StorkAttribute> attributes;
+ private String qaa;
+
+ private MOAIDConfiguration dbconfig = null;
+
+ /**
+ *
+ */
+ public GeneralStorkConfig() {
+ try {
+ dbconfig = ConfigurationProvider.getInstance().getDbRead().getMOAIDConfiguration();
+
+ } catch (final ConfigurationException e) {
+ log.error("MOA-ID-Configuration initialization FAILED.", e);
+
+ }
+
+ }
+
+ public void parse(MOAIDConfiguration config) {
+ log.info("Initializing general Stork config");
+
+ cpepslist = new ArrayList<>();
+ attributes = new ArrayList<>();
+
+ if (config != null) {
+ final AuthComponentGeneral auth = config.getAuthComponentGeneral();
+
+ if (auth != null) {
+ final ForeignIdentities foreign = auth.getForeignIdentities();
+
+ if (foreign != null) {
+ final STORK stork = foreign.getSTORK();
+
+ if (stork != null) {
+ // deep clone all the things
+ // to foreclose lazyloading session timeouts
+ if (stork.getCPEPS() != null) {
+ for (final CPEPS current : stork.getCPEPS()) {
+ cpepslist.add(current);
+ }
+ }
+
+ final List<StorkAttribute> tmp = stork.getAttributes();
+ if (null != tmp) {
+
+ for (final StorkAttribute current : tmp) {
+ attributes.add(current);
+ }
+ }
+
+ try {
+ qaa = stork.getGeneral_eIDAS_LOA();
+
+ } catch (final NullPointerException e) {
+ qaa = MOAIDConstants.eIDAS_LOA_HIGH;
+ }
+ }
+
+ }
+ }
}
-
- public List<CPEPS> getCpepslist() {
- if (null == cpepslist)
- return null;
-
- //MOAIDConfiguration dbconfig = ConfigurationDBRead.getMOAIDConfiguration();
-
- try {
- List<CPEPS> cpepss = dbconfig.getAuthComponentGeneral().getForeignIdentities().getSTORK().getCPEPS();
-
- if (cpepss != null) {
- // make CountryCode "readonly"
- for (CPEPS newone : cpepslist) {
- for (CPEPS current : cpepss) {
- if (null != newone)
- if (current.getHjid().equals(newone.getHjid())) {
- newone.setCountryCode(current.getCountryCode());
- break;
- }
- }
- }
- }
-
- return cpepslist;
-
- } catch (NullPointerException e) {
- return null;
-
- }
-
- }
-
- public void setCpepslist(List<CPEPS> list) {
- cpepslist = list;
- }
-
- public List<StorkAttribute> getAttributes() {
- return attributes;
- }
-
- public void setAttributes(List<StorkAttribute> attributes) {
- this.attributes = attributes;
- }
-
- public String getDefaultQaa() {
- return qaa;
- }
-
- public void setDefaultQaa(String qaa) {
- this.qaa = qaa;
- }
+
+ if (cpepslist.isEmpty()) {
+ final CPEPS defaultCPEPS = new CPEPS();
+ defaultCPEPS.setCountryCode("CC");
+ defaultCPEPS.setURL("http://");
+ defaultCPEPS.setSupportsXMLSignature(true);
+ cpepslist.add(defaultCPEPS);
+
+ }
+ if (attributes.isEmpty()) {
+ attributes.add(new StorkAttribute());
+ }
+ }
+
+ public List<String> getAllowedLoALevels() {
+ return MOAIDConstants.ALLOWED_eIDAS_LOA;
+ }
+
+ public List<CPEPS> getRawCPEPSList() {
+ return cpepslist;
+ }
+
+ public List<CPEPS> getCpepslist() {
+ if (null == cpepslist) {
+ return null;
+ }
+
+ // MOAIDConfiguration dbconfig = ConfigurationDBRead.getMOAIDConfiguration();
+
+ try {
+ final List<CPEPS> cpepss = dbconfig.getAuthComponentGeneral().getForeignIdentities().getSTORK()
+ .getCPEPS();
+
+ if (cpepss != null) {
+ // make CountryCode "readonly"
+ for (final CPEPS newone : cpepslist) {
+ for (final CPEPS current : cpepss) {
+ if (null != newone) {
+ if (current.getHjid().equals(newone.getHjid())) {
+ newone.setCountryCode(current.getCountryCode());
+ break;
+ }
+ }
+ }
+ }
+ }
+
+ return cpepslist;
+
+ } catch (final NullPointerException e) {
+ return null;
+
+ }
+
+ }
+
+ public void setCpepslist(List<CPEPS> list) {
+ cpepslist = list;
+ }
+
+ public List<StorkAttribute> getAttributes() {
+ return attributes;
+ }
+
+ public void setAttributes(List<StorkAttribute> attributes) {
+ this.attributes = attributes;
+ }
+
+ public String getDefaultQaa() {
+ return qaa;
+ }
+
+ public void setDefaultQaa(String qaa) {
+ this.qaa = qaa;
+ }
}
diff --git a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/data/OAListElement.java b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/data/OAListElement.java
index 28eba9f34..c7de7e369 100644
--- a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/data/OAListElement.java
+++ b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/data/OAListElement.java
@@ -23,92 +23,103 @@
package at.gv.egovernment.moa.id.configuration.data;
public class OAListElement {
-
- public enum ServiceType {OA, VIDP, IDP, GWAY}
-
- private long dataBaseID;
- private String oaIdentifier;
- private String oaFriendlyName;
- private String oaType;
- private boolean isActive;
- private ServiceType serviceType;
-
- /**
- *
- */
- public OAListElement(ServiceType type) {
- this.serviceType = type;
- }
-
-
- /**
- * @return the dataBaseID
- */
- public long getDataBaseID() {
- return dataBaseID;
- }
- /**
- * @param dataBaseID the dataBaseID to set
- */
- public void setDataBaseID(long dataBaseID) {
- this.dataBaseID = dataBaseID;
- }
- /**
- * @return the oaIdentifier
- */
- public String getOaIdentifier() {
- return oaIdentifier;
- }
- /**
- * @param oaIdentifier the oaIdentifier to set
- */
- public void setOaIdentifier(String oaIdentifier) {
- this.oaIdentifier = oaIdentifier;
- }
- /**
- * @return the oaFriendlyName
- */
- public String getOaFriendlyName() {
- return oaFriendlyName;
- }
- /**
- * @param oaFriendlyName the oaFriendlyName to set
- */
- public void setOaFriendlyName(String oaFriendlyName) {
- this.oaFriendlyName = oaFriendlyName;
- }
- /**
- * @return the oaType
- */
- public String getOaType() {
- return oaType;
- }
- /**
- * @param oaType the oaType to set
- */
- public void setOaType(String oaType) {
- this.oaType = oaType;
- }
- /**
- * @return the isActive
- */
- public boolean isActive() {
- return isActive;
- }
- /**
- * @param isActive the isActive to set
- */
- public void setActive(boolean isActive) {
- this.isActive = isActive;
- }
-
- public String getIsActive(){
- return String.valueOf(isActive);
- }
- /**
- * @return the serviceType
- */
- public String getServiceType() {
- return serviceType.name();
- }
+
+ public enum ServiceType {
+ OA, VIDP, IDP, GWAY
+ }
+
+ private long dataBaseID;
+ private String oaIdentifier;
+ private String oaFriendlyName;
+ private String oaType;
+ private boolean isActive;
+ private final ServiceType serviceType;
+
+ /**
+ *
+ */
+ public OAListElement(ServiceType type) {
+ this.serviceType = type;
+ }
+
+ /**
+ * @return the dataBaseID
+ */
+ public long getDataBaseID() {
+ return dataBaseID;
+ }
+
+ /**
+ * @param dataBaseID the dataBaseID to set
+ */
+ public void setDataBaseID(long dataBaseID) {
+ this.dataBaseID = dataBaseID;
+ }
+
+ /**
+ * @return the oaIdentifier
+ */
+ public String getOaIdentifier() {
+ return oaIdentifier;
+ }
+
+ /**
+ * @param oaIdentifier the oaIdentifier to set
+ */
+ public void setOaIdentifier(String oaIdentifier) {
+ this.oaIdentifier = oaIdentifier;
+ }
+
+ /**
+ * @return the oaFriendlyName
+ */
+ public String getOaFriendlyName() {
+ return oaFriendlyName;
+ }
+
+ /**
+ * @param oaFriendlyName the oaFriendlyName to set
+ */
+ public void setOaFriendlyName(String oaFriendlyName) {
+ this.oaFriendlyName = oaFriendlyName;
+ }
+
+ /**
+ * @return the oaType
+ */
+ public String getOaType() {
+ return oaType;
+ }
+
+ /**
+ * @param oaType the oaType to set
+ */
+ public void setOaType(String oaType) {
+ this.oaType = oaType;
+ }
+
+ /**
+ * @return the isActive
+ */
+ public boolean isActive() {
+ return isActive;
+ }
+
+ /**
+ * @param isActive the isActive to set
+ */
+ public void setActive(boolean isActive) {
+ this.isActive = isActive;
+ }
+
+ public String getIsActive() {
+ return String.valueOf(isActive);
+ }
+
+ /**
+ * @return the serviceType
+ */
+ public String getServiceType() {
+ return serviceType.name();
+ }
}
diff --git a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/data/StorkAttributes.java b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/data/StorkAttributes.java
index a1bcf4aa4..af4548779 100644
--- a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/data/StorkAttributes.java
+++ b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/data/StorkAttributes.java
@@ -24,27 +24,25 @@ package at.gv.egovernment.moa.id.configuration.data;
public class StorkAttributes {
+ public AttributValues eIdentifier;
- public AttributValues eIdentifier;
-
-
- public void parse() {
- eIdentifier = AttributValues.MANDATORY;
- }
-
-
- public enum AttributValues {
- MANDATORY, OPTIONAL, NOT;
-
- public String getValue() {
- if (this == MANDATORY)
- return MANDATORY.name();
- if (this == OPTIONAL)
- return OPTIONAL.name();
- else
- return NOT.name();
- }
- }
-
-}
+ public void parse() {
+ eIdentifier = AttributValues.MANDATORY;
+ }
+
+ public enum AttributValues {
+ MANDATORY, OPTIONAL, NOT;
+ public String getValue() {
+ if (this == MANDATORY) {
+ return MANDATORY.name();
+ }
+ if (this == OPTIONAL) {
+ return OPTIONAL.name();
+ } else {
+ return NOT.name();
+ }
+ }
+ }
+
+}
diff --git a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/data/UserDatabaseFrom.java b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/data/UserDatabaseFrom.java
index 8f4746d69..8f94fa642 100644
--- a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/data/UserDatabaseFrom.java
+++ b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/data/UserDatabaseFrom.java
@@ -26,328 +26,310 @@ import at.gv.egovernment.moa.id.commons.db.dao.config.UserDatabase;
import at.gv.egovernment.moa.util.MiscUtil;
public class UserDatabaseFrom {
-
- private String bpk;
- private String familyName;
- private String givenName;
- private String institut;
- private String mail;
- private String phone;
- private String username;
- private String password;
- private String password_second;
- private boolean active = false;
- private boolean admin = false;
- private boolean passwordActive;
- private boolean isusernamepasswordallowed = false;
- private boolean isadminrequest = true;
- private boolean ismandateuser = false;
- private boolean isPVPGenerated;
- private String userID = null;
-
- public UserDatabaseFrom() {
-
- }
-
- public UserDatabaseFrom(UserDatabase db) {
- bpk = db.getBpk();
- familyName = db.getFamilyname();
- givenName = db.getGivenname();
- institut = db.getInstitut();
- mail = db.getMail();
- phone = db.getPhone();
- username = db.getUsername();
-
- if (MiscUtil.isNotEmpty(db.getPassword()))
- passwordActive = true;
- else
- passwordActive = false;
-
- active = db.isIsActive();
- admin = db.isIsAdmin();
-
- if (db.isIsUsernamePasswordAllowed() != null)
- isusernamepasswordallowed = db.isIsUsernamePasswordAllowed();
- else
- isusernamepasswordallowed = true;
-
- if (db.isIsAdminRequest() != null)
- isadminrequest = db.isIsAdminRequest();
- else
- isadminrequest = false;
-
- if (db.isIsMandateUser() != null)
- ismandateuser = db.isIsMandateUser();
- else
- ismandateuser = false;
-
- if (db.isIsPVP2Generated() != null)
- isPVPGenerated = db.isIsPVP2Generated();
- else
- isPVPGenerated = false;
-
- userID = String.valueOf(db.getHjid());
- }
-
-
- /**
- * @return the bpk
- */
- public String getBpk() {
- return bpk;
- }
-
-
- /**
- * @param bpk the bpk to set
- */
- public void setBpk(String bpk) {
- this.bpk = bpk;
- }
-
-
- /**
- * @return the familyName
- */
- public String getFamilyName() {
- return familyName;
- }
-
-
- /**
- * @param familyName the familyName to set
- */
- public void setFamilyName(String familyName) {
- this.familyName = familyName;
- }
-
-
- /**
- * @return the givenName
- */
- public String getGivenName() {
- return givenName;
- }
-
-
- /**
- * @param givenName the givenName to set
- */
- public void setGivenName(String givenName) {
- this.givenName = givenName;
- }
-
-
- /**
- * @return the institut
- */
- public String getInstitut() {
- return institut;
- }
-
-
- /**
- * @param institut the institut to set
- */
- public void setInstitut(String institut) {
- this.institut = institut;
- }
-
-
- /**
- * @return the mail
- */
- public String getMail() {
- return mail;
- }
-
-
- /**
- * @param mail the mail to set
- */
- public void setMail(String mail) {
- this.mail = mail;
- }
-
-
- /**
- * @return the phone
- */
- public String getPhone() {
- return phone;
- }
-
-
- /**
- * @param phone the phone to set
- */
- public void setPhone(String phone) {
- this.phone = phone;
- }
-
-
- /**
- * @return the username
- */
- public String getUsername() {
- return username;
- }
-
-
- /**
- * @param username the username to set
- */
- public void setUsername(String username) {
- this.username = username;
- }
-
-
- /**
- * @return the password
- */
- public String getPassword() {
- return password;
- }
-
-
- /**
- * @param password the password to set
- */
- public void setPassword(String password) {
- this.password = password;
- }
-
-
- /**
- * @return the active
- */
- public boolean isActive() {
- return active;
- }
-
-
- /**
- * @param active the active to set
- */
- public void setActive(boolean active) {
- this.active = active;
- }
-
-
- /**
- * @return the admin
- */
- public boolean isAdmin() {
- return admin;
- }
-
-
- /**
- * @param admin the admin to set
- */
- public void setAdmin(boolean admin) {
- this.admin = admin;
- }
-
-
- /**
- * @return the passwordActive
- */
- public boolean isPasswordActive() {
- return passwordActive;
- }
-
-
- /**
- * @param passwordActive the passwordActive to set
- */
- public void setPasswordActive(boolean passwordActive) {
- this.passwordActive = passwordActive;
- }
-
- /**
- * @return the userID
- */
- public String getUserID() {
- return userID;
- }
-
- /**
- * @param userID the userID to set
- */
- public void setUserID(String userID) {
- this.userID = userID;
- }
-
- /**
- * @return the password_second
- */
- public String getPassword_second() {
- return password_second;
- }
-
- /**
- * @param password_second the password_second to set
- */
- public void setPassword_second(String password_second) {
- this.password_second = password_second;
- }
-
- /**
- * @return the isusernamepasswordallowed
- */
- public boolean isIsusernamepasswordallowed() {
- return isusernamepasswordallowed;
- }
-
- /**
- * @param isusernamepasswordallowed the isusernamepasswordallowed to set
- */
- public void setIsusernamepasswordallowed(boolean isusernamepasswordallowed) {
- this.isusernamepasswordallowed = isusernamepasswordallowed;
- }
-
- /**
- * @return the ismandateuser
- */
- public boolean isIsmandateuser() {
- return ismandateuser;
- }
-
-
- /**
- * @param ismandateuser the ismandateuser to set
- */
- public void setIsmandateuser(boolean ismandateuser) {
- this.ismandateuser = ismandateuser;
- }
-
- /**
- * @return the isadminrequest
- */
- public boolean isIsadminrequest() {
- return isadminrequest;
- }
-
- /**
- * @param isadminrequest the isadminrequest to set
- */
- public void setIsadminrequest(boolean isadminrequest) {
- this.isadminrequest = isadminrequest;
- }
-
- /**
- * @return the isPVPGenerated
- */
- public boolean isPVPGenerated() {
- return isPVPGenerated;
- }
-
- /**
- * @param isPVPGenerated the isPVPGenerated to set
- */
- public void setPVPGenerated(boolean isPVPGenerated) {
- this.isPVPGenerated = isPVPGenerated;
- }
-
+
+ private String bpk;
+ private String familyName;
+ private String givenName;
+ private String institut;
+ private String mail;
+ private String phone;
+ private String username;
+ private String password;
+ private String password_second;
+ private boolean active = false;
+ private boolean admin = false;
+ private boolean passwordActive;
+ private boolean isusernamepasswordallowed = false;
+ private boolean isadminrequest = true;
+ private boolean ismandateuser = false;
+ private boolean isPVPGenerated;
+ private String userID = null;
+
+ public UserDatabaseFrom() {
+
+ }
+
+ public UserDatabaseFrom(UserDatabase db) {
+ bpk = db.getBpk();
+ familyName = db.getFamilyname();
+ givenName = db.getGivenname();
+ institut = db.getInstitut();
+ mail = db.getMail();
+ phone = db.getPhone();
+ username = db.getUsername();
+
+ if (MiscUtil.isNotEmpty(db.getPassword())) {
+ passwordActive = true;
+ } else {
+ passwordActive = false;
+ }
+
+ active = db.isIsActive();
+ admin = db.isIsAdmin();
+
+ if (db.isIsUsernamePasswordAllowed() != null) {
+ isusernamepasswordallowed = db.isIsUsernamePasswordAllowed();
+ } else {
+ isusernamepasswordallowed = true;
+ }
+
+ if (db.isIsAdminRequest() != null) {
+ isadminrequest = db.isIsAdminRequest();
+ } else {
+ isadminrequest = false;
+ }
+
+ if (db.isIsMandateUser() != null) {
+ ismandateuser = db.isIsMandateUser();
+ } else {
+ ismandateuser = false;
+ }
+
+ if (db.isIsPVP2Generated() != null) {
+ isPVPGenerated = db.isIsPVP2Generated();
+ } else {
+ isPVPGenerated = false;
+ }
+
+ userID = String.valueOf(db.getHjid());
+ }
+
+ /**
+ * @return the bpk
+ */
+ public String getBpk() {
+ return bpk;
+ }
+
+ /**
+ * @param bpk the bpk to set
+ */
+ public void setBpk(String bpk) {
+ this.bpk = bpk;
+ }
+
+ /**
+ * @return the familyName
+ */
+ public String getFamilyName() {
+ return familyName;
+ }
+
+ /**
+ * @param familyName the familyName to set
+ */
+ public void setFamilyName(String familyName) {
+ this.familyName = familyName;
+ }
+
+ /**
+ * @return the givenName
+ */
+ public String getGivenName() {
+ return givenName;
+ }
+
+ /**
+ * @param givenName the givenName to set
+ */
+ public void setGivenName(String givenName) {
+ this.givenName = givenName;
+ }
+
+ /**
+ * @return the institut
+ */
+ public String getInstitut() {
+ return institut;
+ }
+
+ /**
+ * @param institut the institut to set
+ */
+ public void setInstitut(String institut) {
+ this.institut = institut;
+ }
+
+ /**
+ * @return the mail
+ */
+ public String getMail() {
+ return mail;
+ }
+
+ /**
+ * @param mail the mail to set
+ */
+ public void setMail(String mail) {
+ this.mail = mail;
+ }
+
+ /**
+ * @return the phone
+ */
+ public String getPhone() {
+ return phone;
+ }
+
+ /**
+ * @param phone the phone to set
+ */
+ public void setPhone(String phone) {
+ this.phone = phone;
+ }
+
+ /**
+ * @return the username
+ */
+ public String getUsername() {
+ return username;
+ }
+
+ /**
+ * @param username the username to set
+ */
+ public void setUsername(String username) {
+ this.username = username;
+ }
+
+ /**
+ * @return the password
+ */
+ public String getPassword() {
+ return password;
+ }
+
+ /**
+ * @param password the password to set
+ */
+ public void setPassword(String password) {
+ this.password = password;
+ }
+
+ /**
+ * @return the active
+ */
+ public boolean isActive() {
+ return active;
+ }
+
+ /**
+ * @param active the active to set
+ */
+ public void setActive(boolean active) {
+ this.active = active;
+ }
+
+ /**
+ * @return the admin
+ */
+ public boolean isAdmin() {
+ return admin;
+ }
+
+ /**
+ * @param admin the admin to set
+ */
+ public void setAdmin(boolean admin) {
+ this.admin = admin;
+ }
+
+ /**
+ * @return the passwordActive
+ */
+ public boolean isPasswordActive() {
+ return passwordActive;
+ }
+
+ /**
+ * @param passwordActive the passwordActive to set
+ */
+ public void setPasswordActive(boolean passwordActive) {
+ this.passwordActive = passwordActive;
+ }
+
+ /**
+ * @return the userID
+ */
+ public String getUserID() {
+ return userID;
+ }
+
+ /**
+ * @param userID the userID to set
+ */
+ public void setUserID(String userID) {
+ this.userID = userID;
+ }
+
+ /**
+ * @return the password_second
+ */
+ public String getPassword_second() {
+ return password_second;
+ }
+
+ /**
+ * @param password_second the password_second to set
+ */
+ public void setPassword_second(String password_second) {
+ this.password_second = password_second;
+ }
+
+ /**
+ * @return the isusernamepasswordallowed
+ */
+ public boolean isIsusernamepasswordallowed() {
+ return isusernamepasswordallowed;
+ }
+
+ /**
+ * @param isusernamepasswordallowed the isusernamepasswordallowed to set
+ */
+ public void setIsusernamepasswordallowed(boolean isusernamepasswordallowed) {
+ this.isusernamepasswordallowed = isusernamepasswordallowed;
+ }
+
+ /**
+ * @return the ismandateuser
+ */
+ public boolean isIsmandateuser() {
+ return ismandateuser;
+ }
+
+ /**
+ * @param ismandateuser the ismandateuser to set
+ */
+ public void setIsmandateuser(boolean ismandateuser) {
+ this.ismandateuser = ismandateuser;
+ }
+
+ /**
+ * @return the isadminrequest
+ */
+ public boolean isIsadminrequest() {
+ return isadminrequest;
+ }
+
+ /**
+ * @param isadminrequest the isadminrequest to set
+ */
+ public void setIsadminrequest(boolean isadminrequest) {
+ this.isadminrequest = isadminrequest;
+ }
+
+ /**
+ * @return the isPVPGenerated
+ */
+ public boolean isPVPGenerated() {
+ return isPVPGenerated;
+ }
+
+ /**
+ * @param isPVPGenerated the isPVPGenerated to set
+ */
+ public void setPVPGenerated(boolean isPVPGenerated) {
+ this.isPVPGenerated = isPVPGenerated;
+ }
+
}
diff --git a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/data/oa/AttributeHelper.java b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/data/oa/AttributeHelper.java
index 63c82037f..c2344e059 100644
--- a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/data/oa/AttributeHelper.java
+++ b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/data/oa/AttributeHelper.java
@@ -4,61 +4,61 @@ import at.gv.egovernment.moa.id.commons.db.dao.config.deprecated.OAStorkAttribut
import at.gv.egovernment.moa.id.commons.db.dao.config.deprecated.StorkAttribute;
public class AttributeHelper {
- private boolean isUsed = false;
- private String name;
- private boolean mandatory;
- private boolean readonly;
+ private boolean isUsed = false;
+ private String name;
+ private boolean mandatory;
+ private boolean readonly;
- public AttributeHelper() {
- // TODO Auto-generated constructor stub
- }
+ public AttributeHelper() {
+ // TODO Auto-generated constructor stub
+ }
- public AttributeHelper(OAStorkAttribute attribute) {
- isUsed = true;
- name = attribute.getName();
- mandatory = attribute.isMandatory();
- }
+ public AttributeHelper(OAStorkAttribute attribute) {
+ isUsed = true;
+ name = attribute.getName();
+ mandatory = attribute.isMandatory();
+ }
- public AttributeHelper(StorkAttribute attribute) {
- name = attribute.getName();
- mandatory = false;
- if (attribute.isMandatory()==null) { // TODO check details
- attribute.setMandatory(false);
- } else {
- readonly = attribute.isMandatory();
- }
- isUsed = readonly;
- }
+ public AttributeHelper(StorkAttribute attribute) {
+ name = attribute.getName();
+ mandatory = false;
+ if (attribute.isMandatory() == null) { // TODO check details
+ attribute.setMandatory(false);
+ } else {
+ readonly = attribute.isMandatory();
+ }
+ isUsed = readonly;
+ }
- public boolean isUsed() {
- return isUsed;
- }
+ public boolean isUsed() {
+ return isUsed;
+ }
- public void setUsed(boolean used) {
- isUsed = used;
- }
+ public void setUsed(boolean used) {
+ isUsed = used;
+ }
- public String getName() {
- return name;
- }
+ public String getName() {
+ return name;
+ }
- public void setName(String newname) {
- name = newname;
- }
+ public void setName(String newname) {
+ name = newname;
+ }
- public boolean isMandatory() {
- return mandatory;
- }
+ public boolean isMandatory() {
+ return mandatory;
+ }
- public void setMandatory(boolean value) {
- mandatory = value;
- }
+ public void setMandatory(boolean value) {
+ mandatory = value;
+ }
- public boolean isReadOnly() {
- return readonly;
- }
+ public boolean isReadOnly() {
+ return readonly;
+ }
- public void setReadOnly(boolean value) {
- // we do not allow setting the readonly field
- }
+ public void setReadOnly(boolean value) {
+ // we do not allow setting the readonly field
+ }
} \ No newline at end of file
diff --git a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/data/oa/IOnlineApplicationData.java b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/data/oa/IOnlineApplicationData.java
index 8195c993d..0ba3ed36c 100644
--- a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/data/oa/IOnlineApplicationData.java
+++ b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/data/oa/IOnlineApplicationData.java
@@ -34,31 +34,34 @@ import at.gv.egovernment.moa.id.configuration.auth.AuthenticatedUser;
*
*/
public interface IOnlineApplicationData {
-
- public String getName();
-
- /**
- * Parse OnlineApplication database object to formData
- * @param dbOAConfig
- * @return List of Errors
- */
- public List<String> parse(OnlineApplication dbOA, AuthenticatedUser authUser, HttpServletRequest request);
-
- /**
- * Store formData to OnlineApplication database object
- * @param dboa: Database data object
- * @param authUser
- * @param request:
- * @return Error description
- */
- public String store(OnlineApplication dbOA, AuthenticatedUser authUser, HttpServletRequest request);
-
- /**
- * Validate formData
- * @param general
- * @param request
- * @return
- */
- public List<String> validate(OAGeneralConfig general, AuthenticatedUser authUser, HttpServletRequest request);
+
+ String getName();
+
+ /**
+ * Parse OnlineApplication database object to formData
+ *
+ * @param dbOAConfig
+ * @return List of Errors
+ */
+ List<String> parse(OnlineApplication dbOA, AuthenticatedUser authUser, HttpServletRequest request);
+
+ /**
+ * Store formData to OnlineApplication database object
+ *
+ * @param dboa: Database data object
+ * @param authUser
+ * @param request:
+ * @return Error description
+ */
+ String store(OnlineApplication dbOA, AuthenticatedUser authUser, HttpServletRequest request);
+
+ /**
+ * Validate formData
+ *
+ * @param general
+ * @param request
+ * @return
+ */
+ List<String> validate(OAGeneralConfig general, AuthenticatedUser authUser, HttpServletRequest request);
}
diff --git a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/data/oa/OAAuthenticationData.java b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/data/oa/OAAuthenticationData.java
index b3db074a2..b3f0620f0 100644
--- a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/data/oa/OAAuthenticationData.java
+++ b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/data/oa/OAAuthenticationData.java
@@ -29,8 +29,6 @@ import java.util.Map;
import javax.servlet.http.HttpServletRequest;
-import org.apache.log4j.Logger;
-
import at.gv.egiz.eaaf.core.impl.utils.KeyValueUtils;
import at.gv.egovernment.moa.id.commons.db.dao.config.deprecated.AuthComponentOA;
import at.gv.egovernment.moa.id.commons.db.dao.config.deprecated.BKUURLS;
@@ -47,105 +45,105 @@ import at.gv.egovernment.moa.id.configuration.auth.AuthenticatedUser;
import at.gv.egovernment.moa.id.configuration.config.ConfigurationProvider;
import at.gv.egovernment.moa.id.configuration.validation.oa.OAAuthenticationDataValidation;
import at.gv.egovernment.moa.util.MiscUtil;
+import lombok.extern.slf4j.Slf4j;
/**
* @author tlenz
*
*/
+@Slf4j
public class OAAuthenticationData implements IOnlineApplicationData {
- private static final Logger log = Logger.getLogger(OAAuthenticationData.class);
-
- private String bkuOnlineURL = null;
- private String bkuHandyURL = null;
- private String bkuLocalURL = null;
-
- private String mandateProfiles = null;
- private boolean useMandates = false;
-
- private List<String> misServicesList = new ArrayList<String>();
- private List<String> elgaServicesList = new ArrayList<String>();
- private List<String> szrgwServicesList = new ArrayList<String>();
- private List<String> eidServicesList = new ArrayList<String>();
- private String misServiceSelected = null;
- private String elgaServiceSelected = null;
- private String szrgwServiceSelected = null;
- private String eidServiceSelected = null;
-
- private boolean calculateHPI = false;
-
- private String keyBoxIdentifier = null;
- private static Map<String, String> keyBoxIdentifierList;
-
- private boolean legacy = false;
- List<String> SLTemplates = null;
-
- private Map<String, byte[]> transformations;
-
- private boolean enableTestCredentials = false;
- private List<String> testCredentialOIDs = null;
- private boolean useTestIDLValidationTrustStore = false;
- private boolean useTestAuthblockValidationTrustStore = false;
-
-
- //SL2.0
- private boolean sl20Active = false;
- private String sl20EndPoints = null;
-
- private boolean isMoaidMode = false;
-
- /**
- * @param isMoaidMode
- *
- */
- public OAAuthenticationData() {
- try {
- this.isMoaidMode = ConfigurationProvider.getInstance().isMOAIDMode();
- } catch (ConfigurationException e) {
- e.printStackTrace();
-
- }
-
- keyBoxIdentifierList = new HashMap<String, String>();
- MOAKeyBoxSelector[] values = MOAKeyBoxSelector.values();
- for (int i=0; i<values.length; i++) {
- keyBoxIdentifierList.put(values[i].value(), values[i].value());
- }
-
- keyBoxIdentifier = MOAKeyBoxSelector.SECURE_SIGNATURE_KEYPAIR.value();
-
-
- try {
- MOAIDConfiguration dbconfig = ConfigurationProvider.getInstance().getDbRead().getMOAIDConfiguration();
-
- if (this.isMoaidMode) {
- try {
- elgaServicesList = KeyValueUtils.getListOfCSVValues(dbconfig.getElgaMandateServiceURLs());
- misServicesList = KeyValueUtils.getListOfCSVValues(
- dbconfig.getAuthComponentGeneral().getOnlineMandates().getConnectionParameter().getURL());
- } catch (NullPointerException e) {}
-
- try {
- szrgwServicesList = KeyValueUtils.getListOfCSVValues(
- dbconfig.getAuthComponentGeneral().getForeignIdentities().getConnectionParameter().getURL());
- } catch (NullPointerException e) {}
-
- }
-
-
- try {
- eidServicesList = KeyValueUtils.getListOfCSVValues(dbconfig.getEidSystemServiceURLs());
- } catch (NullPointerException e) {}
-
-
- } catch (ConfigurationException e) {
- log.error("MOA-ID-Configuration initialization FAILED.", e);
-
- }
-
+ private String bkuOnlineURL = null;
+ private String bkuHandyURL = null;
+ private String bkuLocalURL = null;
+
+ private String mandateProfiles = null;
+ private boolean useMandates = false;
+
+ private List<String> misServicesList = new ArrayList<>();
+ private List<String> elgaServicesList = new ArrayList<>();
+ private List<String> szrgwServicesList = new ArrayList<>();
+ private List<String> eidServicesList = new ArrayList<>();
+ private String misServiceSelected = null;
+ private String elgaServiceSelected = null;
+ private String szrgwServiceSelected = null;
+ private String eidServiceSelected = null;
+
+ private boolean calculateHPI = false;
+
+ private String keyBoxIdentifier = null;
+ private static Map<String, String> keyBoxIdentifierList;
+
+ private boolean legacy = false;
+ List<String> SLTemplates = null;
+
+ private Map<String, byte[]> transformations;
+
+ private boolean enableTestCredentials = false;
+ private List<String> testCredentialOIDs = null;
+ private boolean useTestIDLValidationTrustStore = false;
+ private boolean useTestAuthblockValidationTrustStore = false;
+
+ // SL2.0
+ private boolean sl20Active = false;
+ private String sl20EndPoints = null;
+
+ private boolean isMoaidMode = false;
+
+ /**
+ * @param isMoaidMode
+ *
+ */
+ public OAAuthenticationData() {
+ try {
+ this.isMoaidMode = ConfigurationProvider.getInstance().isMOAIDMode();
+ } catch (final ConfigurationException e) {
+ e.printStackTrace();
+
+ }
+
+ keyBoxIdentifierList = new HashMap<>();
+ final MOAKeyBoxSelector[] values = MOAKeyBoxSelector.values();
+ for (final MOAKeyBoxSelector value : values) {
+ keyBoxIdentifierList.put(value.value(), value.value());
+ }
+
+ keyBoxIdentifier = MOAKeyBoxSelector.SECURE_SIGNATURE_KEYPAIR.value();
+
+ try {
+ final MOAIDConfiguration dbconfig = ConfigurationProvider.getInstance().getDbRead()
+ .getMOAIDConfiguration();
+
+ if (this.isMoaidMode) {
+ try {
+ elgaServicesList = KeyValueUtils.getListOfCSVValues(dbconfig.getElgaMandateServiceURLs());
+ misServicesList = KeyValueUtils.getListOfCSVValues(
+ dbconfig.getAuthComponentGeneral().getOnlineMandates().getConnectionParameter().getURL());
+ } catch (final NullPointerException e) {
+ }
+
+ try {
+ szrgwServicesList = KeyValueUtils.getListOfCSVValues(
+ dbconfig.getAuthComponentGeneral().getForeignIdentities().getConnectionParameter().getURL());
+ } catch (final NullPointerException e) {
+ }
+
+ }
+
+ try {
+ eidServicesList = KeyValueUtils.getListOfCSVValues(dbconfig.getEidSystemServiceURLs());
+ } catch (final NullPointerException e) {
+ }
+
+ } catch (final ConfigurationException e) {
+ log.error("MOA-ID-Configuration initialization FAILED.", e);
+
+ }
+
// bkuLocalURL = Constants.DEFAULT_LOCALBKU_URL;
// bkuHandyURL = Constants.DEFAULT_HANDYBKU_URL;
-//
+//
// MOAIDConfiguration moaidconfig = ConfigurationDBRead.getMOAIDConfiguration();
// if (moaidconfig != null) {
// DefaultBKUs defaultbkus = moaidconfig.getDefaultBKUs();
@@ -155,34 +153,43 @@ public class OAAuthenticationData implements IOnlineApplicationData {
// setBkuOnlineURL(defaultbkus.getOnlineBKU());
// }
// }
- }
-
- /* (non-Javadoc)
- * @see at.gv.egovernment.moa.id.configuration.data.oa.IOnlineApplicationData#getName()
- */
- @Override
- public String getName() {
- return "OAAuthenticationData";
- }
-
- /* (non-Javadoc)
- * @see at.gv.egovernment.moa.id.configuration.data.oa.IOnlineApplicationData#parse(at.gv.egovernment.moa.id.commons.db.dao.config.OnlineApplication, javax.servlet.http.HttpServletRequest)
- */
- @Override
- public List<String> parse(OnlineApplication dbOA, AuthenticatedUser authUser, HttpServletRequest request) {
- keyBoxIdentifier = dbOA.getKeyBoxIdentifier().value();
-
- szrgwServiceSelected = dbOA.getSelectedSZRGWServiceURL();
- eidServiceSelected = dbOA.getSelectedEIDServiceURL();
-
- AuthComponentOA oaauth = dbOA.getAuthComponentOA();
- if (oaauth != null) {
- BKUURLS bkuurls = oaauth.getBKUURLS();
-
- String defaulthandy = "";
- String defaultlocal = "";
- String defaultonline = "";
-
+ }
+
+ /*
+ * (non-Javadoc)
+ *
+ * @see
+ * at.gv.egovernment.moa.id.configuration.data.oa.IOnlineApplicationData#getName
+ * ()
+ */
+ @Override
+ public String getName() {
+ return "OAAuthenticationData";
+ }
+
+ /*
+ * (non-Javadoc)
+ *
+ * @see
+ * at.gv.egovernment.moa.id.configuration.data.oa.IOnlineApplicationData#parse(
+ * at.gv.egovernment.moa.id.commons.db.dao.config.OnlineApplication,
+ * javax.servlet.http.HttpServletRequest)
+ */
+ @Override
+ public List<String> parse(OnlineApplication dbOA, AuthenticatedUser authUser, HttpServletRequest request) {
+ keyBoxIdentifier = dbOA.getKeyBoxIdentifier().value();
+
+ szrgwServiceSelected = dbOA.getSelectedSZRGWServiceURL();
+ eidServiceSelected = dbOA.getSelectedEIDServiceURL();
+
+ final AuthComponentOA oaauth = dbOA.getAuthComponentOA();
+ if (oaauth != null) {
+ final BKUURLS bkuurls = oaauth.getBKUURLS();
+
+ final String defaulthandy = "";
+ final String defaultlocal = "";
+ final String defaultonline = "";
+
// MOAIDConfiguration dbconfig = ConfigurationDBRead.getMOAIDConfiguration();
// if (dbconfig != null) {
// DefaultBKUs defaultbkus = dbconfig.getDefaultBKUs();
@@ -192,674 +199,685 @@ public class OAAuthenticationData implements IOnlineApplicationData {
// defaultonline = defaultbkus.getOnlineBKU();
// }
// }
-
- if (bkuurls != null) {
-
- if (MiscUtil.isEmpty(bkuurls.getHandyBKU()))
- bkuHandyURL = defaulthandy;
- else
- bkuHandyURL = bkuurls.getHandyBKU();
-
- if (MiscUtil.isEmpty(bkuurls.getLocalBKU()))
- bkuLocalURL = defaultlocal;
- else
- bkuLocalURL = bkuurls.getLocalBKU();
-
- if (MiscUtil.isEmpty(bkuurls.getOnlineBKU()))
- bkuOnlineURL = defaultonline;
- else
- bkuOnlineURL = bkuurls.getOnlineBKU();
- }
-
- Mandates mandates = oaauth.getMandates();
- if (mandates != null) {
-
- mandateProfiles = null;
-
- List<String> profileList = mandates.getProfileName();
- for (String el : profileList) {
- if (mandateProfiles == null)
- mandateProfiles = el;
-
- else
- mandateProfiles += "," + el;
- }
-
- //TODO: only for RC1
- if (MiscUtil.isNotEmpty(mandates.getProfiles())) {
- if (mandateProfiles == null)
- mandateProfiles = mandates.getProfiles();
-
- else
- mandateProfiles += "," + mandates.getProfiles();
-
- }
-
- if (mandateProfiles != null)
- useMandates = true;
-
- else
- useMandates = false;
-
- misServiceSelected = mandates.getSelectedMISServiceURL();
- elgaServiceSelected = mandates.getSelecteELGAServiceURL();
-
- }
-
- TemplatesType templates = oaauth.getTemplates();
- if (templates != null) {
- List<TemplateType> templatetype = templates.getTemplate();
-
- if (templatetype != null) {
- if (SLTemplates == null) {
- SLTemplates = new ArrayList<String>();
- }
-
- for (TemplateType el : templatetype) {
- SLTemplates.add(el.getURL());
- }
- }
- }
-
- if (SLTemplates != null && SLTemplates.size() > 0)
- legacy = true;
-
- List<TransformsInfoType> transforminfos = oaauth.getTransformsInfo();
- transformations = new HashMap<String, byte[]>();
- for (TransformsInfoType el : transforminfos) {
- transformations.put(el.getFilename(), el.getTransformation());
- }
- }
-
- if (oaauth.getTestCredentials() != null) {
- enableTestCredentials = oaauth.getTestCredentials().isEnableTestCredentials();
- testCredentialOIDs = new ArrayList<String>();
- testCredentialOIDs.addAll(oaauth.getTestCredentials().getCredentialOID());
-
- useTestAuthblockValidationTrustStore = oaauth.getTestCredentials().isUseTestAuthBlockTrustStore();
- useTestIDLValidationTrustStore = oaauth.getTestCredentials().isUseTestIDLTrustStore();
- }
-
- //parse SL2.0 information
- if (oaauth.isSl20Active()) {
- //parse SL2.0 endpoint information
- if (oaauth.getSl20EndPoints() != null) {
- if (KeyValueUtils.isCSVValueString(oaauth.getSl20EndPoints()))
- sl20EndPoints = KeyValueUtils.normalizeCSVValueString(oaauth.getSl20EndPoints());
-
- else {
- if (oaauth.getSl20EndPoints().contains(KeyValueUtils.CSV_DELIMITER)) {
- //remove trailing comma if exist
- sl20EndPoints = oaauth.getSl20EndPoints().substring(0,
- oaauth.getSl20EndPoints().indexOf(KeyValueUtils.CSV_DELIMITER));
-
- } else
- sl20EndPoints = oaauth.getSl20EndPoints();
-
- }
- }
- sl20Active = oaauth.isSl20Active();
-
- }
-
-
- return null;
-
- }
-
- /* (non-Javadoc)
- * @see at.gv.egovernment.moa.id.configuration.data.oa.IOnlineApplicationData#store(at.gv.egovernment.moa.id.commons.db.dao.config.OnlineApplication, at.gv.egovernment.moa.id.configuration.auth.AuthenticatedUser, javax.servlet.http.HttpServletRequest)
- */
- @Override
- public String store(OnlineApplication dbOA, AuthenticatedUser authUser,
- HttpServletRequest request) {
- AuthComponentOA authoa = dbOA.getAuthComponentOA();
- if (authoa == null) {
- authoa = new AuthComponentOA();
- dbOA.setAuthComponentOA(authoa);
+
+ if (bkuurls != null) {
+
+ if (MiscUtil.isEmpty(bkuurls.getHandyBKU())) {
+ bkuHandyURL = defaulthandy;
+ } else {
+ bkuHandyURL = bkuurls.getHandyBKU();
+ }
+
+ if (MiscUtil.isEmpty(bkuurls.getLocalBKU())) {
+ bkuLocalURL = defaultlocal;
+ } else {
+ bkuLocalURL = bkuurls.getLocalBKU();
+ }
+
+ if (MiscUtil.isEmpty(bkuurls.getOnlineBKU())) {
+ bkuOnlineURL = defaultonline;
+ } else {
+ bkuOnlineURL = bkuurls.getOnlineBKU();
+ }
+ }
+
+ final Mandates mandates = oaauth.getMandates();
+ if (mandates != null) {
+
+ mandateProfiles = null;
+
+ final List<String> profileList = mandates.getProfileName();
+ for (final String el : profileList) {
+ if (mandateProfiles == null) {
+ mandateProfiles = el;
+ } else {
+ mandateProfiles += "," + el;
+ }
+ }
+
+ // TODO: only for RC1
+ if (MiscUtil.isNotEmpty(mandates.getProfiles())) {
+ if (mandateProfiles == null) {
+ mandateProfiles = mandates.getProfiles();
+ } else {
+ mandateProfiles += "," + mandates.getProfiles();
+ }
+
+ }
+
+ if (mandateProfiles != null) {
+ useMandates = true;
+ } else {
+ useMandates = false;
+ }
+
+ misServiceSelected = mandates.getSelectedMISServiceURL();
+ elgaServiceSelected = mandates.getSelecteELGAServiceURL();
+
+ }
+
+ final TemplatesType templates = oaauth.getTemplates();
+ if (templates != null) {
+ final List<TemplateType> templatetype = templates.getTemplate();
+
+ if (templatetype != null) {
+ if (SLTemplates == null) {
+ SLTemplates = new ArrayList<>();
+ }
+
+ for (final TemplateType el : templatetype) {
+ SLTemplates.add(el.getURL());
+ }
}
-
- dbOA.setCalculateHPI(isCalculateHPI());
-
- if (MiscUtil.isNotEmpty(getSzrgwServiceSelected()))
- dbOA.setSelectedSZRGWServiceURL(getSzrgwServiceSelected());
-
-
- if (MiscUtil.isNotEmpty(getEidServiceSelected()))
- dbOA.setSelectedEIDServiceURL(getEidServiceSelected());
-
- if (authUser.isAdmin()) {
-
- //store BKU-URLs
- BKUURLS bkuruls = new BKUURLS();
- authoa.setBKUURLS(bkuruls);
- bkuruls.setHandyBKU(getBkuHandyURL());
- bkuruls.setLocalBKU(getBkuLocalURL());
- bkuruls.setOnlineBKU(getBkuOnlineURL());
-
- //store SecurtiyLayerTemplates
- TemplatesType templates = authoa.getTemplates();
- if (templates == null) {
- templates = new TemplatesType();
- authoa.setTemplates(templates);
- }
- List<TemplateType> template = templates.getTemplate();
- if (isLegacy()) {
-
- if (template == null)
- template = new ArrayList<TemplateType>();
- else
- template.clear();
-
- if (MiscUtil.isNotEmpty(getSLTemplateURL1())) {
- TemplateType el = new TemplateType();
- el.setURL(getSLTemplateURL1());
- template.add(el);
- } else
- template.add(new TemplateType());
- if (MiscUtil.isNotEmpty(getSLTemplateURL2())) {
- TemplateType el = new TemplateType();
- el.setURL(getSLTemplateURL2());
- template.add(el);
- } else
- template.add(new TemplateType());
- if (MiscUtil.isNotEmpty(getSLTemplateURL3())) {
- TemplateType el = new TemplateType();
- el.setURL(getSLTemplateURL3());
- template.add(el);
- } else
- template.add(new TemplateType());
-
- } else {
- if (template != null && template.size() > 0) template.clear();
- }
-
-
- //store keyBox Identifier
- dbOA.setKeyBoxIdentifier(MOAKeyBoxSelector.fromValue(getKeyBoxIdentifier()));
+ }
+
+ if (SLTemplates != null && SLTemplates.size() > 0) {
+ legacy = true;
+ }
+
+ final List<TransformsInfoType> transforminfos = oaauth.getTransformsInfo();
+ transformations = new HashMap<>();
+ for (final TransformsInfoType el : transforminfos) {
+ transformations.put(el.getFilename(), el.getTransformation());
+ }
+ }
+
+ if (oaauth.getTestCredentials() != null) {
+ enableTestCredentials = oaauth.getTestCredentials().isEnableTestCredentials();
+ testCredentialOIDs = new ArrayList<>();
+ testCredentialOIDs.addAll(oaauth.getTestCredentials().getCredentialOID());
+
+ useTestAuthblockValidationTrustStore = oaauth.getTestCredentials().isUseTestAuthBlockTrustStore();
+ useTestIDLValidationTrustStore = oaauth.getTestCredentials().isUseTestIDLTrustStore();
+ }
+
+ // parse SL2.0 information
+ if (oaauth.isSl20Active()) {
+ // parse SL2.0 endpoint information
+ if (oaauth.getSl20EndPoints() != null) {
+ if (KeyValueUtils.isCSVValueString(oaauth.getSl20EndPoints())) {
+ sl20EndPoints = KeyValueUtils.normalizeCSVValueString(oaauth.getSl20EndPoints());
} else {
- if (dbOA.isIsNew()) dbOA.setKeyBoxIdentifier(MOAKeyBoxSelector.SECURE_SIGNATURE_KEYPAIR);
+ if (oaauth.getSl20EndPoints().contains(KeyValueUtils.CSV_DELIMITER)) {
+ // remove trailing comma if exist
+ sl20EndPoints = oaauth.getSl20EndPoints().substring(0,
+ oaauth.getSl20EndPoints().indexOf(KeyValueUtils.CSV_DELIMITER));
+
+ } else {
+ sl20EndPoints = oaauth.getSl20EndPoints();
+ }
+
}
-
- Mandates mandates = new Mandates();
- if (isUseMandates()) {
-
- String[] profileList = getMandateProfiles().split(",");
-
- List<String> dbProfiles = mandates.getProfileName();
- if (dbProfiles == null) {
- dbProfiles = new ArrayList<String>();
- mandates.setProfileName(dbProfiles);
-
- }
-
- for (String el: profileList)
- dbProfiles.add(el.trim());
-
- mandates.setProfiles(null);
-
- if (MiscUtil.isNotEmpty(getMisServiceSelected()))
- mandates.setSelectedMISServiceURL(getMisServiceSelected());
-
- if (MiscUtil.isNotEmpty(getElgaServiceSelected()))
- mandates.setSelecteELGAServiceURL(getElgaServiceSelected());
-
+ }
+ sl20Active = oaauth.isSl20Active();
+
+ }
+
+ return null;
+
+ }
+
+ /*
+ * (non-Javadoc)
+ *
+ * @see
+ * at.gv.egovernment.moa.id.configuration.data.oa.IOnlineApplicationData#store(
+ * at.gv.egovernment.moa.id.commons.db.dao.config.OnlineApplication,
+ * at.gv.egovernment.moa.id.configuration.auth.AuthenticatedUser,
+ * javax.servlet.http.HttpServletRequest)
+ */
+ @Override
+ public String store(OnlineApplication dbOA, AuthenticatedUser authUser,
+ HttpServletRequest request) {
+ AuthComponentOA authoa = dbOA.getAuthComponentOA();
+ if (authoa == null) {
+ authoa = new AuthComponentOA();
+ dbOA.setAuthComponentOA(authoa);
+ }
+
+ dbOA.setCalculateHPI(isCalculateHPI());
+
+ if (MiscUtil.isNotEmpty(getSzrgwServiceSelected())) {
+ dbOA.setSelectedSZRGWServiceURL(getSzrgwServiceSelected());
+ }
+
+ if (MiscUtil.isNotEmpty(getEidServiceSelected())) {
+ dbOA.setSelectedEIDServiceURL(getEidServiceSelected());
+ }
+
+ if (authUser.isAdmin()) {
+
+ // store BKU-URLs
+ final BKUURLS bkuruls = new BKUURLS();
+ authoa.setBKUURLS(bkuruls);
+ bkuruls.setHandyBKU(getBkuHandyURL());
+ bkuruls.setLocalBKU(getBkuLocalURL());
+ bkuruls.setOnlineBKU(getBkuOnlineURL());
+
+ // store SecurtiyLayerTemplates
+ TemplatesType templates = authoa.getTemplates();
+ if (templates == null) {
+ templates = new TemplatesType();
+ authoa.setTemplates(templates);
+ }
+ List<TemplateType> template = templates.getTemplate();
+ if (isLegacy()) {
+
+ if (template == null) {
+ template = new ArrayList<>();
} else {
- mandates.setProfiles(null);
- mandates.getProfileName().clear();
-
+ template.clear();
}
- authoa.setMandates(mandates);
- // set default transformation if it is empty
- List<TransformsInfoType> transformsInfo = authoa.getTransformsInfo();
- if (transformsInfo == null) {
- // TODO: set OA specific transformation if it is required
+ if (MiscUtil.isNotEmpty(getSLTemplateURL1())) {
+ final TemplateType el = new TemplateType();
+ el.setURL(getSLTemplateURL1());
+ template.add(el);
+ } else {
+ template.add(new TemplateType());
+ }
+ if (MiscUtil.isNotEmpty(getSLTemplateURL2())) {
+ final TemplateType el = new TemplateType();
+ el.setURL(getSLTemplateURL2());
+ template.add(el);
+ } else {
+ template.add(new TemplateType());
+ }
+ if (MiscUtil.isNotEmpty(getSLTemplateURL3())) {
+ final TemplateType el = new TemplateType();
+ el.setURL(getSLTemplateURL3());
+ template.add(el);
+ } else {
+ template.add(new TemplateType());
+ }
+ } else {
+ if (template != null && template.size() > 0) {
+ template.clear();
}
-
- if (enableTestCredentials) {
- TestCredentials testing = authoa.getTestCredentials();
+ }
+
+ // store keyBox Identifier
+ dbOA.setKeyBoxIdentifier(MOAKeyBoxSelector.fromValue(getKeyBoxIdentifier()));
+ } else {
+ if (dbOA.isIsNew()) {
+ dbOA.setKeyBoxIdentifier(MOAKeyBoxSelector.SECURE_SIGNATURE_KEYPAIR);
+ }
+ }
+
+ final Mandates mandates = new Mandates();
+ if (isUseMandates()) {
+
+ final String[] profileList = getMandateProfiles().split(",");
+
+ List<String> dbProfiles = mandates.getProfileName();
+ if (dbProfiles == null) {
+ dbProfiles = new ArrayList<>();
+ mandates.setProfileName(dbProfiles);
+
+ }
+
+ for (final String el : profileList) {
+ dbProfiles.add(el.trim());
+ }
+
+ mandates.setProfiles(null);
+
+ if (MiscUtil.isNotEmpty(getMisServiceSelected())) {
+ mandates.setSelectedMISServiceURL(getMisServiceSelected());
+ }
+
+ if (MiscUtil.isNotEmpty(getElgaServiceSelected())) {
+ mandates.setSelecteELGAServiceURL(getElgaServiceSelected());
+ }
+
+ } else {
+ mandates.setProfiles(null);
+ mandates.getProfileName().clear();
+
+ }
+ authoa.setMandates(mandates);
+
+ // set default transformation if it is empty
+ final List<TransformsInfoType> transformsInfo = authoa.getTransformsInfo();
+ if (transformsInfo == null) {
+ // TODO: set OA specific transformation if it is required
+
+ }
+
+ if (enableTestCredentials) {
+ TestCredentials testing = authoa.getTestCredentials();
// if (testing != null)
// ConfigurationDBUtils.delete(testing);
- testing = new TestCredentials();
- authoa.setTestCredentials(testing);
- testing.setEnableTestCredentials(enableTestCredentials);
- testing.setCredentialOID(testCredentialOIDs);
-
+ testing = new TestCredentials();
+ authoa.setTestCredentials(testing);
+ testing.setEnableTestCredentials(enableTestCredentials);
+ testing.setCredentialOID(testCredentialOIDs);
+
+ } else {
+ final TestCredentials testing = authoa.getTestCredentials();
+ if (testing != null) {
+ testing.setEnableTestCredentials(false);
+ }
+
+ }
+
+ TestCredentials testing = authoa.getTestCredentials();
+ if (testing == null) {
+ testing = new TestCredentials();
+ authoa.setTestCredentials(testing);
+
+ }
+ testing.setUseTestAuthBlockTrustStore(useTestAuthblockValidationTrustStore);
+ testing.setUseTestIDLTrustStore(useTestIDLValidationTrustStore);
+
+ // store SL2.0 information
+ authoa.setSl20Active(isSl20Active());
+ authoa.setSl20EndPoints(getSl20EndPoints());
+
+ return null;
+ }
+
+ /*
+ * (non-Javadoc)
+ *
+ * @see at.gv.egovernment.moa.id.configuration.data.oa.IOnlineApplicationData#
+ * validate(at.gv.egovernment.moa.id.configuration.data.oa.OAGeneralConfig,
+ * at.gv.egovernment.moa.id.configuration.auth.AuthenticatedUser,
+ * javax.servlet.http.HttpServletRequest)
+ */
+ @Override
+ public List<String> validate(OAGeneralConfig general,
+ AuthenticatedUser authUser, HttpServletRequest request) {
+ return new OAAuthenticationDataValidation().validate(this, authUser.isAdmin(), request);
+ }
+
+ /**
+ * @return the bkuOnlineURL
+ */
+ public String getBkuOnlineURL() {
+ return bkuOnlineURL;
+ }
+
+ /**
+ * @param bkuOnlineURL the bkuOnlineURL to set
+ */
+ public void setBkuOnlineURL(String bkuOnlineURL) {
+ this.bkuOnlineURL = bkuOnlineURL;
+ }
+
+ /**
+ * @return the bkuHandyURL
+ */
+ public String getBkuHandyURL() {
+ return bkuHandyURL;
+ }
+
+ /**
+ * @param bkuHandyURL the bkuHandyURL to set
+ */
+ public void setBkuHandyURL(String bkuHandyURL) {
+ this.bkuHandyURL = bkuHandyURL;
+ }
+
+ /**
+ * @return the bkuLocalURL
+ */
+ public String getBkuLocalURL() {
+ return bkuLocalURL;
+ }
+
+ /**
+ * @param bkuLocalURL the bkuLocalURL to set
+ */
+ public void setBkuLocalURL(String bkuLocalURL) {
+ this.bkuLocalURL = bkuLocalURL;
+ }
+
+ /**
+ * @return the mandateProfiles
+ */
+ public String getMandateProfiles() {
+ return mandateProfiles;
+ }
+
+ /**
+ * @param mandateProfiles the mandateProfiles to set
+ */
+ public void setMandateProfiles(String mandateProfiles) {
+ this.mandateProfiles = mandateProfiles;
+ }
+
+ /**
+ * @return the useMandates
+ */
+ public boolean isUseMandates() {
+ return useMandates;
+ }
+
+ /**
+ * @param useMandates the useMandates to set
+ */
+ public void setUseMandates(boolean useMandates) {
+ this.useMandates = useMandates;
+ }
+
+ /**
+ * @return the calculateHPI
+ */
+ public boolean isCalculateHPI() {
+ return calculateHPI;
+ }
+
+ /**
+ * @param calculateHPI the calculateHPI to set
+ */
+ public void setCalculateHPI(boolean calculateHPI) {
+ this.calculateHPI = calculateHPI;
+ }
+
+ /**
+ * @return the keyBoxIdentifier
+ */
+ public String getKeyBoxIdentifier() {
+ return keyBoxIdentifier;
+ }
+
+ /**
+ * @param keyBoxIdentifier the keyBoxIdentifier to set
+ */
+ public void setKeyBoxIdentifier(String keyBoxIdentifier) {
+ this.keyBoxIdentifier = keyBoxIdentifier;
+ }
+
+ /**
+ * @return the keyBoxIdentifierList
+ */
+ public Map<String, String> getKeyBoxIdentifierList() {
+ return keyBoxIdentifierList;
+ }
+
+ /**
+ * @return the legacy
+ */
+ public boolean isLegacy() {
+ return legacy;
+ }
+
+ /**
+ * @param legacy the legacy to set
+ */
+ public void setLegacy(boolean legacy) {
+ this.legacy = legacy;
+ }
+
+ /**
+ * @return the transformations
+ */
+ public Map<String, byte[]> getTransformations() {
+ return transformations;
+ }
+
+ /**
+ * @param transformations the transformations to set
+ */
+ public void setTransformations(Map<String, byte[]> transformations) {
+ this.transformations = transformations;
+ }
+
+ /**
+ * @return the sLTemplates
+ */
+ public List<String> getSLTemplates() {
+ return SLTemplates;
+ }
+
+ /**
+ * @return the sLTemplateURL1
+ */
+ public String getSLTemplateURL1() {
+ if (SLTemplates != null && SLTemplates.size() > 0) {
+ return SLTemplates.get(0);
+ } else {
+ return null;
+ }
+ }
+
+ /**
+ * @param sLTemplateURL1 the sLTemplateURL1 to set
+ */
+ public void setSLTemplateURL1(String sLTemplateURL1) {
+ if (SLTemplates == null) {
+ SLTemplates = new ArrayList<>();
+ }
+ SLTemplates.add(sLTemplateURL1);
+ }
+
+ /**
+ * @return the sLTemplateURL2
+ */
+ public String getSLTemplateURL2() {
+ if (SLTemplates != null && SLTemplates.size() > 1) {
+ return SLTemplates.get(1);
+ } else {
+ return null;
+ }
+ }
+
+ /**
+ * @param sLTemplateURL2 the sLTemplateURL2 to set
+ */
+ public void setSLTemplateURL2(String sLTemplateURL2) {
+ if (SLTemplates == null) {
+ SLTemplates = new ArrayList<>();
+ }
+ SLTemplates.add(sLTemplateURL2);
+ }
+
+ /**
+ * @return the sLTemplateURL3
+ */
+ public String getSLTemplateURL3() {
+ if (SLTemplates != null && SLTemplates.size() > 2) {
+ return SLTemplates.get(2);
+ } else {
+ return null;
+ }
+ }
+
+ /**
+ * @param sLTemplateURL3 the sLTemplateURL3 to set
+ */
+ public void setSLTemplateURL3(String sLTemplateURL3) {
+ if (SLTemplates == null) {
+ SLTemplates = new ArrayList<>();
+ }
+ SLTemplates.add(sLTemplateURL3);
+ }
+
+ /**
+ * @return the enableTestCredentials
+ */
+ public boolean isEnableTestCredentials() {
+ return enableTestCredentials;
+ }
+
+ /**
+ * @param enableTestCredentials the enableTestCredentials to set
+ */
+ public void setEnableTestCredentials(boolean enableTestCredentials) {
+ this.enableTestCredentials = enableTestCredentials;
+ }
+
+ /**
+ * @return the testCredentialOIDs
+ */
+ public String getTestCredentialOIDs() {
+ String value = null;
+ if (testCredentialOIDs != null) {
+ for (final String el : testCredentialOIDs) {
+ if (value == null) {
+ value = el;
} else {
- TestCredentials testing = authoa.getTestCredentials();
- if (testing != null) {
- testing.setEnableTestCredentials(false);
- }
-
+ value += "," + el;
}
-
- TestCredentials testing = authoa.getTestCredentials();
- if (testing == null) {
- testing = new TestCredentials();
- authoa.setTestCredentials(testing);
-
- }
- testing.setUseTestAuthBlockTrustStore(useTestAuthblockValidationTrustStore);
- testing.setUseTestIDLTrustStore(useTestIDLValidationTrustStore);
-
-
- //store SL2.0 information
- authoa.setSl20Active(isSl20Active());
- authoa.setSl20EndPoints(getSl20EndPoints());
-
- return null;
- }
-
- /* (non-Javadoc)
- * @see at.gv.egovernment.moa.id.configuration.data.oa.IOnlineApplicationData#validate(at.gv.egovernment.moa.id.configuration.data.oa.OAGeneralConfig, at.gv.egovernment.moa.id.configuration.auth.AuthenticatedUser, javax.servlet.http.HttpServletRequest)
- */
- @Override
- public List<String> validate(OAGeneralConfig general,
- AuthenticatedUser authUser, HttpServletRequest request) {
- return new OAAuthenticationDataValidation().validate(this, authUser.isAdmin(), request);
- }
-
-
- /**
- * @return the bkuOnlineURL
- */
- public String getBkuOnlineURL() {
- return bkuOnlineURL;
- }
-
-
- /**
- * @param bkuOnlineURL the bkuOnlineURL to set
- */
- public void setBkuOnlineURL(String bkuOnlineURL) {
- this.bkuOnlineURL = bkuOnlineURL;
- }
-
-
- /**
- * @return the bkuHandyURL
- */
- public String getBkuHandyURL() {
- return bkuHandyURL;
- }
-
-
- /**
- * @param bkuHandyURL the bkuHandyURL to set
- */
- public void setBkuHandyURL(String bkuHandyURL) {
- this.bkuHandyURL = bkuHandyURL;
- }
-
-
- /**
- * @return the bkuLocalURL
- */
- public String getBkuLocalURL() {
- return bkuLocalURL;
- }
-
-
- /**
- * @param bkuLocalURL the bkuLocalURL to set
- */
- public void setBkuLocalURL(String bkuLocalURL) {
- this.bkuLocalURL = bkuLocalURL;
- }
-
-
- /**
- * @return the mandateProfiles
- */
- public String getMandateProfiles() {
- return mandateProfiles;
- }
-
-
- /**
- * @param mandateProfiles the mandateProfiles to set
- */
- public void setMandateProfiles(String mandateProfiles) {
- this.mandateProfiles = mandateProfiles;
- }
-
-
- /**
- * @return the useMandates
- */
- public boolean isUseMandates() {
- return useMandates;
- }
-
-
- /**
- * @param useMandates the useMandates to set
- */
- public void setUseMandates(boolean useMandates) {
- this.useMandates = useMandates;
- }
-
-
- /**
- * @return the calculateHPI
- */
- public boolean isCalculateHPI() {
- return calculateHPI;
- }
-
-
- /**
- * @param calculateHPI the calculateHPI to set
- */
- public void setCalculateHPI(boolean calculateHPI) {
- this.calculateHPI = calculateHPI;
- }
-
-
- /**
- * @return the keyBoxIdentifier
- */
- public String getKeyBoxIdentifier() {
- return keyBoxIdentifier;
- }
-
-
- /**
- * @param keyBoxIdentifier the keyBoxIdentifier to set
- */
- public void setKeyBoxIdentifier(String keyBoxIdentifier) {
- this.keyBoxIdentifier = keyBoxIdentifier;
- }
-
-
- /**
- * @return the keyBoxIdentifierList
- */
- public Map<String, String> getKeyBoxIdentifierList() {
- return keyBoxIdentifierList;
- }
-
-
- /**
- * @return the legacy
- */
- public boolean isLegacy() {
- return legacy;
- }
-
-
- /**
- * @param legacy the legacy to set
- */
- public void setLegacy(boolean legacy) {
- this.legacy = legacy;
- }
-
-
- /**
- * @return the transformations
- */
- public Map<String, byte[]> getTransformations() {
- return transformations;
- }
-
-
- /**
- * @param transformations the transformations to set
- */
- public void setTransformations(Map<String, byte[]> transformations) {
- this.transformations = transformations;
- }
-
-
- /**
- * @return the sLTemplates
- */
- public List<String> getSLTemplates() {
- return SLTemplates;
- }
-
- /**
- * @return the sLTemplateURL1
- */
- public String getSLTemplateURL1() {
- if (SLTemplates != null && SLTemplates.size() > 0)
- return SLTemplates.get(0);
- else
- return null;
- }
-
-
- /**
- * @param sLTemplateURL1 the sLTemplateURL1 to set
- */
- public void setSLTemplateURL1(String sLTemplateURL1) {
- if (SLTemplates == null)
- SLTemplates = new ArrayList<String>();
- SLTemplates.add(sLTemplateURL1);
- }
-
-
- /**
- * @return the sLTemplateURL2
- */
- public String getSLTemplateURL2() {
- if (SLTemplates != null && SLTemplates.size() > 1)
- return SLTemplates.get(1);
- else
- return null;
- }
-
-
- /**
- * @param sLTemplateURL2 the sLTemplateURL2 to set
- */
- public void setSLTemplateURL2(String sLTemplateURL2) {
- if (SLTemplates == null)
- SLTemplates = new ArrayList<String>();
- SLTemplates.add(sLTemplateURL2);
- }
-
-
- /**
- * @return the sLTemplateURL3
- */
- public String getSLTemplateURL3() {
- if (SLTemplates != null && SLTemplates.size() > 2)
- return SLTemplates.get(2);
- else
- return null;
- }
-
-
- /**
- * @param sLTemplateURL3 the sLTemplateURL3 to set
- */
- public void setSLTemplateURL3(String sLTemplateURL3) {
- if (SLTemplates == null)
- SLTemplates = new ArrayList<String>();
- SLTemplates.add(sLTemplateURL3);
- }
-
- /**
- * @return the enableTestCredentials
- */
- public boolean isEnableTestCredentials() {
- return enableTestCredentials;
- }
-
- /**
- * @param enableTestCredentials the enableTestCredentials to set
- */
- public void setEnableTestCredentials(boolean enableTestCredentials) {
- this.enableTestCredentials = enableTestCredentials;
- }
-
- /**
- * @return the testCredentialOIDs
- */
- public String getTestCredentialOIDs() {
- String value = null;
- if (testCredentialOIDs != null) {
- for (String el : testCredentialOIDs) {
- if (value == null)
- value = el;
- else
- value += "," + el;
-
- }
- }
-
- return value;
- }
-
- public List<String> getTestCredialOIDList() {
- return this.testCredentialOIDs;
- }
-
- /**
- * @param testCredentialOIDs the testCredentialOIDs to set
- */
- public void setTestCredentialOIDs(String testCredentialOIDs) {
- if (MiscUtil.isNotEmpty(testCredentialOIDs)) {
- String[] oidList = testCredentialOIDs.split(",");
-
- this.testCredentialOIDs = new ArrayList<String>();
- for (int i=0; i<oidList.length; i++)
- this.testCredentialOIDs.add(oidList[i].trim());
- }
- }
-
- /**
- * @return the useTestIDLValidationTrustStore
- */
- public boolean isUseTestIDLValidationTrustStore() {
- return useTestIDLValidationTrustStore;
- }
-
- /**
- * @param useTestIDLValidationTrustStore the useTestIDLValidationTrustStore to set
- */
- public void setUseTestIDLValidationTrustStore(
- boolean useTestIDLValidationTrustStore) {
- this.useTestIDLValidationTrustStore = useTestIDLValidationTrustStore;
- }
-
- /**
- * @return the useTestAuthblockValidationTrustStore
- */
- public boolean isUseTestAuthblockValidationTrustStore() {
- return useTestAuthblockValidationTrustStore;
- }
-
- /**
- * @param useTestAuthblockValidationTrustStore the useTestAuthblockValidationTrustStore to set
- */
- public void setUseTestAuthblockValidationTrustStore(
- boolean useTestAuthblockValidationTrustStore) {
- this.useTestAuthblockValidationTrustStore = useTestAuthblockValidationTrustStore;
- }
-
- /**
- * @return the misServiceSelected
- */
- public String getMisServiceSelected() {
- return misServiceSelected;
- }
-
- /**
- * @param misServiceSelected the misServiceSelected to set
- */
- public void setMisServiceSelected(String misServiceSelected) {
- this.misServiceSelected = misServiceSelected;
- }
-
- /**
- * @return the elgaServiceSelected
- */
- public String getElgaServiceSelected() {
- return elgaServiceSelected;
- }
-
- /**
- * @param elgaServiceSelected the elgaServiceSelected to set
- */
- public void setElgaServiceSelected(String elgaServiceSelected) {
- this.elgaServiceSelected = elgaServiceSelected;
- }
-
- /**
- * @return the szrgwServiceSelected
- */
- public String getSzrgwServiceSelected() {
- return szrgwServiceSelected;
- }
-
- /**
- * @param szrgwServiceSelected the szrgwServiceSelected to set
- */
- public void setSzrgwServiceSelected(String szrgwServiceSelected) {
- this.szrgwServiceSelected = szrgwServiceSelected;
- }
-
- /**
- * @return the misServicesList
- */
- public List<String> getMisServicesList() {
- return misServicesList;
- }
-
- /**
- * @return the elgaServicesList
- */
- public List<String> getElgaServicesList() {
- return elgaServicesList;
- }
-
- /**
- * @return the szrgwServicesList
- */
- public List<String> getSzrgwServicesList() {
- return szrgwServicesList;
- }
-
- public List<String> getEidServicesList() {
- return eidServicesList;
- }
-
- public String getEidServiceSelected() {
- return eidServiceSelected;
- }
-
- public void setEidServiceSelected(String eidServiceSelected) {
- this.eidServiceSelected = eidServiceSelected;
- }
-
- public boolean isSl20Active() {
- return sl20Active;
- }
-
- public void setSl20Active(boolean sl20Active) {
- this.sl20Active = sl20Active;
- }
-
- public String getSl20EndPoints() {
- return sl20EndPoints;
- }
-
- public void setSl20EndPoints(String sl20EndPoints) {
- if (MiscUtil.isNotEmpty(sl20EndPoints))
- this.sl20EndPoints =
- KeyValueUtils.removeAllNewlineFromString(sl20EndPoints);
- else
- this.sl20EndPoints = sl20EndPoints;
- }
-
- public boolean isMoaidMode() {
- return isMoaidMode;
- }
-
+
+ }
+ }
+
+ return value;
+ }
+
+ public List<String> getTestCredialOIDList() {
+ return this.testCredentialOIDs;
+ }
+
+ /**
+ * @param testCredentialOIDs the testCredentialOIDs to set
+ */
+ public void setTestCredentialOIDs(String testCredentialOIDs) {
+ if (MiscUtil.isNotEmpty(testCredentialOIDs)) {
+ final String[] oidList = testCredentialOIDs.split(",");
+
+ this.testCredentialOIDs = new ArrayList<>();
+ for (final String element : oidList) {
+ this.testCredentialOIDs.add(element.trim());
+ }
+ }
+ }
+
+ /**
+ * @return the useTestIDLValidationTrustStore
+ */
+ public boolean isUseTestIDLValidationTrustStore() {
+ return useTestIDLValidationTrustStore;
+ }
+
+ /**
+ * @param useTestIDLValidationTrustStore the useTestIDLValidationTrustStore to
+ * set
+ */
+ public void setUseTestIDLValidationTrustStore(
+ boolean useTestIDLValidationTrustStore) {
+ this.useTestIDLValidationTrustStore = useTestIDLValidationTrustStore;
+ }
+
+ /**
+ * @return the useTestAuthblockValidationTrustStore
+ */
+ public boolean isUseTestAuthblockValidationTrustStore() {
+ return useTestAuthblockValidationTrustStore;
+ }
+
+ /**
+ * @param useTestAuthblockValidationTrustStore the
+ * useTestAuthblockValidationTrustStore
+ * to set
+ */
+ public void setUseTestAuthblockValidationTrustStore(
+ boolean useTestAuthblockValidationTrustStore) {
+ this.useTestAuthblockValidationTrustStore = useTestAuthblockValidationTrustStore;
+ }
+
+ /**
+ * @return the misServiceSelected
+ */
+ public String getMisServiceSelected() {
+ return misServiceSelected;
+ }
+
+ /**
+ * @param misServiceSelected the misServiceSelected to set
+ */
+ public void setMisServiceSelected(String misServiceSelected) {
+ this.misServiceSelected = misServiceSelected;
+ }
+
+ /**
+ * @return the elgaServiceSelected
+ */
+ public String getElgaServiceSelected() {
+ return elgaServiceSelected;
+ }
+
+ /**
+ * @param elgaServiceSelected the elgaServiceSelected to set
+ */
+ public void setElgaServiceSelected(String elgaServiceSelected) {
+ this.elgaServiceSelected = elgaServiceSelected;
+ }
+
+ /**
+ * @return the szrgwServiceSelected
+ */
+ public String getSzrgwServiceSelected() {
+ return szrgwServiceSelected;
+ }
+
+ /**
+ * @param szrgwServiceSelected the szrgwServiceSelected to set
+ */
+ public void setSzrgwServiceSelected(String szrgwServiceSelected) {
+ this.szrgwServiceSelected = szrgwServiceSelected;
+ }
+
+ /**
+ * @return the misServicesList
+ */
+ public List<String> getMisServicesList() {
+ return misServicesList;
+ }
+
+ /**
+ * @return the elgaServicesList
+ */
+ public List<String> getElgaServicesList() {
+ return elgaServicesList;
+ }
+
+ /**
+ * @return the szrgwServicesList
+ */
+ public List<String> getSzrgwServicesList() {
+ return szrgwServicesList;
+ }
+
+ public List<String> getEidServicesList() {
+ return eidServicesList;
+ }
+
+ public String getEidServiceSelected() {
+ return eidServiceSelected;
+ }
+
+ public void setEidServiceSelected(String eidServiceSelected) {
+ this.eidServiceSelected = eidServiceSelected;
+ }
+
+ public boolean isSl20Active() {
+ return sl20Active;
+ }
+
+ public void setSl20Active(boolean sl20Active) {
+ this.sl20Active = sl20Active;
+ }
+
+ public String getSl20EndPoints() {
+ return sl20EndPoints;
+ }
+
+ public void setSl20EndPoints(String sl20EndPoints) {
+ if (MiscUtil.isNotEmpty(sl20EndPoints)) {
+ this.sl20EndPoints =
+ KeyValueUtils.removeAllNewlineFromString(sl20EndPoints);
+ } else {
+ this.sl20EndPoints = sl20EndPoints;
+ }
+ }
+
+ public boolean isMoaidMode() {
+ return isMoaidMode;
+ }
+
}
diff --git a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/data/oa/OABPKEncryption.java b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/data/oa/OABPKEncryption.java
index bac69cf34..1f4d842ca 100644
--- a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/data/oa/OABPKEncryption.java
+++ b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/data/oa/OABPKEncryption.java
@@ -33,7 +33,6 @@ import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpSession;
import org.apache.commons.lang.SerializationUtils;
-import org.apache.log4j.Logger;
import at.gv.egovernment.moa.id.auth.exception.BuildException;
import at.gv.egovernment.moa.id.commons.api.data.BPKDecryptionParameters;
@@ -49,322 +48,342 @@ import at.gv.egovernment.moa.id.configuration.utils.ConfigurationEncryptionUtils
import at.gv.egovernment.moa.id.configuration.validation.oa.OAFileUploadValidation;
import at.gv.egovernment.moa.id.data.EncryptedData;
import at.gv.egovernment.moa.util.MiscUtil;
+import lombok.extern.slf4j.Slf4j;
/**
* @author tlenz
*
*/
+@Slf4j
public class OABPKEncryption implements IOnlineApplicationData {
- private static final Logger log = Logger.getLogger(OABPKEncryption.class);
-
- private static final String MODULENAME = "bPKEncryptionDecryption";
-
- private String keyStorePassword = null;
- private String keyAlias = null;
- private String keyPassword = null;
-
- private Map<String, byte[]> keyStoreForm = new HashMap<String, byte[]>();
-
- private List<File> keyStoreFileUpload = null;
- private List<String> keyStoreFileUploadContentType = null;
- private List<String> keyStoreFileUploadFileName = new ArrayList<String>();;
- private boolean deletekeyStore = false;
- private boolean validationError = false;
-
-
- /* (non-Javadoc)
- * @see at.gv.egovernment.moa.id.configuration.data.oa.IOnlineApplicationData#getName()
- */
- @Override
- public String getName() {
- // TODO Auto-generated method stub
- return MODULENAME;
- }
-
- /* (non-Javadoc)
- * @see at.gv.egovernment.moa.id.configuration.data.oa.IOnlineApplicationData#parse(at.gv.egovernment.moa.id.commons.db.dao.config.OnlineApplication, at.gv.egovernment.moa.id.configuration.auth.AuthenticatedUser, javax.servlet.http.HttpServletRequest)
- */
- @Override
- public List<String> parse(OnlineApplication dbOA,
- AuthenticatedUser authUser, HttpServletRequest request) {
- AuthComponentOA oaAuth = dbOA.getAuthComponentOA();
- if (oaAuth != null) {
- EncBPKInformation bPKEncDec = oaAuth.getEncBPKInformation();
- if (bPKEncDec != null) {
- BPKDecryption bPKDec = bPKEncDec.getBPKDecryption();
- if (bPKDec != null) {
- keyAlias = bPKDec.getKeyAlias();
- if (bPKDec.getKeyStoreFileName() != null)
- keyStoreFileUploadFileName.add(bPKDec.getKeyStoreFileName());
-
- }
- }
- }
-
- return null;
- }
-
- /* (non-Javadoc)
- * @see at.gv.egovernment.moa.id.configuration.data.oa.IOnlineApplicationData#store(at.gv.egovernment.moa.id.commons.db.dao.config.OnlineApplication, at.gv.egovernment.moa.id.configuration.auth.AuthenticatedUser, javax.servlet.http.HttpServletRequest)
- */
- @Override
- public String store(OnlineApplication dbOA, AuthenticatedUser authUser,
- HttpServletRequest request) {
- AuthComponentOA oaAuth = dbOA.getAuthComponentOA();
- if (oaAuth == null) {
- oaAuth = new AuthComponentOA();
- dbOA.setAuthComponentOA(oaAuth);
-
- }
- EncBPKInformation bPKEncDec = oaAuth.getEncBPKInformation();
- if (bPKEncDec == null) {
- bPKEncDec = new EncBPKInformation();
- oaAuth.setEncBPKInformation(bPKEncDec);
-
- }
-
- BPKDecryption bPKDec = bPKEncDec.getBPKDecryption();
- if (bPKDec == null) {
- bPKDec = new BPKDecryption();
- bPKEncDec.setBPKDecryption(bPKDec);
- }
-
- if (isDeletekeyStore()) {
- bPKDec.setIv(null);
- bPKDec.setKeyAlias(null);
- bPKDec.setKeyInformation(null);
- bPKDec.setKeyStoreFileName(null);
-
- }
-
- BPKDecryptionParameters keyInfo = new BPKDecryptionParameters();
- if (keyStoreForm != null && keyStoreForm.size() > 0) {
- keyInfo.setKeyAlias(keyAlias);
- keyInfo.setKeyPassword(keyPassword);
- keyInfo.setKeyStorePassword(keyStorePassword);
-
- Iterator<String> interator = keyStoreForm.keySet().iterator();
- bPKDec.setKeyStoreFileName(interator.next());
- bPKDec.setKeyAlias(keyAlias);
- keyInfo.setKeyStore(keyStoreForm.get(
- bPKDec.getKeyStoreFileName()));
-
- //encrypt key information
- byte[] serKeyInfo = SerializationUtils.serialize(keyInfo);
- try {
- EncryptedData encryptkeyInfo = ConfigurationEncryptionUtils.getInstance().encrypt(serKeyInfo);
- bPKDec.setIv(encryptkeyInfo.getIv());
- bPKDec.setKeyInformation(encryptkeyInfo.getEncData());
-
- } catch (BuildException e) {
- log.error("Configuration encryption FAILED.", e);
- return LanguageHelper.getErrorString("error.general.text", request);
-
- }
- }
-
- request.getSession().setAttribute(Constants.SESSION_BPKENCRYPTIONDECRYPTION, null);
-
- return null;
- }
-
- /* (non-Javadoc)
- * @see at.gv.egovernment.moa.id.configuration.data.oa.IOnlineApplicationData#validate(at.gv.egovernment.moa.id.configuration.data.oa.OAGeneralConfig, at.gv.egovernment.moa.id.configuration.auth.AuthenticatedUser, javax.servlet.http.HttpServletRequest)
- */
- @Override
- public List<String> validate(OAGeneralConfig general,
- AuthenticatedUser authUser, HttpServletRequest request) {
- HttpSession session = request.getSession();
- List<String> errors = new ArrayList<String>();
-
- String check = null;
-
- OAFileUploadValidation valiator_fileUpload = new OAFileUploadValidation();
- //validate BKU-selection template
- List<String> templateError = valiator_fileUpload.validate(getKeyStoreFileUploadFileName()
- , getKeyStoreFileUpload(), "validation.bPKDec.keyStore", keyStoreForm, request);
- if (templateError != null && templateError.size() == 0) {
- if (keyStoreForm != null && keyStoreForm.size() > 0) {
- session.setAttribute(Constants.SESSION_BPKENCRYPTIONDECRYPTION, keyStoreForm);
-
- } else
- keyStoreForm = (Map<String, byte[]>) session.getAttribute(Constants.SESSION_BPKENCRYPTIONDECRYPTION);
-
- } else {
- errors.addAll(templateError);
+ private static final String MODULENAME = "bPKEncryptionDecryption";
+
+ private String keyStorePassword = null;
+ private String keyAlias = null;
+ private String keyPassword = null;
+
+ private Map<String, byte[]> keyStoreForm = new HashMap<>();
+
+ private List<File> keyStoreFileUpload = null;
+ private List<String> keyStoreFileUploadContentType = null;
+ private List<String> keyStoreFileUploadFileName = new ArrayList<>();
+ private boolean deletekeyStore = false;
+ private boolean validationError = false;
+
+ /*
+ * (non-Javadoc)
+ *
+ * @see
+ * at.gv.egovernment.moa.id.configuration.data.oa.IOnlineApplicationData#getName
+ * ()
+ */
+ @Override
+ public String getName() {
+ // TODO Auto-generated method stub
+ return MODULENAME;
+ }
+
+ /*
+ * (non-Javadoc)
+ *
+ * @see
+ * at.gv.egovernment.moa.id.configuration.data.oa.IOnlineApplicationData#parse(
+ * at.gv.egovernment.moa.id.commons.db.dao.config.OnlineApplication,
+ * at.gv.egovernment.moa.id.configuration.auth.AuthenticatedUser,
+ * javax.servlet.http.HttpServletRequest)
+ */
+ @Override
+ public List<String> parse(OnlineApplication dbOA,
+ AuthenticatedUser authUser, HttpServletRequest request) {
+ final AuthComponentOA oaAuth = dbOA.getAuthComponentOA();
+ if (oaAuth != null) {
+ final EncBPKInformation bPKEncDec = oaAuth.getEncBPKInformation();
+ if (bPKEncDec != null) {
+ final BPKDecryption bPKDec = bPKEncDec.getBPKDecryption();
+ if (bPKDec != null) {
+ keyAlias = bPKDec.getKeyAlias();
+ if (bPKDec.getKeyStoreFileName() != null) {
+ keyStoreFileUploadFileName.add(bPKDec.getKeyStoreFileName());
+ }
}
-
- if (keyStoreForm != null && keyStoreForm.size() > 0) {
- check = getKeyStorePassword();
- if (MiscUtil.isEmpty(check)) {
- log.info("bPK decryption keystore password is empty");
- errors.add(LanguageHelper.getErrorString("validation.bPKDec.keyStorePassword.empty", request));
-
- } else {
- if (ValidationHelper.containsNotValidCharacter(check, false)) {
- log.warn("bPK decryption keystore password contains potentail XSS characters: " + check);
- errors.add(LanguageHelper.getErrorString("validation.bPKDec.keyStorePassword.valid",
- new Object[] {ValidationHelper.getNotValidCharacter(false)}, request ));
-
- }
- }
-
- check = getKeyAlias();
- if (MiscUtil.isEmpty(check)) {
- log.info("bPK decryption key alias is empty");
- errors.add(LanguageHelper.getErrorString("validation.bPKDec.keyAlias.empty", request));
-
- } else {
- if (ValidationHelper.containsNotValidCharacter(check, false)) {
- log.warn("bPK decryption key alias contains potentail XSS characters: " + check);
- errors.add(LanguageHelper.getErrorString("validation.bPKDec.keyAlias.valid",
- new Object[] {ValidationHelper.getNotValidCharacter(false)}, request ));
-
- }
- }
-
- check = getKeyPassword();
- if (MiscUtil.isNotEmpty(check)) {
- if (ValidationHelper.containsNotValidCharacter(check, false)) {
- log.warn("bPK decryption key password contains potentail XSS characters: " + check);
- errors.add(LanguageHelper.getErrorString("validation.bPKDec.keyPassword.valid",
- new Object[] {ValidationHelper.getNotValidCharacter(false)}, request ));
-
- }
- }
-
- BPKDecryptionParameters keyInfo = new BPKDecryptionParameters();
- keyInfo.setKeyAlias(keyAlias);
- keyInfo.setKeyPassword(keyPassword);
- keyInfo.setKeyStorePassword(keyStorePassword);
- Iterator<String> interator = keyStoreForm.keySet().iterator();
- String fileName = interator.next();
- keyInfo.setKeyStore(keyStoreForm.get(fileName));
- if (keyInfo.getPrivateKey() == null) {
- log.info("Open keyStore FAILED.");
- errors.add(LanguageHelper.getErrorString("validation.bPKDec.keyStore.file.valid", request));
-
- }
+ }
+ }
+
+ return null;
+ }
+
+ /*
+ * (non-Javadoc)
+ *
+ * @see
+ * at.gv.egovernment.moa.id.configuration.data.oa.IOnlineApplicationData#store(
+ * at.gv.egovernment.moa.id.commons.db.dao.config.OnlineApplication,
+ * at.gv.egovernment.moa.id.configuration.auth.AuthenticatedUser,
+ * javax.servlet.http.HttpServletRequest)
+ */
+ @Override
+ public String store(OnlineApplication dbOA, AuthenticatedUser authUser,
+ HttpServletRequest request) {
+ AuthComponentOA oaAuth = dbOA.getAuthComponentOA();
+ if (oaAuth == null) {
+ oaAuth = new AuthComponentOA();
+ dbOA.setAuthComponentOA(oaAuth);
+
+ }
+ EncBPKInformation bPKEncDec = oaAuth.getEncBPKInformation();
+ if (bPKEncDec == null) {
+ bPKEncDec = new EncBPKInformation();
+ oaAuth.setEncBPKInformation(bPKEncDec);
+
+ }
+
+ BPKDecryption bPKDec = bPKEncDec.getBPKDecryption();
+ if (bPKDec == null) {
+ bPKDec = new BPKDecryption();
+ bPKEncDec.setBPKDecryption(bPKDec);
+ }
+
+ if (isDeletekeyStore()) {
+ bPKDec.setIv(null);
+ bPKDec.setKeyAlias(null);
+ bPKDec.setKeyInformation(null);
+ bPKDec.setKeyStoreFileName(null);
+
+ }
+
+ final BPKDecryptionParameters keyInfo = new BPKDecryptionParameters();
+ if (keyStoreForm != null && keyStoreForm.size() > 0) {
+ keyInfo.setKeyAlias(keyAlias);
+ keyInfo.setKeyPassword(keyPassword);
+ keyInfo.setKeyStorePassword(keyStorePassword);
+
+ final Iterator<String> interator = keyStoreForm.keySet().iterator();
+ bPKDec.setKeyStoreFileName(interator.next());
+ bPKDec.setKeyAlias(keyAlias);
+ keyInfo.setKeyStore(keyStoreForm.get(
+ bPKDec.getKeyStoreFileName()));
+
+ // encrypt key information
+ final byte[] serKeyInfo = SerializationUtils.serialize(keyInfo);
+ try {
+ final EncryptedData encryptkeyInfo = ConfigurationEncryptionUtils.getInstance().encrypt(serKeyInfo);
+ bPKDec.setIv(encryptkeyInfo.getIv());
+ bPKDec.setKeyInformation(encryptkeyInfo.getEncData());
+
+ } catch (final BuildException e) {
+ log.error("Configuration encryption FAILED.", e);
+ return LanguageHelper.getErrorString("error.general.text", request);
+
+ }
+ }
+
+ request.getSession().setAttribute(Constants.SESSION_BPKENCRYPTIONDECRYPTION, null);
+
+ return null;
+ }
+
+ /*
+ * (non-Javadoc)
+ *
+ * @see at.gv.egovernment.moa.id.configuration.data.oa.IOnlineApplicationData#
+ * validate(at.gv.egovernment.moa.id.configuration.data.oa.OAGeneralConfig,
+ * at.gv.egovernment.moa.id.configuration.auth.AuthenticatedUser,
+ * javax.servlet.http.HttpServletRequest)
+ */
+ @Override
+ public List<String> validate(OAGeneralConfig general,
+ AuthenticatedUser authUser, HttpServletRequest request) {
+ final HttpSession session = request.getSession();
+ final List<String> errors = new ArrayList<>();
+
+ String check = null;
+
+ final OAFileUploadValidation valiator_fileUpload = new OAFileUploadValidation();
+ // validate BKU-selection template
+ final List<String> templateError = valiator_fileUpload.validate(getKeyStoreFileUploadFileName(),
+ getKeyStoreFileUpload(), "validation.bPKDec.keyStore", keyStoreForm, request);
+ if (templateError != null && templateError.size() == 0) {
+ if (keyStoreForm != null && keyStoreForm.size() > 0) {
+ session.setAttribute(Constants.SESSION_BPKENCRYPTIONDECRYPTION, keyStoreForm);
+
+ } else {
+ keyStoreForm = (Map<String, byte[]>) session.getAttribute(Constants.SESSION_BPKENCRYPTIONDECRYPTION);
+ }
+
+ } else {
+ errors.addAll(templateError);
+
+ }
+
+ if (keyStoreForm != null && keyStoreForm.size() > 0) {
+ check = getKeyStorePassword();
+ if (MiscUtil.isEmpty(check)) {
+ log.info("bPK decryption keystore password is empty");
+ errors.add(LanguageHelper.getErrorString("validation.bPKDec.keyStorePassword.empty", request));
+
+ } else {
+ if (ValidationHelper.containsNotValidCharacter(check, false)) {
+ log.warn("bPK decryption keystore password contains potentail XSS characters: " + check);
+ errors.add(LanguageHelper.getErrorString("validation.bPKDec.keyStorePassword.valid",
+ new Object[] { ValidationHelper.getNotValidCharacter(false) }, request));
+
}
-
- if (errors.size() > 0) {
- validationError = true;
-
+ }
+
+ check = getKeyAlias();
+ if (MiscUtil.isEmpty(check)) {
+ log.info("bPK decryption key alias is empty");
+ errors.add(LanguageHelper.getErrorString("validation.bPKDec.keyAlias.empty", request));
+
+ } else {
+ if (ValidationHelper.containsNotValidCharacter(check, false)) {
+ log.warn("bPK decryption key alias contains potentail XSS characters: " + check);
+ errors.add(LanguageHelper.getErrorString("validation.bPKDec.keyAlias.valid",
+ new Object[] { ValidationHelper.getNotValidCharacter(false) }, request));
+
}
-
- return errors;
-
- }
-
- /**
- * @return the keyStorePassword
- */
- public String getKeyStorePassword() {
- return keyStorePassword;
- }
-
- /**
- * @param keyStorePassword the keyStorePassword to set
- */
- public void setKeyStorePassword(String keyStorePassword) {
- this.keyStorePassword = keyStorePassword;
- }
-
- /**
- * @return the keyAlias
- */
- public String getKeyAlias() {
- return keyAlias;
- }
-
- /**
- * @param keyAlias the keyAlias to set
- */
- public void setKeyAlias(String keyAlias) {
- this.keyAlias = keyAlias;
- }
-
- /**
- * @return the keyPassword
- */
- public String getKeyPassword() {
- return keyPassword;
- }
-
- /**
- * @param keyPassword the keyPassword to set
- */
- public void setKeyPassword(String keyPassword) {
- this.keyPassword = keyPassword;
- }
-
- /**
- * @return the keyStoreFileUpload
- */
- public List<File> getKeyStoreFileUpload() {
- return keyStoreFileUpload;
- }
-
- /**
- * @param keyStoreFileUpload the keyStoreFileUpload to set
- */
- public void setKeyStoreFileUpload(List<File> keyStoreFileUpload) {
- this.keyStoreFileUpload = keyStoreFileUpload;
- }
-
- /**
- * @return the keyStoreFileUploadContentType
- */
- public List<String> getKeyStoreFileUploadContentType() {
- return keyStoreFileUploadContentType;
- }
-
- /**
- * @param keyStoreFileUploadContentType the keyStoreFileUploadContentType to set
- */
- public void setKeyStoreFileUploadContentType(
- List<String> keyStoreFileUploadContentType) {
- this.keyStoreFileUploadContentType = keyStoreFileUploadContentType;
- }
-
- /**
- * @return the keyStoreFileUploadFileName
- */
- public List<String> getKeyStoreFileUploadFileName() {
- return keyStoreFileUploadFileName;
- }
-
- /**
- * @param keyStoreFileUploadFileName the keyStoreFileUploadFileName to set
- */
- public void setKeyStoreFileUploadFileName(
- List<String> keyStoreFileUploadFileName) {
- this.keyStoreFileUploadFileName = keyStoreFileUploadFileName;
- }
-
- /**
- * @return the deletekeyStore
- */
- public boolean isDeletekeyStore() {
- return deletekeyStore;
- }
-
- /**
- * @param deletekeyStore the deletekeyStore to set
- */
- public void setDeletekeyStore(boolean deletekeyStore) {
- this.deletekeyStore = deletekeyStore;
- }
-
- /**
- * @return the validationError
- */
- public boolean isValidationError() {
- return validationError;
- }
-
-
+ }
+
+ check = getKeyPassword();
+ if (MiscUtil.isNotEmpty(check)) {
+ if (ValidationHelper.containsNotValidCharacter(check, false)) {
+ log.warn("bPK decryption key password contains potentail XSS characters: " + check);
+ errors.add(LanguageHelper.getErrorString("validation.bPKDec.keyPassword.valid",
+ new Object[] { ValidationHelper.getNotValidCharacter(false) }, request));
+
+ }
+ }
+
+ final BPKDecryptionParameters keyInfo = new BPKDecryptionParameters();
+ keyInfo.setKeyAlias(keyAlias);
+ keyInfo.setKeyPassword(keyPassword);
+ keyInfo.setKeyStorePassword(keyStorePassword);
+ final Iterator<String> interator = keyStoreForm.keySet().iterator();
+ final String fileName = interator.next();
+ keyInfo.setKeyStore(keyStoreForm.get(fileName));
+ if (keyInfo.getPrivateKey() == null) {
+ log.info("Open keyStore FAILED.");
+ errors.add(LanguageHelper.getErrorString("validation.bPKDec.keyStore.file.valid", request));
+
+ }
+ }
+
+ if (errors.size() > 0) {
+ validationError = true;
+
+ }
+
+ return errors;
+
+ }
+
+ /**
+ * @return the keyStorePassword
+ */
+ public String getKeyStorePassword() {
+ return keyStorePassword;
+ }
+
+ /**
+ * @param keyStorePassword the keyStorePassword to set
+ */
+ public void setKeyStorePassword(String keyStorePassword) {
+ this.keyStorePassword = keyStorePassword;
+ }
+
+ /**
+ * @return the keyAlias
+ */
+ public String getKeyAlias() {
+ return keyAlias;
+ }
+
+ /**
+ * @param keyAlias the keyAlias to set
+ */
+ public void setKeyAlias(String keyAlias) {
+ this.keyAlias = keyAlias;
+ }
+
+ /**
+ * @return the keyPassword
+ */
+ public String getKeyPassword() {
+ return keyPassword;
+ }
+
+ /**
+ * @param keyPassword the keyPassword to set
+ */
+ public void setKeyPassword(String keyPassword) {
+ this.keyPassword = keyPassword;
+ }
+
+ /**
+ * @return the keyStoreFileUpload
+ */
+ public List<File> getKeyStoreFileUpload() {
+ return keyStoreFileUpload;
+ }
+
+ /**
+ * @param keyStoreFileUpload the keyStoreFileUpload to set
+ */
+ public void setKeyStoreFileUpload(List<File> keyStoreFileUpload) {
+ this.keyStoreFileUpload = keyStoreFileUpload;
+ }
+
+ /**
+ * @return the keyStoreFileUploadContentType
+ */
+ public List<String> getKeyStoreFileUploadContentType() {
+ return keyStoreFileUploadContentType;
+ }
+
+ /**
+ * @param keyStoreFileUploadContentType the keyStoreFileUploadContentType to set
+ */
+ public void setKeyStoreFileUploadContentType(
+ List<String> keyStoreFileUploadContentType) {
+ this.keyStoreFileUploadContentType = keyStoreFileUploadContentType;
+ }
+
+ /**
+ * @return the keyStoreFileUploadFileName
+ */
+ public List<String> getKeyStoreFileUploadFileName() {
+ return keyStoreFileUploadFileName;
+ }
+
+ /**
+ * @param keyStoreFileUploadFileName the keyStoreFileUploadFileName to set
+ */
+ public void setKeyStoreFileUploadFileName(
+ List<String> keyStoreFileUploadFileName) {
+ this.keyStoreFileUploadFileName = keyStoreFileUploadFileName;
+ }
+
+ /**
+ * @return the deletekeyStore
+ */
+ public boolean isDeletekeyStore() {
+ return deletekeyStore;
+ }
+
+ /**
+ * @param deletekeyStore the deletekeyStore to set
+ */
+ public void setDeletekeyStore(boolean deletekeyStore) {
+ this.deletekeyStore = deletekeyStore;
+ }
+
+ /**
+ * @return the validationError
+ */
+ public boolean isValidationError() {
+ return validationError;
+ }
}
diff --git a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/data/oa/OAGeneralConfig.java b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/data/oa/OAGeneralConfig.java
index c51513193..45a3dba1b 100644
--- a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/data/oa/OAGeneralConfig.java
+++ b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/data/oa/OAGeneralConfig.java
@@ -27,8 +27,6 @@ import java.util.List;
import javax.servlet.http.HttpServletRequest;
-import org.apache.log4j.Logger;
-
import at.gv.egovernment.moa.id.commons.db.dao.config.deprecated.AuthComponentOA;
import at.gv.egovernment.moa.id.commons.db.dao.config.deprecated.OnlineApplication;
import at.gv.egovernment.moa.id.commons.validation.ValidationHelper;
@@ -36,130 +34,151 @@ import at.gv.egovernment.moa.id.configuration.Constants;
import at.gv.egovernment.moa.id.configuration.auth.AuthenticatedUser;
import at.gv.egovernment.moa.id.configuration.helper.LanguageHelper;
import at.gv.egovernment.moa.util.MiscUtil;
-
-
-public class OAGeneralConfig implements IOnlineApplicationData{
- private static final Logger log = Logger.getLogger(OAGeneralConfig.class);
-
- private boolean isActive = false;
-
- private String identifier = null;
- private String friendlyName = null;
- private boolean businessService = false;
-
-
- /* (non-Javadoc)
- * @see at.gv.egovernment.moa.id.configuration.data.oa.IOnlineApplicationData#getName()
- */
- @Override
- public String getName() {
- return "OAGeneralInformation";
- }
-
- /* (non-Javadoc)
- * @see at.gv.egovernment.moa.id.configuration.data.oa.IOnlineApplicationData#parse(at.gv.egovernment.moa.id.commons.db.dao.config.OnlineApplication, javax.servlet.http.HttpServletRequest)
- */
- @Override
- public List<String> parse(OnlineApplication dbOAConfig, AuthenticatedUser authUser, HttpServletRequest request) {
- isActive = dbOAConfig.isIsActive();
-
- friendlyName = dbOAConfig.getFriendlyName();
- identifier = dbOAConfig.getPublicURLPrefix();
-
- if (dbOAConfig.getType().equals(Constants.MOA_CONFIG_BUSINESSSERVICE))
- businessService = true;
- else
- businessService = false;
-
- return null;
- }
-
-
- /* (non-Javadoc)
- * @see at.gv.egovernment.moa.id.configuration.data.oa.IOnlineApplicationData#store(at.gv.egovernment.moa.id.commons.db.dao.config.OnlineApplication, at.gv.egovernment.moa.id.configuration.auth.AuthenticatedUser, javax.servlet.http.HttpServletRequest)
- */
- @Override
- public String store(OnlineApplication dbOA, AuthenticatedUser authUser,
- HttpServletRequest request) {
- AuthComponentOA authoa = dbOA.getAuthComponentOA();
- if (authoa == null) {
- authoa = new AuthComponentOA();
- dbOA.setAuthComponentOA(authoa);
- }
-
- if (authUser.isAdmin()) dbOA.setIsActive(isActive());
-
- dbOA.setPublicURLPrefix(getIdentifier());
- dbOA.setFriendlyName(getFriendlyName());
-
- if (isBusinessService() || authUser.isOnlyBusinessService()) {
- dbOA.setType(Constants.MOA_CONFIG_BUSINESSSERVICE);
-
- } else {
- dbOA.setType(null);
- }
-
- return null;
-
- }
-
-
- /* (non-Javadoc)
- * @see at.gv.egovernment.moa.id.configuration.data.oa.IOnlineApplicationData#validate(at.gv.egovernment.moa.id.configuration.data.oa.OAGeneralConfig, at.gv.egovernment.moa.id.configuration.auth.AuthenticatedUser, javax.servlet.http.HttpServletRequest)
- */
- @Override
- public List<String> validate(OAGeneralConfig general,
- AuthenticatedUser authUser, HttpServletRequest request) {
-
- List<String> errors = new ArrayList<String>();
- String check;
-
- //check OA FriendlyName
- check = getFriendlyName();
- if (MiscUtil.isNotEmpty(check)) {
- if (ValidationHelper.containsNotValidCharacter(check, false)) {
- log.warn("OAFriendlyName contains potentail XSS characters: " + check);
- errors.add(LanguageHelper.getErrorString("validation.general.oafriendlyname.valid",
- new Object[] {ValidationHelper.getNotValidCharacter(false)}, request ));
- }
- } else {
- log.info("OA friendlyName is empty");
- errors.add(LanguageHelper.getErrorString("validation.general.oafriendlyname.empty", request));
- }
-
- return errors;
-
- }
-
- public boolean isBusinessService() {
- return businessService;
- }
-
- public void setBusinessService(boolean businessService) {
- this.businessService = businessService;
- }
-
- public String getIdentifier() {
- return identifier;
- }
-
- public void setIdentifier(String identifier) {
- this.identifier = identifier;
- }
-
- public String getFriendlyName() {
- return friendlyName;
- }
-
- public void setFriendlyName(String friendlyName) {
- this.friendlyName = friendlyName;
- }
-
- public boolean isActive() {
- return isActive;
- }
-
- public void setActive(boolean isActive) {
- this.isActive = isActive;
- }
+import lombok.extern.slf4j.Slf4j;
+
+@Slf4j
+public class OAGeneralConfig implements IOnlineApplicationData {
+
+ private boolean isActive = false;
+
+ private String identifier = null;
+ private String friendlyName = null;
+ private boolean businessService = false;
+
+ /*
+ * (non-Javadoc)
+ *
+ * @see
+ * at.gv.egovernment.moa.id.configuration.data.oa.IOnlineApplicationData#getName
+ * ()
+ */
+ @Override
+ public String getName() {
+ return "OAGeneralInformation";
+ }
+
+ /*
+ * (non-Javadoc)
+ *
+ * @see
+ * at.gv.egovernment.moa.id.configuration.data.oa.IOnlineApplicationData#parse(
+ * at.gv.egovernment.moa.id.commons.db.dao.config.OnlineApplication,
+ * javax.servlet.http.HttpServletRequest)
+ */
+ @Override
+ public List<String> parse(OnlineApplication dbOAConfig, AuthenticatedUser authUser,
+ HttpServletRequest request) {
+ isActive = dbOAConfig.isIsActive();
+
+ friendlyName = dbOAConfig.getFriendlyName();
+ identifier = dbOAConfig.getPublicURLPrefix();
+
+ if (dbOAConfig.getType().equals(Constants.MOA_CONFIG_BUSINESSSERVICE)) {
+ businessService = true;
+ } else {
+ businessService = false;
+ }
+
+ return null;
+ }
+
+ /*
+ * (non-Javadoc)
+ *
+ * @see
+ * at.gv.egovernment.moa.id.configuration.data.oa.IOnlineApplicationData#store(
+ * at.gv.egovernment.moa.id.commons.db.dao.config.OnlineApplication,
+ * at.gv.egovernment.moa.id.configuration.auth.AuthenticatedUser,
+ * javax.servlet.http.HttpServletRequest)
+ */
+ @Override
+ public String store(OnlineApplication dbOA, AuthenticatedUser authUser,
+ HttpServletRequest request) {
+ AuthComponentOA authoa = dbOA.getAuthComponentOA();
+ if (authoa == null) {
+ authoa = new AuthComponentOA();
+ dbOA.setAuthComponentOA(authoa);
+ }
+
+ if (authUser.isAdmin()) {
+ dbOA.setIsActive(isActive());
+ }
+
+ dbOA.setPublicURLPrefix(getIdentifier());
+ dbOA.setFriendlyName(getFriendlyName());
+
+ if (isBusinessService() || authUser.isOnlyBusinessService()) {
+ dbOA.setType(Constants.MOA_CONFIG_BUSINESSSERVICE);
+
+ } else {
+ dbOA.setType(null);
+ }
+
+ return null;
+
+ }
+
+ /*
+ * (non-Javadoc)
+ *
+ * @see at.gv.egovernment.moa.id.configuration.data.oa.IOnlineApplicationData#
+ * validate(at.gv.egovernment.moa.id.configuration.data.oa.OAGeneralConfig,
+ * at.gv.egovernment.moa.id.configuration.auth.AuthenticatedUser,
+ * javax.servlet.http.HttpServletRequest)
+ */
+ @Override
+ public List<String> validate(OAGeneralConfig general,
+ AuthenticatedUser authUser, HttpServletRequest request) {
+
+ final List<String> errors = new ArrayList<>();
+ String check;
+
+ // check OA FriendlyName
+ check = getFriendlyName();
+ if (MiscUtil.isNotEmpty(check)) {
+ if (ValidationHelper.containsNotValidCharacter(check, false)) {
+ log.warn("OAFriendlyName contains potentail XSS characters: " + check);
+ errors.add(LanguageHelper.getErrorString("validation.general.oafriendlyname.valid",
+ new Object[] { ValidationHelper.getNotValidCharacter(false) }, request));
+ }
+ } else {
+ log.info("OA friendlyName is empty");
+ errors.add(LanguageHelper.getErrorString("validation.general.oafriendlyname.empty", request));
+ }
+
+ return errors;
+
+ }
+
+ public boolean isBusinessService() {
+ return businessService;
+ }
+
+ public void setBusinessService(boolean businessService) {
+ this.businessService = businessService;
+ }
+
+ public String getIdentifier() {
+ return identifier;
+ }
+
+ public void setIdentifier(String identifier) {
+ this.identifier = identifier;
+ }
+
+ public String getFriendlyName() {
+ return friendlyName;
+ }
+
+ public void setFriendlyName(String friendlyName) {
+ this.friendlyName = friendlyName;
+ }
+
+ public boolean isActive() {
+ return isActive;
+ }
+
+ public void setActive(boolean isActive) {
+ this.isActive = isActive;
+ }
}
diff --git a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/data/oa/OAMOAIDPInterfederationConfig.java b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/data/oa/OAMOAIDPInterfederationConfig.java
index a4d71f0ed..ef5658ca4 100644
--- a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/data/oa/OAMOAIDPInterfederationConfig.java
+++ b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/data/oa/OAMOAIDPInterfederationConfig.java
@@ -27,194 +27,212 @@ import java.util.List;
import javax.servlet.http.HttpServletRequest;
-import org.apache.log4j.Logger;
-
import at.gv.egovernment.moa.id.commons.db.dao.config.deprecated.InterfederationIDPType;
import at.gv.egovernment.moa.id.commons.db.dao.config.deprecated.OnlineApplication;
import at.gv.egovernment.moa.id.commons.validation.ValidationHelper;
import at.gv.egovernment.moa.id.configuration.auth.AuthenticatedUser;
import at.gv.egovernment.moa.id.configuration.helper.LanguageHelper;
import at.gv.egovernment.moa.util.MiscUtil;
+import lombok.extern.slf4j.Slf4j;
/**
* @author tlenz
*
*/
+@Slf4j
public class OAMOAIDPInterfederationConfig implements IOnlineApplicationData {
- private static final Logger log = Logger.getLogger(OAMOAIDPInterfederationConfig.class);
-
- private String queryURL;
- private Boolean inboundSSO = true;
- private Boolean outboundSSO = true;
- private Boolean storeSSOSession = true;
- private Boolean passiveRequest = true;
- private Boolean localAuthOnError = true;
-
- /* (non-Javadoc)
- * @see at.gv.egovernment.moa.id.configuration.data.oa.IOnlineApplicationData#getName()
- */
- @Override
- public String getName() {
- return "MOAIDPInterfederation";
- }
-
- /* (non-Javadoc)
- * @see at.gv.egovernment.moa.id.configuration.data.oa.IOnlineApplicationData#parse(at.gv.egovernment.moa.id.commons.db.dao.config.OnlineApplication, at.gv.egovernment.moa.id.configuration.auth.AuthenticatedUser, javax.servlet.http.HttpServletRequest)
- */
- @Override
- public List<String> parse(OnlineApplication dbOA,
- AuthenticatedUser authUser, HttpServletRequest request) {
-
- InterfederationIDPType moaIDP = dbOA.getInterfederationIDP();
- if (moaIDP != null) {
- this.queryURL = moaIDP.getAttributeQueryURL();
- this.inboundSSO = moaIDP.isInboundSSO();
- this.outboundSSO = moaIDP.isOutboundSSO();
- this.storeSSOSession = moaIDP.isStoreSSOSession();
- this.localAuthOnError = moaIDP.isPerformLocalAuthenticationOnError();
- this.passiveRequest = moaIDP.isPerformPassivRequest();
- }
-
- return null;
- }
-
- /* (non-Javadoc)
- * @see at.gv.egovernment.moa.id.configuration.data.oa.IOnlineApplicationData#store(at.gv.egovernment.moa.id.commons.db.dao.config.OnlineApplication, at.gv.egovernment.moa.id.configuration.auth.AuthenticatedUser, javax.servlet.http.HttpServletRequest)
- */
- @Override
- public String store(OnlineApplication dbOA, AuthenticatedUser authUser,
- HttpServletRequest request) {
-
- if (authUser.isAdmin()) {
- dbOA.setIsInterfederationIDP(true);
-
- InterfederationIDPType moaIDP = dbOA.getInterfederationIDP();
- if (moaIDP == null) {
- moaIDP = new InterfederationIDPType();
- dbOA.setInterfederationIDP(moaIDP);
- }
-
- moaIDP.setAttributeQueryURL(queryURL);
- moaIDP.setInboundSSO(inboundSSO);
- moaIDP.setOutboundSSO(outboundSSO);
- moaIDP.setStoreSSOSession(storeSSOSession);
- moaIDP.setPerformLocalAuthenticationOnError(localAuthOnError);
- moaIDP.setPerformPassivRequest(passiveRequest);
-
- }
- return null;
- }
-
- /* (non-Javadoc)
- * @see at.gv.egovernment.moa.id.configuration.data.oa.IOnlineApplicationData#validate(at.gv.egovernment.moa.id.configuration.data.oa.OAGeneralConfig, at.gv.egovernment.moa.id.configuration.auth.AuthenticatedUser, javax.servlet.http.HttpServletRequest)
- */
- @Override
- public List<String> validate(OAGeneralConfig general,
- AuthenticatedUser authUser, HttpServletRequest request) {
-
- List<String> errors = new ArrayList<String>();
-
- if (MiscUtil.isNotEmpty(queryURL)) {
- if (!ValidationHelper.validateURL(queryURL)) {
- log.info("AttributeQuery URL is not valid");
- errors.add(LanguageHelper.getErrorString("validation.interfederation.moaidp.queryurl.valid", request));
-
- }
- }
-
+ private String queryURL;
+ private Boolean inboundSSO = true;
+ private Boolean outboundSSO = true;
+ private Boolean storeSSOSession = true;
+ private Boolean passiveRequest = true;
+ private Boolean localAuthOnError = true;
+
+ /*
+ * (non-Javadoc)
+ *
+ * @see
+ * at.gv.egovernment.moa.id.configuration.data.oa.IOnlineApplicationData#getName
+ * ()
+ */
+ @Override
+ public String getName() {
+ return "MOAIDPInterfederation";
+ }
+
+ /*
+ * (non-Javadoc)
+ *
+ * @see
+ * at.gv.egovernment.moa.id.configuration.data.oa.IOnlineApplicationData#parse(
+ * at.gv.egovernment.moa.id.commons.db.dao.config.OnlineApplication,
+ * at.gv.egovernment.moa.id.configuration.auth.AuthenticatedUser,
+ * javax.servlet.http.HttpServletRequest)
+ */
+ @Override
+ public List<String> parse(OnlineApplication dbOA,
+ AuthenticatedUser authUser, HttpServletRequest request) {
+
+ final InterfederationIDPType moaIDP = dbOA.getInterfederationIDP();
+ if (moaIDP != null) {
+ this.queryURL = moaIDP.getAttributeQueryURL();
+ this.inboundSSO = moaIDP.isInboundSSO();
+ this.outboundSSO = moaIDP.isOutboundSSO();
+ this.storeSSOSession = moaIDP.isStoreSSOSession();
+ this.localAuthOnError = moaIDP.isPerformLocalAuthenticationOnError();
+ this.passiveRequest = moaIDP.isPerformPassivRequest();
+ }
+
+ return null;
+ }
+
+ /*
+ * (non-Javadoc)
+ *
+ * @see
+ * at.gv.egovernment.moa.id.configuration.data.oa.IOnlineApplicationData#store(
+ * at.gv.egovernment.moa.id.commons.db.dao.config.OnlineApplication,
+ * at.gv.egovernment.moa.id.configuration.auth.AuthenticatedUser,
+ * javax.servlet.http.HttpServletRequest)
+ */
+ @Override
+ public String store(OnlineApplication dbOA, AuthenticatedUser authUser,
+ HttpServletRequest request) {
+
+ if (authUser.isAdmin()) {
+ dbOA.setIsInterfederationIDP(true);
+
+ InterfederationIDPType moaIDP = dbOA.getInterfederationIDP();
+ if (moaIDP == null) {
+ moaIDP = new InterfederationIDPType();
+ dbOA.setInterfederationIDP(moaIDP);
+ }
+
+ moaIDP.setAttributeQueryURL(queryURL);
+ moaIDP.setInboundSSO(inboundSSO);
+ moaIDP.setOutboundSSO(outboundSSO);
+ moaIDP.setStoreSSOSession(storeSSOSession);
+ moaIDP.setPerformLocalAuthenticationOnError(localAuthOnError);
+ moaIDP.setPerformPassivRequest(passiveRequest);
+
+ }
+ return null;
+ }
+
+ /*
+ * (non-Javadoc)
+ *
+ * @see at.gv.egovernment.moa.id.configuration.data.oa.IOnlineApplicationData#
+ * validate(at.gv.egovernment.moa.id.configuration.data.oa.OAGeneralConfig,
+ * at.gv.egovernment.moa.id.configuration.auth.AuthenticatedUser,
+ * javax.servlet.http.HttpServletRequest)
+ */
+ @Override
+ public List<String> validate(OAGeneralConfig general,
+ AuthenticatedUser authUser, HttpServletRequest request) {
+
+ final List<String> errors = new ArrayList<>();
+
+ if (MiscUtil.isNotEmpty(queryURL)) {
+ if (!ValidationHelper.validateURL(queryURL)) {
+ log.info("AttributeQuery URL is not valid");
+ errors.add(LanguageHelper.getErrorString("validation.interfederation.moaidp.queryurl.valid",
+ request));
+
+ }
+ }
+
// if (inboundSSO && MiscUtil.isEmpty(queryURL)) {
// log.info("Inbound Single Sign-On requires AttributQueryURL configuration.");
// errors.add(LanguageHelper.getErrorString("validation.interfederation.moaidp.queryurl.empty", request));
// }
-
- return errors;
- }
-
- /**
- * @return the queryURL
- */
- public String getQueryURL() {
- return queryURL;
- }
-
- /**
- * @param queryURL the queryURL to set
- */
- public void setQueryURL(String queryURL) {
- this.queryURL = queryURL;
- }
-
- /**
- * @return the inboundSSO
- */
- public boolean isInboundSSO() {
- return inboundSSO.booleanValue();
- }
-
- /**
- * @param inboundSSO the inboundSSO to set
- */
- public void setInboundSSO(boolean inboundSSO) {
- this.inboundSSO = inboundSSO;
- }
-
- /**
- * @return the outboundSSO
- */
- public boolean isOutboundSSO() {
- return outboundSSO.booleanValue();
- }
-
- /**
- * @param outboundSSO the outboundSSO to set
- */
- public void setOutboundSSO(boolean outboundSSO) {
- this.outboundSSO = outboundSSO;
- }
-
- /**
- * @return the storeSSOSession
- */
- public boolean isStoreSSOSession() {
- return storeSSOSession.booleanValue();
- }
-
- /**
- * @param storeSSOSession the storeSSOSession to set
- */
- public void setStoreSSOSession(boolean storeSSOSession) {
- this.storeSSOSession = storeSSOSession;
- }
-
- /**
- * @return the passiveRequest
- */
- public boolean isPassiveRequest() {
- return passiveRequest.booleanValue();
- }
-
- /**
- * @param passiveRequest the passiveRequest to set
- */
- public void setPassiveRequest(boolean passiveRequest) {
- this.passiveRequest = passiveRequest;
- }
-
- /**
- * @return the localAuthOnError
- */
- public boolean isLocalAuthOnError() {
- return localAuthOnError.booleanValue();
- }
-
- /**
- * @param localAuthOnError the localAuthOnError to set
- */
- public void setLocalAuthOnError(boolean localAuthOnError) {
- this.localAuthOnError = localAuthOnError;
- }
-
-
+
+ return errors;
+ }
+
+ /**
+ * @return the queryURL
+ */
+ public String getQueryURL() {
+ return queryURL;
+ }
+
+ /**
+ * @param queryURL the queryURL to set
+ */
+ public void setQueryURL(String queryURL) {
+ this.queryURL = queryURL;
+ }
+
+ /**
+ * @return the inboundSSO
+ */
+ public boolean isInboundSSO() {
+ return inboundSSO.booleanValue();
+ }
+
+ /**
+ * @param inboundSSO the inboundSSO to set
+ */
+ public void setInboundSSO(boolean inboundSSO) {
+ this.inboundSSO = inboundSSO;
+ }
+
+ /**
+ * @return the outboundSSO
+ */
+ public boolean isOutboundSSO() {
+ return outboundSSO.booleanValue();
+ }
+
+ /**
+ * @param outboundSSO the outboundSSO to set
+ */
+ public void setOutboundSSO(boolean outboundSSO) {
+ this.outboundSSO = outboundSSO;
+ }
+
+ /**
+ * @return the storeSSOSession
+ */
+ public boolean isStoreSSOSession() {
+ return storeSSOSession.booleanValue();
+ }
+
+ /**
+ * @param storeSSOSession the storeSSOSession to set
+ */
+ public void setStoreSSOSession(boolean storeSSOSession) {
+ this.storeSSOSession = storeSSOSession;
+ }
+
+ /**
+ * @return the passiveRequest
+ */
+ public boolean isPassiveRequest() {
+ return passiveRequest.booleanValue();
+ }
+
+ /**
+ * @param passiveRequest the passiveRequest to set
+ */
+ public void setPassiveRequest(boolean passiveRequest) {
+ this.passiveRequest = passiveRequest;
+ }
+
+ /**
+ * @return the localAuthOnError
+ */
+ public boolean isLocalAuthOnError() {
+ return localAuthOnError.booleanValue();
+ }
+
+ /**
+ * @param localAuthOnError the localAuthOnError to set
+ */
+ public void setLocalAuthOnError(boolean localAuthOnError) {
+ this.localAuthOnError = localAuthOnError;
+ }
}
diff --git a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/data/oa/OAOAuth20Config.java b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/data/oa/OAOAuth20Config.java
index ce50c847a..bae37b531 100644
--- a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/data/oa/OAOAuth20Config.java
+++ b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/data/oa/OAOAuth20Config.java
@@ -30,7 +30,6 @@ import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpSession;
import org.apache.commons.lang.StringUtils;
-import org.apache.log4j.Logger;
import at.gv.egovernment.moa.id.commons.db.dao.config.deprecated.AuthComponentOA;
import at.gv.egovernment.moa.id.commons.db.dao.config.deprecated.OAOAUTH20;
@@ -40,132 +39,150 @@ import at.gv.egovernment.moa.id.configuration.auth.AuthenticatedUser;
import at.gv.egovernment.moa.id.configuration.helper.LanguageHelper;
import at.gv.egovernment.moa.id.configuration.validation.oa.OAOAUTH20ConfigValidation;
import at.gv.egovernment.moa.id.protocols.oauth20.OAuth20Util;
+import lombok.extern.slf4j.Slf4j;
-public class OAOAuth20Config implements IOnlineApplicationData{
-
- private final Logger log = Logger.getLogger(OAOAuth20Config.class);
-
- private String clientId = null;
- private String clientSecret = null;
- private String redirectUri = null;
-
- public OAOAuth20Config() {
- this.generateClientSecret();
-
- }
-
- /* (non-Javadoc)
- * @see at.gv.egovernment.moa.id.configuration.data.oa.IOnlineApplicationData#getName()
- */
- @Override
- public String getName() {
- return "OAOpenIDConnect";
- }
-
- public List<String> parse(OnlineApplication dbOAConfig, AuthenticatedUser authUser, HttpServletRequest request) {
- List<String> errors = new ArrayList<String>();
-
- HttpSession session = request.getSession();
-
- AuthComponentOA authdata = dbOAConfig.getAuthComponentOA();
- if (authdata != null) {
- // set client id to public url prefix
- this.clientId = dbOAConfig.getPublicURLPrefix();
-
- OAOAUTH20 config = authdata.getOAOAUTH20();
-
- if (config != null) {
- // validate secret
- if (StringUtils.isNotEmpty(config.getOAuthClientSecret())) {
- this.clientSecret = config.getOAuthClientSecret();
- } else {
- this.generateClientSecret();
- }
-
- // validate redirectUri
- if (StringUtils.isNotEmpty(config.getOAuthRedirectUri()) && OAuth20Util.isUrl(config.getOAuthRedirectUri())) {
- this.redirectUri = config.getOAuthRedirectUri();
- } else {
- errors.add(LanguageHelper.getErrorString("error.oa.oauth.redirecturi", request));
- }
- } else {
- this.generateClientSecret();
- }
- }
-
- session.setAttribute(Constants.SESSION_OAUTH20SECRET, this.getClientSecret());
-
- return null;
- }
-
-
- /* (non-Javadoc)
- * @see at.gv.egovernment.moa.id.configuration.data.oa.IOnlineApplicationData#validate(at.gv.egovernment.moa.id.configuration.data.oa.OAGeneralConfig, at.gv.egovernment.moa.id.configuration.auth.AuthenticatedUser, javax.servlet.http.HttpServletRequest)
- */
- @Override
- public List<String> validate(OAGeneralConfig general,
- AuthenticatedUser authUser, HttpServletRequest request) {
- return new OAOAUTH20ConfigValidation().validate(this, request);
-
- }
-
- /* (non-Javadoc)
- * @see at.gv.egovernment.moa.id.configuration.data.oa.IOnlineApplicationData#store(at.gv.egovernment.moa.id.commons.db.dao.config.OnlineApplication, at.gv.egovernment.moa.id.configuration.auth.AuthenticatedUser, javax.servlet.http.HttpServletRequest)
- */
- @Override
- public String store(OnlineApplication dbOA, AuthenticatedUser authUser,
- HttpServletRequest request) {
- AuthComponentOA authoa = dbOA.getAuthComponentOA();
- if (authoa == null) {
- authoa = new AuthComponentOA();
- dbOA.setAuthComponentOA(authoa);
+@Slf4j
+public class OAOAuth20Config implements IOnlineApplicationData {
+
+ private String clientId = null;
+ private String clientSecret = null;
+ private String redirectUri = null;
+
+ public OAOAuth20Config() {
+ this.generateClientSecret();
+
+ }
+
+ /*
+ * (non-Javadoc)
+ *
+ * @see
+ * at.gv.egovernment.moa.id.configuration.data.oa.IOnlineApplicationData#getName
+ * ()
+ */
+ @Override
+ public String getName() {
+ return "OAOpenIDConnect";
+ }
+
+ @Override
+ public List<String> parse(OnlineApplication dbOAConfig, AuthenticatedUser authUser,
+ HttpServletRequest request) {
+ final List<String> errors = new ArrayList<>();
+
+ final HttpSession session = request.getSession();
+
+ final AuthComponentOA authdata = dbOAConfig.getAuthComponentOA();
+ if (authdata != null) {
+ // set client id to public url prefix
+ this.clientId = dbOAConfig.getPublicURLPrefix();
+
+ final OAOAUTH20 config = authdata.getOAOAUTH20();
+
+ if (config != null) {
+ // validate secret
+ if (StringUtils.isNotEmpty(config.getOAuthClientSecret())) {
+ this.clientSecret = config.getOAuthClientSecret();
+ } else {
+ this.generateClientSecret();
}
-
- log.debug("Saving OAuth 2.0 configuration:");
- OAOAUTH20 oaOAuth20 = authoa.getOAOAUTH20();
- if (oaOAuth20 == null) {
- oaOAuth20 = new OAOAUTH20();
- authoa.setOAOAUTH20(oaOAuth20);
+
+ // validate redirectUri
+ if (StringUtils.isNotEmpty(config.getOAuthRedirectUri()) && OAuth20Util.isUrl(config
+ .getOAuthRedirectUri())) {
+ this.redirectUri = config.getOAuthRedirectUri();
+ } else {
+ errors.add(LanguageHelper.getErrorString("error.oa.oauth.redirecturi", request));
}
+ } else {
+ this.generateClientSecret();
+ }
+ }
+
+ session.setAttribute(Constants.SESSION_OAUTH20SECRET, this.getClientSecret());
+
+ return null;
+ }
+
+ /*
+ * (non-Javadoc)
+ *
+ * @see at.gv.egovernment.moa.id.configuration.data.oa.IOnlineApplicationData#
+ * validate(at.gv.egovernment.moa.id.configuration.data.oa.OAGeneralConfig,
+ * at.gv.egovernment.moa.id.configuration.auth.AuthenticatedUser,
+ * javax.servlet.http.HttpServletRequest)
+ */
+ @Override
+ public List<String> validate(OAGeneralConfig general,
+ AuthenticatedUser authUser, HttpServletRequest request) {
+ return new OAOAUTH20ConfigValidation().validate(this, request);
+
+ }
+
+ /*
+ * (non-Javadoc)
+ *
+ * @see
+ * at.gv.egovernment.moa.id.configuration.data.oa.IOnlineApplicationData#store(
+ * at.gv.egovernment.moa.id.commons.db.dao.config.OnlineApplication,
+ * at.gv.egovernment.moa.id.configuration.auth.AuthenticatedUser,
+ * javax.servlet.http.HttpServletRequest)
+ */
+ @Override
+ public String store(OnlineApplication dbOA, AuthenticatedUser authUser,
+ HttpServletRequest request) {
+ AuthComponentOA authoa = dbOA.getAuthComponentOA();
+ if (authoa == null) {
+ authoa = new AuthComponentOA();
+ dbOA.setAuthComponentOA(authoa);
+ }
+
+ log.debug("Saving OAuth 2.0 configuration:");
+ OAOAUTH20 oaOAuth20 = authoa.getOAOAUTH20();
+ if (oaOAuth20 == null) {
+ oaOAuth20 = new OAOAUTH20();
+ authoa.setOAOAUTH20(oaOAuth20);
+ }
+
+ oaOAuth20.setOAuthClientId(dbOA.getPublicURLPrefix());
+ // oaOAuth20.setOAuthClientSecret(oauth20OA.getClientSecret());
+ oaOAuth20.setOAuthRedirectUri(getRedirectUri());
+ log.debug("client id: " + getClientId());
+ log.debug("client secret: " + getClientSecret());
+ log.debug("redirect uri:" + getRedirectUri());
+
+ oaOAuth20.setOAuthClientSecret((String) request.getSession().getAttribute(
+ Constants.SESSION_OAUTH20SECRET));
+ request.getSession().setAttribute(Constants.SESSION_OAUTH20SECRET, null);
+
+ return null;
+ }
+
+ public String getClientId() {
+ return clientId;
+ }
+
+ public void setClientId(String clientId) {
+ this.clientId = clientId;
+ }
+
+ public String getClientSecret() {
+ return clientSecret;
+ }
+
+ public void setClientSecret(String clientSecret) {
+ this.clientSecret = clientSecret;
+ }
+
+ public String getRedirectUri() {
+ return redirectUri;
+ }
+
+ public void setRedirectUri(String redirectUri) {
+ this.redirectUri = redirectUri;
+ }
- oaOAuth20.setOAuthClientId(dbOA.getPublicURLPrefix());
- // oaOAuth20.setOAuthClientSecret(oauth20OA.getClientSecret());
- oaOAuth20.setOAuthRedirectUri(getRedirectUri());
- log.debug("client id: " + getClientId());
- log.debug("client secret: " + getClientSecret());
- log.debug("redirect uri:" + getRedirectUri());
-
- oaOAuth20.setOAuthClientSecret((String) request.getSession().getAttribute(Constants.SESSION_OAUTH20SECRET));
- request.getSession().setAttribute(Constants.SESSION_OAUTH20SECRET, null);
-
- return null;
- }
-
- public String getClientId() {
- return clientId;
- }
-
- public void setClientId(String clientId) {
- this.clientId = clientId;
- }
-
- public String getClientSecret() {
- return clientSecret;
- }
-
- public void setClientSecret(String clientSecret) {
- this.clientSecret = clientSecret;
- }
-
- public String getRedirectUri() {
- return redirectUri;
- }
-
- public void setRedirectUri(String redirectUri) {
- this.redirectUri = redirectUri;
- }
-
- public void generateClientSecret() {
- this.clientSecret = UUID.randomUUID().toString();
- }
+ public void generateClientSecret() {
+ this.clientSecret = UUID.randomUUID().toString();
+ }
}
diff --git a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/data/oa/OAPVP2Config.java b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/data/oa/OAPVP2Config.java
index 4be1a81de..008617e76 100644
--- a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/data/oa/OAPVP2Config.java
+++ b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/data/oa/OAPVP2Config.java
@@ -32,228 +32,247 @@ import java.util.List;
import javax.servlet.http.HttpServletRequest;
-import org.apache.log4j.Logger;
-
-import iaik.x509.X509Certificate;
import at.gv.egovernment.moa.id.commons.config.MOAIDConfigurationConstants;
import at.gv.egovernment.moa.id.commons.db.dao.config.deprecated.AuthComponentOA;
import at.gv.egovernment.moa.id.commons.db.dao.config.deprecated.OAPVP2;
import at.gv.egovernment.moa.id.commons.db.dao.config.deprecated.OnlineApplication;
import at.gv.egovernment.moa.id.configuration.auth.AuthenticatedUser;
-import at.gv.egovernment.moa.id.configuration.config.ConfigurationProvider;
import at.gv.egovernment.moa.id.configuration.helper.LanguageHelper;
import at.gv.egovernment.moa.id.configuration.validation.oa.OAPVP2ConfigValidation;
import at.gv.egovernment.moa.util.Base64Utils;
import at.gv.egovernment.moa.util.MiscUtil;
+import iaik.x509.X509Certificate;
+import lombok.extern.slf4j.Slf4j;
-public class OAPVP2Config implements IOnlineApplicationData{
-
- private final Logger log = Logger.getLogger(OAPVP2Config.class);
-
- private boolean reLoad = false;
-
- private String metaDataURL = null;
- private String certificateDN = null;
-
- private File fileUpload = null;
- private String fileUploadContentType;
- private String fileUploadFileName;
-
- private byte[] storedCert = null;
-
- public OAPVP2Config() {
- }
-
- /* (non-Javadoc)
- * @see at.gv.egovernment.moa.id.configuration.data.oa.IOnlineApplicationData#getName()
- */
- @Override
- public String getName() {
- return "OAPVP2";
- }
-
- /* (non-Javadoc)
- * @see at.gv.egovernment.moa.id.configuration.data.oa.IOnlineApplicationData#store(at.gv.egovernment.moa.id.commons.db.dao.config.OnlineApplication, at.gv.egovernment.moa.id.configuration.auth.AuthenticatedUser)
- */
- @Override
- public String store(OnlineApplication dboa, AuthenticatedUser authUser, HttpServletRequest request) {
- AuthComponentOA authoa = dboa.getAuthComponentOA();
- if (authoa == null) {
- authoa = new AuthComponentOA();
- dboa.setAuthComponentOA(authoa);
- }
- OAPVP2 pvp2 = authoa.getOAPVP2();
- if (pvp2 == null) {
- pvp2 = new OAPVP2();
- authoa.setOAPVP2(pvp2);
- }
+@Slf4j
+public class OAPVP2Config implements IOnlineApplicationData {
+
+ private boolean reLoad = false;
+
+ private String metaDataURL = null;
+ private String certificateDN = null;
+
+ private File fileUpload = null;
+ private String fileUploadContentType;
+ private String fileUploadFileName;
+
+ private byte[] storedCert = null;
+
+ public OAPVP2Config() {
+ }
+
+ /*
+ * (non-Javadoc)
+ *
+ * @see
+ * at.gv.egovernment.moa.id.configuration.data.oa.IOnlineApplicationData#getName
+ * ()
+ */
+ @Override
+ public String getName() {
+ return "OAPVP2";
+ }
+
+ /*
+ * (non-Javadoc)
+ *
+ * @see
+ * at.gv.egovernment.moa.id.configuration.data.oa.IOnlineApplicationData#store(
+ * at.gv.egovernment.moa.id.commons.db.dao.config.OnlineApplication,
+ * at.gv.egovernment.moa.id.configuration.auth.AuthenticatedUser)
+ */
+ @Override
+ public String store(OnlineApplication dboa, AuthenticatedUser authUser, HttpServletRequest request) {
+ AuthComponentOA authoa = dboa.getAuthComponentOA();
+ if (authoa == null) {
+ authoa = new AuthComponentOA();
+ dboa.setAuthComponentOA(authoa);
+ }
+ OAPVP2 pvp2 = authoa.getOAPVP2();
+ if (pvp2 == null) {
+ pvp2 = new OAPVP2();
+ authoa.setOAPVP2(pvp2);
+ }
+
+ try {
+
+ if (getFileUpload() != null) {
+ pvp2.setCertificate(getCertificate());
+ setReLoad(true);
+
+ } else if (storedCert != null) {
+ pvp2.setCertificate(storedCert);
+ }
+
+ } catch (final CertificateException e) {
+ log.info("Uploaded Certificate can not be found", e);
+ return LanguageHelper.getErrorString("validation.pvp2.certificate.notfound", request);
+ } catch (final IOException e) {
+ log.info("Uploaded Certificate can not be parsed", e);
+ return LanguageHelper.getErrorString("validation.pvp2.certificate.format", request);
+ }
+
+ if (getMetaDataURL() != null &&
+ !getMetaDataURL().equals(pvp2.getMetadataURL())) {
+ setReLoad(true);
+ }
+ pvp2.setMetadataURL(getMetaDataURL());
+
+ if (isReLoad()) {
+ pvp2.setUpdateRequiredItem(new Date());
+ }
+
+ return null;
+
+ }
+
+ /*
+ * (non-Javadoc)
+ *
+ * @see at.gv.egovernment.moa.id.configuration.data.oa.IOnlineApplicationData#
+ * validate(at.gv.egovernment.moa.id.configuration.data.oa.OAGeneralConfig,
+ * at.gv.egovernment.moa.id.configuration.auth.AuthenticatedUser,
+ * javax.servlet.http.HttpServletRequest)
+ */
+ @Override
+ public List<String> validate(OAGeneralConfig general,
+ AuthenticatedUser authUser, HttpServletRequest request) {
+ return new OAPVP2ConfigValidation().validate(this, general.getIdentifier(), request);
+ }
- try {
-
- if (getFileUpload() != null) {
- pvp2.setCertificate(getCertificate());
- setReLoad(true);
-
- } else if (storedCert != null)
- pvp2.setCertificate(storedCert);
-
- } catch (CertificateException e) {
- log.info("Uploaded Certificate can not be found", e);
- return LanguageHelper.getErrorString("validation.pvp2.certificate.notfound", request);
- } catch (IOException e) {
- log.info("Uploaded Certificate can not be parsed", e);
- return LanguageHelper.getErrorString("validation.pvp2.certificate.format", request);
+ /*
+ * (non-Javadoc)
+ *
+ * @see
+ * at.gv.egovernment.moa.id.configuration.data.oa.IOnlineApplicationData#parse(
+ * at.gv.egovernment.moa.id.commons.db.dao.config.OnlineApplication)
+ */
+ @Override
+ public List<String> parse(OnlineApplication dbOAConfig, AuthenticatedUser authUser,
+ HttpServletRequest request) {
+ final List<String> errors = new ArrayList<>();
+
+ final AuthComponentOA authdata = dbOAConfig.getAuthComponentOA();
+ if (authdata != null) {
+ final OAPVP2 pvp2 = authdata.getOAPVP2();
+ if (pvp2 != null) {
+ metaDataURL = pvp2.getMetadataURL();
+
+ if (pvp2.getCertificate() != null &&
+ !new String(pvp2.getCertificate()).equals(MOAIDConfigurationConstants.WEBGUI_EMPTY_ELEMENT)) {
+ try {
+ // byte[] cert = pvp2.getCertificate();
+ final byte[] cert = Base64Utils.decode(new String(pvp2.getCertificate()), false);
+ if (MiscUtil.isNotEmpty(cert)) {
+ final X509Certificate x509 = new X509Certificate(cert);
+ certificateDN = x509.getSubjectDN().getName();
+ }
+ } catch (final CertificateException e) {
+ try {
+ final byte[] cert = pvp2.getCertificate();
+ if (MiscUtil.isNotEmpty(cert)) {
+ final X509Certificate x509 = new X509Certificate(cert);
+ certificateDN = x509.getSubjectDN().getName();
+ }
+
+ } catch (final CertificateException e1) {
+ log.warn("PVP2 certificate can not be loaded from Online-Applikation with ID " + dbOAConfig
+ .getPublicURLPrefix(), e1);
+ errors.add(LanguageHelper.getErrorString("error.oa.pvp2.certificate", request));
+
+ }
+
+ } catch (final IOException e) {
+ log.warn("PVP2 certificate can not be loaded from Online-Applikation with ID " + dbOAConfig
+ .getPublicURLPrefix());
+ errors.add(LanguageHelper.getErrorString("error.oa.pvp2.certificate", request));
+ }
}
+ }
+ }
+ return errors;
+ }
- if (getMetaDataURL() != null &&
- !getMetaDataURL().equals(pvp2.getMetadataURL()))
- setReLoad(true);
- pvp2.setMetadataURL(getMetaDataURL());
-
- if (isReLoad())
- pvp2.setUpdateRequiredItem(new Date());
-
- return null;
-
- }
-
-
- /* (non-Javadoc)
- * @see at.gv.egovernment.moa.id.configuration.data.oa.IOnlineApplicationData#validate(at.gv.egovernment.moa.id.configuration.data.oa.OAGeneralConfig, at.gv.egovernment.moa.id.configuration.auth.AuthenticatedUser, javax.servlet.http.HttpServletRequest)
- */
- @Override
- public List<String> validate(OAGeneralConfig general,
- AuthenticatedUser authUser, HttpServletRequest request) {
- return new OAPVP2ConfigValidation().validate(this, general.getIdentifier(), request);
- }
-
- /* (non-Javadoc)
- * @see at.gv.egovernment.moa.id.configuration.data.oa.IOnlineApplicationData#parse(at.gv.egovernment.moa.id.commons.db.dao.config.OnlineApplication)
- */
- @Override
- public List<String> parse(OnlineApplication dbOAConfig, AuthenticatedUser authUser, HttpServletRequest request) {
- List<String> errors = new ArrayList<String>();
-
- AuthComponentOA authdata = dbOAConfig.getAuthComponentOA();
- if (authdata != null) {
- OAPVP2 pvp2 = authdata.getOAPVP2();
- if (pvp2 != null) {
- metaDataURL = pvp2.getMetadataURL();
-
- if (pvp2.getCertificate() != null &&
- !(new String(pvp2.getCertificate())).equals(MOAIDConfigurationConstants.WEBGUI_EMPTY_ELEMENT)) {
- try {
- //byte[] cert = pvp2.getCertificate();
- byte[] cert = Base64Utils.decode(new String(pvp2.getCertificate()), false);
- if (MiscUtil.isNotEmpty(cert)) {
- X509Certificate x509 = new X509Certificate(cert);
- certificateDN = x509.getSubjectDN().getName();
- }
- } catch (CertificateException e) {
- try {
- byte[] cert = pvp2.getCertificate();
- if (MiscUtil.isNotEmpty(cert)) {
- X509Certificate x509 = new X509Certificate(cert);
- certificateDN = x509.getSubjectDN().getName();
- }
-
- } catch (CertificateException e1) {
- log.warn("PVP2 certificate can not be loaded from Online-Applikation with ID " + dbOAConfig.getPublicURLPrefix(), e1);
- errors.add(LanguageHelper.getErrorString("error.oa.pvp2.certificate", request));
-
- }
-
- } catch (IOException e) {
- log.warn("PVP2 certificate can not be loaded from Online-Applikation with ID " + dbOAConfig.getPublicURLPrefix());
- errors.add(LanguageHelper.getErrorString("error.oa.pvp2.certificate", request));
- }
- }
- }
- }
- return errors;
- }
-
- public byte[] getCertificate() throws CertificateException, IOException {
-
- FileInputStream filestream = new FileInputStream(fileUpload);
- X509Certificate x509 = new X509Certificate(filestream);
- return x509.getEncoded();
- }
-
- public void setStoredCert(byte[] storedCert) {
- this.storedCert = storedCert;
- }
-
- public String getMetaDataURL() {
- return metaDataURL;
- }
- public void setMetaDataURL(String metaDataURL) {
- this.metaDataURL = metaDataURL;
- }
-
- /**
- * @return the certificateDN
- */
- public String getCertificateDN() {
- return certificateDN;
- }
-
- /**
- * @return the fileUpLoad
- */
- public File getFileUpload() {
- return fileUpload;
- }
-
- /**
- * @param fileUpLoad the fileUpLoad to set
- */
- public void setFileUpload(File fileUpload) {
- this.fileUpload = fileUpload;
- }
-
- /**
- * @return the fileUploadContentType
- */
- public String getFileUploadContentType() {
- return fileUploadContentType;
- }
-
- /**
- * @param fileUploadContentType the fileUploadContentType to set
- */
- public void setFileUploadContentType(String fileUploadContentType) {
- this.fileUploadContentType = fileUploadContentType;
- }
-
- /**
- * @return the fileUploadFileName
- */
- public String getFileUploadFileName() {
- return fileUploadFileName;
- }
-
- /**
- * @param fileUploadFileName the fileUploadFileName to set
- */
- public void setFileUploadFileName(String fileUploadFileName) {
- this.fileUploadFileName = fileUploadFileName;
- }
-
- /**
- * @return the reLoad
- */
- public boolean isReLoad() {
- return reLoad;
- }
-
- /**
- * @param reLoad the reLoad to set
- */
- public void setReLoad(boolean reLoad) {
- this.reLoad = reLoad;
- }
-
-}
+ public byte[] getCertificate() throws CertificateException, IOException {
+
+ final FileInputStream filestream = new FileInputStream(fileUpload);
+ final X509Certificate x509 = new X509Certificate(filestream);
+ return x509.getEncoded();
+ }
+
+ public void setStoredCert(byte[] storedCert) {
+ this.storedCert = storedCert;
+ }
+
+ public String getMetaDataURL() {
+ return metaDataURL;
+ }
+
+ public void setMetaDataURL(String metaDataURL) {
+ this.metaDataURL = metaDataURL;
+ }
+ /**
+ * @return the certificateDN
+ */
+ public String getCertificateDN() {
+ return certificateDN;
+ }
+ /**
+ * @return the fileUpLoad
+ */
+ public File getFileUpload() {
+ return fileUpload;
+ }
+
+ /**
+ * @param fileUpLoad the fileUpLoad to set
+ */
+ public void setFileUpload(File fileUpload) {
+ this.fileUpload = fileUpload;
+ }
+
+ /**
+ * @return the fileUploadContentType
+ */
+ public String getFileUploadContentType() {
+ return fileUploadContentType;
+ }
+
+ /**
+ * @param fileUploadContentType the fileUploadContentType to set
+ */
+ public void setFileUploadContentType(String fileUploadContentType) {
+ this.fileUploadContentType = fileUploadContentType;
+ }
+
+ /**
+ * @return the fileUploadFileName
+ */
+ public String getFileUploadFileName() {
+ return fileUploadFileName;
+ }
+
+ /**
+ * @param fileUploadFileName the fileUploadFileName to set
+ */
+ public void setFileUploadFileName(String fileUploadFileName) {
+ this.fileUploadFileName = fileUploadFileName;
+ }
+
+ /**
+ * @return the reLoad
+ */
+ public boolean isReLoad() {
+ return reLoad;
+ }
+
+ /**
+ * @param reLoad the reLoad to set
+ */
+ public void setReLoad(boolean reLoad) {
+ this.reLoad = reLoad;
+ }
+
+}
diff --git a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/data/oa/OARevisionsLogData.java b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/data/oa/OARevisionsLogData.java
index 18bebf9d8..76fd31ccd 100644
--- a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/data/oa/OARevisionsLogData.java
+++ b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/data/oa/OARevisionsLogData.java
@@ -39,113 +39,134 @@ import at.gv.egovernment.moa.util.MiscUtil;
*/
public class OARevisionsLogData implements IOnlineApplicationData {
- private boolean active = false;
- private String eventCodes = null;
-
- /* (non-Javadoc)
- * @see at.gv.egovernment.moa.id.configuration.data.oa.IOnlineApplicationData#getName()
- */
- @Override
- public String getName() {
- return "OARevisionsLogging";
- }
-
- /* (non-Javadoc)
- * @see at.gv.egovernment.moa.id.configuration.data.oa.IOnlineApplicationData#parse(at.gv.egovernment.moa.id.commons.db.dao.config.deprecated.OnlineApplication, at.gv.egovernment.moa.id.configuration.auth.AuthenticatedUser, javax.servlet.http.HttpServletRequest)
- */
- @Override
- public List<String> parse(OnlineApplication dbOA,
- AuthenticatedUser authUser, HttpServletRequest request) {
-
- if (dbOA.getIsRevisionsLogActive() != null)
- active = dbOA.getIsRevisionsLogActive();
-
- if (MiscUtil.isNotEmpty(dbOA.getEventCodes()))
- eventCodes = dbOA.getEventCodes();
-
- return null;
-
- }
-
- /* (non-Javadoc)
- * @see at.gv.egovernment.moa.id.configuration.data.oa.IOnlineApplicationData#store(at.gv.egovernment.moa.id.commons.db.dao.config.deprecated.OnlineApplication, at.gv.egovernment.moa.id.configuration.auth.AuthenticatedUser, javax.servlet.http.HttpServletRequest)
- */
- @Override
- public String store(OnlineApplication dbOA, AuthenticatedUser authUser,
- HttpServletRequest request) {
-
- dbOA.setIsRevisionsLogActive(active);
-
- if (MiscUtil.isNotEmpty(eventCodes)) {
- dbOA.setEventCodes(KeyValueUtils.normalizeCSVValueString(eventCodes));
-
- }
-
- return null;
- }
-
- /* (non-Javadoc)
- * @see at.gv.egovernment.moa.id.configuration.data.oa.IOnlineApplicationData#validate(at.gv.egovernment.moa.id.configuration.data.oa.OAGeneralConfig, at.gv.egovernment.moa.id.configuration.auth.AuthenticatedUser, javax.servlet.http.HttpServletRequest)
- */
- @Override
- public List<String> validate(OAGeneralConfig general,
- AuthenticatedUser authUser, HttpServletRequest request) {
- List<String> errors = new ArrayList<String>();
-
- if (active && MiscUtil.isEmpty(eventCodes)) {
- errors.add(LanguageHelper.getErrorString(
- "error.oa.reversion.log.enabled"));
-
- }
-
- if (MiscUtil.isNotEmpty(eventCodes)) {
- String[] codes = eventCodes.split(",");
- for (String el: codes) {
- try {
- Integer.parseInt(el.trim());
-
- } catch (NumberFormatException e) {
- errors.add(LanguageHelper.getErrorString(
- "error.oa.reversion.log.eventcodes"));
- break;
-
- }
-
- }
-
- }
-
- return errors;
- }
-
- /**
- * @return the active
- */
- public boolean isActive() {
- return active;
- }
-
- /**
- * @param active the active to set
- */
- public void setActive(boolean active) {
- this.active = active;
- }
-
- /**
- * @return the eventCodes
- */
- public String getEventCodes() {
- return eventCodes;
- }
-
- /**
- * @param eventCodes the eventCodes to set
- */
- public void setEventCodes(String eventCodes) {
- this.eventCodes = eventCodes;
- }
-
-
+ private boolean active = false;
+ private String eventCodes = null;
+
+ /*
+ * (non-Javadoc)
+ *
+ * @see
+ * at.gv.egovernment.moa.id.configuration.data.oa.IOnlineApplicationData#getName
+ * ()
+ */
+ @Override
+ public String getName() {
+ return "OARevisionsLogging";
+ }
+
+ /*
+ * (non-Javadoc)
+ *
+ * @see
+ * at.gv.egovernment.moa.id.configuration.data.oa.IOnlineApplicationData#parse(
+ * at.gv.egovernment.moa.id.commons.db.dao.config.deprecated.OnlineApplication,
+ * at.gv.egovernment.moa.id.configuration.auth.AuthenticatedUser,
+ * javax.servlet.http.HttpServletRequest)
+ */
+ @Override
+ public List<String> parse(OnlineApplication dbOA,
+ AuthenticatedUser authUser, HttpServletRequest request) {
+
+ if (dbOA.getIsRevisionsLogActive() != null) {
+ active = dbOA.getIsRevisionsLogActive();
+ }
+
+ if (MiscUtil.isNotEmpty(dbOA.getEventCodes())) {
+ eventCodes = dbOA.getEventCodes();
+ }
+
+ return null;
+
+ }
+
+ /*
+ * (non-Javadoc)
+ *
+ * @see
+ * at.gv.egovernment.moa.id.configuration.data.oa.IOnlineApplicationData#store(
+ * at.gv.egovernment.moa.id.commons.db.dao.config.deprecated.OnlineApplication,
+ * at.gv.egovernment.moa.id.configuration.auth.AuthenticatedUser,
+ * javax.servlet.http.HttpServletRequest)
+ */
+ @Override
+ public String store(OnlineApplication dbOA, AuthenticatedUser authUser,
+ HttpServletRequest request) {
+
+ dbOA.setIsRevisionsLogActive(active);
+
+ if (MiscUtil.isNotEmpty(eventCodes)) {
+ dbOA.setEventCodes(KeyValueUtils.normalizeCSVValueString(eventCodes));
+
+ }
+
+ return null;
+ }
+
+ /*
+ * (non-Javadoc)
+ *
+ * @see at.gv.egovernment.moa.id.configuration.data.oa.IOnlineApplicationData#
+ * validate(at.gv.egovernment.moa.id.configuration.data.oa.OAGeneralConfig,
+ * at.gv.egovernment.moa.id.configuration.auth.AuthenticatedUser,
+ * javax.servlet.http.HttpServletRequest)
+ */
+ @Override
+ public List<String> validate(OAGeneralConfig general,
+ AuthenticatedUser authUser, HttpServletRequest request) {
+ final List<String> errors = new ArrayList<>();
+
+ if (active && MiscUtil.isEmpty(eventCodes)) {
+ errors.add(LanguageHelper.getErrorString(
+ "error.oa.reversion.log.enabled"));
+
+ }
+
+ if (MiscUtil.isNotEmpty(eventCodes)) {
+ final String[] codes = eventCodes.split(",");
+ for (final String el : codes) {
+ try {
+ Integer.parseInt(el.trim());
+
+ } catch (final NumberFormatException e) {
+ errors.add(LanguageHelper.getErrorString(
+ "error.oa.reversion.log.eventcodes"));
+ break;
+
+ }
+
+ }
+
+ }
+
+ return errors;
+ }
+
+ /**
+ * @return the active
+ */
+ public boolean isActive() {
+ return active;
+ }
+
+ /**
+ * @param active the active to set
+ */
+ public void setActive(boolean active) {
+ this.active = active;
+ }
+
+ /**
+ * @return the eventCodes
+ */
+ public String getEventCodes() {
+ return eventCodes;
+ }
+
+ /**
+ * @param eventCodes the eventCodes to set
+ */
+ public void setEventCodes(String eventCodes) {
+ this.eventCodes = eventCodes;
+ }
}
diff --git a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/data/oa/OASAML1Config.java b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/data/oa/OASAML1Config.java
index 2922231b3..f1ee853ae 100644
--- a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/data/oa/OASAML1Config.java
+++ b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/data/oa/OASAML1Config.java
@@ -33,178 +33,213 @@ import at.gv.egovernment.moa.id.commons.db.dao.config.deprecated.OnlineApplicati
import at.gv.egovernment.moa.id.configuration.auth.AuthenticatedUser;
import at.gv.egovernment.moa.id.configuration.validation.oa.OASAML1ConfigValidation;
-public class OASAML1Config implements IOnlineApplicationData{
-
- private Boolean isActive = false;
- private Boolean provideStammZahl = false;
- private Boolean provideAuthBlock = false;
- private Boolean provideIdentityLink = false;
- private Boolean provideCertificate = false;
- private Boolean provideFullMandateData = false;
- private Boolean useCondition = false;
- private Boolean provideAllErrors = true;
- private int conditionLength = -1;
-
-
- public OASAML1Config() {
- }
-
- /* (non-Javadoc)
- * @see at.gv.egovernment.moa.id.configuration.data.oa.IOnlineApplicationData#getName()
- */
- @Override
- public String getName() {
- return "OASAML1";
- }
-
- /* (non-Javadoc)
- * @see at.gv.egovernment.moa.id.configuration.data.oa.IOnlineApplicationData#parse(at.gv.egovernment.moa.id.commons.db.dao.config.OnlineApplication, javax.servlet.http.HttpServletRequest)
- */
- @Override
- public List<String> parse(OnlineApplication dbOA, AuthenticatedUser authUser, HttpServletRequest request) {
- AuthComponentOA authdata = dbOA.getAuthComponentOA();
- if (authdata != null) {
- OASAML1 saml1 = authdata.getOASAML1();
- if (saml1 != null) {
- provideAuthBlock = saml1.isProvideAUTHBlock();
- provideCertificate = saml1.isProvideCertificate();
- provideFullMandateData = saml1.isProvideFullMandatorData();
- provideIdentityLink = saml1.isProvideIdentityLink();
- provideStammZahl = saml1.isProvideStammzahl();
-
- if (saml1.isProvideAllErrors() != null)
- provideAllErrors = saml1.isProvideAllErrors();
-
- if (saml1.isUseCondition() != null)
- useCondition = saml1.isUseCondition();
-
- if (saml1.getConditionLength() != null)
- conditionLength = saml1.getConditionLength().intValue();
-
- if (saml1.isIsActive() != null)
- isActive = saml1.isIsActive();
- }
- }
- return null;
- }
-
- /* (non-Javadoc)
- * @see at.gv.egovernment.moa.id.configuration.data.oa.IOnlineApplicationData#validate(at.gv.egovernment.moa.id.configuration.data.oa.OAGeneralConfig, at.gv.egovernment.moa.id.configuration.auth.AuthenticatedUser, javax.servlet.http.HttpServletRequest)
- */
- @Override
- public List<String> validate(OAGeneralConfig general,
- AuthenticatedUser authUser, HttpServletRequest request) {
- return new OASAML1ConfigValidation().validate(this, general, request);
- }
-
- /* (non-Javadoc)
- * @see at.gv.egovernment.moa.id.configuration.data.oa.IOnlineApplicationData#store(at.gv.egovernment.moa.id.commons.db.dao.config.OnlineApplication, at.gv.egovernment.moa.id.configuration.auth.AuthenticatedUser, javax.servlet.http.HttpServletRequest)
- */
- @Override
- public String store(OnlineApplication dbOA, AuthenticatedUser authUser, HttpServletRequest request) {
- AuthComponentOA authoa = dbOA.getAuthComponentOA();
- if (authoa == null) {
- authoa = new AuthComponentOA();
- dbOA.setAuthComponentOA(authoa);
- }
-
- OASAML1 saml1 = authoa.getOASAML1();
- if (saml1 == null) {
- saml1 = new OASAML1();
- authoa.setOASAML1(saml1);
- saml1.setIsActive(false);
- }
-
- if (authUser.isAdmin()) {
- saml1.setIsActive(isActive());
- }
-
- if (saml1.isIsActive() != null && saml1.isIsActive()) {
- saml1.setProvideAUTHBlock(isProvideAuthBlock());
- saml1.setProvideCertificate(isProvideCertificate());
- saml1.setProvideFullMandatorData(isProvideFullMandateData());
- saml1.setProvideIdentityLink(isProvideIdentityLink());
- saml1.setProvideStammzahl(isProvideStammZahl());
- saml1.setUseCondition(isUseCondition());
- saml1.setProvideAllErrors(provideAllErrors);
- saml1.setConditionLength(BigInteger.valueOf(getConditionLength()));
- // TODO: set sourceID
- // saml1.setSourceID("");
- }
-
- return null;
- }
-
- public boolean isProvideStammZahl() {
- return provideStammZahl;
- }
- public void setProvideStammZahl(boolean provideStammZahl) {
- this.provideStammZahl = provideStammZahl;
- }
- public boolean isProvideAuthBlock() {
- return provideAuthBlock;
- }
- public void setProvideAuthBlock(boolean provideAuthBlock) {
- this.provideAuthBlock = provideAuthBlock;
- }
- public boolean isProvideIdentityLink() {
- return provideIdentityLink;
- }
- public void setProvideIdentityLink(boolean provideIdentityLink) {
- this.provideIdentityLink = provideIdentityLink;
- }
- public boolean isProvideCertificate() {
- return provideCertificate;
- }
- public void setProvideCertificate(boolean provideCertificate) {
- this.provideCertificate = provideCertificate;
- }
- public boolean isProvideFullMandateData() {
- return provideFullMandateData;
- }
- public void setProvideFullMandateData(boolean provideFullMandateData) {
- this.provideFullMandateData = provideFullMandateData;
- }
- public boolean isUseCondition() {
- return useCondition;
- }
- public void setUseCondition(boolean useCondition) {
- this.useCondition = useCondition;
- }
- public int getConditionLength() {
- return conditionLength;
- }
- public void setConditionLength(int conditionLength) {
- this.conditionLength = conditionLength;
- }
-
- /**
- * @return the isActive
- */
- public boolean isActive() {
- return isActive;
- }
-
- /**
- * @param isActive the isActive to set
- */
- public void setActive(boolean isActive) {
- this.isActive = isActive;
- }
-
- /**
- * @return the provideAllErrors
- */
- public Boolean getProvideAllErrors() {
- return provideAllErrors;
- }
-
- /**
- * @param provideAllErrors the provideAllErrors to set
- */
- public void setProvideAllErrors(Boolean provideAllErrors) {
- this.provideAllErrors = provideAllErrors;
- }
-
-
+public class OASAML1Config implements IOnlineApplicationData {
+
+ private Boolean isActive = false;
+ private Boolean provideStammZahl = false;
+ private Boolean provideAuthBlock = false;
+ private Boolean provideIdentityLink = false;
+ private Boolean provideCertificate = false;
+ private Boolean provideFullMandateData = false;
+ private Boolean useCondition = false;
+ private Boolean provideAllErrors = true;
+ private int conditionLength = -1;
+
+ public OASAML1Config() {
+ }
+
+ /*
+ * (non-Javadoc)
+ *
+ * @see
+ * at.gv.egovernment.moa.id.configuration.data.oa.IOnlineApplicationData#getName
+ * ()
+ */
+ @Override
+ public String getName() {
+ return "OASAML1";
+ }
+
+ /*
+ * (non-Javadoc)
+ *
+ * @see
+ * at.gv.egovernment.moa.id.configuration.data.oa.IOnlineApplicationData#parse(
+ * at.gv.egovernment.moa.id.commons.db.dao.config.OnlineApplication,
+ * javax.servlet.http.HttpServletRequest)
+ */
+ @Override
+ public List<String> parse(OnlineApplication dbOA, AuthenticatedUser authUser, HttpServletRequest request) {
+ final AuthComponentOA authdata = dbOA.getAuthComponentOA();
+ if (authdata != null) {
+ final OASAML1 saml1 = authdata.getOASAML1();
+ if (saml1 != null) {
+ provideAuthBlock = saml1.isProvideAUTHBlock();
+ provideCertificate = saml1.isProvideCertificate();
+ provideFullMandateData = saml1.isProvideFullMandatorData();
+ provideIdentityLink = saml1.isProvideIdentityLink();
+ provideStammZahl = saml1.isProvideStammzahl();
+
+ if (saml1.isProvideAllErrors() != null) {
+ provideAllErrors = saml1.isProvideAllErrors();
+ }
+
+ if (saml1.isUseCondition() != null) {
+ useCondition = saml1.isUseCondition();
+ }
+
+ if (saml1.getConditionLength() != null) {
+ conditionLength = saml1.getConditionLength().intValue();
+ }
+
+ if (saml1.isIsActive() != null) {
+ isActive = saml1.isIsActive();
+ }
+ }
+ }
+ return null;
+ }
+
+ /*
+ * (non-Javadoc)
+ *
+ * @see at.gv.egovernment.moa.id.configuration.data.oa.IOnlineApplicationData#
+ * validate(at.gv.egovernment.moa.id.configuration.data.oa.OAGeneralConfig,
+ * at.gv.egovernment.moa.id.configuration.auth.AuthenticatedUser,
+ * javax.servlet.http.HttpServletRequest)
+ */
+ @Override
+ public List<String> validate(OAGeneralConfig general,
+ AuthenticatedUser authUser, HttpServletRequest request) {
+ return new OASAML1ConfigValidation().validate(this, general, request);
+ }
+
+ /*
+ * (non-Javadoc)
+ *
+ * @see
+ * at.gv.egovernment.moa.id.configuration.data.oa.IOnlineApplicationData#store(
+ * at.gv.egovernment.moa.id.commons.db.dao.config.OnlineApplication,
+ * at.gv.egovernment.moa.id.configuration.auth.AuthenticatedUser,
+ * javax.servlet.http.HttpServletRequest)
+ */
+ @Override
+ public String store(OnlineApplication dbOA, AuthenticatedUser authUser, HttpServletRequest request) {
+ AuthComponentOA authoa = dbOA.getAuthComponentOA();
+ if (authoa == null) {
+ authoa = new AuthComponentOA();
+ dbOA.setAuthComponentOA(authoa);
+ }
+
+ OASAML1 saml1 = authoa.getOASAML1();
+ if (saml1 == null) {
+ saml1 = new OASAML1();
+ authoa.setOASAML1(saml1);
+ saml1.setIsActive(false);
+ }
+
+ if (authUser.isAdmin()) {
+ saml1.setIsActive(isActive());
+ }
+
+ if (saml1.isIsActive() != null && saml1.isIsActive()) {
+ saml1.setProvideAUTHBlock(isProvideAuthBlock());
+ saml1.setProvideCertificate(isProvideCertificate());
+ saml1.setProvideFullMandatorData(isProvideFullMandateData());
+ saml1.setProvideIdentityLink(isProvideIdentityLink());
+ saml1.setProvideStammzahl(isProvideStammZahl());
+ saml1.setUseCondition(isUseCondition());
+ saml1.setProvideAllErrors(provideAllErrors);
+ saml1.setConditionLength(BigInteger.valueOf(getConditionLength()));
+ // TODO: set sourceID
+ // saml1.setSourceID("");
+ }
+
+ return null;
+ }
+
+ public boolean isProvideStammZahl() {
+ return provideStammZahl;
+ }
+
+ public void setProvideStammZahl(boolean provideStammZahl) {
+ this.provideStammZahl = provideStammZahl;
+ }
+
+ public boolean isProvideAuthBlock() {
+ return provideAuthBlock;
+ }
+
+ public void setProvideAuthBlock(boolean provideAuthBlock) {
+ this.provideAuthBlock = provideAuthBlock;
+ }
+
+ public boolean isProvideIdentityLink() {
+ return provideIdentityLink;
+ }
+
+ public void setProvideIdentityLink(boolean provideIdentityLink) {
+ this.provideIdentityLink = provideIdentityLink;
+ }
+
+ public boolean isProvideCertificate() {
+ return provideCertificate;
+ }
+
+ public void setProvideCertificate(boolean provideCertificate) {
+ this.provideCertificate = provideCertificate;
+ }
+
+ public boolean isProvideFullMandateData() {
+ return provideFullMandateData;
+ }
+
+ public void setProvideFullMandateData(boolean provideFullMandateData) {
+ this.provideFullMandateData = provideFullMandateData;
+ }
+
+ public boolean isUseCondition() {
+ return useCondition;
+ }
+
+ public void setUseCondition(boolean useCondition) {
+ this.useCondition = useCondition;
+ }
+
+ public int getConditionLength() {
+ return conditionLength;
+ }
+
+ public void setConditionLength(int conditionLength) {
+ this.conditionLength = conditionLength;
+ }
+
+ /**
+ * @return the isActive
+ */
+ public boolean isActive() {
+ return isActive;
+ }
+
+ /**
+ * @param isActive the isActive to set
+ */
+ public void setActive(boolean isActive) {
+ this.isActive = isActive;
+ }
+
+ /**
+ * @return the provideAllErrors
+ */
+ public Boolean getProvideAllErrors() {
+ return provideAllErrors;
+ }
+
+ /**
+ * @param provideAllErrors the provideAllErrors to set
+ */
+ public void setProvideAllErrors(Boolean provideAllErrors) {
+ this.provideAllErrors = provideAllErrors;
+ }
+
}
diff --git a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/data/oa/OASSOConfig.java b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/data/oa/OASSOConfig.java
index 1baefe4b8..ed0f1c278 100644
--- a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/data/oa/OASSOConfig.java
+++ b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/data/oa/OASSOConfig.java
@@ -32,88 +32,104 @@ import at.gv.egovernment.moa.id.commons.db.dao.config.deprecated.OnlineApplicati
import at.gv.egovernment.moa.id.configuration.auth.AuthenticatedUser;
import at.gv.egovernment.moa.id.configuration.validation.oa.OASSOConfigValidation;
-public class OASSOConfig implements IOnlineApplicationData{
-
- private boolean useSSO = false;
- private boolean showAuthDataFrame = true;
- private String singleLogOutURL = null;
-
- public OASSOConfig() {
-
- }
-
- /* (non-Javadoc)
- * @see at.gv.egovernment.moa.id.configuration.data.oa.IOnlineApplicationData#getName()
- */
- @Override
- public String getName() {
- return "OASingleSignOn";
- }
-
- public List<String> parse(OnlineApplication dbOAConfig, AuthenticatedUser authUser, HttpServletRequest request) {
- AuthComponentOA authdata = dbOAConfig.getAuthComponentOA();
- if (authdata != null) {
- OASSO ssoconfig = authdata.getOASSO();
- if(ssoconfig != null) {
- useSSO = ssoconfig.isUseSSO();
- showAuthDataFrame = ssoconfig.isAuthDataFrame();
- singleLogOutURL = ssoconfig.getSingleLogOutURL();
- }
- }
-
- return null;
- }
-
-
- /* (non-Javadoc)
- * @see at.gv.egovernment.moa.id.configuration.data.oa.IOnlineApplicationData#validate(at.gv.egovernment.moa.id.configuration.data.oa.OAGeneralConfig, javax.servlet.http.HttpServletRequest)
- */
- @Override
- public List<String> validate(OAGeneralConfig general, AuthenticatedUser authUser,
- HttpServletRequest request) {
- return new OASSOConfigValidation().validate(this, authUser.isAdmin(), request);
- }
-
- public String store(OnlineApplication dboa, AuthenticatedUser authUser, HttpServletRequest request) {
-
- AuthComponentOA authoa = dboa.getAuthComponentOA();
- if (authoa == null) {
- authoa = new AuthComponentOA();
- dboa.setAuthComponentOA(authoa);
- }
-
- OASSO sso = authoa.getOASSO();
- if (sso == null) {
- sso = new OASSO();
- authoa.setOASSO(sso);
- sso.setAuthDataFrame(true);
- }
- sso.setUseSSO(this.useSSO);
-
- if (authUser.isAdmin())
- sso.setAuthDataFrame(this.showAuthDataFrame);
-
- sso.setSingleLogOutURL(this.singleLogOutURL);
-
- return null;
- }
-
- public boolean isUseSSO() {
- return useSSO;
- }
- public void setUseSSO(boolean useSSO) {
- this.useSSO = useSSO;
- }
- public boolean isShowAuthDataFrame() {
- return showAuthDataFrame;
- }
- public void setShowAuthDataFrame(boolean showAuthDataFrame) {
- this.showAuthDataFrame = showAuthDataFrame;
- }
- public String getSingleLogOutURL() {
- return singleLogOutURL;
- }
- public void setSingleLogOutURL(String singleLogOutURL) {
- this.singleLogOutURL = singleLogOutURL;
- }
+public class OASSOConfig implements IOnlineApplicationData {
+
+ private boolean useSSO = false;
+ private boolean showAuthDataFrame = true;
+ private String singleLogOutURL = null;
+
+ public OASSOConfig() {
+
+ }
+
+ /*
+ * (non-Javadoc)
+ *
+ * @see
+ * at.gv.egovernment.moa.id.configuration.data.oa.IOnlineApplicationData#getName
+ * ()
+ */
+ @Override
+ public String getName() {
+ return "OASingleSignOn";
+ }
+
+ @Override
+ public List<String> parse(OnlineApplication dbOAConfig, AuthenticatedUser authUser,
+ HttpServletRequest request) {
+ final AuthComponentOA authdata = dbOAConfig.getAuthComponentOA();
+ if (authdata != null) {
+ final OASSO ssoconfig = authdata.getOASSO();
+ if (ssoconfig != null) {
+ useSSO = ssoconfig.isUseSSO();
+ showAuthDataFrame = ssoconfig.isAuthDataFrame();
+ singleLogOutURL = ssoconfig.getSingleLogOutURL();
+ }
+ }
+
+ return null;
+ }
+
+ /*
+ * (non-Javadoc)
+ *
+ * @see at.gv.egovernment.moa.id.configuration.data.oa.IOnlineApplicationData#
+ * validate(at.gv.egovernment.moa.id.configuration.data.oa.OAGeneralConfig,
+ * javax.servlet.http.HttpServletRequest)
+ */
+ @Override
+ public List<String> validate(OAGeneralConfig general, AuthenticatedUser authUser,
+ HttpServletRequest request) {
+ return new OASSOConfigValidation().validate(this, authUser.isAdmin(), request);
+ }
+
+ @Override
+ public String store(OnlineApplication dboa, AuthenticatedUser authUser, HttpServletRequest request) {
+
+ AuthComponentOA authoa = dboa.getAuthComponentOA();
+ if (authoa == null) {
+ authoa = new AuthComponentOA();
+ dboa.setAuthComponentOA(authoa);
+ }
+
+ OASSO sso = authoa.getOASSO();
+ if (sso == null) {
+ sso = new OASSO();
+ authoa.setOASSO(sso);
+ sso.setAuthDataFrame(true);
+ }
+ sso.setUseSSO(this.useSSO);
+
+ if (authUser.isAdmin()) {
+ sso.setAuthDataFrame(this.showAuthDataFrame);
+ }
+
+ sso.setSingleLogOutURL(this.singleLogOutURL);
+
+ return null;
+ }
+
+ public boolean isUseSSO() {
+ return useSSO;
+ }
+
+ public void setUseSSO(boolean useSSO) {
+ this.useSSO = useSSO;
+ }
+
+ public boolean isShowAuthDataFrame() {
+ return showAuthDataFrame;
+ }
+
+ public void setShowAuthDataFrame(boolean showAuthDataFrame) {
+ this.showAuthDataFrame = showAuthDataFrame;
+ }
+
+ public String getSingleLogOutURL() {
+ return singleLogOutURL;
+ }
+
+ public void setSingleLogOutURL(String singleLogOutURL) {
+ this.singleLogOutURL = singleLogOutURL;
+ }
}
diff --git a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/data/oa/OASTORKConfig.java b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/data/oa/OASTORKConfig.java
index fb096a2a0..82ef9d1d1 100644
--- a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/data/oa/OASTORKConfig.java
+++ b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/data/oa/OASTORKConfig.java
@@ -27,8 +27,6 @@ import java.util.List;
import javax.servlet.http.HttpServletRequest;
-import org.apache.log4j.Logger;
-
import at.gv.egovernment.moa.id.commons.MOAIDConstants;
import at.gv.egovernment.moa.id.commons.db.dao.config.deprecated.AttributeProviderPlugin;
import at.gv.egovernment.moa.id.commons.db.dao.config.deprecated.AuthComponentOA;
@@ -44,306 +42,331 @@ import at.gv.egovernment.moa.id.configuration.config.ConfigurationProvider;
import at.gv.egovernment.moa.id.configuration.validation.oa.OASTORKConfigValidation;
import at.gv.egovernment.moa.util.MiscUtil;
//import at.gv.egovernment.moa.id.protocols.stork2.AttributeProviderFactory;
+import lombok.extern.slf4j.Slf4j;
+
+@Slf4j
+public class OASTORKConfig implements IOnlineApplicationData {
+
+ private boolean isStorkLogonEnabled = false;
+ private String qaa;
+
+ private List<AttributeHelper> attributes = null;
+
+ /*
+ * VIDP settings below
+ */
+ private boolean vidpEnabled = false;
+ private List<AttributeProviderPlugin> attributeProviderPlugins = new ArrayList<>();
+ private boolean requireConsent = false;
+ private final List<String> citizenCountries;
+ private List<String> enabledCitizenCountries;
+
+ private MOAIDConfiguration dbconfig = null;
+
+ public OASTORKConfig() {
+ // fetch available citizen countries
+ citizenCountries = new ArrayList<>();
+ try {
+ dbconfig = ConfigurationProvider.getInstance().getDbRead().getMOAIDConfiguration();
+
+ for (final CPEPS current : dbconfig.getAuthComponentGeneral().getForeignIdentities().getSTORK()
+ .getCPEPS()) {
+ citizenCountries.add(current.getCountryCode());
+ }
+
+ } catch (final NullPointerException e) {
+
+ } catch (final ConfigurationException e) {
+ log.error("MOA-ID-Configuration initialization FAILED.", e);
+
+ }
+
+ }
+
+ /*
+ * (non-Javadoc)
+ *
+ * @see
+ * at.gv.egovernment.moa.id.configuration.data.oa.IOnlineApplicationData#getName
+ * ()
+ */
+ @Override
+ public String getName() {
+ return "OASTORK2";
+ }
+
+ /**
+ * Parses the OA config for stork entities.
+ *
+ * @param dbOAConfig the db oa config
+ */
+ @Override
+ public List<String> parse(OnlineApplication dbOAConfig, AuthenticatedUser authUser,
+ HttpServletRequest request) {
+ final AuthComponentOA authdata = dbOAConfig.getAuthComponentOA();
+ if (authdata != null) {
+ final OASTORK config = authdata.getOASTORK();
+ if (config != null) {
+ setStorkLogonEnabled(config.isStorkLogonEnabled());
+
+ try {
+ setQaa(config.geteIDAS_LOA());
+ } catch (final NullPointerException e) {
+ // if there is no configuration available for the OA, get the default qaa level
+ try {
+ setQaa(dbconfig.getAuthComponentGeneral().getForeignIdentities().getSTORK()
+ .getGeneral_eIDAS_LOA());
+
+ } catch (final NullPointerException e1) {
+ setQaa(MOAIDConstants.eIDAS_LOA_HIGH);
+
+ }
+ }
+
+ enabledCitizenCountries = new ArrayList<>();
+ if (config.getCPEPS() != null) {
+ for (final CPEPS current : config.getCPEPS()) {
+ enabledCitizenCountries.add(current.getCountryCode());
+ }
+ }
-public class OASTORKConfig implements IOnlineApplicationData{
-
- private static final Logger log = Logger.getLogger(OASTORKConfig.class);
-
- private boolean isStorkLogonEnabled = false;
- private String qaa;
-
- private List<AttributeHelper> attributes = null;
-
- /*
- * VIDP settings below
- */
- private boolean vidpEnabled = false;
- private List<AttributeProviderPlugin> attributeProviderPlugins = new ArrayList<AttributeProviderPlugin>();
- private boolean requireConsent = false;
- private List<String> citizenCountries;
- private List<String> enabledCitizenCountries;
-
- private MOAIDConfiguration dbconfig = null;
-
- public OASTORKConfig() {
- // fetch available citizen countries
- citizenCountries = new ArrayList<String>();
- try {
- dbconfig = ConfigurationProvider.getInstance().getDbRead().getMOAIDConfiguration();
-
-
- for(CPEPS current : dbconfig.getAuthComponentGeneral().getForeignIdentities().getSTORK().getCPEPS()) {
- citizenCountries.add(current.getCountryCode());
- }
-
- }catch (NullPointerException e) {
-
- } catch (ConfigurationException e) {
- log.error("MOA-ID-Configuration initialization FAILED.", e);
-
- }
-
- }
-
-
- /* (non-Javadoc)
- * @see at.gv.egovernment.moa.id.configuration.data.oa.IOnlineApplicationData#getName()
- */
- @Override
- public String getName() {
- return "OASTORK2";
- }
-
- /**
- * Parses the OA config for stork entities.
- *
- * @param dbOAConfig
- * the db oa config
- */
- public List<String> parse(OnlineApplication dbOAConfig, AuthenticatedUser authUser, HttpServletRequest request) {
- AuthComponentOA authdata = dbOAConfig.getAuthComponentOA();
- if (authdata != null) {
- OASTORK config = authdata.getOASTORK();
- if(config != null) {
- setStorkLogonEnabled(config.isStorkLogonEnabled());
-
- try {
- setQaa(config.geteIDAS_LOA());
- } catch(NullPointerException e) {
- // if there is no configuration available for the OA, get the default qaa level
- try {
- setQaa(dbconfig.getAuthComponentGeneral().getForeignIdentities().getSTORK().getGeneral_eIDAS_LOA());
-
- } catch (NullPointerException e1) {
- setQaa(MOAIDConstants.eIDAS_LOA_HIGH);
-
- }
- }
-
-
- enabledCitizenCountries = new ArrayList<String>();
- if (config.getCPEPS() != null) {
- for(CPEPS current : config.getCPEPS())
- enabledCitizenCountries.add(current.getCountryCode());
- }
-
- // prepare attribute helper list
- attributes = new ArrayList<AttributeHelper>();
- try {
- try {
- for(StorkAttribute current : dbconfig.getAuthComponentGeneral().getForeignIdentities().getSTORK().getAttributes()) {
- AttributeHelper tmp = null;
-
- if (config.getOAAttributes() != null) {
- for(OAStorkAttribute sepp : config.getOAAttributes())
- if(sepp.getName() != null && sepp.getName().equals(current.getName()))
- tmp = new AttributeHelper(sepp);
- }
-
- if(null == tmp)
- tmp = new AttributeHelper(current);
-
- attributes.add(tmp);
- }
-
- } catch (NullPointerException ex) {
-
- }
-
- // fetch vidp config
- if (config.isVidpEnabled() != null)
- setVidpEnabled(config.isVidpEnabled());
- else
- setVidpEnabled(false);
-
- if (config.isRequireConsent() != null)
- setRequireConsent(config.isRequireConsent());
- else
- setRequireConsent(false);
-
- attributeProviderPlugins = config.getAttributeProviders();
- // - if no attribute providers are configured, add a dummy
- // TODO this is a dirty hack since we have to have one entry to
- // clone from in the web form. Happens when time is short.
- // Sorry.
- if (attributeProviderPlugins == null || attributeProviderPlugins.isEmpty())
- attributeProviderPlugins.add(new AttributeProviderPlugin());
- } catch (NullPointerException ex) {
- log.error("Nullpointerexception encountered in Configurationinterface", ex);
+ // prepare attribute helper list
+ attributes = new ArrayList<>();
+ try {
+ try {
+ for (final StorkAttribute current : dbconfig.getAuthComponentGeneral().getForeignIdentities()
+ .getSTORK().getAttributes()) {
+ AttributeHelper tmp = null;
+
+ if (config.getOAAttributes() != null) {
+ for (final OAStorkAttribute sepp : config.getOAAttributes()) {
+ if (sepp.getName() != null && sepp.getName().equals(current.getName())) {
+ tmp = new AttributeHelper(sepp);
+ }
}
- }
- }
-
- return null;
- }
-
-
- /* (non-Javadoc)
- * @see at.gv.egovernment.moa.id.configuration.data.oa.IOnlineApplicationData#validate(at.gv.egovernment.moa.id.configuration.data.oa.OAGeneralConfig, javax.servlet.http.HttpServletRequest)
- */
- @Override
- public List<String> validate(OAGeneralConfig general, AuthenticatedUser authUser,
- HttpServletRequest request) {
- return new OASTORKConfigValidation().validate(this, request);
- }
-
- /* (non-Javadoc)
- * @see at.gv.egovernment.moa.id.configuration.data.oa.IOnlineApplicationData#store(at.gv.egovernment.moa.id.commons.db.dao.config.OnlineApplication, at.gv.egovernment.moa.id.configuration.auth.AuthenticatedUser, javax.servlet.http.HttpServletRequest)
- */
- @Override
- public String store(OnlineApplication dbOA, AuthenticatedUser authUser,
- HttpServletRequest request) {
- AuthComponentOA authoa = dbOA.getAuthComponentOA();
- if (authoa == null) {
- authoa = new AuthComponentOA();
- dbOA.setAuthComponentOA(authoa);
+ }
+
+ if (null == tmp) {
+ tmp = new AttributeHelper(current);
+ }
+
+ attributes.add(tmp);
+ }
+
+ } catch (final NullPointerException ex) {
+
+ }
+
+ // fetch vidp config
+ if (config.isVidpEnabled() != null) {
+ setVidpEnabled(config.isVidpEnabled());
+ } else {
+ setVidpEnabled(false);
+ }
+
+ if (config.isRequireConsent() != null) {
+ setRequireConsent(config.isRequireConsent());
+ } else {
+ setRequireConsent(false);
+ }
+
+ attributeProviderPlugins = config.getAttributeProviders();
+ // - if no attribute providers are configured, add a dummy
+ // TODO this is a dirty hack since we have to have one entry to
+ // clone from in the web form. Happens when time is short.
+ // Sorry.
+ if (attributeProviderPlugins == null || attributeProviderPlugins.isEmpty()) {
+ attributeProviderPlugins.add(new AttributeProviderPlugin());
+ }
+ } catch (final NullPointerException ex) {
+ log.error("Nullpointerexception encountered in Configurationinterface", ex);
}
-
- // fetch stork configuration from database model
- OASTORK stork = authoa.getOASTORK();
- if (stork == null) {
- // if there is none, create a new one with default values.
- stork = new OASTORK();
- authoa.setOASTORK(stork);
- stork.setStorkLogonEnabled(false);
+ }
+ }
+
+ return null;
+ }
+
+ /*
+ * (non-Javadoc)
+ *
+ * @see at.gv.egovernment.moa.id.configuration.data.oa.IOnlineApplicationData#
+ * validate(at.gv.egovernment.moa.id.configuration.data.oa.OAGeneralConfig,
+ * javax.servlet.http.HttpServletRequest)
+ */
+ @Override
+ public List<String> validate(OAGeneralConfig general, AuthenticatedUser authUser,
+ HttpServletRequest request) {
+ return new OASTORKConfigValidation().validate(this, request);
+ }
+
+ /*
+ * (non-Javadoc)
+ *
+ * @see
+ * at.gv.egovernment.moa.id.configuration.data.oa.IOnlineApplicationData#store(
+ * at.gv.egovernment.moa.id.commons.db.dao.config.OnlineApplication,
+ * at.gv.egovernment.moa.id.configuration.auth.AuthenticatedUser,
+ * javax.servlet.http.HttpServletRequest)
+ */
+ @Override
+ public String store(OnlineApplication dbOA, AuthenticatedUser authUser,
+ HttpServletRequest request) {
+ AuthComponentOA authoa = dbOA.getAuthComponentOA();
+ if (authoa == null) {
+ authoa = new AuthComponentOA();
+ dbOA.setAuthComponentOA(authoa);
+ }
+
+ // fetch stork configuration from database model
+ OASTORK stork = authoa.getOASTORK();
+ if (stork == null) {
+ // if there is none, create a new one with default values.
+ stork = new OASTORK();
+ authoa.setOASTORK(stork);
+ stork.setStorkLogonEnabled(false);
+ }
+ // transfer the incoming data to the database model
+ stork.setStorkLogonEnabled(isStorkLogonEnabled());
+ stork.seteIDAS_LOA(getQaa());
+ stork.setOAAttributes(getAttributes());
+ stork.setVidpEnabled(isVidpEnabled());
+ stork.setRequireConsent(isRequireConsent());
+ stork.setAttributeProviders(getAttributeProviderPlugins());
+ stork.setCPEPS(getEnabledCPEPS());
+
+ return null;
+
+ }
+
+ public boolean isStorkLogonEnabled() {
+ return isStorkLogonEnabled;
+ }
+
+ public void setStorkLogonEnabled(boolean enabled) {
+ this.isStorkLogonEnabled = enabled;
+ }
+
+ public String getQaa() {
+ return qaa;
+ }
+
+ public void setQaa(String qaa) {
+ this.qaa = qaa;
+ }
+
+ public List<OAStorkAttribute> getAttributes() {
+ final List<OAStorkAttribute> result = new ArrayList<>();
+
+ if (null == getHelperAttributes()) {
+ return result;
+ }
+
+ for (final AttributeHelper current : getHelperAttributes()) {
+ List<StorkAttribute> generalConfStorkAttr = null;
+ try {
+ generalConfStorkAttr = dbconfig.getAuthComponentGeneral().getForeignIdentities().getSTORK()
+ .getAttributes();
+
+ } catch (final NullPointerException e) {
+ log.trace("No STORK attributes in 'General Configuration'");
+
+ }
+
+ if (generalConfStorkAttr != null) {
+ for (final StorkAttribute currentAttribute : generalConfStorkAttr) {
+ if (MiscUtil.isNotEmpty(currentAttribute.getName()) &&
+ currentAttribute.getName().equals(current.getName())) {
+ if (current.isUsed() || currentAttribute.isMandatory()) {
+ final OAStorkAttribute tmp = new OAStorkAttribute();
+ tmp.setName(current.getName());
+ tmp.setMandatory(current.isMandatory());
+ result.add(tmp);
+
+ }
+ break;
+ }
}
- // transfer the incoming data to the database model
- stork.setStorkLogonEnabled(isStorkLogonEnabled());
- stork.seteIDAS_LOA(getQaa());
- stork.setOAAttributes(getAttributes());
- stork.setVidpEnabled(isVidpEnabled());
- stork.setRequireConsent(isRequireConsent());
- stork.setAttributeProviders(getAttributeProviderPlugins());
- stork.setCPEPS(getEnabledCPEPS());
-
- return null;
-
- }
-
- public boolean isStorkLogonEnabled() {
- return isStorkLogonEnabled;
- }
-
- public void setStorkLogonEnabled(boolean enabled) {
- this.isStorkLogonEnabled = enabled;
- }
-
- public String getQaa() {
- return qaa;
- }
-
- public void setQaa(String qaa) {
- this.qaa = qaa;
- }
-
- public List<OAStorkAttribute> getAttributes() {
- List<OAStorkAttribute> result = new ArrayList<OAStorkAttribute>();
-
- if(null == getHelperAttributes())
- return result;
-
- for(AttributeHelper current : getHelperAttributes()) {
- List<StorkAttribute> generalConfStorkAttr = null;
- try {
- generalConfStorkAttr = dbconfig.getAuthComponentGeneral().getForeignIdentities().getSTORK().getAttributes();
-
- } catch (NullPointerException e) {
- log.trace("No STORK attributes in 'General Configuration'");
-
- }
-
- if (generalConfStorkAttr != null) {
- for(StorkAttribute currentAttribute : generalConfStorkAttr)
- if(MiscUtil.isNotEmpty(currentAttribute.getName()) &&
- currentAttribute.getName().equals(current.getName())) {
- if(current.isUsed() || currentAttribute.isMandatory()) {
- OAStorkAttribute tmp = new OAStorkAttribute();
- tmp.setName(current.getName());
- tmp.setMandatory(current.isMandatory());
- result.add(tmp);
-
- }
- break;
- }
- }
- }
-
- return result;
- }
-
- public List<AttributeHelper> getHelperAttributes() {
- return attributes;
- }
-
- public void setHelperAttributes(List<AttributeHelper> attributes) {
- this.attributes = attributes;
- }
-
- public List<String> getAvailableCitizenCountries() {
- return citizenCountries;
- }
-
-
- public List<String> getAllowedLoALevels() {
- return MOAIDConstants.ALLOWED_eIDAS_LOA;
- }
-
- public List<String> getEnabledCitizenCountries() {
- return enabledCitizenCountries;
- }
-
- public void setEnabledCitizenCountries(List<String> update) {
- enabledCitizenCountries = update;
- }
-
- public List<CPEPS> getEnabledCPEPS() {
- if (enabledCitizenCountries != null) {
- List<CPEPS> result = new ArrayList<CPEPS>();
-
- try {
- for(CPEPS current : dbconfig.getAuthComponentGeneral().getForeignIdentities().getSTORK().getCPEPS()) {
- if(enabledCitizenCountries.contains(current.getCountryCode()))
- result.add(current);
- }
-
- } catch (NullPointerException e){
-
- }
- return result;
- }
-
- return null;
-
- }
-
- public List<String> getAvailableAttributeProviderPlugins() {
- //TODO: remove in final version
-
- return new ArrayList<String>();
- //return AttributeProviderFactory.getAvailablePlugins();
- }
-
- public List<AttributeProviderPlugin> getAttributeProviderPlugins() {
- return attributeProviderPlugins;
- }
-
- public void setAttributeProviderPlugins(List<AttributeProviderPlugin> update) {
- attributeProviderPlugins = update;
- }
-
- public boolean isVidpEnabled() {
- return vidpEnabled;
- }
-
- public void setVidpEnabled(boolean update) {
- vidpEnabled = update;
- }
-
- public boolean isRequireConsent() {
- return requireConsent;
- }
-
- public void setRequireConsent(boolean update) {
- requireConsent = update;
- }
+ }
+ }
+
+ return result;
+ }
+
+ public List<AttributeHelper> getHelperAttributes() {
+ return attributes;
+ }
+
+ public void setHelperAttributes(List<AttributeHelper> attributes) {
+ this.attributes = attributes;
+ }
+
+ public List<String> getAvailableCitizenCountries() {
+ return citizenCountries;
+ }
+
+ public List<String> getAllowedLoALevels() {
+ return MOAIDConstants.ALLOWED_eIDAS_LOA;
+ }
+
+ public List<String> getEnabledCitizenCountries() {
+ return enabledCitizenCountries;
+ }
+
+ public void setEnabledCitizenCountries(List<String> update) {
+ enabledCitizenCountries = update;
+ }
+
+ public List<CPEPS> getEnabledCPEPS() {
+ if (enabledCitizenCountries != null) {
+ final List<CPEPS> result = new ArrayList<>();
+
+ try {
+ for (final CPEPS current : dbconfig.getAuthComponentGeneral().getForeignIdentities().getSTORK()
+ .getCPEPS()) {
+ if (enabledCitizenCountries.contains(current.getCountryCode())) {
+ result.add(current);
+ }
+ }
+
+ } catch (final NullPointerException e) {
+
+ }
+ return result;
+ }
+
+ return null;
+
+ }
+
+ public List<String> getAvailableAttributeProviderPlugins() {
+ // TODO: remove in final version
+
+ return new ArrayList<>();
+ // return AttributeProviderFactory.getAvailablePlugins();
+ }
+
+ public List<AttributeProviderPlugin> getAttributeProviderPlugins() {
+ return attributeProviderPlugins;
+ }
+
+ public void setAttributeProviderPlugins(List<AttributeProviderPlugin> update) {
+ attributeProviderPlugins = update;
+ }
+
+ public boolean isVidpEnabled() {
+ return vidpEnabled;
+ }
+
+ public void setVidpEnabled(boolean update) {
+ vidpEnabled = update;
+ }
+
+ public boolean isRequireConsent() {
+ return requireConsent;
+ }
+
+ public void setRequireConsent(boolean update) {
+ requireConsent = update;
+ }
}
diff --git a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/data/oa/OATargetConfiguration.java b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/data/oa/OATargetConfiguration.java
index 84516c73f..be1b937f0 100644
--- a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/data/oa/OATargetConfiguration.java
+++ b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/data/oa/OATargetConfiguration.java
@@ -43,464 +43,473 @@ import at.gv.egovernment.moa.util.MiscUtil;
*/
public class OATargetConfiguration implements IOnlineApplicationData {
- private boolean deaktivededBusinessService = false;
-
- private boolean subTargetSet = false;
-
- private String target = null;
- private String target_subsector = null;
- private String target_admin = null;
- private static List<String> targetList = null;
- private String targetFriendlyName = null;
- private boolean isAdminTarget = false;
-
- private String identificationNumber = null;
- private String identificationType = null;
- private static List<String> identificationTypeList = null;
-
- private String foreignbPKTargets = null;
- private String additionalbPKTargets = null;
- private boolean eidDemoActive = false;
+ private boolean deaktivededBusinessService = false;
+
+ private boolean subTargetSet = false;
+
+ private String target = null;
+ private String target_subsector = null;
+ private String target_admin = null;
+ private static List<String> targetList = null;
+ private String targetFriendlyName = null;
+ private boolean isAdminTarget = false;
+
+ private String identificationNumber = null;
+ private String identificationType = null;
+ private static List<String> identificationTypeList = null;
+
+ private String foreignbPKTargets = null;
+ private String additionalbPKTargets = null;
+ private boolean eidDemoActive = false;
private boolean eidProxyActive = false;
-
- public OATargetConfiguration() {
- targetList = TargetValidator.getListOfTargets();
- target = "";
-
- identificationTypeList = Arrays.asList(
- Constants.IDENIFICATIONTYPE_FN,
- Constants.IDENIFICATIONTYPE_ZVR,
- Constants.IDENIFICATIONTYPE_ERSB,
- Constants.IDENIFICATIONTYPE_STORK,
- Constants.IDENIFICATIONTYPE_EIDAS);
- }
-
-
- /* (non-Javadoc)
- * @see at.gv.egovernment.moa.id.configuration.data.oa.IOnlineApplicationData#getName()
- */
- @Override
- public String getName() {
- return "OATargetConfig";
- }
-
- /* (non-Javadoc)
- * @see at.gv.egovernment.moa.id.configuration.data.oa.IOnlineApplicationData#parse(at.gv.egovernment.moa.id.commons.db.dao.config.OnlineApplication, at.gv.egovernment.moa.id.configuration.auth.AuthenticatedUser, javax.servlet.http.HttpServletRequest)
- */
- @Override
- public List<String> parse(OnlineApplication dbOA,
- AuthenticatedUser authUser, HttpServletRequest request) {
- String target_full = dbOA.getTarget();
- if (MiscUtil.isNotEmpty(target_full)) {
- if (TargetValidator.isValidTarget(target_full)) {
- target = target_full;
-
- } else {
- String[] target_split = target_full.split("-");
-
- if (TargetValidator.isValidTarget(target_split[0])) {
- target = target_split[0];
- if (target_split.length > 1) {
- target_subsector = target_split[1];
- subTargetSet = true;
- }
-
- } else {
- target = "";
- target_subsector = null;
- target_admin = target_full;
- isAdminTarget = true;
- }
- }
- targetFriendlyName = dbOA.getTargetFriendlyName();
- }
-
- AuthComponentOA oaauth = dbOA.getAuthComponentOA();
- if (oaauth != null) {
-
- IdentificationNumber idnumber = oaauth.getIdentificationNumber();
- if (idnumber != null) {
- String number = idnumber.getValue();
- if (MiscUtil.isNotEmpty(number)) {
- String[] split = number.split("\\+");
-
- if (Constants.PREFIX_WPBK.startsWith(split[0]) && split.length >= 2) {
- identificationType = split[1];
- identificationNumber = split[2];
-
- } else if (Constants.PREFIX_EIDAS.startsWith(split[0]) && split.length >= 2) {
- //identificationType = split[1]; // setting at as iden category ?
- identificationType = Constants.IDENIFICATIONTYPE_EIDAS;
- identificationNumber = split[1] + "+" + split[2]; // setting sp country as ident type -> sp ident
-
- } else if (Constants.PREFIX_STORK.startsWith(split[0]) && split.length >= 2) {
- //identificationType = split[1]; // setting at as iden category ?
- identificationType = Constants.IDENIFICATIONTYPE_STORK;
- identificationNumber = split[2]; // setting sp country as ident type -> sp ident
- }
- }
-
- if (authUser.isOnlyBusinessService()) {
- deaktivededBusinessService = authUser.isOnlyBusinessService();
-
- identificationType = authUser.getBusinessServiceType();
- identificationNumber = authUser.getBusinessServiceNumber();
-
- }
-
- }
- }
-
-
- //parse foreign bPK sector list
- if (dbOA.getForeignbPKTargetList() != null) {
- if (KeyValueUtils.isCSVValueString(dbOA.getForeignbPKTargetList()))
- foreignbPKTargets = KeyValueUtils.normalizeCSVValueString(dbOA.getForeignbPKTargetList());
-
- else {
- if (dbOA.getForeignbPKTargetList().contains(KeyValueUtils.CSV_DELIMITER)) {
- //remove trailing comma if exist
- foreignbPKTargets = dbOA.getForeignbPKTargetList().substring(0,
- dbOA.getForeignbPKTargetList().indexOf(KeyValueUtils.CSV_DELIMITER));
-
- } else
- foreignbPKTargets = dbOA.getForeignbPKTargetList();
-
- }
- }
-
- //parse additional bPK sector list
- if (dbOA.getAdditionalbPKTargetList() != null) {
- if (KeyValueUtils.isCSVValueString(dbOA.getAdditionalbPKTargetList()))
- additionalbPKTargets = KeyValueUtils.normalizeCSVValueString(dbOA.getAdditionalbPKTargetList());
-
- else {
- if (dbOA.getAdditionalbPKTargetList().contains(KeyValueUtils.CSV_DELIMITER)) {
- //remove trailing comma if exist
- additionalbPKTargets = dbOA.getAdditionalbPKTargetList().substring(0,
- dbOA.getAdditionalbPKTargetList().indexOf(KeyValueUtils.CSV_DELIMITER));
-
- } else
- additionalbPKTargets = dbOA.getAdditionalbPKTargetList();
-
- }
- }
-
- //parse 'Austrian eID mode' flag
- eidDemoActive = dbOA.getIseIDDemoModeActive();
- eidProxyActive = dbOA.getIseIDProxyModeActive();
-
- return null;
- }
-
- /* (non-Javadoc)
- * @see at.gv.egovernment.moa.id.configuration.data.oa.IOnlineApplicationData#store(at.gv.egovernment.moa.id.commons.db.dao.config.OnlineApplication, at.gv.egovernment.moa.id.configuration.auth.AuthenticatedUser, javax.servlet.http.HttpServletRequest)
- */
- @Override
- public String store(OnlineApplication dbOA, AuthenticatedUser authUser,
- HttpServletRequest request) {
-
- AuthComponentOA authoa = dbOA.getAuthComponentOA();
- if (authoa == null) {
- authoa = new AuthComponentOA();
- dbOA.setAuthComponentOA(authoa);
+
+ public OATargetConfiguration() {
+ targetList = TargetValidator.getListOfTargets();
+ target = "";
+
+ identificationTypeList = Arrays.asList(
+ Constants.IDENIFICATIONTYPE_FN,
+ Constants.IDENIFICATIONTYPE_ZVR,
+ Constants.IDENIFICATIONTYPE_ERSB,
+ Constants.IDENIFICATIONTYPE_STORK,
+ Constants.IDENIFICATIONTYPE_EIDAS);
+ }
+
+ /*
+ * (non-Javadoc)
+ *
+ * @see
+ * at.gv.egovernment.moa.id.configuration.data.oa.IOnlineApplicationData#getName
+ * ()
+ */
+ @Override
+ public String getName() {
+ return "OATargetConfig";
+ }
+
+ /*
+ * (non-Javadoc)
+ *
+ * @see
+ * at.gv.egovernment.moa.id.configuration.data.oa.IOnlineApplicationData#parse(
+ * at.gv.egovernment.moa.id.commons.db.dao.config.OnlineApplication,
+ * at.gv.egovernment.moa.id.configuration.auth.AuthenticatedUser,
+ * javax.servlet.http.HttpServletRequest)
+ */
+ @Override
+ public List<String> parse(OnlineApplication dbOA,
+ AuthenticatedUser authUser, HttpServletRequest request) {
+ final String target_full = dbOA.getTarget();
+ if (MiscUtil.isNotEmpty(target_full)) {
+ if (TargetValidator.isValidTarget(target_full)) {
+ target = target_full;
+
+ } else {
+ final String[] target_split = target_full.split("-");
+
+ if (TargetValidator.isValidTarget(target_split[0])) {
+ target = target_split[0];
+ if (target_split.length > 1) {
+ target_subsector = target_split[1];
+ subTargetSet = true;
+ }
+
+ } else {
+ target = "";
+ target_subsector = null;
+ target_admin = target_full;
+ isAdminTarget = true;
+ }
+ }
+ targetFriendlyName = dbOA.getTargetFriendlyName();
+ }
+
+ final AuthComponentOA oaauth = dbOA.getAuthComponentOA();
+ if (oaauth != null) {
+
+ final IdentificationNumber idnumber = oaauth.getIdentificationNumber();
+ if (idnumber != null) {
+ final String number = idnumber.getValue();
+ if (MiscUtil.isNotEmpty(number)) {
+ final String[] split = number.split("\\+");
+
+ if (Constants.PREFIX_WPBK.startsWith(split[0]) && split.length >= 2) {
+ identificationType = split[1];
+ identificationNumber = split[2];
+
+ } else if (Constants.PREFIX_EIDAS.startsWith(split[0]) && split.length >= 2) {
+ // identificationType = split[1]; // setting at as iden category ?
+ identificationType = Constants.IDENIFICATIONTYPE_EIDAS;
+ identificationNumber = split[1] + "+" + split[2]; // setting sp country as ident type -> sp ident
+
+ } else if (Constants.PREFIX_STORK.startsWith(split[0]) && split.length >= 2) {
+ // identificationType = split[1]; // setting at as iden category ?
+ identificationType = Constants.IDENIFICATIONTYPE_STORK;
+ identificationNumber = split[2]; // setting sp country as ident type -> sp ident
+ }
}
-
- if (isBusinessService(dbOA) || authUser.isOnlyBusinessService()) {
-
- dbOA.setType(Constants.MOA_CONFIG_BUSINESSSERVICE);
-
- String num = null;
- if (authUser.isOnlyBusinessService()) {
- deaktivededBusinessService = authUser.isOnlyBusinessService();
- num = authUser.getBusinessServiceType() + authUser.getBusinessServiceNumber();
-
- } else {
-
- num = getIdentificationNumber().replaceAll(" ", "");
- if (num.startsWith(Constants.IDENIFICATIONTYPE_FN)) {
- num = num.substring(Constants.IDENIFICATIONTYPE_FN.length());
-
- num = at.gv.egovernment.moa.util.StringUtils.deleteLeadingZeros(num);
-
- /*Fixme:
- * Company numbers had to be padded with '0' on left site
- * But this bugfix can not be activated, because this would
- * change all bPKs for company numbers.
- *
- * Change this in case of new bPK generation algorithms
- */
- // num = StringUtils.leftPad(num, 7, '0');
- }
-
- if (num.startsWith(Constants.IDENIFICATIONTYPE_ZVR))
- num = num.substring(Constants.IDENIFICATIONTYPE_ZVR.length());
-
- if (num.startsWith(Constants.IDENIFICATIONTYPE_ERSB))
- num = num.substring(Constants.IDENIFICATIONTYPE_ERSB.length());
- }
-
- IdentificationNumber idnumber = authoa.getIdentificationNumber();
- if (idnumber == null)
- idnumber = new IdentificationNumber();
-
- if (getIdentificationType().equals(Constants.IDENIFICATIONTYPE_EIDAS)) {
- idnumber.setValue(Constants.PREFIX_EIDAS + num);
- idnumber.setType(Constants.BUSINESSSERVICENAMES.get(getIdentificationType()));
-
- } else if (getIdentificationType().equals(Constants.IDENIFICATIONTYPE_STORK)) {
- idnumber.setValue(Constants.PREFIX_STORK + "AT" + "+" + num);
- idnumber.setType(Constants.BUSINESSSERVICENAMES.get(getIdentificationType()));
- } else {
- idnumber.setValue(Constants.PREFIX_WPBK + getIdentificationType() + "+" + num);
- idnumber.setType(Constants.BUSINESSSERVICENAMES.get(getIdentificationType()));
- }
-
- authoa.setIdentificationNumber(idnumber);
+
+ if (authUser.isOnlyBusinessService()) {
+ deaktivededBusinessService = authUser.isOnlyBusinessService();
+
+ identificationType = authUser.getBusinessServiceType();
+ identificationNumber = authUser.getBusinessServiceNumber();
+
+ }
+
+ }
+ }
+
+ // parse foreign bPK sector list
+ if (dbOA.getForeignbPKTargetList() != null) {
+ if (KeyValueUtils.isCSVValueString(dbOA.getForeignbPKTargetList())) {
+ foreignbPKTargets = KeyValueUtils.normalizeCSVValueString(dbOA.getForeignbPKTargetList());
+ } else {
+ if (dbOA.getForeignbPKTargetList().contains(KeyValueUtils.CSV_DELIMITER)) {
+ // remove trailing comma if exist
+ foreignbPKTargets = dbOA.getForeignbPKTargetList().substring(0,
+ dbOA.getForeignbPKTargetList().indexOf(KeyValueUtils.CSV_DELIMITER));
} else {
- dbOA.setType(null);
+ foreignbPKTargets = dbOA.getForeignbPKTargetList();
+ }
+
+ }
+ }
- if (authUser.isAdmin()) {
- if (MiscUtil.isNotEmpty(getTarget_admin()) && isAdminTarget()) {
- dbOA.setTarget(getTarget_admin());
- dbOA.setTargetFriendlyName(getTargetFriendlyName());
+ // parse additional bPK sector list
+ if (dbOA.getAdditionalbPKTargetList() != null) {
+ if (KeyValueUtils.isCSVValueString(dbOA.getAdditionalbPKTargetList())) {
+ additionalbPKTargets = KeyValueUtils.normalizeCSVValueString(dbOA.getAdditionalbPKTargetList());
+ } else {
+ if (dbOA.getAdditionalbPKTargetList().contains(KeyValueUtils.CSV_DELIMITER)) {
+ // remove trailing comma if exist
+ additionalbPKTargets = dbOA.getAdditionalbPKTargetList().substring(0,
+ dbOA.getAdditionalbPKTargetList().indexOf(KeyValueUtils.CSV_DELIMITER));
- } else {
+ } else {
+ additionalbPKTargets = dbOA.getAdditionalbPKTargetList();
+ }
- String target = getTarget();
+ }
+ }
- if (MiscUtil.isNotEmpty(getTarget_subsector()) && subTargetSet)
- dbOA.setTarget(target + "-" + getTarget_subsector());
- else
- dbOA.setTarget(target);
+ // parse 'Austrian eID mode' flag
+ eidDemoActive = dbOA.getIseIDDemoModeActive();
+ eidProxyActive = dbOA.getIseIDProxyModeActive();
+
+ return null;
+ }
+
+ /*
+ * (non-Javadoc)
+ *
+ * @see
+ * at.gv.egovernment.moa.id.configuration.data.oa.IOnlineApplicationData#store(
+ * at.gv.egovernment.moa.id.commons.db.dao.config.OnlineApplication,
+ * at.gv.egovernment.moa.id.configuration.auth.AuthenticatedUser,
+ * javax.servlet.http.HttpServletRequest)
+ */
+ @Override
+ public String store(OnlineApplication dbOA, AuthenticatedUser authUser,
+ HttpServletRequest request) {
+
+ AuthComponentOA authoa = dbOA.getAuthComponentOA();
+ if (authoa == null) {
+ authoa = new AuthComponentOA();
+ dbOA.setAuthComponentOA(authoa);
+ }
- String targetname = TargetValidator.getTargetFriendlyName(target);
- if (MiscUtil.isNotEmpty(targetname)) dbOA.setTargetFriendlyName(targetname);
+ if (isBusinessService(dbOA) || authUser.isOnlyBusinessService()) {
- }
+ dbOA.setType(Constants.MOA_CONFIG_BUSINESSSERVICE);
- } else {
+ String num = null;
+ if (authUser.isOnlyBusinessService()) {
+ deaktivededBusinessService = authUser.isOnlyBusinessService();
+ num = authUser.getBusinessServiceType() + authUser.getBusinessServiceNumber();
- if (MiscUtil.isNotEmpty(getTarget())) {
+ } else {
- String target = getTarget();
+ num = getIdentificationNumber().replaceAll(" ", "");
+ if (num.startsWith(Constants.IDENIFICATIONTYPE_FN)) {
+ num = num.substring(Constants.IDENIFICATIONTYPE_FN.length());
- if (MiscUtil.isNotEmpty(getTarget_subsector()) && subTargetSet)
- dbOA.setTarget(target + "-" + getTarget_subsector());
+ num = at.gv.egovernment.moa.util.StringUtils.deleteLeadingZeros(num);
- else
- dbOA.setTarget(target);
+ /*
+ * Fixme: Company numbers had to be padded with '0' on left site But this bugfix
+ * can not be activated, because this would change all bPKs for company numbers.
+ *
+ * Change this in case of new bPK generation algorithms
+ */
+ // num = StringUtils.leftPad(num, 7, '0');
+ }
- String targetname = TargetValidator.getTargetFriendlyName(target);
- if (MiscUtil.isNotEmpty(targetname)) dbOA.setTargetFriendlyName(targetname);
+ if (num.startsWith(Constants.IDENIFICATIONTYPE_ZVR)) {
+ num = num.substring(Constants.IDENIFICATIONTYPE_ZVR.length());
+ }
- }
- }
+ if (num.startsWith(Constants.IDENIFICATIONTYPE_ERSB)) {
+ num = num.substring(Constants.IDENIFICATIONTYPE_ERSB.length());
}
-
- dbOA.setForeignbPKTargetList(getForeignbPKTargets());
- dbOA.setAdditionalbPKTargetList(getAdditionalbPKTargets());
- dbOA.setIseIDDemoModeActive(isEidDemoActive());
- dbOA.setIseIDProxyModeActive(isEidProxyActive());
-
- return null;
- }
-
- /**
- * @return
- */
- private boolean isBusinessService(OnlineApplication dbOA) {
- if (dbOA.getType().equals(Constants.MOA_CONFIG_BUSINESSSERVICE))
- return true;
- else
- return false;
- }
-
-
- /* (non-Javadoc)
- * @see at.gv.egovernment.moa.id.configuration.data.oa.IOnlineApplicationData#validate(at.gv.egovernment.moa.id.configuration.data.oa.OAGeneralConfig, at.gv.egovernment.moa.id.configuration.auth.AuthenticatedUser, javax.servlet.http.HttpServletRequest)
- */
- @Override
- public List<String> validate(OAGeneralConfig general,
- AuthenticatedUser authUser, HttpServletRequest request) {
- return new OATargetConfigValidation().validate(this, authUser.isAdmin(), general, request);
- }
-
- public String getTarget() {
- return target;
- }
-
- public void setTarget(String target) {
- this.target = target;
- }
-
- public String getTargetFriendlyName() {
- return targetFriendlyName;
- }
-
- public void setTargetFriendlyName(String targetFriendlyName) {
- this.targetFriendlyName = targetFriendlyName;
- }
-
- public String getIdentificationNumber() {
- return identificationNumber;
- }
-
- public void setIdentificationNumber(String identificationNumber) {
- this.identificationNumber = identificationNumber;
- }
-
- public String getIdentificationType() {
- return identificationType;
- }
-
- public void setIdentificationType(String identificationType) {
- this.identificationType = identificationType;
- }
-
- /**
- * @return the target_subsector
- */
- public String getTarget_subsector() {
- return target_subsector;
- }
-
-
- /**
- * @param target_subsector the target_subsector to set
- */
- public void setTarget_subsector(String target_subsector) {
- this.target_subsector = target_subsector;
- }
-
-
- /**
- * @return the target_admin
- */
- public String getTarget_admin() {
- return target_admin;
- }
-
-
- /**
- * @param target_admin the target_admin to set
- */
- public void setTarget_admin(String target_admin) {
- this.target_admin = target_admin;
- }
-
-
- /**
- * @return the targetList
- */
- public List<String> getTargetList() {
- return targetList;
- }
-
-
- /**
- * @return the identificationTypeList
- */
- public List<String> getIdentificationTypeList() {
- return identificationTypeList;
- }
-
-
- /**
- * @return the isAdminTarget
- */
- public boolean isAdminTarget() {
- return isAdminTarget;
- }
-
-
- /**
- * @param isAdminTarget the isAdminTarget to set
- */
- public void setAdminTarget(boolean isAdminTarget) {
- this.isAdminTarget = isAdminTarget;
- }
-
- /**
- * @return the deaktivededBusinessService
- */
- public boolean isDeaktivededBusinessService() {
- return deaktivededBusinessService;
- }
+ }
+ IdentificationNumber idnumber = authoa.getIdentificationNumber();
+ if (idnumber == null) {
+ idnumber = new IdentificationNumber();
+ }
- /**
- * @param deaktivededBusinessService the deaktivededBusinessService to set
- */
- public void setDeaktivededBusinessService(boolean deaktivededBusinessService) {
- this.deaktivededBusinessService = deaktivededBusinessService;
- }
+ if (getIdentificationType().equals(Constants.IDENIFICATIONTYPE_EIDAS)) {
+ idnumber.setValue(Constants.PREFIX_EIDAS + num);
+ idnumber.setType(Constants.BUSINESSSERVICENAMES.get(getIdentificationType()));
+ } else if (getIdentificationType().equals(Constants.IDENIFICATIONTYPE_STORK)) {
+ idnumber.setValue(Constants.PREFIX_STORK + "AT" + "+" + num);
+ idnumber.setType(Constants.BUSINESSSERVICENAMES.get(getIdentificationType()));
+ } else {
+ idnumber.setValue(Constants.PREFIX_WPBK + getIdentificationType() + "+" + num);
+ idnumber.setType(Constants.BUSINESSSERVICENAMES.get(getIdentificationType()));
+ }
- /**
- * @return the subTargetSet
- */
- public boolean isSubTargetSet() {
- return subTargetSet;
- }
+ authoa.setIdentificationNumber(idnumber);
+ } else {
+ dbOA.setType(null);
- /**
- * @param subTargetSet the subTargetSet to set
- */
- public void setSubTargetSet(boolean subTargetSet) {
- this.subTargetSet = subTargetSet;
- }
+ if (authUser.isAdmin()) {
+ if (MiscUtil.isNotEmpty(getTarget_admin()) && isAdminTarget()) {
+ dbOA.setTarget(getTarget_admin());
+ dbOA.setTargetFriendlyName(getTargetFriendlyName());
+ } else {
- public String getForeignbPKTargets() {
- return foreignbPKTargets;
- }
+ final String target = getTarget();
+ if (MiscUtil.isNotEmpty(getTarget_subsector()) && subTargetSet) {
+ dbOA.setTarget(target + "-" + getTarget_subsector());
+ } else {
+ dbOA.setTarget(target);
+ }
- public void setForeignbPKTargets(String foreignbPKTargets) {
- if (MiscUtil.isNotEmpty(foreignbPKTargets))
- this.foreignbPKTargets =
- KeyValueUtils.removeAllNewlineFromString(foreignbPKTargets);
- else
- this.foreignbPKTargets = foreignbPKTargets;
- }
+ final String targetname = TargetValidator.getTargetFriendlyName(target);
+ if (MiscUtil.isNotEmpty(targetname)) {
+ dbOA.setTargetFriendlyName(targetname);
+ }
+ }
+
+ } else {
+
+ if (MiscUtil.isNotEmpty(getTarget())) {
- public String getAdditionalbPKTargets() {
- return additionalbPKTargets;
- }
+ final String target = getTarget();
+ if (MiscUtil.isNotEmpty(getTarget_subsector()) && subTargetSet) {
+ dbOA.setTarget(target + "-" + getTarget_subsector());
+ } else {
+ dbOA.setTarget(target);
+ }
- public void setAdditionalbPKTargets(String additionalbPKTargets) {
- if (MiscUtil.isNotEmpty(additionalbPKTargets))
- this.additionalbPKTargets =
- KeyValueUtils.removeAllNewlineFromString(additionalbPKTargets);
- else
- this.additionalbPKTargets = additionalbPKTargets;
+ final String targetname = TargetValidator.getTargetFriendlyName(target);
+ if (MiscUtil.isNotEmpty(targetname)) {
+ dbOA.setTargetFriendlyName(targetname);
+ }
- }
+ }
+ }
+ }
+
+ dbOA.setForeignbPKTargetList(getForeignbPKTargets());
+ dbOA.setAdditionalbPKTargetList(getAdditionalbPKTargets());
+ dbOA.setIseIDDemoModeActive(isEidDemoActive());
+ dbOA.setIseIDProxyModeActive(isEidProxyActive());
+
+ return null;
+ }
+
+ /**
+ * @return
+ */
+ private boolean isBusinessService(OnlineApplication dbOA) {
+ if (dbOA.getType().equals(Constants.MOA_CONFIG_BUSINESSSERVICE)) {
+ return true;
+ } else {
+ return false;
+ }
+ }
+
+ /*
+ * (non-Javadoc)
+ *
+ * @see at.gv.egovernment.moa.id.configuration.data.oa.IOnlineApplicationData#
+ * validate(at.gv.egovernment.moa.id.configuration.data.oa.OAGeneralConfig,
+ * at.gv.egovernment.moa.id.configuration.auth.AuthenticatedUser,
+ * javax.servlet.http.HttpServletRequest)
+ */
+ @Override
+ public List<String> validate(OAGeneralConfig general,
+ AuthenticatedUser authUser, HttpServletRequest request) {
+ return new OATargetConfigValidation().validate(this, authUser.isAdmin(), general, request);
+ }
+
+ public String getTarget() {
+ return target;
+ }
+
+ public void setTarget(String target) {
+ this.target = target;
+ }
+
+ public String getTargetFriendlyName() {
+ return targetFriendlyName;
+ }
+
+ public void setTargetFriendlyName(String targetFriendlyName) {
+ this.targetFriendlyName = targetFriendlyName;
+ }
+
+ public String getIdentificationNumber() {
+ return identificationNumber;
+ }
+
+ public void setIdentificationNumber(String identificationNumber) {
+ this.identificationNumber = identificationNumber;
+ }
+
+ public String getIdentificationType() {
+ return identificationType;
+ }
+
+ public void setIdentificationType(String identificationType) {
+ this.identificationType = identificationType;
+ }
+
+ /**
+ * @return the target_subsector
+ */
+ public String getTarget_subsector() {
+ return target_subsector;
+ }
+
+ /**
+ * @param target_subsector the target_subsector to set
+ */
+ public void setTarget_subsector(String target_subsector) {
+ this.target_subsector = target_subsector;
+ }
+
+ /**
+ * @return the target_admin
+ */
+ public String getTarget_admin() {
+ return target_admin;
+ }
+
+ /**
+ * @param target_admin the target_admin to set
+ */
+ public void setTarget_admin(String target_admin) {
+ this.target_admin = target_admin;
+ }
+
+ /**
+ * @return the targetList
+ */
+ public List<String> getTargetList() {
+ return targetList;
+ }
+
+ /**
+ * @return the identificationTypeList
+ */
+ public List<String> getIdentificationTypeList() {
+ return identificationTypeList;
+ }
+
+ /**
+ * @return the isAdminTarget
+ */
+ public boolean isAdminTarget() {
+ return isAdminTarget;
+ }
+
+ /**
+ * @param isAdminTarget the isAdminTarget to set
+ */
+ public void setAdminTarget(boolean isAdminTarget) {
+ this.isAdminTarget = isAdminTarget;
+ }
+
+ /**
+ * @return the deaktivededBusinessService
+ */
+ public boolean isDeaktivededBusinessService() {
+ return deaktivededBusinessService;
+ }
+
+ /**
+ * @param deaktivededBusinessService the deaktivededBusinessService to set
+ */
+ public void setDeaktivededBusinessService(boolean deaktivededBusinessService) {
+ this.deaktivededBusinessService = deaktivededBusinessService;
+ }
+
+ /**
+ * @return the subTargetSet
+ */
+ public boolean isSubTargetSet() {
+ return subTargetSet;
+ }
+
+ /**
+ * @param subTargetSet the subTargetSet to set
+ */
+ public void setSubTargetSet(boolean subTargetSet) {
+ this.subTargetSet = subTargetSet;
+ }
+
+ public String getForeignbPKTargets() {
+ return foreignbPKTargets;
+ }
+
+ public void setForeignbPKTargets(String foreignbPKTargets) {
+ if (MiscUtil.isNotEmpty(foreignbPKTargets)) {
+ this.foreignbPKTargets =
+ KeyValueUtils.removeAllNewlineFromString(foreignbPKTargets);
+ } else {
+ this.foreignbPKTargets = foreignbPKTargets;
+ }
+ }
+
+ public String getAdditionalbPKTargets() {
+ return additionalbPKTargets;
+ }
+
+ public void setAdditionalbPKTargets(String additionalbPKTargets) {
+ if (MiscUtil.isNotEmpty(additionalbPKTargets)) {
+ this.additionalbPKTargets =
+ KeyValueUtils.removeAllNewlineFromString(additionalbPKTargets);
+ } else {
+ this.additionalbPKTargets = additionalbPKTargets;
+ }
+ }
- public boolean isEidDemoActive() {
- return eidDemoActive;
- }
+ public boolean isEidDemoActive() {
+ return eidDemoActive;
+ }
+ public void setEidDemoActive(boolean eidDemoActive) {
+ this.eidDemoActive = eidDemoActive;
+ }
- public void setEidDemoActive(boolean eidDemoActive) {
- this.eidDemoActive = eidDemoActive;
- }
-
- public boolean isEidProxyActive() {
- return eidProxyActive;
- }
+ public boolean isEidProxyActive() {
+ return eidProxyActive;
+ }
+ public void setEidProxyActive(boolean eidProxyActive) {
+ this.eidProxyActive = eidProxyActive;
+ }
- public void setEidProxyActive(boolean eidProxyActive) {
- this.eidProxyActive = eidProxyActive;
- }
-
-
-
}
diff --git a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/data/oa/PVPGatewayInterfederationConfig.java b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/data/oa/PVPGatewayInterfederationConfig.java
index e27c55c90..29598a679 100644
--- a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/data/oa/PVPGatewayInterfederationConfig.java
+++ b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/data/oa/PVPGatewayInterfederationConfig.java
@@ -27,110 +27,128 @@ import java.util.List;
import javax.servlet.http.HttpServletRequest;
-import org.apache.log4j.Logger;
-
import at.gv.egovernment.moa.id.commons.db.dao.config.deprecated.InterfederationGatewayType;
-import at.gv.egovernment.moa.id.commons.db.dao.config.deprecated.InterfederationIDPType;
import at.gv.egovernment.moa.id.commons.db.dao.config.deprecated.OnlineApplication;
import at.gv.egovernment.moa.id.commons.validation.ValidationHelper;
import at.gv.egovernment.moa.id.configuration.Constants;
import at.gv.egovernment.moa.id.configuration.auth.AuthenticatedUser;
import at.gv.egovernment.moa.id.configuration.helper.LanguageHelper;
import at.gv.egovernment.moa.util.MiscUtil;
+import lombok.extern.slf4j.Slf4j;
/**
* @author tlenz
*
*/
+@Slf4j
public class PVPGatewayInterfederationConfig implements IOnlineApplicationData {
- private static final Logger log = Logger.getLogger(PVPGatewayInterfederationConfig.class);
-
- private String entityID = null;
-
- /* (non-Javadoc)
- * @see at.gv.egovernment.moa.id.configuration.data.oa.IOnlineApplicationData#getName()
- */
- @Override
- public String getName() {
- return "PVPGatewayInterfederation";
- }
-
- /* (non-Javadoc)
- * @see at.gv.egovernment.moa.id.configuration.data.oa.IOnlineApplicationData#parse(at.gv.egovernment.moa.id.commons.db.dao.config.OnlineApplication, at.gv.egovernment.moa.id.configuration.auth.AuthenticatedUser, javax.servlet.http.HttpServletRequest)
- */
- @Override
- public List<String> parse(OnlineApplication dbOA,
- AuthenticatedUser authUser, HttpServletRequest request) {
-
- InterfederationGatewayType gateway = dbOA.getInterfederationGateway();
- if (gateway != null) {
- this.entityID = gateway.getForwardIDPIdentifier();
-
- }
-
- return null;
- }
-
- /* (non-Javadoc)
- * @see at.gv.egovernment.moa.id.configuration.data.oa.IOnlineApplicationData#store(at.gv.egovernment.moa.id.commons.db.dao.config.OnlineApplication, at.gv.egovernment.moa.id.configuration.auth.AuthenticatedUser, javax.servlet.http.HttpServletRequest)
- */
- @Override
- public String store(OnlineApplication dbOA, AuthenticatedUser authUser,
- HttpServletRequest request) {
-
- if (authUser.isAdmin()) {
- dbOA.setIsInterfederationGateway(true);
-
- InterfederationGatewayType gateway = dbOA.getInterfederationGateway();
- if (gateway == null) {
- gateway = new InterfederationGatewayType();
- dbOA.setInterfederationGateway(gateway);
- }
-
- gateway.setForwardIDPIdentifier(entityID);
- }
-
- dbOA.setType(Constants.MOA_CONFIG_BUSINESSSERVICE);
- return null;
- }
-
- /* (non-Javadoc)
- * @see at.gv.egovernment.moa.id.configuration.data.oa.IOnlineApplicationData#validate(at.gv.egovernment.moa.id.configuration.data.oa.OAGeneralConfig, at.gv.egovernment.moa.id.configuration.auth.AuthenticatedUser, javax.servlet.http.HttpServletRequest)
- */
- @Override
- public List<String> validate(OAGeneralConfig general,
- AuthenticatedUser authUser, HttpServletRequest request) {
-
- List<String> errors = new ArrayList<String>();
-
- if (MiscUtil.isNotEmpty(entityID)) {
- if (!ValidationHelper.validateURL(entityID)) {
- log.info("PVP gateway EntityID is not valid");
- errors.add(LanguageHelper.getErrorString("validation.interfederation.gateway.entityID.valid", request));
-
- }
-
- } else
- errors.add(LanguageHelper.getErrorString("validation.interfederation.gateway.entityID.empty", request));
-
- return errors;
- }
-
- /**
- * @return the entityID
- */
- public String getEntityID() {
- return entityID;
- }
-
- /**
- * @param entityID the entityID to set
- */
- public void setEntityID(String entityID) {
- this.entityID = entityID;
- }
-
-
-
+ private String entityID = null;
+
+ /*
+ * (non-Javadoc)
+ *
+ * @see
+ * at.gv.egovernment.moa.id.configuration.data.oa.IOnlineApplicationData#getName
+ * ()
+ */
+ @Override
+ public String getName() {
+ return "PVPGatewayInterfederation";
+ }
+
+ /*
+ * (non-Javadoc)
+ *
+ * @see
+ * at.gv.egovernment.moa.id.configuration.data.oa.IOnlineApplicationData#parse(
+ * at.gv.egovernment.moa.id.commons.db.dao.config.OnlineApplication,
+ * at.gv.egovernment.moa.id.configuration.auth.AuthenticatedUser,
+ * javax.servlet.http.HttpServletRequest)
+ */
+ @Override
+ public List<String> parse(OnlineApplication dbOA,
+ AuthenticatedUser authUser, HttpServletRequest request) {
+
+ final InterfederationGatewayType gateway = dbOA.getInterfederationGateway();
+ if (gateway != null) {
+ this.entityID = gateway.getForwardIDPIdentifier();
+
+ }
+
+ return null;
+ }
+
+ /*
+ * (non-Javadoc)
+ *
+ * @see
+ * at.gv.egovernment.moa.id.configuration.data.oa.IOnlineApplicationData#store(
+ * at.gv.egovernment.moa.id.commons.db.dao.config.OnlineApplication,
+ * at.gv.egovernment.moa.id.configuration.auth.AuthenticatedUser,
+ * javax.servlet.http.HttpServletRequest)
+ */
+ @Override
+ public String store(OnlineApplication dbOA, AuthenticatedUser authUser,
+ HttpServletRequest request) {
+
+ if (authUser.isAdmin()) {
+ dbOA.setIsInterfederationGateway(true);
+
+ InterfederationGatewayType gateway = dbOA.getInterfederationGateway();
+ if (gateway == null) {
+ gateway = new InterfederationGatewayType();
+ dbOA.setInterfederationGateway(gateway);
+ }
+
+ gateway.setForwardIDPIdentifier(entityID);
+ }
+
+ dbOA.setType(Constants.MOA_CONFIG_BUSINESSSERVICE);
+ return null;
+ }
+
+ /*
+ * (non-Javadoc)
+ *
+ * @see at.gv.egovernment.moa.id.configuration.data.oa.IOnlineApplicationData#
+ * validate(at.gv.egovernment.moa.id.configuration.data.oa.OAGeneralConfig,
+ * at.gv.egovernment.moa.id.configuration.auth.AuthenticatedUser,
+ * javax.servlet.http.HttpServletRequest)
+ */
+ @Override
+ public List<String> validate(OAGeneralConfig general,
+ AuthenticatedUser authUser, HttpServletRequest request) {
+
+ final List<String> errors = new ArrayList<>();
+
+ if (MiscUtil.isNotEmpty(entityID)) {
+ if (!ValidationHelper.validateURL(entityID)) {
+ log.info("PVP gateway EntityID is not valid");
+ errors.add(LanguageHelper.getErrorString("validation.interfederation.gateway.entityID.valid",
+ request));
+
+ }
+
+ } else {
+ errors.add(LanguageHelper.getErrorString("validation.interfederation.gateway.entityID.empty", request));
+ }
+
+ return errors;
+ }
+
+ /**
+ * @return the entityID
+ */
+ public String getEntityID() {
+ return entityID;
+ }
+
+ /**
+ * @param entityID the entityID to set
+ */
+ public void setEntityID(String entityID) {
+ this.entityID = entityID;
+ }
+
}
diff --git a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/filter/AuthenticationFilter.java b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/filter/AuthenticationFilter.java
index c69998fa2..8b50437cb 100644
--- a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/filter/AuthenticationFilter.java
+++ b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/filter/AuthenticationFilter.java
@@ -40,8 +40,6 @@ import javax.servlet.http.HttpServletResponse;
import javax.servlet.http.HttpSession;
import org.apache.commons.lang.StringUtils;
-import org.apache.log4j.Logger;
-
import at.gv.egovernment.moa.id.config.webgui.exception.ConfigurationException;
import at.gv.egovernment.moa.id.configuration.Constants;
import at.gv.egovernment.moa.id.configuration.auth.AuthenticatedUser;
@@ -50,10 +48,10 @@ import at.gv.egovernment.moa.id.configuration.config.ConfigurationProvider;
import at.gv.egovernment.moa.util.MiscUtil;
import at.gv.util.ToStringUtil;
import at.gv.util.WebAppUtil;
+import lombok.extern.slf4j.Slf4j;
+@Slf4j
public class AuthenticationFilter implements Filter{
-
- private final Logger log = Logger.getLogger(AuthenticationFilter.class);
private static ConfigurationProvider config;
diff --git a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/filter/EncodingFilter.java b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/filter/EncodingFilter.java
index 71f9536ae..6c4ecf3ae 100644
--- a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/filter/EncodingFilter.java
+++ b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/filter/EncodingFilter.java
@@ -11,11 +11,13 @@ import javax.servlet.ServletResponse;
import org.apache.commons.lang.StringUtils;
import org.apache.commons.lang.builder.ToStringBuilder;
-import org.apache.log4j.Logger;
+
+import lombok.extern.slf4j.Slf4j;
/**
* @author <a href="mailto:thomas.knall@iaik.tugraz.at">Thomas Knall</a>
*/
+@Slf4j
public class EncodingFilter implements javax.servlet.Filter {
private static final String SERVLET_INIT_PARAM_ENCODING = "encoding";
@@ -30,8 +32,6 @@ public class EncodingFilter implements javax.servlet.Filter {
private static final boolean DEFAULT_FORCE_REQUEST_ENCODING_VALUE = true;
private static final boolean DEFAULT_SET_RESPONSE_ENCODING_VALUE = false;
private static final boolean DEFAULT_FORCE_RESPONSE_ENCODING_VALUE = false;
-
- private Logger log = Logger.getLogger(getClass().getName());
private String encoding = null;
diff --git a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/helper/AuthenticationHelper.java b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/helper/AuthenticationHelper.java
index 4d47d8d96..25cf87aa9 100644
--- a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/helper/AuthenticationHelper.java
+++ b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/helper/AuthenticationHelper.java
@@ -29,29 +29,27 @@ import javax.crypto.SecretKeyFactory;
import javax.crypto.spec.PBEKeySpec;
import javax.crypto.spec.SecretKeySpec;
-import org.apache.log4j.Logger;
-
import at.gv.egovernment.moa.util.Base64Utils;
+import lombok.extern.slf4j.Slf4j;
+@Slf4j
public class AuthenticationHelper {
-
- private static final Logger log = Logger.getLogger(AuthenticationHelper.class);
-
- public static String generateKeyFormPassword(String password) {
- SecretKeyFactory factory;
-
- try {
- factory = SecretKeyFactory.getInstance("PBKDF2WithHmacSHA1");
- KeySpec spec = new PBEKeySpec(password.toCharArray(), "TestSALT".getBytes(), 1024, 128);
- SecretKey tmp = factory.generateSecret(spec);
- SecretKeySpec secret = new SecretKeySpec(tmp.getEncoded(), "AES");
- return Base64Utils.encode(secret.getEncoded());
-
- } catch (Exception e) {
- log.info("Key generation form password failed.");
- return null;
- }
-
- }
+
+ public static String generateKeyFormPassword(String password) {
+ SecretKeyFactory factory;
+
+ try {
+ factory = SecretKeyFactory.getInstance("PBKDF2WithHmacSHA1");
+ final KeySpec spec = new PBEKeySpec(password.toCharArray(), "TestSALT".getBytes(), 1024, 128);
+ final SecretKey tmp = factory.generateSecret(spec);
+ final SecretKeySpec secret = new SecretKeySpec(tmp.getEncoded(), "AES");
+ return Base64Utils.encode(secret.getEncoded());
+
+ } catch (final Exception e) {
+ log.info("Key generation form password failed.");
+ return null;
+ }
+
+ }
}
diff --git a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/helper/DateTimeHelper.java b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/helper/DateTimeHelper.java
index eed4aa32f..a6c8b93b1 100644
--- a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/helper/DateTimeHelper.java
+++ b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/helper/DateTimeHelper.java
@@ -26,34 +26,32 @@ import java.text.ParseException;
import java.text.SimpleDateFormat;
import java.util.Date;
-import org.apache.log4j.Logger;
-
import at.gv.egovernment.moa.util.MiscUtil;
+import lombok.extern.slf4j.Slf4j;
+@Slf4j
public class DateTimeHelper {
- private static final Logger log = Logger.getLogger(DateTimeHelper.class);
-
- private static final String DATETIMEPATTERN = "dd.MM.yyy HH:mm";
-
- public static String getDateTime(Date date) {
- SimpleDateFormat f = new SimpleDateFormat(DATETIMEPATTERN);
- return f.format(date);
- }
-
- public static Date parseDateTime(String date) {
- SimpleDateFormat f = new SimpleDateFormat(DATETIMEPATTERN);
-
- if (MiscUtil.isNotEmpty(date)) {
-
- try {
- return f.parse(date);
-
- } catch (ParseException e) {
- log.warn("Parse DATETIME String " + date + " failed", e);
-
- }
- }
- return null;
- }
+ private static final String DATETIMEPATTERN = "dd.MM.yyy HH:mm";
+
+ public static String getDateTime(Date date) {
+ final SimpleDateFormat f = new SimpleDateFormat(DATETIMEPATTERN);
+ return f.format(date);
+ }
+
+ public static Date parseDateTime(String date) {
+ final SimpleDateFormat f = new SimpleDateFormat(DATETIMEPATTERN);
+
+ if (MiscUtil.isNotEmpty(date)) {
+
+ try {
+ return f.parse(date);
+
+ } catch (final ParseException e) {
+ log.warn("Parse DATETIME String " + date + " failed", e);
+
+ }
+ }
+ return null;
+ }
}
diff --git a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/helper/FormDataHelper.java b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/helper/FormDataHelper.java
index b4afcb5f2..406acf001 100644
--- a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/helper/FormDataHelper.java
+++ b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/helper/FormDataHelper.java
@@ -26,77 +26,76 @@ import java.util.ArrayList;
import java.util.Date;
import java.util.List;
-import at.gv.egovernment.moa.id.commons.db.dao.config.deprecated.OnlineApplication;
import at.gv.egovernment.moa.id.commons.db.dao.config.UserDatabase;
+import at.gv.egovernment.moa.id.commons.db.dao.config.deprecated.OnlineApplication;
import at.gv.egovernment.moa.id.configuration.auth.AuthenticatedUser;
import at.gv.egovernment.moa.id.configuration.data.OAListElement;
import at.gv.egovernment.moa.id.configuration.data.OAListElement.ServiceType;
public class FormDataHelper {
- public static ArrayList<OAListElement> populateFormWithInderfederationIDPs(List<OnlineApplication> dbOAs) {
-
- ArrayList<OAListElement> formOAs = new ArrayList<OAListElement>();
-
- for (OnlineApplication dboa : dbOAs) {
-
- if (dboa.isIsInterfederationIDP()!= null && dboa.isIsInterfederationIDP())
- formOAs.add(addOAFormListElement(dboa, ServiceType.IDP));
-
- else if (dboa.isIsInterfederationGateway()!= null && dboa.isIsInterfederationGateway())
- formOAs.add(addOAFormListElement(dboa, ServiceType.GWAY));
-
- else if (dboa.getAuthComponentOA().getOASTORK() != null
- && dboa.getAuthComponentOA().getOASTORK().isVidpEnabled() != null
- && dboa.getAuthComponentOA().getOASTORK().isVidpEnabled())
- formOAs.add(addOAFormListElement(dboa, ServiceType.VIDP));
- }
- return formOAs;
- }
-
- public static ArrayList<OAListElement> populateFormWithOAs(List<OnlineApplication> dbOAs) {
-
- ArrayList<OAListElement> formOAs = new ArrayList<OAListElement>();
-
- for (OnlineApplication dboa : dbOAs) {
-
- if ( !((dboa.isIsInterfederationIDP() != null && dboa.isIsInterfederationIDP()) ||
- (dboa.isIsInterfederationGateway() != null && dboa.isIsInterfederationGateway()) ||
- (dboa.getAuthComponentOA().getOASTORK() != null
- && dboa.getAuthComponentOA().getOASTORK().isVidpEnabled() != null
- && dboa.getAuthComponentOA().getOASTORK().isVidpEnabled()) ||
- (dboa.isIsInterfederationGateway() != null && dboa.isIsInterfederationGateway() ))) {
- formOAs.add(addOAFormListElement(dboa, ServiceType.OA));
- }
- }
- return formOAs;
- }
-
- private static OAListElement addOAFormListElement(OnlineApplication dboa, ServiceType type) {
- OAListElement listoa = new OAListElement(type);
- listoa.setActive(dboa.isIsActive());
- listoa.setDataBaseID(dboa.getHjid());
- listoa.setOaFriendlyName(dboa.getFriendlyName());
- listoa.setOaIdentifier(dboa.getPublicURLPrefix());
- listoa.setOaType(dboa.getType());
- return listoa;
- }
-
- public static ArrayList<AuthenticatedUser> addFormUsers(List<UserDatabase> dbuserlist) {
- ArrayList<AuthenticatedUser> userlist = new ArrayList<AuthenticatedUser>();
-
- for (UserDatabase dbuser : dbuserlist) {
-
- boolean ismandate = false;
- if (dbuser.isIsMandateUser() != null)
- ismandate = dbuser.isIsMandateUser();
-
- userlist.add(new AuthenticatedUser(dbuser,
- dbuser.isIsActive(),
- ismandate,
- false, null, null, new Date())
- );
- }
- return userlist;
- }
+ public static ArrayList<OAListElement> populateFormWithInderfederationIDPs(List<OnlineApplication> dbOAs) {
+
+ final ArrayList<OAListElement> formOAs = new ArrayList<>();
+
+ for (final OnlineApplication dboa : dbOAs) {
+
+ if (dboa.isIsInterfederationIDP() != null && dboa.isIsInterfederationIDP()) {
+ formOAs.add(addOAFormListElement(dboa, ServiceType.IDP));
+ } else if (dboa.isIsInterfederationGateway() != null && dboa.isIsInterfederationGateway()) {
+ formOAs.add(addOAFormListElement(dboa, ServiceType.GWAY));
+ } else if (dboa.getAuthComponentOA().getOASTORK() != null
+ && dboa.getAuthComponentOA().getOASTORK().isVidpEnabled() != null
+ && dboa.getAuthComponentOA().getOASTORK().isVidpEnabled()) {
+ formOAs.add(addOAFormListElement(dboa, ServiceType.VIDP));
+ }
+ }
+ return formOAs;
+ }
+
+ public static ArrayList<OAListElement> populateFormWithOAs(List<OnlineApplication> dbOAs) {
+
+ final ArrayList<OAListElement> formOAs = new ArrayList<>();
+
+ for (final OnlineApplication dboa : dbOAs) {
+
+ if (!(dboa.isIsInterfederationIDP() != null && dboa.isIsInterfederationIDP() ||
+ dboa.isIsInterfederationGateway() != null && dboa.isIsInterfederationGateway() ||
+ dboa.getAuthComponentOA().getOASTORK() != null
+ && dboa.getAuthComponentOA().getOASTORK().isVidpEnabled() != null
+ && dboa.getAuthComponentOA().getOASTORK().isVidpEnabled() ||
+ dboa.isIsInterfederationGateway() != null && dboa.isIsInterfederationGateway())) {
+ formOAs.add(addOAFormListElement(dboa, ServiceType.OA));
+ }
+ }
+ return formOAs;
+ }
+
+ private static OAListElement addOAFormListElement(OnlineApplication dboa, ServiceType type) {
+ final OAListElement listoa = new OAListElement(type);
+ listoa.setActive(dboa.isIsActive());
+ listoa.setDataBaseID(dboa.getHjid());
+ listoa.setOaFriendlyName(dboa.getFriendlyName());
+ listoa.setOaIdentifier(dboa.getPublicURLPrefix());
+ listoa.setOaType(dboa.getType());
+ return listoa;
+ }
+
+ public static ArrayList<AuthenticatedUser> addFormUsers(List<UserDatabase> dbuserlist) {
+ final ArrayList<AuthenticatedUser> userlist = new ArrayList<>();
+
+ for (final UserDatabase dbuser : dbuserlist) {
+
+ boolean ismandate = false;
+ if (dbuser.isIsMandateUser() != null) {
+ ismandate = dbuser.isIsMandateUser();
+ }
+
+ userlist.add(new AuthenticatedUser(dbuser,
+ dbuser.isIsActive(),
+ ismandate,
+ false, null, null, new Date()));
+ }
+ return userlist;
+ }
}
diff --git a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/helper/LanguageHelper.java b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/helper/LanguageHelper.java
index 29ab75b3e..d4f4d2129 100644
--- a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/helper/LanguageHelper.java
+++ b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/helper/LanguageHelper.java
@@ -22,81 +22,73 @@
*******************************************************************************/
package at.gv.egovernment.moa.id.configuration.helper;
+import java.text.MessageFormat;
+import java.util.Locale;
+import java.util.ResourceBundle;
+
+import javax.servlet.http.HttpServletRequest;
import at.gv.egovernment.moa.id.config.webgui.exception.ConfigurationException;
import at.gv.egovernment.moa.id.configuration.Constants;
import at.gv.egovernment.moa.id.configuration.config.ConfigurationProvider;
-import at.gv.egovernment.moa.util.MiscUtil;
+import lombok.extern.slf4j.Slf4j;
-import javax.servlet.http.HttpServletRequest;
-import java.text.MessageFormat;
-import java.util.Locale;
-import java.util.ResourceBundle;
+@Slf4j
+public class LanguageHelper {
+ private static String errorLanguage(String code, Locale locale) {
+ return ResourceBundle.getBundle("applicationResources", locale).getString(code);
-import org.apache.log4j.Logger;
+ }
+ private static String guiLanguage(String code, Locale locale) {
+ return ResourceBundle.getBundle("applicationResources", locale).getString(code);
-public class LanguageHelper {
+ }
- private static Logger log = Logger.getLogger(LanguageHelper.class);
-
- private static String errorLanguage(String code, Locale locale) {
- return ResourceBundle.getBundle("applicationResources", locale).getString(code);
-
- }
+ public static String getGUIString(String code, HttpServletRequest request) {
+ return guiLanguage(code, getLangFromRequest(request));
+ }
- private static String guiLanguage(String code, Locale locale) {
- return ResourceBundle.getBundle("applicationResources", locale).getString(code);
-
- }
+ public static String getErrorString(String code, HttpServletRequest request) {
+ return errorLanguage(code, getLangFromRequest(request));
+ }
- public static String getGUIString(String code, HttpServletRequest request) {
- return guiLanguage(code, getLangFromRequest(request));
- }
+ public static String getGUIString(String code, String parameter, HttpServletRequest request) {
+ return MessageFormat.format(getGUIString(code, request), parameter);
+ }
+ public static String getErrorString(String code, Object[] parameter, HttpServletRequest request) {
- public static String getErrorString(String code, HttpServletRequest request) {
- return errorLanguage(code, getLangFromRequest(request));
- }
+ return MessageFormat.format(getGUIString(code, request), parameter);
+ }
- public static String getGUIString(String code, String parameter, HttpServletRequest request) {
- return MessageFormat.format(getGUIString(code, request), parameter);
- }
+ private static Locale getLangFromRequest(HttpServletRequest request) {
+
+ Locale defaultLanguage = Locale.forLanguageTag("de");
- public static String getErrorString(String code, Object[] parameter, HttpServletRequest request) {
+ try {
+ final ConfigurationProvider configurationProvider = ConfigurationProvider.getInstance();
+ defaultLanguage = Locale.forLanguageTag(configurationProvider.getDefaultLanguage());
- return MessageFormat.format(getGUIString(code, request), parameter);
+ } catch (final ConfigurationException e) {
+ log.error("Configuration exception while getting ConfigurationProvider instance", e);
}
-
- private static Locale getLangFromRequest(HttpServletRequest request) {
-
- Locale defaultLanguage = Locale.forLanguageTag("de");
-
- try {
- ConfigurationProvider configurationProvider = ConfigurationProvider.getInstance();
- defaultLanguage = Locale.forLanguageTag(configurationProvider.getDefaultLanguage());
-
- } catch (ConfigurationException e) {
- log.error("Configuration exception while getting ConfigurationProvider instance", e);
- }
-
-
- if (request == null) {
- return defaultLanguage;
-
- } else {
- Object obj = request.getSession().getAttribute(Constants.SESSION_I18n);
-
- if (obj != null && obj instanceof Locale) {
- return (Locale) obj;
-
- } else
- return defaultLanguage;
-
- }
-
+ if (request == null) {
+ return defaultLanguage;
+
+ } else {
+ final Object obj = request.getSession().getAttribute(Constants.SESSION_I18n);
+
+ if (obj != null && obj instanceof Locale) {
+ return (Locale) obj;
+
+ } else {
+ return defaultLanguage;
+ }
+
}
-}
+ }
+}
diff --git a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/helper/MailHelper.java b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/helper/MailHelper.java
index 8f3b8f479..5d1f663a9 100644
--- a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/helper/MailHelper.java
+++ b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/helper/MailHelper.java
@@ -41,7 +41,6 @@ import javax.mail.internet.MimeMessage;
import javax.mail.internet.MimeMultipart;
import org.apache.commons.io.IOUtils;
-import org.apache.log4j.Logger;
import at.gv.egiz.eaaf.core.impl.utils.FileUtils;
import at.gv.egovernment.moa.id.commons.db.dao.config.UserDatabase;
@@ -49,207 +48,213 @@ import at.gv.egovernment.moa.id.config.webgui.exception.ConfigurationException;
import at.gv.egovernment.moa.id.configuration.Constants;
import at.gv.egovernment.moa.id.configuration.config.ConfigurationProvider;
import at.gv.egovernment.moa.util.MiscUtil;
+import lombok.extern.slf4j.Slf4j;
+@Slf4j
public class MailHelper {
- private static final Logger log = Logger.getLogger(MailHelper.class);
-
- private static final String PATTERN_GIVENNAME = "#GIVENNAME#";
- private static final String PATTERN_FAMILYNAME = "#FAMILYNAME#";
- private static final String PATTERN_URL = "#MANDATE_SERVICE_LINK#";
- private static final String PATTERN_DATE = "#TODAY_DATE#";
- private static final String PATTERN_OPENOAS = "#NUMBER_OAS#";
- private static final String PATTERN_OPENUSERS = "#NUMBER_USERSS#";
- private static final String PATTERN_OANAME = "#OANAME#";
-
- public static void sendUserMailAddressVerification(UserDatabase userdb) throws ConfigurationException {
-
- ConfigurationProvider config = ConfigurationProvider.getInstance();
- String templateurl = config.getMailUserAcountVerificationTemplate();
-
- String template = readTemplateFromURL(templateurl, config.getConfigRootDir());
-
- if (userdb.isIsMandateUser() != null && userdb.isIsMandateUser()) {
- template = template.replace(PATTERN_GIVENNAME, userdb.getInstitut());
- template = template.replace(PATTERN_FAMILYNAME, "");
-
- } else {
- template = template.replace(PATTERN_GIVENNAME, userdb.getGivenname());
- template = template.replace(PATTERN_FAMILYNAME, userdb.getFamilyname());
- }
-
- SimpleDateFormat dateformat = new SimpleDateFormat("dd.MM.yyyy");
- template = template.replace(PATTERN_DATE, dateformat.format(new Date()));
-
- String verificationURL = config.getPublicUrlPreFix(null);
-
- if (!verificationURL.endsWith("/"))
- verificationURL = verificationURL + "/";
-
- verificationURL = verificationURL + Constants.SERVLET_ACCOUNTVERIFICATION +
- "?" + Constants.REQUEST_USERREQUESTTOKKEN +
- "=" + userdb.getUserRequestTokken();
- template = template.replace(PATTERN_URL, verificationURL);
-
- sendMail(config, config.getMailUserAcountVerificationSubject(),
- userdb.getMail(), template);
-
- }
-
- public static void sendAdminMail(int numOpenOAs, int numOpenUsers) throws ConfigurationException {
- ConfigurationProvider config = ConfigurationProvider.getInstance();
- String templateurl = config.getMailAdminTemplate();
-
- String template = readTemplateFromURL(templateurl, config.getConfigRootDir());
- template = template.replace(PATTERN_OPENOAS, String.valueOf(numOpenOAs));
- template = template.replace(PATTERN_OPENUSERS, String.valueOf(numOpenUsers));
-
- SimpleDateFormat dateformat = new SimpleDateFormat("dd.MM.yyyy");
- template = template.replace(PATTERN_DATE, dateformat.format(new Date()));
-
- sendMail(config, config.getMailAdminSubject(), config.getMailAdminAddress(), template);
-
- }
-
- public static void sendUserAccountActivationMail(String givenname, String familyname, String institut, String mailurl) throws ConfigurationException {
- ConfigurationProvider config = ConfigurationProvider.getInstance();
- String templateurl = config.getMailUserAcountActivationTemplate();
-
- String template = readTemplateFromURL(templateurl, config.getConfigRootDir());
- if (MiscUtil.isNotEmpty(institut)) {
- template = template.replace(PATTERN_GIVENNAME, institut);
- template = template.replace(PATTERN_FAMILYNAME, "");
-
- } else {
- template = template.replace(PATTERN_GIVENNAME, givenname);
- template = template.replace(PATTERN_FAMILYNAME, familyname);
- }
-
-
- SimpleDateFormat dateformat = new SimpleDateFormat("dd.MM.yyyy");
- template = template.replace(PATTERN_DATE, dateformat.format(new Date()));
-
- String verificationURL = config.getPublicUrlPreFix(null);
- if (!verificationURL.endsWith("/"))
- verificationURL = verificationURL + "/";
-
- template = template.replace(PATTERN_URL, verificationURL);
-
- sendMail(config, config.getMailUserAcountActivationSubject(),
- mailurl, template);
- }
-
- public static void sendUserOnlineApplicationActivationMail(String givenname, String familyname, String institut, String oaname, String mailurl) throws ConfigurationException {
- ConfigurationProvider config = ConfigurationProvider.getInstance();
- String templateurl = config.getMailOAActivationTemplate();
-
- String template = readTemplateFromURL(templateurl, config.getConfigRootDir());
- if (MiscUtil.isNotEmpty(institut)) {
- template = template.replace(PATTERN_GIVENNAME, institut);
- template = template.replace(PATTERN_FAMILYNAME, "");
-
- } else {
- template = template.replace(PATTERN_GIVENNAME, givenname);
- template = template.replace(PATTERN_FAMILYNAME, familyname);
- }
-
- template = template.replace(PATTERN_OANAME, oaname);
-
- SimpleDateFormat dateformat = new SimpleDateFormat("dd.MM.yyyy");
- template = template.replace(PATTERN_DATE, dateformat.format(new Date()));
-
- String verificationURL = config.getPublicUrlPreFix(null);
- if (!verificationURL.endsWith("/"))
- verificationURL = verificationURL + "/";
-
- template = template.replace(PATTERN_URL, verificationURL);
-
- sendMail(config, config.getMailOAActivationSubject(),
- mailurl, template);
- }
-
- public static void sendUserAccountRevocationMail(UserDatabase userdb) throws ConfigurationException {
- ConfigurationProvider config = ConfigurationProvider.getInstance();
- String templateurl = config.getMailUserAcountRevocationTemplate();
-
- String template = readTemplateFromURL(templateurl, config.getConfigRootDir());
-
- if (userdb.isIsMandateUser() != null && userdb.isIsMandateUser()) {
- template = template.replace(PATTERN_GIVENNAME, userdb.getInstitut());
- template = template.replace(PATTERN_FAMILYNAME, "");
-
- } else {
- template = template.replace(PATTERN_GIVENNAME, userdb.getGivenname());
- template = template.replace(PATTERN_FAMILYNAME, userdb.getFamilyname());
- }
-
- SimpleDateFormat dateformat = new SimpleDateFormat("dd.MM.yyyy");
- template = template.replace(PATTERN_DATE, dateformat.format(new Date()));
-
- sendMail(config, config.getMailUserAcountActivationSubject(),
- userdb.getMail(), template);
- }
-
- private static String readTemplateFromURL(String templateurl, String rootDir) throws ConfigurationException {
- InputStream input;
- try {
-
- URL keystoreURL = new URL(FileUtils.makeAbsoluteURL(templateurl, rootDir));
- input = keystoreURL.openStream();
- StringWriter writer = new StringWriter();
- IOUtils.copy(input, writer);
- input.close();
- return writer.toString();
-
- } catch (Exception e) {
- log.warn("Mailtemplate can not be read from source" + templateurl);
- throw new ConfigurationException("Mailtemplate can not be read from source" + templateurl);
-
- }
- }
-
- private static void sendMail(ConfigurationProvider config, String subject, String recipient, String content) throws ConfigurationException {
- try {
- log.debug("Sending mail.");
- MiscUtil.assertNotNull(subject, "subject");
- MiscUtil.assertNotNull(recipient, "recipient");
- MiscUtil.assertNotNull(content, "content");
-
- Properties props = new Properties();
- props.setProperty("mail.transport.protocol", "smtp");
- props.setProperty("mail.host", config.getSMTPMailHost());
- log.trace("Mail host: " + config.getSMTPMailHost());
- if (config.getSMTPMailPort() != null) {
- log.trace("Mail port: " + config.getSMTPMailPort());
- props.setProperty("mail.port", config.getSMTPMailPort());
- }
- if (config.getSMTPMailUsername() != null) {
- log.trace("Mail user: " + config.getSMTPMailUsername());
- props.setProperty("mail.user", config.getSMTPMailUsername());
- }
- if (config.getSMTPMailPassword() != null) {
- log.trace("Mail password: " + config.getSMTPMailPassword());
- props.setProperty("mail.password", config.getSMTPMailPassword());
- }
-
- Session mailSession = Session.getDefaultInstance(props, null);
- Transport transport = mailSession.getTransport();
-
- MimeMessage message = new MimeMessage(mailSession);
- message.setSubject(subject);
- log.trace("Mail from: " + config.getMailFromName() + "/" + config.getMailFromAddress());
- message.setFrom(new InternetAddress(config.getMailFromAddress(), config.getMailFromName()));
- log.trace("Recipient: " + recipient);
- message.addRecipient(Message.RecipientType.TO, new InternetAddress(recipient));
-
- log.trace("Creating multipart content of mail.");
- MimeMultipart multipart = new MimeMultipart("related");
-
- log.trace("Adding first part (html)");
- BodyPart messageBodyPart = new MimeBodyPart();
- messageBodyPart.setContent(content, "text/html; charset=ISO-8859-15");
- multipart.addBodyPart(messageBodyPart);
-
+ private static final String PATTERN_GIVENNAME = "#GIVENNAME#";
+ private static final String PATTERN_FAMILYNAME = "#FAMILYNAME#";
+ private static final String PATTERN_URL = "#MANDATE_SERVICE_LINK#";
+ private static final String PATTERN_DATE = "#TODAY_DATE#";
+ private static final String PATTERN_OPENOAS = "#NUMBER_OAS#";
+ private static final String PATTERN_OPENUSERS = "#NUMBER_USERSS#";
+ private static final String PATTERN_OANAME = "#OANAME#";
+
+ public static void sendUserMailAddressVerification(UserDatabase userdb) throws ConfigurationException {
+
+ final ConfigurationProvider config = ConfigurationProvider.getInstance();
+ final String templateurl = config.getMailUserAcountVerificationTemplate();
+
+ String template = readTemplateFromURL(templateurl, config.getConfigRootDir());
+
+ if (userdb.isIsMandateUser() != null && userdb.isIsMandateUser()) {
+ template = template.replace(PATTERN_GIVENNAME, userdb.getInstitut());
+ template = template.replace(PATTERN_FAMILYNAME, "");
+
+ } else {
+ template = template.replace(PATTERN_GIVENNAME, userdb.getGivenname());
+ template = template.replace(PATTERN_FAMILYNAME, userdb.getFamilyname());
+ }
+
+ final SimpleDateFormat dateformat = new SimpleDateFormat("dd.MM.yyyy");
+ template = template.replace(PATTERN_DATE, dateformat.format(new Date()));
+
+ String verificationURL = config.getPublicUrlPreFix(null);
+
+ if (!verificationURL.endsWith("/")) {
+ verificationURL = verificationURL + "/";
+ }
+
+ verificationURL = verificationURL + Constants.SERVLET_ACCOUNTVERIFICATION +
+ "?" + Constants.REQUEST_USERREQUESTTOKKEN +
+ "=" + userdb.getUserRequestTokken();
+ template = template.replace(PATTERN_URL, verificationURL);
+
+ sendMail(config, config.getMailUserAcountVerificationSubject(),
+ userdb.getMail(), template);
+
+ }
+
+ public static void sendAdminMail(int numOpenOAs, int numOpenUsers) throws ConfigurationException {
+ final ConfigurationProvider config = ConfigurationProvider.getInstance();
+ final String templateurl = config.getMailAdminTemplate();
+
+ String template = readTemplateFromURL(templateurl, config.getConfigRootDir());
+ template = template.replace(PATTERN_OPENOAS, String.valueOf(numOpenOAs));
+ template = template.replace(PATTERN_OPENUSERS, String.valueOf(numOpenUsers));
+
+ final SimpleDateFormat dateformat = new SimpleDateFormat("dd.MM.yyyy");
+ template = template.replace(PATTERN_DATE, dateformat.format(new Date()));
+
+ sendMail(config, config.getMailAdminSubject(), config.getMailAdminAddress(), template);
+
+ }
+
+ public static void sendUserAccountActivationMail(String givenname, String familyname, String institut,
+ String mailurl) throws ConfigurationException {
+ final ConfigurationProvider config = ConfigurationProvider.getInstance();
+ final String templateurl = config.getMailUserAcountActivationTemplate();
+
+ String template = readTemplateFromURL(templateurl, config.getConfigRootDir());
+ if (MiscUtil.isNotEmpty(institut)) {
+ template = template.replace(PATTERN_GIVENNAME, institut);
+ template = template.replace(PATTERN_FAMILYNAME, "");
+
+ } else {
+ template = template.replace(PATTERN_GIVENNAME, givenname);
+ template = template.replace(PATTERN_FAMILYNAME, familyname);
+ }
+
+ final SimpleDateFormat dateformat = new SimpleDateFormat("dd.MM.yyyy");
+ template = template.replace(PATTERN_DATE, dateformat.format(new Date()));
+
+ String verificationURL = config.getPublicUrlPreFix(null);
+ if (!verificationURL.endsWith("/")) {
+ verificationURL = verificationURL + "/";
+ }
+
+ template = template.replace(PATTERN_URL, verificationURL);
+
+ sendMail(config, config.getMailUserAcountActivationSubject(),
+ mailurl, template);
+ }
+
+ public static void sendUserOnlineApplicationActivationMail(String givenname, String familyname,
+ String institut, String oaname, String mailurl) throws ConfigurationException {
+ final ConfigurationProvider config = ConfigurationProvider.getInstance();
+ final String templateurl = config.getMailOAActivationTemplate();
+
+ String template = readTemplateFromURL(templateurl, config.getConfigRootDir());
+ if (MiscUtil.isNotEmpty(institut)) {
+ template = template.replace(PATTERN_GIVENNAME, institut);
+ template = template.replace(PATTERN_FAMILYNAME, "");
+
+ } else {
+ template = template.replace(PATTERN_GIVENNAME, givenname);
+ template = template.replace(PATTERN_FAMILYNAME, familyname);
+ }
+
+ template = template.replace(PATTERN_OANAME, oaname);
+
+ final SimpleDateFormat dateformat = new SimpleDateFormat("dd.MM.yyyy");
+ template = template.replace(PATTERN_DATE, dateformat.format(new Date()));
+
+ String verificationURL = config.getPublicUrlPreFix(null);
+ if (!verificationURL.endsWith("/")) {
+ verificationURL = verificationURL + "/";
+ }
+
+ template = template.replace(PATTERN_URL, verificationURL);
+
+ sendMail(config, config.getMailOAActivationSubject(),
+ mailurl, template);
+ }
+
+ public static void sendUserAccountRevocationMail(UserDatabase userdb) throws ConfigurationException {
+ final ConfigurationProvider config = ConfigurationProvider.getInstance();
+ final String templateurl = config.getMailUserAcountRevocationTemplate();
+
+ String template = readTemplateFromURL(templateurl, config.getConfigRootDir());
+
+ if (userdb.isIsMandateUser() != null && userdb.isIsMandateUser()) {
+ template = template.replace(PATTERN_GIVENNAME, userdb.getInstitut());
+ template = template.replace(PATTERN_FAMILYNAME, "");
+
+ } else {
+ template = template.replace(PATTERN_GIVENNAME, userdb.getGivenname());
+ template = template.replace(PATTERN_FAMILYNAME, userdb.getFamilyname());
+ }
+
+ final SimpleDateFormat dateformat = new SimpleDateFormat("dd.MM.yyyy");
+ template = template.replace(PATTERN_DATE, dateformat.format(new Date()));
+
+ sendMail(config, config.getMailUserAcountActivationSubject(),
+ userdb.getMail(), template);
+ }
+
+ private static String readTemplateFromURL(String templateurl, String rootDir)
+ throws ConfigurationException {
+ InputStream input;
+ try {
+
+ final URL keystoreURL = new URL(FileUtils.makeAbsoluteURL(templateurl, rootDir));
+ input = keystoreURL.openStream();
+ final StringWriter writer = new StringWriter();
+ IOUtils.copy(input, writer);
+ input.close();
+ return writer.toString();
+
+ } catch (final Exception e) {
+ log.warn("Mailtemplate can not be read from source" + templateurl);
+ throw new ConfigurationException("Mailtemplate can not be read from source" + templateurl);
+
+ }
+ }
+
+ private static void sendMail(ConfigurationProvider config, String subject, String recipient, String content)
+ throws ConfigurationException {
+ try {
+ log.debug("Sending mail.");
+ MiscUtil.assertNotNull(subject, "subject");
+ MiscUtil.assertNotNull(recipient, "recipient");
+ MiscUtil.assertNotNull(content, "content");
+
+ final Properties props = new Properties();
+ props.setProperty("mail.transport.protocol", "smtp");
+ props.setProperty("mail.host", config.getSMTPMailHost());
+ log.trace("Mail host: " + config.getSMTPMailHost());
+ if (config.getSMTPMailPort() != null) {
+ log.trace("Mail port: " + config.getSMTPMailPort());
+ props.setProperty("mail.port", config.getSMTPMailPort());
+ }
+ if (config.getSMTPMailUsername() != null) {
+ log.trace("Mail user: " + config.getSMTPMailUsername());
+ props.setProperty("mail.user", config.getSMTPMailUsername());
+ }
+ if (config.getSMTPMailPassword() != null) {
+ log.trace("Mail password: " + config.getSMTPMailPassword());
+ props.setProperty("mail.password", config.getSMTPMailPassword());
+ }
+
+ final Session mailSession = Session.getDefaultInstance(props, null);
+ final Transport transport = mailSession.getTransport();
+
+ final MimeMessage message = new MimeMessage(mailSession);
+ message.setSubject(subject);
+ log.trace("Mail from: " + config.getMailFromName() + "/" + config.getMailFromAddress());
+ message.setFrom(new InternetAddress(config.getMailFromAddress(), config.getMailFromName()));
+ log.trace("Recipient: " + recipient);
+ message.addRecipient(Message.RecipientType.TO, new InternetAddress(recipient));
+
+ log.trace("Creating multipart content of mail.");
+ final MimeMultipart multipart = new MimeMultipart("related");
+
+ log.trace("Adding first part (html)");
+ final BodyPart messageBodyPart = new MimeBodyPart();
+ messageBodyPart.setContent(content, "text/html; charset=ISO-8859-15");
+ multipart.addBodyPart(messageBodyPart);
+
// log.trace("Adding mail images");
// messageBodyPart = new MimeBodyPart();
// for (Image image : images) {
@@ -257,20 +262,20 @@ public class MailHelper {
// messageBodyPart.setHeader("Content-ID", "<" + image.getContentId() + ">");
// multipart.addBodyPart(messageBodyPart);
// }
-
- message.setContent(multipart);
- transport.connect();
- log.trace("Sending mail message.");
- transport.sendMessage(message, message.getRecipients(Message.RecipientType.TO));
- log.trace("Successfully sent.");
- transport.close();
-
- } catch(MessagingException e) {
- throw new ConfigurationException(e);
-
- } catch (UnsupportedEncodingException e) {
- throw new ConfigurationException(e);
-
- }
- }
+
+ message.setContent(multipart);
+ transport.connect();
+ log.trace("Sending mail message.");
+ transport.sendMessage(message, message.getRecipients(Message.RecipientType.TO));
+ log.trace("Successfully sent.");
+ transport.close();
+
+ } catch (final MessagingException e) {
+ throw new ConfigurationException(e);
+
+ } catch (final UnsupportedEncodingException e) {
+ throw new ConfigurationException(e);
+
+ }
+ }
}
diff --git a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/helper/StringHelper.java b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/helper/StringHelper.java
index 53afa59a0..be4cab9d7 100644
--- a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/helper/StringHelper.java
+++ b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/helper/StringHelper.java
@@ -26,37 +26,35 @@ import java.io.UnsupportedEncodingException;
public class StringHelper {
- public static String formatText(String strGivenText)
- {
- StringBuffer sbFormattedText = new StringBuffer(strGivenText);
-
- for(int i=0; i<sbFormattedText.length(); i++)
- {
- if(sbFormattedText.charAt(i) == '\n') {
- sbFormattedText.deleteCharAt(i);
- i--;
- }
-
- if(sbFormattedText.charAt(i) == '\r') {
- sbFormattedText.deleteCharAt(i);
- i--;
- }
-
- if(sbFormattedText.charAt(i) == '\t') {
- sbFormattedText.deleteCharAt(i);
- i--;
- }
- }
- return sbFormattedText.toString();
+ public static String formatText(String strGivenText) {
+ final StringBuffer sbFormattedText = new StringBuffer(strGivenText);
+
+ for (int i = 0; i < sbFormattedText.length(); i++) {
+ if (sbFormattedText.charAt(i) == '\n') {
+ sbFormattedText.deleteCharAt(i);
+ i--;
+ }
+
+ if (sbFormattedText.charAt(i) == '\r') {
+ sbFormattedText.deleteCharAt(i);
+ i--;
+ }
+
+ if (sbFormattedText.charAt(i) == '\t') {
+ sbFormattedText.deleteCharAt(i);
+ i--;
+ }
+ }
+ return sbFormattedText.toString();
+ }
+
+ public static String getUTF8String(String input) {
+ try {
+ return new String(input.getBytes(), "UTF-8");
+
+ } catch (final UnsupportedEncodingException e) {
+ e.printStackTrace();
+ return input;
}
-
- public static String getUTF8String(String input) {
- try {
- return new String(input.getBytes(), "UTF-8");
-
- } catch (UnsupportedEncodingException e) {
- e.printStackTrace();
- return input;
- }
- }
+ }
}
diff --git a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/struts/action/BasicAction.java b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/struts/action/BasicAction.java
index 9bbbe3df0..a34a516df 100644
--- a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/struts/action/BasicAction.java
+++ b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/struts/action/BasicAction.java
@@ -26,7 +26,6 @@ import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import javax.servlet.http.HttpSession;
-import org.apache.log4j.Logger;
import org.apache.struts2.interceptor.ServletRequestAware;
import org.apache.struts2.interceptor.ServletResponseAware;
@@ -38,100 +37,106 @@ import at.gv.egovernment.moa.id.configuration.auth.AuthenticatedUser;
import at.gv.egovernment.moa.id.configuration.config.ConfigurationProvider;
import at.gv.egovernment.moa.id.configuration.exception.BasicActionException;
import at.gv.egovernment.moa.id.configuration.helper.LanguageHelper;
+import lombok.extern.slf4j.Slf4j;
/**
* @author tlenz
*
*/
+@Slf4j
public class BasicAction extends ActionSupport implements ServletRequestAware,
- ServletResponseAware {
-
- private static final long serialVersionUID = 7478261301859056771L;
- private static Logger log = Logger.getLogger(BasicAction.class);
-
- protected HttpServletRequest request;
- protected HttpServletResponse response;
- protected ConfigurationProvider configuration = null;
- protected AuthenticatedUser authUser = null;
- protected HttpSession session = null;
- protected String formID;
-
- protected static boolean isMoaidMode = false;
-
- public BasicAction() {
- try {
- isMoaidMode = ConfigurationProvider.getInstance().isMOAIDMode();
- } catch (ConfigurationException e) {
- log.warn("Can NOT load configuration. Set 'moaidmode' to 'false'", e);
- }
- }
-
-
- protected void populateBasicInformations() throws BasicActionException {
- try {
- configuration = ConfigurationProvider.getInstance();
-
- session = request.getSession();
- Object authUserObj = session.getAttribute(Constants.SESSION_AUTH);
- if (authUserObj instanceof AuthenticatedUser)
- authUser = (AuthenticatedUser) authUserObj;
-
- } catch (ConfigurationException e) {
- log.warn("An internal error occurs.", e);
- addActionError(LanguageHelper.getErrorString("error.login.internal", request));
- throw new BasicActionException(LanguageHelper.getErrorString("error.login.internal", request), e);
-
- }
- }
-
- public String getConfigToolVersion() {
- return configuration.getConfigToolVersion();
- }
-
- /**
- * @return the authUser
- */
- public AuthenticatedUser getAuthUser() {
- return authUser;
- }
-
- /* (non-Javadoc)
- * @see org.apache.struts2.interceptor.ServletResponseAware#setServletResponse(javax.servlet.http.HttpServletResponse)
- */
- @Override
- public void setServletResponse(HttpServletResponse arg0) {
- this.response = arg0;
-
- }
-
- /* (non-Javadoc)
- * @see org.apache.struts2.interceptor.ServletRequestAware#setServletRequest(javax.servlet.http.HttpServletRequest)
- */
- @Override
- public void setServletRequest(HttpServletRequest arg0) {
- this.request = arg0;
-
- }
-
- /**
- * @return the formID
- */
- public String getFormID() {
- return formID;
+ ServletResponseAware {
+
+ private static final long serialVersionUID = 7478261301859056771L;
+
+ protected HttpServletRequest request;
+ protected HttpServletResponse response;
+ protected ConfigurationProvider configuration = null;
+ protected AuthenticatedUser authUser = null;
+ protected HttpSession session = null;
+ protected String formID;
+
+ protected static boolean isMoaidMode = false;
+
+ public BasicAction() {
+ try {
+ isMoaidMode = ConfigurationProvider.getInstance().isMOAIDMode();
+ } catch (final ConfigurationException e) {
+ log.warn("Can NOT load configuration. Set 'moaidmode' to 'false'", e);
}
+ }
+
+ protected void populateBasicInformations() throws BasicActionException {
+ try {
+ configuration = ConfigurationProvider.getInstance();
+
+ session = request.getSession();
+ final Object authUserObj = session.getAttribute(Constants.SESSION_AUTH);
+ if (authUserObj instanceof AuthenticatedUser) {
+ authUser = (AuthenticatedUser) authUserObj;
+ }
+
+ } catch (final ConfigurationException e) {
+ log.warn("An internal error occurs.", e);
+ addActionError(LanguageHelper.getErrorString("error.login.internal", request));
+ throw new BasicActionException(LanguageHelper.getErrorString("error.login.internal", request), e);
- /**
- * @param formID the formID to set
- */
- public void setFormID(String formID) {
- this.formID = formID;
}
+ }
+
+ public String getConfigToolVersion() {
+ return configuration.getConfigToolVersion();
+ }
+
+ /**
+ * @return the authUser
+ */
+ public AuthenticatedUser getAuthUser() {
+ return authUser;
+ }
+
+ /*
+ * (non-Javadoc)
+ *
+ * @see
+ * org.apache.struts2.interceptor.ServletResponseAware#setServletResponse(javax.
+ * servlet.http.HttpServletResponse)
+ */
+ @Override
+ public void setServletResponse(HttpServletResponse arg0) {
+ this.response = arg0;
+
+ }
+
+ /*
+ * (non-Javadoc)
+ *
+ * @see
+ * org.apache.struts2.interceptor.ServletRequestAware#setServletRequest(javax.
+ * servlet.http.HttpServletRequest)
+ */
+ @Override
+ public void setServletRequest(HttpServletRequest arg0) {
+ this.request = arg0;
+
+ }
+
+ /**
+ * @return the formID
+ */
+ public String getFormID() {
+ return formID;
+ }
+ /**
+ * @param formID the formID to set
+ */
+ public void setFormID(String formID) {
+ this.formID = formID;
+ }
- public static boolean isMoaidMode() {
- return isMoaidMode;
- }
-
-
+ public static boolean isMoaidMode() {
+ return isMoaidMode;
+ }
}
diff --git a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/struts/action/BasicOAAction.java b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/struts/action/BasicOAAction.java
index 20db561d6..ce975bd91 100644
--- a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/struts/action/BasicOAAction.java
+++ b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/struts/action/BasicOAAction.java
@@ -39,15 +39,14 @@ import java.util.List;
import java.util.Map;
import java.util.Map.Entry;
-import org.apache.log4j.Logger;
import org.apache.velocity.VelocityContext;
import org.apache.velocity.app.VelocityEngine;
import at.gv.egiz.components.configuration.meta.api.ConfigurationStorageException;
+import at.gv.egiz.eaaf.core.impl.gui.AbstractGUIFormBuilderConfiguration;
import at.gv.egiz.eaaf.core.impl.gui.velocity.VelocityProvider;
import at.gv.egiz.eaaf.core.impl.utils.KeyValueUtils;
import at.gv.egiz.eaaf.core.impl.utils.Random;
-import at.gv.egovernment.moa.id.auth.frontend.builder.AbstractServiceProviderSpecificGUIFormBuilderConfiguration;
import at.gv.egovernment.moa.id.auth.frontend.utils.FormBuildUtils;
import at.gv.egovernment.moa.id.commons.config.ConfigurationMigrationUtils;
import at.gv.egovernment.moa.id.commons.config.MOAIDConfigurationConstants;
@@ -69,152 +68,156 @@ import at.gv.egovernment.moa.id.configuration.helper.LanguageHelper;
import at.gv.egovernment.moa.id.configuration.helper.MailHelper;
import at.gv.egovernment.moa.util.MiscUtil;
import iaik.utils.URLDecoder;
+import lombok.extern.slf4j.Slf4j;
/**
* @author tlenz
*
*/
+@Slf4j
public class BasicOAAction extends BasicAction {
- private static final long serialVersionUID = 5676123696807646246L;
- private final Logger log = Logger.getLogger(BasicOAAction.class);
-
- protected LinkedHashMap<String, IOnlineApplicationData> formList;
- protected long oaid = -1;
-
- private String oaidobj;
- private boolean newOA;
- private boolean isMetaDataRefreshRequired = false;
-
- private InputStream stream = null;
-
-
-
- /**
- *
- */
- public BasicOAAction() {
- super();
-
- formList = new LinkedHashMap<String, IOnlineApplicationData>();
-
- OAGeneralConfig generalOA = new OAGeneralConfig();
- formList.put(generalOA.getName(), generalOA);
-
- }
-
- protected OnlineApplication populateOnlineApplicationFromRequest() throws BasicOAActionException{
- if (!ValidationHelper.validateOAID(oaidobj)) {
- throw new BasicOAActionException(
- LanguageHelper.getErrorString("errors.edit.oa.oaid", request),
- Constants.STRUTS_ERROR);
-
+ private static final long serialVersionUID = 5676123696807646246L;
+
+ protected LinkedHashMap<String, IOnlineApplicationData> formList;
+ protected long oaid = -1;
+
+ private String oaidobj;
+ private boolean newOA;
+ private boolean isMetaDataRefreshRequired = false;
+
+ private InputStream stream = null;
+
+ /**
+ *
+ */
+ public BasicOAAction() {
+ super();
+
+ formList = new LinkedHashMap<>();
+
+ final OAGeneralConfig generalOA = new OAGeneralConfig();
+ formList.put(generalOA.getName(), generalOA);
+
+ }
+
+ protected OnlineApplication populateOnlineApplicationFromRequest() throws BasicOAActionException {
+ if (!ValidationHelper.validateOAID(oaidobj)) {
+ throw new BasicOAActionException(
+ LanguageHelper.getErrorString("errors.edit.oa.oaid", request),
+ Constants.STRUTS_ERROR);
+
+ }
+ oaid = Long.valueOf(oaidobj);
+
+ UserDatabase userdb = null;
+ OnlineApplication onlineapplication = null;
+
+ if (authUser.isAdmin()) {
+ onlineapplication = configuration.getDbRead().getOnlineApplication(oaid);
+ } else {
+ userdb = configuration.getUserManagement().getUserWithID(authUser.getUserID());
+
+ if (!authUser.isAdmin() && userdb.isIsMailAddressVerified() != null && !userdb
+ .isIsMailAddressVerified()) {
+ log.info("Online-Applikation managemant disabled. Mail address is not verified.");
+ throw new BasicOAActionException(
+ LanguageHelper.getErrorString("error.editoa.mailverification", request),
+ Constants.STRUTS_SUCCESS);
+
+ }
+
+ // TODO: change to direct Database operation
+ final List<String> oas = userdb.getOnlineApplication();
+ for (final String oa : oas) {
+ if (oa.equals(oaid)) {
+ onlineapplication = configuration.getDbRead().getOnlineApplication(oaid);
+ break;
}
- oaid = Long.valueOf(oaidobj);
+ }
+ if (onlineapplication == null) {
+ throw new BasicOAActionException(
+ LanguageHelper.getErrorString("errors.edit.oa.oaid", request),
+ Constants.STRUTS_ERROR);
+ }
+ }
- UserDatabase userdb = null;
- OnlineApplication onlineapplication = null;
+ return onlineapplication;
- if (authUser.isAdmin())
- onlineapplication = configuration.getDbRead().getOnlineApplication(oaid);
+ }
- else {
- userdb = configuration.getUserManagement().getUserWithID(authUser.getUserID());
+ protected void populateBasicNewOnlineApplicationInformation() {
+ session.setAttribute(Constants.SESSION_OAID, null);
- if (!authUser.isAdmin() && userdb.isIsMailAddressVerified() != null && !userdb.isIsMailAddressVerified()) {
- log.info("Online-Applikation managemant disabled. Mail address is not verified.");
- throw new BasicOAActionException(
- LanguageHelper.getErrorString("error.editoa.mailverification", request),
- Constants.STRUTS_SUCCESS);
+ setNewOA(true);
- }
+ formID = Random.nextRandom();
+ session.setAttribute(Constants.SESSION_FORMID, formID);
+ session.setAttribute(Constants.SESSION_BKUFORMPREVIEW, null);
+ }
- // TODO: change to direct Database operation
- List<String> oas = userdb.getOnlineApplication();
- for (String oa : oas) {
- if (oa.equals(oaid)) {
- onlineapplication = configuration.getDbRead().getOnlineApplication(oaid);
- break;
- }
- }
- if (onlineapplication == null) {
- throw new BasicOAActionException(
- LanguageHelper.getErrorString("errors.edit.oa.oaid", request),
- Constants.STRUTS_ERROR);
- }
+ protected OnlineApplication postProcessSaveOnlineApplication(OnlineApplication onlineapplication,
+ boolean persistOA) throws BasicOAActionException {
+ if (onlineapplication == null) {
+ onlineapplication = new OnlineApplication();
+ onlineapplication.setIsNew(true);
+ onlineapplication.setIsActive(false);
+
+ if (!authUser.isAdmin()) {
+ onlineapplication.setIsAdminRequired(true);
+
+ } else {
+ isMetaDataRefreshRequired = true;
+ }
+
+ } else {
+ onlineapplication.setIsNew(false);
+ if (!authUser.isAdmin() && !onlineapplication.getPublicURLPrefix().equals(getGeneralOA()
+ .getIdentifier())) {
+
+ onlineapplication.setIsAdminRequired(true);
+ onlineapplication.setIsActive(false);
+ log.info("User with ID " + authUser.getUserID()
+ + " change OA-PublicURLPrefix. Reaktivation is required.");
+ }
+
+ }
+
+ if (onlineapplication.isIsAdminRequired() == null
+ || authUser.isAdmin() && getGeneralOA().isActive() && onlineapplication.isIsAdminRequired()) {
+
+ onlineapplication.setIsAdminRequired(false);
+ isMetaDataRefreshRequired = true;
+
+ UserDatabase userdb = null;
+ if (onlineapplication.getHjid() != null) {
+ userdb = configuration.getUserManagement().getUsersWithOADBID(onlineapplication.getHjid());
+ }
+
+ if (userdb != null && !userdb.isIsAdmin()) {
+ try {
+ MailHelper.sendUserOnlineApplicationActivationMail(userdb.getGivenname(), userdb.getFamilyname(),
+ userdb.getInstitut(), onlineapplication.getPublicURLPrefix(), userdb.getMail());
+ } catch (final ConfigurationException e) {
+ log.warn("Sending Mail to User " + userdb.getMail() + " failed", e);
}
-
- return onlineapplication;
-
- }
-
- protected void populateBasicNewOnlineApplicationInformation() {
- session.setAttribute(Constants.SESSION_OAID, null);
-
- setNewOA(true);
-
- formID = Random.nextRandom();
- session.setAttribute(Constants.SESSION_FORMID, formID);
- session.setAttribute(Constants.SESSION_BKUFORMPREVIEW, null);
+ }
+ }
+
+ // save OA configuration
+ final String error = saveOAConfigToDatabase(onlineapplication, persistOA);
+ if (MiscUtil.isNotEmpty(error)) {
+ log.warn("OA configuration can not be stored!");
+ addActionError(error);
+
+ formID = Random.nextRandom();
+ session.setAttribute(Constants.SESSION_FORMID, formID);
+
+ throw new BasicOAActionException(error, Constants.STRUTS_ERROR_VALIDATION);
}
-
- protected OnlineApplication postProcessSaveOnlineApplication(OnlineApplication onlineapplication, boolean persistOA) throws BasicOAActionException {
- if (onlineapplication == null) {
- onlineapplication = new OnlineApplication();
- onlineapplication.setIsNew(true);
- onlineapplication.setIsActive(false);
-
- if (!authUser.isAdmin()) {
- onlineapplication.setIsAdminRequired(true);
-
- } else
- isMetaDataRefreshRequired = true;
-
- } else {
- onlineapplication.setIsNew(false);
- if (!authUser.isAdmin() && !onlineapplication.getPublicURLPrefix().equals(getGeneralOA().getIdentifier())) {
-
- onlineapplication.setIsAdminRequired(true);
- onlineapplication.setIsActive(false);
- log.info("User with ID " + authUser.getUserID() + " change OA-PublicURLPrefix. Reaktivation is required.");
- }
-
- }
-
- if ((onlineapplication.isIsAdminRequired() == null)
- || (authUser.isAdmin() && getGeneralOA().isActive() && onlineapplication.isIsAdminRequired())) {
-
- onlineapplication.setIsAdminRequired(false);
- isMetaDataRefreshRequired = true;
-
- UserDatabase userdb = null;
- if (onlineapplication.getHjid() != null)
- userdb = configuration.getUserManagement().getUsersWithOADBID(onlineapplication.getHjid());
-
- if (userdb != null && !userdb.isIsAdmin()) {
- try {
- MailHelper.sendUserOnlineApplicationActivationMail(userdb.getGivenname(), userdb.getFamilyname(),
- userdb.getInstitut(), onlineapplication.getPublicURLPrefix(), userdb.getMail());
- } catch (ConfigurationException e) {
- log.warn("Sending Mail to User " + userdb.getMail() + " failed", e);
- }
- }
- }
-
- //save OA configuration
- String error = saveOAConfigToDatabase(onlineapplication, persistOA);
- if (MiscUtil.isNotEmpty(error)) {
- log.warn("OA configuration can not be stored!");
- addActionError(error);
-
- formID = Random.nextRandom();
- session.setAttribute(Constants.SESSION_FORMID, formID);
-
- throw new BasicOAActionException(error, Constants.STRUTS_ERROR_VALIDATION);
- }
// //set metadata reload flag if reload is required
-//
+//
// if (getPvp2OA() != null && getPvp2OA().getMetaDataURL() != null) {
//
// try {
@@ -234,290 +237,302 @@ public class BasicOAAction extends BasicAction {
// }
//
// }
-
- return onlineapplication;
- }
-
- protected OnlineApplication preProcessSaveOnlineApplication() throws BasicOAActionException {
- try {
- Object formidobj = session.getAttribute(Constants.SESSION_FORMID);
- if (formidobj != null && formidobj instanceof String) {
- String formid = (String) formidobj;
- if (!formid.equals(formID)) {
- throw new BasicOAActionException(
- "FormIDs does not match. Some suspect Form is received from user " + authUser.getFamilyName()
- + authUser.getGivenName() + authUser.getUserID(),
- Constants.STRUTS_ERROR);
- }
- } else {
- throw new BasicOAActionException(
- "FormIDs does not match. Some suspect Form is received from user " + authUser.getFamilyName()
- + authUser.getGivenName() + authUser.getUserID(),
- Constants.STRUTS_ERROR);
-
- }
- session.setAttribute(Constants.SESSION_FORMID, null);
-
- UserDatabase userdb = configuration.getUserManagement().getUserWithID(authUser.getUserID());
- if (!authUser.isAdmin() && userdb.isIsMailAddressVerified() != null && !userdb.isIsMailAddressVerified()) {
- log.info("Online-Applikation managemant disabled. Mail address is not verified.");
- throw new BasicOAActionException(
- LanguageHelper.getErrorString("error.editoa.mailverification", request),
- Constants.STRUTS_SUCCESS);
- }
-
- OnlineApplication onlineapplication = null;
-
- Long oaid = getOAIDFromSession();
-
- // valid DBID and check entry
- OAGeneralConfig oaGeneralForm = ((OAGeneralConfig)formList.get(new OAGeneralConfig().getName()));
- String oaidentifier = oaGeneralForm.getIdentifier();
- if (MiscUtil.isEmpty(oaidentifier)) {
- log.info("Empty OA identifier");
- throw new BasicOAActionException(
- LanguageHelper.getErrorString("validation.general.oaidentifier.empty", request),
- Constants.STRUTS_ERROR_VALIDATION);
-
- } else {
-
- if (!ValidationHelper.validateURL(oaidentifier)) {
- log.warn("OnlineapplikationIdentifier is not a valid URL: " + oaidentifier);
- throw new BasicOAActionException(
- LanguageHelper.getErrorString("validation.general.oaidentifier.valid",
- new Object[]{ValidationHelper.getNotValidOAIdentifierCharacters()}, request),
- Constants.STRUTS_ERROR_VALIDATION);
-
- } else {
-
- if (oaid == -1) {
- List<OnlineApplication> oaList = configuration.getDbRead().getAllOnlineApplications();
-
- if (oaList != null) {
- for (OnlineApplication el : oaList) {
- if (el.getPublicURLPrefix().startsWith(oaidentifier) )
- onlineapplication = el;
-
- }
- }
-
- if (onlineapplication == null) {
- onlineapplication = configuration.getDbRead().getOnlineApplication(oaidentifier);
-
- }
-
- if (onlineapplication != null) {
- log.info("The OAIdentifier is not unique");
- throw new BasicOAActionException(
- LanguageHelper.getErrorString(
- "validation.general.oaidentifier.notunique",
- new Object[]{onlineapplication.getPublicURLPrefix()},
- request),
- Constants.STRUTS_ERROR_VALIDATION);
-
- } else
- setNewOA(true);
-
- } else {
- onlineapplication = configuration.getDbRead().getOnlineApplication(oaid);
- if (!oaidentifier.equals(onlineapplication.getPublicURLPrefix())) {
-
- OnlineApplication dbOA = null;
- List<OnlineApplication> oaList = configuration.getDbRead().getAllOnlineApplications();
- for (OnlineApplication el : oaList) {
- if (el.getPublicURLPrefix().startsWith(oaidentifier) )
- dbOA = el;
-
- }
- if (dbOA == null)
- dbOA = configuration.getDbRead().getOnlineApplication(oaidentifier);
-
- if ( (dbOA != null && !dbOA.getHjid().equals(oaid))) {
- log.info("The OAIdentifier is not unique");
- throw new BasicOAActionException(
- LanguageHelper.getErrorString(
- "validation.general.oaidentifier.notunique",
- new Object[]{dbOA.getPublicURLPrefix()},
- request),
- Constants.STRUTS_ERROR_VALIDATION);
-
- }
- }
- }
- }
- }
-
- return onlineapplication;
-
- } catch (BasicOAActionException e) {
- formID = Random.nextRandom();
- session.setAttribute(Constants.SESSION_FORMID, formID);
-
- throw e;
- }
-
- }
-
- protected Long getOAIDFromSession() throws BasicOAActionException {
- Object oadbid = request.getSession().getAttribute(Constants.SESSION_OAID);
- Long oaid = (long) -1;
-
- if (oadbid != null) {
- try {
- oaid = (Long) oadbid;
- if (oaid < 0 || oaid > Long.MAX_VALUE) {
- throw new BasicOAActionException(
- LanguageHelper.getErrorString("errors.edit.oa.oaid", request),
- Constants.STRUTS_ERROR);
+
+ return onlineapplication;
+ }
+
+ protected OnlineApplication preProcessSaveOnlineApplication() throws BasicOAActionException {
+ try {
+ final Object formidobj = session.getAttribute(Constants.SESSION_FORMID);
+ if (formidobj != null && formidobj instanceof String) {
+ final String formid = (String) formidobj;
+ if (!formid.equals(formID)) {
+ throw new BasicOAActionException(
+ "FormIDs does not match. Some suspect Form is received from user " + authUser.getFamilyName()
+ + authUser.getGivenName() + authUser.getUserID(),
+ Constants.STRUTS_ERROR);
+ }
+ } else {
+ throw new BasicOAActionException(
+ "FormIDs does not match. Some suspect Form is received from user " + authUser.getFamilyName()
+ + authUser.getGivenName() + authUser.getUserID(),
+ Constants.STRUTS_ERROR);
+
+ }
+ session.setAttribute(Constants.SESSION_FORMID, null);
+
+ final UserDatabase userdb = configuration.getUserManagement().getUserWithID(authUser.getUserID());
+ if (!authUser.isAdmin() && userdb.isIsMailAddressVerified() != null && !userdb
+ .isIsMailAddressVerified()) {
+ log.info("Online-Applikation managemant disabled. Mail address is not verified.");
+ throw new BasicOAActionException(
+ LanguageHelper.getErrorString("error.editoa.mailverification", request),
+ Constants.STRUTS_SUCCESS);
+ }
+
+ OnlineApplication onlineapplication = null;
+
+ final Long oaid = getOAIDFromSession();
+
+ // valid DBID and check entry
+ final OAGeneralConfig oaGeneralForm = (OAGeneralConfig) formList.get(new OAGeneralConfig().getName());
+ final String oaidentifier = oaGeneralForm.getIdentifier();
+ if (MiscUtil.isEmpty(oaidentifier)) {
+ log.info("Empty OA identifier");
+ throw new BasicOAActionException(
+ LanguageHelper.getErrorString("validation.general.oaidentifier.empty", request),
+ Constants.STRUTS_ERROR_VALIDATION);
+
+ } else {
+
+ if (!ValidationHelper.validateURL(oaidentifier)) {
+ log.warn("OnlineapplikationIdentifier is not a valid URL: " + oaidentifier);
+ throw new BasicOAActionException(
+ LanguageHelper.getErrorString("validation.general.oaidentifier.valid",
+ new Object[] { ValidationHelper.getNotValidOAIdentifierCharacters() }, request),
+ Constants.STRUTS_ERROR_VALIDATION);
+
+ } else {
+
+ if (oaid == -1) {
+ final List<OnlineApplication> oaList = configuration.getDbRead().getAllOnlineApplications();
+
+ if (oaList != null) {
+ for (final OnlineApplication el : oaList) {
+ if (el.getPublicURLPrefix().startsWith(oaidentifier)) {
+ onlineapplication = el;
}
- } catch (Throwable t) {
- throw new BasicOAActionException(
- LanguageHelper.getErrorString("errors.edit.oa.oaid", request),
- Constants.STRUTS_ERROR);
+ }
+ }
+
+ if (onlineapplication == null) {
+ onlineapplication = configuration.getDbRead().getOnlineApplication(oaidentifier);
+
}
+
+ if (onlineapplication != null) {
+ log.info("The OAIdentifier is not unique");
+ throw new BasicOAActionException(
+ LanguageHelper.getErrorString(
+ "validation.general.oaidentifier.notunique",
+ new Object[] { onlineapplication.getPublicURLPrefix() },
+ request),
+ Constants.STRUTS_ERROR_VALIDATION);
+
+ } else {
+ setNewOA(true);
+ }
+
+ } else {
+ onlineapplication = configuration.getDbRead().getOnlineApplication(oaid);
+ if (!oaidentifier.equals(onlineapplication.getPublicURLPrefix())) {
+
+ OnlineApplication dbOA = null;
+ final List<OnlineApplication> oaList = configuration.getDbRead().getAllOnlineApplications();
+ for (final OnlineApplication el : oaList) {
+ if (el.getPublicURLPrefix().startsWith(oaidentifier)) {
+ dbOA = el;
+ }
+
+ }
+ if (dbOA == null) {
+ dbOA = configuration.getDbRead().getOnlineApplication(oaidentifier);
+ }
+
+ if (dbOA != null && !dbOA.getHjid().equals(oaid)) {
+ log.info("The OAIdentifier is not unique");
+ throw new BasicOAActionException(
+ LanguageHelper.getErrorString(
+ "validation.general.oaidentifier.notunique",
+ new Object[] { dbOA.getPublicURLPrefix() },
+ request),
+ Constants.STRUTS_ERROR_VALIDATION);
+
+ }
+ }
+ }
}
-
- return oaid;
+ }
+
+ return onlineapplication;
+
+ } catch (final BasicOAActionException e) {
+ formID = Random.nextRandom();
+ session.setAttribute(Constants.SESSION_FORMID, formID);
+
+ throw e;
}
-
- protected String preProcessDeleteOnlineApplication() throws BasicOAActionException {
- try {
- Object formidobj = session.getAttribute(Constants.SESSION_FORMID);
- if (formidobj != null && formidobj instanceof String) {
- String formid = (String) formidobj;
- if (!formid.equals(formID)) {
- log.warn("FormIDs does not match. Some suspect Form is received from user " + authUser.getFamilyName()
- + authUser.getGivenName() + authUser.getUserID());
- throw new BasicOAActionException(
- "FormIDs does not match. Some suspect Form is received from user " + authUser.getFamilyName()
- + authUser.getGivenName() + authUser.getUserID(),
- Constants.STRUTS_ERROR);
-
- }
- } else {
- log.warn("FormIDs does not match. Some suspect Form is received from user " + authUser.getFamilyName()
- + authUser.getGivenName() + authUser.getUserID());
- throw new BasicOAActionException(
- "FormIDs does not match. Some suspect Form is received from user " + authUser.getFamilyName()
- + authUser.getGivenName() + authUser.getUserID(),
- Constants.STRUTS_ERROR);
- }
- session.setAttribute(Constants.SESSION_FORMID, null);
-
- UserDatabase userdb = configuration.getUserManagement().getUserWithID(authUser.getUserID());
- if (!authUser.isAdmin() && userdb.isIsMailAddressVerified() != null && !userdb.isIsMailAddressVerified()) {
- log.info("Online-Applikation managemant disabled. Mail address is not verified.");
- throw new BasicOAActionException(
- LanguageHelper.getErrorString("error.editoa.mailverification", request),
- Constants.STRUTS_SUCCESS);
-
- }
-
- String oaidentifier = getGeneralOA().getIdentifier();
- if (MiscUtil.isEmpty(oaidentifier)) {
- log.info("Empty OA identifier");
- formID = Random.nextRandom();
- session.setAttribute(Constants.SESSION_FORMID, formID);
-
- throw new BasicOAActionException(
- LanguageHelper.getErrorString("validation.general.oaidentifier.empty", request),
- Constants.STRUTS_ERROR_VALIDATION);
-
- } else {
- if (ValidationHelper.isValidOAIdentifier(oaidentifier)) {
- log.warn("IdentificationNumber contains potentail XSS characters: " + oaidentifier);
- formID = Random.nextRandom();
- session.setAttribute(Constants.SESSION_FORMID, formID);
-
- throw new BasicOAActionException(
- LanguageHelper.getErrorString("validation.general.oaidentifier.valid",
- new Object[]{ValidationHelper.getNotValidOAIdentifierCharacters()}, request),
- Constants.STRUTS_ERROR_VALIDATION);
- }
- }
-
- return oaidentifier;
-
- } catch (BasicOAActionException e) {
- formID = Random.nextRandom();
- session.setAttribute(Constants.SESSION_FORMID, formID);
-
- throw e;
- }
+
+ }
+
+ protected Long getOAIDFromSession() throws BasicOAActionException {
+ final Object oadbid = request.getSession().getAttribute(Constants.SESSION_OAID);
+ Long oaid = (long) -1;
+
+ if (oadbid != null) {
+ try {
+ oaid = (Long) oadbid;
+ if (oaid < 0 || oaid > Long.MAX_VALUE) {
+ throw new BasicOAActionException(
+ LanguageHelper.getErrorString("errors.edit.oa.oaid", request),
+ Constants.STRUTS_ERROR);
+ }
+
+ } catch (final Throwable t) {
+ throw new BasicOAActionException(
+ LanguageHelper.getErrorString("errors.edit.oa.oaid", request),
+ Constants.STRUTS_ERROR);
+ }
}
-
- private String saveOAConfigToDatabase(OnlineApplication dboa, boolean persistOA) {
-
- for (IOnlineApplicationData form : formList.values())
- form.store(dboa, authUser, request);
-
- try {
- if (dboa.isIsNew()) {
- if (!authUser.isAdmin()) {
- UserDatabase user = configuration.getUserManagement().getUserWithID(authUser.getUserID());
- List<String> useroas = user.getOnlineApplication();
- if (useroas == null) useroas = new ArrayList<String>();
+ return oaid;
+ }
+
+ protected String preProcessDeleteOnlineApplication() throws BasicOAActionException {
+ try {
+ final Object formidobj = session.getAttribute(Constants.SESSION_FORMID);
+ if (formidobj != null && formidobj instanceof String) {
+ final String formid = (String) formidobj;
+ if (!formid.equals(formID)) {
+ log.warn("FormIDs does not match. Some suspect Form is received from user " + authUser
+ .getFamilyName()
+ + authUser.getGivenName() + authUser.getUserID());
+ throw new BasicOAActionException(
+ "FormIDs does not match. Some suspect Form is received from user " + authUser.getFamilyName()
+ + authUser.getGivenName() + authUser.getUserID(),
+ Constants.STRUTS_ERROR);
- useroas.add(String.valueOf(dboa.getHjid()));
- configuration.getUserManagement().saveOrUpdate(user);
-
- } else {
- if (persistOA)
- save(dboa);
-
- }
-
- } else
- if (persistOA)
- save(dboa);
-
- } catch (MOADatabaseException e) {
- log.warn("Online-Application can not be stored.", e);
- return LanguageHelper.getErrorString("error.db.oa.store", request);
}
+ } else {
+ log.warn("FormIDs does not match. Some suspect Form is received from user " + authUser.getFamilyName()
+ + authUser.getGivenName() + authUser.getUserID());
+ throw new BasicOAActionException(
+ "FormIDs does not match. Some suspect Form is received from user " + authUser.getFamilyName()
+ + authUser.getGivenName() + authUser.getUserID(),
+ Constants.STRUTS_ERROR);
+ }
+ session.setAttribute(Constants.SESSION_FORMID, null);
+
+ final UserDatabase userdb = configuration.getUserManagement().getUserWithID(authUser.getUserID());
+ if (!authUser.isAdmin() && userdb.isIsMailAddressVerified() != null && !userdb
+ .isIsMailAddressVerified()) {
+ log.info("Online-Applikation managemant disabled. Mail address is not verified.");
+ throw new BasicOAActionException(
+ LanguageHelper.getErrorString("error.editoa.mailverification", request),
+ Constants.STRUTS_SUCCESS);
+
+ }
+
+ final String oaidentifier = getGeneralOA().getIdentifier();
+ if (MiscUtil.isEmpty(oaidentifier)) {
+ log.info("Empty OA identifier");
+ formID = Random.nextRandom();
+ session.setAttribute(Constants.SESSION_FORMID, formID);
+
+ throw new BasicOAActionException(
+ LanguageHelper.getErrorString("validation.general.oaidentifier.empty", request),
+ Constants.STRUTS_ERROR_VALIDATION);
- return null;
+ } else {
+ if (ValidationHelper.isValidOAIdentifier(oaidentifier)) {
+ log.warn("IdentificationNumber contains potentail XSS characters: " + oaidentifier);
+ formID = Random.nextRandom();
+ session.setAttribute(Constants.SESSION_FORMID, formID);
+
+ throw new BasicOAActionException(
+ LanguageHelper.getErrorString("validation.general.oaidentifier.valid",
+ new Object[] { ValidationHelper.getNotValidOAIdentifierCharacters() }, request),
+ Constants.STRUTS_ERROR_VALIDATION);
+ }
+ }
+
+ return oaidentifier;
+
+ } catch (final BasicOAActionException e) {
+ formID = Random.nextRandom();
+ session.setAttribute(Constants.SESSION_FORMID, formID);
+
+ throw e;
+ }
+ }
+
+ private String saveOAConfigToDatabase(OnlineApplication dboa, boolean persistOA) {
+
+ for (final IOnlineApplicationData form : formList.values()) {
+ form.store(dboa, authUser, request);
}
-
- protected void save(OnlineApplication oa) throws MOADatabaseException {
- try {
- STORK storkConfig = null;
- try {
- MOAIDConfiguration moaidConfig =
- ConfigurationProvider.getInstance().getDbRead().getMOAIDConfiguration();
-
- storkConfig = moaidConfig.getAuthComponentGeneral().getForeignIdentities().getSTORK();
-
- } catch (Exception e) {
-
- }
-
- log.debug("JaxB to Key/Value configuration transformation started ...");
- Map<String, String> keyValueConfig =
- ConfigurationMigrationUtils.convertHyberJaxBOnlineApplicationToKeyValue(oa, storkConfig);
-
- log.debug("JaxB to Key/Value configuration transformation finished. Start Key/Value storage process ...");
-
- String serviceIdentifier = keyValueConfig.get(MOAIDConfigurationConstants.PREFIX_SERVICES);
- if (MiscUtil.isEmpty(serviceIdentifier)) {
- log.info("Use default ServiceIdentifier.");
- serviceIdentifier = MOAIDConfigurationConstants.PREFIX_OA;
- }
-
- if (oa.getHjid() == null) {
- log.debug("No hjID -> find new Service ID ...");
- String hjID = configuration.getConfigModule().buildArrayIdentifier(
- MOAIDConfigurationConstants.PREFIX_MOAID_SERVICES + "." + serviceIdentifier, 0, keyValueConfig);
- log.debug("Find new hjID: " + hjID + " for service: " + oa.getPublicURLPrefix());
- oa.setHjid(Long.valueOf(hjID));
-
- } else {
- //TODO: work-around for old config tool and new key/value configuration
- //see: NewConfigurationDBRead.java Line 81
+
+ try {
+ if (dboa.isIsNew()) {
+ if (!authUser.isAdmin()) {
+ final UserDatabase user = configuration.getUserManagement().getUserWithID(authUser.getUserID());
+
+ List<String> useroas = user.getOnlineApplication();
+ if (useroas == null) {
+ useroas = new ArrayList<>();
+ }
+
+ useroas.add(String.valueOf(dboa.getHjid()));
+ configuration.getUserManagement().saveOrUpdate(user);
+
+ } else {
+ if (persistOA) {
+ save(dboa);
+ }
+
+ }
+
+ } else if (persistOA) {
+ save(dboa);
+ }
+
+ } catch (final MOADatabaseException e) {
+ log.warn("Online-Application can not be stored.", e);
+ return LanguageHelper.getErrorString("error.db.oa.store", request);
+ }
+
+ return null;
+ }
+
+ protected void save(OnlineApplication oa) throws MOADatabaseException {
+ try {
+ STORK storkConfig = null;
+ try {
+ final MOAIDConfiguration moaidConfig =
+ ConfigurationProvider.getInstance().getDbRead().getMOAIDConfiguration();
+
+ storkConfig = moaidConfig.getAuthComponentGeneral().getForeignIdentities().getSTORK();
+
+ } catch (final Exception e) {
+
+ }
+
+ log.debug("JaxB to Key/Value configuration transformation started ...");
+ final Map<String, String> keyValueConfig =
+ ConfigurationMigrationUtils.convertHyberJaxBOnlineApplicationToKeyValue(oa, storkConfig);
+
+ log.debug(
+ "JaxB to Key/Value configuration transformation finished. Start Key/Value storage process ...");
+
+ String serviceIdentifier = keyValueConfig.get(MOAIDConfigurationConstants.PREFIX_SERVICES);
+ if (MiscUtil.isEmpty(serviceIdentifier)) {
+ log.info("Use default ServiceIdentifier.");
+ serviceIdentifier = MOAIDConfigurationConstants.PREFIX_OA;
+ }
+
+ if (oa.getHjid() == null) {
+ log.debug("No hjID -> find new Service ID ...");
+ final String hjID = configuration.getConfigModule().buildArrayIdentifier(
+ MOAIDConfigurationConstants.PREFIX_MOAID_SERVICES + "." + serviceIdentifier, 0, keyValueConfig);
+ log.debug("Find new hjID: " + hjID + " for service: " + oa.getPublicURLPrefix());
+ oa.setHjid(Long.valueOf(hjID));
+
+ } else {
+ // TODO: work-around for old config tool and new key/value configuration
+ // see: NewConfigurationDBRead.java Line 81
// if (oa.getHjid() > 1000000) {
-// if (serviceIdentifier.equals(MOAIDConfigurationConstants.PREFIX_GATEWAY))
+// if (serviceIdentifier.equals(MOAIDConfigurationConstants.PREFIX_GATEWAY))
// oa.setHjid(oa.getHjid() - 1000000);
// else if (serviceIdentifier.equals(MOAIDConfigurationConstants.PREFIX_IIDP))
// oa.setHjid(oa.getHjid() - 2000000);
@@ -525,208 +540,210 @@ public class BasicOAAction extends BasicAction {
// oa.setHjid(oa.getHjid() - 3000000);
// else
// log.warn("Inconsistent state found! Service Identifier for OA found but Hjid is > 1000000.");
-//
+//
// }
-
- }
-
- Map<String, String> absolutKeyValue = KeyValueUtils.makeKeysAbsolut(
- keyValueConfig,
- MOAIDConfigurationConstants.PREFIX_MOAID_SERVICES + "." + serviceIdentifier + "." + String.valueOf(oa.getHjid()),
- MOAIDConfigurationConstants.PREFIX_MOAID_SERVICES);
-
- configuration.getConfigModule().storeChanges(absolutKeyValue, null, null);
-
- log.info("MOA-ID Service Key/Value configuration successfull stored.");
-
-
- } catch (ConfigurationStorageException | at.gv.egiz.components.configuration.api.ConfigurationException e) {
- log.warn("MOAID Configuration can not be stored in Database", e);
- throw new MOADatabaseException(e.getMessage(), e);
-
- }
-
+
+ }
+
+ final Map<String, String> absolutKeyValue = KeyValueUtils.makeKeysAbsolut(
+ keyValueConfig,
+ MOAIDConfigurationConstants.PREFIX_MOAID_SERVICES + "." + serviceIdentifier + "." + String.valueOf(
+ oa.getHjid()),
+ MOAIDConfigurationConstants.PREFIX_MOAID_SERVICES);
+
+ configuration.getConfigModule().storeChanges(absolutKeyValue, null, null);
+
+ log.info("MOA-ID Service Key/Value configuration successfull stored.");
+
+ } catch (ConfigurationStorageException
+ | at.gv.egiz.components.configuration.api.ConfigurationException e) {
+ log.warn("MOAID Configuration can not be stored in Database", e);
+ throw new MOADatabaseException(e.getMessage(), e);
+
}
-
- protected boolean delete(OnlineApplication onlineapplication) {
- try {
- log.debug("JaxB to Key/Value configuration transformation started ...");
- Map<String, String> keyValueConfig =
- ConfigurationMigrationUtils.convertHyberJaxBOnlineApplicationToKeyValue(onlineapplication, null);
-
- log.debug("JaxB to Key/Value configuration transformation finished. Start Key/Value storage process ...");
-
- String serviceIdentifier = keyValueConfig.get(MOAIDConfigurationConstants.PREFIX_SERVICES);
- if (MiscUtil.isEmpty(serviceIdentifier)) {
- log.info("Use default ServiceIdentifier.");
- serviceIdentifier = MOAIDConfigurationConstants.PREFIX_OA;
- }
-
- String deleteServiceKey =
- MOAIDConfigurationConstants.PREFIX_MOAID_SERVICES + "." + serviceIdentifier + "." + String.valueOf(onlineapplication.getHjid()) + ".*";
-
- configuration.getConfigModule().storeChanges(null, null, Arrays.asList(new String[]{deleteServiceKey}));
-
- log.info("MOA-ID Service Key/Value configuration successfull stored.");
- return true;
-
- } catch (ConfigurationStorageException e) {
- log.warn("MOAID Configuration can not be stored in Database", e);
-
- }
-
- return false;
-
+
+ }
+
+ protected boolean delete(OnlineApplication onlineapplication) {
+ try {
+ log.debug("JaxB to Key/Value configuration transformation started ...");
+ final Map<String, String> keyValueConfig =
+ ConfigurationMigrationUtils.convertHyberJaxBOnlineApplicationToKeyValue(onlineapplication, null);
+
+ log.debug(
+ "JaxB to Key/Value configuration transformation finished. Start Key/Value storage process ...");
+
+ String serviceIdentifier = keyValueConfig.get(MOAIDConfigurationConstants.PREFIX_SERVICES);
+ if (MiscUtil.isEmpty(serviceIdentifier)) {
+ log.info("Use default ServiceIdentifier.");
+ serviceIdentifier = MOAIDConfigurationConstants.PREFIX_OA;
+ }
+
+ final String deleteServiceKey =
+ MOAIDConfigurationConstants.PREFIX_MOAID_SERVICES + "." + serviceIdentifier + "." + String.valueOf(
+ onlineapplication.getHjid()) + ".*";
+
+ configuration.getConfigModule().storeChanges(null, null, Arrays.asList(new String[] {
+ deleteServiceKey }));
+
+ log.info("MOA-ID Service Key/Value configuration successfull stored.");
+ return true;
+
+ } catch (final ConfigurationStorageException e) {
+ log.warn("MOAID Configuration can not be stored in Database", e);
+
}
-
- public String bkuFramePreview() {
- String preview = null;
+ return false;
- try {
- populateBasicInformations();
-
- } catch (BasicActionException e) {
- return Constants.STRUTS_ERROR;
-
- }
- InputStream input = null;
+ }
- try {
- Object mapobj = session.getAttribute(Constants.SESSION_BKUFORMPREVIEW);
- if (mapobj != null && mapobj instanceof Map<?, ?>) {
-
- ConfigurationProvider config = ConfigurationProvider.getInstance();
- String templateURL = config.getConfigRootDir() + ConfigurationProvider.HTMLTEMPLATE_DIR
- + ConfigurationProvider.HTMLTEMPLATE_FILE;
-
- File file = new File(new URI(templateURL));
- input = new FileInputStream(file);
-
- String contextpath = config.getMOAIDInstanceURL();
- if (MiscUtil.isEmpty(contextpath)) {
- log.info("NO MOA-ID instance URL configurated.");
- input.close();
- throw new ConfigurationException("No MOA-ID instance configurated");
-
- }
-
- //set parameters
- Map<String, Object> params = (Map<String, Object>) mapobj;
- params.put(
- AbstractServiceProviderSpecificGUIFormBuilderConfiguration.PARAM_AUTHCONTEXT,
- contextpath);
-
- request.setCharacterEncoding("UTF-8");
- String module = request.getParameter(Constants.REQUEST_FORMCUSTOM_MODULE);
- String value = request.getParameter(Constants.REQUEST_FORMCUSTOM_VALUE);
-
- if (value != null) {
- String[] query = URLDecoder.decode(request.getQueryString()).split("&");
- value = query[1].substring("value=".length());
- }
+ public String bkuFramePreview() {
- synchronized (params) {
- if (MiscUtil.isNotEmpty(module)) {
- if (params.containsKey(module)) {
- if (MiscUtil.isNotEmpty(value)) {
- if (FormBuildUtils.PARAM_FONTFAMILY.contains(module) || FormBuildUtils.PARAM_HEADER_TEXT.contains(module)
- || value.startsWith("#"))
- params.put(module, value);
- else
- params.put(module, "#" + value);
-
- } else {
- params.put(module, FormBuildUtils.getDefaultMap().get(module));
- }
- }
- }
- }
-
- //write preview
- VelocityEngine engine = VelocityProvider.getClassPathVelocityEngine();
- VelocityContext context = new VelocityContext();
- Iterator<Entry<String, Object>> interator = params.entrySet().iterator();
- while (interator.hasNext()) {
- Entry<String, Object> el = interator.next();
- context.put(el.getKey(), el.getValue());
-
- }
- StringWriter writer = new StringWriter();
- engine.evaluate(context, writer, "BKUSelection_preview",
- new BufferedReader(new InputStreamReader(input)));
- stream = new ByteArrayInputStream(writer.toString().getBytes("UTF-8"));
+ String preview = null;
- } else {
- preview = LanguageHelper.getErrorString("error.bkuformpreview.notpossible", request);
+ try {
+ populateBasicInformations();
- }
+ } catch (final BasicActionException e) {
+ return Constants.STRUTS_ERROR;
+
+ }
+ InputStream input = null;
+
+ try {
+ final Object mapobj = session.getAttribute(Constants.SESSION_BKUFORMPREVIEW);
+ if (mapobj != null && mapobj instanceof Map<?, ?>) {
+
+ final ConfigurationProvider config = ConfigurationProvider.getInstance();
+ final String templateURL = config.getConfigRootDir() + ConfigurationProvider.HTMLTEMPLATE_DIR
+ + ConfigurationProvider.HTMLTEMPLATE_FILE;
- } catch (Exception e) {
- log.warn("BKUSelection Preview can not be generated.", e);
- preview = LanguageHelper.getErrorString("error.bkuformpreview.notpossible", request);
+ final File file = new File(new URI(templateURL));
+ input = new FileInputStream(file);
+
+ final String contextpath = config.getMOAIDInstanceURL();
+ if (MiscUtil.isEmpty(contextpath)) {
+ log.info("NO MOA-ID instance URL configurated.");
+ input.close();
+ throw new ConfigurationException("No MOA-ID instance configurated");
}
- if (stream == null && MiscUtil.isNotEmpty(preview)) {
- try {
- stream = new ByteArrayInputStream(preview.getBytes("UTF-8"));
-
- } catch (UnsupportedEncodingException e) {
- e.printStackTrace();
-
- }
+ // set parameters
+ final Map<String, Object> params = (Map<String, Object>) mapobj;
+ params.put(
+ AbstractGUIFormBuilderConfiguration.PARAM_AUTHCONTEXT,
+ contextpath);
+
+ request.setCharacterEncoding("UTF-8");
+ final String module = request.getParameter(Constants.REQUEST_FORMCUSTOM_MODULE);
+ String value = request.getParameter(Constants.REQUEST_FORMCUSTOM_VALUE);
+
+ if (value != null) {
+ final String[] query = URLDecoder.decode(request.getQueryString()).split("&");
+ value = query[1].substring("value=".length());
}
-
-
- return Constants.STRUTS_SUCCESS;
- }
-
-
- /**
- * @param oaidobj the oaidobj to set
- */
- public void setOaidobj(String oaidobj) {
- this.oaidobj = oaidobj;
- }
-
- /**
- * @return the newOA
- */
- public boolean isNewOA() {
- return newOA;
- }
- /**
- * @param newOA the newOA to set
- */
- public void setNewOA(boolean newOA) {
- this.newOA = newOA;
- }
-
- public OAGeneralConfig getGeneralOA() {
- return (OAGeneralConfig) formList.get(new OAGeneralConfig().getName());
- }
+ synchronized (params) {
+ if (MiscUtil.isNotEmpty(module)) {
+ if (params.containsKey(module)) {
+ if (MiscUtil.isNotEmpty(value)) {
+ if (FormBuildUtils.PARAM_FONTFAMILY.contains(module) || FormBuildUtils.PARAM_HEADER_TEXT
+ .contains(module)
+ || value.startsWith("#")) {
+ params.put(module, value);
+ } else {
+ params.put(module, "#" + value);
+ }
- public void setGeneralOA(OAGeneralConfig generalOA) {
- formList.put(generalOA.getName(), generalOA);
- }
-
-
- public OAPVP2Config getPvp2OA() {
- return (OAPVP2Config) formList.get(new OAPVP2Config().getName());
- }
+ } else {
+ params.put(module, FormBuildUtils.getDefaultMap().get(module));
+ }
+ }
+ }
+ }
+
+ // write preview
+ final VelocityEngine engine = VelocityProvider.getClassPathVelocityEngine();
+ final VelocityContext context = new VelocityContext();
+ final Iterator<Entry<String, Object>> interator = params.entrySet().iterator();
+ while (interator.hasNext()) {
+ final Entry<String, Object> el = interator.next();
+ context.put(el.getKey(), el.getValue());
+
+ }
+ final StringWriter writer = new StringWriter();
+ engine.evaluate(context, writer, "BKUSelection_preview",
+ new BufferedReader(new InputStreamReader(input)));
+ stream = new ByteArrayInputStream(writer.toString().getBytes("UTF-8"));
+
+ } else {
+ preview = LanguageHelper.getErrorString("error.bkuformpreview.notpossible", request);
+
+ }
+
+ } catch (final Exception e) {
+ log.warn("BKUSelection Preview can not be generated.", e);
+ preview = LanguageHelper.getErrorString("error.bkuformpreview.notpossible", request);
- public void setPvp2OA(OAPVP2Config pvp2oa) {
- formList.put(pvp2oa.getName(), pvp2oa);
}
- /**
- * @return the stream
- */
- public InputStream getStream() {
- return stream;
- }
+ if (stream == null && MiscUtil.isNotEmpty(preview)) {
+ try {
+ stream = new ByteArrayInputStream(preview.getBytes("UTF-8"));
+
+ } catch (final UnsupportedEncodingException e) {
+ e.printStackTrace();
+
+ }
+ }
+ return Constants.STRUTS_SUCCESS;
+ }
+
+ /**
+ * @param oaidobj the oaidobj to set
+ */
+ public void setOaidobj(String oaidobj) {
+ this.oaidobj = oaidobj;
+ }
+
+ /**
+ * @return the newOA
+ */
+ public boolean isNewOA() {
+ return newOA;
+ }
+
+ /**
+ * @param newOA the newOA to set
+ */
+ public void setNewOA(boolean newOA) {
+ this.newOA = newOA;
+ }
+
+ public OAGeneralConfig getGeneralOA() {
+ return (OAGeneralConfig) formList.get(new OAGeneralConfig().getName());
+ }
+
+ public void setGeneralOA(OAGeneralConfig generalOA) {
+ formList.put(generalOA.getName(), generalOA);
+ }
+
+ public OAPVP2Config getPvp2OA() {
+ return (OAPVP2Config) formList.get(new OAPVP2Config().getName());
+ }
+
+ public void setPvp2OA(OAPVP2Config pvp2oa) {
+ formList.put(pvp2oa.getName(), pvp2oa);
+ }
+
+ /**
+ * @return the stream
+ */
+ public InputStream getStream() {
+ return stream;
+ }
}
diff --git a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/struts/action/EditGeneralConfigAction.java b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/struts/action/EditGeneralConfigAction.java
index 8e057db0f..0992d7f1a 100644
--- a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/struts/action/EditGeneralConfigAction.java
+++ b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/struts/action/EditGeneralConfigAction.java
@@ -30,7 +30,6 @@ import java.util.Map;
import java.util.Set;
import org.apache.commons.lang3.StringUtils;
-import org.apache.log4j.Logger;
import at.gv.egiz.components.configuration.meta.api.ConfigurationStorageException;
import at.gv.egiz.eaaf.core.impl.utils.KeyValueUtils;
@@ -76,164 +75,160 @@ import at.gv.egovernment.moa.id.configuration.helper.StringHelper;
import at.gv.egovernment.moa.id.configuration.validation.moaconfig.MOAConfigValidator;
import at.gv.egovernment.moa.id.configuration.validation.moaconfig.StorkConfigValidator;
import at.gv.egovernment.moa.util.MiscUtil;
+import lombok.extern.slf4j.Slf4j;
-
+@Slf4j
public class EditGeneralConfigAction extends BasicAction {
-
- private static final Logger log = Logger.getLogger(EditGeneralConfigAction.class);
- private static final long serialVersionUID = 1L;
-
- private GeneralMOAIDConfig moaconfig;
- private GeneralStorkConfig storkconfig;
-
- private String formID;
-
- public String loadConfig() {
- try {
- populateBasicInformations();
-
-
- } catch (BasicActionException e) {
- return Constants.STRUTS_ERROR;
-
- }
-
- if (authUser.isAdmin()) {
-
-
- MOAIDConfiguration dbconfig = configuration.getDbRead().getMOAIDConfiguration();
-
- moaconfig = new GeneralMOAIDConfig();
- moaconfig.parse(dbconfig);
- if (moaconfig == null) {
- log.error("MOA configuration is null");
- }
- if (moaconfig.isMoaidMode()) {
- storkconfig = new GeneralStorkConfig();
- storkconfig.parse(dbconfig);
- if (storkconfig == null) {
- log.error("Stork configuration is null");
- }
- }
+ private static final long serialVersionUID = 1L;
+
+ private GeneralMOAIDConfig moaconfig;
+ private GeneralStorkConfig storkconfig;
+
+ private String formID;
+
+ public String loadConfig() {
+ try {
+ populateBasicInformations();
+
+ } catch (final BasicActionException e) {
+ return Constants.STRUTS_ERROR;
+
+ }
+
+ if (authUser.isAdmin()) {
+
+ final MOAIDConfiguration dbconfig = configuration.getDbRead().getMOAIDConfiguration();
+
+ moaconfig = new GeneralMOAIDConfig();
+ moaconfig.parse(dbconfig);
+ if (moaconfig == null) {
+ log.error("MOA configuration is null");
+ }
+
+ if (moaconfig.isMoaidMode()) {
+ storkconfig = new GeneralStorkConfig();
+ storkconfig.parse(dbconfig);
+ if (storkconfig == null) {
+ log.error("Stork configuration is null");
+ }
+ }
+
+ formID = Random.nextRandom();
+ session.setAttribute(Constants.SESSION_FORMID, formID);
+
+ return Constants.STRUTS_SUCCESS;
+
+ } else {
+ addActionError(LanguageHelper.getErrorString("errors.notallowed", request));
+ return Constants.STRUTS_NOTALLOWED;
+ }
+ }
+
+ public String saveConfig() {
+ try {
+ populateBasicInformations();
+
+ } catch (final BasicActionException e) {
+ return Constants.STRUTS_ERROR;
+
+ }
+
+ final Object formidobj = session.getAttribute(Constants.SESSION_FORMID);
+ if (formidobj != null && formidobj instanceof String) {
+ final String formid = (String) formidobj;
+ if (!formid.equals(formID)) {
+ log.warn("FormIDs does not match. Some suspect Form is received from user "
+ + authUser.getFamilyName() + authUser.getGivenName() + authUser.getUserID());
+ return Constants.STRUTS_ERROR;
+ }
+ } else {
+ log.warn("FormIDs does not match. Some suspect Form is received from user "
+ + authUser.getFamilyName() + authUser.getGivenName() + authUser.getUserID());
+ return Constants.STRUTS_ERROR;
+ }
+ session.setAttribute(Constants.SESSION_FORMID, null);
+
+ boolean isMoaidMode = false;
+ try {
+ isMoaidMode = ConfigurationProvider.getInstance().isMOAIDMode();
+ } catch (final ConfigurationException e) {
+ log.warn("Can NOT load configuration. Set 'moaidmode' to 'false'", e);
+ }
+
+ if (authUser.isAdmin()) {
+
+ final MOAConfigValidator validator = new MOAConfigValidator();
+
+ final List<String> errors = validator.validate(moaconfig, request, isMoaidMode);
+
+ if (isMoaidMode) {
+ errors.addAll(new StorkConfigValidator().validate(storkconfig, request));
+ }
+
+ if (errors.size() > 0) {
+ log.info("General MOA-ID configuration has some errors.");
+ for (final String el : errors) {
+ addActionError(el);
+ }
+
+ if (moaconfig.getSecLayerTransformation() != null) {
+ session.setAttribute(Constants.SESSION_SLTRANSFORMATION, moaconfig.getSecLayerTransformation());
+ }
+
+ formID = Random.nextRandom();
+ session.setAttribute(Constants.SESSION_FORMID, formID);
+
+ return Constants.STRUTS_ERROR_VALIDATION;
+
+ } else {
+ if (moaconfig.getSecLayerTransformation() == null &&
+ session.getAttribute(Constants.SESSION_SLTRANSFORMATION) != null &&
+ session.getAttribute(Constants.SESSION_SLTRANSFORMATION) instanceof Map<?, ?>) {
+ moaconfig.setSecLayerTransformation((Map<String, byte[]>) session.getAttribute(
+ Constants.SESSION_SLTRANSFORMATION));
+
+ }
+ }
+
+ final String error = saveFormToDatabase(isMoaidMode);
+ if (error != null) {
+ log.warn("General MOA-ID config can not be stored in Database");
+
+ // set new formID
+ formID = Random.nextRandom();
+ session.setAttribute(Constants.SESSION_FORMID, formID);
+
+ addActionError(error);
+ return Constants.STRUTS_ERROR_VALIDATION;
+ }
+
+ session.setAttribute(Constants.SESSION_SLTRANSFORMATION, null);
+
+ } else {
+ addActionError(LanguageHelper.getErrorString("errors.notallowed", request));
+ return Constants.STRUTS_NOTALLOWED;
+ }
+
+ addActionMessage(LanguageHelper.getGUIString("webpages.moaconfig.save.success", request));
+ return Constants.STRUTS_SUCCESS;
+ }
+
+ public String back() {
+ try {
+ populateBasicInformations();
+
+ } catch (final BasicActionException e) {
+ return Constants.STRUTS_ERROR;
+
+ }
+
+ return Constants.STRUTS_SUCCESS;
+ }
-
-
- formID = Random.nextRandom();
- session.setAttribute(Constants.SESSION_FORMID, formID);
-
- return Constants.STRUTS_SUCCESS;
-
- } else {
- addActionError(LanguageHelper.getErrorString("errors.notallowed", request));
- return Constants.STRUTS_NOTALLOWED;
- }
- }
-
- public String saveConfig() {
- try {
- populateBasicInformations();
-
- } catch (BasicActionException e) {
- return Constants.STRUTS_ERROR;
-
- }
-
- Object formidobj = session.getAttribute(Constants.SESSION_FORMID);
- if (formidobj != null && formidobj instanceof String) {
- String formid = (String) formidobj;
- if (!formid.equals(formID)) {
- log.warn("FormIDs does not match. Some suspect Form is received from user "
- + authUser.getFamilyName() + authUser.getGivenName() + authUser.getUserID());
- return Constants.STRUTS_ERROR;
- }
- } else {
- log.warn("FormIDs does not match. Some suspect Form is received from user "
- + authUser.getFamilyName() + authUser.getGivenName() + authUser.getUserID());
- return Constants.STRUTS_ERROR;
- }
- session.setAttribute(Constants.SESSION_FORMID, null);
-
- boolean isMoaidMode = false;
- try {
- isMoaidMode = ConfigurationProvider.getInstance().isMOAIDMode();
- } catch (ConfigurationException e) {
- log.warn("Can NOT load configuration. Set 'moaidmode' to 'false'", e);
- }
-
- if (authUser.isAdmin()) {
-
- MOAConfigValidator validator = new MOAConfigValidator();
-
- List<String> errors = validator.validate(moaconfig, request, isMoaidMode);
-
- if (isMoaidMode)
- errors.addAll(new StorkConfigValidator().validate(storkconfig, request));
-
- if (errors.size() > 0) {
- log.info("General MOA-ID configuration has some errors.");
- for (String el : errors)
- addActionError(el);
-
- if (moaconfig.getSecLayerTransformation() != null) {
- session.setAttribute(Constants.SESSION_SLTRANSFORMATION, moaconfig.getSecLayerTransformation());
- }
-
- formID = Random.nextRandom();
- session.setAttribute(Constants.SESSION_FORMID, formID);
-
- return Constants.STRUTS_ERROR_VALIDATION;
-
- } else {
- if (moaconfig.getSecLayerTransformation() == null &&
- session.getAttribute(Constants.SESSION_SLTRANSFORMATION) != null &&
- session.getAttribute(Constants.SESSION_SLTRANSFORMATION) instanceof Map<?, ?> ) {
- moaconfig.setSecLayerTransformation((Map<String, byte[]>)
- session.getAttribute(Constants.SESSION_SLTRANSFORMATION));
-
- }
- }
-
- String error = saveFormToDatabase(isMoaidMode);
- if (error != null) {
- log.warn("General MOA-ID config can not be stored in Database");
-
- //set new formID
- formID = Random.nextRandom();
- session.setAttribute(Constants.SESSION_FORMID, formID);
-
- addActionError(error);
- return Constants.STRUTS_ERROR_VALIDATION;
- }
-
- session.setAttribute(Constants.SESSION_SLTRANSFORMATION, null);
-
- } else {
- addActionError(LanguageHelper.getErrorString("errors.notallowed", request));
- return Constants.STRUTS_NOTALLOWED;
- }
-
-
- addActionMessage(LanguageHelper.getGUIString("webpages.moaconfig.save.success", request));
- return Constants.STRUTS_SUCCESS;
- }
-
- public String back() {
- try {
- populateBasicInformations();
-
-
- } catch (BasicActionException e) {
- return Constants.STRUTS_ERROR;
-
- }
-
- return Constants.STRUTS_SUCCESS;
- }
-
- private String saveFormToDatabase(boolean isMoaidMode) {
-
- log.debug("Saving form to database");
+ private String saveFormToDatabase(boolean isMoaidMode) {
+
+ log.debug("Saving form to database");
// log.error("Saving form to db");
// log.info("SV frm db");
@@ -244,630 +239,649 @@ public class EditGeneralConfigAction extends BasicAction {
// log.error(" SES PARAM: " + obj.toString());
// }
- try {
- log.error(" ASSERTION " + moaconfig.getTimeoutAssertion());
- } catch (Exception ex) {
- ex.printStackTrace();
- }
-
- MOAIDConfiguration dbconfig = configuration.getDbRead().getMOAIDConfiguration();
- if (dbconfig == null)
- dbconfig = new MOAIDConfiguration();
-
-
- AuthComponentGeneral dbauth = dbconfig.getAuthComponentGeneral();
- if (dbauth == null) {
- dbauth = new AuthComponentGeneral();
- dbconfig.setAuthComponentGeneral(dbauth);
- }
-
- GeneralConfiguration dbauthgeneral = dbauth.getGeneralConfiguration();
- if (dbauthgeneral == null) {
- dbauthgeneral = new GeneralConfiguration();
- dbauth.setGeneralConfiguration(dbauthgeneral);
- }
-
+ try {
+ log.error(" ASSERTION " + moaconfig.getTimeoutAssertion());
+ } catch (final Exception ex) {
+ ex.printStackTrace();
+ }
+
+ MOAIDConfiguration dbconfig = configuration.getDbRead().getMOAIDConfiguration();
+ if (dbconfig == null) {
+ dbconfig = new MOAIDConfiguration();
+ }
+
+ AuthComponentGeneral dbauth = dbconfig.getAuthComponentGeneral();
+ if (dbauth == null) {
+ dbauth = new AuthComponentGeneral();
+ dbconfig.setAuthComponentGeneral(dbauth);
+ }
+
+ GeneralConfiguration dbauthgeneral = dbauth.getGeneralConfiguration();
+ if (dbauthgeneral == null) {
+ dbauthgeneral = new GeneralConfiguration();
+ dbauth.setGeneralConfiguration(dbauthgeneral);
+ }
+
// GeneralConfiguration oldauthgeneral = null;
// if (oldauth != null)
// oldauthgeneral = oldauth.getGeneralConfiguration();
-
- //set Public URL Prefix
- String pubURLPrefix = moaconfig.getPublicURLPrefix();
- if (moaconfig.isVirtualPublicURLPrefixEnabled()) {
- dbauthgeneral.setPublicURLPreFix(
- KeyValueUtils.normalizeCSVValueString(pubURLPrefix));
-
- } else {
- if (pubURLPrefix.contains(KeyValueUtils.CSV_DELIMITER)) {
- dbauthgeneral.setPublicURLPreFix(
- pubURLPrefix.trim().substring(0,
- pubURLPrefix.indexOf(KeyValueUtils.CSV_DELIMITER)));
-
- } else
- dbauthgeneral.setPublicURLPreFix(
- StringUtils.chomp(pubURLPrefix.trim()));
-
- }
-
- dbauthgeneral.setVirtualPublicURLPrefixEnabled(
- moaconfig.isVirtualPublicURLPrefixEnabled());
-
-
+
+ // set Public URL Prefix
+ final String pubURLPrefix = moaconfig.getPublicURLPrefix();
+ if (moaconfig.isVirtualPublicURLPrefixEnabled()) {
+ dbauthgeneral.setPublicURLPreFix(
+ KeyValueUtils.normalizeCSVValueString(pubURLPrefix));
+
+ } else {
+ if (pubURLPrefix.contains(KeyValueUtils.CSV_DELIMITER)) {
+ dbauthgeneral.setPublicURLPreFix(
+ pubURLPrefix.trim().substring(0,
+ pubURLPrefix.indexOf(KeyValueUtils.CSV_DELIMITER)));
+
+ } else {
+ dbauthgeneral.setPublicURLPreFix(
+ StringUtils.chomp(pubURLPrefix.trim()));
+ }
+
+ }
+
+ dbauthgeneral.setVirtualPublicURLPrefixEnabled(
+ moaconfig.isVirtualPublicURLPrefixEnabled());
+
// if (MiscUtil.isNotEmpty(moaconfig.getAlternativeSourceID()))
// dbauthgeneral.setAlternativeSourceID(moaconfig.getAlternativeSourceID());
// else {
// if (oldauthgeneral != null)
// dbauthgeneral.setAlternativeSourceID(oldauthgeneral.getAlternativeSourceID());
// }
-
+
// if (MiscUtil.isNotEmpty(moaconfig.getCertStoreDirectory()))
// dbauthgeneral.setCertStoreDirectory(moaconfig.getCertStoreDirectory());
-
- TimeOuts dbtimeouts = dbauthgeneral.getTimeOuts();
- if (dbtimeouts == null) {
- dbtimeouts = new TimeOuts();
- dbauthgeneral.setTimeOuts(dbtimeouts);
- }
- if (MiscUtil.isEmpty(moaconfig.getTimeoutAssertion()))
- dbtimeouts.setAssertion(BigInteger.valueOf(GeneralMOAIDConfig.DEFAULTTIMEOUTASSERTION));
- else
- dbtimeouts.setAssertion(new BigInteger(moaconfig.getTimeoutAssertion()));
-
- if (MiscUtil.isEmpty(moaconfig.getTimeoutMOASessionCreated()))
- dbtimeouts.setMOASessionCreated(BigInteger.valueOf(GeneralMOAIDConfig.DEFAULTTIMEOUTMOASESSIONCREATED));
- else
- dbtimeouts.setMOASessionCreated(new BigInteger(moaconfig.getTimeoutMOASessionCreated()));
-
- if (MiscUtil.isEmpty(moaconfig.getTimeoutMOASessionUpdated()))
- dbtimeouts.setMOASessionUpdated(BigInteger.valueOf(GeneralMOAIDConfig.DEFAULTTIMEOUTMOASESSIONUPDATED));
- else
- dbtimeouts.setMOASessionUpdated(new BigInteger(moaconfig.getTimeoutMOASessionUpdated()));
-
- dbauthgeneral.setTrustManagerRevocationChecking(moaconfig.isTrustmanagerrevocationcheck());
-
-
-
- Protocols dbprotocols = dbauth.getProtocols();
- if (dbprotocols == null) {
- dbprotocols = new Protocols();
- dbauth.setProtocols(dbprotocols);
- }
- LegacyAllowed legprot = dbprotocols.getLegacyAllowed();
- if (legprot == null) {
- legprot = new LegacyAllowed();
- dbprotocols.setLegacyAllowed(legprot);
- }
-
- List<String> el = legprot.getProtocolName();
- if (el == null) {
- el = new ArrayList<String>();
- legprot.setProtocolName(el);
-
- }
-
- //Workaround for DB cleaning is only needed for one or the releases (insert in 2.1.1)
- if (el.size() > 2)
- el.clear();
-
- if (el.contains(Constants.MOA_CONFIG_PROTOCOL_PVP2)) {
- if (!moaconfig.isLegacy_pvp2())
- el.remove(Constants.MOA_CONFIG_PROTOCOL_PVP2);
-
- } else {
- if (moaconfig.isLegacy_pvp2())
- el.add(Constants.MOA_CONFIG_PROTOCOL_PVP2);
- }
-
- if (el.contains(Constants.MOA_CONFIG_PROTOCOL_SAML1)) {
- if (!moaconfig.isLegacy_saml1())
- el.remove(Constants.MOA_CONFIG_PROTOCOL_SAML1);
-
- } else {
- if (moaconfig.isLegacy_saml1())
- el.add(Constants.MOA_CONFIG_PROTOCOL_SAML1);
- }
-
- SAML1 saml1= dbprotocols.getSAML1();
- if (saml1 == null) {
- saml1 = new SAML1();
- dbprotocols.setSAML1(saml1);
- }
- saml1.setIsActive(moaconfig.isProtocolActiveSAML1());
-
- if (MiscUtil.isNotEmpty(moaconfig.getSaml1SourceID())) {
- saml1.setSourceID(moaconfig.getSaml1SourceID());
-
- } else {
- if (MiscUtil.isNotEmpty(saml1.getSourceID()))
- saml1.setSourceID(moaconfig.getSaml1SourceID());
-
- }
-
-
- OAuth oauth= dbprotocols.getOAuth();
- if (oauth == null) {
- oauth = new OAuth();
- dbprotocols.setOAuth(oauth);
- }
-
- PVP2 pvp2 = dbprotocols.getPVP2();
- if (pvp2 == null) {
- pvp2 = new PVP2();
- dbprotocols.setPVP2(pvp2);
- }
-
- if (isMoaidMode) {
- oauth.setIsActive(moaconfig.isProtocolActiveOAuth());
- pvp2.setIsActive(moaconfig.isProtocolActivePVP21());
-
- }
-
- if (MiscUtil.isNotEmpty(moaconfig.getPvp2IssuerName()))
- pvp2.setIssuerName(moaconfig.getPvp2IssuerName());
+
+ TimeOuts dbtimeouts = dbauthgeneral.getTimeOuts();
+ if (dbtimeouts == null) {
+ dbtimeouts = new TimeOuts();
+ dbauthgeneral.setTimeOuts(dbtimeouts);
+ }
+ if (MiscUtil.isEmpty(moaconfig.getTimeoutAssertion())) {
+ dbtimeouts.setAssertion(BigInteger.valueOf(GeneralMOAIDConfig.DEFAULTTIMEOUTASSERTION));
+ } else {
+ dbtimeouts.setAssertion(new BigInteger(moaconfig.getTimeoutAssertion()));
+ }
+
+ if (MiscUtil.isEmpty(moaconfig.getTimeoutMOASessionCreated())) {
+ dbtimeouts.setMOASessionCreated(BigInteger.valueOf(GeneralMOAIDConfig.DEFAULTTIMEOUTMOASESSIONCREATED));
+ } else {
+ dbtimeouts.setMOASessionCreated(new BigInteger(moaconfig.getTimeoutMOASessionCreated()));
+ }
+
+ if (MiscUtil.isEmpty(moaconfig.getTimeoutMOASessionUpdated())) {
+ dbtimeouts.setMOASessionUpdated(BigInteger.valueOf(GeneralMOAIDConfig.DEFAULTTIMEOUTMOASESSIONUPDATED));
+ } else {
+ dbtimeouts.setMOASessionUpdated(new BigInteger(moaconfig.getTimeoutMOASessionUpdated()));
+ }
+
+ dbauthgeneral.setTrustManagerRevocationChecking(moaconfig.isTrustmanagerrevocationcheck());
+
+ Protocols dbprotocols = dbauth.getProtocols();
+ if (dbprotocols == null) {
+ dbprotocols = new Protocols();
+ dbauth.setProtocols(dbprotocols);
+ }
+ LegacyAllowed legprot = dbprotocols.getLegacyAllowed();
+ if (legprot == null) {
+ legprot = new LegacyAllowed();
+ dbprotocols.setLegacyAllowed(legprot);
+ }
+
+ List<String> el = legprot.getProtocolName();
+ if (el == null) {
+ el = new ArrayList<>();
+ legprot.setProtocolName(el);
+
+ }
+
+ // Workaround for DB cleaning is only needed for one or the releases (insert in
+ // 2.1.1)
+ if (el.size() > 2) {
+ el.clear();
+ }
+
+ if (el.contains(Constants.MOA_CONFIG_PROTOCOL_PVP2)) {
+ if (!moaconfig.isLegacy_pvp2()) {
+ el.remove(Constants.MOA_CONFIG_PROTOCOL_PVP2);
+ }
+
+ } else {
+ if (moaconfig.isLegacy_pvp2()) {
+ el.add(Constants.MOA_CONFIG_PROTOCOL_PVP2);
+ }
+ }
+
+ if (el.contains(Constants.MOA_CONFIG_PROTOCOL_SAML1)) {
+ if (!moaconfig.isLegacy_saml1()) {
+ el.remove(Constants.MOA_CONFIG_PROTOCOL_SAML1);
+ }
+
+ } else {
+ if (moaconfig.isLegacy_saml1()) {
+ el.add(Constants.MOA_CONFIG_PROTOCOL_SAML1);
+ }
+ }
+
+ SAML1 saml1 = dbprotocols.getSAML1();
+ if (saml1 == null) {
+ saml1 = new SAML1();
+ dbprotocols.setSAML1(saml1);
+ }
+ saml1.setIsActive(moaconfig.isProtocolActiveSAML1());
+
+ if (MiscUtil.isNotEmpty(moaconfig.getSaml1SourceID())) {
+ saml1.setSourceID(moaconfig.getSaml1SourceID());
+
+ } else {
+ if (MiscUtil.isNotEmpty(saml1.getSourceID())) {
+ saml1.setSourceID(moaconfig.getSaml1SourceID());
+ }
+
+ }
+
+ OAuth oauth = dbprotocols.getOAuth();
+ if (oauth == null) {
+ oauth = new OAuth();
+ dbprotocols.setOAuth(oauth);
+ }
+
+ PVP2 pvp2 = dbprotocols.getPVP2();
+ if (pvp2 == null) {
+ pvp2 = new PVP2();
+ dbprotocols.setPVP2(pvp2);
+ }
+
+ if (isMoaidMode) {
+ oauth.setIsActive(moaconfig.isProtocolActiveOAuth());
+ pvp2.setIsActive(moaconfig.isProtocolActivePVP21());
+
+ }
+
+ if (MiscUtil.isNotEmpty(moaconfig.getPvp2IssuerName())) {
+ pvp2.setIssuerName(moaconfig.getPvp2IssuerName());
// if (MiscUtil.isNotEmpty(moaconfig.getPvp2PublicUrlPrefix()))
// pvp2.setPublicURLPrefix(moaconfig.getPvp2PublicUrlPrefix());
-
- Organization pvp2org = pvp2.getOrganization();
- if (pvp2org == null) {
- pvp2org = new Organization();
- pvp2.setOrganization(pvp2org);
- }
- if (MiscUtil.isNotEmpty(moaconfig.getPvp2OrgDisplayName()))
- pvp2org.setDisplayName(StringHelper.getUTF8String(
- moaconfig.getPvp2OrgDisplayName()));
- if (MiscUtil.isNotEmpty(moaconfig.getPvp2OrgName()))
- pvp2org.setName(StringHelper.getUTF8String(moaconfig.getPvp2OrgName()));
- if (MiscUtil.isNotEmpty(moaconfig.getPvp2OrgURL()))
- pvp2org.setURL(moaconfig.getPvp2OrgURL());
-
- List<Contact> pvp2cont = pvp2.getContact();
- if (pvp2cont == null) {
- pvp2cont = new ArrayList<Contact>();
- pvp2.setContact(pvp2cont);
- }
-
- if (pvp2cont.size() == 0) {
- Contact cont = new Contact();
- pvp2cont.add(cont);
- }
-
- Contact cont = pvp2cont.get(0);
- if (MiscUtil.isNotEmpty(moaconfig.getPvp2Contact().getCompany()))
- cont.setCompany(StringHelper.getUTF8String(
- moaconfig.getPvp2Contact().getCompany()));
-
- if (MiscUtil.isNotEmpty(moaconfig.getPvp2Contact().getGivenname()))
- cont.setGivenName(StringHelper.getUTF8String(
- moaconfig.getPvp2Contact().getGivenname()));
-
- if (cont.getMail() != null && cont.getMail().size() > 0)
- cont.getMail().set(0, moaconfig.getPvp2Contact().getMail());
- else
- cont.setMail(Arrays.asList(moaconfig.getPvp2Contact().getMail()));
-
- if (cont.getPhone() != null && cont.getPhone().size() > 0)
- cont.getPhone().set(0, moaconfig.getPvp2Contact().getPhone());
- else
- cont.setPhone(Arrays.asList(moaconfig.getPvp2Contact().getPhone()));
-
- cont.setSurName(StringHelper.getUTF8String(moaconfig.getPvp2Contact().getSurname()));
- if (MiscUtil.isNotEmpty(moaconfig.getPvp2Contact().getType()))
- cont.setType(moaconfig.getPvp2Contact().getType());
-
-
- ChainingModes dbchainingmodes = dbconfig.getChainingModes();
- if (dbchainingmodes == null) {
- dbchainingmodes = new ChainingModes();
- dbconfig.setChainingModes(dbchainingmodes);
- }
-
- dbchainingmodes.setSystemDefaultMode(
- ChainingModeType.fromValue("pkix"));
-
-
- if (isMoaidMode) {
- SSO dbsso = dbauth.getSSO();
- if (dbsso == null) {
- dbsso = new SSO();
- dbauth.setSSO(dbsso);
- }
-
- if (MiscUtil.isNotEmpty(moaconfig.getSsoFriendlyName()))
- dbsso.setFriendlyName(StringHelper.getUTF8String(
- moaconfig.getSsoFriendlyName()));
- if (MiscUtil.isNotEmpty(moaconfig.getSsoSpecialText()))
- dbsso.setSpecialText(StringHelper.getUTF8String(
- moaconfig.getSsoSpecialText()));
- // if (MiscUtil.isNotEmpty(moaconfig.getSsoPublicUrl()))
- // dbsso.setPublicURL(moaconfig.getSsoPublicUrl());
-
- if (MiscUtil.isNotEmpty(moaconfig.getSsoTarget())) {
-
- if (!ValidationHelper.isValidAdminTarget(moaconfig.getSsoTarget())) {
- String num = moaconfig.getSsoTarget().replaceAll(" ", "");
- String pre = null;
- if (num.startsWith(Constants.IDENIFICATIONTYPE_FN)) {
- num = num.substring(Constants.IDENIFICATIONTYPE_FN.length());
-
- num = at.gv.egovernment.moa.util.StringUtils.deleteLeadingZeros(num);
- pre = Constants.IDENIFICATIONTYPE_FN;
- }
-
- if (num.startsWith(Constants.IDENIFICATIONTYPE_ZVR)) {
- num = num.substring(Constants.IDENIFICATIONTYPE_ZVR.length());
- pre = Constants.IDENIFICATIONTYPE_ZVR;
- }
-
- if (num.startsWith(Constants.IDENIFICATIONTYPE_ERSB)){
- num = num.substring(Constants.IDENIFICATIONTYPE_ERSB.length());
- pre = Constants.IDENIFICATIONTYPE_ERSB;
- }
-
- dbsso.setTarget(Constants.PREFIX_WPBK + pre + "+" + num);
-
- } else {
- dbsso.setTarget(moaconfig.getSsoTarget());
-
- }
- }
- // if (MiscUtil.isNotEmpty(moaconfig.getSsoIdentificationNumber())) {
- // IdentificationNumber ssoid = dbsso.getIdentificationNumber();
- // if (ssoid == null) {
- // ssoid = new IdentificationNumber();
- // dbsso.setIdentificationNumber(ssoid);
- // }
- // ssoid.setValue(moaconfig.getSsoIdentificationNumber());
- // }
-
- DefaultBKUs dbbkus = dbconfig.getDefaultBKUs();
-
- if (dbbkus == null) {
- dbbkus = new DefaultBKUs();
- dbconfig.setDefaultBKUs(dbbkus);
- }
-
- if (MiscUtil.isNotEmpty(moaconfig.getDefaultBKUHandy()))
- dbbkus.setHandyBKU(moaconfig.getDefaultBKUHandy());
- else
- dbbkus.setHandyBKU(new String());
-
- if (MiscUtil.isNotEmpty(moaconfig.getDefaultBKUOnline()))
- dbbkus.setOnlineBKU(moaconfig.getDefaultBKUOnline());
- else
- dbbkus.setOnlineBKU(new String());
-
- if (MiscUtil.isNotEmpty(moaconfig.getDefaultBKULocal()))
- dbbkus.setLocalBKU(moaconfig.getDefaultBKULocal());
- else
- dbbkus.setLocalBKU(new String());
-
-
-
- IdentityLinkSigners idlsigners = dbauth.getIdentityLinkSigners();
- if (idlsigners == null) {
- idlsigners = new IdentityLinkSigners();
- dbauth.setIdentityLinkSigners(idlsigners);
- }
-
- ForeignIdentities dbforeign = dbauth.getForeignIdentities();
- if (dbforeign == null) {
- dbforeign = new ForeignIdentities();
- dbauth.setForeignIdentities(dbforeign);
- }
-
- if (MiscUtil.isNotEmpty(moaconfig.getSzrgwURL())) {
- ConnectionParameterClientAuthType forcon = dbforeign.getConnectionParameter();
- if (forcon == null) {
- forcon = new ConnectionParameterClientAuthType();
- dbforeign.setConnectionParameter(forcon);
- }
-
- if (KeyValueUtils.isCSVValueString(moaconfig.getSzrgwURL()))
- forcon.setURL(KeyValueUtils.normalizeCSVValueString(moaconfig.getSzrgwURL()));
-
- else {
- if (moaconfig.getSzrgwURL().contains(KeyValueUtils.CSV_DELIMITER))
- forcon.setURL(
- moaconfig.getSzrgwURL().trim().substring(0,
- moaconfig.getSzrgwURL().indexOf(KeyValueUtils.CSV_DELIMITER)));
-
- else
- forcon.setURL(
- StringUtils.chomp(moaconfig.getSzrgwURL().trim()));
-
- }
-
- }
-
- ForeignIdentities foreign = dbauth.getForeignIdentities();
- if (foreign != null) {
- STORK stork = foreign.getSTORK();
- if (stork == null) {
- stork = new STORK();
- foreign.setSTORK(stork);
-
- }
-
- try {
- log.error("QAAAA " + storkconfig.getDefaultQaa());
- stork.setGeneral_eIDAS_LOA(storkconfig.getDefaultQaa());
-
- if (storkconfig.getAttributes() != null) {
- List<StorkAttribute> dbStorkAttr = new ArrayList<StorkAttribute>();
- stork.setAttributes(dbStorkAttr);
-
-
- for (StorkAttribute attr : storkconfig.getAttributes()) {
- if (attr != null && MiscUtil.isNotEmpty(attr.getName()))
- dbStorkAttr.add(attr);
-
- else
- log.info("Remove null or empty STORK attribute");
- }
-
- } else
- stork.setAttributes((List<StorkAttribute>) (new ArrayList<StorkAttribute>()));
-
- if (storkconfig.getCpepslist() != null) {
- List<CPEPS> dbStorkCPEPS = new ArrayList<CPEPS>();
- stork.setCPEPS(dbStorkCPEPS);
-
- for (CPEPS cpeps : storkconfig.getCpepslist()) {
- if (cpeps != null && MiscUtil.isNotEmpty(cpeps.getURL()) &&
- MiscUtil.isNotEmpty(cpeps.getCountryCode())) {
-
- if (cpeps.getCountryCode().equals("CC") &&
- cpeps.getURL().equals("http://"))
- log.info("Remove dummy STORK CPEPS entry.");
-
- else
- dbStorkCPEPS.add(cpeps);
-
- } else
- log.info("Remove null or emtpy STORK CPEPS configuration");
- }
-
- } else
- stork.setCPEPS((List<CPEPS>) (new ArrayList<CPEPS>()));
-
- } catch (Exception e) {
- e.printStackTrace();
-
- }
-
- try{
- log.info("CPEPS LIST: " + storkconfig.getCpepslist().size() );
- log.trace("CPEPS 1:" + storkconfig.getCpepslist().get(0).getCountryCode() +storkconfig.getCpepslist().get(0).getURL());
-
- } catch (Exception ex) {
- log.info("CPEPS LIST is null");
-
- }
- }
-
- //write MIS Mandate-Service URLs
- if (MiscUtil.isNotEmpty(moaconfig.getMandateURL())) {
- OnlineMandates dbmandate = dbauth.getOnlineMandates();
- if (dbmandate == null) {
- dbmandate = new OnlineMandates();
- dbauth.setOnlineMandates(dbmandate);
- }
- ConnectionParameterClientAuthType dbmandateconnection = dbmandate.getConnectionParameter();
-
- if (dbmandateconnection == null) {
- dbmandateconnection = new ConnectionParameterClientAuthType();
- dbmandate.setConnectionParameter(dbmandateconnection);
- }
-
- if (KeyValueUtils.isCSVValueString(moaconfig.getMandateURL()))
- dbmandateconnection.setURL(KeyValueUtils.normalizeCSVValueString(moaconfig.getMandateURL()));
-
- else {
- if (moaconfig.getMandateURL().contains(KeyValueUtils.CSV_DELIMITER))
- dbmandateconnection.setURL(
- moaconfig.getMandateURL().trim().substring(0,
- moaconfig.getMandateURL().indexOf(KeyValueUtils.CSV_DELIMITER)));
-
- else
- dbmandateconnection.setURL(
- StringUtils.chomp(moaconfig.getMandateURL().trim()));
-
- }
- }
-
- //write ELGA Mandate-Service URLs
- if (MiscUtil.isNotEmpty(moaconfig.getElgaMandateServiceURL())) {
- if (KeyValueUtils.isCSVValueString(moaconfig.getElgaMandateServiceURL()))
- dbconfig.setElgaMandateServiceURLs(KeyValueUtils.normalizeCSVValueString(moaconfig.getElgaMandateServiceURL()));
-
- else {
- if (moaconfig.getElgaMandateServiceURL().contains(KeyValueUtils.CSV_DELIMITER))
- dbconfig.setElgaMandateServiceURLs(
- moaconfig.getElgaMandateServiceURL().trim().substring(0,
- moaconfig.getElgaMandateServiceURL().indexOf(KeyValueUtils.CSV_DELIMITER)));
-
- else
- dbconfig.setElgaMandateServiceURLs(
- StringUtils.chomp(moaconfig.getElgaMandateServiceURL().trim()));
-
- }
- } else
- dbconfig.setElgaMandateServiceURLs(null);
- }
-
-
- //write E-ID System URLs
- if (MiscUtil.isNotEmpty(moaconfig.getEidSystemServiceURL())) {
- if (KeyValueUtils.isCSVValueString(moaconfig.getEidSystemServiceURL()))
- dbconfig.setEidSystemServiceURLs(KeyValueUtils.normalizeCSVValueString(moaconfig.getEidSystemServiceURL()));
-
- else {
- if (moaconfig.getEidSystemServiceURL().contains(KeyValueUtils.CSV_DELIMITER))
- dbconfig.setEidSystemServiceURLs(
- moaconfig.getEidSystemServiceURL().trim().substring(0,
- moaconfig.getEidSystemServiceURL().indexOf(KeyValueUtils.CSV_DELIMITER)));
-
- else
- dbconfig.setEidSystemServiceURLs(
- StringUtils.chomp(moaconfig.getEidSystemServiceURL().trim()));
-
- }
-
- } else
- dbconfig.setEidSystemServiceURLs(null);
-
-
- if (isMoaidMode) {
- MOASP dbmoasp = dbauth.getMOASP();
- if (dbmoasp == null) {
- dbmoasp = new MOASP();
- dbauth.setMOASP(dbmoasp);
- }
- if (MiscUtil.isNotEmpty(moaconfig.getMoaspssURL())) {
- ConnectionParameterClientAuthType moaspcon = dbmoasp.getConnectionParameter();
- if (moaspcon == null) {
- moaspcon = new ConnectionParameterClientAuthType();
- dbmoasp.setConnectionParameter(moaspcon);
- }
- moaspcon.setURL(moaconfig.getMoaspssURL());
- }
- VerifyIdentityLink moaidl = dbmoasp.getVerifyIdentityLink();
- if (moaidl == null) {
- moaidl = new VerifyIdentityLink();
- dbmoasp.setVerifyIdentityLink(moaidl);
- }
- moaidl.setTrustProfileID(moaconfig.getMoaspssIdlTrustProfile());
- moaidl.setTestTrustProfileID(moaconfig.getMoaspssIdlTrustProfileTest());
-
- VerifyAuthBlock moaauth = dbmoasp.getVerifyAuthBlock();
- if (moaauth == null) {
- moaauth = new VerifyAuthBlock();
- dbmoasp.setVerifyAuthBlock(moaauth);
- }
- moaauth.setTrustProfileID(moaconfig.getMoaspssAuthTrustProfile());
- moaauth.setTestTrustProfileID(moaconfig.getMoaspssAuthTrustProfileTest());
-
- if (moaauth.getVerifyTransformsInfoProfileID() != null &&
- moaauth.getVerifyTransformsInfoProfileID().size() > 0)
- moaauth.getVerifyTransformsInfoProfileID().set(0, moaconfig.getAuthTransformList().get(0));
-
- else {
- if (moaauth.getVerifyTransformsInfoProfileID() == null) {
- moaauth.setVerifyTransformsInfoProfileID(new ArrayList<String>());
-
- }
- moaauth.getVerifyTransformsInfoProfileID().add(moaconfig.getAuthTransformList().get(0));
- }
-
- SecurityLayer seclayertrans = dbauth.getSecurityLayer();
- if (seclayertrans == null) {
- seclayertrans = new SecurityLayer();
- dbauth.setSecurityLayer(seclayertrans);
- }
- List<TransformsInfoType> trans = new ArrayList<TransformsInfoType>();
- Map<String, byte[]> moatrans = moaconfig.getSecLayerTransformation();
- if (moatrans != null) {
- Set<String> keys = moatrans.keySet();
- for (String key : keys) {
- TransformsInfoType elem = new TransformsInfoType();
- elem.setFilename(key);
- elem.setTransformation(moatrans.get(key));
- trans.add(elem);
- }
- }
- if (trans.size() > 0)
- seclayertrans.setTransformsInfo(trans);
-
-
- SLRequestTemplates slrequesttempl = dbconfig.getSLRequestTemplates();
- if (slrequesttempl == null) {
- slrequesttempl = new SLRequestTemplates();
- dbconfig.setSLRequestTemplates(slrequesttempl);
- }
- if (MiscUtil.isNotEmpty(moaconfig.getSLRequestTemplateHandy()))
- slrequesttempl.setHandyBKU(moaconfig.getSLRequestTemplateHandy());
- if (MiscUtil.isNotEmpty(moaconfig.getSLRequestTemplateLocal()))
- slrequesttempl.setLocalBKU(moaconfig.getSLRequestTemplateLocal());
- if (MiscUtil.isNotEmpty(moaconfig.getSLRequestTemplateOnline()))
- slrequesttempl.setOnlineBKU(moaconfig.getSLRequestTemplateOnline());
-
- }
-
- if (MiscUtil.isNotEmpty(moaconfig.getTrustedCACerts()))
- dbconfig.setTrustedCACertificates(moaconfig.getTrustedCACerts());
-
- //save config
- try {
- log.debug("JaxB to Key/Value configuration transformation started ...");
- Map<String, String> keyValueConfig =
- ConfigurationMigrationUtils.convertHyberJaxBMOAIDConfigToKeyValue(dbconfig);
-
- log.debug("JaxB to Key/Value configuration transformation finished. Start Key/Value storage process ...");
-
- configuration.getConfigModule().storeChanges(keyValueConfig, null, null);
-
- log.info("General MOA-ID Key/Value configuration successfull stored.");
-
-
- } catch (ConfigurationStorageException e) {
- log.warn("MOAID Configuration can not be stored in Database", e);
- return LanguageHelper.getErrorString("error.db.oa.store", request);
-
- } finally {
-
-
- }
-
- return null;
- }
-
- /**
- * @return the moaconfig
- */
- public GeneralMOAIDConfig getMoaconfig() {
- return moaconfig;
- }
-
- /**
- * @param moaconfig the moaconfig to set
- */
- public void setMoaconfig(GeneralMOAIDConfig moaconfig) {
- this.moaconfig = moaconfig;
- }
-
- /**
- * Gets the storkconfig.
- *
- * @return the storkconfig
- */
- public GeneralStorkConfig getStorkconfig() {
- return storkconfig;
- }
-
- /**
- * Sets the storkconfig.
- *
- * @param storkconfig the new storkconfig
- */
- public void setStorkconfig(GeneralStorkConfig storkconfig) {
- this.storkconfig = storkconfig;
- }
-
- /**
- * @return the formID
- */
- public String getFormID() {
- return formID;
- }
-
- /**
- * @param formID the formID to set
- */
- public void setFormID(String formID) {
- this.formID = formID;
- }
-
-
-
+ }
+
+ Organization pvp2org = pvp2.getOrganization();
+ if (pvp2org == null) {
+ pvp2org = new Organization();
+ pvp2.setOrganization(pvp2org);
+ }
+ if (MiscUtil.isNotEmpty(moaconfig.getPvp2OrgDisplayName())) {
+ pvp2org.setDisplayName(StringHelper.getUTF8String(
+ moaconfig.getPvp2OrgDisplayName()));
+ }
+ if (MiscUtil.isNotEmpty(moaconfig.getPvp2OrgName())) {
+ pvp2org.setName(StringHelper.getUTF8String(moaconfig.getPvp2OrgName()));
+ }
+ if (MiscUtil.isNotEmpty(moaconfig.getPvp2OrgURL())) {
+ pvp2org.setURL(moaconfig.getPvp2OrgURL());
+ }
+
+ List<Contact> pvp2cont = pvp2.getContact();
+ if (pvp2cont == null) {
+ pvp2cont = new ArrayList<>();
+ pvp2.setContact(pvp2cont);
+ }
+
+ if (pvp2cont.size() == 0) {
+ final Contact cont = new Contact();
+ pvp2cont.add(cont);
+ }
+
+ final Contact cont = pvp2cont.get(0);
+ if (MiscUtil.isNotEmpty(moaconfig.getPvp2Contact().getCompany())) {
+ cont.setCompany(StringHelper.getUTF8String(
+ moaconfig.getPvp2Contact().getCompany()));
+ }
+
+ if (MiscUtil.isNotEmpty(moaconfig.getPvp2Contact().getGivenname())) {
+ cont.setGivenName(StringHelper.getUTF8String(
+ moaconfig.getPvp2Contact().getGivenname()));
+ }
+
+ if (cont.getMail() != null && cont.getMail().size() > 0) {
+ cont.getMail().set(0, moaconfig.getPvp2Contact().getMail());
+ } else {
+ cont.setMail(Arrays.asList(moaconfig.getPvp2Contact().getMail()));
+ }
+
+ if (cont.getPhone() != null && cont.getPhone().size() > 0) {
+ cont.getPhone().set(0, moaconfig.getPvp2Contact().getPhone());
+ } else {
+ cont.setPhone(Arrays.asList(moaconfig.getPvp2Contact().getPhone()));
+ }
+
+ cont.setSurName(StringHelper.getUTF8String(moaconfig.getPvp2Contact().getSurname()));
+ if (MiscUtil.isNotEmpty(moaconfig.getPvp2Contact().getType())) {
+ cont.setType(moaconfig.getPvp2Contact().getType());
+ }
+
+ ChainingModes dbchainingmodes = dbconfig.getChainingModes();
+ if (dbchainingmodes == null) {
+ dbchainingmodes = new ChainingModes();
+ dbconfig.setChainingModes(dbchainingmodes);
+ }
+
+ dbchainingmodes.setSystemDefaultMode(
+ ChainingModeType.fromValue("pkix"));
+
+ if (isMoaidMode) {
+ SSO dbsso = dbauth.getSSO();
+ if (dbsso == null) {
+ dbsso = new SSO();
+ dbauth.setSSO(dbsso);
+ }
+
+ if (MiscUtil.isNotEmpty(moaconfig.getSsoFriendlyName())) {
+ dbsso.setFriendlyName(StringHelper.getUTF8String(
+ moaconfig.getSsoFriendlyName()));
+ }
+ if (MiscUtil.isNotEmpty(moaconfig.getSsoSpecialText())) {
+ dbsso.setSpecialText(StringHelper.getUTF8String(
+ moaconfig.getSsoSpecialText()));
+ // if (MiscUtil.isNotEmpty(moaconfig.getSsoPublicUrl()))
+ // dbsso.setPublicURL(moaconfig.getSsoPublicUrl());
+ }
+
+ if (MiscUtil.isNotEmpty(moaconfig.getSsoTarget())) {
+
+ if (!ValidationHelper.isValidAdminTarget(moaconfig.getSsoTarget())) {
+ String num = moaconfig.getSsoTarget().replaceAll(" ", "");
+ String pre = null;
+ if (num.startsWith(Constants.IDENIFICATIONTYPE_FN)) {
+ num = num.substring(Constants.IDENIFICATIONTYPE_FN.length());
+
+ num = at.gv.egovernment.moa.util.StringUtils.deleteLeadingZeros(num);
+ pre = Constants.IDENIFICATIONTYPE_FN;
+ }
+
+ if (num.startsWith(Constants.IDENIFICATIONTYPE_ZVR)) {
+ num = num.substring(Constants.IDENIFICATIONTYPE_ZVR.length());
+ pre = Constants.IDENIFICATIONTYPE_ZVR;
+ }
+
+ if (num.startsWith(Constants.IDENIFICATIONTYPE_ERSB)) {
+ num = num.substring(Constants.IDENIFICATIONTYPE_ERSB.length());
+ pre = Constants.IDENIFICATIONTYPE_ERSB;
+ }
+
+ dbsso.setTarget(Constants.PREFIX_WPBK + pre + "+" + num);
+
+ } else {
+ dbsso.setTarget(moaconfig.getSsoTarget());
+
+ }
+ }
+ // if (MiscUtil.isNotEmpty(moaconfig.getSsoIdentificationNumber())) {
+ // IdentificationNumber ssoid = dbsso.getIdentificationNumber();
+ // if (ssoid == null) {
+ // ssoid = new IdentificationNumber();
+ // dbsso.setIdentificationNumber(ssoid);
+ // }
+ // ssoid.setValue(moaconfig.getSsoIdentificationNumber());
+ // }
+
+ DefaultBKUs dbbkus = dbconfig.getDefaultBKUs();
+
+ if (dbbkus == null) {
+ dbbkus = new DefaultBKUs();
+ dbconfig.setDefaultBKUs(dbbkus);
+ }
+
+ if (MiscUtil.isNotEmpty(moaconfig.getDefaultBKUHandy())) {
+ dbbkus.setHandyBKU(moaconfig.getDefaultBKUHandy());
+ } else {
+ dbbkus.setHandyBKU(new String());
+ }
+
+ if (MiscUtil.isNotEmpty(moaconfig.getDefaultBKUOnline())) {
+ dbbkus.setOnlineBKU(moaconfig.getDefaultBKUOnline());
+ } else {
+ dbbkus.setOnlineBKU(new String());
+ }
+
+ if (MiscUtil.isNotEmpty(moaconfig.getDefaultBKULocal())) {
+ dbbkus.setLocalBKU(moaconfig.getDefaultBKULocal());
+ } else {
+ dbbkus.setLocalBKU(new String());
+ }
+
+ IdentityLinkSigners idlsigners = dbauth.getIdentityLinkSigners();
+ if (idlsigners == null) {
+ idlsigners = new IdentityLinkSigners();
+ dbauth.setIdentityLinkSigners(idlsigners);
+ }
+
+ ForeignIdentities dbforeign = dbauth.getForeignIdentities();
+ if (dbforeign == null) {
+ dbforeign = new ForeignIdentities();
+ dbauth.setForeignIdentities(dbforeign);
+ }
+
+ if (MiscUtil.isNotEmpty(moaconfig.getSzrgwURL())) {
+ ConnectionParameterClientAuthType forcon = dbforeign.getConnectionParameter();
+ if (forcon == null) {
+ forcon = new ConnectionParameterClientAuthType();
+ dbforeign.setConnectionParameter(forcon);
+ }
+
+ if (KeyValueUtils.isCSVValueString(moaconfig.getSzrgwURL())) {
+ forcon.setURL(KeyValueUtils.normalizeCSVValueString(moaconfig.getSzrgwURL()));
+ } else {
+ if (moaconfig.getSzrgwURL().contains(KeyValueUtils.CSV_DELIMITER)) {
+ forcon.setURL(
+ moaconfig.getSzrgwURL().trim().substring(0,
+ moaconfig.getSzrgwURL().indexOf(KeyValueUtils.CSV_DELIMITER)));
+ } else {
+ forcon.setURL(
+ StringUtils.chomp(moaconfig.getSzrgwURL().trim()));
+ }
+
+ }
+
+ }
+
+ final ForeignIdentities foreign = dbauth.getForeignIdentities();
+ if (foreign != null) {
+ STORK stork = foreign.getSTORK();
+ if (stork == null) {
+ stork = new STORK();
+ foreign.setSTORK(stork);
+
+ }
+
+ try {
+ log.error("QAAAA " + storkconfig.getDefaultQaa());
+ stork.setGeneral_eIDAS_LOA(storkconfig.getDefaultQaa());
+
+ if (storkconfig.getAttributes() != null) {
+ final List<StorkAttribute> dbStorkAttr = new ArrayList<>();
+ stork.setAttributes(dbStorkAttr);
+
+ for (final StorkAttribute attr : storkconfig.getAttributes()) {
+ if (attr != null && MiscUtil.isNotEmpty(attr.getName())) {
+ dbStorkAttr.add(attr);
+ } else {
+ log.info("Remove null or empty STORK attribute");
+ }
+ }
+
+ } else {
+ stork.setAttributes(new ArrayList<StorkAttribute>());
+ }
+
+ if (storkconfig.getCpepslist() != null) {
+ final List<CPEPS> dbStorkCPEPS = new ArrayList<>();
+ stork.setCPEPS(dbStorkCPEPS);
+
+ for (final CPEPS cpeps : storkconfig.getCpepslist()) {
+ if (cpeps != null && MiscUtil.isNotEmpty(cpeps.getURL()) &&
+ MiscUtil.isNotEmpty(cpeps.getCountryCode())) {
+
+ if (cpeps.getCountryCode().equals("CC") &&
+ cpeps.getURL().equals("http://")) {
+ log.info("Remove dummy STORK CPEPS entry.");
+ } else {
+ dbStorkCPEPS.add(cpeps);
+ }
+
+ } else {
+ log.info("Remove null or emtpy STORK CPEPS configuration");
+ }
+ }
+
+ } else {
+ stork.setCPEPS(new ArrayList<CPEPS>());
+ }
+
+ } catch (final Exception e) {
+ e.printStackTrace();
+
+ }
+
+ try {
+ log.info("CPEPS LIST: " + storkconfig.getCpepslist().size());
+ log.trace("CPEPS 1:" + storkconfig.getCpepslist().get(0).getCountryCode() + storkconfig
+ .getCpepslist().get(0).getURL());
+
+ } catch (final Exception ex) {
+ log.info("CPEPS LIST is null");
+
+ }
+ }
+
+ // write MIS Mandate-Service URLs
+ if (MiscUtil.isNotEmpty(moaconfig.getMandateURL())) {
+ OnlineMandates dbmandate = dbauth.getOnlineMandates();
+ if (dbmandate == null) {
+ dbmandate = new OnlineMandates();
+ dbauth.setOnlineMandates(dbmandate);
+ }
+ ConnectionParameterClientAuthType dbmandateconnection = dbmandate.getConnectionParameter();
+
+ if (dbmandateconnection == null) {
+ dbmandateconnection = new ConnectionParameterClientAuthType();
+ dbmandate.setConnectionParameter(dbmandateconnection);
+ }
+
+ if (KeyValueUtils.isCSVValueString(moaconfig.getMandateURL())) {
+ dbmandateconnection.setURL(KeyValueUtils.normalizeCSVValueString(moaconfig.getMandateURL()));
+ } else {
+ if (moaconfig.getMandateURL().contains(KeyValueUtils.CSV_DELIMITER)) {
+ dbmandateconnection.setURL(
+ moaconfig.getMandateURL().trim().substring(0,
+ moaconfig.getMandateURL().indexOf(KeyValueUtils.CSV_DELIMITER)));
+ } else {
+ dbmandateconnection.setURL(
+ StringUtils.chomp(moaconfig.getMandateURL().trim()));
+ }
+
+ }
+ }
+
+ // write ELGA Mandate-Service URLs
+ if (MiscUtil.isNotEmpty(moaconfig.getElgaMandateServiceURL())) {
+ if (KeyValueUtils.isCSVValueString(moaconfig.getElgaMandateServiceURL())) {
+ dbconfig.setElgaMandateServiceURLs(KeyValueUtils.normalizeCSVValueString(moaconfig
+ .getElgaMandateServiceURL()));
+ } else {
+ if (moaconfig.getElgaMandateServiceURL().contains(KeyValueUtils.CSV_DELIMITER)) {
+ dbconfig.setElgaMandateServiceURLs(
+ moaconfig.getElgaMandateServiceURL().trim().substring(0,
+ moaconfig.getElgaMandateServiceURL().indexOf(KeyValueUtils.CSV_DELIMITER)));
+ } else {
+ dbconfig.setElgaMandateServiceURLs(
+ StringUtils.chomp(moaconfig.getElgaMandateServiceURL().trim()));
+ }
+
+ }
+ } else {
+ dbconfig.setElgaMandateServiceURLs(null);
+ }
+ }
+
+ // write E-ID System URLs
+ if (MiscUtil.isNotEmpty(moaconfig.getEidSystemServiceURL())) {
+ if (KeyValueUtils.isCSVValueString(moaconfig.getEidSystemServiceURL())) {
+ dbconfig.setEidSystemServiceURLs(KeyValueUtils.normalizeCSVValueString(moaconfig
+ .getEidSystemServiceURL()));
+ } else {
+ if (moaconfig.getEidSystemServiceURL().contains(KeyValueUtils.CSV_DELIMITER)) {
+ dbconfig.setEidSystemServiceURLs(
+ moaconfig.getEidSystemServiceURL().trim().substring(0,
+ moaconfig.getEidSystemServiceURL().indexOf(KeyValueUtils.CSV_DELIMITER)));
+ } else {
+ dbconfig.setEidSystemServiceURLs(
+ StringUtils.chomp(moaconfig.getEidSystemServiceURL().trim()));
+ }
+
+ }
+
+ } else {
+ dbconfig.setEidSystemServiceURLs(null);
+ }
+
+ if (isMoaidMode) {
+ MOASP dbmoasp = dbauth.getMOASP();
+ if (dbmoasp == null) {
+ dbmoasp = new MOASP();
+ dbauth.setMOASP(dbmoasp);
+ }
+ if (MiscUtil.isNotEmpty(moaconfig.getMoaspssURL())) {
+ ConnectionParameterClientAuthType moaspcon = dbmoasp.getConnectionParameter();
+ if (moaspcon == null) {
+ moaspcon = new ConnectionParameterClientAuthType();
+ dbmoasp.setConnectionParameter(moaspcon);
+ }
+ moaspcon.setURL(moaconfig.getMoaspssURL());
+ }
+ VerifyIdentityLink moaidl = dbmoasp.getVerifyIdentityLink();
+ if (moaidl == null) {
+ moaidl = new VerifyIdentityLink();
+ dbmoasp.setVerifyIdentityLink(moaidl);
+ }
+ moaidl.setTrustProfileID(moaconfig.getMoaspssIdlTrustProfile());
+ moaidl.setTestTrustProfileID(moaconfig.getMoaspssIdlTrustProfileTest());
+
+ VerifyAuthBlock moaauth = dbmoasp.getVerifyAuthBlock();
+ if (moaauth == null) {
+ moaauth = new VerifyAuthBlock();
+ dbmoasp.setVerifyAuthBlock(moaauth);
+ }
+ moaauth.setTrustProfileID(moaconfig.getMoaspssAuthTrustProfile());
+ moaauth.setTestTrustProfileID(moaconfig.getMoaspssAuthTrustProfileTest());
+
+ if (moaauth.getVerifyTransformsInfoProfileID() != null &&
+ moaauth.getVerifyTransformsInfoProfileID().size() > 0) {
+ moaauth.getVerifyTransformsInfoProfileID().set(0, moaconfig.getAuthTransformList().get(0));
+ } else {
+ if (moaauth.getVerifyTransformsInfoProfileID() == null) {
+ moaauth.setVerifyTransformsInfoProfileID(new ArrayList<String>());
+
+ }
+ moaauth.getVerifyTransformsInfoProfileID().add(moaconfig.getAuthTransformList().get(0));
+ }
+
+ SecurityLayer seclayertrans = dbauth.getSecurityLayer();
+ if (seclayertrans == null) {
+ seclayertrans = new SecurityLayer();
+ dbauth.setSecurityLayer(seclayertrans);
+ }
+ final List<TransformsInfoType> trans = new ArrayList<>();
+ final Map<String, byte[]> moatrans = moaconfig.getSecLayerTransformation();
+ if (moatrans != null) {
+ final Set<String> keys = moatrans.keySet();
+ for (final String key : keys) {
+ final TransformsInfoType elem = new TransformsInfoType();
+ elem.setFilename(key);
+ elem.setTransformation(moatrans.get(key));
+ trans.add(elem);
+ }
+ }
+ if (trans.size() > 0) {
+ seclayertrans.setTransformsInfo(trans);
+ }
+
+ SLRequestTemplates slrequesttempl = dbconfig.getSLRequestTemplates();
+ if (slrequesttempl == null) {
+ slrequesttempl = new SLRequestTemplates();
+ dbconfig.setSLRequestTemplates(slrequesttempl);
+ }
+ if (MiscUtil.isNotEmpty(moaconfig.getSLRequestTemplateHandy())) {
+ slrequesttempl.setHandyBKU(moaconfig.getSLRequestTemplateHandy());
+ }
+ if (MiscUtil.isNotEmpty(moaconfig.getSLRequestTemplateLocal())) {
+ slrequesttempl.setLocalBKU(moaconfig.getSLRequestTemplateLocal());
+ }
+ if (MiscUtil.isNotEmpty(moaconfig.getSLRequestTemplateOnline())) {
+ slrequesttempl.setOnlineBKU(moaconfig.getSLRequestTemplateOnline());
+ }
+
+ }
+
+ if (MiscUtil.isNotEmpty(moaconfig.getTrustedCACerts())) {
+ dbconfig.setTrustedCACertificates(moaconfig.getTrustedCACerts());
+ }
+
+ // save config
+ try {
+ log.debug("JaxB to Key/Value configuration transformation started ...");
+ final Map<String, String> keyValueConfig =
+ ConfigurationMigrationUtils.convertHyberJaxBMOAIDConfigToKeyValue(dbconfig);
+
+ log.debug(
+ "JaxB to Key/Value configuration transformation finished. Start Key/Value storage process ...");
+
+ configuration.getConfigModule().storeChanges(keyValueConfig, null, null);
+
+ log.info("General MOA-ID Key/Value configuration successfull stored.");
+
+ } catch (final ConfigurationStorageException e) {
+ log.warn("MOAID Configuration can not be stored in Database", e);
+ return LanguageHelper.getErrorString("error.db.oa.store", request);
+
+ } finally {
+
+ }
+
+ return null;
+ }
+
+ /**
+ * @return the moaconfig
+ */
+ public GeneralMOAIDConfig getMoaconfig() {
+ return moaconfig;
+ }
+
+ /**
+ * @param moaconfig the moaconfig to set
+ */
+ public void setMoaconfig(GeneralMOAIDConfig moaconfig) {
+ this.moaconfig = moaconfig;
+ }
+
+ /**
+ * Gets the storkconfig.
+ *
+ * @return the storkconfig
+ */
+ public GeneralStorkConfig getStorkconfig() {
+ return storkconfig;
+ }
+
+ /**
+ * Sets the storkconfig.
+ *
+ * @param storkconfig the new storkconfig
+ */
+ public void setStorkconfig(GeneralStorkConfig storkconfig) {
+ this.storkconfig = storkconfig;
+ }
+
+ /**
+ * @return the formID
+ */
+ @Override
+ public String getFormID() {
+ return formID;
+ }
+
+ /**
+ * @param formID the formID to set
+ */
+ @Override
+ public void setFormID(String formID) {
+ this.formID = formID;
+ }
}
diff --git a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/struts/action/EditOAAction.java b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/struts/action/EditOAAction.java
index 31126d14f..1ad6e7d6b 100644
--- a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/struts/action/EditOAAction.java
+++ b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/struts/action/EditOAAction.java
@@ -27,8 +27,6 @@ import java.util.HashMap;
import java.util.List;
import java.util.Map;
-import org.apache.log4j.Logger;
-
import at.gv.egiz.eaaf.core.impl.utils.Random;
import at.gv.egovernment.moa.id.auth.frontend.utils.FormBuildUtils;
import at.gv.egovernment.moa.id.commons.db.dao.config.UserDatabase;
@@ -53,505 +51,512 @@ import at.gv.egovernment.moa.id.configuration.exception.BasicActionException;
import at.gv.egovernment.moa.id.configuration.exception.BasicOAActionException;
import at.gv.egovernment.moa.id.configuration.helper.LanguageHelper;
import at.gv.egovernment.moa.id.configuration.helper.MailHelper;
+import lombok.extern.slf4j.Slf4j;
+@Slf4j
public class EditOAAction extends BasicOAAction {
- private final Logger log = Logger.getLogger(EditOAAction.class);
- private static final long serialVersionUID = 1L;
-
- private String nextPage;
-
- public EditOAAction() {
- super();
-
- OATargetConfiguration oaTarget = new OATargetConfiguration();
- formList.put(oaTarget.getName(), oaTarget);
-
- OAAuthenticationData authOA = new OAAuthenticationData();
- formList.put(authOA.getName(), authOA);
-
- OASAML1Config saml1OA = new OASAML1Config();
- formList.put(saml1OA.getName(), saml1OA);
-
- if (isMoaidMode) {
- OABPKEncryption bPKEncDec = new OABPKEncryption();
- formList.put(bPKEncDec.getName(), bPKEncDec);
-
- OASSOConfig ssoOA = new OASSOConfig();
- formList.put(ssoOA.getName(), ssoOA);
-
- OAPVP2Config pvp2OA = new OAPVP2Config();
- formList.put(pvp2OA.getName(), pvp2OA);
-
- OAOAuth20Config oauth20OA = new OAOAuth20Config();
- formList.put(oauth20OA.getName(), oauth20OA);
-
- OASTORKConfig storkOA = new OASTORKConfig();
- formList.put(storkOA.getName(), storkOA);
-
- Map<String, String> map = new HashMap<String, String>();
- map.putAll(FormBuildUtils.getDefaultMap());
- FormularCustomization formOA = new FormularCustomization(map);
- formList.put(formOA.getName(), formOA);
-
- OARevisionsLogData revisOA = new OARevisionsLogData();
- formList.put(revisOA.getName(), revisOA);
- }
-
- }
-
- // STRUTS actions
- public String inital() {
- try {
- populateBasicInformations();
-
- OnlineApplication onlineapplication = populateOnlineApplicationFromRequest();
-
- if (onlineapplication == null) {
- addActionError(LanguageHelper.getErrorString(
- "errors.listOAs.noOA", request));
- return Constants.STRUTS_SUCCESS;
- }
-
- List<String> errors = new ArrayList<String>();
- for (IOnlineApplicationData form : formList.values()) {
- List<String> error = form.parse(onlineapplication, authUser,
- request);
- if (error != null)
- errors.addAll(error);
- }
- if (errors.size() > 0) {
- for (String el : errors)
- addActionError(el);
- }
-
- setNewOA(false);
-
- formID = Random.nextRandom();
- session.setAttribute(Constants.SESSION_FORMID, formID);
- session.setAttribute(Constants.SESSION_OAID, oaid);
-
- return Constants.STRUTS_OA_EDIT;
-
- } catch (BasicActionException e) {
- return Constants.STRUTS_ERROR;
-
- } catch (BasicOAActionException e) {
- addActionError(e.getStrutsError());
- return e.getStrutsReturnValue();
-
- } finally {
-
- }
- }
-
- public String newOA() {
- log.debug("insert new Online-Application");
-
- try {
- populateBasicInformations();
-
- populateBasicNewOnlineApplicationInformation();
-
- // prepare attribute helper list
- ArrayList<AttributeHelper> attributes = new ArrayList<AttributeHelper>();
-
- try {
- for (StorkAttribute current : configuration.getDbRead()
- .getMOAIDConfiguration().getAuthComponentGeneral()
- .getForeignIdentities().getSTORK().getAttributes())
- attributes.add(new AttributeHelper(current));
-
-
- } catch (NullPointerException e) {
-
- }
-
- if (getStorkOA() != null)
- getStorkOA().setHelperAttributes(attributes);
-
- UserDatabase userdb = configuration.getUserManagement().getUserWithID(authUser
- .getUserID());
-
- if (!authUser.isAdmin() && userdb.isIsMailAddressVerified() != null
- && !userdb.isIsMailAddressVerified()) {
- log.info("Online-Applikation managemant disabled. Mail address is not verified.");
- addActionError(LanguageHelper.getErrorString(
- "error.editoa.mailverification", request));
- return Constants.STRUTS_SUCCESS;
- }
-
- if (formList.get(new OAOAuth20Config().getName()) != null)
- session.setAttribute(
- Constants.SESSION_OAUTH20SECRET,
- ((OAOAuth20Config) formList.get(new OAOAuth20Config().getName()))
- .getClientSecret());
-
- if (getFormOA() != null)
- session.setAttribute(Constants.SESSION_BKUFORMPREVIEW, getFormOA().getFormMap());
-
-
- nextPage = Constants.STRUTS_RETURNAREA_VALUES.main.name();
-
- return Constants.STRUTS_OA_EDIT;
-
- } catch (BasicActionException e) {
- return Constants.STRUTS_ERROR;
-
- } finally {
-
- }
- }
-
- public String saveOA() {
-
- OnlineApplication onlineapplication = null;
-
- try {
- populateBasicInformations();
- onlineapplication = preProcessSaveOnlineApplication();
-
- List<String> errors = new ArrayList<String>();
-
- // validate forms
- for (IOnlineApplicationData form : formList.values())
- errors.addAll(form.validate(getGeneralOA(), authUser, request));
-
- // Do not allow SSO in combination with special BKUSelection features
- if (getSsoOA() != null && getSsoOA().isUseSSO()
- && (getFormOA() != null && getFormOA().isOnlyMandateAllowed() || !getFormOA()
- .isShowMandateLoginButton())) {
- log.warn("Special BKUSelection features can not be used in combination with SSO");
- errors.add(LanguageHelper.getErrorString(
- "validation.general.bkuselection.specialfeatures.valid",
- request));
- }
-
- if (errors.size() > 0) {
- log.info("OAConfiguration with ID "
- + getGeneralOA().getIdentifier() + " has some errors.");
- for (String el : errors)
- addActionError(el);
-
- formID = Random.nextRandom();
- session.setAttribute(Constants.SESSION_FORMID, formID);
- return Constants.STRUTS_ERROR_VALIDATION;
-
- } else {
- try {
- onlineapplication = postProcessSaveOnlineApplication(onlineapplication, true);
-
- } catch (BasicOAActionException e) {
- addActionError(e.getStrutsError());
- return e.getStrutsReturnValue();
- }
-
- }
-
- Object nextPageAttr = session
- .getAttribute(Constants.SESSION_RETURNAREA);
- if (nextPageAttr != null && nextPageAttr instanceof String) {
- nextPage = (String) nextPageAttr;
- session.setAttribute(Constants.SESSION_RETURNAREA, null);
-
- } else {
- nextPage = Constants.STRUTS_RETURNAREA_VALUES.main.name();
- }
-
- if (onlineapplication.isIsAdminRequired()) {
- int numoas = 0;
- int numusers = 0;
-
- List<OnlineApplication> openOAs = configuration.getDbRead()
- .getAllNewOnlineApplications();
- if (openOAs != null)
- numoas = openOAs.size();
-
- List<UserDatabase> openUsers = configuration.getUserManagement().getAllNewUsers();
- if (openUsers != null)
- numusers = openUsers.size();
- try {
-
- addActionMessage(LanguageHelper.getGUIString(
- "webpages.oaconfig.success.admin", getGeneralOA()
- .getIdentifier(), request));
-
- if (numusers > 0 || numoas > 0)
- MailHelper.sendAdminMail(numoas, numusers);
-
- } catch (ConfigurationException e) {
- log.warn("Sending Mail to Admin failed.", e);
- }
-
- } else
- addActionMessage(LanguageHelper.getGUIString(
- "webpages.oaconfig.success",
- getGeneralOA().getIdentifier(), request));
-
- // remove session attributes
- session.setAttribute(Constants.SESSION_OAID, null);
- session.removeAttribute(Constants.SESSION_BKUSELECTIONTEMPLATE);
- session.removeAttribute(Constants.SESSION_SENDASSERTIONTEMPLATE);
-
- return Constants.STRUTS_SUCCESS;
-
- } catch (BasicActionException e) {
- return Constants.STRUTS_ERROR;
-
- } catch (BasicOAActionException e) {
- addActionError(e.getStrutsError());
- return e.getStrutsReturnValue();
-
- } finally {
-
- }
- }
-
- public String cancleAndBackOA() {
- try {
- populateBasicInformations();
-
- Object nextPageAttr = session
- .getAttribute(Constants.SESSION_RETURNAREA);
- if (nextPageAttr != null && nextPageAttr instanceof String) {
- nextPage = (String) nextPageAttr;
- session.setAttribute(Constants.SESSION_RETURNAREA, null);
-
- } else {
- nextPage = Constants.STRUTS_RETURNAREA_VALUES.main.name();
- }
-
- session.setAttribute(Constants.SESSION_OAID, null);
-
- addActionMessage(LanguageHelper.getGUIString(
- "webpages.oaconfig.cancle", getGeneralOA().getIdentifier(),
- request));
-
- return Constants.STRUTS_SUCCESS;
-
- } catch (BasicActionException e) {
- return Constants.STRUTS_ERROR;
-
- } finally {
-
- }
- }
-
- public String deleteOA() {
- String oaidentifier = null;
- try {
- populateBasicInformations();
-
- Object nextPageAttr = session
- .getAttribute(Constants.SESSION_RETURNAREA);
- if (nextPageAttr != null && nextPageAttr instanceof String) {
- nextPage = (String) nextPageAttr;
-
- } else {
- nextPage = Constants.STRUTS_RETURNAREA_VALUES.main.name();
- }
-
- oaidentifier = preProcessDeleteOnlineApplication();
- List<OnlineApplication> onlineapplications = configuration.getDbRead()
- .getOnlineApplications(oaidentifier);
-
- Long oaid = getOAIDFromSession();
-
- OnlineApplication onlineapplication = null;
-
- if (onlineapplications != null && onlineapplications.size() > 1) {
- log.info("Found more then one OA with PublicURLPrefix in configuration. "
- + "Select OA with DB Id ...");
-
- for (OnlineApplication oa : onlineapplications) {
- if (oa.getHjid().equals(oaid)) {
- if (onlineapplication == null)
- onlineapplication = oa;
-
- else {
- log.error("Found more then one OA with same PublicURLPrefix and same DBID.");
- new BasicOAActionException(
- "Found more then one OA with same PublicURLPrefix and same DBID.",
- Constants.STRUTS_SUCCESS);
-
- }
- }
- }
-
- } else if (onlineapplications != null && onlineapplications.size() == 1)
- onlineapplication = onlineapplications.get(0);
-
- request.getSession().setAttribute(Constants.SESSION_OAID, null);
-
+ private static final long serialVersionUID = 1L;
+
+ private String nextPage;
+
+ public EditOAAction() {
+ super();
+
+ final OATargetConfiguration oaTarget = new OATargetConfiguration();
+ formList.put(oaTarget.getName(), oaTarget);
+
+ final OAAuthenticationData authOA = new OAAuthenticationData();
+ formList.put(authOA.getName(), authOA);
+
+ final OASAML1Config saml1OA = new OASAML1Config();
+ formList.put(saml1OA.getName(), saml1OA);
+
+ if (isMoaidMode) {
+ final OABPKEncryption bPKEncDec = new OABPKEncryption();
+ formList.put(bPKEncDec.getName(), bPKEncDec);
+
+ final OASSOConfig ssoOA = new OASSOConfig();
+ formList.put(ssoOA.getName(), ssoOA);
+
+ final OAPVP2Config pvp2OA = new OAPVP2Config();
+ formList.put(pvp2OA.getName(), pvp2OA);
+
+ final OAOAuth20Config oauth20OA = new OAOAuth20Config();
+ formList.put(oauth20OA.getName(), oauth20OA);
+
+ final OASTORKConfig storkOA = new OASTORKConfig();
+ formList.put(storkOA.getName(), storkOA);
+
+ final Map<String, String> map = new HashMap<>();
+ map.putAll(FormBuildUtils.getDefaultMap());
+ final FormularCustomization formOA = new FormularCustomization(map);
+ formList.put(formOA.getName(), formOA);
+
+ final OARevisionsLogData revisOA = new OARevisionsLogData();
+ formList.put(revisOA.getName(), revisOA);
+ }
+
+ }
+
+ // STRUTS actions
+ public String inital() {
+ try {
+ populateBasicInformations();
+
+ final OnlineApplication onlineapplication = populateOnlineApplicationFromRequest();
+
+ if (onlineapplication == null) {
+ addActionError(LanguageHelper.getErrorString(
+ "errors.listOAs.noOA", request));
+ return Constants.STRUTS_SUCCESS;
+ }
+
+ final List<String> errors = new ArrayList<>();
+ for (final IOnlineApplicationData form : formList.values()) {
+ final List<String> error = form.parse(onlineapplication, authUser,
+ request);
+ if (error != null) {
+ errors.addAll(error);
+ }
+ }
+ if (errors.size() > 0) {
+ for (final String el : errors) {
+ addActionError(el);
+ }
+ }
+
+ setNewOA(false);
+
+ formID = Random.nextRandom();
+ session.setAttribute(Constants.SESSION_FORMID, formID);
+ session.setAttribute(Constants.SESSION_OAID, oaid);
+
+ return Constants.STRUTS_OA_EDIT;
+
+ } catch (final BasicActionException e) {
+ return Constants.STRUTS_ERROR;
+
+ } catch (final BasicOAActionException e) {
+ addActionError(e.getStrutsError());
+ return e.getStrutsReturnValue();
+
+ } finally {
+
+ }
+ }
+
+ public String newOA() {
+ log.debug("insert new Online-Application");
+
+ try {
+ populateBasicInformations();
+
+ populateBasicNewOnlineApplicationInformation();
+
+ // prepare attribute helper list
+ final ArrayList<AttributeHelper> attributes = new ArrayList<>();
+
+ try {
+ for (final StorkAttribute current : configuration.getDbRead()
+ .getMOAIDConfiguration().getAuthComponentGeneral()
+ .getForeignIdentities().getSTORK().getAttributes()) {
+ attributes.add(new AttributeHelper(current));
+ }
+
+ } catch (final NullPointerException e) {
+
+ }
+
+ if (getStorkOA() != null) {
+ getStorkOA().setHelperAttributes(attributes);
+ }
+
+ final UserDatabase userdb = configuration.getUserManagement().getUserWithID(authUser
+ .getUserID());
+
+ if (!authUser.isAdmin() && userdb.isIsMailAddressVerified() != null
+ && !userdb.isIsMailAddressVerified()) {
+ log.info("Online-Applikation managemant disabled. Mail address is not verified.");
+ addActionError(LanguageHelper.getErrorString(
+ "error.editoa.mailverification", request));
+ return Constants.STRUTS_SUCCESS;
+ }
+
+ if (formList.get(new OAOAuth20Config().getName()) != null) {
+ session.setAttribute(
+ Constants.SESSION_OAUTH20SECRET,
+ ((OAOAuth20Config) formList.get(new OAOAuth20Config().getName()))
+ .getClientSecret());
+ }
+
+ if (getFormOA() != null) {
+ session.setAttribute(Constants.SESSION_BKUFORMPREVIEW, getFormOA().getFormMap());
+ }
+
+ nextPage = Constants.STRUTS_RETURNAREA_VALUES.main.name();
+
+ return Constants.STRUTS_OA_EDIT;
+
+ } catch (final BasicActionException e) {
+ return Constants.STRUTS_ERROR;
+
+ } finally {
+
+ }
+ }
+
+ public String saveOA() {
+
+ OnlineApplication onlineapplication = null;
+
+ try {
+ populateBasicInformations();
+ onlineapplication = preProcessSaveOnlineApplication();
+
+ final List<String> errors = new ArrayList<>();
+
+ // validate forms
+ for (final IOnlineApplicationData form : formList.values()) {
+ errors.addAll(form.validate(getGeneralOA(), authUser, request));
+ }
+
+ // Do not allow SSO in combination with special BKUSelection features
+ if (getSsoOA() != null && getSsoOA().isUseSSO()
+ && (getFormOA() != null && getFormOA().isOnlyMandateAllowed() || !getFormOA()
+ .isShowMandateLoginButton())) {
+ log.warn("Special BKUSelection features can not be used in combination with SSO");
+ errors.add(LanguageHelper.getErrorString(
+ "validation.general.bkuselection.specialfeatures.valid",
+ request));
+ }
+
+ if (errors.size() > 0) {
+ log.info("OAConfiguration with ID "
+ + getGeneralOA().getIdentifier() + " has some errors.");
+ for (final String el : errors) {
+ addActionError(el);
+ }
+
+ formID = Random.nextRandom();
+ session.setAttribute(Constants.SESSION_FORMID, formID);
+ return Constants.STRUTS_ERROR_VALIDATION;
+
+ } else {
+ try {
+ onlineapplication = postProcessSaveOnlineApplication(onlineapplication, true);
+
+ } catch (final BasicOAActionException e) {
+ addActionError(e.getStrutsError());
+ return e.getStrutsReturnValue();
+ }
+
+ }
+
+ final Object nextPageAttr = session
+ .getAttribute(Constants.SESSION_RETURNAREA);
+ if (nextPageAttr != null && nextPageAttr instanceof String) {
+ nextPage = (String) nextPageAttr;
+ session.setAttribute(Constants.SESSION_RETURNAREA, null);
+
+ } else {
+ nextPage = Constants.STRUTS_RETURNAREA_VALUES.main.name();
+ }
+
+ if (onlineapplication.isIsAdminRequired()) {
+ int numoas = 0;
+ int numusers = 0;
+
+ final List<OnlineApplication> openOAs = configuration.getDbRead()
+ .getAllNewOnlineApplications();
+ if (openOAs != null) {
+ numoas = openOAs.size();
+ }
+
+ final List<UserDatabase> openUsers = configuration.getUserManagement().getAllNewUsers();
+ if (openUsers != null) {
+ numusers = openUsers.size();
+ }
+ try {
+
+ addActionMessage(LanguageHelper.getGUIString(
+ "webpages.oaconfig.success.admin", getGeneralOA()
+ .getIdentifier(), request));
+
+ if (numusers > 0 || numoas > 0) {
+ MailHelper.sendAdminMail(numoas, numusers);
+ }
+
+ } catch (final ConfigurationException e) {
+ log.warn("Sending Mail to Admin failed.", e);
+ }
+
+ } else {
+ addActionMessage(LanguageHelper.getGUIString(
+ "webpages.oaconfig.success",
+ getGeneralOA().getIdentifier(), request));
+ }
+
+ // remove session attributes
+ session.setAttribute(Constants.SESSION_OAID, null);
+ session.removeAttribute(Constants.SESSION_BKUSELECTIONTEMPLATE);
+ session.removeAttribute(Constants.SESSION_SENDASSERTIONTEMPLATE);
+
+ return Constants.STRUTS_SUCCESS;
+
+ } catch (final BasicActionException e) {
+ return Constants.STRUTS_ERROR;
+
+ } catch (final BasicOAActionException e) {
+ addActionError(e.getStrutsError());
+ return e.getStrutsReturnValue();
+
+ } finally {
+
+ }
+ }
+
+ public String cancleAndBackOA() {
+ try {
+ populateBasicInformations();
+
+ final Object nextPageAttr = session
+ .getAttribute(Constants.SESSION_RETURNAREA);
+ if (nextPageAttr != null && nextPageAttr instanceof String) {
+ nextPage = (String) nextPageAttr;
+ session.setAttribute(Constants.SESSION_RETURNAREA, null);
+
+ } else {
+ nextPage = Constants.STRUTS_RETURNAREA_VALUES.main.name();
+ }
+
+ session.setAttribute(Constants.SESSION_OAID, null);
+
+ addActionMessage(LanguageHelper.getGUIString(
+ "webpages.oaconfig.cancle", getGeneralOA().getIdentifier(),
+ request));
+
+ return Constants.STRUTS_SUCCESS;
+
+ } catch (final BasicActionException e) {
+ return Constants.STRUTS_ERROR;
+
+ } finally {
+
+ }
+ }
+
+ public String deleteOA() {
+ String oaidentifier = null;
+ try {
+ populateBasicInformations();
+
+ final Object nextPageAttr = session
+ .getAttribute(Constants.SESSION_RETURNAREA);
+ if (nextPageAttr != null && nextPageAttr instanceof String) {
+ nextPage = (String) nextPageAttr;
+
+ } else {
+ nextPage = Constants.STRUTS_RETURNAREA_VALUES.main.name();
+ }
+
+ oaidentifier = preProcessDeleteOnlineApplication();
+ final List<OnlineApplication> onlineapplications = configuration.getDbRead()
+ .getOnlineApplications(oaidentifier);
+
+ final Long oaid = getOAIDFromSession();
+
+ OnlineApplication onlineapplication = null;
+
+ if (onlineapplications != null && onlineapplications.size() > 1) {
+ log.info("Found more then one OA with PublicURLPrefix in configuration. "
+ + "Select OA with DB Id ...");
+
+ for (final OnlineApplication oa : onlineapplications) {
+ if (oa.getHjid().equals(oaid)) {
+ if (onlineapplication == null) {
+ onlineapplication = oa;
+ } else {
+ log.error("Found more then one OA with same PublicURLPrefix and same DBID.");
+ new BasicOAActionException(
+ "Found more then one OA with same PublicURLPrefix and same DBID.",
+ Constants.STRUTS_SUCCESS);
+
+ }
+ }
+ }
+
+ } else if (onlineapplications != null && onlineapplications.size() == 1) {
+ onlineapplication = onlineapplications.get(0);
+ }
+
+ request.getSession().setAttribute(Constants.SESSION_OAID, null);
+
// try {
// if (MiscUtil.isNotEmpty(onlineapplication.getAuthComponentOA()
// .getOAPVP2().getMetadataURL())) {
-//
+//
// MOAIDConfiguration moaconfig = configuration.getDbRead()
// .getMOAIDConfiguration();
// moaconfig.setPvp2RefreshItem(new Date());
// ConfigurationDBUtils.saveOrUpdate(moaconfig);
-//
+//
// }
-// } catch (NullPointerException e) {
+// } catch (NullPointerException e) {
// log.debug("Found no MetadataURL in OA-Databaseconfig");
-//
+//
// } catch (Throwable e) {
// log.info("Set metadata refresh flag FAILED.", e);
// }
-
- if (onlineapplication != null && delete(onlineapplication)) {
-
- if (!authUser.isAdmin()) {
- UserDatabase user = configuration.getUserManagement().getUserWithID(authUser
- .getUserID());
- List<String> useroas = user.getOnlineApplication();
-
- for (String oa : useroas) {
- if (oa.equals(onlineapplication.getHjid())) {
- useroas.remove(oa);
- }
- }
-
- try {
- configuration.getUserManagement().saveOrUpdate(user);
-
- } catch (MOADatabaseException e) {
- log.warn("User information can not be updated in database",
- e);
- addActionError(LanguageHelper.getGUIString(
- "error.db.oa.store", request));
- return Constants.STRUTS_ERROR;
- }
- }
-
- addActionMessage(LanguageHelper.getGUIString(
- "webpages.oaconfig.delete.message", oaidentifier, request));
-
- return Constants.STRUTS_SUCCESS;
-
- } else {
- addActionError(LanguageHelper.getGUIString(
- "webpages.oaconfig.delete.error", oaidentifier, request));
- return Constants.STRUTS_SUCCESS;
- }
-
- } catch (BasicActionException e) {
- return Constants.STRUTS_ERROR;
-
- } catch (BasicOAActionException e) {
- addActionError(e.getStrutsError());
- return e.getStrutsReturnValue();
-
- } finally {
-
- }
-
- }
-
- public OAAuthenticationData getAuthOA() {
- return (OAAuthenticationData) formList.get(new OAAuthenticationData()
- .getName());
- }
-
- public void setAuthOA(OAAuthenticationData generalOA) {
- formList.put(generalOA.getName(), generalOA);
- }
-
- public OASAML1Config getSaml1OA() {
- return (OASAML1Config) formList.get(new OASAML1Config().getName());
- }
-
- public void setSaml1OA(OASAML1Config saml1oa) {
- formList.put(saml1oa.getName(), saml1oa);
- }
-
- public OASSOConfig getSsoOA() {
- return (OASSOConfig) formList.get(new OASSOConfig().getName());
- }
-
- public void setSsoOA(OASSOConfig ssoOA) {
- formList.put(ssoOA.getName(), ssoOA);
- }
-
- public OASTORKConfig getStorkOA() {
- return (OASTORKConfig) formList.get(new OASTORKConfig().getName());
- }
-
- public void setStorkOA(OASTORKConfig storkOA) {
- formList.put(storkOA.getName(), storkOA);
- }
-
-
- public OARevisionsLogData getRevisionsLogOA() {
- return (OARevisionsLogData) formList.get(new OARevisionsLogData().getName());
- }
-
- public void setRevisionsLogOA(OARevisionsLogData storkOA) {
- formList.put(storkOA.getName(), storkOA);
- }
-
-
- /**
- * @return the nextPage
- */
- public String getNextPage() {
- return nextPage;
- }
-
- /**
- * @return the formOA
- */
- public FormularCustomization getFormOA() {
- return (FormularCustomization) formList.get(new FormularCustomization(
- null).getName());
- }
-
- /**
- * @param formOA
- * the formOA to set
- */
- public void setFormOA(FormularCustomization formOA) {
- formList.put(formOA.getName(), formOA);
- }
-
- public OAOAuth20Config getOauth20OA() {
- return (OAOAuth20Config) formList.get(new OAOAuth20Config().getName());
- }
-
- public void setOauth20OA(OAOAuth20Config oauth20OA) {
- formList.put(oauth20OA.getName(), oauth20OA);
- }
-
- /**
- * @return the formOA
- */
- public OATargetConfiguration getTargetConfig() {
- return (OATargetConfiguration) formList.get(new OATargetConfiguration()
- .getName());
- }
-
- /**
- * @param formOA
- * the formOA to set
- */
- public void setTargetConfig(OATargetConfiguration formOA) {
- formList.put(formOA.getName(), formOA);
- }
-
- /**
- * @return the bPK encryption/decryption form
- */
- public OABPKEncryption getBPKEncDecr() {
- return (OABPKEncryption) formList.get(new OABPKEncryption().getName());
- }
-
- /**
- * @param bPK encryption/decryption form
- * the bPK encryption/decryption form to set
- */
- public void setBPKEncDecr(OABPKEncryption formOA) {
- formList.put(formOA.getName(), formOA);
- }
-
+
+ if (onlineapplication != null && delete(onlineapplication)) {
+
+ if (!authUser.isAdmin()) {
+ final UserDatabase user = configuration.getUserManagement().getUserWithID(authUser
+ .getUserID());
+ final List<String> useroas = user.getOnlineApplication();
+
+ for (final String oa : useroas) {
+ if (oa.equals(onlineapplication.getHjid())) {
+ useroas.remove(oa);
+ }
+ }
+
+ try {
+ configuration.getUserManagement().saveOrUpdate(user);
+
+ } catch (final MOADatabaseException e) {
+ log.warn("User information can not be updated in database",
+ e);
+ addActionError(LanguageHelper.getGUIString(
+ "error.db.oa.store", request));
+ return Constants.STRUTS_ERROR;
+ }
+ }
+
+ addActionMessage(LanguageHelper.getGUIString(
+ "webpages.oaconfig.delete.message", oaidentifier, request));
+
+ return Constants.STRUTS_SUCCESS;
+
+ } else {
+ addActionError(LanguageHelper.getGUIString(
+ "webpages.oaconfig.delete.error", oaidentifier, request));
+ return Constants.STRUTS_SUCCESS;
+ }
+
+ } catch (final BasicActionException e) {
+ return Constants.STRUTS_ERROR;
+
+ } catch (final BasicOAActionException e) {
+ addActionError(e.getStrutsError());
+ return e.getStrutsReturnValue();
+
+ } finally {
+
+ }
+
+ }
+
+ public OAAuthenticationData getAuthOA() {
+ return (OAAuthenticationData) formList.get(new OAAuthenticationData()
+ .getName());
+ }
+
+ public void setAuthOA(OAAuthenticationData generalOA) {
+ formList.put(generalOA.getName(), generalOA);
+ }
+
+ public OASAML1Config getSaml1OA() {
+ return (OASAML1Config) formList.get(new OASAML1Config().getName());
+ }
+
+ public void setSaml1OA(OASAML1Config saml1oa) {
+ formList.put(saml1oa.getName(), saml1oa);
+ }
+
+ public OASSOConfig getSsoOA() {
+ return (OASSOConfig) formList.get(new OASSOConfig().getName());
+ }
+
+ public void setSsoOA(OASSOConfig ssoOA) {
+ formList.put(ssoOA.getName(), ssoOA);
+ }
+
+ public OASTORKConfig getStorkOA() {
+ return (OASTORKConfig) formList.get(new OASTORKConfig().getName());
+ }
+
+ public void setStorkOA(OASTORKConfig storkOA) {
+ formList.put(storkOA.getName(), storkOA);
+ }
+
+ public OARevisionsLogData getRevisionsLogOA() {
+ return (OARevisionsLogData) formList.get(new OARevisionsLogData().getName());
+ }
+
+ public void setRevisionsLogOA(OARevisionsLogData storkOA) {
+ formList.put(storkOA.getName(), storkOA);
+ }
+
+ /**
+ * @return the nextPage
+ */
+ public String getNextPage() {
+ return nextPage;
+ }
+
+ /**
+ * @return the formOA
+ */
+ public FormularCustomization getFormOA() {
+ return (FormularCustomization) formList.get(new FormularCustomization(
+ null).getName());
+ }
+
+ /**
+ * @param formOA the formOA to set
+ */
+ public void setFormOA(FormularCustomization formOA) {
+ formList.put(formOA.getName(), formOA);
+ }
+
+ public OAOAuth20Config getOauth20OA() {
+ return (OAOAuth20Config) formList.get(new OAOAuth20Config().getName());
+ }
+
+ public void setOauth20OA(OAOAuth20Config oauth20OA) {
+ formList.put(oauth20OA.getName(), oauth20OA);
+ }
+
+ /**
+ * @return the formOA
+ */
+ public OATargetConfiguration getTargetConfig() {
+ return (OATargetConfiguration) formList.get(new OATargetConfiguration()
+ .getName());
+ }
+
+ /**
+ * @param formOA the formOA to set
+ */
+ public void setTargetConfig(OATargetConfiguration formOA) {
+ formList.put(formOA.getName(), formOA);
+ }
+
+ /**
+ * @return the bPK encryption/decryption form
+ */
+ public OABPKEncryption getBPKEncDecr() {
+ return (OABPKEncryption) formList.get(new OABPKEncryption().getName());
+ }
+
+ /**
+ * @param bPK encryption/decryption form the bPK encryption/decryption form to
+ * set
+ */
+ public void setBPKEncDecr(OABPKEncryption formOA) {
+ formList.put(formOA.getName(), formOA);
+ }
+
}
diff --git a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/struts/action/IDPGatewayAction.java b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/struts/action/IDPGatewayAction.java
index e238c6d37..6a6cf1d27 100644
--- a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/struts/action/IDPGatewayAction.java
+++ b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/struts/action/IDPGatewayAction.java
@@ -25,8 +25,6 @@ package at.gv.egovernment.moa.id.configuration.struts.action;
import java.util.LinkedHashMap;
import at.gv.egovernment.moa.id.configuration.data.oa.IOnlineApplicationData;
-import at.gv.egovernment.moa.id.configuration.data.oa.OAMOAIDPInterfederationConfig;
-import at.gv.egovernment.moa.id.configuration.data.oa.OAPVP2Config;
import at.gv.egovernment.moa.id.configuration.data.oa.PVPGatewayInterfederationConfig;
/**
@@ -35,22 +33,22 @@ import at.gv.egovernment.moa.id.configuration.data.oa.PVPGatewayInterfederationC
*/
public class IDPGatewayAction extends InterfederationIDPAction {
- private static final long serialVersionUID = -2047128481980413334L;
-
- public IDPGatewayAction() {
- super();
- formList.putAll(buildIDPGatewayFormList());
- }
-
- public static LinkedHashMap<String, IOnlineApplicationData> buildIDPGatewayFormList() {
-
- LinkedHashMap<String, IOnlineApplicationData> forms =
- new LinkedHashMap<String, IOnlineApplicationData>();
-
- PVPGatewayInterfederationConfig pvpGatewayconfig = new PVPGatewayInterfederationConfig();
- forms.put(pvpGatewayconfig.getName(), pvpGatewayconfig);
-
- return forms;
- }
+ private static final long serialVersionUID = -2047128481980413334L;
+
+ public IDPGatewayAction() {
+ super();
+ formList.putAll(buildIDPGatewayFormList());
+ }
+
+ public static LinkedHashMap<String, IOnlineApplicationData> buildIDPGatewayFormList() {
+
+ final LinkedHashMap<String, IOnlineApplicationData> forms =
+ new LinkedHashMap<>();
+
+ final PVPGatewayInterfederationConfig pvpGatewayconfig = new PVPGatewayInterfederationConfig();
+ forms.put(pvpGatewayconfig.getName(), pvpGatewayconfig);
+
+ return forms;
+ }
}
diff --git a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/struts/action/ImportExportAction.java b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/struts/action/ImportExportAction.java
index d72505c0f..e2458a6a5 100644
--- a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/struts/action/ImportExportAction.java
+++ b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/struts/action/ImportExportAction.java
@@ -38,7 +38,6 @@ import javax.xml.bind.JAXBContext;
import javax.xml.bind.JAXBException;
import javax.xml.bind.Unmarshaller;
-import org.apache.log4j.Logger;
import org.springframework.beans.BeansException;
import at.gv.egiz.components.configuration.api.Configuration;
@@ -52,472 +51,468 @@ import at.gv.egovernment.moa.id.configuration.config.ConfigurationProvider;
import at.gv.egovernment.moa.id.configuration.exception.BasicActionException;
import at.gv.egovernment.moa.id.configuration.helper.LanguageHelper;
import at.gv.egovernment.moa.util.MiscUtil;
+import lombok.extern.slf4j.Slf4j;
+@Slf4j
public class ImportExportAction extends BasicAction {
-
- private static final Logger log = Logger.getLogger(ImportExportAction.class);
- private static final long serialVersionUID = 1L;
-
- private String formID;
- private File fileUpload = null;
- private String fileUploadContentType = null;
- private String fileUploadFileName = null;
-
- private InputStream fileInputStream;
-
- public String init() {
- try {
- populateBasicInformations();
-
- } catch (BasicActionException e) {
- return Constants.STRUTS_ERROR;
-
- }
-
- if (authUser.isAdmin()) {
-
- formID = Random.nextRandom();
- session.setAttribute(Constants.SESSION_FORMID, formID);
-
- return Constants.STRUTS_SUCCESS;
-
- } else {
- log.info("No access to Import/Export for User with ID" + authUser.getUserID());
- addActionError(LanguageHelper.getErrorString("errors.notallowed", request));
- return Constants.STRUTS_NOTALLOWED;
- }
- }
-
- public String importLegacyConfig() throws ConfigurationException {
- try {
- populateBasicInformations();
-
- } catch (BasicActionException e) {
- return Constants.STRUTS_ERROR;
-
- }
-
- Object formidobj = session.getAttribute(Constants.SESSION_FORMID);
- if (formidobj != null && formidobj instanceof String) {
- String formid = (String) formidobj;
- if (!formid.equals(formID)) {
- log.warn("FormIDs does not match. Some suspect Form is received from user "
- + authUser.getFamilyName() + authUser.getGivenName() + authUser.getUserID());
- return Constants.STRUTS_ERROR;
- }
- } else {
- log.warn("FormIDs does not match. Some suspect Form is received from user "
- + authUser.getFamilyName() + authUser.getGivenName() + authUser.getUserID());
- return Constants.STRUTS_ERROR;
- }
- session.setAttribute(Constants.SESSION_FORMID, null);
-
- if (authUser.isAdmin()) {
-
- //load legacy config if it is configured
-
- if (fileUpload == null) {
- addActionError(LanguageHelper.getErrorString("errors.importexport.nofile", request));
-
- formID = Random.nextRandom();
- session.setAttribute(Constants.SESSION_FORMID, formID);
- return Constants.STRUTS_ERROR_VALIDATION;
- }
-
- Properties result = null;
-
- try {
- log.warn("WARNING! The legacy import deletes the hole old config");
-
- InputStream inStream = new FileInputStream(fileUpload);
- // get config from xml file
- JAXBContext jc = JAXBContext.newInstance("at.gv.egovernment.moa.id.commons.db.dao.config.deprecated");
- Unmarshaller m = jc.createUnmarshaller();
- MOAIDConfiguration config = (MOAIDConfiguration) m.unmarshal(inStream);
-
- // serialize config to JSON properties
- result = ConfigurationUtil.moaIdConfigToJsonProperties(config);
-
- if (result == null || result.isEmpty()) {
- log.info("Legacy configuration has is empty");
- addActionError(LanguageHelper.getErrorString("errors.importexport.legacyimport", new Object[] {"Empty Configuratiobn"}, request));
-
- formID = Random.nextRandom();
- session.setAttribute(Constants.SESSION_FORMID, formID);
- return Constants.STRUTS_ERROR_VALIDATION;
-
- }
-
- } catch (JAXBException | FileNotFoundException e) {
- log.info("Legacy configuration has an Import Error", e);
- addActionError(LanguageHelper.getErrorString("errors.importexport.legacyimport", new Object[] {e.getMessage()}, request));
-
- formID = Random.nextRandom();
- session.setAttribute(Constants.SESSION_FORMID, formID);
- return Constants.STRUTS_ERROR_VALIDATION;
-
- }
-
- try {
- //check if XML config should be use
- log.warn("WARNING! MOA-ID 2.0 is started with XML configuration. This setup overstrike the actual configuration in the Database!");
-
- Configuration dbConfiguration =
- (Configuration) ConfigurationProvider.getInstance().getContext().getBean("moaidconfig");
-
- if (dbConfiguration == null) {
- log.warn("Open Database connection FAILED.");
- addActionError("Open Database connection FAILED.");
-
- formID = Random.nextRandom();
- session.setAttribute(Constants.SESSION_FORMID, formID);
- return Constants.STRUTS_ERROR_VALIDATION;
-
- }
-
- boolean isOverwriteData = true;
-
- List<String> keys = Arrays.asList(dbConfiguration.getConfigurationIds());
-
- if (keys == null) {
- log.info("Configuration is not readable.");
- throw new MOADatabaseException("Configuration is not readable.");
- }
-
- if (isOverwriteData) {
- // remove existing entries
- for (String key : keys) {
- dbConfiguration.deleteIds(key);
- }
- }
-
- Enumeration<?> propertyNames = result.propertyNames();
-
- while (propertyNames.hasMoreElements()) {
- String key = (String) propertyNames.nextElement();
- String json = result.getProperty(key);
-
- dbConfiguration.setStringValue(key, json);
- }
-
- } catch (ConfigurationException | MOADatabaseException | at.gv.egiz.components.configuration.api.ConfigurationException e1) {
- log.warn("General MOA-ID config can not be stored in Database", e1);
- addActionError(e1.getMessage());
-
- formID = Random.nextRandom();
- session.setAttribute(Constants.SESSION_FORMID, formID);
- return Constants.STRUTS_ERROR_VALIDATION;
-
- }
-
- finally {
-
- }
-
- //set new formID
- formID = Random.nextRandom();
- session.setAttribute(Constants.SESSION_FORMID, formID);
-
- log.info("Legacy Configuration load is completed.");
- addActionMessage(LanguageHelper.getGUIString("webpages.inportexport.success", request));
- return Constants.STRUTS_SUCCESS;
-
- } else {
- log.info("No access to Import/Export for User with ID" + authUser.getUserID());
- addActionError(LanguageHelper.getErrorString("errors.notallowed", request));
- return Constants.STRUTS_NOTALLOWED;
- }
- }
-
- public String downloadXMLConfig() {
- try {
- populateBasicInformations();
-
- } catch (BasicActionException e) {
- return Constants.STRUTS_ERROR;
-
- }
-
- Object formidobj = session.getAttribute(Constants.SESSION_FORMID);
- if (formidobj != null && formidobj instanceof String) {
- String formid = (String) formidobj;
- if (!formid.equals(formID)) {
- log.warn("FormIDs does not match. Some suspect Form is received from user "
- + authUser.getFamilyName() + authUser.getGivenName() + authUser.getUserID());
- return Constants.STRUTS_ERROR;
- }
- } else {
- log.warn("FormIDs does not match. Some suspect Form is received from user "
- + authUser.getFamilyName() + authUser.getGivenName() + authUser.getUserID());
- return Constants.STRUTS_ERROR;
- }
- session.setAttribute(Constants.SESSION_FORMID, null);
-
- if (authUser.isAdmin()) {
-
- log.info("Write MOA-ID 3.x config");
- try {
-
- Configuration dbConfiguration =
- (Configuration) ConfigurationProvider.getInstance().getContext().getBean("moaidconfig");
-
- if (dbConfiguration == null) {
- log.warn("Open Database connection FAILED.");
- addActionError("Open Database connection FAILED.");
-
- formID = Random.nextRandom();
- session.setAttribute(Constants.SESSION_FORMID, formID);
- return Constants.STRUTS_ERROR_VALIDATION;
-
- }
-
- Properties result = new Properties();
- String[] allConfigIDs = dbConfiguration.getConfigurationIds();
- for (String key : allConfigIDs) {
- String value = dbConfiguration.getStringValue(key);
- if (MiscUtil.isNotEmpty(value)) {
- result.put(key, value);
- log.debug("Put key: " + key + " with value: " + value + " to property file.");
-
- } else
- log.info("Leave key: " + key + " Reason: Value is null or empty");
-
- }
-
-
- if (result.isEmpty()) {
- log.info("No MOA-ID 3.x configruation available");
- addActionError(LanguageHelper.getErrorString("errors.importexport.export.noconfig", request));
-
- formID = Random.nextRandom();
- session.setAttribute(Constants.SESSION_FORMID, formID);
- return Constants.STRUTS_ERROR_VALIDATION;
- }
-
- ByteArrayOutputStream output = new ByteArrayOutputStream();
- result.store(output, null);
- fileInputStream = new ByteArrayInputStream(output.toByteArray());
-
- } catch (IOException | at.gv.egiz.components.configuration.api.ConfigurationException e) {
- log.info("MOA-ID 3.x configruation could not be exported into file.", e);
- addActionError(LanguageHelper.getErrorString("errors.importexport.export",
- new Object[]{e.getMessage()}, request));
-
- formID = Random.nextRandom();
- session.setAttribute(Constants.SESSION_FORMID, formID);
- return Constants.STRUTS_ERROR_VALIDATION;
-
- } catch (ConfigurationException | BeansException e) {
- log.warn("Open Database connection FAILED.");
- addActionError("Open Database connection FAILED.");
-
- formID = Random.nextRandom();
- session.setAttribute(Constants.SESSION_FORMID, formID);
- return Constants.STRUTS_ERROR_VALIDATION;
- }
-
- finally {
-
- }
-
-
- //set new formID
- formID = Random.nextRandom();
- session.setAttribute(Constants.SESSION_FORMID, formID);
-
- return Constants.STRUTS_SUCCESS;
- } else {
- log.info("No access to Import/Export for User with ID" + authUser.getUserID());
- addActionError(LanguageHelper.getErrorString("errors.notallowed", request));
- return Constants.STRUTS_NOTALLOWED;
- }
- }
-
-
- public String importXMLConfig() {
- try {
- populateBasicInformations();
-
- } catch (BasicActionException e) {
- return Constants.STRUTS_ERROR;
-
- }
-
- Object formidobj = session.getAttribute(Constants.SESSION_FORMID);
- if (formidobj != null && formidobj instanceof String) {
- String formid = (String) formidobj;
- if (!formid.equals(formID)) {
- log.warn("FormIDs does not match. Some suspect Form is received from user "
- + authUser.getFamilyName() + authUser.getGivenName() + authUser.getUserID());
- return Constants.STRUTS_ERROR;
- }
- } else {
- log.warn("FormIDs does not match. Some suspect Form is received from user "
- + authUser.getFamilyName() + authUser.getGivenName() + authUser.getUserID());
- return Constants.STRUTS_ERROR;
- }
-
- session.setAttribute(Constants.SESSION_FORMID, null);
-
- if (authUser.isAdmin()) {
-
- if (fileUpload == null) {
- addActionError(LanguageHelper.getErrorString("errors.importexport.nofile", request));
-
- formID = Random.nextRandom();
- session.setAttribute(Constants.SESSION_FORMID, formID);
-
- return Constants.STRUTS_ERROR_VALIDATION;
- }
-
- log.info("Load configuration from MOA-ID 3.x XML configuration");
-
- try {
-
- Properties inProperties = new Properties();
- inProperties.load(new FileInputStream(fileUpload));
-
- //check if XML config should be use
- log.warn("WARNING! MOA-ID 2.0 is started with XML configuration. This setup overstrike the actual configuration in the Database!");
-
- Configuration dbConfiguration =
- (Configuration) ConfigurationProvider.getInstance().getContext().getBean("moaidconfig");
-
- if (dbConfiguration == null) {
- log.warn("Open Database connection FAILED.");
- addActionError("Open Database connection FAILED.");
-
- formID = Random.nextRandom();
- session.setAttribute(Constants.SESSION_FORMID, formID);
- return Constants.STRUTS_ERROR_VALIDATION;
-
- }
-
- boolean isOverwriteData = true;
-
- List<String> keys = Arrays.asList(dbConfiguration.getConfigurationIds());
-
- if (keys == null) {
- log.info("Configuration is not readable.");
- throw new MOADatabaseException("Configuration is not readable.");
- }
-
- if (isOverwriteData) {
- // remove existing entries
- for (String key : keys) {
- dbConfiguration.deleteIds(key);
- }
- }
-
- Enumeration<?> propertyNames = inProperties.propertyNames();
-
- while (propertyNames.hasMoreElements()) {
- String key = (String) propertyNames.nextElement();
- String json = inProperties.getProperty(key);
-
- dbConfiguration.setStringValue(key, json);
- }
-
- } catch (Exception e) {
- log.warn("MOA-ID XML configuration can not be loaded from File.", e);
- addActionError(LanguageHelper.getErrorString("errors.importexport.import",
- new Object[]{e.getMessage()}, request));
-
- formID = Random.nextRandom();
- session.setAttribute(Constants.SESSION_FORMID, formID);
- return Constants.STRUTS_ERROR_VALIDATION;
-
- }
-
- finally {
-
- }
-
- //set new formID
- formID = Random.nextRandom();
- session.setAttribute(Constants.SESSION_FORMID, formID);
-
- log.info("XML Configuration load is completed.");
- addActionMessage(LanguageHelper.getGUIString("webpages.inportexport.success", request));
- return Constants.STRUTS_SUCCESS;
-
- } else {
- log.info("No access to Import/Export for User with ID" + authUser.getUserID());
- addActionError(LanguageHelper.getErrorString("errors.notallowed", request));
- return Constants.STRUTS_NOTALLOWED;
- }
-
- }
-
- /**
- * @return the fileUpload
- */
- public File getFileUpload() {
- return fileUpload;
- }
-
-
-
- /**
- * @param fileUpload the fileUpload to set
- */
- public void setFileUpload(File fileUpload) {
- this.fileUpload = fileUpload;
- }
-
-
-
- /**
- * @return the fileUploadContentType
- */
- public String getFileUploadContentType() {
- return fileUploadContentType;
- }
-
-
-
- /**
- * @param fileUploadContentType the fileUploadContentType to set
- */
- public void setFileUploadContentType(String fileUploadContentType) {
- this.fileUploadContentType = fileUploadContentType;
- }
-
-
-
- /**
- * @return the fileUploadFileName
- */
- public String getFileUploadFileName() {
- return fileUploadFileName;
- }
-
-
-
- /**
- * @param fileUploadFileName the fileUploadFileName to set
- */
- public void setFileUploadFileName(String fileUploadFileName) {
- this.fileUploadFileName = fileUploadFileName;
- }
-
-
- public InputStream getFileInputStream() {
- return fileInputStream;
- }
-
- /**
- * @return the formID
- */
- public String getFormID() {
- return formID;
- }
-
- /**
- * @param formID the formID to set
- */
- public void setFormID(String formID) {
- this.formID = formID;
- }
-
+
+ private static final long serialVersionUID = 1L;
+
+ private String formID;
+ private File fileUpload = null;
+ private String fileUploadContentType = null;
+ private String fileUploadFileName = null;
+
+ private InputStream fileInputStream;
+
+ public String init() {
+ try {
+ populateBasicInformations();
+
+ } catch (final BasicActionException e) {
+ return Constants.STRUTS_ERROR;
+
+ }
+
+ if (authUser.isAdmin()) {
+
+ formID = Random.nextRandom();
+ session.setAttribute(Constants.SESSION_FORMID, formID);
+
+ return Constants.STRUTS_SUCCESS;
+
+ } else {
+ log.info("No access to Import/Export for User with ID" + authUser.getUserID());
+ addActionError(LanguageHelper.getErrorString("errors.notallowed", request));
+ return Constants.STRUTS_NOTALLOWED;
+ }
+ }
+
+ public String importLegacyConfig() throws ConfigurationException {
+ try {
+ populateBasicInformations();
+
+ } catch (final BasicActionException e) {
+ return Constants.STRUTS_ERROR;
+
+ }
+
+ final Object formidobj = session.getAttribute(Constants.SESSION_FORMID);
+ if (formidobj != null && formidobj instanceof String) {
+ final String formid = (String) formidobj;
+ if (!formid.equals(formID)) {
+ log.warn("FormIDs does not match. Some suspect Form is received from user "
+ + authUser.getFamilyName() + authUser.getGivenName() + authUser.getUserID());
+ return Constants.STRUTS_ERROR;
+ }
+ } else {
+ log.warn("FormIDs does not match. Some suspect Form is received from user "
+ + authUser.getFamilyName() + authUser.getGivenName() + authUser.getUserID());
+ return Constants.STRUTS_ERROR;
+ }
+ session.setAttribute(Constants.SESSION_FORMID, null);
+
+ if (authUser.isAdmin()) {
+
+ // load legacy config if it is configured
+
+ if (fileUpload == null) {
+ addActionError(LanguageHelper.getErrorString("errors.importexport.nofile", request));
+
+ formID = Random.nextRandom();
+ session.setAttribute(Constants.SESSION_FORMID, formID);
+ return Constants.STRUTS_ERROR_VALIDATION;
+ }
+
+ Properties result = null;
+
+ try {
+ log.warn("WARNING! The legacy import deletes the hole old config");
+
+ final InputStream inStream = new FileInputStream(fileUpload);
+ // get config from xml file
+ final JAXBContext jc = JAXBContext.newInstance(
+ "at.gv.egovernment.moa.id.commons.db.dao.config.deprecated");
+ final Unmarshaller m = jc.createUnmarshaller();
+ final MOAIDConfiguration config = (MOAIDConfiguration) m.unmarshal(inStream);
+
+ // serialize config to JSON properties
+ result = ConfigurationUtil.moaIdConfigToJsonProperties(config);
+
+ if (result == null || result.isEmpty()) {
+ log.info("Legacy configuration has is empty");
+ addActionError(LanguageHelper.getErrorString("errors.importexport.legacyimport", new Object[] {
+ "Empty Configuratiobn" }, request));
+
+ formID = Random.nextRandom();
+ session.setAttribute(Constants.SESSION_FORMID, formID);
+ return Constants.STRUTS_ERROR_VALIDATION;
+
+ }
+
+ } catch (JAXBException | FileNotFoundException e) {
+ log.info("Legacy configuration has an Import Error", e);
+ addActionError(LanguageHelper.getErrorString("errors.importexport.legacyimport", new Object[] { e
+ .getMessage() }, request));
+
+ formID = Random.nextRandom();
+ session.setAttribute(Constants.SESSION_FORMID, formID);
+ return Constants.STRUTS_ERROR_VALIDATION;
+
+ }
+
+ try {
+ // check if XML config should be use
+ log.warn(
+ "WARNING! MOA-ID 2.0 is started with XML configuration. This setup overstrike the actual configuration in the Database!");
+
+ final Configuration dbConfiguration =
+ (Configuration) ConfigurationProvider.getInstance().getContext().getBean("moaidconfig");
+
+ if (dbConfiguration == null) {
+ log.warn("Open Database connection FAILED.");
+ addActionError("Open Database connection FAILED.");
+
+ formID = Random.nextRandom();
+ session.setAttribute(Constants.SESSION_FORMID, formID);
+ return Constants.STRUTS_ERROR_VALIDATION;
+
+ }
+
+ final boolean isOverwriteData = true;
+
+ final List<String> keys = Arrays.asList(dbConfiguration.getConfigurationIds());
+
+ if (keys == null) {
+ log.info("Configuration is not readable.");
+ throw new MOADatabaseException("Configuration is not readable.");
+ }
+
+ if (isOverwriteData) {
+ // remove existing entries
+ for (final String key : keys) {
+ dbConfiguration.deleteIds(key);
+ }
+ }
+
+ final Enumeration<?> propertyNames = result.propertyNames();
+
+ while (propertyNames.hasMoreElements()) {
+ final String key = (String) propertyNames.nextElement();
+ final String json = result.getProperty(key);
+
+ dbConfiguration.setStringValue(key, json);
+ }
+
+ } catch (ConfigurationException | MOADatabaseException
+ | at.gv.egiz.components.configuration.api.ConfigurationException e1) {
+ log.warn("General MOA-ID config can not be stored in Database", e1);
+ addActionError(e1.getMessage());
+
+ formID = Random.nextRandom();
+ session.setAttribute(Constants.SESSION_FORMID, formID);
+ return Constants.STRUTS_ERROR_VALIDATION;
+
+ }
+
+ finally {
+
+ }
+
+ // set new formID
+ formID = Random.nextRandom();
+ session.setAttribute(Constants.SESSION_FORMID, formID);
+
+ log.info("Legacy Configuration load is completed.");
+ addActionMessage(LanguageHelper.getGUIString("webpages.inportexport.success", request));
+ return Constants.STRUTS_SUCCESS;
+
+ } else {
+ log.info("No access to Import/Export for User with ID" + authUser.getUserID());
+ addActionError(LanguageHelper.getErrorString("errors.notallowed", request));
+ return Constants.STRUTS_NOTALLOWED;
+ }
+ }
+
+ public String downloadXMLConfig() {
+ try {
+ populateBasicInformations();
+
+ } catch (final BasicActionException e) {
+ return Constants.STRUTS_ERROR;
+
+ }
+
+ final Object formidobj = session.getAttribute(Constants.SESSION_FORMID);
+ if (formidobj != null && formidobj instanceof String) {
+ final String formid = (String) formidobj;
+ if (!formid.equals(formID)) {
+ log.warn("FormIDs does not match. Some suspect Form is received from user "
+ + authUser.getFamilyName() + authUser.getGivenName() + authUser.getUserID());
+ return Constants.STRUTS_ERROR;
+ }
+ } else {
+ log.warn("FormIDs does not match. Some suspect Form is received from user "
+ + authUser.getFamilyName() + authUser.getGivenName() + authUser.getUserID());
+ return Constants.STRUTS_ERROR;
+ }
+ session.setAttribute(Constants.SESSION_FORMID, null);
+
+ if (authUser.isAdmin()) {
+
+ log.info("Write MOA-ID 3.x config");
+ try {
+
+ final Configuration dbConfiguration =
+ (Configuration) ConfigurationProvider.getInstance().getContext().getBean("moaidconfig");
+
+ if (dbConfiguration == null) {
+ log.warn("Open Database connection FAILED.");
+ addActionError("Open Database connection FAILED.");
+
+ formID = Random.nextRandom();
+ session.setAttribute(Constants.SESSION_FORMID, formID);
+ return Constants.STRUTS_ERROR_VALIDATION;
+
+ }
+
+ final Properties result = new Properties();
+ final String[] allConfigIDs = dbConfiguration.getConfigurationIds();
+ for (final String key : allConfigIDs) {
+ final String value = dbConfiguration.getStringValue(key);
+ if (MiscUtil.isNotEmpty(value)) {
+ result.put(key, value);
+ log.debug("Put key: " + key + " with value: " + value + " to property file.");
+
+ } else {
+ log.info("Leave key: " + key + " Reason: Value is null or empty");
+ }
+
+ }
+
+ if (result.isEmpty()) {
+ log.info("No MOA-ID 3.x configruation available");
+ addActionError(LanguageHelper.getErrorString("errors.importexport.export.noconfig", request));
+
+ formID = Random.nextRandom();
+ session.setAttribute(Constants.SESSION_FORMID, formID);
+ return Constants.STRUTS_ERROR_VALIDATION;
+ }
+
+ final ByteArrayOutputStream output = new ByteArrayOutputStream();
+ result.store(output, null);
+ fileInputStream = new ByteArrayInputStream(output.toByteArray());
+
+ } catch (IOException | at.gv.egiz.components.configuration.api.ConfigurationException e) {
+ log.info("MOA-ID 3.x configruation could not be exported into file.", e);
+ addActionError(LanguageHelper.getErrorString("errors.importexport.export",
+ new Object[] { e.getMessage() }, request));
+
+ formID = Random.nextRandom();
+ session.setAttribute(Constants.SESSION_FORMID, formID);
+ return Constants.STRUTS_ERROR_VALIDATION;
+
+ } catch (ConfigurationException | BeansException e) {
+ log.warn("Open Database connection FAILED.");
+ addActionError("Open Database connection FAILED.");
+
+ formID = Random.nextRandom();
+ session.setAttribute(Constants.SESSION_FORMID, formID);
+ return Constants.STRUTS_ERROR_VALIDATION;
+ }
+
+ finally {
+
+ }
+
+ // set new formID
+ formID = Random.nextRandom();
+ session.setAttribute(Constants.SESSION_FORMID, formID);
+
+ return Constants.STRUTS_SUCCESS;
+ } else {
+ log.info("No access to Import/Export for User with ID" + authUser.getUserID());
+ addActionError(LanguageHelper.getErrorString("errors.notallowed", request));
+ return Constants.STRUTS_NOTALLOWED;
+ }
+ }
+
+ public String importXMLConfig() {
+ try {
+ populateBasicInformations();
+
+ } catch (final BasicActionException e) {
+ return Constants.STRUTS_ERROR;
+
+ }
+
+ final Object formidobj = session.getAttribute(Constants.SESSION_FORMID);
+ if (formidobj != null && formidobj instanceof String) {
+ final String formid = (String) formidobj;
+ if (!formid.equals(formID)) {
+ log.warn("FormIDs does not match. Some suspect Form is received from user "
+ + authUser.getFamilyName() + authUser.getGivenName() + authUser.getUserID());
+ return Constants.STRUTS_ERROR;
+ }
+ } else {
+ log.warn("FormIDs does not match. Some suspect Form is received from user "
+ + authUser.getFamilyName() + authUser.getGivenName() + authUser.getUserID());
+ return Constants.STRUTS_ERROR;
+ }
+
+ session.setAttribute(Constants.SESSION_FORMID, null);
+
+ if (authUser.isAdmin()) {
+
+ if (fileUpload == null) {
+ addActionError(LanguageHelper.getErrorString("errors.importexport.nofile", request));
+
+ formID = Random.nextRandom();
+ session.setAttribute(Constants.SESSION_FORMID, formID);
+
+ return Constants.STRUTS_ERROR_VALIDATION;
+ }
+
+ log.info("Load configuration from MOA-ID 3.x XML configuration");
+
+ try {
+
+ final Properties inProperties = new Properties();
+ inProperties.load(new FileInputStream(fileUpload));
+
+ // check if XML config should be use
+ log.warn(
+ "WARNING! MOA-ID 2.0 is started with XML configuration. This setup overstrike the actual configuration in the Database!");
+
+ final Configuration dbConfiguration =
+ (Configuration) ConfigurationProvider.getInstance().getContext().getBean("moaidconfig");
+
+ if (dbConfiguration == null) {
+ log.warn("Open Database connection FAILED.");
+ addActionError("Open Database connection FAILED.");
+
+ formID = Random.nextRandom();
+ session.setAttribute(Constants.SESSION_FORMID, formID);
+ return Constants.STRUTS_ERROR_VALIDATION;
+
+ }
+
+ final boolean isOverwriteData = true;
+
+ final List<String> keys = Arrays.asList(dbConfiguration.getConfigurationIds());
+
+ if (keys == null) {
+ log.info("Configuration is not readable.");
+ throw new MOADatabaseException("Configuration is not readable.");
+ }
+
+ if (isOverwriteData) {
+ // remove existing entries
+ for (final String key : keys) {
+ dbConfiguration.deleteIds(key);
+ }
+ }
+
+ final Enumeration<?> propertyNames = inProperties.propertyNames();
+
+ while (propertyNames.hasMoreElements()) {
+ final String key = (String) propertyNames.nextElement();
+ final String json = inProperties.getProperty(key);
+
+ dbConfiguration.setStringValue(key, json);
+ }
+
+ } catch (final Exception e) {
+ log.warn("MOA-ID XML configuration can not be loaded from File.", e);
+ addActionError(LanguageHelper.getErrorString("errors.importexport.import",
+ new Object[] { e.getMessage() }, request));
+
+ formID = Random.nextRandom();
+ session.setAttribute(Constants.SESSION_FORMID, formID);
+ return Constants.STRUTS_ERROR_VALIDATION;
+
+ }
+
+ finally {
+
+ }
+
+ // set new formID
+ formID = Random.nextRandom();
+ session.setAttribute(Constants.SESSION_FORMID, formID);
+
+ log.info("XML Configuration load is completed.");
+ addActionMessage(LanguageHelper.getGUIString("webpages.inportexport.success", request));
+ return Constants.STRUTS_SUCCESS;
+
+ } else {
+ log.info("No access to Import/Export for User with ID" + authUser.getUserID());
+ addActionError(LanguageHelper.getErrorString("errors.notallowed", request));
+ return Constants.STRUTS_NOTALLOWED;
+ }
+
+ }
+
+ /**
+ * @return the fileUpload
+ */
+ public File getFileUpload() {
+ return fileUpload;
+ }
+
+ /**
+ * @param fileUpload the fileUpload to set
+ */
+ public void setFileUpload(File fileUpload) {
+ this.fileUpload = fileUpload;
+ }
+
+ /**
+ * @return the fileUploadContentType
+ */
+ public String getFileUploadContentType() {
+ return fileUploadContentType;
+ }
+
+ /**
+ * @param fileUploadContentType the fileUploadContentType to set
+ */
+ public void setFileUploadContentType(String fileUploadContentType) {
+ this.fileUploadContentType = fileUploadContentType;
+ }
+
+ /**
+ * @return the fileUploadFileName
+ */
+ public String getFileUploadFileName() {
+ return fileUploadFileName;
+ }
+
+ /**
+ * @param fileUploadFileName the fileUploadFileName to set
+ */
+ public void setFileUploadFileName(String fileUploadFileName) {
+ this.fileUploadFileName = fileUploadFileName;
+ }
+
+ public InputStream getFileInputStream() {
+ return fileInputStream;
+ }
+
+ /**
+ * @return the formID
+ */
+ @Override
+ public String getFormID() {
+ return formID;
+ }
+
+ /**
+ * @param formID the formID to set
+ */
+ @Override
+ public void setFormID(String formID) {
+ this.formID = formID;
+ }
+
}
diff --git a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/struts/action/IndexAction.java b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/struts/action/IndexAction.java
index 6f9d233b1..666785e24 100644
--- a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/struts/action/IndexAction.java
+++ b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/struts/action/IndexAction.java
@@ -35,7 +35,6 @@ import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpSession;
import org.apache.commons.lang.StringEscapeUtils;
-import org.apache.log4j.Logger;
import org.joda.time.DateTime;
import org.opensaml.common.SAMLObject;
import org.opensaml.common.binding.BasicSAMLMessageContext;
@@ -78,817 +77,837 @@ import at.gv.egovernment.moa.id.configuration.helper.DateTimeHelper;
import at.gv.egovernment.moa.id.configuration.helper.LanguageHelper;
import at.gv.egovernment.moa.id.configuration.helper.MailHelper;
import at.gv.egovernment.moa.util.MiscUtil;
+import lombok.extern.slf4j.Slf4j;
+@Slf4j
public class IndexAction extends BasicAction {
-
- /**
- * @throws ConfigurationException
- */
-
- private static final long serialVersionUID = -2781497863862504896L;
-
- private static final Logger log = Logger.getLogger(IndexAction.class);
-
- private String password;
- private String username;
- private UserDatabaseFrom user = null;
- private String formID;
-
- private String ssologouturl;
-
- private boolean pvp2LoginActiv = false;
-
- public IndexAction() throws BasicActionException {
- super();
- }
-
- public String start() {
- try {
- populateBasicInformations();
-
- } catch (BasicActionException e) {
- return Constants.STRUTS_ERROR;
-
- }
-
- pvp2LoginActiv = configuration.isPVP2LoginActive();
-
- if (session.getAttribute(Constants.SESSION_I18n) == null)
- session.setAttribute(Constants.SESSION_I18n,
- Locale.forLanguageTag(configuration.getDefaultLanguage()));
-
- if (configuration.isLoginDeaktivated()) {
- return "loginWithOutAuth";
-
- } else {
- return Constants.STRUTS_SUCCESS;
-
- }
- }
-
- public String authenticate() {
-
- try {
- populateBasicInformations();
-
- } catch (BasicActionException e) {
- return Constants.STRUTS_ERROR;
-
- }
-
- pvp2LoginActiv = configuration.isPVP2LoginActive();
-
- String key = null;
-
- if (MiscUtil.isNotEmpty(username)) {
- if (ValidationHelper.containsNotValidCharacter(username, false)) {
- log.warn("Username contains potentail XSS characters: " + StringEscapeUtils.escapeHtml(username));
- addActionError(LanguageHelper.getErrorString("validation.edituser.username.valid",
- new Object[] {ValidationHelper.getNotValidCharacter(false)}, request ));
- return Constants.STRUTS_ERROR;
- }
- } else {
- log.warn("Username is empty");
- addActionError(LanguageHelper.getErrorString("validation.edituser.username.empty", request));
- return Constants.STRUTS_ERROR;
- }
-
- if (MiscUtil.isEmpty(password)) {
- log.warn("Password is empty");
- addActionError(LanguageHelper.getErrorString("validation.edituser.password.empty", request));
- return Constants.STRUTS_ERROR;
-
- } else {
- key = AuthenticationHelper.generateKeyFormPassword(password);
- if (key == null) {
- addActionError(LanguageHelper.getErrorString("validation.edituser.password.valid", request));
- return Constants.STRUTS_ERROR;
- }
- }
-
-
- UserDatabase dbuser = configuration.getUserManagement().getUserWithUserName(username);
- if (dbuser == null) {
- log.warn("Unknown Username");
- addActionError(LanguageHelper.getErrorString("webpages.index.login.notallowed", request));
- return Constants.STRUTS_ERROR;
-
- } else {
- //TODO: maybe remove this default value in a later version
- if (dbuser.isIsUsernamePasswordAllowed() == null)
- dbuser.setIsUsernamePasswordAllowed(true);
-
- if (!dbuser.isIsActive() || !dbuser.isIsUsernamePasswordAllowed()) {
- log.warn("Username " + StringEscapeUtils.escapeHtml(dbuser.getUsername()) + " is not active or Username/Password login is not allowed");
- addActionError(LanguageHelper.getErrorString("webpages.index.login.notallowed", request));
- return Constants.STRUTS_ERROR;
- }
-
- if (!dbuser.getPassword().equals(key)) {
- log.warn("Username " + StringEscapeUtils.escapeHtml(dbuser.getUsername()) + " use a false password");
- addActionError(LanguageHelper.getErrorString("webpages.index.login.notallowed", request));
- return Constants.STRUTS_ERROR;
- }
-
- //TODO: maybe remove this default value in a later version
- boolean ismandateuser = false;
- if (dbuser.isIsMandateUser() != null)
- ismandateuser = dbuser.isIsMandateUser();
-
- int sessionTimeOut = session.getMaxInactiveInterval();
- Date sessionExpired = new Date(new Date().getTime() +
- (sessionTimeOut * Constants.ONE_MINUTE_IN_MILLIS));
-
- AuthenticatedUser authuser = new AuthenticatedUser(dbuser,
- true,
- ismandateuser,
- false,
- dbuser.getHjid()+"dbID",
- "username/password",
- sessionExpired);
-
- //store user as authenticated user
- AuthenticationManager authManager = AuthenticationManager.getInstance();
- authManager.setActiveUser(authuser);
-
- Date date = DateTimeHelper.parseDateTime(dbuser.getLastLogin());
- if (date != null)
- authuser.setLastLogin(date);;
-
- dbuser.setLastLogin(DateTimeHelper.getDateTime(new Date()));
-
- try {
- configuration.getUserManagement().saveOrUpdate(dbuser);
-
- } catch (MOADatabaseException e) {
- log.warn("UserDatabase communicaton error", e);
- addActionError(LanguageHelper.getErrorString("error.login", request));
- return Constants.STRUTS_ERROR;
- }
- finally {
- }
-
- HttpSession session = generateNewJSession(request);
- session.setAttribute(Constants.SESSION_AUTH, authuser);
-
- return Constants.STRUTS_SUCCESS;
- }
- }
-
- public String pvp2login() {
-
- try {
- populateBasicInformations();
-
- } catch (BasicActionException e) {
- return Constants.STRUTS_ERROR;
-
- }
-
- String method = request.getMethod();
- if (session == null) {
- log.info("NO HTTP Session");
- return Constants.STRUTS_ERROR;
- }
-
- String authID = (String) session.getAttribute(Constants.SESSION_PVP2REQUESTID);
- session.setAttribute(Constants.SESSION_PVP2REQUESTID, null);
-
- if (method.equals("POST")) {
-
- try {
- pvp2LoginActiv = configuration.isPVP2LoginActive();
-
- //Decode with HttpPost Binding
- HTTPPostDecoder decode = new HTTPPostDecoder(new BasicParserPool());
- BasicSAMLMessageContext<Response, ?, ?> messageContext = new BasicSAMLMessageContext<Response, SAMLObject, SAMLObject>();
- messageContext
- .setInboundMessageTransport(new HttpServletRequestAdapter(
- request));
- decode.decode(messageContext);
-
- Response samlResponse = (Response) messageContext.getInboundMessage();
-
- //ckeck InResponseTo matchs requestID
- if (MiscUtil.isEmpty(authID)) {
- log.info("NO AuthRequestID");
- return Constants.STRUTS_ERROR;
- }
-
- if (!authID.equals(samlResponse.getInResponseTo())) {
- log.warn("PVPRequestID does not match PVP2 Assertion ID!");
- return Constants.STRUTS_ERROR;
-
- }
-
- //check response destination
- String serviceURL = configuration.getPublicUrlPreFix(request);
- if (!serviceURL.endsWith("/"))
- serviceURL = serviceURL + "/";
-
- String responseDestination = samlResponse.getDestination();
- if (MiscUtil.isEmpty(responseDestination) ||
- !responseDestination.equals(serviceURL + Constants.SERVLET_PVP2ASSERTION)) {
- log.warn("PVPResponse destination does not match requested destination");
- return Constants.STRUTS_ERROR;
- }
-
- //check if response is signed
- Signature sign = samlResponse.getSignature();
- if (sign == null) {
- log.info("Only http POST Requests can be used");
- addActionError(LanguageHelper.getErrorString("error.login", request));
- return Constants.STRUTS_ERROR;
- }
-
- //validate signature
- PVP2Utils.validateSignature(samlResponse, configuration);
-
- log.info("PVP2 Assertion is valid");
-
- if (samlResponse.getStatus().getStatusCode().getValue().equals(StatusCode.SUCCESS_URI)) {
-
- List<org.opensaml.saml2.core.Assertion> saml2assertions = new ArrayList<org.opensaml.saml2.core.Assertion>();
-
- //check encrypted Assertion
- List<EncryptedAssertion> encryAssertionList = samlResponse.getEncryptedAssertions();
- if (encryAssertionList != null && encryAssertionList.size() > 0) {
- //decrypt assertions
-
- log.debug("Found encryped assertion. Start decryption ...");
-
- KeyStore keyStore = configuration.getPVP2KeyStore();
-
- X509Credential authDecCredential = new KeyStoreX509CredentialAdapter(
- keyStore,
- configuration.getPVP2KeystoreAuthRequestEncryptionKeyAlias(),
- configuration.getPVP2KeystoreAuthRequestEncryptionKeyPassword().toCharArray());
-
-
- StaticKeyInfoCredentialResolver skicr =
- new StaticKeyInfoCredentialResolver(authDecCredential);
-
- ChainingEncryptedKeyResolver encryptedKeyResolver = new ChainingEncryptedKeyResolver();
- encryptedKeyResolver.getResolverChain().add( new InlineEncryptedKeyResolver() );
- encryptedKeyResolver.getResolverChain().add( new EncryptedElementTypeEncryptedKeyResolver() );
- encryptedKeyResolver.getResolverChain().add( new SimpleRetrievalMethodEncryptedKeyResolver() );
-
- Decrypter samlDecrypter =
- new Decrypter(null, skicr, encryptedKeyResolver);
-
- for (EncryptedAssertion encAssertion : encryAssertionList) {
- saml2assertions.add(samlDecrypter.decrypt(encAssertion));
-
- }
-
- log.debug("Assertion decryption finished. ");
-
- } else {
- saml2assertions = samlResponse.getAssertions();
-
- }
-
- for (org.opensaml.saml2.core.Assertion saml2assertion : saml2assertions) {
-
- Conditions conditions = saml2assertion.getConditions();
- DateTime notbefore = conditions.getNotBefore();
- DateTime notafter = conditions.getNotOnOrAfter();
- if ( notbefore.isAfterNow() || notafter.isBeforeNow() ) {
- log.warn("PVP2 Assertion is out of Date");
- return Constants.STRUTS_ERROR;
-
- }
-
- Subject subject = saml2assertion.getSubject();
- if (subject == null) {
- log.warn("Assertion has no Subject element");
- return Constants.STRUTS_ERROR;
-
- }
-
- NameID nameID = subject.getNameID();
- if (nameID == null) {
- log.warn("No NameID element in PVP2 assertion!");
- return Constants.STRUTS_ERROR;
- }
-
- String bpkwbpk = nameID.getNameQualifier() + "+" + nameID.getValue();
-
- int sessionTimeOut = session.getMaxInactiveInterval();
- Date sessionExpired = new Date(new Date().getTime() +
- (sessionTimeOut * Constants.ONE_MINUTE_IN_MILLIS));
-
- //search user
- UserDatabase dbuser = configuration.getUserManagement().getUserWithUserBPKWBPK(bpkwbpk);
- if (dbuser == null) {
- log.info("No user found with bpk/wbpk " + bpkwbpk);
-
- //read PVP2 assertion attributes;
- user = new UserDatabaseFrom();
- user.setActive(false);
- user.setAdmin(false);
- user.setBpk(bpkwbpk);
- user.setIsusernamepasswordallowed(false);
- user.setIsmandateuser(false);
- user.setPVPGenerated(true);
-
- //loop through the nodes to get what we want
- List<AttributeStatement> attributeStatements = saml2assertion.getAttributeStatements();
- for (int i = 0; i < attributeStatements.size(); i++)
- {
- List<Attribute> attributes = attributeStatements.get(i).getAttributes();
- for (int x = 0; x < attributes.size(); x++)
- {
- String strAttributeName = attributes.get(x).getDOM().getAttribute("Name");
-
- if (strAttributeName.equals(PVPAttributeDefinitions.PRINCIPAL_NAME_NAME)) {
- user.setFamilyName(attributes.get(x).getAttributeValues().get(0).getDOM().getFirstChild().getNodeValue());
- }
-
- if (strAttributeName.equals(PVPAttributeDefinitions.GIVEN_NAME_NAME)) {
- user.setGivenName(attributes.get(x).getAttributeValues().get(0).getDOM().getFirstChild().getNodeValue());
- }
-
- if (strAttributeName.equals(PVPAttributeDefinitions.MANDATE_TYPE_NAME)) {
- user.setIsmandateuser(true);
- }
-
- if (strAttributeName.equals(PVPAttributeDefinitions.MANDATE_LEG_PER_FULL_NAME_NAME)) {
- user.setInstitut(attributes.get(x).getAttributeValues().get(0).getDOM().getFirstChild().getNodeValue());
- }
- }
- }
-
- //create AuthUser data element
- authUser = AuthenticatedUser.generateUserRequestUser(user,
- nameID.getValue(),
- nameID.getFormat(),
- sessionExpired);
-
- //store user as authenticated user
- AuthenticationManager authManager = AuthenticationManager.getInstance();
- authManager.setActiveUser(authUser);
-
- //set Random value
- formID = Random.nextRandom();
- session.setAttribute(Constants.SESSION_FORMID, formID);
- session.setAttribute(Constants.SESSION_FORM, user);
- session.setAttribute(Constants.SESSION_AUTH, authUser);
-
-
- return Constants.STRUTS_NEWUSER;
-
- } else {
- if (!dbuser.isIsActive()) {
-
- if (!dbuser.isIsMailAddressVerified()) {
-
- formID = Random.nextRandom();
- session.setAttribute(Constants.SESSION_FORMID, formID);
-
- user = new UserDatabaseFrom(dbuser);
- authUser = new AuthenticatedUser(dbuser,
- false,
- dbuser.isIsMandateUser(),
- true,
- nameID.getValue(),
- nameID.getFormat(),
- sessionExpired);
-
- //store user as authenticated user
- AuthenticationManager authManager = AuthenticationManager.getInstance();
- authManager.setActiveUser(authUser);
-
- session.setAttribute(Constants.SESSION_FORM, user);
- session.setAttribute(Constants.SESSION_AUTH, authUser);
-
- return Constants.STRUTS_NEWUSER;
-
- }
-
- log.info("User with bpk/wbpk " + bpkwbpk + " is not active");
- addActionError(LanguageHelper.getErrorString("webpages.index.username.notactive", request));
- return Constants.STRUTS_ERROR;
- }
-
- //TODO: maybe remove this default value in a later version
- boolean ismandateuser = false;
- if (dbuser.isIsMandateUser() != null)
- ismandateuser = dbuser.isIsMandateUser();
-
- authUser = new AuthenticatedUser(dbuser, true,
- ismandateuser,
- true,
- nameID.getValue(),
- nameID.getFormat(),
- sessionExpired);
-
- //store user as authenticated user
- AuthenticationManager authManager = AuthenticationManager.getInstance();
- authManager.setActiveUser(authUser);
-
- Date date = DateTimeHelper.parseDateTime(dbuser.getLastLogin());
- if (date != null)
- authUser.setLastLogin(date);;
-
- dbuser.setLastLogin(DateTimeHelper.getDateTime(new Date()));
-
- try {
- configuration.getUserManagement().saveOrUpdate(dbuser);
-
- } catch (MOADatabaseException e) {
- log.warn("UserDatabase communicaton error", e);
- addActionError(LanguageHelper.getErrorString("error.login", request));
- return Constants.STRUTS_ERROR;
- }
- finally {
- }
-
- HttpSession newsession = generateNewJSession(request);
- newsession.setAttribute(Constants.SESSION_AUTH, authUser);
- return Constants.STRUTS_SUCCESS;
-
- }
- }
-
- log.info("PVP2 Assertion was maybe not well formed, because no Assertion element could be found.");
- addActionError(LanguageHelper.getErrorString("error.login.internal", request));
- return Constants.STRUTS_ERROR;
-
- } else {
- log.info("Receive Error Assertion.");
- addActionError(LanguageHelper.getErrorString("error.login", request));
- return Constants.STRUTS_ERROR;
- }
-
- } catch (Exception e) {
- log.warn("An internal error occurs.", e);
- addActionError(LanguageHelper.getErrorString("error.login.internal", request));
- return Constants.STRUTS_ERROR;
- }
-
- } else {
- log.info("Only http POST Requests can be used");
- addActionError(LanguageHelper.getErrorString("error.login.internal", request));
- return Constants.STRUTS_ERROR;
- }
- }
-
- public String requestNewUser() {
-
- try {
- populateBasicInformations();
-
- } catch (BasicActionException e) {
- return Constants.STRUTS_ERROR;
-
- }
-
- if (session == null) {
- log.warn("No active Session found");
- return Constants.STRUTS_ERROR;
- }
-
- Object formidobj = session.getAttribute(Constants.SESSION_FORMID);
- if (formidobj != null && formidobj instanceof String) {
- String formid = (String) formidobj;
- if (!formid.equals(formID)) {
- log.warn("FormIDs does not match. Some suspect Form is received from user "
- + authUser.getFamilyName() + authUser.getGivenName() + authUser.getUserID());
- return Constants.STRUTS_ERROR;
- }
- } else {
- log.warn("FormIDs does not match. Some suspect Form is received from user "
- + authUser.getFamilyName() + authUser.getGivenName() + authUser.getUserID());
- return Constants.STRUTS_ERROR;
- }
- session.setAttribute(Constants.SESSION_FORMID, null);
-
- Object sessionformobj = session.getAttribute(Constants.SESSION_FORM);
- if (sessionformobj != null && sessionformobj instanceof UserDatabaseFrom) {
- UserDatabaseFrom sessionform = (UserDatabaseFrom) sessionformobj;
-
- Object authUserObj = session.getAttribute(Constants.SESSION_AUTH);
- authUser = (AuthenticatedUser) authUserObj;
-
- if (user == null) {
- log.warn("No form transmited");
- return Constants.STRUTS_ERROR;
- }
-
- //get UserID
- String useridobj = user.getUserID();
- long userID = -1;
- if (MiscUtil.isEmpty(useridobj)) {
- userID = -1;
-
- } else {
- if (!ValidationHelper.validateOAID(useridobj)){
- log.warn("User with ID " + authUser.getUserID()
- + " would access UserDatabase ID " + useridobj);
- addActionError(LanguageHelper.getErrorString("errors.edit.user.notallowed", request));
- return Constants.STRUTS_ERROR;
- }
- userID = Long.valueOf(useridobj);
- }
-
- String check;
- if (!sessionform.isIsmandateuser()) {
- check = user.getInstitut();
- if (MiscUtil.isNotEmpty(check)) {
- if (ValidationHelper.containsNotValidCharacter(check, false)) {
- log.warn("Organisation contains potentail XSS characters: " + StringEscapeUtils.escapeHtml(check));
- addActionError(LanguageHelper.getErrorString("validation.edituser.institut.valid",
- new Object[] {ValidationHelper.getNotValidCharacter(false)}, request ));
- }
- } else {
- log.warn("Organisation is empty");
- addActionError(LanguageHelper.getErrorString("validation.edituser.institut.empty", request));
- }
- }
-
- check = user.getMail();
- if (MiscUtil.isNotEmpty(check)) {
- if (!ValidationHelper.isEmailAddressFormat(check)) {
- log.warn("Mailaddress is not valid: " + StringEscapeUtils.escapeHtml(check));
- addActionError(LanguageHelper.getErrorString("validation.edituser.mail.valid",
- new Object[] {ValidationHelper.getNotValidCharacter(false)}, request ));
- }
- } else {
- log.warn("Mailaddress is empty");
- addActionError(LanguageHelper.getErrorString("validation.edituser.mail.empty", request));
- }
-
- check = user.getPhone();
- if (MiscUtil.isNotEmpty(check)) {
- if (!ValidationHelper.validatePhoneNumber(check)) {
- log.warn("No valid Phone Number: " + StringEscapeUtils.escapeHtml(check));
- addActionError(LanguageHelper.getErrorString("validation.edituser.phone.valid",
- new Object[] {ValidationHelper.getNotValidCharacter(false)}, request ));
- }
- } else {
- log.warn("Phonenumber is empty");
- addActionError(LanguageHelper.getErrorString("validation.edituser.phone.empty", request));
- }
-
- if (hasActionErrors()) {
- log.info("Some form errors found. Send user back to form");
-
- user.setPVPGenerated(true);
- user.setFamilyName(sessionform.getFamilyName());
- user.setGivenName(sessionform.getGivenName());
- user.setIsmandateuser(sessionform.isIsmandateuser());
- user.setBpk(sessionform.getBpk());
-
- if (sessionform.isIsmandateuser())
- user.setInstitut(sessionform.getInstitut());
-
- formID = Random.nextRandom();
- session.setAttribute(Constants.SESSION_FORMID, formID);
-
- return Constants.STRUTS_NEWUSER;
- }
-
- UserDatabase dbuser;
-
- if (userID < 0) {
- dbuser = new UserDatabase();
- dbuser.setBpk(sessionform.getBpk());
- dbuser.setFamilyname(sessionform.getFamilyName());
- dbuser.setGivenname(sessionform.getGivenName());
-
- if (sessionform.isIsmandateuser())
- dbuser.setInstitut(sessionform.getInstitut());
- else
- dbuser.setInstitut(user.getInstitut());
-
- dbuser.setIsPVP2Generated(true);
- dbuser.setLastLogin(DateTimeHelper.getDateTime(new Date()));
- dbuser.setIsActive(false);
- dbuser.setIsAdmin(false);
- dbuser.setIsMandateUser(sessionform.isIsmandateuser());
- dbuser.setIsUsernamePasswordAllowed(false);
-
- } else
- dbuser = configuration.getUserManagement().getUserWithID(userID);
-
- dbuser.setMail(user.getMail());
- dbuser.setPhone(user.getPhone());
- dbuser.setIsAdminRequest(true);
- dbuser.setIsMailAddressVerified(false);
- dbuser.setUserRequestTokken(Random.nextRandom());
-
- try {
- configuration.getUserManagement().saveOrUpdate(dbuser);
-
- MailHelper.sendUserMailAddressVerification(dbuser);
-
- } catch (MOADatabaseException e) {
- log.warn("New UserRequest can not be stored in database", e);
- return Constants.STRUTS_ERROR;
-
- } catch (ConfigurationException e) {
- log.warn("Sending of mailaddress verification mail failed.", e);
- addActionError(LanguageHelper.getErrorString("error.mail.send", request));
- return Constants.STRUTS_NEWUSER;
- }
-
- finally {
- session.setAttribute(Constants.SESSION_FORM, null);
- session.setAttribute(Constants.SESSION_AUTH, null);
- }
-
- addActionMessage(LanguageHelper.getGUIString("webpages.edituser.changemailaddress.verify", request));
-
- session.invalidate();
-
- return Constants.STRUTS_SUCCESS;
-
- } else {
- log.warn("No SessionForm found");
- return Constants.STRUTS_ERROR;
- }
-
- }
-
- public String mailAddressVerification() {
-
- try {
- populateBasicInformations();
-
- } catch (BasicActionException e) {
- return Constants.STRUTS_ERROR;
-
- }
-
- String userrequesttokken = request.getParameter(Constants.REQUEST_USERREQUESTTOKKEN);
- if (MiscUtil.isNotEmpty(userrequesttokken)) {
-
- userrequesttokken = StringEscapeUtils.escapeHtml(userrequesttokken);
-
- try {
- Long.parseLong(userrequesttokken);
-
- } catch (NumberFormatException e) {
- log.warn("Verificationtokken has no number format.");
- return Constants.STRUTS_ERROR;
- }
-
- UserDatabase dbuser = configuration.getUserManagement().getNewUserWithTokken(userrequesttokken);
- if (dbuser != null) {
- dbuser.setUserRequestTokken(null);
- dbuser.setIsMailAddressVerified(true);
-
- if (dbuser.isIsActive())
- dbuser.setIsAdminRequest(false);
-
- try {
- configuration.getUserManagement().saveOrUpdate(dbuser);
-
- int numoas = 0;
- int numusers = 0;
-
- List<OnlineApplication> openOAs = configuration.getDbRead().getAllNewOnlineApplications();
- if (openOAs != null)
- numoas = openOAs.size();
-
- List<UserDatabase> openUsers = configuration.getUserManagement().getAllNewUsers();
- if (openUsers != null)
- numusers = openUsers.size();
-
- if (numusers > 0 || numoas > 0)
- MailHelper.sendAdminMail(numoas, numusers);
-
- } catch (MOADatabaseException e) {
- log.warn("Userinformation can not be stored in Database.", e);
- addActionError(LanguageHelper.getErrorString("error.mail.verification", request));
-
- } catch (ConfigurationException e) {
- log.warn("Send mail to admin failed.", e);
- }
-
- finally {
- }
-
- addActionMessage(LanguageHelper.getGUIString("validation.newuser.mailaddress", request));
- return Constants.STRUTS_SUCCESS;
- }
- }
-
- return Constants.STRUTS_ERROR;
- }
-
- public String logout() {
- HttpSession session = request.getSession(false);
-
- if (session != null) {
- if (MiscUtil.isNotEmpty((String)session.getAttribute(Constants.SESSION_SLOSUCCESS)))
- addActionMessage((String)session.getAttribute(Constants.SESSION_SLOSUCCESS));
-
- if (MiscUtil.isNotEmpty((String)session.getAttribute(Constants.SESSION_SLOERROR)))
- addActionError((String)session.getAttribute(Constants.SESSION_SLOERROR));
-
- session.invalidate();
-
- }
-
- return Constants.STRUTS_SUCCESS;
- }
-
- private HttpSession generateNewJSession(HttpServletRequest request) {
- HttpSession session = request.getSession(false);
-
- if (session != null) {
-
- HashMap<String, Object> attributes = new HashMap<String,Object>();
-
- Enumeration<String> enames = session.getAttributeNames();
- while (enames.hasMoreElements()) {
- String name = enames.nextElement();
- if (!name.equals("JSESSIONID"))
- attributes.put(name, session.getAttribute( name));
- }
- session.invalidate();
-
- session = request.getSession(true);
- for (Entry<String,Object> et : attributes.entrySet())
- session.setAttribute( et.getKey(), et.getValue());
-
- } else
- session = request.getSession(true);
-
- return session;
- }
-
- /**
- * @return the password
- */
- public String getPassword() {
- return password;
- }
-
- /**
- * @param password the password to set
- */
- public void setPassword(String password) {
- this.password = password;
- }
-
- /**
- * @return the username
- */
- public String getUsername() {
- return username;
- }
-
- /**
- * @param username the username to set
- */
- public void setUsername(String username) {
- this.username = username;
- }
-
- /**
- * @return the user
- */
- public UserDatabaseFrom getUser() {
- return user;
- }
-
- /**
- * @param user the user to set
- */
- public void setUser(UserDatabaseFrom user) {
- this.user = user;
- }
-
- /**
- * @return the ssologouturl
- */
- public String getSsologouturl() {
- return ssologouturl;
- }
-
- /**
- * @return the formID
- */
- public String getFormID() {
- return formID;
- }
-
- /**
- * @param formID the formID to set
- */
- public void setFormID(String formID) {
- this.formID = formID;
- }
-
- /**
- * @return the pvp2LoginActiv
- */
- public boolean isPvp2LoginActiv() {
- return pvp2LoginActiv;
- }
-
-
+
+ /**
+ * @throws ConfigurationException
+ */
+
+ private static final long serialVersionUID = -2781497863862504896L;
+
+ private String password;
+ private String username;
+ private UserDatabaseFrom user = null;
+ private String formID;
+
+ private String ssologouturl;
+
+ private boolean pvp2LoginActiv = false;
+
+ public IndexAction() throws BasicActionException {
+ super();
+ }
+
+ public String start() {
+ try {
+ populateBasicInformations();
+
+ } catch (final BasicActionException e) {
+ return Constants.STRUTS_ERROR;
+
+ }
+
+ pvp2LoginActiv = configuration.isPVP2LoginActive();
+
+ if (session.getAttribute(Constants.SESSION_I18n) == null) {
+ session.setAttribute(Constants.SESSION_I18n,
+ Locale.forLanguageTag(configuration.getDefaultLanguage()));
+ }
+
+ if (configuration.isLoginDeaktivated()) {
+ return "loginWithOutAuth";
+
+ } else {
+ return Constants.STRUTS_SUCCESS;
+
+ }
+ }
+
+ public String authenticate() {
+
+ try {
+ populateBasicInformations();
+
+ } catch (final BasicActionException e) {
+ return Constants.STRUTS_ERROR;
+
+ }
+
+ pvp2LoginActiv = configuration.isPVP2LoginActive();
+
+ String key = null;
+
+ if (MiscUtil.isNotEmpty(username)) {
+ if (ValidationHelper.containsNotValidCharacter(username, false)) {
+ log.warn("Username contains potentail XSS characters: " + StringEscapeUtils.escapeHtml(username));
+ addActionError(LanguageHelper.getErrorString("validation.edituser.username.valid",
+ new Object[] { ValidationHelper.getNotValidCharacter(false) }, request));
+ return Constants.STRUTS_ERROR;
+ }
+ } else {
+ log.warn("Username is empty");
+ addActionError(LanguageHelper.getErrorString("validation.edituser.username.empty", request));
+ return Constants.STRUTS_ERROR;
+ }
+
+ if (MiscUtil.isEmpty(password)) {
+ log.warn("Password is empty");
+ addActionError(LanguageHelper.getErrorString("validation.edituser.password.empty", request));
+ return Constants.STRUTS_ERROR;
+
+ } else {
+ key = AuthenticationHelper.generateKeyFormPassword(password);
+ if (key == null) {
+ addActionError(LanguageHelper.getErrorString("validation.edituser.password.valid", request));
+ return Constants.STRUTS_ERROR;
+ }
+ }
+
+ final UserDatabase dbuser = configuration.getUserManagement().getUserWithUserName(username);
+ if (dbuser == null) {
+ log.warn("Unknown Username");
+ addActionError(LanguageHelper.getErrorString("webpages.index.login.notallowed", request));
+ return Constants.STRUTS_ERROR;
+
+ } else {
+ // TODO: maybe remove this default value in a later version
+ if (dbuser.isIsUsernamePasswordAllowed() == null) {
+ dbuser.setIsUsernamePasswordAllowed(true);
+ }
+
+ if (!dbuser.isIsActive() || !dbuser.isIsUsernamePasswordAllowed()) {
+ log.warn("Username " + StringEscapeUtils.escapeHtml(dbuser.getUsername())
+ + " is not active or Username/Password login is not allowed");
+ addActionError(LanguageHelper.getErrorString("webpages.index.login.notallowed", request));
+ return Constants.STRUTS_ERROR;
+ }
+
+ if (!dbuser.getPassword().equals(key)) {
+ log.warn("Username " + StringEscapeUtils.escapeHtml(dbuser.getUsername()) + " use a false password");
+ addActionError(LanguageHelper.getErrorString("webpages.index.login.notallowed", request));
+ return Constants.STRUTS_ERROR;
+ }
+
+ // TODO: maybe remove this default value in a later version
+ boolean ismandateuser = false;
+ if (dbuser.isIsMandateUser() != null) {
+ ismandateuser = dbuser.isIsMandateUser();
+ }
+
+ final int sessionTimeOut = session.getMaxInactiveInterval();
+ final Date sessionExpired = new Date(new Date().getTime() +
+ sessionTimeOut * Constants.ONE_MINUTE_IN_MILLIS);
+
+ final AuthenticatedUser authuser = new AuthenticatedUser(dbuser,
+ true,
+ ismandateuser,
+ false,
+ dbuser.getHjid() + "dbID",
+ "username/password",
+ sessionExpired);
+
+ // store user as authenticated user
+ final AuthenticationManager authManager = AuthenticationManager.getInstance();
+ authManager.setActiveUser(authuser);
+
+ final Date date = DateTimeHelper.parseDateTime(dbuser.getLastLogin());
+ if (date != null) {
+ authuser.setLastLogin(date);
+ }
+
+ dbuser.setLastLogin(DateTimeHelper.getDateTime(new Date()));
+
+ try {
+ configuration.getUserManagement().saveOrUpdate(dbuser);
+
+ } catch (final MOADatabaseException e) {
+ log.warn("UserDatabase communicaton error", e);
+ addActionError(LanguageHelper.getErrorString("error.login", request));
+ return Constants.STRUTS_ERROR;
+ } finally {
+ }
+
+ final HttpSession session = generateNewJSession(request);
+ session.setAttribute(Constants.SESSION_AUTH, authuser);
+
+ return Constants.STRUTS_SUCCESS;
+ }
+ }
+
+ public String pvp2login() {
+
+ try {
+ populateBasicInformations();
+
+ } catch (final BasicActionException e) {
+ return Constants.STRUTS_ERROR;
+
+ }
+
+ final String method = request.getMethod();
+ if (session == null) {
+ log.info("NO HTTP Session");
+ return Constants.STRUTS_ERROR;
+ }
+
+ final String authID = (String) session.getAttribute(Constants.SESSION_PVP2REQUESTID);
+ session.setAttribute(Constants.SESSION_PVP2REQUESTID, null);
+
+ if (method.equals("POST")) {
+
+ try {
+ pvp2LoginActiv = configuration.isPVP2LoginActive();
+
+ // Decode with HttpPost Binding
+ final HTTPPostDecoder decode = new HTTPPostDecoder(new BasicParserPool());
+ final BasicSAMLMessageContext<Response, ?, ?> messageContext =
+ new BasicSAMLMessageContext<>();
+ messageContext
+ .setInboundMessageTransport(new HttpServletRequestAdapter(
+ request));
+ decode.decode(messageContext);
+
+ final Response samlResponse = (Response) messageContext.getInboundMessage();
+
+ // ckeck InResponseTo matchs requestID
+ if (MiscUtil.isEmpty(authID)) {
+ log.info("NO AuthRequestID");
+ return Constants.STRUTS_ERROR;
+ }
+
+ if (!authID.equals(samlResponse.getInResponseTo())) {
+ log.warn("PVPRequestID does not match PVP2 Assertion ID!");
+ return Constants.STRUTS_ERROR;
+
+ }
+
+ // check response destination
+ String serviceURL = configuration.getPublicUrlPreFix(request);
+ if (!serviceURL.endsWith("/")) {
+ serviceURL = serviceURL + "/";
+ }
+
+ final String responseDestination = samlResponse.getDestination();
+ if (MiscUtil.isEmpty(responseDestination) ||
+ !responseDestination.equals(serviceURL + Constants.SERVLET_PVP2ASSERTION)) {
+ log.warn("PVPResponse destination does not match requested destination");
+ return Constants.STRUTS_ERROR;
+ }
+
+ // check if response is signed
+ final Signature sign = samlResponse.getSignature();
+ if (sign == null) {
+ log.info("Only http POST Requests can be used");
+ addActionError(LanguageHelper.getErrorString("error.login", request));
+ return Constants.STRUTS_ERROR;
+ }
+
+ // validate signature
+ PVP2Utils.validateSignature(samlResponse, configuration);
+
+ log.info("PVP2 Assertion is valid");
+
+ if (samlResponse.getStatus().getStatusCode().getValue().equals(StatusCode.SUCCESS_URI)) {
+
+ List<org.opensaml.saml2.core.Assertion> saml2assertions =
+ new ArrayList<>();
+
+ // check encrypted Assertion
+ final List<EncryptedAssertion> encryAssertionList = samlResponse.getEncryptedAssertions();
+ if (encryAssertionList != null && encryAssertionList.size() > 0) {
+ // decrypt assertions
+
+ log.debug("Found encryped assertion. Start decryption ...");
+
+ final KeyStore keyStore = configuration.getPVP2KeyStore();
+
+ final X509Credential authDecCredential = new KeyStoreX509CredentialAdapter(
+ keyStore,
+ configuration.getPVP2KeystoreAuthRequestEncryptionKeyAlias(),
+ configuration.getPVP2KeystoreAuthRequestEncryptionKeyPassword().toCharArray());
+
+ final StaticKeyInfoCredentialResolver skicr =
+ new StaticKeyInfoCredentialResolver(authDecCredential);
+
+ final ChainingEncryptedKeyResolver encryptedKeyResolver = new ChainingEncryptedKeyResolver();
+ encryptedKeyResolver.getResolverChain().add(new InlineEncryptedKeyResolver());
+ encryptedKeyResolver.getResolverChain().add(new EncryptedElementTypeEncryptedKeyResolver());
+ encryptedKeyResolver.getResolverChain().add(new SimpleRetrievalMethodEncryptedKeyResolver());
+
+ final Decrypter samlDecrypter =
+ new Decrypter(null, skicr, encryptedKeyResolver);
+
+ for (final EncryptedAssertion encAssertion : encryAssertionList) {
+ saml2assertions.add(samlDecrypter.decrypt(encAssertion));
+
+ }
+
+ log.debug("Assertion decryption finished. ");
+
+ } else {
+ saml2assertions = samlResponse.getAssertions();
+
+ }
+
+ for (final org.opensaml.saml2.core.Assertion saml2assertion : saml2assertions) {
+
+ final Conditions conditions = saml2assertion.getConditions();
+ final DateTime notbefore = conditions.getNotBefore();
+ final DateTime notafter = conditions.getNotOnOrAfter();
+ if (notbefore.isAfterNow() || notafter.isBeforeNow()) {
+ log.warn("PVP2 Assertion is out of Date");
+ return Constants.STRUTS_ERROR;
+
+ }
+
+ final Subject subject = saml2assertion.getSubject();
+ if (subject == null) {
+ log.warn("Assertion has no Subject element");
+ return Constants.STRUTS_ERROR;
+
+ }
+
+ final NameID nameID = subject.getNameID();
+ if (nameID == null) {
+ log.warn("No NameID element in PVP2 assertion!");
+ return Constants.STRUTS_ERROR;
+ }
+
+ final String bpkwbpk = nameID.getNameQualifier() + "+" + nameID.getValue();
+
+ final int sessionTimeOut = session.getMaxInactiveInterval();
+ final Date sessionExpired = new Date(new Date().getTime() +
+ sessionTimeOut * Constants.ONE_MINUTE_IN_MILLIS);
+
+ // search user
+ final UserDatabase dbuser = configuration.getUserManagement().getUserWithUserBPKWBPK(bpkwbpk);
+ if (dbuser == null) {
+ log.info("No user found with bpk/wbpk " + bpkwbpk);
+
+ // read PVP2 assertion attributes;
+ user = new UserDatabaseFrom();
+ user.setActive(false);
+ user.setAdmin(false);
+ user.setBpk(bpkwbpk);
+ user.setIsusernamepasswordallowed(false);
+ user.setIsmandateuser(false);
+ user.setPVPGenerated(true);
+
+ // loop through the nodes to get what we want
+ final List<AttributeStatement> attributeStatements = saml2assertion.getAttributeStatements();
+ for (final AttributeStatement attributeStatement : attributeStatements) {
+ final List<Attribute> attributes = attributeStatement.getAttributes();
+ for (final Attribute attribute : attributes) {
+ final String strAttributeName = attribute.getDOM().getAttribute("Name");
+
+ if (strAttributeName.equals(PVPAttributeDefinitions.PRINCIPAL_NAME_NAME)) {
+ user.setFamilyName(attribute.getAttributeValues().get(0).getDOM().getFirstChild()
+ .getNodeValue());
+ }
+
+ if (strAttributeName.equals(PVPAttributeDefinitions.GIVEN_NAME_NAME)) {
+ user.setGivenName(attribute.getAttributeValues().get(0).getDOM().getFirstChild()
+ .getNodeValue());
+ }
+
+ if (strAttributeName.equals(PVPAttributeDefinitions.MANDATE_TYPE_NAME)) {
+ user.setIsmandateuser(true);
+ }
+
+ if (strAttributeName.equals(PVPAttributeDefinitions.MANDATE_LEG_PER_FULL_NAME_NAME)) {
+ user.setInstitut(attribute.getAttributeValues().get(0).getDOM().getFirstChild()
+ .getNodeValue());
+ }
+ }
+ }
+
+ // create AuthUser data element
+ authUser = AuthenticatedUser.generateUserRequestUser(user,
+ nameID.getValue(),
+ nameID.getFormat(),
+ sessionExpired);
+
+ // store user as authenticated user
+ final AuthenticationManager authManager = AuthenticationManager.getInstance();
+ authManager.setActiveUser(authUser);
+
+ // set Random value
+ formID = Random.nextRandom();
+ session.setAttribute(Constants.SESSION_FORMID, formID);
+ session.setAttribute(Constants.SESSION_FORM, user);
+ session.setAttribute(Constants.SESSION_AUTH, authUser);
+
+ return Constants.STRUTS_NEWUSER;
+
+ } else {
+ if (!dbuser.isIsActive()) {
+
+ if (!dbuser.isIsMailAddressVerified()) {
+
+ formID = Random.nextRandom();
+ session.setAttribute(Constants.SESSION_FORMID, formID);
+
+ user = new UserDatabaseFrom(dbuser);
+ authUser = new AuthenticatedUser(dbuser,
+ false,
+ dbuser.isIsMandateUser(),
+ true,
+ nameID.getValue(),
+ nameID.getFormat(),
+ sessionExpired);
+
+ // store user as authenticated user
+ final AuthenticationManager authManager = AuthenticationManager.getInstance();
+ authManager.setActiveUser(authUser);
+
+ session.setAttribute(Constants.SESSION_FORM, user);
+ session.setAttribute(Constants.SESSION_AUTH, authUser);
+
+ return Constants.STRUTS_NEWUSER;
+
+ }
+
+ log.info("User with bpk/wbpk " + bpkwbpk + " is not active");
+ addActionError(LanguageHelper.getErrorString("webpages.index.username.notactive", request));
+ return Constants.STRUTS_ERROR;
+ }
+
+ // TODO: maybe remove this default value in a later version
+ boolean ismandateuser = false;
+ if (dbuser.isIsMandateUser() != null) {
+ ismandateuser = dbuser.isIsMandateUser();
+ }
+
+ authUser = new AuthenticatedUser(dbuser, true,
+ ismandateuser,
+ true,
+ nameID.getValue(),
+ nameID.getFormat(),
+ sessionExpired);
+
+ // store user as authenticated user
+ final AuthenticationManager authManager = AuthenticationManager.getInstance();
+ authManager.setActiveUser(authUser);
+
+ final Date date = DateTimeHelper.parseDateTime(dbuser.getLastLogin());
+ if (date != null) {
+ authUser.setLastLogin(date);
+ }
+
+ dbuser.setLastLogin(DateTimeHelper.getDateTime(new Date()));
+
+ try {
+ configuration.getUserManagement().saveOrUpdate(dbuser);
+
+ } catch (final MOADatabaseException e) {
+ log.warn("UserDatabase communicaton error", e);
+ addActionError(LanguageHelper.getErrorString("error.login", request));
+ return Constants.STRUTS_ERROR;
+ } finally {
+ }
+
+ final HttpSession newsession = generateNewJSession(request);
+ newsession.setAttribute(Constants.SESSION_AUTH, authUser);
+ return Constants.STRUTS_SUCCESS;
+
+ }
+ }
+
+ log.info("PVP2 Assertion was maybe not well formed, because no Assertion element could be found.");
+ addActionError(LanguageHelper.getErrorString("error.login.internal", request));
+ return Constants.STRUTS_ERROR;
+
+ } else {
+ log.info("Receive Error Assertion.");
+ addActionError(LanguageHelper.getErrorString("error.login", request));
+ return Constants.STRUTS_ERROR;
+ }
+
+ } catch (final Exception e) {
+ log.warn("An internal error occurs.", e);
+ addActionError(LanguageHelper.getErrorString("error.login.internal", request));
+ return Constants.STRUTS_ERROR;
+ }
+
+ } else {
+ log.info("Only http POST Requests can be used");
+ addActionError(LanguageHelper.getErrorString("error.login.internal", request));
+ return Constants.STRUTS_ERROR;
+ }
+ }
+
+ public String requestNewUser() {
+
+ try {
+ populateBasicInformations();
+
+ } catch (final BasicActionException e) {
+ return Constants.STRUTS_ERROR;
+
+ }
+
+ if (session == null) {
+ log.warn("No active Session found");
+ return Constants.STRUTS_ERROR;
+ }
+
+ final Object formidobj = session.getAttribute(Constants.SESSION_FORMID);
+ if (formidobj != null && formidobj instanceof String) {
+ final String formid = (String) formidobj;
+ if (!formid.equals(formID)) {
+ log.warn("FormIDs does not match. Some suspect Form is received from user "
+ + authUser.getFamilyName() + authUser.getGivenName() + authUser.getUserID());
+ return Constants.STRUTS_ERROR;
+ }
+ } else {
+ log.warn("FormIDs does not match. Some suspect Form is received from user "
+ + authUser.getFamilyName() + authUser.getGivenName() + authUser.getUserID());
+ return Constants.STRUTS_ERROR;
+ }
+ session.setAttribute(Constants.SESSION_FORMID, null);
+
+ final Object sessionformobj = session.getAttribute(Constants.SESSION_FORM);
+ if (sessionformobj != null && sessionformobj instanceof UserDatabaseFrom) {
+ final UserDatabaseFrom sessionform = (UserDatabaseFrom) sessionformobj;
+
+ final Object authUserObj = session.getAttribute(Constants.SESSION_AUTH);
+ authUser = (AuthenticatedUser) authUserObj;
+
+ if (user == null) {
+ log.warn("No form transmited");
+ return Constants.STRUTS_ERROR;
+ }
+
+ // get UserID
+ final String useridobj = user.getUserID();
+ long userID = -1;
+ if (MiscUtil.isEmpty(useridobj)) {
+ userID = -1;
+
+ } else {
+ if (!ValidationHelper.validateOAID(useridobj)) {
+ log.warn("User with ID " + authUser.getUserID()
+ + " would access UserDatabase ID " + useridobj);
+ addActionError(LanguageHelper.getErrorString("errors.edit.user.notallowed", request));
+ return Constants.STRUTS_ERROR;
+ }
+ userID = Long.valueOf(useridobj);
+ }
+
+ String check;
+ if (!sessionform.isIsmandateuser()) {
+ check = user.getInstitut();
+ if (MiscUtil.isNotEmpty(check)) {
+ if (ValidationHelper.containsNotValidCharacter(check, false)) {
+ log.warn("Organisation contains potentail XSS characters: " + StringEscapeUtils.escapeHtml(
+ check));
+ addActionError(LanguageHelper.getErrorString("validation.edituser.institut.valid",
+ new Object[] { ValidationHelper.getNotValidCharacter(false) }, request));
+ }
+ } else {
+ log.warn("Organisation is empty");
+ addActionError(LanguageHelper.getErrorString("validation.edituser.institut.empty", request));
+ }
+ }
+
+ check = user.getMail();
+ if (MiscUtil.isNotEmpty(check)) {
+ if (!ValidationHelper.isEmailAddressFormat(check)) {
+ log.warn("Mailaddress is not valid: " + StringEscapeUtils.escapeHtml(check));
+ addActionError(LanguageHelper.getErrorString("validation.edituser.mail.valid",
+ new Object[] { ValidationHelper.getNotValidCharacter(false) }, request));
+ }
+ } else {
+ log.warn("Mailaddress is empty");
+ addActionError(LanguageHelper.getErrorString("validation.edituser.mail.empty", request));
+ }
+
+ check = user.getPhone();
+ if (MiscUtil.isNotEmpty(check)) {
+ if (!ValidationHelper.validatePhoneNumber(check)) {
+ log.warn("No valid Phone Number: " + StringEscapeUtils.escapeHtml(check));
+ addActionError(LanguageHelper.getErrorString("validation.edituser.phone.valid",
+ new Object[] { ValidationHelper.getNotValidCharacter(false) }, request));
+ }
+ } else {
+ log.warn("Phonenumber is empty");
+ addActionError(LanguageHelper.getErrorString("validation.edituser.phone.empty", request));
+ }
+
+ if (hasActionErrors()) {
+ log.info("Some form errors found. Send user back to form");
+
+ user.setPVPGenerated(true);
+ user.setFamilyName(sessionform.getFamilyName());
+ user.setGivenName(sessionform.getGivenName());
+ user.setIsmandateuser(sessionform.isIsmandateuser());
+ user.setBpk(sessionform.getBpk());
+
+ if (sessionform.isIsmandateuser()) {
+ user.setInstitut(sessionform.getInstitut());
+ }
+
+ formID = Random.nextRandom();
+ session.setAttribute(Constants.SESSION_FORMID, formID);
+
+ return Constants.STRUTS_NEWUSER;
+ }
+
+ UserDatabase dbuser;
+
+ if (userID < 0) {
+ dbuser = new UserDatabase();
+ dbuser.setBpk(sessionform.getBpk());
+ dbuser.setFamilyname(sessionform.getFamilyName());
+ dbuser.setGivenname(sessionform.getGivenName());
+
+ if (sessionform.isIsmandateuser()) {
+ dbuser.setInstitut(sessionform.getInstitut());
+ } else {
+ dbuser.setInstitut(user.getInstitut());
+ }
+
+ dbuser.setIsPVP2Generated(true);
+ dbuser.setLastLogin(DateTimeHelper.getDateTime(new Date()));
+ dbuser.setIsActive(false);
+ dbuser.setIsAdmin(false);
+ dbuser.setIsMandateUser(sessionform.isIsmandateuser());
+ dbuser.setIsUsernamePasswordAllowed(false);
+
+ } else {
+ dbuser = configuration.getUserManagement().getUserWithID(userID);
+ }
+
+ dbuser.setMail(user.getMail());
+ dbuser.setPhone(user.getPhone());
+ dbuser.setIsAdminRequest(true);
+ dbuser.setIsMailAddressVerified(false);
+ dbuser.setUserRequestTokken(Random.nextRandom());
+
+ try {
+ configuration.getUserManagement().saveOrUpdate(dbuser);
+
+ MailHelper.sendUserMailAddressVerification(dbuser);
+
+ } catch (final MOADatabaseException e) {
+ log.warn("New UserRequest can not be stored in database", e);
+ return Constants.STRUTS_ERROR;
+
+ } catch (final ConfigurationException e) {
+ log.warn("Sending of mailaddress verification mail failed.", e);
+ addActionError(LanguageHelper.getErrorString("error.mail.send", request));
+ return Constants.STRUTS_NEWUSER;
+ }
+
+ finally {
+ session.setAttribute(Constants.SESSION_FORM, null);
+ session.setAttribute(Constants.SESSION_AUTH, null);
+ }
+
+ addActionMessage(LanguageHelper.getGUIString("webpages.edituser.changemailaddress.verify", request));
+
+ session.invalidate();
+
+ return Constants.STRUTS_SUCCESS;
+
+ } else {
+ log.warn("No SessionForm found");
+ return Constants.STRUTS_ERROR;
+ }
+
+ }
+
+ public String mailAddressVerification() {
+
+ try {
+ populateBasicInformations();
+
+ } catch (final BasicActionException e) {
+ return Constants.STRUTS_ERROR;
+
+ }
+
+ String userrequesttokken = request.getParameter(Constants.REQUEST_USERREQUESTTOKKEN);
+ if (MiscUtil.isNotEmpty(userrequesttokken)) {
+
+ userrequesttokken = StringEscapeUtils.escapeHtml(userrequesttokken);
+
+ try {
+ Long.parseLong(userrequesttokken);
+
+ } catch (final NumberFormatException e) {
+ log.warn("Verificationtokken has no number format.");
+ return Constants.STRUTS_ERROR;
+ }
+
+ final UserDatabase dbuser = configuration.getUserManagement().getNewUserWithTokken(userrequesttokken);
+ if (dbuser != null) {
+ dbuser.setUserRequestTokken(null);
+ dbuser.setIsMailAddressVerified(true);
+
+ if (dbuser.isIsActive()) {
+ dbuser.setIsAdminRequest(false);
+ }
+
+ try {
+ configuration.getUserManagement().saveOrUpdate(dbuser);
+
+ int numoas = 0;
+ int numusers = 0;
+
+ final List<OnlineApplication> openOAs = configuration.getDbRead().getAllNewOnlineApplications();
+ if (openOAs != null) {
+ numoas = openOAs.size();
+ }
+
+ final List<UserDatabase> openUsers = configuration.getUserManagement().getAllNewUsers();
+ if (openUsers != null) {
+ numusers = openUsers.size();
+ }
+
+ if (numusers > 0 || numoas > 0) {
+ MailHelper.sendAdminMail(numoas, numusers);
+ }
+
+ } catch (final MOADatabaseException e) {
+ log.warn("Userinformation can not be stored in Database.", e);
+ addActionError(LanguageHelper.getErrorString("error.mail.verification", request));
+
+ } catch (final ConfigurationException e) {
+ log.warn("Send mail to admin failed.", e);
+ }
+
+ finally {
+ }
+
+ addActionMessage(LanguageHelper.getGUIString("validation.newuser.mailaddress", request));
+ return Constants.STRUTS_SUCCESS;
+ }
+ }
+
+ return Constants.STRUTS_ERROR;
+ }
+
+ public String logout() {
+ final HttpSession session = request.getSession(false);
+
+ if (session != null) {
+ if (MiscUtil.isNotEmpty((String) session.getAttribute(Constants.SESSION_SLOSUCCESS))) {
+ addActionMessage((String) session.getAttribute(Constants.SESSION_SLOSUCCESS));
+ }
+
+ if (MiscUtil.isNotEmpty((String) session.getAttribute(Constants.SESSION_SLOERROR))) {
+ addActionError((String) session.getAttribute(Constants.SESSION_SLOERROR));
+ }
+
+ session.invalidate();
+
+ }
+
+ return Constants.STRUTS_SUCCESS;
+ }
+
+ private HttpSession generateNewJSession(HttpServletRequest request) {
+ HttpSession session = request.getSession(false);
+
+ if (session != null) {
+
+ final HashMap<String, Object> attributes = new HashMap<>();
+
+ final Enumeration<String> enames = session.getAttributeNames();
+ while (enames.hasMoreElements()) {
+ final String name = enames.nextElement();
+ if (!name.equals("JSESSIONID")) {
+ attributes.put(name, session.getAttribute(name));
+ }
+ }
+ session.invalidate();
+
+ session = request.getSession(true);
+ for (final Entry<String, Object> et : attributes.entrySet()) {
+ session.setAttribute(et.getKey(), et.getValue());
+ }
+
+ } else {
+ session = request.getSession(true);
+ }
+
+ return session;
+ }
+
+ /**
+ * @return the password
+ */
+ public String getPassword() {
+ return password;
+ }
+
+ /**
+ * @param password the password to set
+ */
+ public void setPassword(String password) {
+ this.password = password;
+ }
+
+ /**
+ * @return the username
+ */
+ public String getUsername() {
+ return username;
+ }
+
+ /**
+ * @param username the username to set
+ */
+ public void setUsername(String username) {
+ this.username = username;
+ }
+
+ /**
+ * @return the user
+ */
+ public UserDatabaseFrom getUser() {
+ return user;
+ }
+
+ /**
+ * @param user the user to set
+ */
+ public void setUser(UserDatabaseFrom user) {
+ this.user = user;
+ }
+
+ /**
+ * @return the ssologouturl
+ */
+ public String getSsologouturl() {
+ return ssologouturl;
+ }
+
+ /**
+ * @return the formID
+ */
+ @Override
+ public String getFormID() {
+ return formID;
+ }
+
+ /**
+ * @param formID the formID to set
+ */
+ @Override
+ public void setFormID(String formID) {
+ this.formID = formID;
+ }
+
+ /**
+ * @return the pvp2LoginActiv
+ */
+ public boolean isPvp2LoginActiv() {
+ return pvp2LoginActiv;
+ }
+
}
diff --git a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/struts/action/InterfederationIDPAction.java b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/struts/action/InterfederationIDPAction.java
index 180f32235..3918dfc16 100644
--- a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/struts/action/InterfederationIDPAction.java
+++ b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/struts/action/InterfederationIDPAction.java
@@ -25,8 +25,6 @@ package at.gv.egovernment.moa.id.configuration.struts.action;
import java.util.ArrayList;
import java.util.List;
-import org.apache.log4j.Logger;
-
import at.gv.egiz.eaaf.core.impl.utils.Random;
import at.gv.egovernment.moa.id.commons.db.dao.config.deprecated.AttributeProviderPlugin;
import at.gv.egovernment.moa.id.commons.db.dao.config.deprecated.IdentificationNumber;
@@ -46,438 +44,444 @@ import at.gv.egovernment.moa.id.configuration.exception.BasicActionException;
import at.gv.egovernment.moa.id.configuration.exception.BasicOAActionException;
import at.gv.egovernment.moa.id.configuration.helper.FormDataHelper;
import at.gv.egovernment.moa.id.configuration.helper.LanguageHelper;
+import lombok.extern.slf4j.Slf4j;
/**
* @author tlenz
*
*/
+@Slf4j
public class InterfederationIDPAction extends BasicOAAction {
- private static final Logger log = Logger.getLogger(InterfederationIDPAction.class);
- private static final long serialVersionUID = 2879192135387083131L;
-
- public static final String STRUTS_IDP_VIDP = "-VIDP";
- public static final String STRUTS_IDP_MOA = "-MOAIDP";
- public static final String STRUTS_IDP_GATEWAY = "-IDPGATEWAY";
-
- private List<OAListElement> formOAs;
-
- private String interfederationType;
-
- public InterfederationIDPAction() {
- super();
-
- }
-
- public String listAllIDPs() {
- try {
- populateBasicInformations();
-
- if (authUser.isAdmin()) {
- List<OnlineApplication> dbOAs = configuration.getDbRead().getAllOnlineApplications();
-
- if (dbOAs == null || dbOAs.size() == 0) {
- addActionError(LanguageHelper.getErrorString("errors.listOAs.noOA", request));
-
- } else {
- formOAs = FormDataHelper.populateFormWithInderfederationIDPs(dbOAs);
- }
-
- session.setAttribute(Constants.SESSION_RETURNAREA,
- Constants.STRUTS_RETURNAREA_VALUES.main.name());
-
- return Constants.STRUTS_SUCCESS;
-
- } else {
- log.warn("User with ID " + authUser.getUserID() + " not allowed to manage interfederation IDPs.");
- addActionError(LanguageHelper.getErrorString("errors.notallowed", request));
- return Constants.STRUTS_NOTALLOWED;
- }
-
- } catch (BasicActionException e) {
- return Constants.STRUTS_ERROR;
-
- } finally {
-
- }
- }
-
- public String newIDP() {
- log.debug("insert new interfederation IDP");
-
- try {
- populateBasicInformations();
-
- if (!authUser.isAdmin()) {
- log.warn("User with ID " + authUser.getUserID() + " not allowed to manage interfederation IDPs.");
- addActionError(LanguageHelper.getErrorString("errors.notallowed", request));
- return Constants.STRUTS_NOTALLOWED;
- }
-
- populateBasicNewOnlineApplicationInformation();
-
- if (STRUTS_IDP_MOA.equals(interfederationType)) {
- formList.putAll(MOAIDPAction.buildMOAIDPFormList());
-
- } else if (STRUTS_IDP_GATEWAY.equals(interfederationType)) {
- formList.putAll(IDPGatewayAction.buildIDPGatewayFormList());
-
- } else if (STRUTS_IDP_VIDP.equals(interfederationType)) {
- formList.putAll(VIDPAction.buildVIDPFormList());
- getStorkOA().setVidpEnabled(true);
- getStorkOA().getAttributeProviderPlugins().add(new AttributeProviderPlugin());
- session.setAttribute(Constants.SESSION_BKUFORMPREVIEW, getFormOA().getFormMap());
-
- } else {
- log.warn("Unkown interfederation IDP type");
- addActionError("Unkown interfederation IDP type");
- return Constants.STRUTS_ERROR;
- }
-
-
-
- } catch (BasicActionException e) {
- return Constants.STRUTS_ERROR;
-
- } finally {
-
- }
-
- return Constants.STRUTS_OA_EDIT + interfederationType;
-
- }
-
- public String loadIDPInformation() {
- try {
- populateBasicInformations();
-
- if (!authUser.isAdmin()) {
- log.warn("User with ID " + authUser.getUserID() + " not allowed to manage interfederation IDPs.");
- addActionError(LanguageHelper.getErrorString("errors.notallowed", request));
- return Constants.STRUTS_NOTALLOWED;
- }
-
- OnlineApplication oa = populateOnlineApplicationFromRequest();
-
- if (oa.isIsInterfederationIDP() != null
- && oa.isIsInterfederationIDP()) {
-
- formList.putAll(MOAIDPAction.buildMOAIDPFormList());
- interfederationType = STRUTS_IDP_MOA;
-
- } else if (oa.getAuthComponentOA().getOASTORK() != null
- && oa.getAuthComponentOA().getOASTORK().isVidpEnabled() != null
- && oa.getAuthComponentOA().getOASTORK().isVidpEnabled()) {
-
- formList.putAll(VIDPAction.buildVIDPFormList());
- if (getStorkOA().getAttributeProviderPlugins() == null ||
- getStorkOA().getAttributeProviderPlugins().size() == 0)
- getStorkOA().getAttributeProviderPlugins().add(new AttributeProviderPlugin());
- interfederationType = STRUTS_IDP_VIDP;
-
- } else if (oa.isIsInterfederationGateway() != null && oa.isIsInterfederationGateway()) {
- formList.putAll(IDPGatewayAction.buildIDPGatewayFormList());
- interfederationType = STRUTS_IDP_GATEWAY;
-
- } else {
- log.warn("Requested application is not an interfederation IDP.");
- return Constants.STRUTS_NOTALLOWED;
- }
-
- parseOAToForm(oa);
- return Constants.STRUTS_SUCCESS + interfederationType;
-
-
- } catch (BasicActionException e) {
- return Constants.STRUTS_ERROR;
-
- } catch (BasicOAActionException e) {
- addActionError(e.getStrutsError());
- return e.getStrutsReturnValue();
-
- } finally {
-
- }
- }
-
- public String saveIDP() {
-
- OnlineApplication onlineapplication= null;
-
- try {
- populateBasicInformations();
-
- if (!authUser.isAdmin()) {
- log.warn("User with ID " + authUser.getUserID() + " not allowed to manage interfederation IDPs.");
- addActionError(LanguageHelper.getErrorString("errors.notallowed", request));
- return Constants.STRUTS_NOTALLOWED;
- }
-
- onlineapplication = preProcessSaveOnlineApplication();
-
- if ( onlineapplication != null &&
- !((onlineapplication.isIsInterfederationIDP() != null && onlineapplication.isIsInterfederationIDP()) ||
- (onlineapplication.isIsInterfederationGateway() != null && onlineapplication.isIsInterfederationGateway()) ||
- (onlineapplication.getAuthComponentOA().getOASTORK() != null
- && onlineapplication.getAuthComponentOA().getOASTORK().isVidpEnabled() != null
- && onlineapplication.getAuthComponentOA().getOASTORK().isVidpEnabled()))) {
- log.warn("IDP which should be stored is not of type interfederation IDP.");
- addActionError("IDP which should be stored is not of type MOA-ID interfederation IDP.");
- return Constants.STRUTS_ERROR;
-
- }
-
- List<String> errors = new ArrayList<String>();
-
- //validate forms
- for (IOnlineApplicationData form : formList.values())
- errors.addAll(form.validate(getGeneralOA(), authUser, request));
-
-
- if (getPvp2OA() != null) {
- boolean publicServiceAllowed = ValidationHelper.isPublicServiceAllowed(getPvp2OA().getMetaDataURL());
- if (!publicServiceAllowed && !getGeneralOA().isBusinessService()) {
- log.info("Metadata URL " + getPvp2OA().getMetaDataURL() + " does not allow PublicService.");
- errors.add(LanguageHelper.getErrorString("validation.interfederation.moaidp.metadataurl.publicservice",
- new Object[] {getPvp2OA().getMetaDataURL()}, request ));
- getGeneralOA().setBusinessService(true);
-
- }
- }
-
-
- if (errors.size() > 0) {
- log.info("IDP-Configuration with ID " + getGeneralOA().getIdentifier() + " has some errors.");
- for (String el : errors)
- addActionError(el);
-
- formID = Random.nextRandom();
- session.setAttribute(Constants.SESSION_FORMID, formID);
- return Constants.STRUTS_ERROR_VALIDATION;
-
- } else {
- onlineapplication = postProcessSaveOnlineApplication(onlineapplication,
- !(this instanceof MOAIDPAction));
-
- //set default Target interfederated nameID caluclation
- if (getPvp2OA() != null) {
- if (getGeneralOA().isBusinessService()) {
- IdentificationNumber businessID = onlineapplication.getAuthComponentOA().getIdentificationNumber();
- if (businessID == null) {
- businessID = new IdentificationNumber();
- onlineapplication.getAuthComponentOA().setIdentificationNumber(businessID);
- }
- businessID.setValue(Constants.PREFIX_WPBK + "MOA-IDP+MOA-IDP");
- } else
- onlineapplication.setTarget("MOA-IDP");
-
- try {
- save(onlineapplication);
-
- } catch (MOADatabaseException e) {
- log.warn("Online-Application can not be stored.", e);
- return LanguageHelper.getErrorString("error.db.oa.store", request);
- }
- }
- }
-
- //remove session attributes
- session.setAttribute(Constants.SESSION_OAID, null);
-
- addActionMessage(LanguageHelper.getGUIString("webpages.idp.success", getGeneralOA().getIdentifier(), request));
- return Constants.STRUTS_SUCCESS;
-
-
- } catch (BasicActionException e) {
- return Constants.STRUTS_ERROR;
-
- } catch (BasicOAActionException e) {
- addActionError(e.getStrutsError());
- return e.getStrutsReturnValue();
-
- } finally {
-
- }
- }
-
- public String cancleAndBackIDP() {
- try {
- populateBasicInformations();
-
- if (!authUser.isAdmin()) {
- log.warn("User with ID " + authUser.getUserID() + " not allowed to manage interfederation IDPs.");
- addActionError(LanguageHelper.getErrorString("errors.notallowed", request));
- return Constants.STRUTS_NOTALLOWED;
- }
-
- session.setAttribute(Constants.SESSION_OAID, null);
- addActionMessage(LanguageHelper.getGUIString("webpages.idp.cancle", getGeneralOA().getIdentifier(), request));
-
- return Constants.STRUTS_SUCCESS;
-
- } catch (BasicActionException e) {
- return Constants.STRUTS_ERROR;
-
- } finally {
-
- }
- }
-
- public String deleteIDP() {
- String oaidentifier = null;
- try {
- populateBasicInformations();
-
- if (!authUser.isAdmin()) {
- log.warn("User with ID " + authUser.getUserID() + " not allowed to manage interfederation IDPs.");
- addActionError(LanguageHelper.getErrorString("errors.notallowed", request));
- return Constants.STRUTS_NOTALLOWED;
- }
-
- oaidentifier = preProcessDeleteOnlineApplication();
-
- session.setAttribute(Constants.SESSION_OAID, null);
- OnlineApplication onlineapplication = configuration.getDbRead().getOnlineApplication(oaidentifier);
-
+
+ private static final long serialVersionUID = 2879192135387083131L;
+
+ public static final String STRUTS_IDP_VIDP = "-VIDP";
+ public static final String STRUTS_IDP_MOA = "-MOAIDP";
+ public static final String STRUTS_IDP_GATEWAY = "-IDPGATEWAY";
+
+ private List<OAListElement> formOAs;
+
+ private String interfederationType;
+
+ public InterfederationIDPAction() {
+ super();
+
+ }
+
+ public String listAllIDPs() {
+ try {
+ populateBasicInformations();
+
+ if (authUser.isAdmin()) {
+ final List<OnlineApplication> dbOAs = configuration.getDbRead().getAllOnlineApplications();
+
+ if (dbOAs == null || dbOAs.size() == 0) {
+ addActionError(LanguageHelper.getErrorString("errors.listOAs.noOA", request));
+
+ } else {
+ formOAs = FormDataHelper.populateFormWithInderfederationIDPs(dbOAs);
+ }
+
+ session.setAttribute(Constants.SESSION_RETURNAREA,
+ Constants.STRUTS_RETURNAREA_VALUES.main.name());
+
+ return Constants.STRUTS_SUCCESS;
+
+ } else {
+ log.warn("User with ID " + authUser.getUserID() + " not allowed to manage interfederation IDPs.");
+ addActionError(LanguageHelper.getErrorString("errors.notallowed", request));
+ return Constants.STRUTS_NOTALLOWED;
+ }
+
+ } catch (final BasicActionException e) {
+ return Constants.STRUTS_ERROR;
+
+ } finally {
+
+ }
+ }
+
+ public String newIDP() {
+ log.debug("insert new interfederation IDP");
+
+ try {
+ populateBasicInformations();
+
+ if (!authUser.isAdmin()) {
+ log.warn("User with ID " + authUser.getUserID() + " not allowed to manage interfederation IDPs.");
+ addActionError(LanguageHelper.getErrorString("errors.notallowed", request));
+ return Constants.STRUTS_NOTALLOWED;
+ }
+
+ populateBasicNewOnlineApplicationInformation();
+
+ if (STRUTS_IDP_MOA.equals(interfederationType)) {
+ formList.putAll(MOAIDPAction.buildMOAIDPFormList());
+
+ } else if (STRUTS_IDP_GATEWAY.equals(interfederationType)) {
+ formList.putAll(IDPGatewayAction.buildIDPGatewayFormList());
+
+ } else if (STRUTS_IDP_VIDP.equals(interfederationType)) {
+ formList.putAll(VIDPAction.buildVIDPFormList());
+ getStorkOA().setVidpEnabled(true);
+ getStorkOA().getAttributeProviderPlugins().add(new AttributeProviderPlugin());
+ session.setAttribute(Constants.SESSION_BKUFORMPREVIEW, getFormOA().getFormMap());
+
+ } else {
+ log.warn("Unkown interfederation IDP type");
+ addActionError("Unkown interfederation IDP type");
+ return Constants.STRUTS_ERROR;
+ }
+
+ } catch (final BasicActionException e) {
+ return Constants.STRUTS_ERROR;
+
+ } finally {
+
+ }
+
+ return Constants.STRUTS_OA_EDIT + interfederationType;
+
+ }
+
+ public String loadIDPInformation() {
+ try {
+ populateBasicInformations();
+
+ if (!authUser.isAdmin()) {
+ log.warn("User with ID " + authUser.getUserID() + " not allowed to manage interfederation IDPs.");
+ addActionError(LanguageHelper.getErrorString("errors.notallowed", request));
+ return Constants.STRUTS_NOTALLOWED;
+ }
+
+ final OnlineApplication oa = populateOnlineApplicationFromRequest();
+
+ if (oa.isIsInterfederationIDP() != null
+ && oa.isIsInterfederationIDP()) {
+
+ formList.putAll(MOAIDPAction.buildMOAIDPFormList());
+ interfederationType = STRUTS_IDP_MOA;
+
+ } else if (oa.getAuthComponentOA().getOASTORK() != null
+ && oa.getAuthComponentOA().getOASTORK().isVidpEnabled() != null
+ && oa.getAuthComponentOA().getOASTORK().isVidpEnabled()) {
+
+ formList.putAll(VIDPAction.buildVIDPFormList());
+ if (getStorkOA().getAttributeProviderPlugins() == null ||
+ getStorkOA().getAttributeProviderPlugins().size() == 0) {
+ getStorkOA().getAttributeProviderPlugins().add(new AttributeProviderPlugin());
+ }
+ interfederationType = STRUTS_IDP_VIDP;
+
+ } else if (oa.isIsInterfederationGateway() != null && oa.isIsInterfederationGateway()) {
+ formList.putAll(IDPGatewayAction.buildIDPGatewayFormList());
+ interfederationType = STRUTS_IDP_GATEWAY;
+
+ } else {
+ log.warn("Requested application is not an interfederation IDP.");
+ return Constants.STRUTS_NOTALLOWED;
+ }
+
+ parseOAToForm(oa);
+ return Constants.STRUTS_SUCCESS + interfederationType;
+
+ } catch (final BasicActionException e) {
+ return Constants.STRUTS_ERROR;
+
+ } catch (final BasicOAActionException e) {
+ addActionError(e.getStrutsError());
+ return e.getStrutsReturnValue();
+
+ } finally {
+
+ }
+ }
+
+ public String saveIDP() {
+
+ OnlineApplication onlineapplication = null;
+
+ try {
+ populateBasicInformations();
+
+ if (!authUser.isAdmin()) {
+ log.warn("User with ID " + authUser.getUserID() + " not allowed to manage interfederation IDPs.");
+ addActionError(LanguageHelper.getErrorString("errors.notallowed", request));
+ return Constants.STRUTS_NOTALLOWED;
+ }
+
+ onlineapplication = preProcessSaveOnlineApplication();
+
+ if (onlineapplication != null &&
+ !(onlineapplication.isIsInterfederationIDP() != null && onlineapplication.isIsInterfederationIDP()
+ ||
+ onlineapplication.isIsInterfederationGateway() != null && onlineapplication
+ .isIsInterfederationGateway() ||
+ onlineapplication.getAuthComponentOA().getOASTORK() != null
+ && onlineapplication.getAuthComponentOA().getOASTORK().isVidpEnabled() != null
+ && onlineapplication.getAuthComponentOA().getOASTORK().isVidpEnabled())) {
+ log.warn("IDP which should be stored is not of type interfederation IDP.");
+ addActionError("IDP which should be stored is not of type MOA-ID interfederation IDP.");
+ return Constants.STRUTS_ERROR;
+
+ }
+
+ final List<String> errors = new ArrayList<>();
+
+ // validate forms
+ for (final IOnlineApplicationData form : formList.values()) {
+ errors.addAll(form.validate(getGeneralOA(), authUser, request));
+ }
+
+ if (getPvp2OA() != null) {
+ final boolean publicServiceAllowed = ValidationHelper.isPublicServiceAllowed(getPvp2OA()
+ .getMetaDataURL());
+ if (!publicServiceAllowed && !getGeneralOA().isBusinessService()) {
+ log.info("Metadata URL " + getPvp2OA().getMetaDataURL() + " does not allow PublicService.");
+ errors.add(LanguageHelper.getErrorString(
+ "validation.interfederation.moaidp.metadataurl.publicservice",
+ new Object[] { getPvp2OA().getMetaDataURL() }, request));
+ getGeneralOA().setBusinessService(true);
+
+ }
+ }
+
+ if (errors.size() > 0) {
+ log.info("IDP-Configuration with ID " + getGeneralOA().getIdentifier() + " has some errors.");
+ for (final String el : errors) {
+ addActionError(el);
+ }
+
+ formID = Random.nextRandom();
+ session.setAttribute(Constants.SESSION_FORMID, formID);
+ return Constants.STRUTS_ERROR_VALIDATION;
+
+ } else {
+ onlineapplication = postProcessSaveOnlineApplication(onlineapplication,
+ !(this instanceof MOAIDPAction));
+
+ // set default Target interfederated nameID caluclation
+ if (getPvp2OA() != null) {
+ if (getGeneralOA().isBusinessService()) {
+ IdentificationNumber businessID = onlineapplication.getAuthComponentOA()
+ .getIdentificationNumber();
+ if (businessID == null) {
+ businessID = new IdentificationNumber();
+ onlineapplication.getAuthComponentOA().setIdentificationNumber(businessID);
+ }
+ businessID.setValue(Constants.PREFIX_WPBK + "MOA-IDP+MOA-IDP");
+ } else {
+ onlineapplication.setTarget("MOA-IDP");
+ }
+
+ try {
+ save(onlineapplication);
+
+ } catch (final MOADatabaseException e) {
+ log.warn("Online-Application can not be stored.", e);
+ return LanguageHelper.getErrorString("error.db.oa.store", request);
+ }
+ }
+ }
+
+ // remove session attributes
+ session.setAttribute(Constants.SESSION_OAID, null);
+
+ addActionMessage(LanguageHelper.getGUIString("webpages.idp.success", getGeneralOA().getIdentifier(),
+ request));
+ return Constants.STRUTS_SUCCESS;
+
+ } catch (final BasicActionException e) {
+ return Constants.STRUTS_ERROR;
+
+ } catch (final BasicOAActionException e) {
+ addActionError(e.getStrutsError());
+ return e.getStrutsReturnValue();
+
+ } finally {
+
+ }
+ }
+
+ public String cancleAndBackIDP() {
+ try {
+ populateBasicInformations();
+
+ if (!authUser.isAdmin()) {
+ log.warn("User with ID " + authUser.getUserID() + " not allowed to manage interfederation IDPs.");
+ addActionError(LanguageHelper.getErrorString("errors.notallowed", request));
+ return Constants.STRUTS_NOTALLOWED;
+ }
+
+ session.setAttribute(Constants.SESSION_OAID, null);
+ addActionMessage(LanguageHelper.getGUIString("webpages.idp.cancle", getGeneralOA().getIdentifier(),
+ request));
+
+ return Constants.STRUTS_SUCCESS;
+
+ } catch (final BasicActionException e) {
+ return Constants.STRUTS_ERROR;
+
+ } finally {
+
+ }
+ }
+
+ public String deleteIDP() {
+ String oaidentifier = null;
+ try {
+ populateBasicInformations();
+
+ if (!authUser.isAdmin()) {
+ log.warn("User with ID " + authUser.getUserID() + " not allowed to manage interfederation IDPs.");
+ addActionError(LanguageHelper.getErrorString("errors.notallowed", request));
+ return Constants.STRUTS_NOTALLOWED;
+ }
+
+ oaidentifier = preProcessDeleteOnlineApplication();
+
+ session.setAttribute(Constants.SESSION_OAID, null);
+ final OnlineApplication onlineapplication = configuration.getDbRead().getOnlineApplication(
+ oaidentifier);
+
// try {
// if (onlineapplication.getAuthComponentOA().getOAPVP2() != null &&
// MiscUtil.isNotEmpty(onlineapplication.getAuthComponentOA().getOAPVP2().getMetadataURL())) {
// MOAIDConfiguration moaconfig = configuration.getDbRead().getMOAIDConfiguration();
// moaconfig.setPvp2RefreshItem(new Date());
// ConfigurationDBUtils.saveOrUpdate(moaconfig);
-//
+//
// }
// } catch (Throwable e) {
// log.info("Found no MetadataURL in OA-Databaseconfig!", e);
// }
-
- if (delete(onlineapplication)) {
- addActionMessage(LanguageHelper.getGUIString("webpages.oaconfig.delete.message", oaidentifier, request));
- return Constants.STRUTS_SUCCESS;
-
- } else {
- addActionError(LanguageHelper.getGUIString("webpages.oaconfig.delete.error", oaidentifier, request));
- return Constants.STRUTS_SUCCESS;
- }
-
- } catch (BasicActionException e) {
- return Constants.STRUTS_ERROR;
-
- } catch (BasicOAActionException e) {
- addActionError(e.getStrutsError());
- return e.getStrutsReturnValue();
-
- } finally {
-
- }
-
- }
-
- /**
- * @param oa
- */
- private void parseOAToForm(OnlineApplication oa) {
- List<String> errors = new ArrayList<String>();
- for (IOnlineApplicationData form : formList.values()) {
- List<String> error = form.parse(oa, authUser, request);
- if (error != null)
- errors.addAll(error);
- }
- if (errors.size() > 0) {
- for (String el : errors)
- addActionError(el);
- }
- setNewOA(false);
-
+ if (delete(onlineapplication)) {
+ addActionMessage(LanguageHelper.getGUIString("webpages.oaconfig.delete.message", oaidentifier,
+ request));
+ return Constants.STRUTS_SUCCESS;
- formID = Random.nextRandom();
- session.setAttribute(Constants.SESSION_FORMID, formID);
- session.setAttribute(Constants.SESSION_OAID, oaid);
- }
-
- /**
- * @return the formOAs
- */
- public List<OAListElement> getFormOAs() {
- return formOAs;
- }
-
- public OAMOAIDPInterfederationConfig getMoaIDP() {
- return (OAMOAIDPInterfederationConfig) formList.get(new OAMOAIDPInterfederationConfig().getName());
- }
+ } else {
+ addActionError(LanguageHelper.getGUIString("webpages.oaconfig.delete.error", oaidentifier, request));
+ return Constants.STRUTS_SUCCESS;
+ }
- public void setMoaIDP(OAMOAIDPInterfederationConfig pvp2oa) {
- formList.put(pvp2oa.getName(), pvp2oa);
- }
+ } catch (final BasicActionException e) {
+ return Constants.STRUTS_ERROR;
- public PVPGatewayInterfederationConfig getPVPGateway() {
- return (PVPGatewayInterfederationConfig) formList.get(new PVPGatewayInterfederationConfig().getName());
- }
-
- public void setPVPGateway(PVPGatewayInterfederationConfig val) {
- formList.put(val.getName(), val);
- }
-
- /**
- * @return the formOA
- */
- public OATargetConfiguration getTargetConfig() {
- return (OATargetConfiguration) formList.get(new OATargetConfiguration().getName());
- }
+ } catch (final BasicOAActionException e) {
+ addActionError(e.getStrutsError());
+ return e.getStrutsReturnValue();
- /**
- * @param formOA the formOA to set
- */
- public void setTargetConfig(OATargetConfiguration formOA) {
- formList.put(formOA.getName(), formOA);
- }
-
- /**
- * @return the formOA
- */
- public FormularCustomization getFormOA() {
- return (FormularCustomization) formList.get(new FormularCustomization(null).getName());
- }
+ } finally {
- /**
- * @param formOA the formOA to set
- */
- public void setFormOA(FormularCustomization formOA) {
- formList.put(formOA.getName(), formOA);
- }
-
- public OASTORKConfig getStorkOA() {
- return (OASTORKConfig) formList.get(new OASTORKConfig().getName());
}
- public void setStorkOA(OASTORKConfig storkOA) {
- formList.put(storkOA.getName(), storkOA);
+ }
+
+ /**
+ * @param oa
+ */
+ private void parseOAToForm(OnlineApplication oa) {
+ final List<String> errors = new ArrayList<>();
+ for (final IOnlineApplicationData form : formList.values()) {
+ final List<String> error = form.parse(oa, authUser, request);
+ if (error != null) {
+ errors.addAll(error);
+ }
}
-
-
- public OAAuthenticationData getAuthOA() {
- return (OAAuthenticationData) formList.get(new OAAuthenticationData().getName());
+ if (errors.size() > 0) {
+ for (final String el : errors) {
+ addActionError(el);
+ }
}
- public void setAuthOA(OAAuthenticationData generalOA) {
- formList.put(generalOA.getName(), generalOA);
- }
-
-
- /**
- * @return the interfederationType
- */
- public String getInterfederationType() {
- return interfederationType;
- }
-
- /**
- * @param interfederationType the interfederationType to set
- */
- public void setInterfederationType(String interfederationType) {
- this.interfederationType = interfederationType;
- }
-
-
-
+ setNewOA(false);
+
+ formID = Random.nextRandom();
+ session.setAttribute(Constants.SESSION_FORMID, formID);
+ session.setAttribute(Constants.SESSION_OAID, oaid);
+ }
+
+ /**
+ * @return the formOAs
+ */
+ public List<OAListElement> getFormOAs() {
+ return formOAs;
+ }
+
+ public OAMOAIDPInterfederationConfig getMoaIDP() {
+ return (OAMOAIDPInterfederationConfig) formList.get(new OAMOAIDPInterfederationConfig().getName());
+ }
+
+ public void setMoaIDP(OAMOAIDPInterfederationConfig pvp2oa) {
+ formList.put(pvp2oa.getName(), pvp2oa);
+ }
+
+ public PVPGatewayInterfederationConfig getPVPGateway() {
+ return (PVPGatewayInterfederationConfig) formList.get(new PVPGatewayInterfederationConfig().getName());
+ }
+
+ public void setPVPGateway(PVPGatewayInterfederationConfig val) {
+ formList.put(val.getName(), val);
+ }
+
+ /**
+ * @return the formOA
+ */
+ public OATargetConfiguration getTargetConfig() {
+ return (OATargetConfiguration) formList.get(new OATargetConfiguration().getName());
+ }
+
+ /**
+ * @param formOA the formOA to set
+ */
+ public void setTargetConfig(OATargetConfiguration formOA) {
+ formList.put(formOA.getName(), formOA);
+ }
+
+ /**
+ * @return the formOA
+ */
+ public FormularCustomization getFormOA() {
+ return (FormularCustomization) formList.get(new FormularCustomization(null).getName());
+ }
+
+ /**
+ * @param formOA the formOA to set
+ */
+ public void setFormOA(FormularCustomization formOA) {
+ formList.put(formOA.getName(), formOA);
+ }
+
+ public OASTORKConfig getStorkOA() {
+ return (OASTORKConfig) formList.get(new OASTORKConfig().getName());
+ }
+
+ public void setStorkOA(OASTORKConfig storkOA) {
+ formList.put(storkOA.getName(), storkOA);
+ }
+
+ public OAAuthenticationData getAuthOA() {
+ return (OAAuthenticationData) formList.get(new OAAuthenticationData().getName());
+ }
+
+ public void setAuthOA(OAAuthenticationData generalOA) {
+ formList.put(generalOA.getName(), generalOA);
+ }
+
+ /**
+ * @return the interfederationType
+ */
+ public String getInterfederationType() {
+ return interfederationType;
+ }
+
+ /**
+ * @param interfederationType the interfederationType to set
+ */
+ public void setInterfederationType(String interfederationType) {
+ this.interfederationType = interfederationType;
+ }
+
}
diff --git a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/struts/action/ListOAsAction.java b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/struts/action/ListOAsAction.java
index ca018d5b0..11be61bb6 100644
--- a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/struts/action/ListOAsAction.java
+++ b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/struts/action/ListOAsAction.java
@@ -25,179 +25,162 @@ package at.gv.egovernment.moa.id.configuration.struts.action;
import java.util.ArrayList;
import java.util.List;
-import javax.servlet.http.HttpServletRequest;
-import javax.servlet.http.HttpServletResponse;
-import javax.servlet.http.HttpSession;
-
-import org.apache.log4j.Logger;
-import org.apache.struts2.interceptor.ServletRequestAware;
-import org.apache.struts2.interceptor.ServletResponseAware;
-
-import com.opensymphony.xwork2.ActionSupport;
-
-import at.gv.egovernment.moa.id.commons.db.dao.config.deprecated.OnlineApplication;
import at.gv.egovernment.moa.id.commons.db.dao.config.UserDatabase;
+import at.gv.egovernment.moa.id.commons.db.dao.config.deprecated.OnlineApplication;
import at.gv.egovernment.moa.id.commons.validation.ValidationHelper;
import at.gv.egovernment.moa.id.config.webgui.exception.ConfigurationException;
import at.gv.egovernment.moa.id.configuration.Constants;
-import at.gv.egovernment.moa.id.configuration.auth.AuthenticatedUser;
import at.gv.egovernment.moa.id.configuration.data.OAListElement;
import at.gv.egovernment.moa.id.configuration.exception.BasicActionException;
import at.gv.egovernment.moa.id.configuration.helper.FormDataHelper;
import at.gv.egovernment.moa.id.configuration.helper.LanguageHelper;
import at.gv.egovernment.moa.util.MiscUtil;
+import lombok.extern.slf4j.Slf4j;
+@Slf4j
public class ListOAsAction extends BasicAction {
-
- private final Logger log = Logger.getLogger(ListOAsAction.class);
-
- private static final long serialVersionUID = 1L;
-
- private List<OAListElement> formOAs;
- private String friendlyname;
-
- public ListOAsAction() throws ConfigurationException {
+
+ private static final long serialVersionUID = 1L;
+
+ private List<OAListElement> formOAs;
+ private String friendlyname;
+
+ public ListOAsAction() throws ConfigurationException {
// configuration = ConfigurationProvider.getInstance();
- }
-
-
- public String listAllOnlineAppliactions() {
- try {
- populateBasicInformations();
-
- } catch (BasicActionException e) {
- return Constants.STRUTS_ERROR;
-
- }
-
- List<OnlineApplication> dbOAs = null;
-
- if (authUser.isAdmin()) {
- dbOAs = configuration.getDbRead().getAllOnlineApplications();
-
- } else {
- UserDatabase authUserDB = configuration.getUserManagement().getUserWithID(authUser.getUserID());
-
- if (authUserDB != null) {
- for (String el : authUserDB.getOnlineApplication()) {
- dbOAs.add(configuration.getDbRead().getOnlineApplication(Long.valueOf(el)));
-
- }
- }
- }
-
- if (dbOAs == null || dbOAs.size() == 0) {
- addActionError(LanguageHelper.getErrorString("errors.listOAs.noOA", request));
-
- } else {
- formOAs = FormDataHelper.populateFormWithOAs(dbOAs);
- }
-
- session.setAttribute(Constants.SESSION_RETURNAREA,
- Constants.STRUTS_RETURNAREA_VALUES.main.name());
-
-
- return Constants.STRUTS_SUCCESS;
- }
-
- public String searchOAInit() {
-
- try {
- populateBasicInformations();
-
- } catch (BasicActionException e) {
- return Constants.STRUTS_ERROR;
-
- }
-
- formOAs = null;
- friendlyname = "";
-
- return Constants.STRUTS_SUCCESS;
-
- }
-
- public String searchOA() {
- try {
- populateBasicInformations();
-
- } catch (BasicActionException e) {
- return Constants.STRUTS_ERROR;
-
- }
-
- if (MiscUtil.isEmpty(friendlyname)) {
- log.info("SearchOA textfield is empty");
- addActionError(LanguageHelper.getErrorString("validation.general.oafriendlyname.empty", request));
- return Constants.STRUTS_SUCCESS;
-
- } else {
- if (ValidationHelper.containsNotValidCharacter(friendlyname, false)) {
- log.warn("SearchOA textfield contains potential XSS characters");
- addActionError(LanguageHelper.getErrorString("validation.general.oafriendlyname.valid",
- new Object[] {ValidationHelper.getNotValidCharacter(false)}, request));
- return Constants.STRUTS_SUCCESS;
- }
- }
-
- List<OnlineApplication> dbOAs = null;
-
- if (authUser.isAdmin()) {
- dbOAs = configuration.getDbRead().searchOnlineApplications(friendlyname);
-
- } else {
- UserDatabase authUserDB = configuration.getUserManagement().getUserWithID(authUser.getUserID());
- if (authUserDB != null) {
- List<String> alldbOAs = authUserDB.getOnlineApplication();
-
- dbOAs = new ArrayList<OnlineApplication>();
-
- for (String el : alldbOAs) {
- OnlineApplication oa = configuration.getDbRead().getOnlineApplication(Long.valueOf(el));
-
- if (oa.getPublicURLPrefix()
- .toLowerCase().indexOf(friendlyname.toLowerCase()) > -1)
- dbOAs.add(oa);
- }
- }
- }
-
- if (dbOAs == null || dbOAs.size() == 0) {
- log.debug("No IDPs found with Identifier " + friendlyname);
- addActionError(LanguageHelper.getErrorString("errors.listOAs.noOA", request));
-
- } else {
- formOAs = FormDataHelper.populateFormWithOAs(dbOAs);
-
- }
-
-
- return Constants.STRUTS_SUCCESS;
- }
-
- /**
- * @return the formOAs
- */
- public List<OAListElement> getFormOAs() {
- return formOAs;
- }
-
-
- /**
- * @return the friendlyname
- */
- public String getFriendlyname() {
- return friendlyname;
- }
-
-
- /**
- * @param friendlyname the friendlyname to set
- */
- public void setFriendlyname(String friendlyname) {
- this.friendlyname = friendlyname;
- }
-
-
+ }
+
+ public String listAllOnlineAppliactions() {
+ try {
+ populateBasicInformations();
+
+ } catch (final BasicActionException e) {
+ return Constants.STRUTS_ERROR;
+
+ }
+
+ List<OnlineApplication> dbOAs = null;
+
+ if (authUser.isAdmin()) {
+ dbOAs = configuration.getDbRead().getAllOnlineApplications();
+
+ } else {
+ final UserDatabase authUserDB = configuration.getUserManagement().getUserWithID(authUser.getUserID());
+
+ if (authUserDB != null) {
+ for (final String el : authUserDB.getOnlineApplication()) {
+ dbOAs.add(configuration.getDbRead().getOnlineApplication(Long.valueOf(el)));
+
+ }
+ }
+ }
+
+ if (dbOAs == null || dbOAs.size() == 0) {
+ addActionError(LanguageHelper.getErrorString("errors.listOAs.noOA", request));
+
+ } else {
+ formOAs = FormDataHelper.populateFormWithOAs(dbOAs);
+ }
+
+ session.setAttribute(Constants.SESSION_RETURNAREA,
+ Constants.STRUTS_RETURNAREA_VALUES.main.name());
+
+ return Constants.STRUTS_SUCCESS;
+ }
+
+ public String searchOAInit() {
+
+ try {
+ populateBasicInformations();
+
+ } catch (final BasicActionException e) {
+ return Constants.STRUTS_ERROR;
+
+ }
+
+ formOAs = null;
+ friendlyname = "";
+
+ return Constants.STRUTS_SUCCESS;
+
+ }
+
+ public String searchOA() {
+ try {
+ populateBasicInformations();
+
+ } catch (final BasicActionException e) {
+ return Constants.STRUTS_ERROR;
+
+ }
+
+ if (MiscUtil.isEmpty(friendlyname)) {
+ log.info("SearchOA textfield is empty");
+ addActionError(LanguageHelper.getErrorString("validation.general.oafriendlyname.empty", request));
+ return Constants.STRUTS_SUCCESS;
+
+ } else {
+ if (ValidationHelper.containsNotValidCharacter(friendlyname, false)) {
+ log.warn("SearchOA textfield contains potential XSS characters");
+ addActionError(LanguageHelper.getErrorString("validation.general.oafriendlyname.valid",
+ new Object[] { ValidationHelper.getNotValidCharacter(false) }, request));
+ return Constants.STRUTS_SUCCESS;
+ }
+ }
+
+ List<OnlineApplication> dbOAs = null;
+
+ if (authUser.isAdmin()) {
+ dbOAs = configuration.getDbRead().searchOnlineApplications(friendlyname);
+
+ } else {
+ final UserDatabase authUserDB = configuration.getUserManagement().getUserWithID(authUser.getUserID());
+ if (authUserDB != null) {
+ final List<String> alldbOAs = authUserDB.getOnlineApplication();
+
+ dbOAs = new ArrayList<>();
+
+ for (final String el : alldbOAs) {
+ final OnlineApplication oa = configuration.getDbRead().getOnlineApplication(Long.valueOf(el));
+
+ if (oa.getPublicURLPrefix()
+ .toLowerCase().indexOf(friendlyname.toLowerCase()) > -1) {
+ dbOAs.add(oa);
+ }
+ }
+ }
+ }
+
+ if (dbOAs == null || dbOAs.size() == 0) {
+ log.debug("No IDPs found with Identifier " + friendlyname);
+ addActionError(LanguageHelper.getErrorString("errors.listOAs.noOA", request));
+
+ } else {
+ formOAs = FormDataHelper.populateFormWithOAs(dbOAs);
+
+ }
+
+ return Constants.STRUTS_SUCCESS;
+ }
+
+ /**
+ * @return the formOAs
+ */
+ public List<OAListElement> getFormOAs() {
+ return formOAs;
+ }
+
+ /**
+ * @return the friendlyname
+ */
+ public String getFriendlyname() {
+ return friendlyname;
+ }
+
+ /**
+ * @param friendlyname the friendlyname to set
+ */
+ public void setFriendlyname(String friendlyname) {
+ this.friendlyname = friendlyname;
+ }
}
diff --git a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/struts/action/MOAIDPAction.java b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/struts/action/MOAIDPAction.java
index 8c04a382a..ce3af689d 100644
--- a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/struts/action/MOAIDPAction.java
+++ b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/struts/action/MOAIDPAction.java
@@ -34,26 +34,25 @@ import at.gv.egovernment.moa.id.configuration.data.oa.OAPVP2Config;
*/
public class MOAIDPAction extends InterfederationIDPAction {
- private static final long serialVersionUID = -2047128481980413334L;
-
- public MOAIDPAction() {
- super();
- formList.putAll(buildMOAIDPFormList());
- }
-
- public static LinkedHashMap<String, IOnlineApplicationData> buildMOAIDPFormList() {
-
- LinkedHashMap<String, IOnlineApplicationData> forms =
- new LinkedHashMap<String, IOnlineApplicationData>();
-
-
- OAPVP2Config pvp2OA = new OAPVP2Config();
- forms.put(pvp2OA.getName(), pvp2OA);
-
- OAMOAIDPInterfederationConfig moaidp = new OAMOAIDPInterfederationConfig();
- forms.put(moaidp.getName(), moaidp);
-
- return forms;
- }
+ private static final long serialVersionUID = -2047128481980413334L;
+
+ public MOAIDPAction() {
+ super();
+ formList.putAll(buildMOAIDPFormList());
+ }
+
+ public static LinkedHashMap<String, IOnlineApplicationData> buildMOAIDPFormList() {
+
+ final LinkedHashMap<String, IOnlineApplicationData> forms =
+ new LinkedHashMap<>();
+
+ final OAPVP2Config pvp2OA = new OAPVP2Config();
+ forms.put(pvp2OA.getName(), pvp2OA);
+
+ final OAMOAIDPInterfederationConfig moaidp = new OAMOAIDPInterfederationConfig();
+ forms.put(moaidp.getName(), moaidp);
+
+ return forms;
+ }
}
diff --git a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/struts/action/MainAction.java b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/struts/action/MainAction.java
index ea6f17fc7..785eb583a 100644
--- a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/struts/action/MainAction.java
+++ b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/struts/action/MainAction.java
@@ -22,41 +22,41 @@
*******************************************************************************/
package at.gv.egovernment.moa.id.configuration.struts.action;
-import org.apache.log4j.Logger;
-
import at.gv.egovernment.moa.id.configuration.Constants;
import at.gv.egovernment.moa.id.configuration.exception.BasicActionException;
+import lombok.extern.slf4j.Slf4j;
+@Slf4j
public class MainAction extends BasicAction {
-
- private static final long serialVersionUID = 221178766809263908L;
-
- private static final Logger log = Logger.getLogger(MainAction.class);
-
- public String changeLanguage() {
-
- return Constants.STRUTS_SUCCESS;
- }
-
- public String generateMainFrame() {
-
- try {
- populateBasicInformations();
-
- } catch (BasicActionException e) {
- return Constants.STRUTS_ERROR;
-
- }
-
- if (hasActionMessages())
- setActionMessages(getActionMessages());
-
- if (hasActionErrors())
- setActionErrors(getActionErrors());
-
- session.setAttribute(Constants.SESSION_RETURNAREA, null);
-
- return Constants.STRUTS_SUCCESS;
- }
-
+
+ private static final long serialVersionUID = 221178766809263908L;
+
+ public String changeLanguage() {
+
+ return Constants.STRUTS_SUCCESS;
+ }
+
+ public String generateMainFrame() {
+
+ try {
+ populateBasicInformations();
+
+ } catch (final BasicActionException e) {
+ return Constants.STRUTS_ERROR;
+
+ }
+
+ if (hasActionMessages()) {
+ setActionMessages(getActionMessages());
+ }
+
+ if (hasActionErrors()) {
+ setActionErrors(getActionErrors());
+ }
+
+ session.setAttribute(Constants.SESSION_RETURNAREA, null);
+
+ return Constants.STRUTS_SUCCESS;
+ }
+
}
diff --git a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/struts/action/OpenAdminRequestsAction.java b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/struts/action/OpenAdminRequestsAction.java
index 26d4e13ab..e1965e951 100644
--- a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/struts/action/OpenAdminRequestsAction.java
+++ b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/struts/action/OpenAdminRequestsAction.java
@@ -24,81 +24,68 @@ package at.gv.egovernment.moa.id.configuration.struts.action;
import java.util.List;
-import javax.servlet.http.HttpServletRequest;
-import javax.servlet.http.HttpServletResponse;
-import javax.servlet.http.HttpSession;
-
-import org.apache.log4j.Logger;
-import org.apache.struts2.interceptor.ServletRequestAware;
-import org.apache.struts2.interceptor.ServletResponseAware;
-
-import at.gv.egovernment.moa.id.commons.db.dao.config.deprecated.OnlineApplication;
import at.gv.egovernment.moa.id.commons.db.dao.config.UserDatabase;
+import at.gv.egovernment.moa.id.commons.db.dao.config.deprecated.OnlineApplication;
import at.gv.egovernment.moa.id.configuration.Constants;
import at.gv.egovernment.moa.id.configuration.auth.AuthenticatedUser;
import at.gv.egovernment.moa.id.configuration.data.OAListElement;
import at.gv.egovernment.moa.id.configuration.exception.BasicActionException;
import at.gv.egovernment.moa.id.configuration.helper.FormDataHelper;
+import lombok.extern.slf4j.Slf4j;
-import com.opensymphony.xwork2.ActionSupport;
-
+@Slf4j
public class OpenAdminRequestsAction extends BasicAction {
-
- private static final Logger log = Logger.getLogger(OpenAdminRequestsAction.class);
-
- private static final long serialVersionUID = 1L;
-
- private List<OAListElement> formOAs = null;
- private List<AuthenticatedUser> userlist = null;
-
-
- public String init() {
-
- try {
- populateBasicInformations();
-
- } catch (BasicActionException e) {
- return Constants.STRUTS_ERROR;
-
- }
-
- if (authUser.isAdmin()) {
-
- List<OnlineApplication> dbOAs = configuration.getDbRead().getAllNewOnlineApplications();
- if (dbOAs != null) {
- formOAs = FormDataHelper.populateFormWithOAs(dbOAs);
- }
-
- List<UserDatabase> dbUsers = configuration.getUserManagement().getAllNewUsers();
- if (dbUsers != null){
- userlist = FormDataHelper.addFormUsers(dbUsers);
- }
-
- session.setAttribute(Constants.SESSION_RETURNAREA,
- Constants.STRUTS_RETURNAREA_VALUES.adminRequestsInit.name());
-
- return Constants.STRUTS_SUCCESS;
- } else {
- log.info("Access to OpenAdminRequest area is not allowed for user with ID" + authUser.getUserID());
- return Constants.STRUTS_NOTALLOWED;
- }
-
- }
-
-
- /**
- * @return the formOAs
- */
- public List<OAListElement> getFormOAs() {
- return formOAs;
- }
-
-
- /**
- * @return the userlist
- */
- public List<AuthenticatedUser> getUserlist() {
- return userlist;
- }
-
+
+ private static final long serialVersionUID = 1L;
+
+ private List<OAListElement> formOAs = null;
+ private List<AuthenticatedUser> userlist = null;
+
+ public String init() {
+
+ try {
+ populateBasicInformations();
+
+ } catch (final BasicActionException e) {
+ return Constants.STRUTS_ERROR;
+
+ }
+
+ if (authUser.isAdmin()) {
+
+ final List<OnlineApplication> dbOAs = configuration.getDbRead().getAllNewOnlineApplications();
+ if (dbOAs != null) {
+ formOAs = FormDataHelper.populateFormWithOAs(dbOAs);
+ }
+
+ final List<UserDatabase> dbUsers = configuration.getUserManagement().getAllNewUsers();
+ if (dbUsers != null) {
+ userlist = FormDataHelper.addFormUsers(dbUsers);
+ }
+
+ session.setAttribute(Constants.SESSION_RETURNAREA,
+ Constants.STRUTS_RETURNAREA_VALUES.adminRequestsInit.name());
+
+ return Constants.STRUTS_SUCCESS;
+ } else {
+ log.info("Access to OpenAdminRequest area is not allowed for user with ID" + authUser.getUserID());
+ return Constants.STRUTS_NOTALLOWED;
+ }
+
+ }
+
+ /**
+ * @return the formOAs
+ */
+ public List<OAListElement> getFormOAs() {
+ return formOAs;
+ }
+
+ /**
+ * @return the userlist
+ */
+ public List<AuthenticatedUser> getUserlist() {
+ return userlist;
+ }
+
}
diff --git a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/struts/action/UserManagementAction.java b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/struts/action/UserManagementAction.java
index 26afb0205..6a60b6816 100644
--- a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/struts/action/UserManagementAction.java
+++ b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/struts/action/UserManagementAction.java
@@ -26,14 +26,6 @@ import java.io.ByteArrayInputStream;
import java.io.InputStream;
import java.util.List;
-import javax.servlet.http.HttpServletRequest;
-import javax.servlet.http.HttpServletResponse;
-import javax.servlet.http.HttpSession;
-
-import org.apache.log4j.Logger;
-import org.apache.struts2.interceptor.ServletRequestAware;
-import org.apache.struts2.interceptor.ServletResponseAware;
-
import at.gv.egiz.eaaf.core.impl.utils.Random;
import at.gv.egovernment.moa.id.commons.db.dao.config.UserDatabase;
import at.gv.egovernment.moa.id.commons.db.ex.MOADatabaseException;
@@ -49,564 +41,570 @@ import at.gv.egovernment.moa.id.configuration.helper.LanguageHelper;
import at.gv.egovernment.moa.id.configuration.helper.MailHelper;
import at.gv.egovernment.moa.id.configuration.validation.UserDatabaseFormValidator;
import at.gv.egovernment.moa.util.MiscUtil;
+import lombok.extern.slf4j.Slf4j;
-import com.opensymphony.xwork2.ActionSupport;
-
+@Slf4j
public class UserManagementAction extends BasicAction {
-
- private static final Logger log = Logger.getLogger(UserManagementAction.class);
-
- private static final long serialVersionUID = 1L;
-
- private List<AuthenticatedUser> userlist = null;
- private UserDatabaseFrom user = null;
-
- private String useridobj = null;
- private static boolean newUser = false;
- private InputStream stream;
- private String nextPage;
- private String formID;
-
- public String init() {
- try {
- populateBasicInformations();
-
- } catch (BasicActionException e) {
- return Constants.STRUTS_ERROR;
-
- }
-
- if (session == null) {
- log.info("No http Session found.");
- return Constants.STRUTS_ERROR;
- }
-
- if (authUser.isAdmin()) {
-
- log.info("Show NewserRequests");
-
- log.info("Show UserList");
-
- List<UserDatabase> dbuserlist = configuration.getUserManagement().getAllUsers();
-
- if (dbuserlist != null) {
- userlist = FormDataHelper.addFormUsers(dbuserlist);
- }
-
- session.setAttribute(Constants.SESSION_RETURNAREA,
- Constants.STRUTS_RETURNAREA_VALUES.usermanagementInit.name());
-
- return Constants.STRUTS_SUCCESS;
-
- } else {
- log.info("User with ID " + authUser.getUserID() + " is not admin. Show only EditUser Frame");
- UserDatabase dbuser = configuration.getUserManagement().getUserWithID(authUser.getUserID());
- if (dbuser == null) {
- return Constants.STRUTS_REAUTHENTICATE;
- }
- user = new UserDatabaseFrom(dbuser);
-
- session.setAttribute(Constants.SESSION_RETURNAREA,
- Constants.STRUTS_RETURNAREA_VALUES.main.name());
-
- formID = Random.nextRandom();
- session.setAttribute(Constants.SESSION_FORMID, formID);
-
- return Constants.STRUTS_NOTALLOWED;
- }
- }
-
- public String createuser() {
- try {
- populateBasicInformations();
-
- } catch (BasicActionException e) {
- return Constants.STRUTS_ERROR;
-
- }
-
- nextPage = Constants.STRUTS_RETURNAREA_VALUES.usermanagementInit.name();
-
- if (authUser.isAdmin()) {
-
- user = new UserDatabaseFrom();
-
- newUser = true;
-
- formID = Random.nextRandom();
- session.setAttribute(Constants.SESSION_FORMID, formID);
- return Constants.STRUTS_SUCCESS;
-
- } else {
- return Constants.STRUTS_NOTALLOWED;
- }
- }
-
- public String edituser() {
- try {
- populateBasicInformations();
-
- } catch (BasicActionException e) {
- return Constants.STRUTS_ERROR;
-
- }
-
- Object nextPageAttr = session.getAttribute(Constants.SESSION_RETURNAREA);
- if (nextPageAttr != null && nextPageAttr instanceof String
- && MiscUtil.isNotEmpty((String)nextPageAttr) ) {
- nextPage = (String) nextPageAttr;
-
- } else {
- nextPage = Constants.STRUTS_RETURNAREA_VALUES.usermanagementInit.name();
- }
-
- formID = Random.nextRandom();
- session.setAttribute(Constants.SESSION_FORMID, formID);
-
- if (authUser.isAdmin()) {
- long userid = -1;
-
- if (!ValidationHelper.validateOAID(useridobj)) {
- addActionError(LanguageHelper.getErrorString("errors.edit.user.userid", request));
- return Constants.STRUTS_ERROR;
- }
- userid = Long.valueOf(useridobj);
-
- UserDatabase dbuser = configuration.getUserManagement().getUserWithID(userid);
- if (dbuser == null) {
- log.info("No User with ID " + userid + " in Database");;
- addActionError(LanguageHelper.getErrorString("errors.edit.user.userid", request));
- return Constants.STRUTS_ERROR;
- }
- user = new UserDatabaseFrom(dbuser);
-
- newUser = false;
-
- return Constants.STRUTS_SUCCESS;
-
- } else {
- log.info("User with ID " + authUser.getUserID() + " is not admin. Show his own EditUser Frame");
- UserDatabase dbuser = configuration.getUserManagement().getUserWithID(authUser.getUserID());
- user = new UserDatabaseFrom(dbuser);
- return Constants.STRUTS_SUCCESS;
- }
- }
-
- public String saveuser() {
- try {
- populateBasicInformations();
-
- } catch (BasicActionException e) {
- return Constants.STRUTS_ERROR;
-
- }
-
- Object formidobj = session.getAttribute(Constants.SESSION_FORMID);
- if (formidobj != null && formidobj instanceof String) {
- String formid = (String) formidobj;
- if (!formid.equals(formID)) {
- log.warn("FormIDs does not match. Some suspect Form is received from user "
- + authUser.getFamilyName() + authUser.getGivenName() + authUser.getUserID());
- return Constants.STRUTS_ERROR;
- }
- } else {
- log.warn("FormIDs does not match. Some suspect Form is received from user "
- + authUser.getFamilyName() + authUser.getGivenName() + authUser.getUserID());
- return Constants.STRUTS_ERROR;
- }
- session.setAttribute(Constants.SESSION_FORMID, null);
-
- String useridobj = user.getUserID();
- long userID = -1;
- if (MiscUtil.isEmpty(useridobj)) {
- userID = -1;
-
- } else {
- if (!ValidationHelper.validateOAID(useridobj)){
- log.warn("User with ID " + authUser.getUserID()
- + " would access UserDatabase ID " + useridobj);
- addActionError(LanguageHelper.getErrorString("errors.edit.user.notallowed", request));
- return Constants.STRUTS_ERROR;
- }
- userID = Long.valueOf(useridobj);
- }
-
- UserDatabase dbuser = configuration.getUserManagement().getUserWithID(userID);
-
- if( dbuser == null) {
- dbuser = new UserDatabase();
- dbuser.setIsMandateUser(false);
- dbuser.setIsAdminRequest(false);
- dbuser.setIsPVP2Generated(false);
- dbuser.setUserRequestTokken(null);
- dbuser.setIsMailAddressVerified(false);
- dbuser.setUsername(user.getUsername());
- }
-
- List<String> errors;
- UserDatabaseFormValidator validator = new UserDatabaseFormValidator();
-
- boolean ispvp2 = false;
- boolean ismandate = false;
- if (dbuser.isIsPVP2Generated() != null)
- ispvp2 = dbuser.isIsPVP2Generated();
-
- if (dbuser.isIsMandateUser() != null)
- ismandate = dbuser.isIsMandateUser();
-
- errors = validator.validate(user, userID, ispvp2, ismandate, request);
-
- if (errors.size() > 0) {
- log.info("UserDataForm has some erros.");
- for (String el : errors)
- addActionError(el);
- user.setPassword("");
-
- if (MiscUtil.isEmpty(user.getUsername()))
- newUser = true;
-
- user.setIsmandateuser(ismandate);
- user.setPVPGenerated(ispvp2);
- if (dbuser.isIsUsernamePasswordAllowed() != null)
- user.setIsusernamepasswordallowed(dbuser.isIsUsernamePasswordAllowed());
-
- formID = Random.nextRandom();
- session.setAttribute(Constants.SESSION_FORMID, formID);
-
- return Constants.STRUTS_ERROR_VALIDATION;
- }
-
- if (!authUser.isAdmin()) {
- if (authUser.getUserID() != userID) {
- log.warn("User with ID " + authUser.getUserID()
- + " would access UserDatabase Entry " + user.getUsername());
- addActionError(LanguageHelper.getErrorString("errors.edit.user.notallowed", request));
- return Constants.STRUTS_ERROR;
- }
-
- }
-
- if (!user.getMail().equals(dbuser.getMail()) && !authUser.isAdmin()) {
- dbuser.setIsMailAddressVerified(false);
- dbuser.setUserRequestTokken(Random.nextRandom());
-
- try {
- MailHelper.sendUserMailAddressVerification(dbuser);
- addActionMessage(LanguageHelper.getGUIString("webpages.edituser.changemailaddress.verify", request));
-
- } catch (ConfigurationException e) {
- log.warn("Sending of mailaddress verification mail failed.", e);
- addActionError(LanguageHelper.getErrorString("error.mail.send", request));
- }
- }
-
- Object nextPageAttr = session.getAttribute(Constants.SESSION_RETURNAREA);
- if (nextPageAttr != null && nextPageAttr instanceof String
- && MiscUtil.isNotEmpty((String)nextPageAttr) ) {
- nextPage = (String) nextPageAttr;
-
- if (nextPage.equals(Constants.STRUTS_RETURNAREA_VALUES.adminRequestsInit.name()) &&
- user.isActive()) {
- dbuser.setIsAdminRequest(false);
- try {
- if (dbuser.isIsMandateUser())
- MailHelper.sendUserAccountActivationMail(dbuser.getGivenname(), dbuser.getFamilyname(),
- dbuser.getInstitut(), user.getMail());
- else
- MailHelper.sendUserAccountActivationMail(dbuser.getGivenname(), dbuser.getFamilyname(),
- null, user.getMail());
-
- } catch (ConfigurationException e) {
- log.warn("Send UserAccountActivation mail failed", e);
- }
- }
- session.setAttribute(Constants.SESSION_RETURNAREA, null);
-
- } else {
- nextPage = Constants.STRUTS_RETURNAREA_VALUES.usermanagementInit.name();
- }
-
- String error = saveFormToDB(dbuser);
-
- if (error != null) {
- log.warn("UserData can not be stored in Database");
- addActionError(error);
- return Constants.STRUTS_SUCCESS;
- }
-
- return Constants.STRUTS_SUCCESS;
- }
-
- public String deleteuser() {
- try {
- populateBasicInformations();
-
- } catch (BasicActionException e) {
- return Constants.STRUTS_ERROR;
-
- }
-
- Object formidobj = session.getAttribute(Constants.SESSION_FORMID);
- if (formidobj != null && formidobj instanceof String) {
- String formid = (String) formidobj;
- if (!formid.equals(formID)) {
- log.warn("FormIDs does not match. Some suspect Form is received from user "
- + authUser.getFamilyName() + authUser.getGivenName() + authUser.getUserID());
- return Constants.STRUTS_ERROR;
- }
- } else {
- log.warn("FormIDs does not match. Some suspect Form is received from user "
- + authUser.getFamilyName() + authUser.getGivenName() + authUser.getUserID());
- return Constants.STRUTS_ERROR;
- }
- session.setAttribute(Constants.SESSION_FORMID, null);
-
- String useridobj = user.getUserID();
- long userID = -1;
- if (MiscUtil.isEmpty(useridobj)) {
- userID = -1;
-
- } else {
- if (!ValidationHelper.validateOAID(useridobj)){
- log.warn("User with ID " + authUser.getUserID()
- + " would access UserDatabase ID " + useridobj);
- addActionError(LanguageHelper.getErrorString("errors.edit.user.notallowed", request));
- return Constants.STRUTS_ERROR;
- }
- userID = Long.valueOf(useridobj);
- }
-
- if (!authUser.isAdmin()) {
- if (authUser.getUserID() != userID) {
- log.warn("User with ID " + authUser.getUserID()
- + " would access UserDatabase Entry " + user.getUsername());
- addActionError(LanguageHelper.getErrorString("errors.edit.user.notallowed", request));
- return Constants.STRUTS_ERROR;
- }
- }
-
- Object nextPageAttr = session.getAttribute(Constants.SESSION_RETURNAREA);
- if (nextPageAttr != null && nextPageAttr instanceof String
- && MiscUtil.isNotEmpty((String)nextPageAttr) ) {
- nextPage = (String) nextPageAttr;
- session.setAttribute(Constants.SESSION_RETURNAREA, null);
-
- } else {
- nextPage = Constants.STRUTS_RETURNAREA_VALUES.usermanagementInit.name();
- }
-
- UserDatabase dbuser = configuration.getUserManagement().getUserWithID(userID);
- if (dbuser != null) {
- dbuser.setOaIDs(null);
-
- try {
- configuration.getUserManagement().saveOrUpdate(dbuser);
- configuration.getUserManagement().delete(dbuser);
-
- if (authUser.isAdmin()) {
- MailHelper.sendUserAccountRevocationMail(dbuser);
- }
-
- if (dbuser.getHjid().equals(String.valueOf(authUser.getUserID()))) {
- return Constants.STRUTS_REAUTHENTICATE;
- }
-
- } catch (MOADatabaseException e) {
- log.warn("UserData can not be deleted from Database", e);
- addActionError(e.getMessage());
- return Constants.STRUTS_SUCCESS;
-
- } catch (ConfigurationException e) {
- log.warn("Information mail sending failed.", e);
- addActionError(e.getMessage());
- return Constants.STRUTS_SUCCESS;
- }
-
- finally {
- }
- }
-
-
- return Constants.STRUTS_SUCCESS;
- }
-
- public String sendVerificationMail () {
- try {
- populateBasicInformations();
-
- } catch (BasicActionException e) {
- return Constants.STRUTS_ERROR;
-
- }
-
- String message = LanguageHelper.getErrorString("error.mail.send", request);
-
- if (authUser != null) {
- UserDatabase dbuser = configuration.getUserManagement().getUserWithID(authUser.getUserID());
-
- if (dbuser != null) {
- dbuser.setIsMailAddressVerified(false);
- dbuser.setUserRequestTokken(Random.nextRandom());
-
- try {
- configuration.getUserManagement().saveOrUpdate(dbuser);
-
- MailHelper.sendUserMailAddressVerification(dbuser);
-
- message = LanguageHelper.getErrorString("webpages.edituser.verify.mail.message", request);
-
- } catch (ConfigurationException e) {
- log.warn("Sending of mailaddress verification mail failed.", e);
- message = LanguageHelper.getErrorString("error.mail.send", request);
-
- } catch (MOADatabaseException e) {
- log.warn("Access UserInformationDatabase failed.", e);
- }
- }
- }
-
- stream = new ByteArrayInputStream(message.getBytes());
-
- return SUCCESS;
- }
-
- private String saveFormToDB(UserDatabase dbuser) {
-
- dbuser.setMail(user.getMail());
- dbuser.setPhone(user.getPhone());
-
- if (authUser.isAdmin() || dbuser.isIsUsernamePasswordAllowed()) {
- dbuser.setIsUsernamePasswordAllowed(user.isIsusernamepasswordallowed());
-
- if (authUser.isAdmin()) {
- dbuser.setIsActive(user.isActive());
- dbuser.setIsAdmin(user.isAdmin());
-
- }
- }
-
- if (dbuser.isIsPVP2Generated() == null || !dbuser.isIsPVP2Generated()) {
- dbuser.setFamilyname(user.getFamilyName());
- dbuser.setGivenname(user.getGivenName());
- dbuser.setInstitut(user.getInstitut());
-
- if (authUser.isAdmin()) {
- dbuser.setBpk(user.getBpk());
- if ( user.getBpk().startsWith(Constants.IDENIFICATIONTYPE_BASEID
- + "X" + Constants.IDENIFICATIONTYPE_FN) ||
- user.getBpk().startsWith(Constants.IDENIFICATIONTYPE_BASEID
- + "X" + Constants.IDENIFICATIONTYPE_ZVR) ||
- user.getBpk().startsWith(Constants.IDENIFICATIONTYPE_BASEID
- + "X" + Constants.IDENIFICATIONTYPE_ERSB)) {
- dbuser.setIsMandateUser(true);
- }
- }
-
- } else {
- if (!dbuser.isIsMandateUser())
- dbuser.setInstitut(user.getInstitut());
- }
-
- if (dbuser.isIsUsernamePasswordAllowed()) {
-
- if (MiscUtil.isNotEmpty(user.getUsername()) && MiscUtil.isEmpty(dbuser.getUsername()))
- dbuser.setUsername(user.getUsername());
-
- if (MiscUtil.isNotEmpty(user.getPassword())) {
- String key = AuthenticationHelper.generateKeyFormPassword(user.getPassword());
- if (key == null) {
- return LanguageHelper.getErrorString("errors.edit.user.save", request);
- }
- dbuser.setPassword(key);
- }
- }
-
- try {
- configuration.getUserManagement().saveOrUpdate(dbuser);
- } catch (MOADatabaseException e) {
- log.warn("User information can not be stored in Database.", e);
- return LanguageHelper.getErrorString("errors.edit.user.save", request);
- }
-
- return null;
- }
-
-
- /**
- * @return the userlist
- */
- public List<AuthenticatedUser> getUserlist() {
- return userlist;
- }
-
- /**
- * @param userlist the userlist to set
- */
- public void setUserlist(List<AuthenticatedUser> userlist) {
- this.userlist = userlist;
- }
-
- /**
- * @return the user
- */
- public UserDatabaseFrom getUser() {
- return user;
- }
-
- /**
- * @param user the user to set
- */
- public void setUser(UserDatabaseFrom user) {
- this.user = user;
- }
-
- /**
- * @return the useridobj
- */
- public String getUseridobj() {
- return useridobj;
- }
-
- /**
- * @param useridobj the useridobj to set
- */
- public void setUseridobj(String useridobj) {
- this.useridobj = useridobj;
- }
-
- /**
- * @return the newUser
- */
- public boolean isNewUser() {
- return newUser;
- }
-
- /**
- * @return the nextPage
- */
- public String getNextPage() {
- return nextPage;
- }
-
- /**
- * @return the stream
- */
- public InputStream getStream() {
- return stream;
- }
-
- /**
- * @return the formID
- */
- public String getFormID() {
- return formID;
- }
-
- /**
- * @param formID the formID to set
- */
- public void setFormID(String formID) {
- this.formID = formID;
- }
-
+
+ private static final long serialVersionUID = 1L;
+
+ private List<AuthenticatedUser> userlist = null;
+ private UserDatabaseFrom user = null;
+
+ private String useridobj = null;
+ private static boolean newUser = false;
+ private InputStream stream;
+ private String nextPage;
+ private String formID;
+
+ public String init() {
+ try {
+ populateBasicInformations();
+
+ } catch (final BasicActionException e) {
+ return Constants.STRUTS_ERROR;
+
+ }
+
+ if (session == null) {
+ log.info("No http Session found.");
+ return Constants.STRUTS_ERROR;
+ }
+
+ if (authUser.isAdmin()) {
+
+ log.info("Show NewserRequests");
+
+ log.info("Show UserList");
+
+ final List<UserDatabase> dbuserlist = configuration.getUserManagement().getAllUsers();
+
+ if (dbuserlist != null) {
+ userlist = FormDataHelper.addFormUsers(dbuserlist);
+ }
+
+ session.setAttribute(Constants.SESSION_RETURNAREA,
+ Constants.STRUTS_RETURNAREA_VALUES.usermanagementInit.name());
+
+ return Constants.STRUTS_SUCCESS;
+
+ } else {
+ log.info("User with ID " + authUser.getUserID() + " is not admin. Show only EditUser Frame");
+ final UserDatabase dbuser = configuration.getUserManagement().getUserWithID(authUser.getUserID());
+ if (dbuser == null) {
+ return Constants.STRUTS_REAUTHENTICATE;
+ }
+ user = new UserDatabaseFrom(dbuser);
+
+ session.setAttribute(Constants.SESSION_RETURNAREA,
+ Constants.STRUTS_RETURNAREA_VALUES.main.name());
+
+ formID = Random.nextRandom();
+ session.setAttribute(Constants.SESSION_FORMID, formID);
+
+ return Constants.STRUTS_NOTALLOWED;
+ }
+ }
+
+ public String createuser() {
+ try {
+ populateBasicInformations();
+
+ } catch (final BasicActionException e) {
+ return Constants.STRUTS_ERROR;
+
+ }
+
+ nextPage = Constants.STRUTS_RETURNAREA_VALUES.usermanagementInit.name();
+
+ if (authUser.isAdmin()) {
+
+ user = new UserDatabaseFrom();
+
+ newUser = true;
+
+ formID = Random.nextRandom();
+ session.setAttribute(Constants.SESSION_FORMID, formID);
+ return Constants.STRUTS_SUCCESS;
+
+ } else {
+ return Constants.STRUTS_NOTALLOWED;
+ }
+ }
+
+ public String edituser() {
+ try {
+ populateBasicInformations();
+
+ } catch (final BasicActionException e) {
+ return Constants.STRUTS_ERROR;
+
+ }
+
+ final Object nextPageAttr = session.getAttribute(Constants.SESSION_RETURNAREA);
+ if (nextPageAttr != null && nextPageAttr instanceof String
+ && MiscUtil.isNotEmpty((String) nextPageAttr)) {
+ nextPage = (String) nextPageAttr;
+
+ } else {
+ nextPage = Constants.STRUTS_RETURNAREA_VALUES.usermanagementInit.name();
+ }
+
+ formID = Random.nextRandom();
+ session.setAttribute(Constants.SESSION_FORMID, formID);
+
+ if (authUser.isAdmin()) {
+ long userid = -1;
+
+ if (!ValidationHelper.validateOAID(useridobj)) {
+ addActionError(LanguageHelper.getErrorString("errors.edit.user.userid", request));
+ return Constants.STRUTS_ERROR;
+ }
+ userid = Long.valueOf(useridobj);
+
+ final UserDatabase dbuser = configuration.getUserManagement().getUserWithID(userid);
+ if (dbuser == null) {
+ log.info("No User with ID " + userid + " in Database");
+ addActionError(LanguageHelper.getErrorString("errors.edit.user.userid", request));
+ return Constants.STRUTS_ERROR;
+ }
+ user = new UserDatabaseFrom(dbuser);
+
+ newUser = false;
+
+ return Constants.STRUTS_SUCCESS;
+
+ } else {
+ log.info("User with ID " + authUser.getUserID() + " is not admin. Show his own EditUser Frame");
+ final UserDatabase dbuser = configuration.getUserManagement().getUserWithID(authUser.getUserID());
+ user = new UserDatabaseFrom(dbuser);
+ return Constants.STRUTS_SUCCESS;
+ }
+ }
+
+ public String saveuser() {
+ try {
+ populateBasicInformations();
+
+ } catch (final BasicActionException e) {
+ return Constants.STRUTS_ERROR;
+
+ }
+
+ final Object formidobj = session.getAttribute(Constants.SESSION_FORMID);
+ if (formidobj != null && formidobj instanceof String) {
+ final String formid = (String) formidobj;
+ if (!formid.equals(formID)) {
+ log.warn("FormIDs does not match. Some suspect Form is received from user "
+ + authUser.getFamilyName() + authUser.getGivenName() + authUser.getUserID());
+ return Constants.STRUTS_ERROR;
+ }
+ } else {
+ log.warn("FormIDs does not match. Some suspect Form is received from user "
+ + authUser.getFamilyName() + authUser.getGivenName() + authUser.getUserID());
+ return Constants.STRUTS_ERROR;
+ }
+ session.setAttribute(Constants.SESSION_FORMID, null);
+
+ final String useridobj = user.getUserID();
+ long userID = -1;
+ if (MiscUtil.isEmpty(useridobj)) {
+ userID = -1;
+
+ } else {
+ if (!ValidationHelper.validateOAID(useridobj)) {
+ log.warn("User with ID " + authUser.getUserID()
+ + " would access UserDatabase ID " + useridobj);
+ addActionError(LanguageHelper.getErrorString("errors.edit.user.notallowed", request));
+ return Constants.STRUTS_ERROR;
+ }
+ userID = Long.valueOf(useridobj);
+ }
+
+ UserDatabase dbuser = configuration.getUserManagement().getUserWithID(userID);
+
+ if (dbuser == null) {
+ dbuser = new UserDatabase();
+ dbuser.setIsMandateUser(false);
+ dbuser.setIsAdminRequest(false);
+ dbuser.setIsPVP2Generated(false);
+ dbuser.setUserRequestTokken(null);
+ dbuser.setIsMailAddressVerified(false);
+ dbuser.setUsername(user.getUsername());
+ }
+
+ List<String> errors;
+ final UserDatabaseFormValidator validator = new UserDatabaseFormValidator();
+
+ boolean ispvp2 = false;
+ boolean ismandate = false;
+ if (dbuser.isIsPVP2Generated() != null) {
+ ispvp2 = dbuser.isIsPVP2Generated();
+ }
+
+ if (dbuser.isIsMandateUser() != null) {
+ ismandate = dbuser.isIsMandateUser();
+ }
+
+ errors = validator.validate(user, userID, ispvp2, ismandate, request);
+
+ if (errors.size() > 0) {
+ log.info("UserDataForm has some erros.");
+ for (final String el : errors) {
+ addActionError(el);
+ }
+ user.setPassword("");
+
+ if (MiscUtil.isEmpty(user.getUsername())) {
+ newUser = true;
+ }
+
+ user.setIsmandateuser(ismandate);
+ user.setPVPGenerated(ispvp2);
+ if (dbuser.isIsUsernamePasswordAllowed() != null) {
+ user.setIsusernamepasswordallowed(dbuser.isIsUsernamePasswordAllowed());
+ }
+
+ formID = Random.nextRandom();
+ session.setAttribute(Constants.SESSION_FORMID, formID);
+
+ return Constants.STRUTS_ERROR_VALIDATION;
+ }
+
+ if (!authUser.isAdmin()) {
+ if (authUser.getUserID() != userID) {
+ log.warn("User with ID " + authUser.getUserID()
+ + " would access UserDatabase Entry " + user.getUsername());
+ addActionError(LanguageHelper.getErrorString("errors.edit.user.notallowed", request));
+ return Constants.STRUTS_ERROR;
+ }
+
+ }
+
+ if (!user.getMail().equals(dbuser.getMail()) && !authUser.isAdmin()) {
+ dbuser.setIsMailAddressVerified(false);
+ dbuser.setUserRequestTokken(Random.nextRandom());
+
+ try {
+ MailHelper.sendUserMailAddressVerification(dbuser);
+ addActionMessage(LanguageHelper.getGUIString("webpages.edituser.changemailaddress.verify", request));
+
+ } catch (final ConfigurationException e) {
+ log.warn("Sending of mailaddress verification mail failed.", e);
+ addActionError(LanguageHelper.getErrorString("error.mail.send", request));
+ }
+ }
+
+ final Object nextPageAttr = session.getAttribute(Constants.SESSION_RETURNAREA);
+ if (nextPageAttr != null && nextPageAttr instanceof String
+ && MiscUtil.isNotEmpty((String) nextPageAttr)) {
+ nextPage = (String) nextPageAttr;
+
+ if (nextPage.equals(Constants.STRUTS_RETURNAREA_VALUES.adminRequestsInit.name()) &&
+ user.isActive()) {
+ dbuser.setIsAdminRequest(false);
+ try {
+ if (dbuser.isIsMandateUser()) {
+ MailHelper.sendUserAccountActivationMail(dbuser.getGivenname(), dbuser.getFamilyname(),
+ dbuser.getInstitut(), user.getMail());
+ } else {
+ MailHelper.sendUserAccountActivationMail(dbuser.getGivenname(), dbuser.getFamilyname(),
+ null, user.getMail());
+ }
+
+ } catch (final ConfigurationException e) {
+ log.warn("Send UserAccountActivation mail failed", e);
+ }
+ }
+ session.setAttribute(Constants.SESSION_RETURNAREA, null);
+
+ } else {
+ nextPage = Constants.STRUTS_RETURNAREA_VALUES.usermanagementInit.name();
+ }
+
+ final String error = saveFormToDB(dbuser);
+
+ if (error != null) {
+ log.warn("UserData can not be stored in Database");
+ addActionError(error);
+ return Constants.STRUTS_SUCCESS;
+ }
+
+ return Constants.STRUTS_SUCCESS;
+ }
+
+ public String deleteuser() {
+ try {
+ populateBasicInformations();
+
+ } catch (final BasicActionException e) {
+ return Constants.STRUTS_ERROR;
+
+ }
+
+ final Object formidobj = session.getAttribute(Constants.SESSION_FORMID);
+ if (formidobj != null && formidobj instanceof String) {
+ final String formid = (String) formidobj;
+ if (!formid.equals(formID)) {
+ log.warn("FormIDs does not match. Some suspect Form is received from user "
+ + authUser.getFamilyName() + authUser.getGivenName() + authUser.getUserID());
+ return Constants.STRUTS_ERROR;
+ }
+ } else {
+ log.warn("FormIDs does not match. Some suspect Form is received from user "
+ + authUser.getFamilyName() + authUser.getGivenName() + authUser.getUserID());
+ return Constants.STRUTS_ERROR;
+ }
+ session.setAttribute(Constants.SESSION_FORMID, null);
+
+ final String useridobj = user.getUserID();
+ long userID = -1;
+ if (MiscUtil.isEmpty(useridobj)) {
+ userID = -1;
+
+ } else {
+ if (!ValidationHelper.validateOAID(useridobj)) {
+ log.warn("User with ID " + authUser.getUserID()
+ + " would access UserDatabase ID " + useridobj);
+ addActionError(LanguageHelper.getErrorString("errors.edit.user.notallowed", request));
+ return Constants.STRUTS_ERROR;
+ }
+ userID = Long.valueOf(useridobj);
+ }
+
+ if (!authUser.isAdmin()) {
+ if (authUser.getUserID() != userID) {
+ log.warn("User with ID " + authUser.getUserID()
+ + " would access UserDatabase Entry " + user.getUsername());
+ addActionError(LanguageHelper.getErrorString("errors.edit.user.notallowed", request));
+ return Constants.STRUTS_ERROR;
+ }
+ }
+
+ final Object nextPageAttr = session.getAttribute(Constants.SESSION_RETURNAREA);
+ if (nextPageAttr != null && nextPageAttr instanceof String
+ && MiscUtil.isNotEmpty((String) nextPageAttr)) {
+ nextPage = (String) nextPageAttr;
+ session.setAttribute(Constants.SESSION_RETURNAREA, null);
+
+ } else {
+ nextPage = Constants.STRUTS_RETURNAREA_VALUES.usermanagementInit.name();
+ }
+
+ final UserDatabase dbuser = configuration.getUserManagement().getUserWithID(userID);
+ if (dbuser != null) {
+ dbuser.setOaIDs(null);
+
+ try {
+ configuration.getUserManagement().saveOrUpdate(dbuser);
+ configuration.getUserManagement().delete(dbuser);
+
+ if (authUser.isAdmin()) {
+ MailHelper.sendUserAccountRevocationMail(dbuser);
+ }
+
+ if (dbuser.getHjid().equals(String.valueOf(authUser.getUserID()))) {
+ return Constants.STRUTS_REAUTHENTICATE;
+ }
+
+ } catch (final MOADatabaseException e) {
+ log.warn("UserData can not be deleted from Database", e);
+ addActionError(e.getMessage());
+ return Constants.STRUTS_SUCCESS;
+
+ } catch (final ConfigurationException e) {
+ log.warn("Information mail sending failed.", e);
+ addActionError(e.getMessage());
+ return Constants.STRUTS_SUCCESS;
+ }
+
+ finally {
+ }
+ }
+
+ return Constants.STRUTS_SUCCESS;
+ }
+
+ public String sendVerificationMail() {
+ try {
+ populateBasicInformations();
+
+ } catch (final BasicActionException e) {
+ return Constants.STRUTS_ERROR;
+
+ }
+
+ String message = LanguageHelper.getErrorString("error.mail.send", request);
+
+ if (authUser != null) {
+ final UserDatabase dbuser = configuration.getUserManagement().getUserWithID(authUser.getUserID());
+
+ if (dbuser != null) {
+ dbuser.setIsMailAddressVerified(false);
+ dbuser.setUserRequestTokken(Random.nextRandom());
+
+ try {
+ configuration.getUserManagement().saveOrUpdate(dbuser);
+
+ MailHelper.sendUserMailAddressVerification(dbuser);
+
+ message = LanguageHelper.getErrorString("webpages.edituser.verify.mail.message", request);
+
+ } catch (final ConfigurationException e) {
+ log.warn("Sending of mailaddress verification mail failed.", e);
+ message = LanguageHelper.getErrorString("error.mail.send", request);
+
+ } catch (final MOADatabaseException e) {
+ log.warn("Access UserInformationDatabase failed.", e);
+ }
+ }
+ }
+
+ stream = new ByteArrayInputStream(message.getBytes());
+
+ return SUCCESS;
+ }
+
+ private String saveFormToDB(UserDatabase dbuser) {
+
+ dbuser.setMail(user.getMail());
+ dbuser.setPhone(user.getPhone());
+
+ if (authUser.isAdmin() || dbuser.isIsUsernamePasswordAllowed()) {
+ dbuser.setIsUsernamePasswordAllowed(user.isIsusernamepasswordallowed());
+
+ if (authUser.isAdmin()) {
+ dbuser.setIsActive(user.isActive());
+ dbuser.setIsAdmin(user.isAdmin());
+
+ }
+ }
+
+ if (dbuser.isIsPVP2Generated() == null || !dbuser.isIsPVP2Generated()) {
+ dbuser.setFamilyname(user.getFamilyName());
+ dbuser.setGivenname(user.getGivenName());
+ dbuser.setInstitut(user.getInstitut());
+
+ if (authUser.isAdmin()) {
+ dbuser.setBpk(user.getBpk());
+ if (user.getBpk().startsWith(Constants.IDENIFICATIONTYPE_BASEID
+ + "X" + Constants.IDENIFICATIONTYPE_FN) ||
+ user.getBpk().startsWith(Constants.IDENIFICATIONTYPE_BASEID
+ + "X" + Constants.IDENIFICATIONTYPE_ZVR) ||
+ user.getBpk().startsWith(Constants.IDENIFICATIONTYPE_BASEID
+ + "X" + Constants.IDENIFICATIONTYPE_ERSB)) {
+ dbuser.setIsMandateUser(true);
+ }
+ }
+
+ } else {
+ if (!dbuser.isIsMandateUser()) {
+ dbuser.setInstitut(user.getInstitut());
+ }
+ }
+
+ if (dbuser.isIsUsernamePasswordAllowed()) {
+
+ if (MiscUtil.isNotEmpty(user.getUsername()) && MiscUtil.isEmpty(dbuser.getUsername())) {
+ dbuser.setUsername(user.getUsername());
+ }
+
+ if (MiscUtil.isNotEmpty(user.getPassword())) {
+ final String key = AuthenticationHelper.generateKeyFormPassword(user.getPassword());
+ if (key == null) {
+ return LanguageHelper.getErrorString("errors.edit.user.save", request);
+ }
+ dbuser.setPassword(key);
+ }
+ }
+
+ try {
+ configuration.getUserManagement().saveOrUpdate(dbuser);
+ } catch (final MOADatabaseException e) {
+ log.warn("User information can not be stored in Database.", e);
+ return LanguageHelper.getErrorString("errors.edit.user.save", request);
+ }
+
+ return null;
+ }
+
+ /**
+ * @return the userlist
+ */
+ public List<AuthenticatedUser> getUserlist() {
+ return userlist;
+ }
+
+ /**
+ * @param userlist the userlist to set
+ */
+ public void setUserlist(List<AuthenticatedUser> userlist) {
+ this.userlist = userlist;
+ }
+
+ /**
+ * @return the user
+ */
+ public UserDatabaseFrom getUser() {
+ return user;
+ }
+
+ /**
+ * @param user the user to set
+ */
+ public void setUser(UserDatabaseFrom user) {
+ this.user = user;
+ }
+
+ /**
+ * @return the useridobj
+ */
+ public String getUseridobj() {
+ return useridobj;
+ }
+
+ /**
+ * @param useridobj the useridobj to set
+ */
+ public void setUseridobj(String useridobj) {
+ this.useridobj = useridobj;
+ }
+
+ /**
+ * @return the newUser
+ */
+ public boolean isNewUser() {
+ return newUser;
+ }
+
+ /**
+ * @return the nextPage
+ */
+ public String getNextPage() {
+ return nextPage;
+ }
+
+ /**
+ * @return the stream
+ */
+ public InputStream getStream() {
+ return stream;
+ }
+
+ /**
+ * @return the formID
+ */
+ @Override
+ public String getFormID() {
+ return formID;
+ }
+
+ /**
+ * @param formID the formID to set
+ */
+ @Override
+ public void setFormID(String formID) {
+ this.formID = formID;
+ }
+
}
diff --git a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/struts/action/VIDPAction.java b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/struts/action/VIDPAction.java
index c00eb46a5..5f03d89c1 100644
--- a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/struts/action/VIDPAction.java
+++ b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/struts/action/VIDPAction.java
@@ -39,37 +39,36 @@ import at.gv.egovernment.moa.id.configuration.data.oa.OATargetConfiguration;
*/
public class VIDPAction extends InterfederationIDPAction {
- private static final long serialVersionUID = 1981465294474566533L;
+ private static final long serialVersionUID = 1981465294474566533L;
+
+ public VIDPAction() {
+ super();
+ formList.putAll(buildVIDPFormList());
+ }
+
+ /**
+ * @return
+ *
+ */
+ public static LinkedHashMap<String, IOnlineApplicationData> buildVIDPFormList() {
+ final LinkedHashMap<String, IOnlineApplicationData> forms =
+ new LinkedHashMap<>();
+
+ final OATargetConfiguration oaTarget = new OATargetConfiguration();
+ forms.put(oaTarget.getName(), oaTarget);
+
+ final OAAuthenticationData authOA = new OAAuthenticationData();
+ forms.put(authOA.getName(), authOA);
+
+ final OASTORKConfig storkOA = new OASTORKConfig();
+ forms.put(storkOA.getName(), storkOA);
+
+ final Map<String, String> map = new HashMap<>();
+ map.putAll(FormBuildUtils.getDefaultMap());
+ final FormularCustomization formOA = new FormularCustomization(map);
+ forms.put(formOA.getName(), formOA);
+
+ return forms;
+ }
-
- public VIDPAction() {
- super();
- formList.putAll(buildVIDPFormList());
- }
-
- /**
- * @return
- *
- */
- public static LinkedHashMap<String, IOnlineApplicationData> buildVIDPFormList() {
- LinkedHashMap<String, IOnlineApplicationData> forms =
- new LinkedHashMap<String, IOnlineApplicationData>();
-
- OATargetConfiguration oaTarget = new OATargetConfiguration();
- forms.put(oaTarget.getName(), oaTarget);
-
- OAAuthenticationData authOA = new OAAuthenticationData();
- forms.put(authOA.getName(), authOA);
-
- OASTORKConfig storkOA = new OASTORKConfig();
- forms.put(storkOA.getName(), storkOA);
-
- Map<String, String> map = new HashMap<String, String>();
- map.putAll(FormBuildUtils.getDefaultMap());
- FormularCustomization formOA = new FormularCustomization(map);
- forms.put(formOA.getName(), formOA);
-
- return forms;
- }
-
}
diff --git a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/utils/ConfigurationEncryptionUtils.java b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/utils/ConfigurationEncryptionUtils.java
index 08cd7c59d..e26e67196 100644
--- a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/utils/ConfigurationEncryptionUtils.java
+++ b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/utils/ConfigurationEncryptionUtils.java
@@ -33,47 +33,51 @@ import at.gv.egovernment.moa.logging.Logger;
*/
public class ConfigurationEncryptionUtils extends AbstractEncrytionUtil {
- private static ConfigurationEncryptionUtils instance = null;
- private static String key = null;
-
- public static ConfigurationEncryptionUtils getInstance() {
- if (instance == null) {
- try {
- key = ConfigurationProvider.getInstance().getConfigurationEncryptionKey();
- instance = new ConfigurationEncryptionUtils();
-
- } catch (Exception e) {
- Logger.warn("MOAConfiguration encryption initialization FAILED.", e);
-
- }
- }
- return instance;
- }
-
- /**
- * @throws DatabaseEncryptionException
- */
- public ConfigurationEncryptionUtils() throws DatabaseEncryptionException {
- super();
-
- }
+ private static ConfigurationEncryptionUtils instance = null;
+ private static String key = null;
- /* (non-Javadoc)
- * @see at.gv.egovernment.moa.id.util.AbstractEncrytionUtil#getSalt()
- */
- @Override
- protected String getSalt() {
- return "Configuration-Salt";
-
- }
+ public static ConfigurationEncryptionUtils getInstance() {
+ if (instance == null) {
+ try {
+ key = ConfigurationProvider.getInstance().getConfigurationEncryptionKey();
+ instance = new ConfigurationEncryptionUtils();
- /* (non-Javadoc)
- * @see at.gv.egovernment.moa.id.util.AbstractEncrytionUtil#getKey()
- */
- @Override
- protected String getKey() {
- return key;
-
- }
+ } catch (final Exception e) {
+ Logger.warn("MOAConfiguration encryption initialization FAILED.", e);
+
+ }
+ }
+ return instance;
+ }
+
+ /**
+ * @throws DatabaseEncryptionException
+ */
+ public ConfigurationEncryptionUtils() throws DatabaseEncryptionException {
+ super();
+
+ }
+
+ /*
+ * (non-Javadoc)
+ *
+ * @see at.gv.egovernment.moa.id.util.AbstractEncrytionUtil#getSalt()
+ */
+ @Override
+ protected String getSalt() {
+ return "Configuration-Salt";
+
+ }
+
+ /*
+ * (non-Javadoc)
+ *
+ * @see at.gv.egovernment.moa.id.util.AbstractEncrytionUtil#getKey()
+ */
+ @Override
+ protected String getKey() {
+ return key;
+
+ }
}
diff --git a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/utils/SAML2Utils.java b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/utils/SAML2Utils.java
index eca4c05ef..c4a9894ca 100644
--- a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/utils/SAML2Utils.java
+++ b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/utils/SAML2Utils.java
@@ -32,7 +32,6 @@ import javax.xml.parsers.DocumentBuilderFactory;
import javax.xml.parsers.ParserConfigurationException;
import javax.xml.transform.TransformerException;
-import org.opensaml.Configuration;
import org.opensaml.xml.XMLObject;
import org.opensaml.xml.XMLObjectBuilder;
import org.opensaml.xml.XMLObjectBuilderFactory;
@@ -41,59 +40,59 @@ import org.opensaml.xml.io.MarshallingException;
public class SAML2Utils {
- static {
- DocumentBuilderFactory factory = DocumentBuilderFactory.newInstance();
- factory.setNamespaceAware(true);
- factory.setValidating(false);
- try {
- builder = factory.newDocumentBuilder();
- } catch (ParserConfigurationException e) {
- // TODO Auto-generated catch block
- e.printStackTrace();
- }
- }
+ static {
+ final DocumentBuilderFactory factory = DocumentBuilderFactory.newInstance();
+ factory.setNamespaceAware(true);
+ factory.setValidating(false);
+ try {
+ builder = factory.newDocumentBuilder();
+ } catch (final ParserConfigurationException e) {
+ // TODO Auto-generated catch block
+ e.printStackTrace();
+ }
+ }
- private static DocumentBuilder builder;
+ private static DocumentBuilder builder;
- public static <T> T createSAMLObject(final Class<T> clazz) {
- try {
+ public static <T> T createSAMLObject(final Class<T> clazz) {
+ try {
- XMLObjectBuilderFactory builderFactory = Configuration
- .getBuilderFactory();
+ final XMLObjectBuilderFactory builderFactory = org.opensaml.xml.Configuration
+ .getBuilderFactory();
- QName defaultElementName = (QName) clazz.getDeclaredField(
- "DEFAULT_ELEMENT_NAME").get(null);
- Map<QName, XMLObjectBuilder> builder = builderFactory.getBuilders();
- Iterator<QName> it = builder.keySet().iterator();
+ final QName defaultElementName = (QName) clazz.getDeclaredField(
+ "DEFAULT_ELEMENT_NAME").get(null);
+ final Map<QName, XMLObjectBuilder> builder = builderFactory.getBuilders();
+ final Iterator<QName> it = builder.keySet().iterator();
- while (it.hasNext()) {
- QName qname = it.next();
- if (qname.equals(defaultElementName)) {
- System.out.printf("Builder for: %s\n", qname.toString());
- }
- }
- XMLObjectBuilder xmlBuilder = builderFactory
- .getBuilder(defaultElementName);
-
- T object = (T) xmlBuilder.buildObject(defaultElementName);
- return object;
- } catch (Throwable e) {
- System.out.printf("Failed to create object for: %s\n",
- clazz.toString());
- e.printStackTrace();
- return null;
- }
- }
+ while (it.hasNext()) {
+ final QName qname = it.next();
+ if (qname.equals(defaultElementName)) {
+ System.out.printf("Builder for: %s\n", qname.toString());
+ }
+ }
+ final XMLObjectBuilder xmlBuilder = builderFactory
+ .getBuilder(defaultElementName);
+
+ final T object = (T) xmlBuilder.buildObject(defaultElementName);
+ return object;
+ } catch (final Throwable e) {
+ System.out.printf("Failed to create object for: %s\n",
+ clazz.toString());
+ e.printStackTrace();
+ return null;
+ }
+ }
+
+ public static org.w3c.dom.Document asDOMDocument(XMLObject object) throws IOException,
+ MarshallingException, TransformerException {
+ final org.w3c.dom.Document document = builder.newDocument();
+ final Marshaller out = org.opensaml.xml.Configuration.getMarshallerFactory().getMarshaller(
+ object);
+ out.marshall(object, document);
+ return document;
+ }
- public static org.w3c.dom.Document asDOMDocument(XMLObject object) throws IOException,
- MarshallingException, TransformerException {
- org.w3c.dom.Document document = builder.newDocument();
- Marshaller out = Configuration.getMarshallerFactory().getMarshaller(
- object);
- out.marshall(object, document);
- return document;
- }
-
// public static SignatureTrustEngine getSignatureKnownKeysTrustEngine() throws ConfigurationException {
// MetadataCredentialResolver resolver;
//
@@ -113,7 +112,5 @@ public class SAML2Utils {
// return engine;
//
// }
-
-
}
diff --git a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/utils/UserRequestCleaner.java b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/utils/UserRequestCleaner.java
index 5f55a61d5..a78de7362 100644
--- a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/utils/UserRequestCleaner.java
+++ b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/utils/UserRequestCleaner.java
@@ -26,68 +26,66 @@ import java.util.Calendar;
import java.util.Date;
import java.util.List;
-import org.apache.log4j.Logger;
-
import at.gv.egovernment.moa.id.commons.db.dao.config.UserDatabase;
import at.gv.egovernment.moa.id.config.webgui.exception.ConfigurationException;
import at.gv.egovernment.moa.id.configuration.auth.AuthenticationManager;
import at.gv.egovernment.moa.id.configuration.config.ConfigurationProvider;
import at.gv.egovernment.moa.id.configuration.helper.DateTimeHelper;
+import lombok.extern.slf4j.Slf4j;
-
+@Slf4j
public class UserRequestCleaner implements Runnable {
- private static final Logger log = Logger.getLogger(UserRequestCleaner.class);
-
- private static final long SESSION_CLEANUP_INTERVAL = 5 * 60; // 5 min
-
- public void run() {
- while (true) {
- try {
- ConfigurationProvider config = ConfigurationProvider.getInstance();
-
- //clean up user request storage
- List<UserDatabase> userrequests = config.getUserManagement().getAllOpenUsersRequests();
- if (userrequests != null) {
- Calendar cal = Calendar.getInstance();
- cal.add(Calendar.HOUR, config.getUserRequestCleanUpDelay()*-1);
- Date cleanupdate = cal.getTime();
-
- for(UserDatabase dbuser : userrequests) {
- Date requestdate = DateTimeHelper.parseDateTime(dbuser.getLastLogin());
-
- if (requestdate != null && requestdate.after(cleanupdate)) {
- log.info("Remove UserRequest from Database");
- config.getUserManagement().delete(dbuser);
- }
-
- }
- }
-
- //clean up active user storage
- AuthenticationManager.getInstance().removeAllUsersAfterTimeOut();
-
- Thread.sleep(SESSION_CLEANUP_INTERVAL * 1000);
-
- } catch (ConfigurationException e) {
- log.info("UserRequestCleaner can not load configuration", e);
-
- } catch (InterruptedException e) {
-
- }
- }
- }
-
- /**
- * start the sessionCleaner
- */
- public static void start() {
- // start the session cleanup thread
- Thread sessionCleaner = new Thread(new UserRequestCleaner());
- sessionCleaner.setName("UserRequestCleaner");
- sessionCleaner.setDaemon(true);
- sessionCleaner.setPriority(Thread.MIN_PRIORITY);
- sessionCleaner.start();
- }
-
+ private static final long SESSION_CLEANUP_INTERVAL = 5 * 60; // 5 min
+
+ @Override
+ public void run() {
+ while (true) {
+ try {
+ final ConfigurationProvider config = ConfigurationProvider.getInstance();
+
+ // clean up user request storage
+ final List<UserDatabase> userrequests = config.getUserManagement().getAllOpenUsersRequests();
+ if (userrequests != null) {
+ final Calendar cal = Calendar.getInstance();
+ cal.add(Calendar.HOUR, config.getUserRequestCleanUpDelay() * -1);
+ final Date cleanupdate = cal.getTime();
+
+ for (final UserDatabase dbuser : userrequests) {
+ final Date requestdate = DateTimeHelper.parseDateTime(dbuser.getLastLogin());
+
+ if (requestdate != null && requestdate.after(cleanupdate)) {
+ log.info("Remove UserRequest from Database");
+ config.getUserManagement().delete(dbuser);
+ }
+
+ }
+ }
+
+ // clean up active user storage
+ AuthenticationManager.getInstance().removeAllUsersAfterTimeOut();
+
+ Thread.sleep(SESSION_CLEANUP_INTERVAL * 1000);
+
+ } catch (final ConfigurationException e) {
+ log.info("UserRequestCleaner can not load configuration", e);
+
+ } catch (final InterruptedException e) {
+
+ }
+ }
+ }
+
+ /**
+ * start the sessionCleaner
+ */
+ public static void start() {
+ // start the session cleanup thread
+ final Thread sessionCleaner = new Thread(new UserRequestCleaner());
+ sessionCleaner.setName("UserRequestCleaner");
+ sessionCleaner.setDaemon(true);
+ sessionCleaner.setPriority(Thread.MIN_PRIORITY);
+ sessionCleaner.start();
+ }
+
}
diff --git a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/validation/CompanyNumberValidator.java b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/validation/CompanyNumberValidator.java
index b96b1e4b0..cbba90a6b 100644
--- a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/validation/CompanyNumberValidator.java
+++ b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/validation/CompanyNumberValidator.java
@@ -28,51 +28,53 @@ import at.gv.egovernment.moa.id.configuration.Constants;
public class CompanyNumberValidator implements IdentificationNumberValidator {
- public boolean validate(String commercialRegisterNumber) {
-
- String normalizedNumber = commercialRegisterNumber.replaceAll(" ", "");
- if(normalizedNumber.startsWith(Constants.IDENIFICATIONTYPE_FN))
- normalizedNumber = normalizedNumber.substring(2);
-
- return checkCommercialRegisterNumber(normalizedNumber);
- }
+ @Override
+ public boolean validate(String commercialRegisterNumber) {
- private boolean checkCommercialRegisterNumber(String commercialRegisterNumber) {
- if (commercialRegisterNumber == null) {
- return false;
- }
- commercialRegisterNumber = StringUtils.leftPad(commercialRegisterNumber, 7,
- '0');
- if (!commercialRegisterNumber.matches("\\d{6}[abdfghikmpstvwxzy]")) {
- return false;
- }
- String digits = commercialRegisterNumber.substring(0,
- commercialRegisterNumber.length() - 1);
- char checkDigit = commercialRegisterNumber.charAt(commercialRegisterNumber
- .length() - 1);
- boolean result = calcCheckDigitFromCommercialRegisterNumber(digits) == checkDigit;
- return result;
- }
+ String normalizedNumber = commercialRegisterNumber.replaceAll(" ", "");
+ if (normalizedNumber.startsWith(Constants.IDENIFICATIONTYPE_FN)) {
+ normalizedNumber = normalizedNumber.substring(2);
+ }
- public static char calcCheckDigitFromCommercialRegisterNumber(
- String commercialRegisterDigits) {
- final int[] WEIGHT = { 6, 4, 14, 15, 10, 1 };
- final char[] CHECKDIGIT = { 'a', 'b', 'd', 'f', 'g', 'h', 'i', 'k', 'm',
- 'p', 's', 't', 'v', 'w', 'x', 'y', 'z' };
- if (commercialRegisterDigits == null) {
- throw new NullPointerException("Commercial register number missing.");
- }
- commercialRegisterDigits = StringUtils.leftPad(commercialRegisterDigits, 6,
- '0');
- if (!commercialRegisterDigits.matches("\\d{6}")) {
- throw new IllegalArgumentException(
- "Invalid commercial register number provided.");
- }
- int sum = 0;
- for (int i = 0; i < commercialRegisterDigits.length(); i++) {
- int value = commercialRegisterDigits.charAt(i) - '0';
- sum += WEIGHT[i] * value;
- }
- return CHECKDIGIT[sum % 17];
- }
+ return checkCommercialRegisterNumber(normalizedNumber);
+ }
+
+ private boolean checkCommercialRegisterNumber(String commercialRegisterNumber) {
+ if (commercialRegisterNumber == null) {
+ return false;
+ }
+ commercialRegisterNumber = StringUtils.leftPad(commercialRegisterNumber, 7,
+ '0');
+ if (!commercialRegisterNumber.matches("\\d{6}[abdfghikmpstvwxzy]")) {
+ return false;
+ }
+ final String digits = commercialRegisterNumber.substring(0,
+ commercialRegisterNumber.length() - 1);
+ final char checkDigit = commercialRegisterNumber.charAt(commercialRegisterNumber
+ .length() - 1);
+ final boolean result = calcCheckDigitFromCommercialRegisterNumber(digits) == checkDigit;
+ return result;
+ }
+
+ public static char calcCheckDigitFromCommercialRegisterNumber(
+ String commercialRegisterDigits) {
+ final int[] WEIGHT = { 6, 4, 14, 15, 10, 1 };
+ final char[] CHECKDIGIT = { 'a', 'b', 'd', 'f', 'g', 'h', 'i', 'k', 'm',
+ 'p', 's', 't', 'v', 'w', 'x', 'y', 'z' };
+ if (commercialRegisterDigits == null) {
+ throw new NullPointerException("Commercial register number missing.");
+ }
+ commercialRegisterDigits = StringUtils.leftPad(commercialRegisterDigits, 6,
+ '0');
+ if (!commercialRegisterDigits.matches("\\d{6}")) {
+ throw new IllegalArgumentException(
+ "Invalid commercial register number provided.");
+ }
+ int sum = 0;
+ for (int i = 0; i < commercialRegisterDigits.length(); i++) {
+ final int value = commercialRegisterDigits.charAt(i) - '0';
+ sum += WEIGHT[i] * value;
+ }
+ return CHECKDIGIT[sum % 17];
+ }
}
diff --git a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/validation/FormularCustomizationValitator.java b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/validation/FormularCustomizationValitator.java
index 4ef4bc762..318492e66 100644
--- a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/validation/FormularCustomizationValitator.java
+++ b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/validation/FormularCustomizationValitator.java
@@ -27,149 +27,155 @@ import java.util.List;
import javax.servlet.http.HttpServletRequest;
-import org.apache.log4j.Logger;
-
import at.gv.egovernment.moa.id.commons.validation.ValidationHelper;
import at.gv.egovernment.moa.id.configuration.data.FormularCustomization;
import at.gv.egovernment.moa.id.configuration.helper.LanguageHelper;
import at.gv.egovernment.moa.util.MiscUtil;
+import lombok.extern.slf4j.Slf4j;
+@Slf4j
public class FormularCustomizationValitator {
-
- private static final Logger log = Logger.getLogger(FormularCustomizationValitator.class);
-
- public List<String> validate(FormularCustomization form, HttpServletRequest request) {
-
- List<String> errors = new ArrayList<String>();
- String check;
-
- if (form.isOnlyMandateAllowed() && !form.isShowMandateLoginButton()) {
- log.warn("OnlyMandateAllowed in combination with hidden MandateLoginCheckbox is not possible.");
- errors.add(LanguageHelper.getErrorString("validation.general.bkuselection.specialfeatures.combination", request));
- }
-
- check = form.getBackGroundColor();
- if (MiscUtil.isNotEmpty(check)) {
- if (!check.startsWith("#"))
- check = "#" + check;
-
- if (!ValidationHelper.isValidHexValue(check)) {
- log.warn("BKUSelectionBackGroundColor is not a valid hex value " + check);
- errors.add(LanguageHelper.getErrorString("validation.general.form.color.background", request));
- }
- }
-
- check = form.getFrontColor();
- if (MiscUtil.isNotEmpty(check)) {
- if (!check.startsWith("#"))
- check = "#" + check;
-
- if (!ValidationHelper.isValidHexValue(check)) {
- log.warn("BKUSelectionFrontColor is not a valid hex value " + check);
- errors.add(LanguageHelper.getErrorString("validation.general.form.color.front", request));
- }
- }
-
- check = form.getHeader_BackGroundColor();
- if (MiscUtil.isNotEmpty(check)) {
- if (!check.startsWith("#"))
- check = "#" + check;
-
- if (!ValidationHelper.isValidHexValue(check)) {
- log.warn("HeaderBackGroundColor is not a valid hex value " + check);
- errors.add(LanguageHelper.getErrorString("validation.general.form.header.color.back", request));
- }
- }
-
- check = form.getHeader_FrontColor();
- if (MiscUtil.isNotEmpty(check)) {
- if (!check.startsWith("#"))
- check = "#" + check;
-
- if (!ValidationHelper.isValidHexValue(check)) {
- log.warn("HeaderFrontColor is not a valid hex value " + check);
- errors.add(LanguageHelper.getErrorString("validation.general.form.header.color.front", request));
- }
- }
-
- check = form.getHeader_text();
- if (MiscUtil.isNotEmpty(check)) {
- if (ValidationHelper.containsNotValidCharacter(check, false)) {
- log.warn("HeaderText contains potentail XSS characters: " + check);
- errors.add(LanguageHelper.getErrorString("validation.general.form.header.text",
- new Object[] {ValidationHelper.getNotValidCharacter(false)}, request ));
- }
- }
-
- check = form.getButton_BackGroundColor();
- if (MiscUtil.isNotEmpty(check)) {
- if (!check.startsWith("#"))
- check = "#" + check;
-
- if (!ValidationHelper.isValidHexValue(check)) {
- log.warn("ButtonBackGroundColor is not a valid hex value " + check);
- errors.add(LanguageHelper.getErrorString("validation.general.form.button.color.back", request));
- }
- }
-
- check = form.getButton_BackGroundColorFocus();
- if (MiscUtil.isNotEmpty(check)) {
- if (!check.startsWith("#"))
- check = "#" + check;
-
- if (!ValidationHelper.isValidHexValue(check)) {
- log.warn("ButtonBackGroundColorFocus is not a valid hex value " + check);
- errors.add(LanguageHelper.getErrorString("validation.general.form.button.color.back.focus", request));
- }
- }
-
- check = form.getButton_FrontColor();
- if (MiscUtil.isNotEmpty(check)) {
- if (!check.startsWith("#"))
- check = "#" + check;
-
- if (!ValidationHelper.isValidHexValue(check)) {
- log.warn("ButtonFrontColor is not a valid hex value " + check);
- errors.add(LanguageHelper.getErrorString("validation.general.form.button.color.front", request));
- }
- }
-
- check = form.getAppletRedirectTarget();
- if (MiscUtil.isNotEmpty(check)) {
- if (!FormularCustomization.appletRedirectTargetList.contains(check)) {
- log.warn("AppletRedirectTarget has not valid value " + check);
- errors.add(LanguageHelper.getErrorString("validation.general.form.appletredirecttarget", request));
- }
- }
-
- check = form.getFontType();
- if (MiscUtil.isNotEmpty(check)) {
- if (ValidationHelper.containsNotValidCharacter(check, true)) {
- log.warn("FontType contains potentail XSS characters: " + check);
- errors.add(LanguageHelper.getErrorString("validation.general.form.fonttype",
- new Object[] {ValidationHelper.getNotValidCharacter(true)}, request ));
- }
- }
-
- check = form.getApplet_height();
- if (MiscUtil.isNotEmpty(check)) {
- if (!ValidationHelper.validateNumber(check)) {
- log.warn("Applet height "+ check + " is no valid number");
- errors.add(LanguageHelper.getErrorString("validation.general.form.applet.height",
- new Object[] {ValidationHelper.getNotValidCharacter(true)}, request ));
- }
- }
-
- check = form.getApplet_width();
- if (MiscUtil.isNotEmpty(check)) {
- if (!ValidationHelper.validateNumber(check)) {
- log.warn("Applet width "+ check + " is no valid number");
- errors.add(LanguageHelper.getErrorString("validation.general.form.applet.width",
- new Object[] {ValidationHelper.getNotValidCharacter(true)}, request ));
- }
- }
-
- return errors;
-
- }
+
+ public List<String> validate(FormularCustomization form, HttpServletRequest request) {
+
+ final List<String> errors = new ArrayList<>();
+ String check;
+
+ if (form.isOnlyMandateAllowed() && !form.isShowMandateLoginButton()) {
+ log.warn("OnlyMandateAllowed in combination with hidden MandateLoginCheckbox is not possible.");
+ errors.add(LanguageHelper.getErrorString("validation.general.bkuselection.specialfeatures.combination",
+ request));
+ }
+
+ check = form.getBackGroundColor();
+ if (MiscUtil.isNotEmpty(check)) {
+ if (!check.startsWith("#")) {
+ check = "#" + check;
+ }
+
+ if (!ValidationHelper.isValidHexValue(check)) {
+ log.warn("BKUSelectionBackGroundColor is not a valid hex value " + check);
+ errors.add(LanguageHelper.getErrorString("validation.general.form.color.background", request));
+ }
+ }
+
+ check = form.getFrontColor();
+ if (MiscUtil.isNotEmpty(check)) {
+ if (!check.startsWith("#")) {
+ check = "#" + check;
+ }
+
+ if (!ValidationHelper.isValidHexValue(check)) {
+ log.warn("BKUSelectionFrontColor is not a valid hex value " + check);
+ errors.add(LanguageHelper.getErrorString("validation.general.form.color.front", request));
+ }
+ }
+
+ check = form.getHeader_BackGroundColor();
+ if (MiscUtil.isNotEmpty(check)) {
+ if (!check.startsWith("#")) {
+ check = "#" + check;
+ }
+
+ if (!ValidationHelper.isValidHexValue(check)) {
+ log.warn("HeaderBackGroundColor is not a valid hex value " + check);
+ errors.add(LanguageHelper.getErrorString("validation.general.form.header.color.back", request));
+ }
+ }
+
+ check = form.getHeader_FrontColor();
+ if (MiscUtil.isNotEmpty(check)) {
+ if (!check.startsWith("#")) {
+ check = "#" + check;
+ }
+
+ if (!ValidationHelper.isValidHexValue(check)) {
+ log.warn("HeaderFrontColor is not a valid hex value " + check);
+ errors.add(LanguageHelper.getErrorString("validation.general.form.header.color.front", request));
+ }
+ }
+
+ check = form.getHeader_text();
+ if (MiscUtil.isNotEmpty(check)) {
+ if (ValidationHelper.containsNotValidCharacter(check, false)) {
+ log.warn("HeaderText contains potentail XSS characters: " + check);
+ errors.add(LanguageHelper.getErrorString("validation.general.form.header.text",
+ new Object[] { ValidationHelper.getNotValidCharacter(false) }, request));
+ }
+ }
+
+ check = form.getButton_BackGroundColor();
+ if (MiscUtil.isNotEmpty(check)) {
+ if (!check.startsWith("#")) {
+ check = "#" + check;
+ }
+
+ if (!ValidationHelper.isValidHexValue(check)) {
+ log.warn("ButtonBackGroundColor is not a valid hex value " + check);
+ errors.add(LanguageHelper.getErrorString("validation.general.form.button.color.back", request));
+ }
+ }
+
+ check = form.getButton_BackGroundColorFocus();
+ if (MiscUtil.isNotEmpty(check)) {
+ if (!check.startsWith("#")) {
+ check = "#" + check;
+ }
+
+ if (!ValidationHelper.isValidHexValue(check)) {
+ log.warn("ButtonBackGroundColorFocus is not a valid hex value " + check);
+ errors.add(LanguageHelper.getErrorString("validation.general.form.button.color.back.focus", request));
+ }
+ }
+
+ check = form.getButton_FrontColor();
+ if (MiscUtil.isNotEmpty(check)) {
+ if (!check.startsWith("#")) {
+ check = "#" + check;
+ }
+
+ if (!ValidationHelper.isValidHexValue(check)) {
+ log.warn("ButtonFrontColor is not a valid hex value " + check);
+ errors.add(LanguageHelper.getErrorString("validation.general.form.button.color.front", request));
+ }
+ }
+
+ check = form.getAppletRedirectTarget();
+ if (MiscUtil.isNotEmpty(check)) {
+ if (!FormularCustomization.appletRedirectTargetList.contains(check)) {
+ log.warn("AppletRedirectTarget has not valid value " + check);
+ errors.add(LanguageHelper.getErrorString("validation.general.form.appletredirecttarget", request));
+ }
+ }
+
+ check = form.getFontType();
+ if (MiscUtil.isNotEmpty(check)) {
+ if (ValidationHelper.containsNotValidCharacter(check, true)) {
+ log.warn("FontType contains potentail XSS characters: " + check);
+ errors.add(LanguageHelper.getErrorString("validation.general.form.fonttype",
+ new Object[] { ValidationHelper.getNotValidCharacter(true) }, request));
+ }
+ }
+
+ check = form.getApplet_height();
+ if (MiscUtil.isNotEmpty(check)) {
+ if (!ValidationHelper.validateNumber(check)) {
+ log.warn("Applet height " + check + " is no valid number");
+ errors.add(LanguageHelper.getErrorString("validation.general.form.applet.height",
+ new Object[] { ValidationHelper.getNotValidCharacter(true) }, request));
+ }
+ }
+
+ check = form.getApplet_width();
+ if (MiscUtil.isNotEmpty(check)) {
+ if (!ValidationHelper.validateNumber(check)) {
+ log.warn("Applet width " + check + " is no valid number");
+ errors.add(LanguageHelper.getErrorString("validation.general.form.applet.width",
+ new Object[] { ValidationHelper.getNotValidCharacter(true) }, request));
+ }
+ }
+
+ return errors;
+
+ }
}
diff --git a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/validation/IdentificationNumberValidator.java b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/validation/IdentificationNumberValidator.java
index d66c0da3a..84993f464 100644
--- a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/validation/IdentificationNumberValidator.java
+++ b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/validation/IdentificationNumberValidator.java
@@ -24,6 +24,6 @@ package at.gv.egovernment.moa.id.configuration.validation;
public interface IdentificationNumberValidator {
- boolean validate(String idNumber);
-
+ boolean validate(String idNumber);
+
}
diff --git a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/validation/UserDatabaseFormValidator.java b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/validation/UserDatabaseFormValidator.java
index f0594c38d..13708c257 100644
--- a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/validation/UserDatabaseFormValidator.java
+++ b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/validation/UserDatabaseFormValidator.java
@@ -27,8 +27,6 @@ import java.util.List;
import javax.servlet.http.HttpServletRequest;
-import org.apache.log4j.Logger;
-
import at.gv.egovernment.moa.id.commons.db.dao.config.UserDatabase;
import at.gv.egovernment.moa.id.commons.validation.ValidationHelper;
import at.gv.egovernment.moa.id.config.webgui.exception.ConfigurationException;
@@ -38,163 +36,161 @@ import at.gv.egovernment.moa.id.configuration.data.UserDatabaseFrom;
import at.gv.egovernment.moa.id.configuration.helper.AuthenticationHelper;
import at.gv.egovernment.moa.id.configuration.helper.LanguageHelper;
import at.gv.egovernment.moa.util.MiscUtil;
+import lombok.extern.slf4j.Slf4j;
+@Slf4j
public class UserDatabaseFormValidator {
- private static final Logger log = Logger.getLogger(UserDatabaseFormValidator.class);
-
- public List<String> validate(UserDatabaseFrom form, long userID, boolean isPVP2Generated,
- boolean isMandateUser, HttpServletRequest request) {
- List<String> errors = new ArrayList<String>();
-
- String check = null;
- FileBasedUserConfiguration newConfigRead = null;
- try {
- newConfigRead = ConfigurationProvider.getInstance().getUserManagement();
-
- } catch (ConfigurationException e) {
- log.error("MOA-ID-Configuration initialization FAILED.", e);
- errors.add("Internal Server Error");
- return errors;
-
- }
-
- if (!isPVP2Generated) {
- check = form.getGivenName();
- if (MiscUtil.isNotEmpty(check)) {
- if (ValidationHelper.containsNotValidCharacter(check, false)) {
- log.warn("GivenName contains potentail XSS characters: " + check);
- errors.add(LanguageHelper.getErrorString("validation.edituser.givenname.valid",
- new Object[] {ValidationHelper.getNotValidCharacter(false)}, request ));
- }
- } else {
- log.warn("GivenName is empty");
- errors.add(LanguageHelper.getErrorString("validation.edituser.givenname.empty", request));
- }
-
-
- check = form.getFamilyName();
- if (MiscUtil.isNotEmpty(check)) {
- if (ValidationHelper.containsNotValidCharacter(check, false)) {
- log.warn("FamilyName contains potentail XSS characters: " + check);
- errors.add(LanguageHelper.getErrorString("validation.edituser.familyname.valid",
- new Object[] {ValidationHelper.getNotValidCharacter(false)}, request ));
- }
- } else {
- log.warn("FamilyName is empty");
- errors.add(LanguageHelper.getErrorString("validation.edituser.familyname.empty", request));
- }
- }
-
- if (!isMandateUser) {
- check = form.getInstitut();
- if (MiscUtil.isNotEmpty(check)) {
- if (ValidationHelper.containsNotValidCharacter(check, false)) {
- log.warn("Organisation contains potentail XSS characters: " + check);
- errors.add(LanguageHelper.getErrorString("validation.edituser.institut.valid",
- new Object[] {ValidationHelper.getNotValidCharacter(false)}, request ));
- }
- } else {
- log.warn("Organisation is empty");
- errors.add(LanguageHelper.getErrorString("validation.edituser.institut.empty", request));
- }
- }
-
- check = form.getMail();
- if (MiscUtil.isNotEmpty(check)) {
- if (!ValidationHelper.isEmailAddressFormat(check)) {
- log.warn("Mailaddress is not valid: " + check);
- errors.add(LanguageHelper.getErrorString("validation.edituser.mail.valid",
- new Object[] {ValidationHelper.getNotValidCharacter(false)}, request ));
- }
- } else {
- log.warn("Mailaddress is empty");
- errors.add(LanguageHelper.getErrorString("validation.edituser.mail.empty", request));
- }
-
- check = form.getPhone();
- if (MiscUtil.isNotEmpty(check)) {
- if (ValidationHelper.containsNotValidCharacter(check, false)) {
- log.warn("Phonenumber contains potentail XSS characters: " + check);
- errors.add(LanguageHelper.getErrorString("validation.edituser.phone.valid",
- new Object[] {ValidationHelper.getNotValidCharacter(false)}, request ));
- }
- } else {
- log.warn("Phonenumber is empty");
- errors.add(LanguageHelper.getErrorString("validation.edituser.phone.empty", request));
- }
-
- if (form.isIsusernamepasswordallowed()) {
- check = form.getUsername();
- if (MiscUtil.isNotEmpty(check)) {
- if (ValidationHelper.containsNotValidCharacter(check, false)) {
- log.warn("Username contains potentail XSS characters: " + check);
- errors.add(LanguageHelper.getErrorString("validation.edituser.username.valid",
- new Object[] {ValidationHelper.getNotValidCharacter(false)}, request ));
-
- } else {
- UserDatabase dbuser = newConfigRead.getUserWithUserName(check);
- if (dbuser != null && !dbuser.getHjid().equals(String.valueOf(userID ))) {
- log.warn("Username " + check + " exists in UserDatabase");
- errors.add(LanguageHelper.getErrorString("validation.edituser.username.duplicate", request));
- form.setUsername("");
- }
- }
- } else {
- if (userID == -1) {
- log.warn("Username is empty");
- errors.add(LanguageHelper.getErrorString("validation.edituser.username.empty", request));
- } else {
- UserDatabase dbuser = newConfigRead.getUserWithID(userID);
- if (dbuser == null) {
- log.warn("Username is empty");
- errors.add(LanguageHelper.getErrorString("validation.edituser.username.empty", request));
- } else {
- form.setUsername(dbuser.getUsername());
- }
- }
- }
-
- check = form.getPassword();
-
- if (MiscUtil.isEmpty(check)) {
- if (userID == -1) {
- log.warn("Password is empty");
- errors.add(LanguageHelper.getErrorString("validation.edituser.password.empty", request));
- } else {
- UserDatabase dbuser = newConfigRead.getUserWithID(userID);
- if (dbuser == null || MiscUtil.isEmpty(dbuser.getPassword())) {
- log.warn("Password is empty");
- errors.add(LanguageHelper.getErrorString("validation.edituser.password.empty", request));
- }
- }
-
- } else {
-
- if (check.equals(form.getPassword_second())) {
-
- String key = AuthenticationHelper.generateKeyFormPassword(check);
- if (key == null) {
- errors.add(LanguageHelper.getErrorString("validation.edituser.password.valid", request));
- }
-
- }
- else {
- errors.add(LanguageHelper.getErrorString("validation.edituser.password.equal", request));
- }
- }
- }
-
- check = form.getBpk();
- if (MiscUtil.isNotEmpty(check)) {
- if (ValidationHelper.isNotValidIdentityLinkSigner(check)) {
- log.warn("BPK contains potentail XSS characters: " + check);
- errors.add(LanguageHelper.getErrorString("validation.edituser.bpk.valid",
- new Object[] {ValidationHelper.getNotValidIdentityLinkSignerCharacters()}, request ));
- }
- }
-
- return errors;
-
- }
+ public List<String> validate(UserDatabaseFrom form, long userID, boolean isPVP2Generated,
+ boolean isMandateUser, HttpServletRequest request) {
+ final List<String> errors = new ArrayList<>();
+
+ String check = null;
+ FileBasedUserConfiguration newConfigRead = null;
+ try {
+ newConfigRead = ConfigurationProvider.getInstance().getUserManagement();
+
+ } catch (final ConfigurationException e) {
+ log.error("MOA-ID-Configuration initialization FAILED.", e);
+ errors.add("Internal Server Error");
+ return errors;
+
+ }
+
+ if (!isPVP2Generated) {
+ check = form.getGivenName();
+ if (MiscUtil.isNotEmpty(check)) {
+ if (ValidationHelper.containsNotValidCharacter(check, false)) {
+ log.warn("GivenName contains potentail XSS characters: " + check);
+ errors.add(LanguageHelper.getErrorString("validation.edituser.givenname.valid",
+ new Object[] { ValidationHelper.getNotValidCharacter(false) }, request));
+ }
+ } else {
+ log.warn("GivenName is empty");
+ errors.add(LanguageHelper.getErrorString("validation.edituser.givenname.empty", request));
+ }
+
+ check = form.getFamilyName();
+ if (MiscUtil.isNotEmpty(check)) {
+ if (ValidationHelper.containsNotValidCharacter(check, false)) {
+ log.warn("FamilyName contains potentail XSS characters: " + check);
+ errors.add(LanguageHelper.getErrorString("validation.edituser.familyname.valid",
+ new Object[] { ValidationHelper.getNotValidCharacter(false) }, request));
+ }
+ } else {
+ log.warn("FamilyName is empty");
+ errors.add(LanguageHelper.getErrorString("validation.edituser.familyname.empty", request));
+ }
+ }
+
+ if (!isMandateUser) {
+ check = form.getInstitut();
+ if (MiscUtil.isNotEmpty(check)) {
+ if (ValidationHelper.containsNotValidCharacter(check, false)) {
+ log.warn("Organisation contains potentail XSS characters: " + check);
+ errors.add(LanguageHelper.getErrorString("validation.edituser.institut.valid",
+ new Object[] { ValidationHelper.getNotValidCharacter(false) }, request));
+ }
+ } else {
+ log.warn("Organisation is empty");
+ errors.add(LanguageHelper.getErrorString("validation.edituser.institut.empty", request));
+ }
+ }
+
+ check = form.getMail();
+ if (MiscUtil.isNotEmpty(check)) {
+ if (!ValidationHelper.isEmailAddressFormat(check)) {
+ log.warn("Mailaddress is not valid: " + check);
+ errors.add(LanguageHelper.getErrorString("validation.edituser.mail.valid",
+ new Object[] { ValidationHelper.getNotValidCharacter(false) }, request));
+ }
+ } else {
+ log.warn("Mailaddress is empty");
+ errors.add(LanguageHelper.getErrorString("validation.edituser.mail.empty", request));
+ }
+
+ check = form.getPhone();
+ if (MiscUtil.isNotEmpty(check)) {
+ if (ValidationHelper.containsNotValidCharacter(check, false)) {
+ log.warn("Phonenumber contains potentail XSS characters: " + check);
+ errors.add(LanguageHelper.getErrorString("validation.edituser.phone.valid",
+ new Object[] { ValidationHelper.getNotValidCharacter(false) }, request));
+ }
+ } else {
+ log.warn("Phonenumber is empty");
+ errors.add(LanguageHelper.getErrorString("validation.edituser.phone.empty", request));
+ }
+
+ if (form.isIsusernamepasswordallowed()) {
+ check = form.getUsername();
+ if (MiscUtil.isNotEmpty(check)) {
+ if (ValidationHelper.containsNotValidCharacter(check, false)) {
+ log.warn("Username contains potentail XSS characters: " + check);
+ errors.add(LanguageHelper.getErrorString("validation.edituser.username.valid",
+ new Object[] { ValidationHelper.getNotValidCharacter(false) }, request));
+
+ } else {
+ final UserDatabase dbuser = newConfigRead.getUserWithUserName(check);
+ if (dbuser != null && !dbuser.getHjid().equals(String.valueOf(userID))) {
+ log.warn("Username " + check + " exists in UserDatabase");
+ errors.add(LanguageHelper.getErrorString("validation.edituser.username.duplicate", request));
+ form.setUsername("");
+ }
+ }
+ } else {
+ if (userID == -1) {
+ log.warn("Username is empty");
+ errors.add(LanguageHelper.getErrorString("validation.edituser.username.empty", request));
+ } else {
+ final UserDatabase dbuser = newConfigRead.getUserWithID(userID);
+ if (dbuser == null) {
+ log.warn("Username is empty");
+ errors.add(LanguageHelper.getErrorString("validation.edituser.username.empty", request));
+ } else {
+ form.setUsername(dbuser.getUsername());
+ }
+ }
+ }
+
+ check = form.getPassword();
+
+ if (MiscUtil.isEmpty(check)) {
+ if (userID == -1) {
+ log.warn("Password is empty");
+ errors.add(LanguageHelper.getErrorString("validation.edituser.password.empty", request));
+ } else {
+ final UserDatabase dbuser = newConfigRead.getUserWithID(userID);
+ if (dbuser == null || MiscUtil.isEmpty(dbuser.getPassword())) {
+ log.warn("Password is empty");
+ errors.add(LanguageHelper.getErrorString("validation.edituser.password.empty", request));
+ }
+ }
+
+ } else {
+
+ if (check.equals(form.getPassword_second())) {
+
+ final String key = AuthenticationHelper.generateKeyFormPassword(check);
+ if (key == null) {
+ errors.add(LanguageHelper.getErrorString("validation.edituser.password.valid", request));
+ }
+
+ } else {
+ errors.add(LanguageHelper.getErrorString("validation.edituser.password.equal", request));
+ }
+ }
+ }
+
+ check = form.getBpk();
+ if (MiscUtil.isNotEmpty(check)) {
+ if (ValidationHelper.isNotValidIdentityLinkSigner(check)) {
+ log.warn("BPK contains potentail XSS characters: " + check);
+ errors.add(LanguageHelper.getErrorString("validation.edituser.bpk.valid",
+ new Object[] { ValidationHelper.getNotValidIdentityLinkSignerCharacters() }, request));
+ }
+ }
+
+ return errors;
+
+ }
}
diff --git a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/validation/moaconfig/MOAConfigValidator.java b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/validation/moaconfig/MOAConfigValidator.java
index 247004b75..62d53ab56 100644
--- a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/validation/moaconfig/MOAConfigValidator.java
+++ b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/validation/moaconfig/MOAConfigValidator.java
@@ -32,7 +32,6 @@ import java.util.List;
import javax.servlet.http.HttpServletRequest;
import org.apache.commons.lang3.StringUtils;
-import org.apache.log4j.Logger;
import at.gv.egovernment.moa.id.commons.validation.ValidationHelper;
import at.gv.egovernment.moa.id.configuration.Constants;
@@ -41,114 +40,115 @@ import at.gv.egovernment.moa.id.configuration.data.pvp2.ContactForm;
import at.gv.egovernment.moa.id.configuration.helper.LanguageHelper;
import at.gv.egovernment.moa.util.Base64Utils;
import at.gv.egovernment.moa.util.MiscUtil;
+import lombok.extern.slf4j.Slf4j;
+@Slf4j
public class MOAConfigValidator {
- private static final Logger log = Logger.getLogger(MOAConfigValidator.class);
-
- public List<String> validate(GeneralMOAIDConfig form, HttpServletRequest request, boolean isMOAIDMode) {
-
- List<String> errors = new ArrayList<String>();
-
- log.debug("Validate general MOA configuration");
-
-
- String check = form.getSaml1SourceID();
- if (MiscUtil.isNotEmpty(check)) {
- if (ValidationHelper.containsNotValidCharacter(check, false)) {
- log.warn("SAML1 SourceID contains potentail XSS characters: " + check);
- errors.add(LanguageHelper.getErrorString("validation.general.SAML1SourceID",
- new Object[] {ValidationHelper.getNotValidCharacter(false)}, request ));
- }
- }
-
- check = form.getPublicURLPrefix();
- if (MiscUtil.isNotEmpty(check)) {
- String[] publicURLPreFix = check.split(",");
- if (form.isVirtualPublicURLPrefixEnabled()) {
- for (String el : publicURLPreFix) {
- if (!ValidationHelper.validateURL(
- StringUtils.chomp(el.trim()))) {
- log.info("Public URL Prefix " + el + " is not valid");
- errors.add(LanguageHelper.getErrorString("validation.general.publicURLprefix.valid", new Object[]{el}, request));
- }
- }
-
- } else {
- if (!ValidationHelper.validateURL(
- StringUtils.chomp(publicURLPreFix[0].trim()))) {
- log.info("Public URL Prefix " + publicURLPreFix[0] + " is not valid");
- errors.add(LanguageHelper.getErrorString("validation.general.publicURLprefix.valid", new Object[]{publicURLPreFix[0]}, request));
-
- }
-
- }
- } else {
- log.info("PublicURL Prefix is empty.");
- errors.add(LanguageHelper.getErrorString("validation.general.publicURLprefix.empty", request));
- }
-
- check = form.getTimeoutAssertion();
- if (MiscUtil.isNotEmpty(check)) {
- if (!ValidationHelper.validateNumber(check)) {
- log.warn("Assertion Timeout is no number " + check);
- errors.add(LanguageHelper.getErrorString("validation.general.timeouts.assertion.valid",
- new Object[] {ValidationHelper.getNotValidOAIdentifierCharacters()}, request ));
- }
- }
- check = form.getTimeoutMOASessionCreated();
- if (MiscUtil.isNotEmpty(check)) {
- if (!ValidationHelper.validateNumber(check)) {
- log.warn("MOASessionCreated Timeout is no number " + check);
- errors.add(LanguageHelper.getErrorString("validation.general.timeouts.moasessioncreated.valid",
- new Object[] {ValidationHelper.getNotValidOAIdentifierCharacters()}, request ));
- }
- }
- check = form.getTimeoutMOASessionUpdated();
- if (MiscUtil.isNotEmpty(check)) {
- if (!ValidationHelper.validateNumber(check)) {
- log.warn("MOASessionUpdated Timeout is no number " + check);
- errors.add(LanguageHelper.getErrorString("validation.general.timeouts.moasessionupdated.valid",
- new Object[] {ValidationHelper.getNotValidOAIdentifierCharacters()}, request ));
- }
- }
-
+ public List<String> validate(GeneralMOAIDConfig form, HttpServletRequest request, boolean isMOAIDMode) {
+
+ final List<String> errors = new ArrayList<>();
+
+ log.debug("Validate general MOA configuration");
+
+ String check = form.getSaml1SourceID();
+ if (MiscUtil.isNotEmpty(check)) {
+ if (ValidationHelper.containsNotValidCharacter(check, false)) {
+ log.warn("SAML1 SourceID contains potentail XSS characters: " + check);
+ errors.add(LanguageHelper.getErrorString("validation.general.SAML1SourceID",
+ new Object[] { ValidationHelper.getNotValidCharacter(false) }, request));
+ }
+ }
+
+ check = form.getPublicURLPrefix();
+ if (MiscUtil.isNotEmpty(check)) {
+ final String[] publicURLPreFix = check.split(",");
+ if (form.isVirtualPublicURLPrefixEnabled()) {
+ for (final String el : publicURLPreFix) {
+ if (!ValidationHelper.validateURL(
+ StringUtils.chomp(el.trim()))) {
+ log.info("Public URL Prefix " + el + " is not valid");
+ errors.add(LanguageHelper.getErrorString("validation.general.publicURLprefix.valid",
+ new Object[] { el }, request));
+ }
+ }
+
+ } else {
+ if (!ValidationHelper.validateURL(
+ StringUtils.chomp(publicURLPreFix[0].trim()))) {
+ log.info("Public URL Prefix " + publicURLPreFix[0] + " is not valid");
+ errors.add(LanguageHelper.getErrorString("validation.general.publicURLprefix.valid", new Object[] {
+ publicURLPreFix[0] }, request));
+
+ }
+
+ }
+ } else {
+ log.info("PublicURL Prefix is empty.");
+ errors.add(LanguageHelper.getErrorString("validation.general.publicURLprefix.empty", request));
+ }
+
+ check = form.getTimeoutAssertion();
+ if (MiscUtil.isNotEmpty(check)) {
+ if (!ValidationHelper.validateNumber(check)) {
+ log.warn("Assertion Timeout is no number " + check);
+ errors.add(LanguageHelper.getErrorString("validation.general.timeouts.assertion.valid",
+ new Object[] { ValidationHelper.getNotValidOAIdentifierCharacters() }, request));
+ }
+ }
+ check = form.getTimeoutMOASessionCreated();
+ if (MiscUtil.isNotEmpty(check)) {
+ if (!ValidationHelper.validateNumber(check)) {
+ log.warn("MOASessionCreated Timeout is no number " + check);
+ errors.add(LanguageHelper.getErrorString("validation.general.timeouts.moasessioncreated.valid",
+ new Object[] { ValidationHelper.getNotValidOAIdentifierCharacters() }, request));
+ }
+ }
+ check = form.getTimeoutMOASessionUpdated();
+ if (MiscUtil.isNotEmpty(check)) {
+ if (!ValidationHelper.validateNumber(check)) {
+ log.warn("MOASessionUpdated Timeout is no number " + check);
+ errors.add(LanguageHelper.getErrorString("validation.general.timeouts.moasessionupdated.valid",
+ new Object[] { ValidationHelper.getNotValidOAIdentifierCharacters() }, request));
+ }
+ }
+
// check = form.getCertStoreDirectory();
// if (MiscUtil.isNotEmpty(check)) {
// if (ValidationHelper.isValidOAIdentifier(check)) {
// log.warn("CertStoreDirectory contains potentail XSS characters: " + check);
-// errors.add(LanguageHelper.getErrorString("validation.general.certStoreDirectory.valid",
+// errors.add(LanguageHelper.getErrorString("validation.general.certStoreDirectory.valid",
// new Object[] {ValidationHelper.getNotValidOAIdentifierCharacters()}, request ));
// }
// } else {
// log.info("CertStoreDirectory is empty.");
// errors.add(LanguageHelper.getErrorString("validation.general.certStoreDirectory.empty", request));
// }
-
- check = form.getDefaultBKUHandy();
- if (MiscUtil.isNotEmpty(check) && isMOAIDMode) {
- if (!ValidationHelper.validateURL(check)) {
- log.info("Not valid Handy-BKU URL");
- errors.add(LanguageHelper.getErrorString("validation.general.bku.handy.valid", request));
- }
- }
-
- check = form.getDefaultBKULocal();
- if (MiscUtil.isNotEmpty(check) && isMOAIDMode) {
- if (!ValidationHelper.validateURL(check)) {
- log.info("Not valid Online-BKU URL");
- errors.add(LanguageHelper.getErrorString("validation.general.bku.local.valid", request));
- }
- }
-
- check = form.getDefaultBKUOnline();
- if (MiscUtil.isNotEmpty(check) && isMOAIDMode) {
- if (!ValidationHelper.validateURL(check)) {
- log.info("Not valid Online-BKU URL");
- errors.add(LanguageHelper.getErrorString("validation.general.bku.online.valid", request));
- }
- }
-
+
+ check = form.getDefaultBKUHandy();
+ if (MiscUtil.isNotEmpty(check) && isMOAIDMode) {
+ if (!ValidationHelper.validateURL(check)) {
+ log.info("Not valid Handy-BKU URL");
+ errors.add(LanguageHelper.getErrorString("validation.general.bku.handy.valid", request));
+ }
+ }
+
+ check = form.getDefaultBKULocal();
+ if (MiscUtil.isNotEmpty(check) && isMOAIDMode) {
+ if (!ValidationHelper.validateURL(check)) {
+ log.info("Not valid Online-BKU URL");
+ errors.add(LanguageHelper.getErrorString("validation.general.bku.local.valid", request));
+ }
+ }
+
+ check = form.getDefaultBKUOnline();
+ if (MiscUtil.isNotEmpty(check) && isMOAIDMode) {
+ if (!ValidationHelper.validateURL(check)) {
+ log.info("Not valid Online-BKU URL");
+ errors.add(LanguageHelper.getErrorString("validation.general.bku.online.valid", request));
+ }
+ }
+
// check = form.getDefaultchainigmode();
// if (MiscUtil.isEmpty(check)) {
// log.info("Empty Defaultchainigmode");
@@ -160,166 +160,169 @@ public class MOAConfigValidator {
// errors.add(LanguageHelper.getErrorString("validation.general.Defaultchainigmode.valid", request));
// }
// }
-
- check = form.getMandateURL();
- if (MiscUtil.isNotEmpty(check) && isMOAIDMode) {
- String[] misURLs = check.split(",");
- for (String el : misURLs) {
- if (MiscUtil.isNotEmpty(el) && !ValidationHelper.validateURL(StringUtils.chomp(el.trim()))) {
- log.info("Not valid Online-Mandate Service URL");
- errors.add(LanguageHelper.getErrorString("validation.general.mandateservice.valid",
- new Object[]{el}, request));
- }
- }
- }
-
- check = form.getElgaMandateServiceURL();
- if (MiscUtil.isNotEmpty(check) && isMOAIDMode) {
- String[] elgaServiceURLs = check.split(",");
- for (String el : elgaServiceURLs) {
- if (MiscUtil.isNotEmpty(el) && !ValidationHelper.validateURL(StringUtils.chomp(el.trim()))) {
- log.info("Not valid Online-Mandate Service URL");
- errors.add(LanguageHelper.getErrorString("validation.general.elga.mandateservice.valid",
- new Object[]{el}, request));
- }
- }
- }
-
- check = form.getEidSystemServiceURL();
- if (MiscUtil.isNotEmpty(check)) {
- String[] eidServiceURLs = check.split(",");
- for (String el : eidServiceURLs) {
- if (MiscUtil.isNotEmpty(el) && !ValidationHelper.validateURL(StringUtils.chomp(el.trim()))) {
- log.info("Not valid E-ID System Service URL");
- errors.add(LanguageHelper.getErrorString("validation.general.eid.url.valid",
- new Object[]{el}, request));
- }
- }
- }
-
- check = form.getMoaspssAuthTransformations();
- List<String> authtranslist = new ArrayList<String>();
- if (isMOAIDMode) {
- if (MiscUtil.isEmpty(check)) {
- log.info("Empty MoaspssAuthTransformation");
- errors.add(LanguageHelper.getErrorString("validation.general.moasp.auth.transformation.empty", request));
- } else {
-
- //is only required if more then one transformation is in use
- // check = StringHelper.formatText(check);
- // String[] list = check.split(GeneralMOAIDConfig.LINE_DELIMITER);
- // int i=1;
- // for(String el : list) {
- // if (ValidationHelper.containsPotentialCSSCharacter(el, false)) {
- // log.info("IdentityLinkSigners is not valid: " + el);
- // errors.add(LanguageHelper.getErrorString("validation.general.moasp.auth.transformation.valid",
- // new Object[] {i, ValidationHelper.getPotentialCSSCharacter(false)} ));
- //
- // } else {
- // if (MiscUtil.isNotEmpty(el.trim()))
- // authtranslist.add(el.trim());
- // }
- // i++;
- // }
- authtranslist.add(check.trim());
- }
- }
- form.setAuthTransformList(authtranslist);
-
- if (isMOAIDMode) {
- check = form.getMoaspssAuthTrustProfile();
- if (MiscUtil.isEmpty(check)) {
- log.info("Empty MOA-SP/SS Authblock TrustProfile");
- errors.add(LanguageHelper.getErrorString("validation.general.moasp.auth.trustprofile.empty", request));
- } else {
- if (ValidationHelper.containsNotValidCharacter(check, false)) {
- log.info("Authblock TrustProfile is not valid: " +check);
- errors.add(LanguageHelper.getErrorString("validation.general.moasp.auth.trustprofile.valid",
- new Object[] {ValidationHelper.getNotValidCharacter(false)}, request ));
- }
- }
-
- check = form.getMoaspssIdlTrustProfile();
- if (MiscUtil.isEmpty(check)) {
- log.info("Empty MOA-SP/SS IdentityLink TrustProfile");
- errors.add(LanguageHelper.getErrorString("validation.general.moasp.idl.trustprofile.empty", request));
- } else {
- if (ValidationHelper.containsNotValidCharacter(check, false)) {
- log.info("IdentityLink TrustProfile is not valid: " +check);
- errors.add(LanguageHelper.getErrorString("validation.general.moasp.idl.trustprofile.valid",
- new Object[] {ValidationHelper.getNotValidCharacter(false)}, request ));
- }
- }
-
- check = form.getMoaspssAuthTrustProfileTest();
- if (MiscUtil.isEmpty(check)) {
- log.info("Empty MOA-SP/SS Test-Authblock TrustProfile");
- errors.add(LanguageHelper.getErrorString("validation.general.moasp.auth.trustprofile.test.empty", request));
- } else {
- if (ValidationHelper.containsNotValidCharacter(check, false)) {
- log.info("Test-Authblock TrustProfile is not valid: " +check);
- errors.add(LanguageHelper.getErrorString("validation.general.moasp.auth.trustprofile.test.valid",
- new Object[] {ValidationHelper.getNotValidCharacter(false)}, request ));
- }
- }
-
- check = form.getMoaspssIdlTrustProfileTest();
- if (MiscUtil.isEmpty(check)) {
- log.info("Empty MOA-SP/SS Test-IdentityLink TrustProfile");
- errors.add(LanguageHelper.getErrorString("validation.general.moasp.idl.trustprofile.test.empty", request));
- } else {
- if (ValidationHelper.containsNotValidCharacter(check, false)) {
- log.info("Test-IdentityLink TrustProfile is not valid: " +check);
- errors.add(LanguageHelper.getErrorString("validation.general.moasp.idl.trustprofile.test.valid",
- new Object[] {ValidationHelper.getNotValidCharacter(false)}, request ));
- }
- }
-
-
- check = form.getMoaspssURL();
- if (MiscUtil.isNotEmpty(check)) {
- if (!ValidationHelper.validateURL(check)) {
- log.info("Not valid MOA-SP/SS Service URL");
- errors.add(LanguageHelper.getErrorString("validation.general.moaspss.url.valid", request));
- }
- }
- }
-
- check = form.getPvp2IssuerName();
- if (MiscUtil.isNotEmpty(check)) {
- if (ValidationHelper.containsNotValidCharacter(check, false)) {
- log.info("PVP2 IssuerName is not valid: " + check);
- errors.add(LanguageHelper.getErrorString("validation.general.protocol.pvp2.issuername.valid",
- new Object[] {ValidationHelper.getNotValidCharacter(false)}, request ));
- }
- }
-
- check = form.getPvp2OrgDisplayName();
- if (MiscUtil.isNotEmpty(check)) {
- if (ValidationHelper.containsNotValidCharacter(check, false)) {
- log.info("PVP2 organisation display name is not valid: " + check);
- errors.add(LanguageHelper.getErrorString("validation.general.protocol.pvp2.org.displayname.valid",
- new Object[] {ValidationHelper.getNotValidCharacter(false)}, request ));
- }
- }
-
- check = form.getPvp2OrgName();
- if (MiscUtil.isNotEmpty(check)) {
- if (ValidationHelper.containsNotValidCharacter(check, false)) {
- log.info("PVP2 organisation name is not valid: " + check);
- errors.add(LanguageHelper.getErrorString("validation.general.protocol.pvp2.org.name.valid",
- new Object[] {ValidationHelper.getNotValidCharacter(false)}, request ));
- }
- }
-
- check = form.getPvp2OrgURL();
- if (MiscUtil.isNotEmpty(check)) {
- if (!ValidationHelper.validateURL(check)) {
- log.info("PVP2 organisation URL is not valid");
- errors.add(LanguageHelper.getErrorString("validation.general.protocol.pvp2.org.url.valid", request));
- }
- }
-
+
+ check = form.getMandateURL();
+ if (MiscUtil.isNotEmpty(check) && isMOAIDMode) {
+ final String[] misURLs = check.split(",");
+ for (final String el : misURLs) {
+ if (MiscUtil.isNotEmpty(el) && !ValidationHelper.validateURL(StringUtils.chomp(el.trim()))) {
+ log.info("Not valid Online-Mandate Service URL");
+ errors.add(LanguageHelper.getErrorString("validation.general.mandateservice.valid",
+ new Object[] { el }, request));
+ }
+ }
+ }
+
+ check = form.getElgaMandateServiceURL();
+ if (MiscUtil.isNotEmpty(check) && isMOAIDMode) {
+ final String[] elgaServiceURLs = check.split(",");
+ for (final String el : elgaServiceURLs) {
+ if (MiscUtil.isNotEmpty(el) && !ValidationHelper.validateURL(StringUtils.chomp(el.trim()))) {
+ log.info("Not valid Online-Mandate Service URL");
+ errors.add(LanguageHelper.getErrorString("validation.general.elga.mandateservice.valid",
+ new Object[] { el }, request));
+ }
+ }
+ }
+
+ check = form.getEidSystemServiceURL();
+ if (MiscUtil.isNotEmpty(check)) {
+ final String[] eidServiceURLs = check.split(",");
+ for (final String el : eidServiceURLs) {
+ if (MiscUtil.isNotEmpty(el) && !ValidationHelper.validateURL(StringUtils.chomp(el.trim()))) {
+ log.info("Not valid E-ID System Service URL");
+ errors.add(LanguageHelper.getErrorString("validation.general.eid.url.valid",
+ new Object[] { el }, request));
+ }
+ }
+ }
+
+ check = form.getMoaspssAuthTransformations();
+ final List<String> authtranslist = new ArrayList<>();
+ if (isMOAIDMode) {
+ if (MiscUtil.isEmpty(check)) {
+ log.info("Empty MoaspssAuthTransformation");
+ errors.add(LanguageHelper.getErrorString("validation.general.moasp.auth.transformation.empty",
+ request));
+ } else {
+
+ // is only required if more then one transformation is in use
+ // check = StringHelper.formatText(check);
+ // String[] list = check.split(GeneralMOAIDConfig.LINE_DELIMITER);
+ // int i=1;
+ // for(String el : list) {
+ // if (ValidationHelper.containsPotentialCSSCharacter(el, false)) {
+ // log.info("IdentityLinkSigners is not valid: " + el);
+ // errors.add(LanguageHelper.getErrorString("validation.general.moasp.auth.transformation.valid",
+ // new Object[] {i, ValidationHelper.getPotentialCSSCharacter(false)} ));
+ //
+ // } else {
+ // if (MiscUtil.isNotEmpty(el.trim()))
+ // authtranslist.add(el.trim());
+ // }
+ // i++;
+ // }
+ authtranslist.add(check.trim());
+ }
+ }
+ form.setAuthTransformList(authtranslist);
+
+ if (isMOAIDMode) {
+ check = form.getMoaspssAuthTrustProfile();
+ if (MiscUtil.isEmpty(check)) {
+ log.info("Empty MOA-SP/SS Authblock TrustProfile");
+ errors.add(LanguageHelper.getErrorString("validation.general.moasp.auth.trustprofile.empty",
+ request));
+ } else {
+ if (ValidationHelper.containsNotValidCharacter(check, false)) {
+ log.info("Authblock TrustProfile is not valid: " + check);
+ errors.add(LanguageHelper.getErrorString("validation.general.moasp.auth.trustprofile.valid",
+ new Object[] { ValidationHelper.getNotValidCharacter(false) }, request));
+ }
+ }
+
+ check = form.getMoaspssIdlTrustProfile();
+ if (MiscUtil.isEmpty(check)) {
+ log.info("Empty MOA-SP/SS IdentityLink TrustProfile");
+ errors.add(LanguageHelper.getErrorString("validation.general.moasp.idl.trustprofile.empty", request));
+ } else {
+ if (ValidationHelper.containsNotValidCharacter(check, false)) {
+ log.info("IdentityLink TrustProfile is not valid: " + check);
+ errors.add(LanguageHelper.getErrorString("validation.general.moasp.idl.trustprofile.valid",
+ new Object[] { ValidationHelper.getNotValidCharacter(false) }, request));
+ }
+ }
+
+ check = form.getMoaspssAuthTrustProfileTest();
+ if (MiscUtil.isEmpty(check)) {
+ log.info("Empty MOA-SP/SS Test-Authblock TrustProfile");
+ errors.add(LanguageHelper.getErrorString("validation.general.moasp.auth.trustprofile.test.empty",
+ request));
+ } else {
+ if (ValidationHelper.containsNotValidCharacter(check, false)) {
+ log.info("Test-Authblock TrustProfile is not valid: " + check);
+ errors.add(LanguageHelper.getErrorString("validation.general.moasp.auth.trustprofile.test.valid",
+ new Object[] { ValidationHelper.getNotValidCharacter(false) }, request));
+ }
+ }
+
+ check = form.getMoaspssIdlTrustProfileTest();
+ if (MiscUtil.isEmpty(check)) {
+ log.info("Empty MOA-SP/SS Test-IdentityLink TrustProfile");
+ errors.add(LanguageHelper.getErrorString("validation.general.moasp.idl.trustprofile.test.empty",
+ request));
+ } else {
+ if (ValidationHelper.containsNotValidCharacter(check, false)) {
+ log.info("Test-IdentityLink TrustProfile is not valid: " + check);
+ errors.add(LanguageHelper.getErrorString("validation.general.moasp.idl.trustprofile.test.valid",
+ new Object[] { ValidationHelper.getNotValidCharacter(false) }, request));
+ }
+ }
+
+ check = form.getMoaspssURL();
+ if (MiscUtil.isNotEmpty(check)) {
+ if (!ValidationHelper.validateURL(check)) {
+ log.info("Not valid MOA-SP/SS Service URL");
+ errors.add(LanguageHelper.getErrorString("validation.general.moaspss.url.valid", request));
+ }
+ }
+ }
+
+ check = form.getPvp2IssuerName();
+ if (MiscUtil.isNotEmpty(check)) {
+ if (ValidationHelper.containsNotValidCharacter(check, false)) {
+ log.info("PVP2 IssuerName is not valid: " + check);
+ errors.add(LanguageHelper.getErrorString("validation.general.protocol.pvp2.issuername.valid",
+ new Object[] { ValidationHelper.getNotValidCharacter(false) }, request));
+ }
+ }
+
+ check = form.getPvp2OrgDisplayName();
+ if (MiscUtil.isNotEmpty(check)) {
+ if (ValidationHelper.containsNotValidCharacter(check, false)) {
+ log.info("PVP2 organisation display name is not valid: " + check);
+ errors.add(LanguageHelper.getErrorString("validation.general.protocol.pvp2.org.displayname.valid",
+ new Object[] { ValidationHelper.getNotValidCharacter(false) }, request));
+ }
+ }
+
+ check = form.getPvp2OrgName();
+ if (MiscUtil.isNotEmpty(check)) {
+ if (ValidationHelper.containsNotValidCharacter(check, false)) {
+ log.info("PVP2 organisation name is not valid: " + check);
+ errors.add(LanguageHelper.getErrorString("validation.general.protocol.pvp2.org.name.valid",
+ new Object[] { ValidationHelper.getNotValidCharacter(false) }, request));
+ }
+ }
+
+ check = form.getPvp2OrgURL();
+ if (MiscUtil.isNotEmpty(check)) {
+ if (!ValidationHelper.validateURL(check)) {
+ log.info("PVP2 organisation URL is not valid");
+ errors.add(LanguageHelper.getErrorString("validation.general.protocol.pvp2.org.url.valid", request));
+ }
+ }
+
// check = form.getPvp2PublicUrlPrefix();
// if (MiscUtil.isNotEmpty(check)) {
// if (!ValidationHelper.validateURL(check)) {
@@ -327,175 +330,175 @@ public class MOAConfigValidator {
// errors.add(LanguageHelper.getErrorString("validation.general.protocol.pvp2.serviceurl.valid"));
// }
// }
-
- if (isMOAIDMode) {
- check = form.getSLRequestTemplateHandy();
- if (MiscUtil.isEmpty(check)) {
- log.info("Empty SLRequestTemplate Handy-BKU");
- errors.add(LanguageHelper.getErrorString("validation.general.slrequest.handy.empty", request));
- } else {
- if (ValidationHelper.isNotValidIdentityLinkSigner(check)) {
- log.info("SLRequestTemplate Handy-BKU is not valid");
- errors.add(LanguageHelper.getErrorString("validation.general.slrequest.handy.valid", request));
- }
- }
-
- check = form.getSLRequestTemplateLocal();
- if (MiscUtil.isEmpty(check)) {
- log.info("Empty SLRequestTemplate local BKU");
- errors.add(LanguageHelper.getErrorString("validation.general.slrequest.local.empty", request));
- } else {
- if (ValidationHelper.isNotValidIdentityLinkSigner(check)) {
- log.info("SLRequestTemplate local BKU is not valid");
- errors.add(LanguageHelper.getErrorString("validation.general.slrequest.local.valid", request));
- }
- }
-
- check = form.getSLRequestTemplateOnline();
- if (MiscUtil.isEmpty(check)) {
- log.info("Empty SLRequestTemplate Online-BKU");
- errors.add(LanguageHelper.getErrorString("validation.general.slrequest.online.empty", request));
- } else {
- if (ValidationHelper.isNotValidIdentityLinkSigner(check)) {
- log.info("SLRequestTemplate Online-BKU is not valid");
- errors.add(LanguageHelper.getErrorString("validation.general.slrequest.online.valid", request));
- }
- }
-
- check = form.getSsoFriendlyName();
- if (MiscUtil.isNotEmpty(check)) {
- if (ValidationHelper.containsNotValidCharacter(check, false)) {
- log.info("SSO friendlyname is not valid: " + check);
- errors.add(LanguageHelper.getErrorString("validation.general.sso.friendlyname.valid",
- new Object[] {ValidationHelper.getNotValidCharacter(false)}, request ));
- }
- }
-
- // check = form.getSsoIdentificationNumber();
- // if (MiscUtil.isNotEmpty(check)) {
- // if (ValidationHelper.containsPotentialCSSCharacter(check, false)) {
- // log.info("SSO IdentificationNumber is not valid: " + check);
- // errors.add(LanguageHelper.getErrorString("validation.general.sso.identificationnumber.valid",
- // new Object[] {ValidationHelper.getPotentialCSSCharacter(false)} ));
- // }
- // }
-
- // check = form.getSsoPublicUrl();
- // if (MiscUtil.isNotEmpty(check)) {
- // if (!ValidationHelper.validateURL(check)) {
- // log.info("SSO Public URL is not valid");
- // errors.add(LanguageHelper.getErrorString("validation.general.sso.publicurl.valid"));
- // }
- // }
-
- check = form.getSsoSpecialText();
- if (MiscUtil.isNotEmpty(check)) {
- if (ValidationHelper.containsNotValidCharacter(check, true)) {
- log.info("SSO SpecialText is not valid: " + check);
- errors.add(LanguageHelper.getErrorString("validation.general.sso.specialauthtext.valid",
- new Object[] {ValidationHelper.getNotValidCharacter(true)} , request));
- }
- }
-
- check = form.getSsoTarget();
- if (MiscUtil.isEmpty(check)) {
- log.info("Empty SSO Target");
- //errors.add(LanguageHelper.getErrorString("validation.general.sso.target.empty", request));
-
- } else {
- if (!ValidationHelper.isValidAdminTarget(check)) {
-
- if (ValidationHelper.containsNotValidCharacter(check, false)) {
- log.warn("IdentificationNumber contains potentail XSS characters: " + check);
- errors.add(LanguageHelper.getErrorString("validation.general.sso.target.valid",
- new Object[] {ValidationHelper.getNotValidCharacter(false)}, request ));
- }
-
- String num = check.replaceAll(" ", "");
-
- if ( !(num.startsWith(Constants.IDENIFICATIONTYPE_FN) ||
- num.startsWith(Constants.IDENIFICATIONTYPE_ZVR) ||
- num.startsWith(Constants.IDENIFICATIONTYPE_ERSB) ) ) {
-
- log.info("Not valid SSO Target");
- errors.add(LanguageHelper.getErrorString("validation.general.sso.target.valid", request));
- }
-
- }
- }
-
- check = form.getSzrgwURL();
- if (MiscUtil.isNotEmpty(check)) {
- String[] szrGWServiceURLs = check.split(",");
- for (String el : szrGWServiceURLs) {
- if (MiscUtil.isNotEmpty(el) && !ValidationHelper.validateURL(StringUtils.chomp(el.trim()))) {
- log.info("Not valid Online-Mandate Service URL");
- errors.add(LanguageHelper.getErrorString("validation.general.szrgw.url.valid",
- new Object[]{el}, request));
- }
- }
- }
- }
-
- check = form.getTrustedCACerts();
- if (MiscUtil.isEmpty(check)) {
- log.info("Empty TrustCACerts Directory");
- errors.add(LanguageHelper.getErrorString("validation.general.trustedcacerts.empty", request));
-
- } else {
- if (ValidationHelper.isNotValidIdentityLinkSigner(check)) {
- log.info("Not valid TrustCACerts Directory");
- errors.add(LanguageHelper.getErrorString("validation.general.trustedcacerts.valid",
- new Object[] {ValidationHelper.getNotValidOAIdentifierCharacters()}, request ));
- }
- }
-
-
- if (isMOAIDMode) {
- if (form.getFileUploadFileName() != null && !form.getFileUploadFileName().isEmpty()) {
- HashMap<String, byte[]> map = new HashMap<String, byte[]>();
- for (int i=0; i<form.getFileUploadFileName().size(); i++) {
- String filename = form.getFileUploadFileName().get(i);
-
- if (MiscUtil.isNotEmpty(filename)) {
- if (ValidationHelper.containsNotValidCharacter(filename, false)) {
- log.info("SL Transformation Filename is not valid");
- errors.add(LanguageHelper.getErrorString("validation.general.slrequest.filename.valid", request));
-
- } else {
- try {
- File file = form.getFileUpload().get(i);
- FileInputStream stream = new FileInputStream(file);
- map.put(filename, Base64Utils.encode(stream).getBytes("UTF-8"));
-
- } catch (IOException e) {
- log.info("SecurtiyLayerTransformation with FileName "
- + filename +" can not be loaded." , e);
- errors.add(LanguageHelper.getErrorString("validation.general.slrequest.file.valid",
- new Object[] {filename}, request ));
- }
- }
- }
- }
-
- form.setSecLayerTransformation(map);
-
- } else {
- if (form.getSecLayerTransformation() == null) {
- log.info("AuthBlock Transformation file is empty");
- errors.add(LanguageHelper.getErrorString("validation.general.slrequest.file.empty", request));
-
- }
- }
- }
-
-
- ContactForm contact = form.getPvp2Contact();
- if (contact != null) {
- PVP2ContactValidator pvp2validator = new PVP2ContactValidator();
- errors.addAll(pvp2validator.validate(contact, request));
- }
-
- return errors;
- }
+
+ if (isMOAIDMode) {
+ check = form.getSLRequestTemplateHandy();
+ if (MiscUtil.isEmpty(check)) {
+ log.info("Empty SLRequestTemplate Handy-BKU");
+ errors.add(LanguageHelper.getErrorString("validation.general.slrequest.handy.empty", request));
+ } else {
+ if (ValidationHelper.isNotValidIdentityLinkSigner(check)) {
+ log.info("SLRequestTemplate Handy-BKU is not valid");
+ errors.add(LanguageHelper.getErrorString("validation.general.slrequest.handy.valid", request));
+ }
+ }
+
+ check = form.getSLRequestTemplateLocal();
+ if (MiscUtil.isEmpty(check)) {
+ log.info("Empty SLRequestTemplate local BKU");
+ errors.add(LanguageHelper.getErrorString("validation.general.slrequest.local.empty", request));
+ } else {
+ if (ValidationHelper.isNotValidIdentityLinkSigner(check)) {
+ log.info("SLRequestTemplate local BKU is not valid");
+ errors.add(LanguageHelper.getErrorString("validation.general.slrequest.local.valid", request));
+ }
+ }
+
+ check = form.getSLRequestTemplateOnline();
+ if (MiscUtil.isEmpty(check)) {
+ log.info("Empty SLRequestTemplate Online-BKU");
+ errors.add(LanguageHelper.getErrorString("validation.general.slrequest.online.empty", request));
+ } else {
+ if (ValidationHelper.isNotValidIdentityLinkSigner(check)) {
+ log.info("SLRequestTemplate Online-BKU is not valid");
+ errors.add(LanguageHelper.getErrorString("validation.general.slrequest.online.valid", request));
+ }
+ }
+
+ check = form.getSsoFriendlyName();
+ if (MiscUtil.isNotEmpty(check)) {
+ if (ValidationHelper.containsNotValidCharacter(check, false)) {
+ log.info("SSO friendlyname is not valid: " + check);
+ errors.add(LanguageHelper.getErrorString("validation.general.sso.friendlyname.valid",
+ new Object[] { ValidationHelper.getNotValidCharacter(false) }, request));
+ }
+ }
+
+ // check = form.getSsoIdentificationNumber();
+ // if (MiscUtil.isNotEmpty(check)) {
+ // if (ValidationHelper.containsPotentialCSSCharacter(check, false)) {
+ // log.info("SSO IdentificationNumber is not valid: " + check);
+ // errors.add(LanguageHelper.getErrorString("validation.general.sso.identificationnumber.valid",
+ // new Object[] {ValidationHelper.getPotentialCSSCharacter(false)} ));
+ // }
+ // }
+
+ // check = form.getSsoPublicUrl();
+ // if (MiscUtil.isNotEmpty(check)) {
+ // if (!ValidationHelper.validateURL(check)) {
+ // log.info("SSO Public URL is not valid");
+ // errors.add(LanguageHelper.getErrorString("validation.general.sso.publicurl.valid"));
+ // }
+ // }
+
+ check = form.getSsoSpecialText();
+ if (MiscUtil.isNotEmpty(check)) {
+ if (ValidationHelper.containsNotValidCharacter(check, true)) {
+ log.info("SSO SpecialText is not valid: " + check);
+ errors.add(LanguageHelper.getErrorString("validation.general.sso.specialauthtext.valid",
+ new Object[] { ValidationHelper.getNotValidCharacter(true) }, request));
+ }
+ }
+
+ check = form.getSsoTarget();
+ if (MiscUtil.isEmpty(check)) {
+ log.info("Empty SSO Target");
+ // errors.add(LanguageHelper.getErrorString("validation.general.sso.target.empty",
+ // request));
+
+ } else {
+ if (!ValidationHelper.isValidAdminTarget(check)) {
+
+ if (ValidationHelper.containsNotValidCharacter(check, false)) {
+ log.warn("IdentificationNumber contains potentail XSS characters: " + check);
+ errors.add(LanguageHelper.getErrorString("validation.general.sso.target.valid",
+ new Object[] { ValidationHelper.getNotValidCharacter(false) }, request));
+ }
+
+ final String num = check.replaceAll(" ", "");
+
+ if (!(num.startsWith(Constants.IDENIFICATIONTYPE_FN) ||
+ num.startsWith(Constants.IDENIFICATIONTYPE_ZVR) ||
+ num.startsWith(Constants.IDENIFICATIONTYPE_ERSB))) {
+
+ log.info("Not valid SSO Target");
+ errors.add(LanguageHelper.getErrorString("validation.general.sso.target.valid", request));
+ }
+
+ }
+ }
+
+ check = form.getSzrgwURL();
+ if (MiscUtil.isNotEmpty(check)) {
+ final String[] szrGWServiceURLs = check.split(",");
+ for (final String el : szrGWServiceURLs) {
+ if (MiscUtil.isNotEmpty(el) && !ValidationHelper.validateURL(StringUtils.chomp(el.trim()))) {
+ log.info("Not valid Online-Mandate Service URL");
+ errors.add(LanguageHelper.getErrorString("validation.general.szrgw.url.valid",
+ new Object[] { el }, request));
+ }
+ }
+ }
+ }
+
+ check = form.getTrustedCACerts();
+ if (MiscUtil.isEmpty(check)) {
+ log.info("Empty TrustCACerts Directory");
+ errors.add(LanguageHelper.getErrorString("validation.general.trustedcacerts.empty", request));
+
+ } else {
+ if (ValidationHelper.isNotValidIdentityLinkSigner(check)) {
+ log.info("Not valid TrustCACerts Directory");
+ errors.add(LanguageHelper.getErrorString("validation.general.trustedcacerts.valid",
+ new Object[] { ValidationHelper.getNotValidOAIdentifierCharacters() }, request));
+ }
+ }
+
+ if (isMOAIDMode) {
+ if (form.getFileUploadFileName() != null && !form.getFileUploadFileName().isEmpty()) {
+ final HashMap<String, byte[]> map = new HashMap<>();
+ for (int i = 0; i < form.getFileUploadFileName().size(); i++) {
+ final String filename = form.getFileUploadFileName().get(i);
+
+ if (MiscUtil.isNotEmpty(filename)) {
+ if (ValidationHelper.containsNotValidCharacter(filename, false)) {
+ log.info("SL Transformation Filename is not valid");
+ errors.add(LanguageHelper.getErrorString("validation.general.slrequest.filename.valid",
+ request));
+
+ } else {
+ try {
+ final File file = form.getFileUpload().get(i);
+ final FileInputStream stream = new FileInputStream(file);
+ map.put(filename, Base64Utils.encode(stream).getBytes("UTF-8"));
+
+ } catch (final IOException e) {
+ log.info("SecurtiyLayerTransformation with FileName "
+ + filename + " can not be loaded.", e);
+ errors.add(LanguageHelper.getErrorString("validation.general.slrequest.file.valid",
+ new Object[] { filename }, request));
+ }
+ }
+ }
+ }
+
+ form.setSecLayerTransformation(map);
+
+ } else {
+ if (form.getSecLayerTransformation() == null) {
+ log.info("AuthBlock Transformation file is empty");
+ errors.add(LanguageHelper.getErrorString("validation.general.slrequest.file.empty", request));
+
+ }
+ }
+ }
+
+ final ContactForm contact = form.getPvp2Contact();
+ if (contact != null) {
+ final PVP2ContactValidator pvp2validator = new PVP2ContactValidator();
+ errors.addAll(pvp2validator.validate(contact, request));
+ }
+
+ return errors;
+ }
}
diff --git a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/validation/moaconfig/PVP2ContactValidator.java b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/validation/moaconfig/PVP2ContactValidator.java
index f7edbee71..f6deb6b09 100644
--- a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/validation/moaconfig/PVP2ContactValidator.java
+++ b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/validation/moaconfig/PVP2ContactValidator.java
@@ -28,76 +28,76 @@ import java.util.List;
import javax.servlet.http.HttpServletRequest;
-import org.apache.log4j.Logger;
-
import at.gv.egovernment.moa.id.commons.validation.ValidationHelper;
import at.gv.egovernment.moa.id.configuration.data.pvp2.ContactForm;
import at.gv.egovernment.moa.id.configuration.helper.LanguageHelper;
import at.gv.egovernment.moa.util.MiscUtil;
+import lombok.extern.slf4j.Slf4j;
-
+@Slf4j
public class PVP2ContactValidator {
- public static final List<String> AllowedTypes= Arrays.asList(
- "technical",
- "support",
- "administrative",
- "billing",
- "other");
-
- private static final Logger log = Logger.getLogger(PVP2ContactValidator.class);
-
- public List<String >validate(ContactForm contact, HttpServletRequest request) {
- List<String> errors = new ArrayList<String>();
-
- String check = contact.getCompany();
- if (MiscUtil.isNotEmpty(check)) {
- if (ValidationHelper.containsNotValidCharacter(check, false)) {
- log.info("PVP2 Contact: Company is not valid: " + check);
- errors.add(LanguageHelper.getErrorString("validation.general.protocol.pvp2.contact.company.valid",
- new Object[] {ValidationHelper.getNotValidCharacter(false)}, request ));
- }
- }
-
- check = contact.getGivenname();
- if (MiscUtil.isNotEmpty(check)) {
- if (ValidationHelper.containsNotValidCharacter(check, false)) {
- log.info("PVP2 Contact: GivenName is not valid: " + check);
- errors.add(LanguageHelper.getErrorString("validation.general.protocol.pvp2.contact.givenname.valid",
- new Object[] {ValidationHelper.getNotValidCharacter(false)}, request ));
- }
- }
-
- check = contact.getSurname();
- if (MiscUtil.isNotEmpty(check)) {
- if (ValidationHelper.containsNotValidCharacter(check, false)) {
- log.info("PVP2 Contact: SureName is not valid: " + check);
- errors.add(LanguageHelper.getErrorString("validation.general.protocol.pvp2.contact.surename.valid",
- new Object[] {ValidationHelper.getNotValidCharacter(false)}, request ));
- }
- }
-
- check = contact.getType();
- if (MiscUtil.isNotEmpty(check)) {
- if (!AllowedTypes.contains(check)) {
- errors.add(LanguageHelper.getErrorString("validation.general.protocol.pvp2.contact.type.valid", request));
- }
- }
-
- check = contact.getMail();
- if (MiscUtil.isNotEmpty(check)) {
- if (!ValidationHelper.isEmailAddressFormat(check)) {
- errors.add(LanguageHelper.getErrorString("validation.general.protocol.pvp2.contact.mail.valid", request));
- }
- }
-
- check = contact.getPhone();
- if (MiscUtil.isNotEmpty(check)) {
- if (!ValidationHelper.validatePhoneNumber(check)) {
- errors.add(LanguageHelper.getErrorString("validation.general.protocol.pvp2.contact.phone.valid", request));
- }
- }
-
- return errors;
- }
+ public static final List<String> AllowedTypes = Arrays.asList(
+ "technical",
+ "support",
+ "administrative",
+ "billing",
+ "other");
+
+ public List<String> validate(ContactForm contact, HttpServletRequest request) {
+ final List<String> errors = new ArrayList<>();
+
+ String check = contact.getCompany();
+ if (MiscUtil.isNotEmpty(check)) {
+ if (ValidationHelper.containsNotValidCharacter(check, false)) {
+ log.info("PVP2 Contact: Company is not valid: " + check);
+ errors.add(LanguageHelper.getErrorString("validation.general.protocol.pvp2.contact.company.valid",
+ new Object[] { ValidationHelper.getNotValidCharacter(false) }, request));
+ }
+ }
+
+ check = contact.getGivenname();
+ if (MiscUtil.isNotEmpty(check)) {
+ if (ValidationHelper.containsNotValidCharacter(check, false)) {
+ log.info("PVP2 Contact: GivenName is not valid: " + check);
+ errors.add(LanguageHelper.getErrorString("validation.general.protocol.pvp2.contact.givenname.valid",
+ new Object[] { ValidationHelper.getNotValidCharacter(false) }, request));
+ }
+ }
+
+ check = contact.getSurname();
+ if (MiscUtil.isNotEmpty(check)) {
+ if (ValidationHelper.containsNotValidCharacter(check, false)) {
+ log.info("PVP2 Contact: SureName is not valid: " + check);
+ errors.add(LanguageHelper.getErrorString("validation.general.protocol.pvp2.contact.surename.valid",
+ new Object[] { ValidationHelper.getNotValidCharacter(false) }, request));
+ }
+ }
+
+ check = contact.getType();
+ if (MiscUtil.isNotEmpty(check)) {
+ if (!AllowedTypes.contains(check)) {
+ errors.add(LanguageHelper.getErrorString("validation.general.protocol.pvp2.contact.type.valid",
+ request));
+ }
+ }
+
+ check = contact.getMail();
+ if (MiscUtil.isNotEmpty(check)) {
+ if (!ValidationHelper.isEmailAddressFormat(check)) {
+ errors.add(LanguageHelper.getErrorString("validation.general.protocol.pvp2.contact.mail.valid",
+ request));
+ }
+ }
+
+ check = contact.getPhone();
+ if (MiscUtil.isNotEmpty(check)) {
+ if (!ValidationHelper.validatePhoneNumber(check)) {
+ errors.add(LanguageHelper.getErrorString("validation.general.protocol.pvp2.contact.phone.valid",
+ request));
+ }
+ }
+
+ return errors;
+ }
}
diff --git a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/validation/moaconfig/StorkConfigValidator.java b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/validation/moaconfig/StorkConfigValidator.java
index 41fce8e60..088e377b4 100644
--- a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/validation/moaconfig/StorkConfigValidator.java
+++ b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/validation/moaconfig/StorkConfigValidator.java
@@ -5,8 +5,6 @@ import java.util.List;
import javax.servlet.http.HttpServletRequest;
-import org.apache.log4j.Logger;
-
import at.gv.egovernment.moa.id.commons.MOAIDConstants;
import at.gv.egovernment.moa.id.commons.db.dao.config.deprecated.CPEPS;
import at.gv.egovernment.moa.id.commons.db.dao.config.deprecated.StorkAttribute;
@@ -14,108 +12,117 @@ import at.gv.egovernment.moa.id.commons.validation.ValidationHelper;
import at.gv.egovernment.moa.id.configuration.data.GeneralStorkConfig;
import at.gv.egovernment.moa.id.configuration.helper.LanguageHelper;
import at.gv.egovernment.moa.util.MiscUtil;
+import lombok.extern.slf4j.Slf4j;
+@Slf4j
public class StorkConfigValidator {
- private static final Logger log = Logger.getLogger(StorkConfigValidator.class);
+ public List<String> validate(GeneralStorkConfig form, HttpServletRequest request) {
- public List<String> validate(GeneralStorkConfig form, HttpServletRequest request) {
+ final List<String> errors = new ArrayList<>();
- List<String> errors = new ArrayList<String>();
+ log.debug("Validate general STORK configuration");
- log.debug("Validate general STORK configuration");
+ // check peps list
- // check peps list
-
// if (form.getCpepslist() != null) {
// for(CPEPS current : form.getCpepslist()) {
- if (form.getRawCPEPSList() != null) {
- for(CPEPS current : form.getRawCPEPSList()) {
- // if an existing record got deleted
- if(null == current)
- continue;
-
- // check country code
- String check = current.getCountryCode();
- if (MiscUtil.isNotEmpty(check)) {
- if (ValidationHelper.containsNotValidCharacter(check, false)) {
- log.warn("CPEPS config countrycode contains potentail XSS characters: " + check);
- errors.add(LanguageHelper.getErrorString("validation.stork.cpeps.cc",
- new Object[] {ValidationHelper.getNotValidCharacter(false)}, request ));
- }
- if(!check.toLowerCase().matches("(^[a-z][a-z]$)|(^[a-z][a-z]-[a-z,0-9]*)")) {
- log.warn("CPEPS config countrycode does not comply to ISO 3166-2 : " + check);
- errors.add(LanguageHelper.getErrorString("validation.stork.cpeps.cc",
- new Object[] {check}, request ));
- }
-
- // check url
- check = current.getURL();
- if (MiscUtil.isNotEmpty(check)) {
- if (!ValidationHelper.validateURL(check)) {
- log.info("CPEPS config URL is invalid : " + check);
- errors.add(LanguageHelper.getErrorString("validation.stork.cpeps.url", request));
- }
- } else {
- log.warn("CPEPS config url is empty : " + check);
- errors.add(LanguageHelper.getErrorString("validation.stork.cpeps.empty",
- new Object[] {check}, request ));
- }
-
- } else {
- log.warn("CPEPS config countrycode is empty : " + check);
+ if (form.getRawCPEPSList() != null) {
+ for (final CPEPS current : form.getRawCPEPSList()) {
+ // if an existing record got deleted
+ if (null == current) {
+ continue;
+ }
+
+ // check country code
+ String check = current.getCountryCode();
+ if (MiscUtil.isNotEmpty(check)) {
+ if (ValidationHelper.containsNotValidCharacter(check, false)) {
+ log.warn("CPEPS config countrycode contains potentail XSS characters: " + check);
+ errors.add(LanguageHelper.getErrorString("validation.stork.cpeps.cc",
+ new Object[] { ValidationHelper.getNotValidCharacter(false) }, request));
+ }
+ if (!check.toLowerCase().matches("(^[a-z][a-z]$)|(^[a-z][a-z]-[a-z,0-9]*)")) {
+ log.warn("CPEPS config countrycode does not comply to ISO 3166-2 : " + check);
+ errors.add(LanguageHelper.getErrorString("validation.stork.cpeps.cc",
+ new Object[] { check }, request));
+ }
+
+ // check url
+ check = current.getURL();
+ if (MiscUtil.isNotEmpty(check)) {
+ if (!ValidationHelper.validateURL(check)) {
+ log.info("CPEPS config URL is invalid : " + check);
+ errors.add(LanguageHelper.getErrorString("validation.stork.cpeps.url", request));
+ }
+ } else {
+ log.warn("CPEPS config url is empty : " + check);
+ errors.add(LanguageHelper.getErrorString("validation.stork.cpeps.empty",
+ new Object[] { check }, request));
+ }
+
+ } else {
+ log.warn("CPEPS config countrycode is empty : " + check);
// errors.add(LanguageHelper.getErrorString("validation.stork.cpeps.empty",
// new Object[] {check}, request ));
- }
-
- }
-
- if (form.getCpepslist() != null) {
- // ensure uniqueness of country code
- for (CPEPS one : form.getCpepslist())
- for (CPEPS another : form.getCpepslist())
- if (null != one && null != another && one.getCountryCode() != null)
- if (!one.equals(another) && one.getCountryCode().equals(another.getCountryCode())) {
- errors.add(LanguageHelper.getErrorString("validation.stork.cpeps.duplicate", request));
- break;
- }
- }
- }
-
- // check qaa
- String qaa = form.getDefaultQaa();
- if (!MOAIDConstants.ALLOWED_eIDAS_LOA.contains(qaa)) {
- log.warn("eIDAS LoA is not allowed : " + qaa);
- errors.add(LanguageHelper.getErrorString("validation.stork.qaa.outofrange",
- new Object[] {qaa}, request ));
- }
-
- // check attributes
- if (MiscUtil.isNotEmpty(form.getAttributes())) {
- for(StorkAttribute check : form.getAttributes()) {
- if (check != null && MiscUtil.isNotEmpty(check.getName())) {
- String tmp = check.getName().replace("eidas/attributes/", ""); // since eIDaS attributes come with a "/", we need to exclude them from validation. TODO Or should we require the admin to escape them in the UI?
- if (ValidationHelper.containsNotValidCharacter(tmp, true)) {
- log.warn("default attributes contains potentail XSS characters: " + check);
- errors.add(LanguageHelper.getErrorString("validation.stork.requestedattributes",
- new Object[] {ValidationHelper.getNotValidCharacter(true)}, request ));
- }
- if(!tmp.toLowerCase().matches("^[A-Za-z]*$")) {
- log.warn("default attributes do not match the requested format : " + check);
- errors.add(LanguageHelper.getErrorString("validation.stork.requestedattributes",
- new Object[] {check}, request ));
- }
-
- }
- }
-
- //TODO: STORK attributes check if no attribute is set
+ }
+
+ }
+
+ if (form.getCpepslist() != null) {
+ // ensure uniqueness of country code
+ for (final CPEPS one : form.getCpepslist()) {
+ for (final CPEPS another : form.getCpepslist()) {
+ if (null != one && null != another && one.getCountryCode() != null) {
+ if (!one.equals(another) && one.getCountryCode().equals(another.getCountryCode())) {
+ errors.add(LanguageHelper.getErrorString("validation.stork.cpeps.duplicate", request));
+ break;
+ }
+ }
+ }
+ }
+ }
+ }
+
+ // check qaa
+ final String qaa = form.getDefaultQaa();
+ if (!MOAIDConstants.ALLOWED_eIDAS_LOA.contains(qaa)) {
+ log.warn("eIDAS LoA is not allowed : " + qaa);
+ errors.add(LanguageHelper.getErrorString("validation.stork.qaa.outofrange",
+ new Object[] { qaa }, request));
+ }
+
+ // check attributes
+ if (MiscUtil.isNotEmpty(form.getAttributes())) {
+ for (final StorkAttribute check : form.getAttributes()) {
+ if (check != null && MiscUtil.isNotEmpty(check.getName())) {
+ final String tmp = check.getName().replace("eidas/attributes/", ""); // since eIDaS attributes come
+ // with a "/", we need to
+ // exclude them from
+ // validation. TODO Or should
+ // we require the admin to
+ // escape them in the UI?
+ if (ValidationHelper.containsNotValidCharacter(tmp, true)) {
+ log.warn("default attributes contains potentail XSS characters: " + check);
+ errors.add(LanguageHelper.getErrorString("validation.stork.requestedattributes",
+ new Object[] { ValidationHelper.getNotValidCharacter(true) }, request));
+ }
+ if (!tmp.toLowerCase().matches("^[A-Za-z]*$")) {
+ log.warn("default attributes do not match the requested format : " + check);
+ errors.add(LanguageHelper.getErrorString("validation.stork.requestedattributes",
+ new Object[] { check }, request));
+ }
+
+ }
+ }
+
+ // TODO: STORK attributes check if no attribute is set
// } else {
// log.warn("no attributes specified");
// errors.add(LanguageHelper.getErrorString("validation.stork.attributes.empty",
// new Object[] {} ));
- }
+ }
- return errors;
- }
+ return errors;
+ }
}
diff --git a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/validation/oa/OAAuthenticationDataValidation.java b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/validation/oa/OAAuthenticationDataValidation.java
index 5a31d8f47..9c5b145b8 100644
--- a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/validation/oa/OAAuthenticationDataValidation.java
+++ b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/validation/oa/OAAuthenticationDataValidation.java
@@ -28,233 +28,228 @@ import java.util.Map;
import javax.servlet.http.HttpServletRequest;
-import org.apache.log4j.Logger;
-
import at.gv.egiz.eaaf.core.impl.utils.KeyValueUtils;
-import at.gv.egovernment.moa.id.commons.MOAIDAuthConstants;
+import at.gv.egovernment.moa.id.commons.MOAIDConstants;
import at.gv.egovernment.moa.id.commons.validation.ValidationHelper;
import at.gv.egovernment.moa.id.configuration.data.oa.OAAuthenticationData;
import at.gv.egovernment.moa.id.configuration.helper.LanguageHelper;
import at.gv.egovernment.moa.util.MiscUtil;
+import lombok.extern.slf4j.Slf4j;
+@Slf4j
public class OAAuthenticationDataValidation {
- private static final Logger log = Logger.getLogger(OASSOConfigValidation.class);
-
- public List<String> validate(OAAuthenticationData form, boolean isAdmin, HttpServletRequest request) {
-
- List<String> errors = new ArrayList<String>();
- String check;
-
-
-
- //Check BKU URLs
- if (isAdmin) {
- check =form.getBkuHandyURL();
- if (MiscUtil.isNotEmpty(check)) {
+ public List<String> validate(OAAuthenticationData form, boolean isAdmin, HttpServletRequest request) {
+
+ final List<String> errors = new ArrayList<>();
+ String check;
+
+ // Check BKU URLs
+ if (isAdmin) {
+ check = form.getBkuHandyURL();
+ if (MiscUtil.isNotEmpty(check)) {
// log.info("Empty Handy-BKU URL");
// errors.add(LanguageHelper.getErrorString("validation.general.bku.handy.empty"));
-//
+//
// } else {
- if (!ValidationHelper.validateURL(check)) {
- log.info("Not valid Handy-BKU URL");
- errors.add(LanguageHelper.getErrorString("validation.general.bku.handy.valid", request));
- }
- }
-
- check =form.getBkuLocalURL();
- if (MiscUtil.isNotEmpty(check)) {
+ if (!ValidationHelper.validateURL(check)) {
+ log.info("Not valid Handy-BKU URL");
+ errors.add(LanguageHelper.getErrorString("validation.general.bku.handy.valid", request));
+ }
+ }
+
+ check = form.getBkuLocalURL();
+ if (MiscUtil.isNotEmpty(check)) {
// log.info("Empty Local-BKU URL");
// errors.add(LanguageHelper.getErrorString("validation.general.bku.local.empty"));
-//
+//
// } else {
- if (!ValidationHelper.validateURL(check)) {
- log.info("Not valid Online-BKU URL");
- errors.add(LanguageHelper.getErrorString("validation.general.bku.local.valid", request));
- }
- }
-
- check =form.getBkuOnlineURL();
- if (MiscUtil.isNotEmpty(check)) {
+ if (!ValidationHelper.validateURL(check)) {
+ log.info("Not valid Online-BKU URL");
+ errors.add(LanguageHelper.getErrorString("validation.general.bku.local.valid", request));
+ }
+ }
+
+ check = form.getBkuOnlineURL();
+ if (MiscUtil.isNotEmpty(check)) {
// log.info("Empty Online-BKU URL");
// errors.add(LanguageHelper.getErrorString("validation.general.bku.online.empty"));
-//
+//
// } else {
- if (!ValidationHelper.validateURL(check)) {
- log.info("Not valid Online-BKU URL");
- errors.add(LanguageHelper.getErrorString("validation.general.bku.online.valid", request));
- }
- }
- }
-
- if (isAdmin) {
- //check KeyBoxIdentifier
- check = form.getKeyBoxIdentifier();
- if (MiscUtil.isEmpty(check)) {
- log.info("Empty KeyBoxIdentifier");
- errors.add(LanguageHelper.getErrorString("validation.general.keyboxidentifier.empty", request));
- } else {
- Map<String, String> list = form.getKeyBoxIdentifierList();
- if (!list.containsKey(check)) {
- log.info("Not valid KeyBoxIdentifier " + check);
- errors.add(LanguageHelper.getErrorString("validation.general.keyboxidentifier.valid", request));
- }
- }
-
- //check LegacyMode SLTemplates
- if (form.isLegacy()) {
- if (MiscUtil.isEmpty(form.getSLTemplateURL1()) &&
- MiscUtil.isEmpty(form.getSLTemplateURL2()) &&
- MiscUtil.isEmpty(form.getSLTemplateURL3()) ) {
- log.info("Empty OA-specific SecurityLayer Templates");
- errors.add(LanguageHelper.getErrorString("validation.general.sltemplates.empty", request));
-
- } else {
- check = form.getSLTemplateURL1();
- if (MiscUtil.isNotEmpty(check) &&
- ValidationHelper.isNotValidIdentityLinkSigner(check) ) {
- log.info("First OA-specific SecurityLayer Templates is not valid");
- errors.add(LanguageHelper.getErrorString("validation.general.sltemplate1.valid", request));
- }
- check = form.getSLTemplateURL2();
- if (MiscUtil.isNotEmpty(check) &&
- ValidationHelper.isNotValidIdentityLinkSigner(check) ) {
- log.info("Second OA-specific SecurityLayer Templates is not valid");
- errors.add(LanguageHelper.getErrorString("validation.general.sltemplate2.valid", request));
- }
- check = form.getSLTemplateURL3();
- if (MiscUtil.isNotEmpty(check) &&
- ValidationHelper.isNotValidIdentityLinkSigner(check) ) {
- log.info("Third OA-specific SecurityLayer Templates is not valid");
- errors.add(LanguageHelper.getErrorString("validation.general.sltemplate3.valid", request));
- }
- }
- }
- }
-
- //check Mandate Profiles
- check = form.getMandateProfiles();
- if (MiscUtil.isNotEmpty(check)) {
-
- if (!form.isUseMandates()) {
- log.info("MandateProfiles configured but useMandates is false.");
- errors.add(LanguageHelper.getErrorString("validation.general.mandate.usemandate", request));
- }
-
- if (ValidationHelper.containsNotValidCharacter(check, true)) {
- log.warn("MandateProfiles contains potentail XSS characters: " + check);
- errors.add(LanguageHelper.getErrorString("validation.general.mandate.profiles",
- new Object[] {ValidationHelper.getNotValidCharacter(true)}, request ));
- }
- }
-
- check =form.getMisServiceSelected();
- if (MiscUtil.isNotEmpty(check)) {
- if (!ValidationHelper.validateURL(check)) {
- log.info("Not valid MIS Service URL");
- errors.add(LanguageHelper.getErrorString("validation.general.mandateservice.valid",
- new Object[]{check}, request));
- }
- }
-
- check =form.getElgaServiceSelected();
- if (MiscUtil.isNotEmpty(check)) {
- if (!ValidationHelper.validateURL(check)) {
- log.info("Not valid ELGA Service URL");
- errors.add(LanguageHelper.getErrorString("validation.general.elga.mandateservice.valid",
- new Object[]{check}, request));
- }
- }
-
- check =form.getSzrgwServiceSelected();
- if (MiscUtil.isNotEmpty(check)) {
- if (!ValidationHelper.validateURL(check)) {
- log.info("Not valid SZR-GW Service URL");
- errors.add(LanguageHelper.getErrorString("validation.general.szrgw.url.valid",
- new Object[]{check}, request));
- }
- }
-
- check =form.getEidServiceSelected();
- if (MiscUtil.isNotEmpty(check)) {
- if (!ValidationHelper.validateURL(check)) {
- log.info("Not valid E-ID Service URL");
- errors.add(LanguageHelper.getErrorString("validation.general.eid.url.valid",
- new Object[]{check}, request));
- }
- }
-
- if (form.isEnableTestCredentials()
- && form.getTestCredialOIDList() != null && !form.getTestCredialOIDList().isEmpty()) {
- for (String el : form.getTestCredialOIDList()) {
- if (!el.startsWith(MOAIDAuthConstants.TESTCREDENTIALROOTOID)) {
- log.warn("Test credential OID does not start with test credential root OID");
- errors.add(LanguageHelper.getErrorString("validation.general.testcredentials.oid.valid",
- new Object[] {el}, request ));
- }
- }
-
-
- }
-
- if (form.isSl20Active()) {
- if (MiscUtil.isNotEmpty(form.getSl20EndPoints())) {
- log.debug("Validate SL2.0 configuration ... ");
- List<String> sl20Endpoints = KeyValueUtils.getListOfCSVValues(form.getSl20EndPoints());
- if (sl20Endpoints.size() == 1) {
- String value = sl20Endpoints.get(0);
-
- if (!value.startsWith(KeyValueUtils.DEFAULT_VALUE + KeyValueUtils.KEYVVALUEDELIMITER) &&
- value.contains(KeyValueUtils.KEYVVALUEDELIMITER)) {
- log.warn("SL2.0 endpoint '" + value + "' has wrong format");
- errors.add(LanguageHelper.getErrorString("validation.general.sl20.endpoints.wrong",
- new Object[] {value}, request ));
-
- } else if (!value.startsWith(KeyValueUtils.DEFAULT_VALUE + KeyValueUtils.KEYVVALUEDELIMITER) &&
- !value.contains(KeyValueUtils.KEYVVALUEDELIMITER) ) {
- log.info("Find one SL2.0 endpoint without 'default='. Start update ... ");
- form.setSl20EndPoints(KeyValueUtils.DEFAULT_VALUE + KeyValueUtils.KEYVVALUEDELIMITER + value);
-
- }
-
- } else {
- boolean findDefault = false;
- for (String el : sl20Endpoints) {
- if (!el.contains(KeyValueUtils.KEYVVALUEDELIMITER)) {
- log.warn("SL2.0 endpoint '" + el + "' has wrong format");
- errors.add(LanguageHelper.getErrorString("validation.general.sl20.endpoints.wrong",
- new Object[] {el}, request ));
-
- } else {
- if (el.startsWith(KeyValueUtils.DEFAULT_VALUE + KeyValueUtils.KEYVVALUEDELIMITER)) {
- log.debug("Find default endpoint.");
- findDefault = true;
-
- } else {
- String firstPart = el.split(KeyValueUtils.KEYVVALUEDELIMITER)[0];
- try {
- Integer.valueOf(firstPart);
-
- } catch (NumberFormatException e) {
- log.warn("SL2.0 endpoint '" + el + "' has wrong format", e);
- errors.add(LanguageHelper.getErrorString("validation.general.sl20.endpoints.wrong",
- new Object[] {el}, request ));
-
- }
- }
- }
- }
-
- if (!findDefault) {
- log.warn("SL2.0 endpoints contains NO default endpoint");
- errors.add(LanguageHelper.getErrorString("validation.general.sl20.endpoints.default",
- new Object[] {}, request ));
-
- }
- }
- }
- }
-
- return errors;
- }
+ if (!ValidationHelper.validateURL(check)) {
+ log.info("Not valid Online-BKU URL");
+ errors.add(LanguageHelper.getErrorString("validation.general.bku.online.valid", request));
+ }
+ }
+ }
+
+ if (isAdmin) {
+ // check KeyBoxIdentifier
+ check = form.getKeyBoxIdentifier();
+ if (MiscUtil.isEmpty(check)) {
+ log.info("Empty KeyBoxIdentifier");
+ errors.add(LanguageHelper.getErrorString("validation.general.keyboxidentifier.empty", request));
+ } else {
+ final Map<String, String> list = form.getKeyBoxIdentifierList();
+ if (!list.containsKey(check)) {
+ log.info("Not valid KeyBoxIdentifier " + check);
+ errors.add(LanguageHelper.getErrorString("validation.general.keyboxidentifier.valid", request));
+ }
+ }
+
+ // check LegacyMode SLTemplates
+ if (form.isLegacy()) {
+ if (MiscUtil.isEmpty(form.getSLTemplateURL1()) &&
+ MiscUtil.isEmpty(form.getSLTemplateURL2()) &&
+ MiscUtil.isEmpty(form.getSLTemplateURL3())) {
+ log.info("Empty OA-specific SecurityLayer Templates");
+ errors.add(LanguageHelper.getErrorString("validation.general.sltemplates.empty", request));
+
+ } else {
+ check = form.getSLTemplateURL1();
+ if (MiscUtil.isNotEmpty(check) &&
+ ValidationHelper.isNotValidIdentityLinkSigner(check)) {
+ log.info("First OA-specific SecurityLayer Templates is not valid");
+ errors.add(LanguageHelper.getErrorString("validation.general.sltemplate1.valid", request));
+ }
+ check = form.getSLTemplateURL2();
+ if (MiscUtil.isNotEmpty(check) &&
+ ValidationHelper.isNotValidIdentityLinkSigner(check)) {
+ log.info("Second OA-specific SecurityLayer Templates is not valid");
+ errors.add(LanguageHelper.getErrorString("validation.general.sltemplate2.valid", request));
+ }
+ check = form.getSLTemplateURL3();
+ if (MiscUtil.isNotEmpty(check) &&
+ ValidationHelper.isNotValidIdentityLinkSigner(check)) {
+ log.info("Third OA-specific SecurityLayer Templates is not valid");
+ errors.add(LanguageHelper.getErrorString("validation.general.sltemplate3.valid", request));
+ }
+ }
+ }
+ }
+
+ // check Mandate Profiles
+ check = form.getMandateProfiles();
+ if (MiscUtil.isNotEmpty(check)) {
+
+ if (!form.isUseMandates()) {
+ log.info("MandateProfiles configured but useMandates is false.");
+ errors.add(LanguageHelper.getErrorString("validation.general.mandate.usemandate", request));
+ }
+
+ if (ValidationHelper.containsNotValidCharacter(check, true)) {
+ log.warn("MandateProfiles contains potentail XSS characters: " + check);
+ errors.add(LanguageHelper.getErrorString("validation.general.mandate.profiles",
+ new Object[] { ValidationHelper.getNotValidCharacter(true) }, request));
+ }
+ }
+
+ check = form.getMisServiceSelected();
+ if (MiscUtil.isNotEmpty(check)) {
+ if (!ValidationHelper.validateURL(check)) {
+ log.info("Not valid MIS Service URL");
+ errors.add(LanguageHelper.getErrorString("validation.general.mandateservice.valid",
+ new Object[] { check }, request));
+ }
+ }
+
+ check = form.getElgaServiceSelected();
+ if (MiscUtil.isNotEmpty(check)) {
+ if (!ValidationHelper.validateURL(check)) {
+ log.info("Not valid ELGA Service URL");
+ errors.add(LanguageHelper.getErrorString("validation.general.elga.mandateservice.valid",
+ new Object[] { check }, request));
+ }
+ }
+
+ check = form.getSzrgwServiceSelected();
+ if (MiscUtil.isNotEmpty(check)) {
+ if (!ValidationHelper.validateURL(check)) {
+ log.info("Not valid SZR-GW Service URL");
+ errors.add(LanguageHelper.getErrorString("validation.general.szrgw.url.valid",
+ new Object[] { check }, request));
+ }
+ }
+
+ check = form.getEidServiceSelected();
+ if (MiscUtil.isNotEmpty(check)) {
+ if (!ValidationHelper.validateURL(check)) {
+ log.info("Not valid E-ID Service URL");
+ errors.add(LanguageHelper.getErrorString("validation.general.eid.url.valid",
+ new Object[] { check }, request));
+ }
+ }
+
+ if (form.isEnableTestCredentials()
+ && form.getTestCredialOIDList() != null && !form.getTestCredialOIDList().isEmpty()) {
+ for (final String el : form.getTestCredialOIDList()) {
+ if (!el.startsWith(MOAIDConstants.TESTCREDENTIALROOTOID)) {
+ log.warn("Test credential OID does not start with test credential root OID");
+ errors.add(LanguageHelper.getErrorString("validation.general.testcredentials.oid.valid",
+ new Object[] { el }, request));
+ }
+ }
+
+ }
+
+ if (form.isSl20Active()) {
+ if (MiscUtil.isNotEmpty(form.getSl20EndPoints())) {
+ log.debug("Validate SL2.0 configuration ... ");
+ final List<String> sl20Endpoints = KeyValueUtils.getListOfCSVValues(form.getSl20EndPoints());
+ if (sl20Endpoints.size() == 1) {
+ final String value = sl20Endpoints.get(0);
+
+ if (!value.startsWith(KeyValueUtils.DEFAULT_VALUE + KeyValueUtils.KEYVVALUEDELIMITER) &&
+ value.contains(KeyValueUtils.KEYVVALUEDELIMITER)) {
+ log.warn("SL2.0 endpoint '" + value + "' has wrong format");
+ errors.add(LanguageHelper.getErrorString("validation.general.sl20.endpoints.wrong",
+ new Object[] { value }, request));
+
+ } else if (!value.startsWith(KeyValueUtils.DEFAULT_VALUE + KeyValueUtils.KEYVVALUEDELIMITER) &&
+ !value.contains(KeyValueUtils.KEYVVALUEDELIMITER)) {
+ log.info("Find one SL2.0 endpoint without 'default='. Start update ... ");
+ form.setSl20EndPoints(KeyValueUtils.DEFAULT_VALUE + KeyValueUtils.KEYVVALUEDELIMITER + value);
+
+ }
+
+ } else {
+ boolean findDefault = false;
+ for (final String el : sl20Endpoints) {
+ if (!el.contains(KeyValueUtils.KEYVVALUEDELIMITER)) {
+ log.warn("SL2.0 endpoint '" + el + "' has wrong format");
+ errors.add(LanguageHelper.getErrorString("validation.general.sl20.endpoints.wrong",
+ new Object[] { el }, request));
+
+ } else {
+ if (el.startsWith(KeyValueUtils.DEFAULT_VALUE + KeyValueUtils.KEYVVALUEDELIMITER)) {
+ log.debug("Find default endpoint.");
+ findDefault = true;
+
+ } else {
+ final String firstPart = el.split(KeyValueUtils.KEYVVALUEDELIMITER)[0];
+ try {
+ Integer.valueOf(firstPart);
+
+ } catch (final NumberFormatException e) {
+ log.warn("SL2.0 endpoint '" + el + "' has wrong format", e);
+ errors.add(LanguageHelper.getErrorString("validation.general.sl20.endpoints.wrong",
+ new Object[] { el }, request));
+
+ }
+ }
+ }
+ }
+
+ if (!findDefault) {
+ log.warn("SL2.0 endpoints contains NO default endpoint");
+ errors.add(LanguageHelper.getErrorString("validation.general.sl20.endpoints.default",
+ new Object[] {}, request));
+
+ }
+ }
+ }
+ }
+
+ return errors;
+ }
}
diff --git a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/validation/oa/OAFileUploadValidation.java b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/validation/oa/OAFileUploadValidation.java
index 2011a07f1..951b89753 100644
--- a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/validation/oa/OAFileUploadValidation.java
+++ b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/validation/oa/OAFileUploadValidation.java
@@ -27,67 +27,62 @@ import java.io.FileInputStream;
import java.io.IOException;
import java.io.InputStream;
import java.util.ArrayList;
-import java.util.HashMap;
import java.util.List;
import java.util.Map;
import javax.servlet.http.HttpServletRequest;
-import org.apache.commons.io.IOUtils;
-import org.apache.log4j.Logger;
-
import at.gv.egovernment.moa.id.commons.validation.ValidationHelper;
-import at.gv.egovernment.moa.id.configuration.data.oa.OAGeneralConfig;
import at.gv.egovernment.moa.id.configuration.helper.LanguageHelper;
import at.gv.egovernment.moa.util.Base64Utils;
import at.gv.egovernment.moa.util.MiscUtil;
+import lombok.extern.slf4j.Slf4j;
/**
* @author tlenz
*
*/
+@Slf4j
public class OAFileUploadValidation {
- private static final Logger log = Logger.getLogger(OASSOConfigValidation.class);
-
- public List<String> validate(List<String> fileName, List<File> files,
- String errorMsgPreFix, Map<String, byte[]> output, HttpServletRequest request) {
-
- List<String> errors = new ArrayList<String>();
-
- if (fileName != null) {
-
- if (fileName.size() > 1) {
- log.info("Only one BKU-selecten template file can be stored");
- errors.add(LanguageHelper.getErrorString(errorMsgPreFix + ".file.selected", request));
- }
-
- for (int i=0; i<fileName.size(); i++) {
- String filename = fileName.get(i);
-
- if (MiscUtil.isNotEmpty(filename)) {
- if (ValidationHelper.containsNotValidCharacter(filename, false)) {
- log.info("Filename is not valid");
- errors.add(LanguageHelper.getErrorString(errorMsgPreFix + ".filename.valid", request));
-
- } else {
- try {
- File file = files.get(i);
- InputStream stream = new FileInputStream(file);
- output.put(filename, Base64Utils.encode(stream).getBytes("UTF-8"));
- stream.close();
-
- } catch (IOException e) {
- log.info("File with FileName "
- + filename +" can not be loaded." , e);
- errors.add(LanguageHelper.getErrorString(errorMsgPreFix + ".file.valid",
- new Object[] {filename}, request ));
- }
- }
- }
- }
- }
-
- return errors;
- }
+ public List<String> validate(List<String> fileName, List<File> files,
+ String errorMsgPreFix, Map<String, byte[]> output, HttpServletRequest request) {
+
+ final List<String> errors = new ArrayList<>();
+
+ if (fileName != null) {
+
+ if (fileName.size() > 1) {
+ log.info("Only one BKU-selecten template file can be stored");
+ errors.add(LanguageHelper.getErrorString(errorMsgPreFix + ".file.selected", request));
+ }
+
+ for (int i = 0; i < fileName.size(); i++) {
+ final String filename = fileName.get(i);
+
+ if (MiscUtil.isNotEmpty(filename)) {
+ if (ValidationHelper.containsNotValidCharacter(filename, false)) {
+ log.info("Filename is not valid");
+ errors.add(LanguageHelper.getErrorString(errorMsgPreFix + ".filename.valid", request));
+
+ } else {
+ try {
+ final File file = files.get(i);
+ final InputStream stream = new FileInputStream(file);
+ output.put(filename, Base64Utils.encode(stream).getBytes("UTF-8"));
+ stream.close();
+
+ } catch (final IOException e) {
+ log.info("File with FileName "
+ + filename + " can not be loaded.", e);
+ errors.add(LanguageHelper.getErrorString(errorMsgPreFix + ".file.valid",
+ new Object[] { filename }, request));
+ }
+ }
+ }
+ }
+ }
+
+ return errors;
+ }
}
diff --git a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/validation/oa/OAOAUTH20ConfigValidation.java b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/validation/oa/OAOAUTH20ConfigValidation.java
index c30c11f5a..205e792fa 100644
--- a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/validation/oa/OAOAUTH20ConfigValidation.java
+++ b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/validation/oa/OAOAUTH20ConfigValidation.java
@@ -28,30 +28,29 @@ import java.util.List;
import javax.servlet.http.HttpServletRequest;
import org.apache.commons.lang.StringUtils;
-import org.apache.log4j.Logger;
import at.gv.egovernment.moa.id.configuration.data.oa.OAOAuth20Config;
import at.gv.egovernment.moa.id.configuration.helper.LanguageHelper;
import at.gv.egovernment.moa.id.protocols.oauth20.OAuth20Util;
+import lombok.extern.slf4j.Slf4j;
+@Slf4j
public class OAOAUTH20ConfigValidation {
-
- private static final Logger log = Logger.getLogger(OAOAUTH20ConfigValidation.class);
-
- public List<String> validate(OAOAuth20Config form, HttpServletRequest request) {
-
- List<String> errors = new ArrayList<String>();
-
- // validate secret
+
+ public List<String> validate(OAOAuth20Config form, HttpServletRequest request) {
+
+ final List<String> errors = new ArrayList<>();
+
+ // validate secret
// if (StringUtils.isEmpty(form.getClientSecret())) {
// errors.add(LanguageHelper.getErrorString("error.oa.oauth.clientSecret"));
// }
-
- // validate redirectUri
- if (StringUtils.isNotEmpty(form.getRedirectUri()) && !OAuth20Util.isUrl(form.getRedirectUri())) {
- errors.add(LanguageHelper.getErrorString("error.oa.oauth.redirecturi", request));
- }
-
- return errors;
- }
+
+ // validate redirectUri
+ if (StringUtils.isNotEmpty(form.getRedirectUri()) && !OAuth20Util.isUrl(form.getRedirectUri())) {
+ errors.add(LanguageHelper.getErrorString("error.oa.oauth.redirecturi", request));
+ }
+
+ return errors;
+ }
}
diff --git a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/validation/oa/OAPVP2ConfigValidation.java b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/validation/oa/OAPVP2ConfigValidation.java
index cbb7c88b2..8e9865a3a 100644
--- a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/validation/oa/OAPVP2ConfigValidation.java
+++ b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/validation/oa/OAPVP2ConfigValidation.java
@@ -33,7 +33,6 @@ import javax.net.ssl.SSLHandshakeException;
import javax.servlet.http.HttpServletRequest;
import org.apache.commons.httpclient.MOAHttpClient;
-import org.apache.log4j.Logger;
import org.opensaml.saml2.metadata.provider.HTTPMetadataProvider;
import org.opensaml.saml2.metadata.provider.MetadataFilter;
import org.opensaml.saml2.metadata.provider.MetadataFilterChain;
@@ -57,186 +56,189 @@ import at.gv.egovernment.moa.id.configuration.helper.LanguageHelper;
import at.gv.egovernment.moa.util.Base64Utils;
import at.gv.egovernment.moa.util.MiscUtil;
import iaik.x509.X509Certificate;
+import lombok.extern.slf4j.Slf4j;
+@Slf4j
public class OAPVP2ConfigValidation {
- private static final Logger log = Logger.getLogger(OAPVP2ConfigValidation.class);
-
- public List<String> validate(OAPVP2Config form, String oaID, HttpServletRequest request) {
-
- Timer timer = null;
- MOAHttpClient httpClient = null;
- HTTPMetadataProvider httpProvider = null;
-
- List<String> errors = new ArrayList<String>();
- try {
- byte[] certSerialized = null;
- if (form.getFileUpload() != null)
- certSerialized = form.getCertificate();
-
- else {
- try {
- //Some databases does not allow the selection of a lob in SQL where expression
- String dbDriver = ConfigurationProvider.getInstance().getConfigurationProperties().getProperty("hibernate.connection.driver_class");
- boolean backupVersion = false;
- if (MiscUtil.isNotEmpty(dbDriver)) {
- for (String el:MOAIDConstants.JDBC_DRIVER_NEEDS_WORKAROUND) {
- if (dbDriver.startsWith(el)) {
- backupVersion = true;
- log.debug("JDBC driver '" + dbDriver
- + "' is blacklisted --> Switch to alternative DB access methode implementation.");
-
- }
-
- }
- }
-
- Map<String, String> oa = ConfigurationProvider.getInstance().getDbRead().getOnlineApplicationKeyValueWithId(oaID, backupVersion);
- if (oa != null &&
- MiscUtil.isNotEmpty(oa.get(MOAIDConfigurationConstants.SERVICE_PROTOCOLS_PVP2X_CERTIFICATE))) {
- certSerialized = Base64Utils.decode(oa.get(MOAIDConfigurationConstants.SERVICE_PROTOCOLS_PVP2X_CERTIFICATE), false);
- form.setStoredCert(certSerialized);
- }
-
- } catch (ConfigurationException e) {
- log.error("MOA-ID-Configuration initialization FAILED.", e);
-
- }
- }
-
- String check = form.getMetaDataURL();
- if (MiscUtil.isNotEmpty(check)) {
-
- if (!ValidationHelper.validateURL(check)) {
- log.info("MetaDataURL has no valid form.");
- errors.add(LanguageHelper.getErrorString("validation.pvp2.metadataurl.valid", request));
-
- } else {
- if (certSerialized == null) {
- log.info("No certificate for metadata validation");
- errors.add(LanguageHelper.getErrorString("validation.pvp2.certificate.notfound", request));
-
- } else {
- if (form.getMetaDataURL().startsWith("http")) {
- X509Certificate cert = new X509Certificate(certSerialized);
- BasicX509Credential credential = new BasicX509Credential();
- credential.setEntityCertificate(cert);
-
- timer = new Timer();
- httpClient = new MOAHttpClient();
-
- if (form.getMetaDataURL().startsWith("https:"))
- try {
- MOAHttpProtocolSocketFactory protoSocketFactory = new MOAHttpProtocolSocketFactory(
- "MOAMetaDataProvider",
- true,
- ConfigurationProvider.getInstance().getCertStoreDirectory(),
- ConfigurationProvider.getInstance().getTrustStoreDirectory(),
- null,
- "pkix",
- true,
- new String[]{"crl"},
- false);
-
- httpClient.setCustomSSLTrustStore(
- form.getMetaDataURL(),
- protoSocketFactory);
-
- } catch (MOAHttpProtocolSocketFactoryException e) {
- log.warn("MOA SSL-TrustStore can not initialized. Use default Java TrustStore.", e);
-
- } catch (ConfigurationException e) {
- log.info("No MOA specific SSL-TrustStore configured. Use default Java TrustStore.");
-
- }
-
- List<MetadataFilter> filterList = new ArrayList<MetadataFilter>();
- filterList.add(new MetaDataVerificationFilter(credential));
-
- try {
- filterList.add(new SchemaValidationFilter(
- ConfigurationProvider.getInstance().isPVPMetadataSchemaValidationActive()));
-
- } catch (ConfigurationException e) {
- log.warn("Configuration access FAILED!", e);
-
- }
-
- MetadataFilterChain filter = new MetadataFilterChain();
- filter.setFilters(filterList);
-
- httpProvider =
- new HTTPMetadataProvider(timer, httpClient, form.getMetaDataURL());
- httpProvider.setParserPool(new BasicParserPool());
- httpProvider.setRequireValidMetadata(true);
- httpProvider.setMetadataFilter(filter);
- httpProvider.setMinRefreshDelay(1000*60*15); //15 minutes
- httpProvider.setMaxRefreshDelay(1000*60*60*24); //24 hours
-
- httpProvider.setRequireValidMetadata(true);
-
- httpProvider.initialize();
-
-
-
-
- if (httpProvider.getMetadata() == null) {
- log.info("Metadata could be received but validation FAILED.");
- errors.add(LanguageHelper.getErrorString("validation.pvp2.metadata.validation", request));
- }
-
- } else {
- log.info("Metadata load validation skipped, because it's no http(s) metadata: " + form.getMetaDataURL());
-
- }
-
- }
- }
- }
-
- } catch (CertificateException e) {
- log.info("Uploaded Certificate can not be found", e);
- errors.add(LanguageHelper.getErrorString("validation.pvp2.certificate.notfound", request));
-
- } catch (IOException e) {
- log.info("Metadata can not be loaded from URL", e);
- errors.add(LanguageHelper.getErrorString("validation.pvp2.metadataurl.read", request));
-
- } catch (MetadataProviderException e) {
-
- try {
- if (e.getCause() != null && e.getCause().getCause() instanceof SSLHandshakeException) {
- log.info("SSL Server certificate not trusted.", e);
- errors.add(LanguageHelper.getErrorString("validation.pvp2.metadata.ssl", request));
-
- } else if (e.getCause() != null && e.getCause().getCause() instanceof SignatureValidationException) {
- log.info("MetaDate verification failed", e);
- errors.add(LanguageHelper.getErrorString("validation.pvp2.metadata.verify.sig", request));
-
- } else if (e.getCause() != null && e.getCause().getCause() instanceof SchemaValidationException) {
- log.info("MetaDate verification failed", e);
- errors.add(LanguageHelper.getErrorString("validation.pvp2.metadata.verify.schema", request));
-
- } else {
- log.info("MetaDate verification failed", e);
- errors.add(LanguageHelper.getErrorString("validation.pvp2.metadata.verify.general", request));
- }
-
- } catch (Exception e1) {
- log.info("MetaDate verification failed", e1);
- errors.add(LanguageHelper.getErrorString("validation.pvp2.metadata.verify.general", request));
-
- }
-
- } finally {
- if (httpProvider != null)
- httpProvider.destroy();
-
- if (timer != null)
- timer.cancel();
-
- }
-
- return errors;
- }
+ public List<String> validate(OAPVP2Config form, String oaID, HttpServletRequest request) {
+
+ Timer timer = null;
+ MOAHttpClient httpClient = null;
+ HTTPMetadataProvider httpProvider = null;
+
+ final List<String> errors = new ArrayList<>();
+ try {
+ byte[] certSerialized = null;
+ if (form.getFileUpload() != null) {
+ certSerialized = form.getCertificate();
+ } else {
+ try {
+ // Some databases does not allow the selection of a lob in SQL where expression
+ final String dbDriver = ConfigurationProvider.getInstance().getConfigurationProperties()
+ .getProperty("hibernate.connection.driver_class");
+ boolean backupVersion = false;
+ if (MiscUtil.isNotEmpty(dbDriver)) {
+ for (final String el : MOAIDConstants.JDBC_DRIVER_NEEDS_WORKAROUND) {
+ if (dbDriver.startsWith(el)) {
+ backupVersion = true;
+ log.debug("JDBC driver '" + dbDriver
+ + "' is blacklisted --> Switch to alternative DB access methode implementation.");
+
+ }
+
+ }
+ }
+
+ final Map<String, String> oa = ConfigurationProvider.getInstance().getDbRead()
+ .getOnlineApplicationKeyValueWithId(oaID, backupVersion);
+ if (oa != null &&
+ MiscUtil.isNotEmpty(oa.get(MOAIDConfigurationConstants.SERVICE_PROTOCOLS_PVP2X_CERTIFICATE))) {
+ certSerialized = Base64Utils.decode(oa.get(
+ MOAIDConfigurationConstants.SERVICE_PROTOCOLS_PVP2X_CERTIFICATE), false);
+ form.setStoredCert(certSerialized);
+ }
+
+ } catch (final ConfigurationException e) {
+ log.error("MOA-ID-Configuration initialization FAILED.", e);
+
+ }
+ }
+
+ final String check = form.getMetaDataURL();
+ if (MiscUtil.isNotEmpty(check)) {
+
+ if (!ValidationHelper.validateURL(check)) {
+ log.info("MetaDataURL has no valid form.");
+ errors.add(LanguageHelper.getErrorString("validation.pvp2.metadataurl.valid", request));
+
+ } else {
+ if (certSerialized == null) {
+ log.info("No certificate for metadata validation");
+ errors.add(LanguageHelper.getErrorString("validation.pvp2.certificate.notfound", request));
+
+ } else {
+ if (form.getMetaDataURL().startsWith("http")) {
+ final X509Certificate cert = new X509Certificate(certSerialized);
+ final BasicX509Credential credential = new BasicX509Credential();
+ credential.setEntityCertificate(cert);
+
+ timer = new Timer();
+ httpClient = new MOAHttpClient();
+
+ if (form.getMetaDataURL().startsWith("https:")) {
+ try {
+ final MOAHttpProtocolSocketFactory protoSocketFactory = new MOAHttpProtocolSocketFactory(
+ "MOAMetaDataProvider",
+ true,
+ ConfigurationProvider.getInstance().getCertStoreDirectory(),
+ ConfigurationProvider.getInstance().getTrustStoreDirectory(),
+ null,
+ "pkix",
+ true,
+ new String[] { "crl" },
+ false);
+
+ httpClient.setCustomSSLTrustStore(
+ form.getMetaDataURL(),
+ protoSocketFactory);
+
+ } catch (final MOAHttpProtocolSocketFactoryException e) {
+ log.warn("MOA SSL-TrustStore can not initialized. Use default Java TrustStore.", e);
+
+ } catch (final ConfigurationException e) {
+ log.info("No MOA specific SSL-TrustStore configured. Use default Java TrustStore.");
+
+ }
+ }
+
+ final List<MetadataFilter> filterList = new ArrayList<>();
+ filterList.add(new MetaDataVerificationFilter(credential));
+
+ try {
+ filterList.add(new SchemaValidationFilter(
+ ConfigurationProvider.getInstance().isPVPMetadataSchemaValidationActive()));
+
+ } catch (final ConfigurationException e) {
+ log.warn("Configuration access FAILED!", e);
+
+ }
+
+ final MetadataFilterChain filter = new MetadataFilterChain();
+ filter.setFilters(filterList);
+
+ httpProvider =
+ new HTTPMetadataProvider(timer, httpClient, form.getMetaDataURL());
+ httpProvider.setParserPool(new BasicParserPool());
+ httpProvider.setRequireValidMetadata(true);
+ httpProvider.setMetadataFilter(filter);
+ httpProvider.setMinRefreshDelay(1000 * 60 * 15); // 15 minutes
+ httpProvider.setMaxRefreshDelay(1000 * 60 * 60 * 24); // 24 hours
+
+ httpProvider.setRequireValidMetadata(true);
+
+ httpProvider.initialize();
+
+ if (httpProvider.getMetadata() == null) {
+ log.info("Metadata could be received but validation FAILED.");
+ errors.add(LanguageHelper.getErrorString("validation.pvp2.metadata.validation", request));
+ }
+
+ } else {
+ log.info("Metadata load validation skipped, because it's no http(s) metadata: " + form
+ .getMetaDataURL());
+
+ }
+
+ }
+ }
+ }
+
+ } catch (final CertificateException e) {
+ log.info("Uploaded Certificate can not be found", e);
+ errors.add(LanguageHelper.getErrorString("validation.pvp2.certificate.notfound", request));
+
+ } catch (final IOException e) {
+ log.info("Metadata can not be loaded from URL", e);
+ errors.add(LanguageHelper.getErrorString("validation.pvp2.metadataurl.read", request));
+
+ } catch (final MetadataProviderException e) {
+
+ try {
+ if (e.getCause() != null && e.getCause().getCause() instanceof SSLHandshakeException) {
+ log.info("SSL Server certificate not trusted.", e);
+ errors.add(LanguageHelper.getErrorString("validation.pvp2.metadata.ssl", request));
+
+ } else if (e.getCause() != null && e.getCause().getCause() instanceof SignatureValidationException) {
+ log.info("MetaDate verification failed", e);
+ errors.add(LanguageHelper.getErrorString("validation.pvp2.metadata.verify.sig", request));
+
+ } else if (e.getCause() != null && e.getCause().getCause() instanceof SchemaValidationException) {
+ log.info("MetaDate verification failed", e);
+ errors.add(LanguageHelper.getErrorString("validation.pvp2.metadata.verify.schema", request));
+
+ } else {
+ log.info("MetaDate verification failed", e);
+ errors.add(LanguageHelper.getErrorString("validation.pvp2.metadata.verify.general", request));
+ }
+
+ } catch (final Exception e1) {
+ log.info("MetaDate verification failed", e1);
+ errors.add(LanguageHelper.getErrorString("validation.pvp2.metadata.verify.general", request));
+
+ }
+
+ } finally {
+ if (httpProvider != null) {
+ httpProvider.destroy();
+ }
+
+ if (timer != null) {
+ timer.cancel();
+ }
+
+ }
+
+ return errors;
+ }
}
diff --git a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/validation/oa/OASAML1ConfigValidation.java b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/validation/oa/OASAML1ConfigValidation.java
index 95104b929..903e8899a 100644
--- a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/validation/oa/OASAML1ConfigValidation.java
+++ b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/validation/oa/OASAML1ConfigValidation.java
@@ -27,25 +27,23 @@ import java.util.List;
import javax.servlet.http.HttpServletRequest;
-import org.apache.log4j.Logger;
-
import at.gv.egovernment.moa.id.configuration.data.oa.OAGeneralConfig;
import at.gv.egovernment.moa.id.configuration.data.oa.OASAML1Config;
import at.gv.egovernment.moa.id.configuration.helper.LanguageHelper;
+import lombok.extern.slf4j.Slf4j;
+@Slf4j
public class OASAML1ConfigValidation {
- private static final Logger log = Logger.getLogger(OASAML1ConfigValidation.class);
-
- public List<String> validate(OASAML1Config form, OAGeneralConfig general, HttpServletRequest request) {
-
- List<String> errors = new ArrayList<String>();
-
- if (general.isBusinessService() && form.isProvideStammZahl()) {
- log.info("ProvideStammZahl can not be used with BusinessService applications");
- errors.add(LanguageHelper.getErrorString("validation.saml1.providestammzahl", request));
- }
-
- return errors;
- }
+ public List<String> validate(OASAML1Config form, OAGeneralConfig general, HttpServletRequest request) {
+
+ final List<String> errors = new ArrayList<>();
+
+ if (general.isBusinessService() && form.isProvideStammZahl()) {
+ log.info("ProvideStammZahl can not be used with BusinessService applications");
+ errors.add(LanguageHelper.getErrorString("validation.saml1.providestammzahl", request));
+ }
+
+ return errors;
+ }
}
diff --git a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/validation/oa/OASSOConfigValidation.java b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/validation/oa/OASSOConfigValidation.java
index 971e11cc4..109257551 100644
--- a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/validation/oa/OASSOConfigValidation.java
+++ b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/validation/oa/OASSOConfigValidation.java
@@ -27,33 +27,31 @@ import java.util.List;
import javax.servlet.http.HttpServletRequest;
-import org.apache.log4j.Logger;
-
import at.gv.egovernment.moa.id.commons.validation.ValidationHelper;
import at.gv.egovernment.moa.id.configuration.data.oa.OASSOConfig;
import at.gv.egovernment.moa.id.configuration.helper.LanguageHelper;
import at.gv.egovernment.moa.util.MiscUtil;
+import lombok.extern.slf4j.Slf4j;
+@Slf4j
public class OASSOConfigValidation {
-
- private static final Logger log = Logger.getLogger(OASSOConfigValidation.class);
-
- public List<String> validate(OASSOConfig form, boolean isAdmin, HttpServletRequest request) {
-
- List<String> errors = new ArrayList<String>();
-
- String urlString = form.getSingleLogOutURL();
- if (MiscUtil.isEmpty(urlString)) {
- log.info("No Single Log-Out URL");
- //TODO: set error if it is implemented
- //errors.add(LanguageHelper.getErrorString("validation.sso.logouturl.empty"));
- } else {
- if (!ValidationHelper.validateURL(urlString) && form.isUseSSO()) {
- log.info("Single Log-Out url validation error");
- errors.add(LanguageHelper.getErrorString("validation.sso.logouturl.valid", request));
- }
- }
-
- return errors;
- }
+
+ public List<String> validate(OASSOConfig form, boolean isAdmin, HttpServletRequest request) {
+
+ final List<String> errors = new ArrayList<>();
+
+ final String urlString = form.getSingleLogOutURL();
+ if (MiscUtil.isEmpty(urlString)) {
+ log.info("No Single Log-Out URL");
+ // TODO: set error if it is implemented
+ // errors.add(LanguageHelper.getErrorString("validation.sso.logouturl.empty"));
+ } else {
+ if (!ValidationHelper.validateURL(urlString) && form.isUseSSO()) {
+ log.info("Single Log-Out url validation error");
+ errors.add(LanguageHelper.getErrorString("validation.sso.logouturl.valid", request));
+ }
+ }
+
+ return errors;
+ }
}
diff --git a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/validation/oa/OASTORKConfigValidation.java b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/validation/oa/OASTORKConfigValidation.java
index 00ccdca8c..a8836145a 100644
--- a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/validation/oa/OASTORKConfigValidation.java
+++ b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/validation/oa/OASTORKConfigValidation.java
@@ -28,60 +28,59 @@ import java.util.List;
import javax.servlet.http.HttpServletRequest;
-import org.apache.log4j.Logger;
-
import at.gv.egovernment.moa.id.commons.MOAIDConstants;
import at.gv.egovernment.moa.id.commons.db.dao.config.deprecated.AttributeProviderPlugin;
import at.gv.egovernment.moa.id.commons.validation.ValidationHelper;
import at.gv.egovernment.moa.id.configuration.data.oa.OASTORKConfig;
import at.gv.egovernment.moa.id.configuration.helper.LanguageHelper;
import at.gv.egovernment.moa.util.MiscUtil;
+import lombok.extern.slf4j.Slf4j;
+@Slf4j
public class OASTORKConfigValidation {
- private static final Logger log = Logger.getLogger(OASTORKConfigValidation.class);
+ public List<String> validate(OASTORKConfig oageneral, HttpServletRequest request) {
+
+ final List<String> errors = new ArrayList<>();
+
+ // check qaa
+ final String qaa = oageneral.getQaa();
+ if (MiscUtil.isNotEmpty(qaa) && !MOAIDConstants.ALLOWED_eIDAS_LOA.contains(qaa)) {
+ log.warn("eIDAS LoA is not allowed : " + qaa);
+ errors.add(LanguageHelper.getErrorString("validation.stork.qaa.outofrange",
+ new Object[] { qaa }, request));
+ }
+
+ if (oageneral.isVidpEnabled()) {
+ final Iterator<AttributeProviderPlugin> interator = oageneral.getAttributeProviderPlugins().iterator();
+ while (interator.hasNext()) {
+ final AttributeProviderPlugin current = interator.next();
+ if (MiscUtil.isEmpty(current.getUrl()) || !ValidationHelper.validateURL(current.getUrl())) {
+ log.info("AttributeProviderPlugin URL has no valid form.");
+ errors.add(LanguageHelper.getErrorString("validation.stork.ap.url.valid", request));
+ }
+ if (MiscUtil.isEmpty(current.getName())) {
+ log.info("AttributeProviderPlugin Name is empty.");
+ errors.add(LanguageHelper.getErrorString("validation.stork.ap.name.empty", request));
- public List<String> validate(OASTORKConfig oageneral, HttpServletRequest request) {
+ } else {
+ if (!oageneral.getAvailableAttributeProviderPlugins().contains(current.getName())) {
+ log.info("AttributeProviderPlugin Name is not supported.");
+ errors.add(LanguageHelper.getErrorString("validation.stork.ap.name.valid", request));
+ }
+ }
- List<String> errors = new ArrayList<String>();
+ if (MiscUtil.isEmpty(current.getAttributes()) || !current.getAttributes().matches(
+ "[a-zA-Z]+(, ?[a-zA-Z]+)*")) {
+ log.info("AttributeProviderPlugin attributes are empty or do not match csv format.");
+ errors.add(LanguageHelper.getErrorString("validation.stork.ap.attributes.valid", request));
+ }
+ }
- // check qaa
- String qaa = oageneral.getQaa();
- if (MiscUtil.isNotEmpty(qaa) && !MOAIDConstants.ALLOWED_eIDAS_LOA.contains(qaa)) {
- log.warn("eIDAS LoA is not allowed : " + qaa);
- errors.add(LanguageHelper.getErrorString("validation.stork.qaa.outofrange",
- new Object[] {qaa}, request ));
- }
-
- if (oageneral.isVidpEnabled()) {
- Iterator<AttributeProviderPlugin> interator = oageneral.getAttributeProviderPlugins().iterator();
- while (interator.hasNext()) {
- AttributeProviderPlugin current = interator.next();
- if (MiscUtil.isEmpty(current.getUrl()) || !ValidationHelper.validateURL(current.getUrl())) {
- log.info("AttributeProviderPlugin URL has no valid form.");
- errors.add(LanguageHelper.getErrorString("validation.stork.ap.url.valid", request));
- }
- if (MiscUtil.isEmpty(current.getName())) {
- log.info("AttributeProviderPlugin Name is empty.");
- errors.add(LanguageHelper.getErrorString("validation.stork.ap.name.empty", request));
-
- } else {
- if (!oageneral.getAvailableAttributeProviderPlugins().contains(current.getName())) {
- log.info("AttributeProviderPlugin Name is not supported.");
- errors.add(LanguageHelper.getErrorString("validation.stork.ap.name.valid", request));
- }
- }
-
- if (MiscUtil.isEmpty(current.getAttributes()) || !current.getAttributes().matches("[a-zA-Z]+(, ?[a-zA-Z]+)*")) {
- log.info("AttributeProviderPlugin attributes are empty or do not match csv format.");
- errors.add(LanguageHelper.getErrorString("validation.stork.ap.attributes.valid", request));
- }
- }
-
- } else {
- oageneral.setAttributeProviderPlugins(null);
- }
+ } else {
+ oageneral.setAttributeProviderPlugins(null);
+ }
- return errors;
- }
+ return errors;
+ }
}
diff --git a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/validation/oa/OATargetConfigValidation.java b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/validation/oa/OATargetConfigValidation.java
index 4807d479e..3e1ed0a38 100644
--- a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/validation/oa/OATargetConfigValidation.java
+++ b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/validation/oa/OATargetConfigValidation.java
@@ -29,8 +29,6 @@ import java.util.regex.Pattern;
import javax.servlet.http.HttpServletRequest;
-import org.apache.log4j.Logger;
-
import at.gv.egovernment.moa.id.commons.validation.ValidationHelper;
import at.gv.egovernment.moa.id.configuration.Constants;
import at.gv.egovernment.moa.id.configuration.data.oa.OAGeneralConfig;
@@ -38,133 +36,133 @@ import at.gv.egovernment.moa.id.configuration.data.oa.OATargetConfiguration;
import at.gv.egovernment.moa.id.configuration.helper.LanguageHelper;
import at.gv.egovernment.moa.id.configuration.validation.CompanyNumberValidator;
import at.gv.egovernment.moa.util.MiscUtil;
+import lombok.extern.slf4j.Slf4j;
+@Slf4j
public class OATargetConfigValidation {
- private static final Logger log = Logger.getLogger(OATargetConfigValidation.class);
-
- public List<String> validate(OATargetConfiguration form, boolean isAdmin, OAGeneralConfig general, HttpServletRequest request) {
-
- List<String> errors = new ArrayList<String>();
- String check;
-
- if (general.isBusinessService()) {
-
- //check identification type
- check = form.getIdentificationType();
- if (!form.getIdentificationTypeList().contains(check)) {
- log.info("IdentificationType is not known.");
- errors.add(LanguageHelper.getErrorString("validation.general.stork.sptarget", request));
- }
-
- //check identification number
- check = form.getIdentificationNumber();
- if (MiscUtil.isEmpty(check)) {
- log.info("Empty IdentificationNumber");
- errors.add(LanguageHelper.getErrorString("validation.general.identificationnumber.empty", request));
-
- } else {
- if (ValidationHelper.containsNotValidCharacter(check, false)) {
- log.warn("IdentificationNumber contains potentail XSS characters: " + check);
- errors.add(LanguageHelper.getErrorString("validation.general.identificationnumber.valid",
- new Object[] {ValidationHelper.getNotValidCharacter(false)}, request ));
- }
-
- if (form.getIdentificationType().equals(Constants.IDENIFICATIONTYPE_FN)) {
- CompanyNumberValidator val = new CompanyNumberValidator();
- if (!val.validate(check)) {
- log.info("Not valid CompanyNumber");
- errors.add(LanguageHelper.getErrorString("validation.general.identificationnumber.fn.valid", request));
- }
-
- } else if (form.getIdentificationType().equals(Constants.IDENIFICATIONTYPE_EIDAS)) {
- Pattern pattern = Pattern.compile("[A-Z,a-z]{2}\\+[A-Z,a-z]{2}");
- Matcher matcher = pattern.matcher(check);
- if (!matcher.matches()) {
- log.info("Not valid eIDAS Target");
- errors.add(LanguageHelper.getErrorString("validation.general.identificationnumber.eidas.valid", request));
-
- }
-
- }
- }
-
- } else {
-
- check = form.getTarget_subsector();
- if (MiscUtil.isNotEmpty(check)) {
- if (!ValidationHelper.isValidAdminTarget(check)) {
- log.info("Not valid Target-Subsector");
- errors.add(LanguageHelper.getErrorString("validation.general.target.subsector.valid", request));
- }
- }
-
-
- if (!isAdmin) {
- //check PublicURL Prefix allows PublicService
- if (!ValidationHelper.isPublicServiceAllowed(general.getIdentifier())) {
- log.warn("PublicURLPrefix does not allow PublicService: " + general.getIdentifier());
- errors.add(LanguageHelper.getErrorString("validation.general.target.publicserviceurl",
- new Object[] {general.getIdentifier()}, request ));
- general.setBusinessService(true);
- return errors;
-
- }
-
- //check Target
- check = form.getTarget();
- if (MiscUtil.isEmpty(check)) {
- log.info("Empty Target");
- errors.add(LanguageHelper.getErrorString("validation.general.target.empty", request));
-
- } else {
- if (!ValidationHelper.isValidTarget(check)) {
- log.info("Not valid Target");
- errors.add(LanguageHelper.getErrorString("validation.general.target.valid", request));
- }
- }
-
- } else {
-
- //check targetFrindlyName();
- check = form.getTargetFriendlyName();
- if (MiscUtil.isNotEmpty(check)) {
- if (ValidationHelper.containsNotValidCharacter(check, false)) {
- log.warn("TargetFriendlyName contains potentail XSS characters: " + check);
- errors.add(LanguageHelper.getErrorString("validation.general.targetfriendlyname",
- new Object[] {ValidationHelper.getNotValidCharacter(false)}, request ));
- }
- }
-
- if (MiscUtil.isEmpty(form.getTarget()) && MiscUtil.isEmpty(form.getTarget_admin())) {
- log.info("Empty Target");
- errors.add(LanguageHelper.getErrorString("validation.general.target.empty", request));
- }
-
- //check Target
- check = form.getTarget();
- if (MiscUtil.isNotEmpty(check)) {
- if (!ValidationHelper.isValidTarget(check)) {
- log.info("Not valid Target");
- errors.add(LanguageHelper.getErrorString("validation.general.target.valid", request));
- }
- }
-
- //check Admin Target
- check = form.getTarget_admin();
- if (MiscUtil.isNotEmpty(check)) {
- if (!ValidationHelper.isValidAdminTarget(check)) {
- log.info("Not valid Target");
- errors.add(LanguageHelper.getErrorString("validation.general.target.admin.valid", request));
- }
- }
- }
- }
-
-
- //foreign bPK configuration
-
-
- return errors;
- }
+ public List<String> validate(OATargetConfiguration form, boolean isAdmin, OAGeneralConfig general,
+ HttpServletRequest request) {
+
+ final List<String> errors = new ArrayList<>();
+ String check;
+
+ if (general.isBusinessService()) {
+
+ // check identification type
+ check = form.getIdentificationType();
+ if (!form.getIdentificationTypeList().contains(check)) {
+ log.info("IdentificationType is not known.");
+ errors.add(LanguageHelper.getErrorString("validation.general.stork.sptarget", request));
+ }
+
+ // check identification number
+ check = form.getIdentificationNumber();
+ if (MiscUtil.isEmpty(check)) {
+ log.info("Empty IdentificationNumber");
+ errors.add(LanguageHelper.getErrorString("validation.general.identificationnumber.empty", request));
+
+ } else {
+ if (ValidationHelper.containsNotValidCharacter(check, false)) {
+ log.warn("IdentificationNumber contains potentail XSS characters: " + check);
+ errors.add(LanguageHelper.getErrorString("validation.general.identificationnumber.valid",
+ new Object[] { ValidationHelper.getNotValidCharacter(false) }, request));
+ }
+
+ if (form.getIdentificationType().equals(Constants.IDENIFICATIONTYPE_FN)) {
+ final CompanyNumberValidator val = new CompanyNumberValidator();
+ if (!val.validate(check)) {
+ log.info("Not valid CompanyNumber");
+ errors.add(LanguageHelper.getErrorString("validation.general.identificationnumber.fn.valid",
+ request));
+ }
+
+ } else if (form.getIdentificationType().equals(Constants.IDENIFICATIONTYPE_EIDAS)) {
+ final Pattern pattern = Pattern.compile("[A-Z,a-z]{2}\\+[A-Z,a-z]{2}");
+ final Matcher matcher = pattern.matcher(check);
+ if (!matcher.matches()) {
+ log.info("Not valid eIDAS Target");
+ errors.add(LanguageHelper.getErrorString("validation.general.identificationnumber.eidas.valid",
+ request));
+
+ }
+
+ }
+ }
+
+ } else {
+
+ check = form.getTarget_subsector();
+ if (MiscUtil.isNotEmpty(check)) {
+ if (!ValidationHelper.isValidAdminTarget(check)) {
+ log.info("Not valid Target-Subsector");
+ errors.add(LanguageHelper.getErrorString("validation.general.target.subsector.valid", request));
+ }
+ }
+
+ if (!isAdmin) {
+ // check PublicURL Prefix allows PublicService
+ if (!ValidationHelper.isPublicServiceAllowed(general.getIdentifier())) {
+ log.warn("PublicURLPrefix does not allow PublicService: " + general.getIdentifier());
+ errors.add(LanguageHelper.getErrorString("validation.general.target.publicserviceurl",
+ new Object[] { general.getIdentifier() }, request));
+ general.setBusinessService(true);
+ return errors;
+
+ }
+
+ // check Target
+ check = form.getTarget();
+ if (MiscUtil.isEmpty(check)) {
+ log.info("Empty Target");
+ errors.add(LanguageHelper.getErrorString("validation.general.target.empty", request));
+
+ } else {
+ if (!ValidationHelper.isValidTarget(check)) {
+ log.info("Not valid Target");
+ errors.add(LanguageHelper.getErrorString("validation.general.target.valid", request));
+ }
+ }
+
+ } else {
+
+ // check targetFrindlyName();
+ check = form.getTargetFriendlyName();
+ if (MiscUtil.isNotEmpty(check)) {
+ if (ValidationHelper.containsNotValidCharacter(check, false)) {
+ log.warn("TargetFriendlyName contains potentail XSS characters: " + check);
+ errors.add(LanguageHelper.getErrorString("validation.general.targetfriendlyname",
+ new Object[] { ValidationHelper.getNotValidCharacter(false) }, request));
+ }
+ }
+
+ if (MiscUtil.isEmpty(form.getTarget()) && MiscUtil.isEmpty(form.getTarget_admin())) {
+ log.info("Empty Target");
+ errors.add(LanguageHelper.getErrorString("validation.general.target.empty", request));
+ }
+
+ // check Target
+ check = form.getTarget();
+ if (MiscUtil.isNotEmpty(check)) {
+ if (!ValidationHelper.isValidTarget(check)) {
+ log.info("Not valid Target");
+ errors.add(LanguageHelper.getErrorString("validation.general.target.valid", request));
+ }
+ }
+
+ // check Admin Target
+ check = form.getTarget_admin();
+ if (MiscUtil.isNotEmpty(check)) {
+ if (!ValidationHelper.isValidAdminTarget(check)) {
+ log.info("Not valid Target");
+ errors.add(LanguageHelper.getErrorString("validation.general.target.admin.valid", request));
+ }
+ }
+ }
+ }
+
+ // foreign bPK configuration
+
+ return errors;
+ }
}
diff --git a/id/moa-id-webgui/pom.xml b/id/moa-id-webgui/pom.xml
index 36275beea..7bc933703 100644
--- a/id/moa-id-webgui/pom.xml
+++ b/id/moa-id-webgui/pom.xml
@@ -60,9 +60,9 @@
</exclusions>
</dependency>
- <dependency>
- <groupId>org.slf4j</groupId>
- <artifactId>slf4j-log4j12</artifactId>
+ <dependency>
+ <groupId>org.apache.logging.log4j</groupId>
+ <artifactId>log4j-slf4j-impl</artifactId>
</dependency>
<dependency>
diff --git a/id/moa-spss-container/pom.xml b/id/moa-spss-container/pom.xml
index e78ebd175..f6fb3ecd7 100644
--- a/id/moa-spss-container/pom.xml
+++ b/id/moa-spss-container/pom.xml
@@ -38,6 +38,17 @@
<layout>default</layout>
<url>https://git.egiz.gv.at/EAAF-Components/plain/eaaf_modules/eaaf_module_moa-sig/repository</url>
</repository>
+ <repository>
+ <id>egiz-commons</id>
+ <url>https://apps.egiz.gv.at/maven</url>
+ <releases>
+ <enabled>true</enabled>
+ <checksumPolicy>ignore</checksumPolicy>
+ </releases>
+ <snapshots>
+ <enabled>false</enabled>
+ </snapshots>
+ </repository>
</repositories>
<build>
@@ -57,37 +68,37 @@
<dependencies>
<dependency>
- <groupId>MOA.spss.server</groupId>
- <artifactId>moa-sig-lib</artifactId>
- <version>3.1.3</version>
- <exclusions>
- <exclusion>
- <groupId>commons-logging</groupId>
- <artifactId>commons-logging</artifactId>
- </exclusion>
- <exclusion>
- <artifactId>*</artifactId>
- <groupId>axis</groupId>
- </exclusion>
- </exclusions>
+ <groupId>moaSig</groupId>
+ <artifactId>moa-sig-lib</artifactId>
+ <version>3.1.4</version>
+ <exclusions>
+ <exclusion>
+ <groupId>commons-logging</groupId>
+ <artifactId>commons-logging</artifactId>
+ </exclusion>
+ <exclusion>
+ <artifactId>*</artifactId>
+ <groupId>axis</groupId>
+ </exclusion>
+ </exclusions>
</dependency>
<!-- MOA-SPSS 3.x -->
<dependency>
- <groupId>MOA.spss</groupId>
- <artifactId>common</artifactId>
- <version>3.1.3</version>
+ <groupId>moaSig</groupId>
+ <artifactId>common</artifactId>
+ <version>3.1.4</version>
</dependency>
<dependency>
- <groupId>MOA.spss</groupId>
- <artifactId>tsl_lib</artifactId>
- <version>2.0.3</version>
+ <groupId>at.gv.egovernment.moa.sig</groupId>
+ <artifactId>tsl-lib</artifactId>
+ <version>2.0.5</version>
</dependency>
<dependency>
<groupId>iaik.prod</groupId>
<artifactId>iaik_cms</artifactId>
- <version>5.1</version>
+ <version>5.1.1</version>
</dependency>
<dependency>
<groupId>iaik.prod</groupId>
@@ -129,7 +140,7 @@
<dependency>
<groupId>iaik.prod</groupId>
<artifactId>iaik_moa</artifactId>
- <version>2.06</version>
+ <version>2.07</version>
</dependency>
<dependency>
<groupId>iaik.prod</groupId>
@@ -162,8 +173,10 @@
<version>2.14_moa</version>
</dependency>
-
-
+ <dependency>
+ <groupId>joda-time</groupId>
+ <artifactId>joda-time</artifactId>
+ </dependency>
<dependency>
<groupId>javax.mail</groupId>
diff --git a/id/oa/pom.xml b/id/oa/pom.xml
index 2897de96b..6dfd29b59 100644
--- a/id/oa/pom.xml
+++ b/id/oa/pom.xml
@@ -98,10 +98,10 @@
<groupId>org.slf4j</groupId>
<artifactId>slf4j-api</artifactId>
</dependency>
- <dependency>
- <groupId>org.slf4j</groupId>
- <artifactId>slf4j-log4j12</artifactId>
- </dependency>
+ <dependency>
+ <groupId>org.apache.logging.log4j</groupId>
+ <artifactId>log4j-slf4j-impl</artifactId>
+ </dependency>
<dependency>
<groupId>MOA.id.server</groupId>
diff --git a/id/oa/src/main/java/at/gv/egovernment/moa/id/demoOA/Configuration.java b/id/oa/src/main/java/at/gv/egovernment/moa/id/demoOA/Configuration.java
index 07edb250d..5db37d2f7 100644
--- a/id/oa/src/main/java/at/gv/egovernment/moa/id/demoOA/Configuration.java
+++ b/id/oa/src/main/java/at/gv/egovernment/moa/id/demoOA/Configuration.java
@@ -35,7 +35,6 @@ import java.util.Timer;
import javax.servlet.http.HttpServletRequest;
import org.apache.commons.httpclient.HttpClient;
-import org.apache.log4j.Logger;
import org.opensaml.DefaultBootstrap;
import org.opensaml.saml2.metadata.provider.HTTPMetadataProvider;
import org.opensaml.xml.parse.BasicParserPool;
@@ -45,11 +44,10 @@ import at.gv.egovernment.moa.id.demoOA.exception.ConfigurationException;
import at.gv.egovernment.moa.id.demoOA.utils.MetaDataVerificationFilter;
import at.gv.egovernment.moa.util.MiscUtil;
import iaik.x509.X509Certificate;
+import lombok.extern.slf4j.Slf4j;
-
+@Slf4j
public class Configuration {
-
- private static final Logger log = Logger.getLogger(Configuration.class);
private Properties props;
private static final String SYSTEM_PROP_CONFIG = "moa.id.demoOA";
diff --git a/id/oa/src/main/java/at/gv/egovernment/moa/id/demoOA/servlet/pvp2/Authenticate.java b/id/oa/src/main/java/at/gv/egovernment/moa/id/demoOA/servlet/pvp2/Authenticate.java
index d4c67cfae..040ec330c 100644
--- a/id/oa/src/main/java/at/gv/egovernment/moa/id/demoOA/servlet/pvp2/Authenticate.java
+++ b/id/oa/src/main/java/at/gv/egovernment/moa/id/demoOA/servlet/pvp2/Authenticate.java
@@ -48,12 +48,10 @@ import org.opensaml.common.impl.SecureRandomIdentifierGenerator;
import org.opensaml.common.xml.SAMLConstants;
import org.opensaml.saml2.binding.encoding.HTTPPostEncoder;
import org.opensaml.saml2.binding.encoding.HTTPRedirectDeflateEncoder;
-import org.opensaml.saml2.common.Extensions;
import org.opensaml.saml2.core.AuthnContextClassRef;
import org.opensaml.saml2.core.AuthnContextComparisonTypeEnumeration;
import org.opensaml.saml2.core.AuthnRequest;
import org.opensaml.saml2.core.Issuer;
-import org.opensaml.saml2.core.NameID;
import org.opensaml.saml2.core.NameIDPolicy;
import org.opensaml.saml2.core.NameIDType;
import org.opensaml.saml2.core.RequestedAuthnContext;
@@ -64,12 +62,10 @@ import org.opensaml.saml2.metadata.SingleSignOnService;
import org.opensaml.saml2.metadata.impl.SingleSignOnServiceBuilder;
import org.opensaml.saml2.metadata.provider.HTTPMetadataProvider;
import org.opensaml.ws.transport.http.HttpServletResponseAdapter;
-import org.opensaml.xml.XMLObject;
import org.opensaml.xml.io.Marshaller;
import org.opensaml.xml.io.MarshallingException;
import org.opensaml.xml.io.Unmarshaller;
import org.opensaml.xml.io.UnmarshallingException;
-import org.opensaml.xml.schema.XSAny;
import org.opensaml.xml.security.x509.KeyStoreX509CredentialAdapter;
import org.opensaml.xml.security.x509.X509Credential;
import org.opensaml.xml.signature.Signature;
@@ -82,296 +78,299 @@ import org.xml.sax.SAXException;
import at.gv.egiz.eaaf.core.api.data.EAAFConstants;
import at.gv.egiz.eaaf.core.impl.utils.DOMUtils;
-import at.gv.egiz.eaaf.core.impl.utils.EAAFDomEntityResolver;
import at.gv.egovernment.moa.id.demoOA.Configuration;
import at.gv.egovernment.moa.id.demoOA.exception.ConfigurationException;
import at.gv.egovernment.moa.id.demoOA.utils.SAML2Utils;
import at.gv.egovernment.moa.util.MiscUtil;
-
-
/**
* Servlet implementation class Authenticate
*/
public class Authenticate extends HttpServlet {
- private static final long serialVersionUID = 1L;
-
- private static final Logger log = LoggerFactory
- .getLogger(Authenticate.class);
-
- /**
- * @see HttpServlet#HttpServlet()
- */
- public Authenticate() {
- super();
- DocumentBuilderFactory factory = DocumentBuilderFactory.newInstance();
- factory.setNamespaceAware(true);
- try {
- builder = factory.newDocumentBuilder();
-
- } catch (ParserConfigurationException e) {
- log.warn("PVP2 AuthenticationServlet can not be initialized.", e);
- }
- }
-
- DocumentBuilder builder;
-
-
- //generate AuthenticationRequest
- protected void process(HttpServletRequest request,
- HttpServletResponse response, Map<String,String> legacyParameter) throws ServletException, IOException {
- try {
-
- Configuration config = Configuration.getInstance();
- config.initializePVP2Login();
-
- AuthnRequest authReq = SAML2Utils
- .createSAMLObject(AuthnRequest.class);
- SecureRandomIdentifierGenerator gen = new SecureRandomIdentifierGenerator();
- authReq.setID(gen.generateIdentifier());
-
- String relayState = String.valueOf(RandomUtils.nextLong());
-
- if (config.useRedirectBindingResponse())
- authReq.setAssertionConsumerServiceIndex(1);
- else
- authReq.setAssertionConsumerServiceIndex(0);
-
- authReq.setAttributeConsumingServiceIndex(0);
-
- authReq.setIssueInstant(new DateTime());
+ private static final long serialVersionUID = 1L;
+
+ private static final Logger log = LoggerFactory
+ .getLogger(Authenticate.class);
+
+ /**
+ * @see HttpServlet#HttpServlet()
+ */
+ public Authenticate() {
+ super();
+ final DocumentBuilderFactory factory = DocumentBuilderFactory.newInstance();
+ factory.setNamespaceAware(true);
+ try {
+ builder = factory.newDocumentBuilder();
+
+ } catch (final ParserConfigurationException e) {
+ log.warn("PVP2 AuthenticationServlet can not be initialized.", e);
+ }
+ }
+
+ DocumentBuilder builder;
+
+ // generate AuthenticationRequest
+ protected void process(HttpServletRequest request,
+ HttpServletResponse response, Map<String, String> legacyParameter) throws ServletException,
+ IOException {
+ try {
+
+ final Configuration config = Configuration.getInstance();
+ config.initializePVP2Login();
+
+ AuthnRequest authReq = SAML2Utils
+ .createSAMLObject(AuthnRequest.class);
+ final SecureRandomIdentifierGenerator gen = new SecureRandomIdentifierGenerator();
+ authReq.setID(gen.generateIdentifier());
+
+ final String relayState = String.valueOf(RandomUtils.nextLong());
+
+ if (config.useRedirectBindingResponse()) {
+ authReq.setAssertionConsumerServiceIndex(1);
+ } else {
+ authReq.setAssertionConsumerServiceIndex(0);
+ }
+
+ authReq.setAttributeConsumingServiceIndex(0);
+
+ authReq.setIssueInstant(new DateTime());
// Subject subject = SAML2Utils.createSAMLObject(Subject.class);
// NameID name = SAML2Utils.createSAMLObject(NameID.class);
- Issuer issuer = SAML2Utils.createSAMLObject(Issuer.class);
-
- String serviceURL = config.getPublicUrlPreFix(request);
- if (!serviceURL.endsWith("/"))
- serviceURL = serviceURL + "/";
- //name.setValue(serviceURL);
- issuer.setValue(serviceURL);
-
+ final Issuer issuer = SAML2Utils.createSAMLObject(Issuer.class);
+
+ String serviceURL = config.getPublicUrlPreFix(request);
+ if (!serviceURL.endsWith("/")) {
+ serviceURL = serviceURL + "/";
+ }
+ // name.setValue(serviceURL);
+ issuer.setValue(serviceURL);
+
// subject.setNameID(name);
// authReq.setSubject(subject);
- issuer.setFormat(NameIDType.ENTITY);
- authReq.setIssuer(issuer);
-
- if (config.setNameIdPolicy()) {
- NameIDPolicy policy = SAML2Utils.createSAMLObject(NameIDPolicy.class);
- policy.setAllowCreate(true);
- policy.setFormat(NameID.PERSISTENT);
- authReq.setNameIDPolicy(policy);
- }
-
- String entityname = config.getPVP2IDPMetadataEntityName();
- if (MiscUtil.isEmpty(entityname)) {
- log.info("No IDP EntityName configurated");
- throw new ConfigurationException("No IDP EntityName configurated");
- }
-
- //get IDP metadata from metadataprovider
- HTTPMetadataProvider idpmetadata = config.getMetaDataProvier();
- EntityDescriptor idpEntity = idpmetadata.getEntityDescriptor(entityname);
- if (idpEntity == null) {
- log.info("IDP EntityName is not found in IDP Metadata");
- throw new ConfigurationException("IDP EntityName is not found in IDP Metadata");
- }
-
- //select authentication-service url from metadata
- SingleSignOnService redirectEndpoint = null;
- for (SingleSignOnService sss :
- idpEntity.getIDPSSODescriptor(SAMLConstants.SAML20P_NS).getSingleSignOnServices()) {
-
- //Get the service address for the binding you wish to use
- if (sss.getBinding().equals(SAMLConstants.SAML2_POST_BINDING_URI) && !config.useRedirectBindingRequest()) {
- redirectEndpoint = sss;
- }
-
- //Get the service address for the binding you wish to use
- if (sss.getBinding().equals(SAMLConstants.SAML2_REDIRECT_BINDING_URI) && config.useRedirectBindingRequest()) {
- redirectEndpoint = sss;
- }
-
- }
-
- if (redirectEndpoint == null) {
- log.warn("Can not find valid EndPoint for SAML2 response");
- throw new ConfigurationException("Can not find valid EndPoint for SAML2 response");
-
- }
-
- authReq.setDestination(redirectEndpoint.getLocation());
-
- //authReq.setDestination("http://test.test.test");
-
- if (config.setAuthnContextClassRef()) {
- RequestedAuthnContext reqAuthContext =
- SAML2Utils.createSAMLObject(RequestedAuthnContext.class);
- AuthnContextClassRef authnClassRef =
- SAML2Utils.createSAMLObject(AuthnContextClassRef.class);
-
- if (MiscUtil.isNotEmpty(config.getAuthnContextClassRefValue())) {
- authnClassRef.setAuthnContextClassRef(config.getAuthnContextClassRefValue());
-
- } else {
- authnClassRef.setAuthnContextClassRef("http://www.stork.gov.eu/1.0/citizenQAALevel/4");
-
- }
-
- reqAuthContext.setComparison(AuthnContextComparisonTypeEnumeration.MINIMUM);
- reqAuthContext.getAuthnContextClassRefs().add(authnClassRef);
- authReq.setRequestedAuthnContext(reqAuthContext);
- }
-
- if (StringUtils.isNotEmpty(config.getScopeRequesterId())) {
- Scoping scope = SAML2Utils.createSAMLObject(Scoping.class);
- RequesterID requesterId = SAML2Utils.createSAMLObject(RequesterID.class);
- requesterId.setRequesterID(config.getScopeRequesterId());
- scope.getRequesterIDs().add(requesterId );
- authReq.setScoping(scope );
-
- }
-
- if (config.isEidasProxySimulatorEnabled()) {
- authReq = injectEidasMsProxyAttributes(request, authReq);
-
- }
-
-
- //sign authentication request
- KeyStore keyStore = config.getPVP2KeyStore();
- X509Credential authcredential = new KeyStoreX509CredentialAdapter(
- keyStore,
- config.getPVP2KeystoreAuthRequestKeyAlias(),
- config.getPVP2KeystoreAuthRequestKeyPassword().toCharArray());
-
- Signature signer = SAML2Utils.createSAMLObject(Signature.class);
- signer.setSignatureAlgorithm(SignatureConstants.ALGO_ID_SIGNATURE_RSA_SHA1);
- signer.setCanonicalizationAlgorithm(SignatureConstants.ALGO_ID_C14N_EXCL_OMIT_COMMENTS);
- signer.setSigningCredential(authcredential);
- authReq.setSignature(signer);
-
-
- if (!config.useRedirectBindingRequest()) {
- //generate Http-POST Binding message
- VelocityEngine engine = new VelocityEngine();
- engine.setProperty(RuntimeConstants.ENCODING_DEFAULT, "UTF-8");
- engine.setProperty(RuntimeConstants.OUTPUT_ENCODING, "UTF-8");
- engine.setProperty(RuntimeConstants.ENCODING_DEFAULT, "UTF-8");
- engine.setProperty(RuntimeConstants.RESOURCE_LOADER, "classpath");
- engine.setProperty("classpath.resource.loader.class",
- "org.apache.velocity.runtime.resource.loader.ClasspathResourceLoader");
- engine.setProperty(RuntimeConstants.RUNTIME_LOG_LOGSYSTEM_CLASS,
- "org.apache.velocity.runtime.log.SimpleLog4JLogSystem");
- engine.init();
-
- HTTPPostEncoder encoder = new HTTPPostEncoder(engine,
- "templates/pvp_postbinding_template.html");
- HttpServletResponseAdapter responseAdapter = new HttpServletResponseAdapter(
- response, true);
- BasicSAMLMessageContext<SAMLObject, SAMLObject, SAMLObject> context = new BasicSAMLMessageContext<SAMLObject, SAMLObject, SAMLObject>();
- SingleSignOnService service = new SingleSignOnServiceBuilder()
- .buildObject();
- service.setBinding("urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST");
- service.setLocation(redirectEndpoint.getLocation());;
- context.setOutboundSAMLMessageSigningCredential(authcredential);
- context.setPeerEntityEndpoint(service);
- context.setOutboundSAMLMessage(authReq);
- context.setOutboundMessageTransport(responseAdapter);
- context.setRelayState(relayState);
- encoder.encode(context);
-
- } else {
- //generate Redirect Binding message
- HTTPRedirectDeflateEncoder encoder = new HTTPRedirectDeflateEncoder();
- HttpServletResponseAdapter responseAdapter = new HttpServletResponseAdapter(
- response, true);
- BasicSAMLMessageContext<SAMLObject, SAMLObject, SAMLObject> context = new BasicSAMLMessageContext<SAMLObject, SAMLObject, SAMLObject>();
- SingleSignOnService service = new SingleSignOnServiceBuilder()
- .buildObject();
- service.setBinding(SAMLConstants.SAML2_REDIRECT_BINDING_URI);
- service.setLocation(redirectEndpoint.getLocation());
- context.setOutboundSAMLMessageSigningCredential(authcredential);
- context.setPeerEntityEndpoint(service);
- context.setOutboundSAMLMessage(authReq);
- context.setOutboundMessageTransport(responseAdapter);
- context.setRelayState(relayState);
- encoder.encode(context);
-
- }
-
- } catch (Exception e) {
- log.warn("Authentication Request can not be generated", e);
- throw new ServletException("Authentication Request can not be generated.", e);
- }
- }
-
-
- private AuthnRequest injectEidasMsProxyAttributes(HttpServletRequest request, AuthnRequest authReq)
- throws SAXException, IOException, ParserConfigurationException, MarshallingException, UnmarshallingException {
-
- //build extension from template
- String xmlTemplate = IOUtils.toString(
- Authenticate.class.getResourceAsStream("/templates/reqAttributes.xml"),
- StandardCharsets.UTF_8);
-
- String target = EAAFConstants.URN_PREFIX_EIDAS + "AT+" + getParameterOrDefault(request, "eidasCountry", "DE");
- String loa = EAAFConstants.EIDAS_LOA_PREFIX + getParameterOrDefault(request, "loa", "high");
- String eidasConnector = "https://simple.test/" + getParameterOrDefault(request, "eidasIdPostfix", "test");
- String xmlString = MessageFormat.format(xmlTemplate, target, loa, eidasConnector);
+ issuer.setFormat(NameIDType.ENTITY);
+ authReq.setIssuer(issuer);
+
+ if (config.setNameIdPolicy()) {
+ final NameIDPolicy policy = SAML2Utils.createSAMLObject(NameIDPolicy.class);
+ policy.setAllowCreate(true);
+ policy.setFormat(NameIDType.PERSISTENT);
+ authReq.setNameIDPolicy(policy);
+ }
+
+ final String entityname = config.getPVP2IDPMetadataEntityName();
+ if (MiscUtil.isEmpty(entityname)) {
+ log.info("No IDP EntityName configurated");
+ throw new ConfigurationException("No IDP EntityName configurated");
+ }
+
+ // get IDP metadata from metadataprovider
+ final HTTPMetadataProvider idpmetadata = config.getMetaDataProvier();
+ final EntityDescriptor idpEntity = idpmetadata.getEntityDescriptor(entityname);
+ if (idpEntity == null) {
+ log.info("IDP EntityName is not found in IDP Metadata");
+ throw new ConfigurationException("IDP EntityName is not found in IDP Metadata");
+ }
+
+ // select authentication-service url from metadata
+ SingleSignOnService redirectEndpoint = null;
+ for (final SingleSignOnService sss : idpEntity.getIDPSSODescriptor(SAMLConstants.SAML20P_NS)
+ .getSingleSignOnServices()) {
+
+ // Get the service address for the binding you wish to use
+ if (sss.getBinding().equals(SAMLConstants.SAML2_POST_BINDING_URI) && !config
+ .useRedirectBindingRequest()) {
+ redirectEndpoint = sss;
+ }
+
+ // Get the service address for the binding you wish to use
+ if (sss.getBinding().equals(SAMLConstants.SAML2_REDIRECT_BINDING_URI) && config
+ .useRedirectBindingRequest()) {
+ redirectEndpoint = sss;
+ }
+
+ }
+
+ if (redirectEndpoint == null) {
+ log.warn("Can not find valid EndPoint for SAML2 response");
+ throw new ConfigurationException("Can not find valid EndPoint for SAML2 response");
+
+ }
+
+ authReq.setDestination(redirectEndpoint.getLocation());
+
+ // authReq.setDestination("http://test.test.test");
+
+ if (config.setAuthnContextClassRef()) {
+ final RequestedAuthnContext reqAuthContext =
+ SAML2Utils.createSAMLObject(RequestedAuthnContext.class);
+ final AuthnContextClassRef authnClassRef =
+ SAML2Utils.createSAMLObject(AuthnContextClassRef.class);
+
+ if (MiscUtil.isNotEmpty(config.getAuthnContextClassRefValue())) {
+ authnClassRef.setAuthnContextClassRef(config.getAuthnContextClassRefValue());
+
+ } else {
+ authnClassRef.setAuthnContextClassRef("http://www.stork.gov.eu/1.0/citizenQAALevel/4");
+
+ }
+
+ reqAuthContext.setComparison(AuthnContextComparisonTypeEnumeration.MINIMUM);
+ reqAuthContext.getAuthnContextClassRefs().add(authnClassRef);
+ authReq.setRequestedAuthnContext(reqAuthContext);
+ }
+
+ if (StringUtils.isNotEmpty(config.getScopeRequesterId())) {
+ final Scoping scope = SAML2Utils.createSAMLObject(Scoping.class);
+ final RequesterID requesterId = SAML2Utils.createSAMLObject(RequesterID.class);
+ requesterId.setRequesterID(config.getScopeRequesterId());
+ scope.getRequesterIDs().add(requesterId);
+ authReq.setScoping(scope);
+
+ }
+
+ if (config.isEidasProxySimulatorEnabled()) {
+ authReq = injectEidasMsProxyAttributes(request, authReq);
+
+ }
+
+ // sign authentication request
+ final KeyStore keyStore = config.getPVP2KeyStore();
+ final X509Credential authcredential = new KeyStoreX509CredentialAdapter(
+ keyStore,
+ config.getPVP2KeystoreAuthRequestKeyAlias(),
+ config.getPVP2KeystoreAuthRequestKeyPassword().toCharArray());
+
+ final Signature signer = SAML2Utils.createSAMLObject(Signature.class);
+ signer.setSignatureAlgorithm(SignatureConstants.ALGO_ID_SIGNATURE_RSA_SHA1);
+ signer.setCanonicalizationAlgorithm(SignatureConstants.ALGO_ID_C14N_EXCL_OMIT_COMMENTS);
+ signer.setSigningCredential(authcredential);
+ authReq.setSignature(signer);
+
+ if (!config.useRedirectBindingRequest()) {
+ // generate Http-POST Binding message
+ final VelocityEngine engine = new VelocityEngine();
+ engine.setProperty(RuntimeConstants.ENCODING_DEFAULT, "UTF-8");
+ engine.setProperty(RuntimeConstants.OUTPUT_ENCODING, "UTF-8");
+ engine.setProperty(RuntimeConstants.ENCODING_DEFAULT, "UTF-8");
+ engine.setProperty(RuntimeConstants.RESOURCE_LOADER, "classpath");
+ engine.setProperty("classpath.resource.loader.class",
+ "org.apache.velocity.runtime.resource.loader.ClasspathResourceLoader");
+ engine.setProperty(RuntimeConstants.RUNTIME_LOG_LOGSYSTEM_CLASS,
+ "org.apache.velocity.runtime.log.SimpleLog4JLogSystem");
+ engine.init();
+
+ final HTTPPostEncoder encoder = new HTTPPostEncoder(engine,
+ "templates/pvp_postbinding_template.html");
+ final HttpServletResponseAdapter responseAdapter = new HttpServletResponseAdapter(
+ response, true);
+ final BasicSAMLMessageContext<SAMLObject, SAMLObject, SAMLObject> context =
+ new BasicSAMLMessageContext<>();
+ final SingleSignOnService service = new SingleSignOnServiceBuilder()
+ .buildObject();
+ service.setBinding("urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST");
+ service.setLocation(redirectEndpoint.getLocation());
+ context.setOutboundSAMLMessageSigningCredential(authcredential);
+ context.setPeerEntityEndpoint(service);
+ context.setOutboundSAMLMessage(authReq);
+ context.setOutboundMessageTransport(responseAdapter);
+ context.setRelayState(relayState);
+ encoder.encode(context);
+
+ } else {
+ // generate Redirect Binding message
+ final HTTPRedirectDeflateEncoder encoder = new HTTPRedirectDeflateEncoder();
+ final HttpServletResponseAdapter responseAdapter = new HttpServletResponseAdapter(
+ response, true);
+ final BasicSAMLMessageContext<SAMLObject, SAMLObject, SAMLObject> context =
+ new BasicSAMLMessageContext<>();
+ final SingleSignOnService service = new SingleSignOnServiceBuilder()
+ .buildObject();
+ service.setBinding(SAMLConstants.SAML2_REDIRECT_BINDING_URI);
+ service.setLocation(redirectEndpoint.getLocation());
+ context.setOutboundSAMLMessageSigningCredential(authcredential);
+ context.setPeerEntityEndpoint(service);
+ context.setOutboundSAMLMessage(authReq);
+ context.setOutboundMessageTransport(responseAdapter);
+ context.setRelayState(relayState);
+ encoder.encode(context);
+
+ }
+
+ } catch (final Exception e) {
+ log.warn("Authentication Request can not be generated", e);
+ throw new ServletException("Authentication Request can not be generated.", e);
+ }
+ }
+
+ private AuthnRequest injectEidasMsProxyAttributes(HttpServletRequest request, AuthnRequest authReq)
+ throws SAXException, IOException, ParserConfigurationException, MarshallingException,
+ UnmarshallingException {
+
+ // build extension from template
+ final String xmlTemplate = IOUtils.toString(
+ Authenticate.class.getResourceAsStream("/templates/reqAttributes.xml"),
+ StandardCharsets.UTF_8);
+
+ final String target = EAAFConstants.URN_PREFIX_EIDAS + "AT+" + getParameterOrDefault(request,
+ "eidasCountry", "DE");
+ final String loa = EAAFConstants.EIDAS_LOA_PREFIX + getParameterOrDefault(request, "loa", "high");
+ final String eidasConnector = "https://simple.test/" + getParameterOrDefault(request, "eidasIdPostfix",
+ "test");
+ final String xmlString = MessageFormat.format(xmlTemplate, target, loa, eidasConnector);
log.debug("Formated requested attributes: " + xmlString);
-
- Document extension = DOMUtils.parseDocument(xmlString, false, null, null);
-
-
- //marshalle, inject, and unmarshalle request to set extension
- //TODO: find better solution, be it is good enough for a first simple test
+
+ final Document extension = DOMUtils.parseDocument(xmlString, false, null, null);
+
+ // marshalle, inject, and unmarshalle request to set extension
+ // TODO: find better solution, be it is good enough for a first simple test
DocumentBuilder builder;
- DocumentBuilderFactory factory = DocumentBuilderFactory.newInstance();
+ final DocumentBuilderFactory factory = DocumentBuilderFactory.newInstance();
builder = factory.newDocumentBuilder();
- Document document = builder.newDocument();
- Marshaller out = org.opensaml.Configuration.getMarshallerFactory().getMarshaller(authReq);
+ final Document document = builder.newDocument();
+ final Marshaller out = org.opensaml.xml.Configuration.getMarshallerFactory().getMarshaller(authReq);
out.marshall(authReq, document);
-
- Node extElement = document.importNode(extension.getDocumentElement(), true);
- //document.getDocumentElement().appendChild(extElement);
+
+ final Node extElement = document.importNode(extension.getDocumentElement(), true);
+ // document.getDocumentElement().appendChild(extElement);
document.getDocumentElement().insertBefore(extElement, document.getChildNodes().item(2));
-
- Unmarshaller in = org.opensaml.Configuration.getUnmarshallerFactory().getUnmarshaller(document.getDocumentElement());
+
+ final Unmarshaller in = org.opensaml.xml.Configuration.getUnmarshallerFactory().getUnmarshaller(document
+ .getDocumentElement());
return (AuthnRequest) in.unmarshall(document.getDocumentElement());
-
+
}
-
-
+
private String getParameterOrDefault(HttpServletRequest request, String paramName, String defaultValue) {
- String reqParam = request.getParameter(paramName);
+ final String reqParam = request.getParameter(paramName);
if (MiscUtil.isEmpty(reqParam)) {
return defaultValue;
-
+
} else {
return reqParam;
-
+
}
-
+
}
+ /**
+ * @see HttpServlet#doGet(HttpServletRequest request, HttpServletResponse
+ * response)
+ */
+ @Override
+ protected void doGet(HttpServletRequest request,
+ HttpServletResponse response) throws ServletException, IOException {
+
+ process(request, response, null);
+ }
/**
- * @see HttpServlet#doGet(HttpServletRequest request, HttpServletResponse
- * response)
- */
- protected void doGet(HttpServletRequest request,
- HttpServletResponse response) throws ServletException, IOException {
-
- process(request, response, null);
- }
-
- /**
- * @see HttpServlet#doPost(HttpServletRequest request, HttpServletResponse
- * response)
- */
- protected void doPost(HttpServletRequest request,
- HttpServletResponse response) throws ServletException, IOException {
- process(request, response, null);
- }
+ * @see HttpServlet#doPost(HttpServletRequest request, HttpServletResponse
+ * response)
+ */
+ @Override
+ protected void doPost(HttpServletRequest request,
+ HttpServletResponse response) throws ServletException, IOException {
+ process(request, response, null);
+ }
}
diff --git a/id/oa/src/main/java/at/gv/egovernment/moa/id/demoOA/servlet/pvp2/BuildMetadata.java b/id/oa/src/main/java/at/gv/egovernment/moa/id/demoOA/servlet/pvp2/BuildMetadata.java
index d28f94fd6..005291082 100644
--- a/id/oa/src/main/java/at/gv/egovernment/moa/id/demoOA/servlet/pvp2/BuildMetadata.java
+++ b/id/oa/src/main/java/at/gv/egovernment/moa/id/demoOA/servlet/pvp2/BuildMetadata.java
@@ -42,7 +42,6 @@ import javax.xml.transform.TransformerFactoryConfigurationError;
import javax.xml.transform.dom.DOMSource;
import javax.xml.transform.stream.StreamResult;
-import org.apache.log4j.Logger;
import org.joda.time.DateTime;
import org.opensaml.common.impl.SecureRandomIdentifierGenerator;
import org.opensaml.common.xml.SAMLConstants;
@@ -75,267 +74,263 @@ import at.gv.egovernment.moa.id.demoOA.exception.ConfigurationException;
import at.gv.egovernment.moa.id.demoOA.utils.AttributeListBuilder;
import at.gv.egovernment.moa.id.demoOA.utils.SAML2Utils;
import at.gv.egovernment.moa.util.MiscUtil;
+import lombok.extern.slf4j.Slf4j;
-
+@Slf4j
public class BuildMetadata extends HttpServlet {
- Logger log = Logger.getLogger(BuildMetadata.class);
-
- private static final long serialVersionUID = 1L;
-
- private static final int VALIDUNTIL_IN_HOURS = 24;
-
- /**
- * @see HttpServlet#HttpServlet()
- */
- public BuildMetadata() {
- super();
- }
-
- protected static Signature getSignature(Credential credentials) {
- Signature signer = SAML2Utils.createSAMLObject(Signature.class);
- signer.setSignatureAlgorithm(SignatureConstants.ALGO_ID_SIGNATURE_RSA_SHA256);
- signer.setCanonicalizationAlgorithm(SignatureConstants.ALGO_ID_C14N_EXCL_OMIT_COMMENTS);
- signer.setSigningCredential(credentials);
- return signer;
- }
-
- /**
- * @see HttpServlet#doGet(HttpServletRequest request, HttpServletResponse
- * response)
- */
- protected void doGet(HttpServletRequest request,
- HttpServletResponse response) throws ServletException, IOException {
- try {
- Configuration config = Configuration.getInstance();
-
- SecureRandomIdentifierGenerator idGen = new SecureRandomIdentifierGenerator();
-
- EntitiesDescriptor spEntitiesDescriptor = SAML2Utils.
- createSAMLObject(EntitiesDescriptor.class);
-
- DateTime date = new DateTime();
- spEntitiesDescriptor.setValidUntil(date.plusHours(VALIDUNTIL_IN_HOURS));
-
- String name = config.getPVP2MetadataEntitiesName();
- if (MiscUtil.isEmpty(name)) {
- log.info("NO Metadata EntitiesName configurated");
- throw new ConfigurationException("NO Metadata EntitiesName configurated");
- }
-
- spEntitiesDescriptor.setName(name);
- spEntitiesDescriptor.setID(idGen.generateIdentifier());
-
- //set period of validity for metadata information
- DateTime validUntil = new DateTime();
- spEntitiesDescriptor.setValidUntil(validUntil.plusDays(7));
-
-
- EntityDescriptor spEntityDescriptor = SAML2Utils
- .createSAMLObject(EntityDescriptor.class);
-
- spEntityDescriptor.setValidUntil(date.plusDays(VALIDUNTIL_IN_HOURS));
-
- spEntitiesDescriptor.getEntityDescriptors().add(spEntityDescriptor);
-
- //set OA-ID (PublicURL Prefix) as identifier
- String serviceURL = config.getPublicUrlPreFix(request);
- if (!serviceURL.endsWith("/"))
- serviceURL = serviceURL + "/";
-
- log.debug("Set OnlineApplicationURL to " + serviceURL);
- spEntityDescriptor.setEntityID(serviceURL);
-
- SPSSODescriptor spSSODescriptor = SAML2Utils
- .createSAMLObject(SPSSODescriptor.class);
-
- spSSODescriptor.setAuthnRequestsSigned(true);
- spSSODescriptor.setWantAssertionsSigned(true);
-
- X509KeyInfoGeneratorFactory keyInfoFactory = new X509KeyInfoGeneratorFactory();
- keyInfoFactory.setEmitEntityCertificate(true);
- KeyInfoGenerator keyInfoGenerator = keyInfoFactory.newInstance();
-
-
- KeyStore keyStore = config.getPVP2KeyStore();
-
- X509Credential signingcredential = new KeyStoreX509CredentialAdapter(
- keyStore,
- config.getPVP2KeystoreMetadataKeyAlias(),
- config.getPVP2KeystoreMetadataKeyPassword().toCharArray());
-
-
- log.debug("Set Metadata key information");
- //Set MetaData Signing key
- KeyDescriptor entitiesSignKeyDescriptor = SAML2Utils
- .createSAMLObject(KeyDescriptor.class);
- entitiesSignKeyDescriptor.setUse(UsageType.SIGNING);
- entitiesSignKeyDescriptor.setKeyInfo(keyInfoGenerator.generate(signingcredential));
- Signature entitiesSignature = getSignature(signingcredential);
- spEntitiesDescriptor.setSignature(entitiesSignature);
-
-
- //Set AuthRequest Signing certificate
- X509Credential authcredential = new KeyStoreX509CredentialAdapter(
- keyStore,
- config.getPVP2KeystoreAuthRequestKeyAlias(),
- config.getPVP2KeystoreAuthRequestKeyPassword().toCharArray());
- KeyDescriptor signKeyDescriptor = SAML2Utils
- .createSAMLObject(KeyDescriptor.class);
-
- signKeyDescriptor.setUse(UsageType.SIGNING);
- signKeyDescriptor.setKeyInfo(keyInfoGenerator.generate(authcredential));
-
- spSSODescriptor.getKeyDescriptors().add(signKeyDescriptor);
-
-
- //set AuthRequest encryption certificate
- if (MiscUtil.isNotEmpty(config.getPVP2KeystoreAuthRequestEncryptionKeyAlias()) ||
- MiscUtil.isNotEmpty(config.getPVP2KeystoreAuthRequestEncryptionKeyPassword())) {
- X509Credential authEncCredential = new KeyStoreX509CredentialAdapter(
- keyStore,
- config.getPVP2KeystoreAuthRequestEncryptionKeyAlias(),
- config.getPVP2KeystoreAuthRequestEncryptionKeyPassword().toCharArray());
- KeyDescriptor encryKeyDescriptor = SAML2Utils
- .createSAMLObject(KeyDescriptor.class);
- encryKeyDescriptor.setUse(UsageType.ENCRYPTION);
- encryKeyDescriptor.setKeyInfo(keyInfoGenerator.generate(authEncCredential));
-
- //set encryption methode
+
+ private static final long serialVersionUID = 1L;
+
+ private static final int VALIDUNTIL_IN_HOURS = 24;
+
+ /**
+ * @see HttpServlet#HttpServlet()
+ */
+ public BuildMetadata() {
+ super();
+ }
+
+ protected static Signature getSignature(Credential credentials) {
+ final Signature signer = SAML2Utils.createSAMLObject(Signature.class);
+ signer.setSignatureAlgorithm(SignatureConstants.ALGO_ID_SIGNATURE_RSA_SHA256);
+ signer.setCanonicalizationAlgorithm(SignatureConstants.ALGO_ID_C14N_EXCL_OMIT_COMMENTS);
+ signer.setSigningCredential(credentials);
+ return signer;
+ }
+
+ /**
+ * @see HttpServlet#doGet(HttpServletRequest request, HttpServletResponse
+ * response)
+ */
+ @Override
+ protected void doGet(HttpServletRequest request,
+ HttpServletResponse response) throws ServletException, IOException {
+ try {
+ final Configuration config = Configuration.getInstance();
+
+ final SecureRandomIdentifierGenerator idGen = new SecureRandomIdentifierGenerator();
+
+ final EntitiesDescriptor spEntitiesDescriptor = SAML2Utils.createSAMLObject(EntitiesDescriptor.class);
+
+ final DateTime date = new DateTime();
+ spEntitiesDescriptor.setValidUntil(date.plusHours(VALIDUNTIL_IN_HOURS));
+
+ final String name = config.getPVP2MetadataEntitiesName();
+ if (MiscUtil.isEmpty(name)) {
+ log.info("NO Metadata EntitiesName configurated");
+ throw new ConfigurationException("NO Metadata EntitiesName configurated");
+ }
+
+ spEntitiesDescriptor.setName(name);
+ spEntitiesDescriptor.setID(idGen.generateIdentifier());
+
+ // set period of validity for metadata information
+ final DateTime validUntil = new DateTime();
+ spEntitiesDescriptor.setValidUntil(validUntil.plusDays(7));
+
+ final EntityDescriptor spEntityDescriptor = SAML2Utils
+ .createSAMLObject(EntityDescriptor.class);
+
+ spEntityDescriptor.setValidUntil(date.plusDays(VALIDUNTIL_IN_HOURS));
+
+ spEntitiesDescriptor.getEntityDescriptors().add(spEntityDescriptor);
+
+ // set OA-ID (PublicURL Prefix) as identifier
+ String serviceURL = config.getPublicUrlPreFix(request);
+ if (!serviceURL.endsWith("/")) {
+ serviceURL = serviceURL + "/";
+ }
+
+ log.debug("Set OnlineApplicationURL to " + serviceURL);
+ spEntityDescriptor.setEntityID(serviceURL);
+
+ final SPSSODescriptor spSSODescriptor = SAML2Utils
+ .createSAMLObject(SPSSODescriptor.class);
+
+ spSSODescriptor.setAuthnRequestsSigned(true);
+ spSSODescriptor.setWantAssertionsSigned(true);
+
+ final X509KeyInfoGeneratorFactory keyInfoFactory = new X509KeyInfoGeneratorFactory();
+ keyInfoFactory.setEmitEntityCertificate(true);
+ final KeyInfoGenerator keyInfoGenerator = keyInfoFactory.newInstance();
+
+ final KeyStore keyStore = config.getPVP2KeyStore();
+
+ final X509Credential signingcredential = new KeyStoreX509CredentialAdapter(
+ keyStore,
+ config.getPVP2KeystoreMetadataKeyAlias(),
+ config.getPVP2KeystoreMetadataKeyPassword().toCharArray());
+
+ log.debug("Set Metadata key information");
+ // Set MetaData Signing key
+ final KeyDescriptor entitiesSignKeyDescriptor = SAML2Utils
+ .createSAMLObject(KeyDescriptor.class);
+ entitiesSignKeyDescriptor.setUse(UsageType.SIGNING);
+ entitiesSignKeyDescriptor.setKeyInfo(keyInfoGenerator.generate(signingcredential));
+ final Signature entitiesSignature = getSignature(signingcredential);
+ spEntitiesDescriptor.setSignature(entitiesSignature);
+
+ // Set AuthRequest Signing certificate
+ final X509Credential authcredential = new KeyStoreX509CredentialAdapter(
+ keyStore,
+ config.getPVP2KeystoreAuthRequestKeyAlias(),
+ config.getPVP2KeystoreAuthRequestKeyPassword().toCharArray());
+ final KeyDescriptor signKeyDescriptor = SAML2Utils
+ .createSAMLObject(KeyDescriptor.class);
+
+ signKeyDescriptor.setUse(UsageType.SIGNING);
+ signKeyDescriptor.setKeyInfo(keyInfoGenerator.generate(authcredential));
+
+ spSSODescriptor.getKeyDescriptors().add(signKeyDescriptor);
+
+ // set AuthRequest encryption certificate
+ if (MiscUtil.isNotEmpty(config.getPVP2KeystoreAuthRequestEncryptionKeyAlias()) ||
+ MiscUtil.isNotEmpty(config.getPVP2KeystoreAuthRequestEncryptionKeyPassword())) {
+ final X509Credential authEncCredential = new KeyStoreX509CredentialAdapter(
+ keyStore,
+ config.getPVP2KeystoreAuthRequestEncryptionKeyAlias(),
+ config.getPVP2KeystoreAuthRequestEncryptionKeyPassword().toCharArray());
+ final KeyDescriptor encryKeyDescriptor = SAML2Utils
+ .createSAMLObject(KeyDescriptor.class);
+ encryKeyDescriptor.setUse(UsageType.ENCRYPTION);
+ encryKeyDescriptor.setKeyInfo(keyInfoGenerator.generate(authEncCredential));
+
+ // set encryption methode
// EncryptionMethod encMethode = SAML2Utils.createSAMLObject(EncryptionMethod.class);
-// encMethode.setAlgorithm(EncryptionConstants.ALGO_ID_BLOCKCIPHER_AES128_GCM);
+// encMethode.setAlgorithm(EncryptionConstants.ALGO_ID_BLOCKCIPHER_AES128_GCM);
// encryKeyDescriptor.getEncryptionMethods().add(encMethode);
-//
+//
// EncryptionMethod keyencMethode = SAML2Utils.createSAMLObject(EncryptionMethod.class);
-// keyencMethode.setAlgorithm(EncryptionConstants.ALGO_ID_KEYTRANSPORT_RSAOAEP);
+// keyencMethode.setAlgorithm(EncryptionConstants.ALGO_ID_KEYTRANSPORT_RSAOAEP);
// encryKeyDescriptor.getEncryptionMethods().add(keyencMethode);
-
- spSSODescriptor.getKeyDescriptors().add(encryKeyDescriptor);
-
- } else {
- log.warn("No Assertion Encryption-Key defined. This setting is not recommended!");
-
- }
-
-
- NameIDFormat persistentnameIDFormat = SAML2Utils.createSAMLObject(NameIDFormat.class);
- persistentnameIDFormat.setFormat(NameIDType.PERSISTENT);
-
- spSSODescriptor.getNameIDFormats().add(persistentnameIDFormat);
-
- NameIDFormat transientnameIDFormat = SAML2Utils.createSAMLObject(NameIDFormat.class);
- transientnameIDFormat.setFormat(NameIDType.TRANSIENT);
-
- spSSODescriptor.getNameIDFormats().add(transientnameIDFormat);
-
- NameIDFormat unspecifiednameIDFormat = SAML2Utils.createSAMLObject(NameIDFormat.class);
- unspecifiednameIDFormat.setFormat(NameIDType.UNSPECIFIED);
-
- spSSODescriptor.getNameIDFormats().add(unspecifiednameIDFormat);
-
- //set HTTP-POST Binding assertion consumer service
- AssertionConsumerService postassertionConsumerService =
- SAML2Utils.createSAMLObject(AssertionConsumerService.class);
- postassertionConsumerService.setIndex(0);
- postassertionConsumerService.setBinding(SAMLConstants.SAML2_POST_BINDING_URI);
- postassertionConsumerService.setLocation(serviceURL + Constants.SERVLET_PVP2ASSERTION);
- spSSODescriptor.getAssertionConsumerServices().add(postassertionConsumerService);
-
- //set HTTP-Redirect Binding assertion consumer service
- AssertionConsumerService redirectassertionConsumerService =
- SAML2Utils.createSAMLObject(AssertionConsumerService.class);
- redirectassertionConsumerService.setIndex(1);
- redirectassertionConsumerService.setBinding(SAMLConstants.SAML2_REDIRECT_BINDING_URI);
- redirectassertionConsumerService.setLocation(serviceURL + Constants.SERVLET_PVP2ASSERTION);
- spSSODescriptor.getAssertionConsumerServices().add(redirectassertionConsumerService);
-
- //set Single Log-Out service
- SingleLogoutService sloService = SAML2Utils.createSAMLObject(SingleLogoutService.class);
- sloService.setBinding(SAMLConstants.SAML2_REDIRECT_BINDING_URI);
- sloService.setLocation(serviceURL + Constants.SERVLET_PVPSINGLELOGOUT);
- spSSODescriptor.getSingleLogoutServices().add(sloService);
-
- spSSODescriptor.addSupportedProtocol(SAMLConstants.SAML20P_NS);
-
- spEntityDescriptor.getRoleDescriptors().add(spSSODescriptor);
-
- AttributeConsumingService attributeService =
- SAML2Utils.createSAMLObject(AttributeConsumingService.class);
-
- attributeService.setIndex(0);
- attributeService.setIsDefault(true);
- ServiceName serviceName = SAML2Utils.createSAMLObject(ServiceName.class);
- serviceName.setName(new LocalizedString("Default Service", "de"));
- attributeService.getNames().add(serviceName);
-
- //set attributes which are requested
- attributeService.getRequestAttributes().addAll(AttributeListBuilder.getRequestedAttributes());
- spSSODescriptor.getAttributeConsumingServices().add(attributeService);
-
-
- //build metadata
- DocumentBuilder builder;
- DocumentBuilderFactory factory = DocumentBuilderFactory.newInstance();
-
- builder = factory.newDocumentBuilder();
- Document document = builder.newDocument();
- Marshaller out = org.opensaml.Configuration.getMarshallerFactory().getMarshaller(spEntitiesDescriptor);
- out.marshall(spEntitiesDescriptor, document);
-
- Signer.signObject(entitiesSignature);
-
- Transformer transformer = TransformerFactory.newInstance().newTransformer();
-
- StringWriter sw = new StringWriter();
- StreamResult sr = new StreamResult(sw);
- DOMSource source = new DOMSource(document);
- transformer.transform(source, sr);
- sw.close();
-
- String metadataXML = sw.toString();
-
- response.setContentType("text/xml");
- response.getOutputStream().write(metadataXML.getBytes());
-
- response.getOutputStream().close();
-
- } catch (ConfigurationException e) {
- log.warn("Configuration can not be loaded.", e);
- throw new ServletException("MetaData can not be created. Look into LogFiles for more details.");
-
- } catch (NoSuchAlgorithmException e) {
- log.warn("Requested Algorithm could not found.", e);
- throw new ServletException("MetaData can not be created. Look into LogFiles for more details.");
-
- } catch (ParserConfigurationException e) {
- log.warn("PVP2 Metadata createn error", e);
- throw new ServletException("MetaData can not be created. Look into LogFiles for more details.");
-
- } catch (TransformerConfigurationException e) {
- log.warn("PVP2 Metadata createn error", e);
- throw new ServletException("MetaData can not be created. Look into LogFiles for more details.");
-
- } catch (TransformerFactoryConfigurationError e) {
- log.warn("PVP2 Metadata createn error", e);
- throw new ServletException("MetaData can not be created. Look into LogFiles for more details.");
-
- } catch (TransformerException e) {
- log.warn("PVP2 Metadata createn error", e);
- throw new ServletException("MetaData can not be created. Look into LogFiles for more details.");
- }
-
- catch (Exception e) {
- log.warn("Unspecific PVP2 Metadata createn error", e);
- throw new ServletException("MetaData can not be created. Look into LogFiles for more details.");
- }
-
- }
-
- /**
- * @see HttpServlet#doPost(HttpServletRequest request, HttpServletResponse
- * response)
- */
- protected void doPost(HttpServletRequest request,
- HttpServletResponse response) throws ServletException, IOException {
- }
+
+ spSSODescriptor.getKeyDescriptors().add(encryKeyDescriptor);
+
+ } else {
+ log.warn("No Assertion Encryption-Key defined. This setting is not recommended!");
+
+ }
+
+ final NameIDFormat persistentnameIDFormat = SAML2Utils.createSAMLObject(NameIDFormat.class);
+ persistentnameIDFormat.setFormat(NameIDType.PERSISTENT);
+
+ spSSODescriptor.getNameIDFormats().add(persistentnameIDFormat);
+
+ final NameIDFormat transientnameIDFormat = SAML2Utils.createSAMLObject(NameIDFormat.class);
+ transientnameIDFormat.setFormat(NameIDType.TRANSIENT);
+
+ spSSODescriptor.getNameIDFormats().add(transientnameIDFormat);
+
+ final NameIDFormat unspecifiednameIDFormat = SAML2Utils.createSAMLObject(NameIDFormat.class);
+ unspecifiednameIDFormat.setFormat(NameIDType.UNSPECIFIED);
+
+ spSSODescriptor.getNameIDFormats().add(unspecifiednameIDFormat);
+
+ // set HTTP-POST Binding assertion consumer service
+ final AssertionConsumerService postassertionConsumerService =
+ SAML2Utils.createSAMLObject(AssertionConsumerService.class);
+ postassertionConsumerService.setIndex(0);
+ postassertionConsumerService.setBinding(SAMLConstants.SAML2_POST_BINDING_URI);
+ postassertionConsumerService.setLocation(serviceURL + Constants.SERVLET_PVP2ASSERTION);
+ spSSODescriptor.getAssertionConsumerServices().add(postassertionConsumerService);
+
+ // set HTTP-Redirect Binding assertion consumer service
+ final AssertionConsumerService redirectassertionConsumerService =
+ SAML2Utils.createSAMLObject(AssertionConsumerService.class);
+ redirectassertionConsumerService.setIndex(1);
+ redirectassertionConsumerService.setBinding(SAMLConstants.SAML2_REDIRECT_BINDING_URI);
+ redirectassertionConsumerService.setLocation(serviceURL + Constants.SERVLET_PVP2ASSERTION);
+ spSSODescriptor.getAssertionConsumerServices().add(redirectassertionConsumerService);
+
+ // set Single Log-Out service
+ final SingleLogoutService sloService = SAML2Utils.createSAMLObject(SingleLogoutService.class);
+ sloService.setBinding(SAMLConstants.SAML2_REDIRECT_BINDING_URI);
+ sloService.setLocation(serviceURL + Constants.SERVLET_PVPSINGLELOGOUT);
+ spSSODescriptor.getSingleLogoutServices().add(sloService);
+
+ spSSODescriptor.addSupportedProtocol(SAMLConstants.SAML20P_NS);
+
+ spEntityDescriptor.getRoleDescriptors().add(spSSODescriptor);
+
+ final AttributeConsumingService attributeService =
+ SAML2Utils.createSAMLObject(AttributeConsumingService.class);
+
+ attributeService.setIndex(0);
+ attributeService.setIsDefault(true);
+ final ServiceName serviceName = SAML2Utils.createSAMLObject(ServiceName.class);
+ serviceName.setName(new LocalizedString("Default Service", "de"));
+ attributeService.getNames().add(serviceName);
+
+ // set attributes which are requested
+ attributeService.getRequestAttributes().addAll(AttributeListBuilder.getRequestedAttributes());
+ spSSODescriptor.getAttributeConsumingServices().add(attributeService);
+
+ // build metadata
+ DocumentBuilder builder;
+ final DocumentBuilderFactory factory = DocumentBuilderFactory.newInstance();
+
+ builder = factory.newDocumentBuilder();
+ final Document document = builder.newDocument();
+ final Marshaller out = org.opensaml.xml.Configuration.getMarshallerFactory().getMarshaller(
+ spEntitiesDescriptor);
+ out.marshall(spEntitiesDescriptor, document);
+
+ Signer.signObject(entitiesSignature);
+
+ final Transformer transformer = TransformerFactory.newInstance().newTransformer();
+
+ final StringWriter sw = new StringWriter();
+ final StreamResult sr = new StreamResult(sw);
+ final DOMSource source = new DOMSource(document);
+ transformer.transform(source, sr);
+ sw.close();
+
+ final String metadataXML = sw.toString();
+
+ response.setContentType("text/xml");
+ response.getOutputStream().write(metadataXML.getBytes());
+
+ response.getOutputStream().close();
+
+ } catch (final ConfigurationException e) {
+ log.warn("Configuration can not be loaded.", e);
+ throw new ServletException("MetaData can not be created. Look into LogFiles for more details.");
+
+ } catch (final NoSuchAlgorithmException e) {
+ log.warn("Requested Algorithm could not found.", e);
+ throw new ServletException("MetaData can not be created. Look into LogFiles for more details.");
+
+ } catch (final ParserConfigurationException e) {
+ log.warn("PVP2 Metadata createn error", e);
+ throw new ServletException("MetaData can not be created. Look into LogFiles for more details.");
+
+ } catch (final TransformerConfigurationException e) {
+ log.warn("PVP2 Metadata createn error", e);
+ throw new ServletException("MetaData can not be created. Look into LogFiles for more details.");
+
+ } catch (final TransformerFactoryConfigurationError e) {
+ log.warn("PVP2 Metadata createn error", e);
+ throw new ServletException("MetaData can not be created. Look into LogFiles for more details.");
+
+ } catch (final TransformerException e) {
+ log.warn("PVP2 Metadata createn error", e);
+ throw new ServletException("MetaData can not be created. Look into LogFiles for more details.");
+ }
+
+ catch (final Exception e) {
+ log.warn("Unspecific PVP2 Metadata createn error", e);
+ throw new ServletException("MetaData can not be created. Look into LogFiles for more details.");
+ }
+
+ }
+
+ /**
+ * @see HttpServlet#doPost(HttpServletRequest request, HttpServletResponse
+ * response)
+ */
+ @Override
+ protected void doPost(HttpServletRequest request,
+ HttpServletResponse response) throws ServletException, IOException {
+ }
} \ No newline at end of file
diff --git a/id/oa/src/main/java/at/gv/egovernment/moa/id/demoOA/servlet/pvp2/DemoApplication.java b/id/oa/src/main/java/at/gv/egovernment/moa/id/demoOA/servlet/pvp2/DemoApplication.java
index df58fbc7a..e4acd8152 100644
--- a/id/oa/src/main/java/at/gv/egovernment/moa/id/demoOA/servlet/pvp2/DemoApplication.java
+++ b/id/oa/src/main/java/at/gv/egovernment/moa/id/demoOA/servlet/pvp2/DemoApplication.java
@@ -33,7 +33,6 @@ import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import javax.servlet.http.HttpSession;
-import org.apache.log4j.Logger;
import org.opensaml.common.SAMLObject;
import org.opensaml.common.binding.BasicSAMLMessageContext;
import org.opensaml.common.xml.SAMLConstants;
@@ -85,280 +84,285 @@ import at.gv.egovernment.moa.id.demoOA.Constants;
import at.gv.egovernment.moa.id.demoOA.PVPConstants;
import at.gv.egovernment.moa.id.demoOA.utils.ApplicationBean;
import at.gv.egovernment.moa.id.demoOA.utils.SAML2Utils;
+import lombok.extern.slf4j.Slf4j;
+@Slf4j
public class DemoApplication extends HttpServlet {
- Logger log = Logger.getLogger(DemoApplication.class);
-
- private static final long serialVersionUID = -2129228304760706063L;
-
-
-
- private void process(HttpServletRequest request,
- HttpServletResponse response) throws ServletException, IOException {
-
-
- ApplicationBean bean = new ApplicationBean();
-
- log.debug("Receive request on secure-area endpoint ...");
-
- String method = request.getMethod();
- HttpSession session = request.getSession();
- if (session == null) {
- log.info("NO HTTP Session");
- bean.setErrorMessage("NO HTTP session");
- setAnser(request, response, bean);
- return;
- }
-
- try {
- Configuration config = Configuration.getInstance();
- Response samlResponse = null;
-
- if (method.equals("GET")) {
- log.debug("Find possible SAML2 Redirect-Binding response ...");
- HTTPRedirectDeflateDecoder decode = new HTTPRedirectDeflateDecoder(new BasicParserPool());
- BasicSAMLMessageContext<Response, ?, ?> messageContext = new BasicSAMLMessageContext<Response, SAMLObject, SAMLObject>();
-
- messageContext.setInboundMessageTransport(new HttpServletRequestAdapter(request));
- messageContext.setPeerEntityRole(SPSSODescriptor.DEFAULT_ELEMENT_NAME);
-
- messageContext.setMetadataProvider(config.getMetaDataProvier());
-
- MetadataCredentialResolver resolver = new MetadataCredentialResolver(config.getMetaDataProvier());
- List<KeyInfoProvider> keyInfoProvider = new ArrayList<KeyInfoProvider>();
- keyInfoProvider.add(new DSAKeyValueProvider());
- keyInfoProvider.add(new RSAKeyValueProvider());
- keyInfoProvider.add(new InlineX509DataProvider());
- KeyInfoCredentialResolver keyInfoResolver = new BasicProviderKeyInfoCredentialResolver(
- keyInfoProvider);
- ExplicitKeySignatureTrustEngine engine = new ExplicitKeySignatureTrustEngine(
- resolver, keyInfoResolver);
-
- SAML2HTTPRedirectDeflateSignatureRule signatureRule = new SAML2HTTPRedirectDeflateSignatureRule(engine);
- SAML2AuthnRequestsSignedRule signedRole = new SAML2AuthnRequestsSignedRule();
- BasicSecurityPolicy policy = new BasicSecurityPolicy();
- policy.getPolicyRules().add(signatureRule);
- policy.getPolicyRules().add(signedRole);
- SecurityPolicyResolver resolver1 = new StaticSecurityPolicyResolver(policy);
- messageContext.setSecurityPolicyResolver(resolver1);
-
- decode.decode(messageContext);
-
- log.info("PVP2 Assertion with Redirect-Binding is valid");
-
- } else if (method.equals("POST")) {
- log.debug("Find possible SAML2 Post-Binding response ...");
- //Decode with HttpPost Binding
- HTTPPostDecoder decode = new HTTPPostDecoder(new BasicParserPool());
- BasicSAMLMessageContext<Response, ?, ?> messageContext = new BasicSAMLMessageContext<Response, SAMLObject, SAMLObject>();
- messageContext
- .setInboundMessageTransport(new HttpServletRequestAdapter(
- request));
- decode.decode(messageContext);
-
- samlResponse = (Response) messageContext.getInboundMessage();
-
- Signature sign = samlResponse.getSignature();
- if (sign == null) {
- log.info("Only http POST Requests can be used");
- bean.setErrorMessage("Only http POST Requests can be used");
- setAnser(request, response, bean);
- return;
- }
-
- //Validate Signature
- SAMLSignatureProfileValidator profileValidator = new SAMLSignatureProfileValidator();
- profileValidator.validate(sign);
-
- //Verify Signature
- List<KeyInfoProvider> keyInfoProvider = new ArrayList<KeyInfoProvider>();
- keyInfoProvider.add(new DSAKeyValueProvider());
- keyInfoProvider.add(new RSAKeyValueProvider());
- keyInfoProvider.add(new InlineX509DataProvider());
-
- KeyInfoCredentialResolver keyInfoResolver = new BasicProviderKeyInfoCredentialResolver(
- keyInfoProvider);
-
- MetadataCredentialResolverFactory credentialResolverFactory = MetadataCredentialResolverFactory.getFactory();
- MetadataCredentialResolver credentialResolver = credentialResolverFactory.getInstance(config.getMetaDataProvier());
-
- CriteriaSet criteriaSet = new CriteriaSet();
- criteriaSet.add(new MetadataCriteria(IDPSSODescriptor.DEFAULT_ELEMENT_NAME, SAMLConstants.SAML20P_NS));
- criteriaSet.add(new EntityIDCriteria(config.getPVP2IDPMetadataEntityName()));
- criteriaSet.add(new UsageCriteria(UsageType.SIGNING));
-
- ExplicitKeySignatureTrustEngine trustEngine = new ExplicitKeySignatureTrustEngine(credentialResolver, keyInfoResolver);
- trustEngine.validate(sign, criteriaSet);
-
- log.info("PVP2 Assertion with POST-Binding is valid");
-
- } else {
- bean.setErrorMessage("Die Demoapplikation unterstützt nur SAML2 POST-Binding.");
- setAnser(request, response, bean);
- return;
-
- }
-
-
- if (samlResponse.getStatus().getStatusCode().getValue().equals(StatusCode.SUCCESS_URI)) {
-
- List<org.opensaml.saml2.core.Assertion> saml2assertions = new ArrayList<org.opensaml.saml2.core.Assertion>();
-
- //check encrypted Assertion
- List<EncryptedAssertion> encryAssertionList = samlResponse.getEncryptedAssertions();
- if (encryAssertionList != null && encryAssertionList.size() > 0) {
- //decrypt assertions
-
- log.debug("Found encryped assertion. Start decryption ...");
-
- KeyStore keyStore = config.getPVP2KeyStore();
-
- X509Credential authDecCredential = new KeyStoreX509CredentialAdapter(
- keyStore,
- config.getPVP2KeystoreAuthRequestEncryptionKeyAlias(),
- config.getPVP2KeystoreAuthRequestEncryptionKeyPassword().toCharArray());
-
-
- StaticKeyInfoCredentialResolver skicr =
- new StaticKeyInfoCredentialResolver(authDecCredential);
-
- ChainingEncryptedKeyResolver encryptedKeyResolver = new ChainingEncryptedKeyResolver();
- encryptedKeyResolver.getResolverChain().add( new InlineEncryptedKeyResolver() );
- encryptedKeyResolver.getResolverChain().add( new EncryptedElementTypeEncryptedKeyResolver() );
- encryptedKeyResolver.getResolverChain().add( new SimpleRetrievalMethodEncryptedKeyResolver() );
-
- Decrypter samlDecrypter =
- new Decrypter(null, skicr, encryptedKeyResolver);
-
- for (EncryptedAssertion encAssertion : encryAssertionList) {
- Assertion decryptedAssertion = samlDecrypter.decrypt(encAssertion);
- samlResponse.getAssertions().add(decryptedAssertion);
- log.debug("Decrypted Assertion: " + DOMUtils.serializeNode(SAML2Utils.asDOMDocument(decryptedAssertion)));
-
- }
-
- log.debug("Assertion decryption finished. ");
-
- } else {
- log.debug("Assertiojn is not encryted. Use it as it is");
-
- }
-
- //set assertion
- org.w3c.dom.Document doc = SAML2Utils.asDOMDocument(samlResponse);
- String assertion = DOMUtils.serializeNode(doc);
- bean.setAssertion(assertion);
-
- String principleId = null;
- String givenName = null;
- String familyName = null;
- String birthday = null;
-
- log.debug("Find #" + samlResponse.getAssertions().size() + " assertions after decryption");
-
- for (org.opensaml.saml2.core.Assertion saml2assertion : samlResponse.getAssertions()) {
-
- try {
- principleId = saml2assertion.getSubject().getNameID().getValue();
-
- } catch (Exception e) {
- log.warn("Can not read SubjectNameId", e);
- }
-
- //loop through the nodes to get what we want
- List<AttributeStatement> attributeStatements = saml2assertion.getAttributeStatements();
- for (int i = 0; i < attributeStatements.size(); i++)
- {
- List<Attribute> attributes = attributeStatements.get(i).getAttributes();
- for (int x = 0; x < attributes.size(); x++)
- {
-
-
- String strAttributeName = attributes.get(x).getName();
-
- log.debug("Find attribute with name: " + strAttributeName + " and value: "
- + attributes.get(x).getAttributeValues().get(0).getDOM().getNodeValue());
-
- if (strAttributeName.equals(PVPConstants.PRINCIPAL_NAME_NAME)) {
- familyName = attributes.get(x).getAttributeValues().get(0).getDOM().getFirstChild().getNodeValue();
-
- }
-
- if (strAttributeName.equals(PVPConstants.GIVEN_NAME_NAME)) {
- givenName = attributes.get(x).getAttributeValues().get(0).getDOM().getFirstChild().getNodeValue();
-
- }
-
- if (strAttributeName.equals(PVPConstants.BIRTHDATE_NAME)) {
- birthday = attributes.get(x).getAttributeValues().get(0).getDOM().getFirstChild().getNodeValue();
-
- }
-
- if (strAttributeName.equals(PVPConstants.BPK_NAME)) {
- principleId = attributes.get(x).getAttributeValues().get(0).getDOM().getFirstChild().getNodeValue();
-
- }
- }
- }
- request.getSession().setAttribute(Constants.SESSION_NAMEIDFORMAT,
- saml2assertion.getSubject().getNameID().getFormat());
- request.getSession().setAttribute(Constants.SESSION_NAMEID,
- saml2assertion.getSubject().getNameID().getValue());
-
- }
-
- bean.setPrincipleId(principleId);
- bean.setDateOfBirth(birthday);
- bean.setFamilyName(familyName);
- bean.setGivenName(givenName);
- bean.setLogin(true);
-
- setAnser(request, response, bean);
- return;
-
-
- } else {
- bean.setErrorMessage("Der Anmeldevorgang wurde abgebrochen.<br>Eine genaue Beschreibung des Fehlers finden Sie in der darunterliegenden Assertion.");
- setAnser(request, response, bean);
- return;
-
- }
-
- } catch (Exception e) {
- log.warn(e);
- bean.setErrorMessage("Internal Error: " + e.getMessage());
- setAnser(request, response, bean);
- return;
- }
-
- }
-
- private void setAnser(HttpServletRequest request, HttpServletResponse response, ApplicationBean answersBean) throws ServletException, IOException {
- // store bean in session
- request.setAttribute("answers", answersBean);
-
- // you now can forward to some view, for example some results.jsp
- request.getRequestDispatcher("demoapp.jsp").forward(request, response);
-
- }
-
- /**
- * @see HttpServlet#doGet(HttpServletRequest request, HttpServletResponse
- * response)
- */
- protected void doGet(HttpServletRequest request,
- HttpServletResponse response) throws ServletException, IOException {
-
- process(request, response);
- }
-
-
- /**
- * @see HttpServlet#doPost(HttpServletRequest request, HttpServletResponse
- * response)
- */
- protected void doPost(HttpServletRequest request,
- HttpServletResponse response) throws ServletException, IOException {
- process(request, response);
- }
+
+ private static final long serialVersionUID = -2129228304760706063L;
+
+ private void process(HttpServletRequest request,
+ HttpServletResponse response) throws ServletException, IOException {
+
+ final ApplicationBean bean = new ApplicationBean();
+
+ log.debug("Receive request on secure-area endpoint ...");
+
+ final String method = request.getMethod();
+ final HttpSession session = request.getSession();
+ if (session == null) {
+ log.info("NO HTTP Session");
+ bean.setErrorMessage("NO HTTP session");
+ setAnser(request, response, bean);
+ return;
+ }
+
+ try {
+ final Configuration config = Configuration.getInstance();
+ Response samlResponse = null;
+
+ if (method.equals("GET")) {
+ log.debug("Find possible SAML2 Redirect-Binding response ...");
+ final HTTPRedirectDeflateDecoder decode = new HTTPRedirectDeflateDecoder(new BasicParserPool());
+ final BasicSAMLMessageContext<Response, ?, ?> messageContext =
+ new BasicSAMLMessageContext<>();
+
+ messageContext.setInboundMessageTransport(new HttpServletRequestAdapter(request));
+ messageContext.setPeerEntityRole(SPSSODescriptor.DEFAULT_ELEMENT_NAME);
+
+ messageContext.setMetadataProvider(config.getMetaDataProvier());
+
+ final MetadataCredentialResolver resolver = new MetadataCredentialResolver(config
+ .getMetaDataProvier());
+ final List<KeyInfoProvider> keyInfoProvider = new ArrayList<>();
+ keyInfoProvider.add(new DSAKeyValueProvider());
+ keyInfoProvider.add(new RSAKeyValueProvider());
+ keyInfoProvider.add(new InlineX509DataProvider());
+ final KeyInfoCredentialResolver keyInfoResolver = new BasicProviderKeyInfoCredentialResolver(
+ keyInfoProvider);
+ final ExplicitKeySignatureTrustEngine engine = new ExplicitKeySignatureTrustEngine(
+ resolver, keyInfoResolver);
+
+ final SAML2HTTPRedirectDeflateSignatureRule signatureRule = new SAML2HTTPRedirectDeflateSignatureRule(
+ engine);
+ final SAML2AuthnRequestsSignedRule signedRole = new SAML2AuthnRequestsSignedRule();
+ final BasicSecurityPolicy policy = new BasicSecurityPolicy();
+ policy.getPolicyRules().add(signatureRule);
+ policy.getPolicyRules().add(signedRole);
+ final SecurityPolicyResolver resolver1 = new StaticSecurityPolicyResolver(policy);
+ messageContext.setSecurityPolicyResolver(resolver1);
+
+ decode.decode(messageContext);
+
+ log.info("PVP2 Assertion with Redirect-Binding is valid");
+
+ } else if (method.equals("POST")) {
+ log.debug("Find possible SAML2 Post-Binding response ...");
+ // Decode with HttpPost Binding
+ final HTTPPostDecoder decode = new HTTPPostDecoder(new BasicParserPool());
+ final BasicSAMLMessageContext<Response, ?, ?> messageContext =
+ new BasicSAMLMessageContext<>();
+ messageContext
+ .setInboundMessageTransport(new HttpServletRequestAdapter(
+ request));
+ decode.decode(messageContext);
+
+ samlResponse = (Response) messageContext.getInboundMessage();
+
+ final Signature sign = samlResponse.getSignature();
+ if (sign == null) {
+ log.info("Only http POST Requests can be used");
+ bean.setErrorMessage("Only http POST Requests can be used");
+ setAnser(request, response, bean);
+ return;
+ }
+
+ // Validate Signature
+ final SAMLSignatureProfileValidator profileValidator = new SAMLSignatureProfileValidator();
+ profileValidator.validate(sign);
+
+ // Verify Signature
+ final List<KeyInfoProvider> keyInfoProvider = new ArrayList<>();
+ keyInfoProvider.add(new DSAKeyValueProvider());
+ keyInfoProvider.add(new RSAKeyValueProvider());
+ keyInfoProvider.add(new InlineX509DataProvider());
+
+ final KeyInfoCredentialResolver keyInfoResolver = new BasicProviderKeyInfoCredentialResolver(
+ keyInfoProvider);
+
+ final MetadataCredentialResolverFactory credentialResolverFactory = MetadataCredentialResolverFactory
+ .getFactory();
+ final MetadataCredentialResolver credentialResolver = credentialResolverFactory.getInstance(config
+ .getMetaDataProvier());
+
+ final CriteriaSet criteriaSet = new CriteriaSet();
+ criteriaSet.add(new MetadataCriteria(IDPSSODescriptor.DEFAULT_ELEMENT_NAME,
+ SAMLConstants.SAML20P_NS));
+ criteriaSet.add(new EntityIDCriteria(config.getPVP2IDPMetadataEntityName()));
+ criteriaSet.add(new UsageCriteria(UsageType.SIGNING));
+
+ final ExplicitKeySignatureTrustEngine trustEngine = new ExplicitKeySignatureTrustEngine(
+ credentialResolver, keyInfoResolver);
+ trustEngine.validate(sign, criteriaSet);
+
+ log.info("PVP2 Assertion with POST-Binding is valid");
+
+ } else {
+ bean.setErrorMessage("Die Demoapplikation unterstützt nur SAML2 POST-Binding.");
+ setAnser(request, response, bean);
+ return;
+
+ }
+
+ if (samlResponse.getStatus().getStatusCode().getValue().equals(StatusCode.SUCCESS_URI)) {
+
+ final List<org.opensaml.saml2.core.Assertion> saml2assertions =
+ new ArrayList<>();
+
+ // check encrypted Assertion
+ final List<EncryptedAssertion> encryAssertionList = samlResponse.getEncryptedAssertions();
+ if (encryAssertionList != null && encryAssertionList.size() > 0) {
+ // decrypt assertions
+
+ log.debug("Found encryped assertion. Start decryption ...");
+
+ final KeyStore keyStore = config.getPVP2KeyStore();
+
+ final X509Credential authDecCredential = new KeyStoreX509CredentialAdapter(
+ keyStore,
+ config.getPVP2KeystoreAuthRequestEncryptionKeyAlias(),
+ config.getPVP2KeystoreAuthRequestEncryptionKeyPassword().toCharArray());
+
+ final StaticKeyInfoCredentialResolver skicr =
+ new StaticKeyInfoCredentialResolver(authDecCredential);
+
+ final ChainingEncryptedKeyResolver encryptedKeyResolver = new ChainingEncryptedKeyResolver();
+ encryptedKeyResolver.getResolverChain().add(new InlineEncryptedKeyResolver());
+ encryptedKeyResolver.getResolverChain().add(new EncryptedElementTypeEncryptedKeyResolver());
+ encryptedKeyResolver.getResolverChain().add(new SimpleRetrievalMethodEncryptedKeyResolver());
+
+ final Decrypter samlDecrypter =
+ new Decrypter(null, skicr, encryptedKeyResolver);
+
+ for (final EncryptedAssertion encAssertion : encryAssertionList) {
+ final Assertion decryptedAssertion = samlDecrypter.decrypt(encAssertion);
+ samlResponse.getAssertions().add(decryptedAssertion);
+ log.debug("Decrypted Assertion: " + DOMUtils.serializeNode(SAML2Utils.asDOMDocument(
+ decryptedAssertion)));
+
+ }
+
+ log.debug("Assertion decryption finished. ");
+
+ } else {
+ log.debug("Assertiojn is not encryted. Use it as it is");
+
+ }
+
+ // set assertion
+ final org.w3c.dom.Document doc = SAML2Utils.asDOMDocument(samlResponse);
+ final String assertion = DOMUtils.serializeNode(doc);
+ bean.setAssertion(assertion);
+
+ String principleId = null;
+ String givenName = null;
+ String familyName = null;
+ String birthday = null;
+
+ log.debug("Find #" + samlResponse.getAssertions().size() + " assertions after decryption");
+
+ for (final org.opensaml.saml2.core.Assertion saml2assertion : samlResponse.getAssertions()) {
+
+ try {
+ principleId = saml2assertion.getSubject().getNameID().getValue();
+
+ } catch (final Exception e) {
+ log.warn("Can not read SubjectNameId", e);
+ }
+
+ // loop through the nodes to get what we want
+ final List<AttributeStatement> attributeStatements = saml2assertion.getAttributeStatements();
+ for (final AttributeStatement attributeStatement : attributeStatements) {
+ final List<Attribute> attributes = attributeStatement.getAttributes();
+ for (final Attribute attribute : attributes) {
+
+ final String strAttributeName = attribute.getName();
+
+ log.debug("Find attribute with name: " + strAttributeName + " and value: "
+ + attribute.getAttributeValues().get(0).getDOM().getNodeValue());
+
+ if (strAttributeName.equals(PVPConstants.PRINCIPAL_NAME_NAME)) {
+ familyName = attribute.getAttributeValues().get(0).getDOM().getFirstChild().getNodeValue();
+
+ }
+
+ if (strAttributeName.equals(PVPConstants.GIVEN_NAME_NAME)) {
+ givenName = attribute.getAttributeValues().get(0).getDOM().getFirstChild().getNodeValue();
+
+ }
+
+ if (strAttributeName.equals(PVPConstants.BIRTHDATE_NAME)) {
+ birthday = attribute.getAttributeValues().get(0).getDOM().getFirstChild().getNodeValue();
+
+ }
+
+ if (strAttributeName.equals(PVPConstants.BPK_NAME)) {
+ principleId = attribute.getAttributeValues().get(0).getDOM().getFirstChild().getNodeValue();
+
+ }
+ }
+ }
+ request.getSession().setAttribute(Constants.SESSION_NAMEIDFORMAT,
+ saml2assertion.getSubject().getNameID().getFormat());
+ request.getSession().setAttribute(Constants.SESSION_NAMEID,
+ saml2assertion.getSubject().getNameID().getValue());
+
+ }
+
+ bean.setPrincipleId(principleId);
+ bean.setDateOfBirth(birthday);
+ bean.setFamilyName(familyName);
+ bean.setGivenName(givenName);
+ bean.setLogin(true);
+
+ setAnser(request, response, bean);
+ return;
+
+ } else {
+ bean.setErrorMessage(
+ "Der Anmeldevorgang wurde abgebrochen.<br>Eine genaue Beschreibung des Fehlers finden Sie in der darunterliegenden Assertion.");
+ setAnser(request, response, bean);
+ return;
+
+ }
+
+ } catch (final Exception e) {
+ log.warn(e.getMessage(), e);
+ bean.setErrorMessage("Internal Error: " + e.getMessage());
+ setAnser(request, response, bean);
+ return;
+ }
+
+ }
+
+ private void setAnser(HttpServletRequest request, HttpServletResponse response, ApplicationBean answersBean)
+ throws ServletException, IOException {
+ // store bean in session
+ request.setAttribute("answers", answersBean);
+
+ // you now can forward to some view, for example some results.jsp
+ request.getRequestDispatcher("demoapp.jsp").forward(request, response);
+
+ }
+
+ /**
+ * @see HttpServlet#doGet(HttpServletRequest request, HttpServletResponse
+ * response)
+ */
+ @Override
+ protected void doGet(HttpServletRequest request,
+ HttpServletResponse response) throws ServletException, IOException {
+
+ process(request, response);
+ }
+
+ /**
+ * @see HttpServlet#doPost(HttpServletRequest request, HttpServletResponse
+ * response)
+ */
+ @Override
+ protected void doPost(HttpServletRequest request,
+ HttpServletResponse response) throws ServletException, IOException {
+ process(request, response);
+ }
}
diff --git a/id/oa/src/main/java/at/gv/egovernment/moa/id/demoOA/servlet/pvp2/Index.java b/id/oa/src/main/java/at/gv/egovernment/moa/id/demoOA/servlet/pvp2/Index.java
index bac3e1949..1b0eb35c9 100644
--- a/id/oa/src/main/java/at/gv/egovernment/moa/id/demoOA/servlet/pvp2/Index.java
+++ b/id/oa/src/main/java/at/gv/egovernment/moa/id/demoOA/servlet/pvp2/Index.java
@@ -90,241 +90,240 @@ import at.gv.egovernment.moa.id.demoOA.utils.ApplicationBean;
import at.gv.egovernment.moa.id.demoOA.utils.SAML2Utils;
import at.gv.egovernment.moa.util.MiscUtil;
+public class Index extends HttpServlet {
+ private static final long serialVersionUID = -2129228304760706063L;
+ private static final Logger log = LoggerFactory
+ .getLogger(Index.class);
-public class Index extends HttpServlet {
+ private void process(HttpServletRequest request,
+ HttpServletResponse response) throws ServletException, IOException {
+
+ final ApplicationBean bean = new ApplicationBean();
+
+ final String method = request.getMethod();
+ final HttpSession session = request.getSession();
+ if (session == null) {
+ log.info("NO HTTP Session");
+ bean.setErrorMessage("NO HTTP session");
+ setAnser(request, response, bean);
+ return;
+ }
+
+ if (method.equals("GET")) {
+ try {
+ final Configuration config = Configuration.getInstance();
+
+ // Decode with HttpPost Binding
+ final HTTPRedirectDeflateDecoder decode = new HTTPRedirectDeflateDecoder(
+ new BasicParserPool());
+ final BasicSAMLMessageContext<SAMLObject, ?, ?> messageContext =
+ new BasicSAMLMessageContext<>();
+ messageContext
+ .setInboundMessageTransport(new HttpServletRequestAdapter(request));
+
+ decode.decode(messageContext);
+
+ messageContext.setMetadataProvider(config.getMetaDataProvier());
+ final CriteriaSet criteriaSet = new CriteriaSet();
+ criteriaSet.add(new MetadataCriteria(IDPSSODescriptor.DEFAULT_ELEMENT_NAME,
+ SAMLConstants.SAML20P_NS));
+ criteriaSet.add(new EntityIDCriteria(config.getPVP2IDPMetadataEntityName()));
+ criteriaSet.add(new UsageCriteria(UsageType.SIGNING));
+
+ final MetadataCredentialResolverFactory credentialResolverFactory = MetadataCredentialResolverFactory
+ .getFactory();
+ final MetadataCredentialResolver credentialResolver = credentialResolverFactory.getInstance(config
+ .getMetaDataProvier());
+
+ // Verify Signature
+ final List<KeyInfoProvider> keyInfoProvider = new ArrayList<>();
+ keyInfoProvider.add(new DSAKeyValueProvider());
+ keyInfoProvider.add(new RSAKeyValueProvider());
+ keyInfoProvider.add(new InlineX509DataProvider());
+
+ final KeyInfoCredentialResolver keyInfoResolver = new BasicProviderKeyInfoCredentialResolver(
+ keyInfoProvider);
+
+ final ExplicitKeySignatureTrustEngine trustEngine = new ExplicitKeySignatureTrustEngine(
+ credentialResolver, keyInfoResolver);
+
+ final SAML2HTTPRedirectDeflateSignatureRule signatureRule = new SAML2HTTPRedirectDeflateSignatureRule(
+ trustEngine);
+ final SAML2AuthnRequestsSignedRule signedRole = new SAML2AuthnRequestsSignedRule();
+ final BasicSecurityPolicy policy = new BasicSecurityPolicy();
+ policy.getPolicyRules().add(signatureRule);
+ policy.getPolicyRules().add(signedRole);
+ final SecurityPolicyResolver resolver = new StaticSecurityPolicyResolver(
+ policy);
+ messageContext.setSecurityPolicyResolver(resolver);
+
+ messageContext.setPeerEntityRole(IDPSSODescriptor.DEFAULT_ELEMENT_NAME);
+
+ signatureRule.evaluate(messageContext);
+
+ final SignableXMLObject samlResponse = (SignableXMLObject) messageContext.getInboundMessage();
+
+ log.info("PVP2 statusrequest or statusresponse is valid");
+
+ if (samlResponse instanceof LogoutResponse) {
+
+ final LogoutResponse sloResp = (LogoutResponse) samlResponse;
+
+ // set assertion
+ final org.w3c.dom.Document doc = SAML2Utils.asDOMDocument(samlResponse);
+ final String assertion = DOMUtils.serializeNode(doc);
+ bean.setAssertion(assertion);
+
+ if (sloResp.getStatus().getStatusCode().getValue().equals(StatusCode.SUCCESS_URI)) {
+
+ bean.setSuccessMessage("Der Single Log-Out Vorgang konnte erfolgreich durchgeführt werden.");
+
+ setAnser(request, response, bean);
+ return;
+
+ } else {
+ bean.setErrorMessage(
+ "Der Single Log-Out Vorgang war nicht erfolgreich.<br>Bitte schließen Sie aus sicherheitsgründen den Browser!");
+ setAnser(request, response, bean);
+ return;
+
+ }
+
+ } else if (samlResponse instanceof LogoutRequest) {
+ // invalidate user session
+ request.getSession().invalidate();
+
+ // build LogOutResponse
+ final LogoutResponse sloResp = SAML2Utils.createSAMLObject(LogoutResponse.class);
+ final SecureRandomIdentifierGenerator gen = new SecureRandomIdentifierGenerator();
+ sloResp.setID(gen.generateIdentifier());
+ sloResp.setIssueInstant(new DateTime());
+ final NameID name = SAML2Utils.createSAMLObject(NameID.class);
+ final Issuer issuer = SAML2Utils.createSAMLObject(Issuer.class);
+
+ String serviceURL = config.getPublicUrlPreFix(request);
+ if (!serviceURL.endsWith("/")) {
+ serviceURL = serviceURL + "/";
+ }
+ name.setValue(serviceURL);
+ issuer.setValue(serviceURL);
+ issuer.setFormat(NameIDType.ENTITY);
+ sloResp.setIssuer(issuer);
+
+ final Status status = SAML2Utils.createSAMLObject(Status.class);
+ sloResp.setStatus(status);
+ final StatusCode statusCode = SAML2Utils.createSAMLObject(StatusCode.class);
+ statusCode.setValue(StatusCode.SUCCESS_URI);
+ status.setStatusCode(statusCode);
+
+ final String entityname = config.getPVP2IDPMetadataEntityName();
+ if (MiscUtil.isEmpty(entityname)) {
+ log.info("No IDP EntityName configurated");
+ throw new ConfigurationException("No IDP EntityName configurated");
+ }
+
+ // get IDP metadata from metadataprovider
+ final HTTPMetadataProvider idpmetadata = config.getMetaDataProvier();
+ final EntityDescriptor idpEntity = idpmetadata.getEntityDescriptor(entityname);
+ if (idpEntity == null) {
+ log.info("IDP EntityName is not found in IDP Metadata");
+ throw new ConfigurationException("IDP EntityName is not found in IDP Metadata");
+ }
+
+ // select authentication-service url from metadata
+ SingleLogoutService redirectEndpoint = null;
+ for (final SingleLogoutService sss : idpEntity.getIDPSSODescriptor(SAMLConstants.SAML20P_NS)
+ .getSingleLogoutServices()) {
+
+ // Get the service address for the binding you wish to use
+ if (sss.getBinding().equals(SAMLConstants.SAML2_REDIRECT_BINDING_URI)) {
+ redirectEndpoint = sss;
+ }
+ }
+ sloResp.setDestination(redirectEndpoint.getLocation());
+
+ // sign authentication request
+ final KeyStore keyStore = config.getPVP2KeyStore();
+ final X509Credential authcredential = new KeyStoreX509CredentialAdapter(
+ keyStore,
+ config.getPVP2KeystoreAuthRequestKeyAlias(),
+ config.getPVP2KeystoreAuthRequestKeyPassword().toCharArray());
+
+ final Signature signer = SAML2Utils.createSAMLObject(Signature.class);
+ signer.setSignatureAlgorithm(SignatureConstants.ALGO_ID_SIGNATURE_RSA_SHA1);
+ signer.setCanonicalizationAlgorithm(SignatureConstants.ALGO_ID_C14N_EXCL_OMIT_COMMENTS);
+ signer.setSigningCredential(authcredential);
+ sloResp.setSignature(signer);
+
+ final HTTPRedirectDeflateEncoder encoder = new HTTPRedirectDeflateEncoder();
+ final HttpServletResponseAdapter responseAdapter = new HttpServletResponseAdapter(
+ response, true);
+ final BasicSAMLMessageContext<SAMLObject, SAMLObject, SAMLObject> context =
+ new BasicSAMLMessageContext<>();
+ final SingleSignOnService service = new SingleSignOnServiceBuilder()
+ .buildObject();
+ service.setBinding("urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST");
+ service.setLocation(redirectEndpoint.getLocation());
+
+ context.setOutboundSAMLMessageSigningCredential(authcredential);
+ context.setPeerEntityEndpoint(service);
+ context.setOutboundSAMLMessage(sloResp);
+ context.setOutboundMessageTransport(responseAdapter);
+ context.setRelayState(messageContext.getRelayState());
+
+ encoder.encode(context);
+
+ } else {
+ bean.setErrorMessage("Kein gültiger LogOut Request oder LogOut Response");
+ setAnser(request, response, bean);
+ return;
+
+ }
+
+ } catch (final Exception e) {
+ log.warn("Internal error", e);
+ bean.setErrorMessage("Internal Error: " + e.getMessage());
+ setAnser(request, response, bean);
+ return;
+ }
+
+ } else {
+ bean.setErrorMessage("Die Demoapplikation unterstützt nur SAML2 POST-Binding.");
+ setAnser(request, response, bean);
+ return;
+
+ }
+ }
+
+ private void setAnser(HttpServletRequest request, HttpServletResponse response, ApplicationBean answersBean)
+ throws ServletException, IOException {
+ // store bean in session
+ request.setAttribute("answers", answersBean);
+
+ // you now can forward to some view, for example some results.jsp
+ request.getRequestDispatcher("demoapp.jsp").forward(request, response);
+
+ }
+
+ /**
+ * @see HttpServlet#doGet(HttpServletRequest request, HttpServletResponse
+ * response)
+ */
+ @Override
+ protected void doGet(HttpServletRequest request,
+ HttpServletResponse response) throws ServletException, IOException {
+
+ process(request, response);
+ }
- private static final long serialVersionUID = -2129228304760706063L;
- private static final Logger log = LoggerFactory
- .getLogger(Index.class);
-
-
- private void process(HttpServletRequest request,
- HttpServletResponse response) throws ServletException, IOException {
-
-
- ApplicationBean bean = new ApplicationBean();
-
-
- String method = request.getMethod();
- HttpSession session = request.getSession();
- if (session == null) {
- log.info("NO HTTP Session");
- bean.setErrorMessage("NO HTTP session");
- setAnser(request, response, bean);
- return;
- }
-
- if (method.equals("GET")) {
- try {
- Configuration config = Configuration.getInstance();
-
- //Decode with HttpPost Binding
- HTTPRedirectDeflateDecoder decode = new HTTPRedirectDeflateDecoder(
- new BasicParserPool());
- BasicSAMLMessageContext<SAMLObject, ?, ?> messageContext = new BasicSAMLMessageContext<SAMLObject, SAMLObject, SAMLObject>();
- messageContext
- .setInboundMessageTransport(new HttpServletRequestAdapter(request));
-
- decode.decode(messageContext);
-
- messageContext.setMetadataProvider(config.getMetaDataProvier());
- CriteriaSet criteriaSet = new CriteriaSet();
- criteriaSet.add(new MetadataCriteria(IDPSSODescriptor.DEFAULT_ELEMENT_NAME, SAMLConstants.SAML20P_NS));
- criteriaSet.add(new EntityIDCriteria(config.getPVP2IDPMetadataEntityName()));
- criteriaSet.add(new UsageCriteria(UsageType.SIGNING));
-
- MetadataCredentialResolverFactory credentialResolverFactory = MetadataCredentialResolverFactory.getFactory();
- MetadataCredentialResolver credentialResolver = credentialResolverFactory.getInstance(config.getMetaDataProvier());
-
- //Verify Signature
- List<KeyInfoProvider> keyInfoProvider = new ArrayList<KeyInfoProvider>();
- keyInfoProvider.add(new DSAKeyValueProvider());
- keyInfoProvider.add(new RSAKeyValueProvider());
- keyInfoProvider.add(new InlineX509DataProvider());
-
- KeyInfoCredentialResolver keyInfoResolver = new BasicProviderKeyInfoCredentialResolver(
- keyInfoProvider);
-
-
- ExplicitKeySignatureTrustEngine trustEngine = new ExplicitKeySignatureTrustEngine(credentialResolver, keyInfoResolver);
-
-
- SAML2HTTPRedirectDeflateSignatureRule signatureRule = new SAML2HTTPRedirectDeflateSignatureRule(
- trustEngine);
- SAML2AuthnRequestsSignedRule signedRole = new SAML2AuthnRequestsSignedRule();
- BasicSecurityPolicy policy = new BasicSecurityPolicy();
- policy.getPolicyRules().add(signatureRule);
- policy.getPolicyRules().add(signedRole);
- SecurityPolicyResolver resolver = new StaticSecurityPolicyResolver(
- policy);
- messageContext.setSecurityPolicyResolver(resolver);
-
- messageContext.setPeerEntityRole(IDPSSODescriptor.DEFAULT_ELEMENT_NAME);
-
- signatureRule.evaluate(messageContext);
-
- SignableXMLObject samlResponse = (SignableXMLObject) messageContext.getInboundMessage();
-
-
-
- log.info("PVP2 statusrequest or statusresponse is valid");
-
-
- if (samlResponse instanceof LogoutResponse) {
-
- LogoutResponse sloResp = (LogoutResponse) samlResponse;
-
- //set assertion
- org.w3c.dom.Document doc = SAML2Utils.asDOMDocument(samlResponse);
- String assertion = DOMUtils.serializeNode(doc);
- bean.setAssertion(assertion);
-
- if (sloResp.getStatus().getStatusCode().getValue().equals(StatusCode.SUCCESS_URI)) {
-
- bean.setSuccessMessage("Der Single Log-Out Vorgang konnte erfolgreich durchgeführt werden.");
-
- setAnser(request, response, bean);
- return;
-
- } else {
- bean.setErrorMessage("Der Single Log-Out Vorgang war nicht erfolgreich.<br>Bitte schließen Sie aus sicherheitsgründen den Browser!");
- setAnser(request, response, bean);
- return;
-
- }
-
- } else if (samlResponse instanceof LogoutRequest) {
- //invalidate user session
- request.getSession().invalidate();
-
- //build LogOutResponse
- LogoutResponse sloResp = SAML2Utils.createSAMLObject(LogoutResponse.class);
- SecureRandomIdentifierGenerator gen = new SecureRandomIdentifierGenerator();
- sloResp.setID(gen.generateIdentifier());
- sloResp.setIssueInstant(new DateTime());
- NameID name = SAML2Utils.createSAMLObject(NameID.class);
- Issuer issuer = SAML2Utils.createSAMLObject(Issuer.class);
-
- String serviceURL = config.getPublicUrlPreFix(request);
- if (!serviceURL.endsWith("/"))
- serviceURL = serviceURL + "/";
- name.setValue(serviceURL);
- issuer.setValue(serviceURL);
- issuer.setFormat(NameIDType.ENTITY);
- sloResp.setIssuer(issuer);
-
- Status status = SAML2Utils.createSAMLObject(Status.class);
- sloResp.setStatus(status);
- StatusCode statusCode = SAML2Utils.createSAMLObject(StatusCode.class);
- statusCode.setValue(StatusCode.SUCCESS_URI);
- status.setStatusCode(statusCode );
-
- String entityname = config.getPVP2IDPMetadataEntityName();
- if (MiscUtil.isEmpty(entityname)) {
- log.info("No IDP EntityName configurated");
- throw new ConfigurationException("No IDP EntityName configurated");
- }
-
- //get IDP metadata from metadataprovider
- HTTPMetadataProvider idpmetadata = config.getMetaDataProvier();
- EntityDescriptor idpEntity = idpmetadata.getEntityDescriptor(entityname);
- if (idpEntity == null) {
- log.info("IDP EntityName is not found in IDP Metadata");
- throw new ConfigurationException("IDP EntityName is not found in IDP Metadata");
- }
-
- //select authentication-service url from metadata
- SingleLogoutService redirectEndpoint = null;
- for (SingleLogoutService sss :
- idpEntity.getIDPSSODescriptor(SAMLConstants.SAML20P_NS).getSingleLogoutServices()) {
-
- //Get the service address for the binding you wish to use
- if (sss.getBinding().equals(SAMLConstants.SAML2_REDIRECT_BINDING_URI)) {
- redirectEndpoint = sss;
- }
- }
- sloResp.setDestination(redirectEndpoint.getLocation());
-
- //sign authentication request
- KeyStore keyStore = config.getPVP2KeyStore();
- X509Credential authcredential = new KeyStoreX509CredentialAdapter(
- keyStore,
- config.getPVP2KeystoreAuthRequestKeyAlias(),
- config.getPVP2KeystoreAuthRequestKeyPassword().toCharArray());
-
- Signature signer = SAML2Utils.createSAMLObject(Signature.class);
- signer.setSignatureAlgorithm(SignatureConstants.ALGO_ID_SIGNATURE_RSA_SHA1);
- signer.setCanonicalizationAlgorithm(SignatureConstants.ALGO_ID_C14N_EXCL_OMIT_COMMENTS);
- signer.setSigningCredential(authcredential);
- sloResp.setSignature(signer);
-
- HTTPRedirectDeflateEncoder encoder = new HTTPRedirectDeflateEncoder();
- HttpServletResponseAdapter responseAdapter = new HttpServletResponseAdapter(
- response, true);
- BasicSAMLMessageContext<SAMLObject, SAMLObject, SAMLObject> context = new BasicSAMLMessageContext<SAMLObject, SAMLObject, SAMLObject>();
- SingleSignOnService service = new SingleSignOnServiceBuilder()
- .buildObject();
- service.setBinding("urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST");
- service.setLocation(redirectEndpoint.getLocation());;
-
- context.setOutboundSAMLMessageSigningCredential(authcredential);
- context.setPeerEntityEndpoint(service);
- context.setOutboundSAMLMessage(sloResp);
- context.setOutboundMessageTransport(responseAdapter);
- context.setRelayState(messageContext.getRelayState());
-
- encoder.encode(context);
-
- } else {
- bean.setErrorMessage("Kein gültiger LogOut Request oder LogOut Response");
- setAnser(request, response, bean);
- return;
-
- }
-
-
- } catch (Exception e) {
- log.warn("Internal error", e);
- bean.setErrorMessage("Internal Error: " + e.getMessage());
- setAnser(request, response, bean);
- return;
- }
-
- } else {
- bean.setErrorMessage("Die Demoapplikation unterstützt nur SAML2 POST-Binding.");
- setAnser(request, response, bean);
- return;
-
- }
- }
-
- private void setAnser(HttpServletRequest request, HttpServletResponse response, ApplicationBean answersBean) throws ServletException, IOException {
- // store bean in session
- request.setAttribute("answers", answersBean);
-
- // you now can forward to some view, for example some results.jsp
- request.getRequestDispatcher("demoapp.jsp").forward(request, response);
-
- }
-
- /**
- * @see HttpServlet#doGet(HttpServletRequest request, HttpServletResponse
- * response)
- */
- protected void doGet(HttpServletRequest request,
- HttpServletResponse response) throws ServletException, IOException {
-
- process(request, response);
- }
-
-
- /**
- * @see HttpServlet#doPost(HttpServletRequest request, HttpServletResponse
- * response)
- */
- protected void doPost(HttpServletRequest request,
- HttpServletResponse response) throws ServletException, IOException {
- process(request, response);
- }
+ /**
+ * @see HttpServlet#doPost(HttpServletRequest request, HttpServletResponse
+ * response)
+ */
+ @Override
+ protected void doPost(HttpServletRequest request,
+ HttpServletResponse response) throws ServletException, IOException {
+ process(request, response);
+ }
}
diff --git a/id/oa/src/main/java/at/gv/egovernment/moa/id/demoOA/servlet/pvp2/SingleLogOut.java b/id/oa/src/main/java/at/gv/egovernment/moa/id/demoOA/servlet/pvp2/SingleLogOut.java
index 9bd0ff2e3..49d7b2cc6 100644
--- a/id/oa/src/main/java/at/gv/egovernment/moa/id/demoOA/servlet/pvp2/SingleLogOut.java
+++ b/id/oa/src/main/java/at/gv/egovernment/moa/id/demoOA/servlet/pvp2/SingleLogOut.java
@@ -62,156 +62,158 @@ import at.gv.egovernment.moa.id.demoOA.exception.ConfigurationException;
import at.gv.egovernment.moa.id.demoOA.utils.SAML2Utils;
import at.gv.egovernment.moa.util.MiscUtil;
-
/**
* Servlet implementation class Authenticate
*/
public class SingleLogOut extends HttpServlet {
- private static final long serialVersionUID = 1L;
-
- private static final Logger log = LoggerFactory
- .getLogger(SingleLogOut.class);
-
- /**
- * @see HttpServlet#HttpServlet()
- */
- public SingleLogOut() {
- super();
- DocumentBuilderFactory factory = DocumentBuilderFactory.newInstance();
- factory.setNamespaceAware(true);
- try {
- builder = factory.newDocumentBuilder();
-
- } catch (ParserConfigurationException e) {
- log.warn("PVP2 AuthenticationServlet can not be initialized.", e);
- }
- }
-
- DocumentBuilder builder;
-
-
- //generate AuthenticationRequest
- protected void process(HttpServletRequest request,
- HttpServletResponse response) throws ServletException, IOException {
- try {
-
- Configuration config = Configuration.getInstance();
- config.initializePVP2Login();
-
- String nameIDFormat = (String) request.getSession().getAttribute(Constants.SESSION_NAMEIDFORMAT);
- String nameID = (String) request.getSession().getAttribute(Constants.SESSION_NAMEID);
-
- if (MiscUtil.isEmpty(nameID) || MiscUtil.isEmpty(nameIDFormat)) {
- log.warn("No user information found. Single Log-Out not possible");
- throw new ServletException("No user information found. Single Log-Out not possible");
-
- } else
- log.info("Fount user information for user nameID: " + nameID
- + " , nameIDFormat: " + nameIDFormat
- + ". Build Single Log-Out request ...");
-
- //invalidate local session
- request.getSession().invalidate();
-
- //build Single LogOut request
- LogoutRequest sloReq = SAML2Utils.createSAMLObject(LogoutRequest.class);
- SecureRandomIdentifierGenerator gen = new SecureRandomIdentifierGenerator();
- sloReq.setID(gen.generateIdentifier());
- sloReq.setIssueInstant(new DateTime());
- NameID name = SAML2Utils.createSAMLObject(NameID.class);
- Issuer issuer = SAML2Utils.createSAMLObject(Issuer.class);
-
- String serviceURL = config.getPublicUrlPreFix(request);
- if (!serviceURL.endsWith("/"))
- serviceURL = serviceURL + "/";
- name.setValue(serviceURL);
- issuer.setValue(serviceURL);
- issuer.setFormat(NameIDType.ENTITY);
- sloReq.setIssuer(issuer);
-
- NameID userNameID = SAML2Utils.createSAMLObject(NameID.class);
- sloReq.setNameID(userNameID);
- userNameID.setFormat(nameIDFormat);
- userNameID.setValue(nameID);
-
- String entityname = config.getPVP2IDPMetadataEntityName();
- if (MiscUtil.isEmpty(entityname)) {
- log.info("No IDP EntityName configurated");
- throw new ConfigurationException("No IDP EntityName configurated");
- }
-
- //get IDP metadata from metadataprovider
- HTTPMetadataProvider idpmetadata = config.getMetaDataProvier();
- EntityDescriptor idpEntity = idpmetadata.getEntityDescriptor(entityname);
- if (idpEntity == null) {
- log.info("IDP EntityName is not found in IDP Metadata");
- throw new ConfigurationException("IDP EntityName is not found in IDP Metadata");
- }
-
- //select authentication-service url from metadata
- SingleLogoutService redirectEndpoint = null;
- for (SingleLogoutService sss :
- idpEntity.getIDPSSODescriptor(SAMLConstants.SAML20P_NS).getSingleLogoutServices()) {
-
- //Get the service address for the binding you wish to use
- if (sss.getBinding().equals(SAMLConstants.SAML2_REDIRECT_BINDING_URI)) {
- redirectEndpoint = sss;
- }
- }
- sloReq.setDestination(redirectEndpoint.getLocation());
-
- //sign authentication request
- KeyStore keyStore = config.getPVP2KeyStore();
- X509Credential authcredential = new KeyStoreX509CredentialAdapter(
- keyStore,
- config.getPVP2KeystoreAuthRequestKeyAlias(),
- config.getPVP2KeystoreAuthRequestKeyPassword().toCharArray());
-
- Signature signer = SAML2Utils.createSAMLObject(Signature.class);
- signer.setSignatureAlgorithm(SignatureConstants.ALGO_ID_SIGNATURE_RSA_SHA1);
- signer.setCanonicalizationAlgorithm(SignatureConstants.ALGO_ID_C14N_EXCL_OMIT_COMMENTS);
- signer.setSigningCredential(authcredential);
- sloReq.setSignature(signer);
-
- HTTPRedirectDeflateEncoder encoder = new HTTPRedirectDeflateEncoder();
- HttpServletResponseAdapter responseAdapter = new HttpServletResponseAdapter(
- response
- , true);
- BasicSAMLMessageContext<SAMLObject, SAMLObject, SAMLObject> context = new BasicSAMLMessageContext<SAMLObject, SAMLObject, SAMLObject>();
- SingleSignOnService service = new SingleSignOnServiceBuilder()
- .buildObject();
- service.setBinding(SAMLConstants.SAML2_REDIRECT_BINDING_URI);
- service.setLocation(redirectEndpoint.getLocation());
- context.setOutboundSAMLMessageSigningCredential(authcredential);
- context.setPeerEntityEndpoint(service);
- context.setOutboundSAMLMessage(sloReq);
- context.setOutboundMessageTransport(responseAdapter);
-
- encoder.encode(context);
-
- } catch (Exception e) {
- log.warn("Authentication Request can not be generated", e);
- throw new ServletException("Authentication Request can not be generated.", e);
- }
- }
-
- /**
- * @see HttpServlet#doGet(HttpServletRequest request, HttpServletResponse
- * response)
- */
- protected void doGet(HttpServletRequest request,
- HttpServletResponse response) throws ServletException, IOException {
-
- process(request, response);
- }
-
- /**
- * @see HttpServlet#doPost(HttpServletRequest request, HttpServletResponse
- * response)
- */
- protected void doPost(HttpServletRequest request,
- HttpServletResponse response) throws ServletException, IOException {
- process(request, response);
- }
+ private static final long serialVersionUID = 1L;
+
+ private static final Logger log = LoggerFactory
+ .getLogger(SingleLogOut.class);
+
+ /**
+ * @see HttpServlet#HttpServlet()
+ */
+ public SingleLogOut() {
+ super();
+ final DocumentBuilderFactory factory = DocumentBuilderFactory.newInstance();
+ factory.setNamespaceAware(true);
+ try {
+ builder = factory.newDocumentBuilder();
+
+ } catch (final ParserConfigurationException e) {
+ log.warn("PVP2 AuthenticationServlet can not be initialized.", e);
+ }
+ }
+
+ DocumentBuilder builder;
+
+ // generate AuthenticationRequest
+ protected void process(HttpServletRequest request,
+ HttpServletResponse response) throws ServletException, IOException {
+ try {
+
+ final Configuration config = Configuration.getInstance();
+ config.initializePVP2Login();
+
+ final String nameIDFormat = (String) request.getSession().getAttribute(Constants.SESSION_NAMEIDFORMAT);
+ final String nameID = (String) request.getSession().getAttribute(Constants.SESSION_NAMEID);
+
+ if (MiscUtil.isEmpty(nameID) || MiscUtil.isEmpty(nameIDFormat)) {
+ log.warn("No user information found. Single Log-Out not possible");
+ throw new ServletException("No user information found. Single Log-Out not possible");
+
+ } else {
+ log.info("Fount user information for user nameID: " + nameID
+ + " , nameIDFormat: " + nameIDFormat
+ + ". Build Single Log-Out request ...");
+ }
+
+ // invalidate local session
+ request.getSession().invalidate();
+
+ // build Single LogOut request
+ final LogoutRequest sloReq = SAML2Utils.createSAMLObject(LogoutRequest.class);
+ final SecureRandomIdentifierGenerator gen = new SecureRandomIdentifierGenerator();
+ sloReq.setID(gen.generateIdentifier());
+ sloReq.setIssueInstant(new DateTime());
+ final NameID name = SAML2Utils.createSAMLObject(NameID.class);
+ final Issuer issuer = SAML2Utils.createSAMLObject(Issuer.class);
+
+ String serviceURL = config.getPublicUrlPreFix(request);
+ if (!serviceURL.endsWith("/")) {
+ serviceURL = serviceURL + "/";
+ }
+ name.setValue(serviceURL);
+ issuer.setValue(serviceURL);
+ issuer.setFormat(NameIDType.ENTITY);
+ sloReq.setIssuer(issuer);
+
+ final NameID userNameID = SAML2Utils.createSAMLObject(NameID.class);
+ sloReq.setNameID(userNameID);
+ userNameID.setFormat(nameIDFormat);
+ userNameID.setValue(nameID);
+
+ final String entityname = config.getPVP2IDPMetadataEntityName();
+ if (MiscUtil.isEmpty(entityname)) {
+ log.info("No IDP EntityName configurated");
+ throw new ConfigurationException("No IDP EntityName configurated");
+ }
+
+ // get IDP metadata from metadataprovider
+ final HTTPMetadataProvider idpmetadata = config.getMetaDataProvier();
+ final EntityDescriptor idpEntity = idpmetadata.getEntityDescriptor(entityname);
+ if (idpEntity == null) {
+ log.info("IDP EntityName is not found in IDP Metadata");
+ throw new ConfigurationException("IDP EntityName is not found in IDP Metadata");
+ }
+
+ // select authentication-service url from metadata
+ SingleLogoutService redirectEndpoint = null;
+ for (final SingleLogoutService sss : idpEntity.getIDPSSODescriptor(SAMLConstants.SAML20P_NS)
+ .getSingleLogoutServices()) {
+
+ // Get the service address for the binding you wish to use
+ if (sss.getBinding().equals(SAMLConstants.SAML2_REDIRECT_BINDING_URI)) {
+ redirectEndpoint = sss;
+ }
+ }
+ sloReq.setDestination(redirectEndpoint.getLocation());
+
+ // sign authentication request
+ final KeyStore keyStore = config.getPVP2KeyStore();
+ final X509Credential authcredential = new KeyStoreX509CredentialAdapter(
+ keyStore,
+ config.getPVP2KeystoreAuthRequestKeyAlias(),
+ config.getPVP2KeystoreAuthRequestKeyPassword().toCharArray());
+
+ final Signature signer = SAML2Utils.createSAMLObject(Signature.class);
+ signer.setSignatureAlgorithm(SignatureConstants.ALGO_ID_SIGNATURE_RSA_SHA1);
+ signer.setCanonicalizationAlgorithm(SignatureConstants.ALGO_ID_C14N_EXCL_OMIT_COMMENTS);
+ signer.setSigningCredential(authcredential);
+ sloReq.setSignature(signer);
+
+ final HTTPRedirectDeflateEncoder encoder = new HTTPRedirectDeflateEncoder();
+ final HttpServletResponseAdapter responseAdapter = new HttpServletResponseAdapter(
+ response, true);
+ final BasicSAMLMessageContext<SAMLObject, SAMLObject, SAMLObject> context =
+ new BasicSAMLMessageContext<>();
+ final SingleSignOnService service = new SingleSignOnServiceBuilder()
+ .buildObject();
+ service.setBinding(SAMLConstants.SAML2_REDIRECT_BINDING_URI);
+ service.setLocation(redirectEndpoint.getLocation());
+ context.setOutboundSAMLMessageSigningCredential(authcredential);
+ context.setPeerEntityEndpoint(service);
+ context.setOutboundSAMLMessage(sloReq);
+ context.setOutboundMessageTransport(responseAdapter);
+
+ encoder.encode(context);
+
+ } catch (final Exception e) {
+ log.warn("Authentication Request can not be generated", e);
+ throw new ServletException("Authentication Request can not be generated.", e);
+ }
+ }
+
+ /**
+ * @see HttpServlet#doGet(HttpServletRequest request, HttpServletResponse
+ * response)
+ */
+ @Override
+ protected void doGet(HttpServletRequest request,
+ HttpServletResponse response) throws ServletException, IOException {
+
+ process(request, response);
+ }
+
+ /**
+ * @see HttpServlet#doPost(HttpServletRequest request, HttpServletResponse
+ * response)
+ */
+ @Override
+ protected void doPost(HttpServletRequest request,
+ HttpServletResponse response) throws ServletException, IOException {
+ process(request, response);
+ }
}
diff --git a/id/server/idserverlib/pom.xml b/id/server/idserverlib/pom.xml
index e8b194f3f..4314bd3fd 100644
--- a/id/server/idserverlib/pom.xml
+++ b/id/server/idserverlib/pom.xml
@@ -287,6 +287,10 @@
<artifactId>bcprov-jdk15on</artifactId>
<groupId>org.bouncycastle</groupId>
</exclusion>
+ <exclusion>
+ <groupId>log4j</groupId>
+ <artifactId>log4j</artifactId>
+ </exclusion>
</exclusions>
</dependency>
<dependency>
@@ -321,7 +325,17 @@
<type>test-jar</type>
<classifier>tests</classifier>
<version>1.0.0</version>
- <scope>test</scope>
+ <scope>test</scope>
+ <exclusions>
+ <exclusion>
+ <groupId>log4j</groupId>
+ <artifactId>log4j</artifactId>
+ </exclusion>
+ <exclusion>
+ <groupId>org.slf4j</groupId>
+ <artifactId>slf4j-log4j12</artifactId>
+ </exclusion>
+ </exclusions>
</dependency>
<!-- <dependency>
<groupId>org.opensaml</groupId>
@@ -495,13 +509,13 @@
<dependency>
<groupId>org.apache.commons</groupId>
<artifactId>commons-pool2</artifactId>
- <version>2.9.0</version>
+ <version>2.11.1</version>
</dependency>
<dependency>
<groupId>redis.clients</groupId>
<artifactId>jedis</artifactId>
<!-- version>3.0.1</version -->
- <version>3.3.0</version>
+ <version>3.7.1</version>
</dependency>
<!-- <dependency>
diff --git a/id/server/moa-id-commons/pom.xml b/id/server/moa-id-commons/pom.xml
index 452a566bf..2ab3b4c86 100644
--- a/id/server/moa-id-commons/pom.xml
+++ b/id/server/moa-id-commons/pom.xml
@@ -167,7 +167,6 @@
<dependency>
<groupId>joda-time</groupId>
<artifactId>joda-time</artifactId>
- <version>${jodatime.version}</version>
</dependency>
<dependency>
<groupId>org.slf4j</groupId>
@@ -182,14 +181,9 @@
<artifactId>jul-to-slf4j</artifactId>
</dependency>
<dependency>
- <groupId>org.slf4j</groupId>
- <artifactId>slf4j-log4j12</artifactId>
+ <groupId>org.apache.logging.log4j</groupId>
+ <artifactId>log4j-slf4j-impl</artifactId>
</dependency>
- <!-- <dependency> <groupId>log4j</groupId> <artifactId>log4j</artifactId>
- </dependency> -->
- <!-- <dependency> <groupId>org.apache.logging.log4j</groupId> <artifactId>log4j-core</artifactId>
- </dependency> -->
-
<dependency>
<groupId>org.hibernate</groupId>
diff --git a/id/server/modules/moa-id-module-bkaMobilaAuthSAML2Test/pom.xml b/id/server/modules/moa-id-module-bkaMobilaAuthSAML2Test/pom.xml
index 4db2aa3ad..014759b5c 100644
--- a/id/server/modules/moa-id-module-bkaMobilaAuthSAML2Test/pom.xml
+++ b/id/server/modules/moa-id-module-bkaMobilaAuthSAML2Test/pom.xml
@@ -12,12 +12,12 @@
<dependency>
<groupId>org.bouncycastle</groupId>
<artifactId>bcprov-jdk15on</artifactId>
- <version>1.52</version>
+ <version>1.70</version>
</dependency>
<dependency>
<groupId>org.bouncycastle</groupId>
<artifactId>bcpkix-jdk15on</artifactId>
- <version>1.52</version>
+ <version>1.70</version>
</dependency>
<!-- JSON JWT implementation -->
diff --git a/id/server/modules/moa-id-module-eIDAS/pom.xml b/id/server/modules/moa-id-module-eIDAS/pom.xml
index eabb1fc18..a83a065fa 100644
--- a/id/server/modules/moa-id-module-eIDAS/pom.xml
+++ b/id/server/modules/moa-id-module-eIDAS/pom.xml
@@ -237,14 +237,14 @@
<dependency>
<groupId>org.bouncycastle</groupId>
<artifactId>bcprov-jdk15on</artifactId>
- <version>1.52</version>
+ <version>1.70</version>
<!-- <scope>provided</scope> -->
</dependency>
<dependency>
<groupId>com.ibm.icu</groupId>
<artifactId>icu4j</artifactId>
- <version>58.2</version>
+ <version>70.1</version>
</dependency>
diff --git a/id/server/modules/moa-id-module-ehvd_integration/pom.xml b/id/server/modules/moa-id-module-ehvd_integration/pom.xml
index 6f9463710..15d129dcb 100644
--- a/id/server/modules/moa-id-module-ehvd_integration/pom.xml
+++ b/id/server/modules/moa-id-module-ehvd_integration/pom.xml
@@ -32,7 +32,6 @@
<dependency>
<groupId>javax.servlet</groupId>
<artifactId>javax.servlet-api</artifactId>
- <version>3.1.0</version>
<scope>provided</scope>
</dependency>
diff --git a/id/server/modules/moa-id-module-openID/pom.xml b/id/server/modules/moa-id-module-openID/pom.xml
index a7a4dad1b..bed0ef11c 100644
--- a/id/server/modules/moa-id-module-openID/pom.xml
+++ b/id/server/modules/moa-id-module-openID/pom.xml
@@ -38,13 +38,13 @@
<dependency>
<groupId>com.google.http-client</groupId>
<artifactId>google-http-client-jackson2</artifactId>
- <version>1.22.0</version>
+ <version>1.40.1</version>
<scope>test</scope>
</dependency>
<dependency>
<groupId>com.google.oauth-client</groupId>
<artifactId>google-oauth-client-jetty</artifactId>
- <version>1.22.0</version>
+ <version>1.32.1</version>
<scope>test</scope>
<exclusions>
<exclusion>
@@ -78,7 +78,6 @@
<dependency>
<groupId>com.google.guava</groupId>
<artifactId>guava</artifactId>
- <version>19.0</version>
</dependency>
<!-- TestNG -->
diff --git a/id/server/modules/moa-id-module-sl20_authentication/pom.xml b/id/server/modules/moa-id-module-sl20_authentication/pom.xml
index 1f7606e1d..4734bb3a6 100644
--- a/id/server/modules/moa-id-module-sl20_authentication/pom.xml
+++ b/id/server/modules/moa-id-module-sl20_authentication/pom.xml
@@ -53,18 +53,18 @@
<dependency>
<groupId>com.google.code.gson</groupId>
<artifactId>gson</artifactId>
- <version>2.8.2</version>
+ <version>2.8.9</version>
</dependency>
<dependency>
<groupId>org.bitbucket.b_c</groupId>
<artifactId>jose4j</artifactId>
- <version>0.6.3</version>
+ <version>0.7.9</version>
</dependency>
<dependency>
<groupId>org.bouncycastle</groupId>
<artifactId>bcprov-jdk15on</artifactId>
- <version>1.52</version>
+ <version>1.70</version>
<!-- <scope>provided</scope> -->
</dependency>
diff --git a/id/server/modules/moa-id-module-sl20_authentication/src/main/java/at/gv/egovernment/moa/id/auth/modules/sl20_auth/sl20/SL20JSONExtractorUtils.java b/id/server/modules/moa-id-module-sl20_authentication/src/main/java/at/gv/egovernment/moa/id/auth/modules/sl20_auth/sl20/SL20JSONExtractorUtils.java
index 759d9c838..6bf297a4e 100644
--- a/id/server/modules/moa-id-module-sl20_authentication/src/main/java/at/gv/egovernment/moa/id/auth/modules/sl20_auth/sl20/SL20JSONExtractorUtils.java
+++ b/id/server/modules/moa-id-module-sl20_authentication/src/main/java/at/gv/egovernment/moa/id/auth/modules/sl20_auth/sl20/SL20JSONExtractorUtils.java
@@ -13,7 +13,6 @@ import org.apache.http.Header;
import org.apache.http.HttpEntity;
import org.apache.http.HttpResponse;
import org.apache.http.client.utils.URIBuilder;
-import org.apache.log4j.Logger;
import org.jose4j.base64url.Base64Url;
import com.google.gson.JsonElement;
@@ -23,328 +22,347 @@ import com.google.gson.JsonParser;
import at.gv.egovernment.moa.id.auth.modules.sl20_auth.data.VerificationResult;
import at.gv.egovernment.moa.id.auth.modules.sl20_auth.exceptions.SL20Exception;
import at.gv.egovernment.moa.id.auth.modules.sl20_auth.exceptions.SLCommandoParserException;
+import lombok.extern.slf4j.Slf4j;
+@Slf4j
public class SL20JSONExtractorUtils {
- private static final Logger log = Logger.getLogger(SL20JSONExtractorUtils.class);
-
- /**
- * Extract String value from JSON
- *
- * @param input
- * @param keyID
- * @param isRequired
- * @return
- * @throws SLCommandoParserException
- */
- public static String getStringValue(JsonObject input, String keyID, boolean isRequired) throws SLCommandoParserException {
- try {
- JsonElement internal = getAndCheck(input, keyID, isRequired);
-
- if (internal != null)
- return internal.getAsString();
- else
- return null;
-
- } catch (SLCommandoParserException e) {
- throw e;
-
- } catch (Exception e) {
- throw new SLCommandoParserException("Can not extract String value with keyId: " + keyID, e);
-
- }
- }
-
- /**
- * Extract Boolean value from JSON
- *
- * @param input
- * @param keyID
- * @param isRequired
- * @return
- * @throws SLCommandoParserException
- */
- public static boolean getBooleanValue(JsonObject input, String keyID, boolean isRequired, boolean defaultValue) throws SLCommandoParserException {
- try {
- JsonElement internal = getAndCheck(input, keyID, isRequired);
-
- if (internal != null)
- return internal.getAsBoolean();
- else
- return defaultValue;
-
- } catch (SLCommandoParserException e) {
- throw e;
-
- } catch (Exception e) {
- throw new SLCommandoParserException("Can not extract Boolean value with keyId: " + keyID, e);
-
- }
- }
-
- /**
- * Extract JSONObject value from JSON
- *
- * @param input
- * @param keyID
- * @param isRequired
- * @return
- * @throws SLCommandoParserException
- */
- public static JsonObject getJSONObjectValue(JsonObject input, String keyID, boolean isRequired) throws SLCommandoParserException {
- try {
- JsonElement internal = getAndCheck(input, keyID, isRequired);
-
- if (internal != null)
- return internal.getAsJsonObject();
- else
- return null;
-
- } catch (SLCommandoParserException e) {
- throw e;
-
- } catch (Exception e) {
- throw new SLCommandoParserException("Can not extract Boolean value with keyId: " + keyID, e);
-
- }
- }
-
- /**
- * Extract a List of String elements from a JSON element
- *
- * @param input
- * @return
- * @throws SLCommandoParserException
- */
- public static List<String> getListOfStringElements(JsonElement input) throws SLCommandoParserException {
- List<String> result = new ArrayList<String>();
- if (input != null) {
- if (input.isJsonArray()) {
- Iterator<JsonElement> arrayIterator = input.getAsJsonArray().iterator();
- while(arrayIterator.hasNext()) {
- JsonElement next = arrayIterator.next();
- if (next.isJsonPrimitive())
- result.add(next.getAsString());
- }
-
- } else if (input.isJsonPrimitive()) {
- result.add(input.getAsString());
-
- } else {
- log.warn("JSON Element IS NOT a JSON array or a JSON Primitive");
- throw new SLCommandoParserException("JSON Element IS NOT a JSON array or a JSON Primitive");
-
- }
- }
-
- return result;
- }
-
- /**
- * Extract Map of Key/Value pairs from a JSON Element
- *
- * @param input parent JSON object
- * @param keyID KeyId of the child that should be parsed
- * @param isRequired
- * @return
- * @throws SLCommandoParserException
- */
- public static Map<String, String> getMapOfStringElements(JsonObject input, String keyID, boolean isRequired) throws SLCommandoParserException {
- JsonElement internal = getAndCheck(input, keyID, isRequired);
- return getMapOfStringElements(internal);
-
- }
-
- /**
- * Extract Map of Key/Value pairs from a JSON Element
- *
- * @param input
- * @return
- * @throws SLCommandoParserException
- */
- public static Map<String, String> getMapOfStringElements(JsonElement input) throws SLCommandoParserException {
- Map<String, String> result = new HashMap<String, String>();
-
- if (input != null) {
- if (input.isJsonArray()) {
- Iterator<JsonElement> arrayIterator = input.getAsJsonArray().iterator();
- while(arrayIterator.hasNext()) {
- JsonElement next = arrayIterator.next();
- Iterator<Entry<String, JsonElement>> entry = next.getAsJsonObject().entrySet().iterator();
- entitySetToMap(result, entry);
-
- }
-
- } else if (input.isJsonObject()) {
- Iterator<Entry<String, JsonElement>> objectKeys = input.getAsJsonObject().entrySet().iterator();
- entitySetToMap(result, objectKeys);
-
- } else
- throw new SLCommandoParserException("JSON Element IS NOT a JSON array or a JSON object");
-
- }
-
- return result;
- }
-
- private static void entitySetToMap(Map<String, String> result, Iterator<Entry<String, JsonElement>> entry) {
- while (entry.hasNext()) {
- Entry<String, JsonElement> el = entry.next();
- if (result.containsKey(el.getKey()))
- log.info("Attr. Map already contains Element with Key: " + el.getKey() + ". Overwrite element ... ");
-
- result.put(el.getKey(), el.getValue().getAsString());
-
- }
-
- }
-
-
- public static JsonElement extractSL20Result(JsonObject command, IJOSETools decrypter, boolean mustBeEncrypted) throws SL20Exception {
- JsonElement result = command.get(SL20Constants.SL20_COMMAND_CONTAINER_RESULT);
- JsonElement encryptedResult = command.get(SL20Constants.SL20_COMMAND_CONTAINER_ENCRYPTEDRESULT);
-
- if (result == null && encryptedResult == null)
- throw new SLCommandoParserException("NO result OR encryptedResult FOUND.");
-
- else if (encryptedResult == null && mustBeEncrypted)
- throw new SLCommandoParserException("result MUST be signed.");
-
- else if (encryptedResult != null && encryptedResult.isJsonPrimitive()) {
- try {
- return decrypter.decryptPayload(encryptedResult.getAsString());
-
- } catch (Exception e) {
- log.info("Can NOT decrypt SL20 result. Reason:" + e.getMessage());
- if (!mustBeEncrypted) {
- log.warn("Decrypted results are disabled by configuration. Parse result in plain if it is possible");
-
- //dummy code
- try {
- String[] signedPayload = encryptedResult.toString().split("\\.");
- JsonElement payLoad = new JsonParser().parse(new String(Base64.getUrlDecoder().decode(signedPayload[1])));
- return payLoad;
-
- } catch (Exception e1) {
- log.debug("DummyCode FAILED, Reason: " + e1.getMessage() + " Ignore it ...");
- throw new SL20Exception(e.getMessage(), null, e);
-
- }
-
- } else
- throw e;
-
- }
-
- } else if (result != null) {
- return result;
-
- } else
- throw new SLCommandoParserException("Internal build error");
-
-
- }
-
- /**
- * Extract payLoad from generic transport container
- *
- * @param container
- * @param joseTools
- * @return
- * @throws SLCommandoParserException
- */
- public static VerificationResult extractSL20PayLoad(JsonObject container, IJOSETools joseTools, boolean mustBeSigned) throws SL20Exception {
-
- JsonElement sl20Payload = container.get(SL20Constants.SL20_PAYLOAD);
- JsonElement sl20SignedPayload = container.get(SL20Constants.SL20_SIGNEDPAYLOAD);
-
- if (mustBeSigned && joseTools == null)
- throw new SLCommandoParserException("'joseTools' MUST be set if 'mustBeSigned' is 'true'");
-
- if (sl20Payload == null && sl20SignedPayload == null)
- throw new SLCommandoParserException("NO payLoad OR signedPayload FOUND.");
-
- else if (sl20SignedPayload == null && mustBeSigned)
- throw new SLCommandoParserException("payLoad MUST be signed.");
-
- else if (joseTools != null && sl20SignedPayload != null && sl20SignedPayload.isJsonPrimitive()) {
- return joseTools.validateSignature(sl20SignedPayload.getAsString());
-
- } else if (sl20Payload != null)
- return new VerificationResult(sl20Payload.getAsJsonObject());
-
- else
- throw new SLCommandoParserException("Internal build error");
-
-
- }
-
-
- /**
- * Extract generic transport container from httpResponse
- *
- * @param httpResp
- * @return
- * @throws SLCommandoParserException
- */
- public static JsonObject getSL20ContainerFromResponse(HttpResponse httpResp) throws SLCommandoParserException {
- try {
- JsonObject sl20Resp = null;
- if (httpResp.getStatusLine().getStatusCode() == 307) {
- Header[] locationHeader = httpResp.getHeaders("Location");
- if (locationHeader == null)
- throw new SLCommandoParserException("Find Redirect statuscode but not Location header");
-
- String sl20RespString = new URIBuilder(locationHeader[0].getValue()).getQueryParams().get(0).getValue();
- sl20Resp = new JsonParser().parse(Base64Url.encode((sl20RespString.getBytes()))).getAsJsonObject();
-
- } else if (httpResp.getStatusLine().getStatusCode() == 200) {
- if (!httpResp.getEntity().getContentType().getValue().startsWith("application/json"))
- throw new SLCommandoParserException("SL20 response with a wrong ContentType: " + httpResp.getEntity().getContentType().getValue());
- sl20Resp = parseSL20ResultFromResponse(httpResp.getEntity());
-
- } else if ( (httpResp.getStatusLine().getStatusCode() == 500) ||
- (httpResp.getStatusLine().getStatusCode() == 401) ||
- (httpResp.getStatusLine().getStatusCode() == 400) ) {
- log.info("SL20 response with http-code: " + httpResp.getStatusLine().getStatusCode()
- + ". Search for error message");
- sl20Resp = parseSL20ResultFromResponse(httpResp.getEntity());
-
-
- } else
- throw new SLCommandoParserException("SL20 response with http-code: " + httpResp.getStatusLine().getStatusCode());
-
- log.info("Find JSON object in http response");
- return sl20Resp;
-
- } catch (Exception e) {
- throw new SLCommandoParserException("SL20 response parsing FAILED! Reason: " + e.getMessage(), e);
-
- }
- }
-
- private static JsonObject parseSL20ResultFromResponse(HttpEntity resp) throws Exception {
- if (resp != null && resp.getContent() != null) {
- JsonElement sl20Resp = new JsonParser().parse(new InputStreamReader(resp.getContent()));
- if (sl20Resp != null && sl20Resp.isJsonObject()) {
- return sl20Resp.getAsJsonObject();
-
- } else
- throw new SLCommandoParserException("SL2.0 can NOT parse to a JSON object");
-
-
- } else
- throw new SLCommandoParserException("Can NOT find content in http response");
-
- }
-
-
- private static JsonElement getAndCheck(JsonObject input, String keyID, boolean isRequired) throws SLCommandoParserException {
- JsonElement internal = input.get(keyID);
-
- if (internal == null && isRequired)
- throw new SLCommandoParserException("REQUIRED Element with keyId: " + keyID + " does not exist");
-
- return internal;
-
- }
+
+ /**
+ * Extract String value from JSON
+ *
+ * @param input
+ * @param keyID
+ * @param isRequired
+ * @return
+ * @throws SLCommandoParserException
+ */
+ public static String getStringValue(JsonObject input, String keyID, boolean isRequired)
+ throws SLCommandoParserException {
+ try {
+ final JsonElement internal = getAndCheck(input, keyID, isRequired);
+
+ if (internal != null) {
+ return internal.getAsString();
+ } else {
+ return null;
+ }
+
+ } catch (final SLCommandoParserException e) {
+ throw e;
+
+ } catch (final Exception e) {
+ throw new SLCommandoParserException("Can not extract String value with keyId: " + keyID, e);
+
+ }
+ }
+
+ /**
+ * Extract Boolean value from JSON
+ *
+ * @param input
+ * @param keyID
+ * @param isRequired
+ * @return
+ * @throws SLCommandoParserException
+ */
+ public static boolean getBooleanValue(JsonObject input, String keyID, boolean isRequired,
+ boolean defaultValue) throws SLCommandoParserException {
+ try {
+ final JsonElement internal = getAndCheck(input, keyID, isRequired);
+
+ if (internal != null) {
+ return internal.getAsBoolean();
+ } else {
+ return defaultValue;
+ }
+
+ } catch (final SLCommandoParserException e) {
+ throw e;
+
+ } catch (final Exception e) {
+ throw new SLCommandoParserException("Can not extract Boolean value with keyId: " + keyID, e);
+
+ }
+ }
+
+ /**
+ * Extract JSONObject value from JSON
+ *
+ * @param input
+ * @param keyID
+ * @param isRequired
+ * @return
+ * @throws SLCommandoParserException
+ */
+ public static JsonObject getJSONObjectValue(JsonObject input, String keyID, boolean isRequired)
+ throws SLCommandoParserException {
+ try {
+ final JsonElement internal = getAndCheck(input, keyID, isRequired);
+
+ if (internal != null) {
+ return internal.getAsJsonObject();
+ } else {
+ return null;
+ }
+
+ } catch (final SLCommandoParserException e) {
+ throw e;
+
+ } catch (final Exception e) {
+ throw new SLCommandoParserException("Can not extract Boolean value with keyId: " + keyID, e);
+
+ }
+ }
+
+ /**
+ * Extract a List of String elements from a JSON element
+ *
+ * @param input
+ * @return
+ * @throws SLCommandoParserException
+ */
+ public static List<String> getListOfStringElements(JsonElement input) throws SLCommandoParserException {
+ final List<String> result = new ArrayList<>();
+ if (input != null) {
+ if (input.isJsonArray()) {
+ final Iterator<JsonElement> arrayIterator = input.getAsJsonArray().iterator();
+ while (arrayIterator.hasNext()) {
+ final JsonElement next = arrayIterator.next();
+ if (next.isJsonPrimitive()) {
+ result.add(next.getAsString());
+ }
+ }
+
+ } else if (input.isJsonPrimitive()) {
+ result.add(input.getAsString());
+
+ } else {
+ log.warn("JSON Element IS NOT a JSON array or a JSON Primitive");
+ throw new SLCommandoParserException("JSON Element IS NOT a JSON array or a JSON Primitive");
+
+ }
+ }
+
+ return result;
+ }
+
+ /**
+ * Extract Map of Key/Value pairs from a JSON Element
+ *
+ * @param input parent JSON object
+ * @param keyID KeyId of the child that should be parsed
+ * @param isRequired
+ * @return
+ * @throws SLCommandoParserException
+ */
+ public static Map<String, String> getMapOfStringElements(JsonObject input, String keyID, boolean isRequired)
+ throws SLCommandoParserException {
+ final JsonElement internal = getAndCheck(input, keyID, isRequired);
+ return getMapOfStringElements(internal);
+
+ }
+
+ /**
+ * Extract Map of Key/Value pairs from a JSON Element
+ *
+ * @param input
+ * @return
+ * @throws SLCommandoParserException
+ */
+ public static Map<String, String> getMapOfStringElements(JsonElement input)
+ throws SLCommandoParserException {
+ final Map<String, String> result = new HashMap<>();
+
+ if (input != null) {
+ if (input.isJsonArray()) {
+ final Iterator<JsonElement> arrayIterator = input.getAsJsonArray().iterator();
+ while (arrayIterator.hasNext()) {
+ final JsonElement next = arrayIterator.next();
+ final Iterator<Entry<String, JsonElement>> entry = next.getAsJsonObject().entrySet().iterator();
+ entitySetToMap(result, entry);
+
+ }
+
+ } else if (input.isJsonObject()) {
+ final Iterator<Entry<String, JsonElement>> objectKeys = input.getAsJsonObject().entrySet().iterator();
+ entitySetToMap(result, objectKeys);
+
+ } else {
+ throw new SLCommandoParserException("JSON Element IS NOT a JSON array or a JSON object");
+ }
+
+ }
+
+ return result;
+ }
+
+ private static void entitySetToMap(Map<String, String> result, Iterator<Entry<String, JsonElement>> entry) {
+ while (entry.hasNext()) {
+ final Entry<String, JsonElement> el = entry.next();
+ if (result.containsKey(el.getKey())) {
+ log.info("Attr. Map already contains Element with Key: " + el.getKey() + ". Overwrite element ... ");
+ }
+
+ result.put(el.getKey(), el.getValue().getAsString());
+
+ }
+
+ }
+
+ public static JsonElement extractSL20Result(JsonObject command, IJOSETools decrypter,
+ boolean mustBeEncrypted) throws SL20Exception {
+ final JsonElement result = command.get(SL20Constants.SL20_COMMAND_CONTAINER_RESULT);
+ final JsonElement encryptedResult = command.get(SL20Constants.SL20_COMMAND_CONTAINER_ENCRYPTEDRESULT);
+
+ if (result == null && encryptedResult == null) {
+ throw new SLCommandoParserException("NO result OR encryptedResult FOUND.");
+ } else if (encryptedResult == null && mustBeEncrypted) {
+ throw new SLCommandoParserException("result MUST be signed.");
+ } else if (encryptedResult != null && encryptedResult.isJsonPrimitive()) {
+ try {
+ return decrypter.decryptPayload(encryptedResult.getAsString());
+
+ } catch (final Exception e) {
+ log.info("Can NOT decrypt SL20 result. Reason:" + e.getMessage());
+ if (!mustBeEncrypted) {
+ log.warn(
+ "Decrypted results are disabled by configuration. Parse result in plain if it is possible");
+
+ // dummy code
+ try {
+ final String[] signedPayload = encryptedResult.toString().split("\\.");
+ final JsonElement payLoad = new JsonParser().parse(new String(Base64.getUrlDecoder().decode(
+ signedPayload[1])));
+ return payLoad;
+
+ } catch (final Exception e1) {
+ log.debug("DummyCode FAILED, Reason: " + e1.getMessage() + " Ignore it ...");
+ throw new SL20Exception(e.getMessage(), null, e);
+
+ }
+
+ } else {
+ throw e;
+ }
+
+ }
+
+ } else if (result != null) {
+ return result;
+
+ } else {
+ throw new SLCommandoParserException("Internal build error");
+ }
+
+ }
+
+ /**
+ * Extract payLoad from generic transport container
+ *
+ * @param container
+ * @param joseTools
+ * @return
+ * @throws SLCommandoParserException
+ */
+ public static VerificationResult extractSL20PayLoad(JsonObject container, IJOSETools joseTools,
+ boolean mustBeSigned) throws SL20Exception {
+
+ final JsonElement sl20Payload = container.get(SL20Constants.SL20_PAYLOAD);
+ final JsonElement sl20SignedPayload = container.get(SL20Constants.SL20_SIGNEDPAYLOAD);
+
+ if (mustBeSigned && joseTools == null) {
+ throw new SLCommandoParserException("'joseTools' MUST be set if 'mustBeSigned' is 'true'");
+ }
+
+ if (sl20Payload == null && sl20SignedPayload == null) {
+ throw new SLCommandoParserException("NO payLoad OR signedPayload FOUND.");
+ } else if (sl20SignedPayload == null && mustBeSigned) {
+ throw new SLCommandoParserException("payLoad MUST be signed.");
+ } else if (joseTools != null && sl20SignedPayload != null && sl20SignedPayload.isJsonPrimitive()) {
+ return joseTools.validateSignature(sl20SignedPayload.getAsString());
+
+ } else if (sl20Payload != null) {
+ return new VerificationResult(sl20Payload.getAsJsonObject());
+ } else {
+ throw new SLCommandoParserException("Internal build error");
+ }
+
+ }
+
+ /**
+ * Extract generic transport container from httpResponse
+ *
+ * @param httpResp
+ * @return
+ * @throws SLCommandoParserException
+ */
+ public static JsonObject getSL20ContainerFromResponse(HttpResponse httpResp)
+ throws SLCommandoParserException {
+ try {
+ JsonObject sl20Resp = null;
+ if (httpResp.getStatusLine().getStatusCode() == 307) {
+ final Header[] locationHeader = httpResp.getHeaders("Location");
+ if (locationHeader == null) {
+ throw new SLCommandoParserException("Find Redirect statuscode but not Location header");
+ }
+
+ final String sl20RespString = new URIBuilder(locationHeader[0].getValue()).getQueryParams().get(0)
+ .getValue();
+ sl20Resp = new JsonParser().parse(Base64Url.encode(sl20RespString.getBytes())).getAsJsonObject();
+
+ } else if (httpResp.getStatusLine().getStatusCode() == 200) {
+ if (!httpResp.getEntity().getContentType().getValue().startsWith("application/json")) {
+ throw new SLCommandoParserException("SL20 response with a wrong ContentType: " + httpResp
+ .getEntity().getContentType().getValue());
+ }
+ sl20Resp = parseSL20ResultFromResponse(httpResp.getEntity());
+
+ } else if (httpResp.getStatusLine().getStatusCode() == 500 ||
+ httpResp.getStatusLine().getStatusCode() == 401 ||
+ httpResp.getStatusLine().getStatusCode() == 400) {
+ log.info("SL20 response with http-code: " + httpResp.getStatusLine().getStatusCode()
+ + ". Search for error message");
+ sl20Resp = parseSL20ResultFromResponse(httpResp.getEntity());
+
+ } else {
+ throw new SLCommandoParserException("SL20 response with http-code: " + httpResp.getStatusLine()
+ .getStatusCode());
+ }
+
+ log.info("Find JSON object in http response");
+ return sl20Resp;
+
+ } catch (final Exception e) {
+ throw new SLCommandoParserException("SL20 response parsing FAILED! Reason: " + e.getMessage(), e);
+
+ }
+ }
+
+ private static JsonObject parseSL20ResultFromResponse(HttpEntity resp) throws Exception {
+ if (resp != null && resp.getContent() != null) {
+ final JsonElement sl20Resp = new JsonParser().parse(new InputStreamReader(resp.getContent()));
+ if (sl20Resp != null && sl20Resp.isJsonObject()) {
+ return sl20Resp.getAsJsonObject();
+
+ } else {
+ throw new SLCommandoParserException("SL2.0 can NOT parse to a JSON object");
+ }
+
+ } else {
+ throw new SLCommandoParserException("Can NOT find content in http response");
+ }
+
+ }
+
+ private static JsonElement getAndCheck(JsonObject input, String keyID, boolean isRequired)
+ throws SLCommandoParserException {
+ final JsonElement internal = input.get(keyID);
+
+ if (internal == null && isRequired) {
+ throw new SLCommandoParserException("REQUIRED Element with keyId: " + keyID + " does not exist");
+ }
+
+ return internal;
+
+ }
}
diff --git a/id/server/modules/moa-id-module-ssoTransfer/pom.xml b/id/server/modules/moa-id-module-ssoTransfer/pom.xml
index dbf91dccf..458eb3f85 100644
--- a/id/server/modules/moa-id-module-ssoTransfer/pom.xml
+++ b/id/server/modules/moa-id-module-ssoTransfer/pom.xml
@@ -36,14 +36,14 @@
<dependency>
<groupId>org.bouncycastle</groupId>
<artifactId>bcprov-jdk15on</artifactId>
- <version>1.52</version>
+ <version>1.70</version>
<!-- <scope>provided</scope> -->
</dependency>
<dependency>
<groupId>org.bouncycastle</groupId>
<artifactId>bcpkix-jdk15on</artifactId>
- <version>1.52</version>
+ <version>1.70</version>
</dependency>
<dependency>
diff --git a/pom.xml b/pom.xml
index 90ab19386..41eef6d83 100644
--- a/pom.xml
+++ b/pom.xml
@@ -34,53 +34,54 @@
<!-- =================================================================================== -->
<egiz-spring-api.version>0.3</egiz-spring-api.version>
<egiz.eaaf.version>1.0.15</egiz.eaaf.version>
- <org.springframework.version>5.2.11.RELEASE</org.springframework.version>
- <org.springframework.data.spring-data-jpa>2.3.5.RELEASE</org.springframework.data.spring-data-jpa>
- <org.springframework.data.spring-data-redis>2.3.5.RELEASE</org.springframework.data.spring-data-redis>
+ <org.springframework.version>5.3.13</org.springframework.version>
+ <org.springframework.data.spring-data-jpa>2.6.0</org.springframework.data.spring-data-jpa>
+ <org.springframework.data.spring-data-redis>2.6.0</org.springframework.data.spring-data-redis>
<surefire.version>2.22.0</surefire.version>
<jaxb.version>2.3.1</jaxb.version>
<jaxb-core.version>2.3.0.1</jaxb-core.version>
- <guava.version>30.0-jre</guava.version>
+ <guava.version>31.0.1-jre</guava.version>
<opensaml.version>2.6.6</opensaml.version> <!-- update to v3 (v2 is end-of-life in june 2016) -->
<org.opensaml.openws.version>1.5.6</org.opensaml.openws.version>
<xmltooling.version>1.4.6</xmltooling.version>
- <xmlsec.version>2.1.5</xmlsec.version>
+ <xmlsec.version>2.3.0</xmlsec.version>
<jaxws-api.version>2.3.1</jaxws-api.version>
<jws-api.version>1.1</jws-api.version>
- <hibernate.version>5.4.25.Final</hibernate.version>
- <org.apache.commons.commons.dbcp2>2.8.0</org.apache.commons.commons.dbcp2>
+ <hibernate.version>5.6.2.Final</hibernate.version>
+ <org.apache.commons.commons.dbcp2>2.9.0</org.apache.commons.commons.dbcp2>
- <cxf.version>3.3.8</cxf.version>
- <struts.version>2.5.26</struts.version> <!-- 2.5.10.1 -->
+ <cxf.version>3.3.12</cxf.version>
+ <struts.version>2.5.28</struts.version> <!-- 2.5.10.1 -->
<egovutils.version>2.0.0</egovutils.version>
<slf4j.version>1.7.30</slf4j.version>
+ <log4j.version>2.15.0</log4j.version>
<httpclient.version>4.5.13</httpclient.version>
- <httpcore.version>4.4.14</httpcore.version>
+ <httpcore.version>4.4.15</httpcore.version>
<!-- Maybe problems with Hibernate 5.0.10 -->
- <mysql-connector.java>8.0.22</mysql-connector.java>
+ <mysql-connector.java>8.0.27</mysql-connector.java>
<!-- <mysql-connector.java>5.1.40</mysql-connector.java> -->
- <junit.version>4.12</junit.version>
- <org.apache.commons.io.version>2.8.0</org.apache.commons.io.version>
- <org.apache.commons.lang3.version>3.11</org.apache.commons.lang3.version>
+ <junit.version>4.13.2</junit.version>
+ <org.apache.commons.io.version>2.11.0</org.apache.commons.io.version>
+ <org.apache.commons.lang3.version>3.12.0</org.apache.commons.lang3.version>
<org.apache.commons.collections4.version>4.4</org.apache.commons.collections4.version>
<org.apache.commons.collections3.version>3.2.2</org.apache.commons.collections3.version>
<org.apache.commons-text.version>1.9</org.apache.commons-text.version>
- <jodatime.version>2.10.8</jodatime.version>
-
- <jackson-version>2.12.0</jackson-version>
+ <joda-time.version>2.10.13</joda-time.version>
+
+ <jackson-version>2.13.0</jackson-version>
<apache-cli-version>1.4</apache-cli-version>
<spring-orm-version>${org.springframework.version}</spring-orm-version>
- <org.projectlombok.lombok.version>1.18.16</org.projectlombok.lombok.version>
+ <org.projectlombok.lombok.version>1.18.22</org.projectlombok.lombok.version>
<jacoco-maven-plugin.version>0.8.6</jacoco-maven-plugin.version>
<maven-checkstyle-plugin.version>3.1.1</maven-checkstyle-plugin.version>
@@ -338,6 +339,12 @@
<dependencies>
<dependency>
+ <groupId>joda-time</groupId>
+ <artifactId>joda-time</artifactId>
+ <version>${joda-time.version}</version>
+ </dependency>
+
+ <dependency>
<groupId>org.apache.commons</groupId>
<artifactId>commons-dbcp2</artifactId>
<version>${org.apache.commons.commons.dbcp2}</version>
@@ -443,9 +450,9 @@
<version>${slf4j.version}</version>
</dependency>
<dependency>
- <groupId>org.slf4j</groupId>
- <artifactId>slf4j-log4j12</artifactId>
- <version>${slf4j.version}</version>
+ <groupId>org.apache.logging.log4j</groupId>
+ <artifactId>log4j-slf4j-impl</artifactId>
+ <version>${log4j.version}</version>
</dependency>
<dependency>
@@ -461,12 +468,6 @@
</dependency>
<dependency>
- <groupId>org.apache.logging.log4j</groupId>
- <artifactId>log4j-core</artifactId>
- <version>2.13.3</version>
- </dependency>
-
- <dependency>
<groupId>org.apache.httpcomponents</groupId>
<artifactId>httpclient</artifactId>
<version>${httpclient.version}</version>
@@ -745,7 +746,7 @@
<dependency>
<groupId>iaik.prod</groupId>
<artifactId>iaik_jce_full</artifactId>
- <version>5.61_moa</version>
+ <version>5.62_moa</version>
</dependency>
<dependency>
@@ -824,7 +825,7 @@
<dependency>
<groupId>xerces</groupId>
<artifactId>xercesImpl</artifactId>
- <version>2.11.0</version>
+ <version>2.12.1</version>
<scope>compile</scope>
</dependency>
<!-- The xmlParserAPIs.jar of the official xalan distribution and the