default qaa and attributes persisted and validated

5 files changed, 83 insertions, 2 deletions

diff --git a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/data/GeneralStorkConfig.java b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/data/GeneralStorkConfig.java
index 41d19d116..f270ab624 100644
--- a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/data/GeneralStorkConfig.java
+++ b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/data/GeneralStorkConfig.java
@@ -3,15 +3,20 @@ package at.gv.egovernment.moa.id.configuration.data;
 import java.util.ArrayList;
 import java.util.List;
 
+import edu.emory.mathcs.backport.java.util.Arrays;
+
 import at.gv.egovernment.moa.id.commons.db.dao.config.AuthComponentGeneral;
 import at.gv.egovernment.moa.id.commons.db.dao.config.CPEPS;
 import at.gv.egovernment.moa.id.commons.db.dao.config.ForeignIdentities;
 import at.gv.egovernment.moa.id.commons.db.dao.config.MOAIDConfiguration;
+import at.gv.egovernment.moa.id.commons.db.dao.config.RequestedAttributesType;
 import at.gv.egovernment.moa.id.commons.db.dao.config.STORK;
 
 public class GeneralStorkConfig {
 
 	private List<CPEPS> cpepslist;
+	private List<String> attributes;
+	private int qaa;
 
 	public void parse(MOAIDConfiguration config) {
 
@@ -29,6 +34,19 @@ public class GeneralStorkConfig {
 						for(CPEPS current : stork.getCPEPS()) {
 							cpepslist.add(current);
 						}
+
+						RequestedAttributesType tmp = stork.getRequestedAttributes();
+						if(null != tmp) {
+							attributes = new ArrayList<String>();
+							for(String current : tmp.getAttributeValue())
+								attributes.add(current);
+						}
+
+						try {
+							qaa = stork.getQualityAuthenticationAssuranceLevel();
+						} catch(NullPointerException e) {
+							qaa = 4;
+						}
 					}
 				}
 			}
@@ -40,6 +58,30 @@ public class GeneralStorkConfig {
 	}
 
 	public void setCpepslist(List<CPEPS> list) {
-		this.cpepslist = list;
+		cpepslist = list;
+	}
+
+	public RequestedAttributesType getRequestedAttributesType() {
+		RequestedAttributesType tmp = new RequestedAttributesType();
+		tmp.setAttributeValue(attributes);
+		return tmp;
+	}
+
+	public String getDefaultAttributes() {
+		return Arrays.toString(attributes.toArray()).replace("[", "").replace("]", "");
+	}
+
+	public void setDefaultAttributes(String attributes) {
+		this.attributes = new ArrayList<String>();
+		for(String current : attributes.split(","))
+			this.attributes.add(current.trim());
+	}
+
+	public int getDefaultQaa() {
+		return qaa;
+	}
+
+	public void setDefaultQaa(int qaa) {
+		this.qaa = qaa;
 	}
 }
diff --git a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/struts/action/EditGeneralConfigAction.java b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/struts/action/EditGeneralConfigAction.java
index 092dd5613..72da0b59f 100644
--- a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/struts/action/EditGeneralConfigAction.java
+++ b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/struts/action/EditGeneralConfigAction.java
@@ -397,11 +397,13 @@ public class EditGeneralConfigAction extends ActionSupport
 				if (oldstork != null)
 					oldstork = new STORK();
 
+				oldstork.setQualityAuthenticationAssuranceLevel(storkconfig.getDefaultQaa());
+				oldstork.setRequestedAttributes(storkconfig.getRequestedAttributesType());
 				oldstork.setCPEPS(storkconfig.getCpepslist());
 				dbforeign.setSTORK(oldstork);
 			}
 		}
-		
+
 		if (MiscUtil.isNotEmpty(moaconfig.getMandateURL())) {
 			OnlineMandates dbmandate = dbauth.getOnlineMandates();
 			if (dbmandate == null) {
diff --git a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/validation/moaconfig/StorkConfigValidator.java b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/validation/moaconfig/StorkConfigValidator.java
index 91d5ecabd..4ee247695 100644
--- a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/validation/moaconfig/StorkConfigValidator.java
+++ b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/validation/moaconfig/StorkConfigValidator.java
@@ -55,6 +55,29 @@ public class StorkConfigValidator {
 			}
 		}
 
+		// check qaa
+		int qaa = form.getDefaultQaa();
+		if(1 > qaa && 4 < qaa) {
+			log.warn("QAA is out of range : " + qaa);
+			errors.add(LanguageHelper.getErrorString("validation.stork.qaa.outofrange",
+					new Object[] {qaa} ));
+		}
+
+		// check attributes
+		String check = form.getDefaultAttributes();
+		if (MiscUtil.isNotEmpty(check)) {
+			if (ValidationHelper.containsPotentialCSSCharacter(check, true)) {
+				log.warn("default attributes contains potentail XSS characters: " + check);
+				errors.add(LanguageHelper.getErrorString("validation.stork.requestedattributes",
+						new Object[] {ValidationHelper.getPotentialCSSCharacter(false)} ));
+			}
+			if(!check.toLowerCase().matches("^[a-z0-9, ]*$")) {
+					log.warn("default attributes do not match the requested format : " + check);
+					errors.add(LanguageHelper.getErrorString("validation.stork.requestedattributes",
+							new Object[] {check} ));
+			}
+		}
+
 		return errors;
 	}
 }
diff --git a/id/ConfigWebTool/src/main/resources/applicationResources.properties b/id/ConfigWebTool/src/main/resources/applicationResources.properties
index f79b5a286..2dacf14a2 100644
--- a/id/ConfigWebTool/src/main/resources/applicationResources.properties
+++ b/id/ConfigWebTool/src/main/resources/applicationResources.properties
@@ -227,6 +227,8 @@ webpages.oaconfig.stork.usestork=STORK Logon aktivieren
 webpages.moaconfig.stork.pepslist=C-PEPS Konfiguration
 webpages.moaconfig.stork.newpeps=Neuen PEPS konfigurieren
 webpages.moaconfig.stork.removepeps=l\u00F6schen
+webpages.moaconfig.stork.requestedattributes.default=Standardattribute, die von STORK angefordert werden 
+webpages.moaconfig.stork.qaa.default=Standard QAA-Level ausw\u00E4hlen
 
 webpages.oaconfig.protocols.saml1.header=SAML1 Konfiguration
 webpages.oaconfig.saml1.isActice=SAML1 aktivieren
@@ -373,6 +375,8 @@ validation.general.oaidentifier.notunique=Der gew\u00E4hlte eindeutige Identifie
 validation.stork.cpeps.cc=CPEPS L\u00E4ndercode folgt nicht ISO 3166-2
 validation.stork.cpeps.empty=CPEPS Konfiguration ist unvollst\u00E4ndig
 validation.stork.cpeps.url=CPEPS URL ist ung\u00FCltig
+validation.stork.requestedattributes=STORK Attribute sind fehlerhaft. Bsp.: attr1, attr2
+validation.stork.qaa.outofrange=Gültige QAA Werte sind 1, 2, 3, und 4
 
 validation.pvp2.metadataurl.empty=Keine Metadaten URL angegeben.
 validation.pvp2.metadataurl.valid=Die Metadaten URL wei\u00DFt kein g\u00FCltiges URL Format auf.
diff --git a/id/ConfigWebTool/src/main/webapp/jsp/editMOAConfig.jsp b/id/ConfigWebTool/src/main/webapp/jsp/editMOAConfig.jsp
index 1b87ffc57..df6a43e7a 100644
--- a/id/ConfigWebTool/src/main/webapp/jsp/editMOAConfig.jsp
+++ b/id/ConfigWebTool/src/main/webapp/jsp/editMOAConfig.jsp
@@ -228,6 +228,16 @@
 						
 						<div class="oa_config_block">
 							<h3><%=LanguageHelper.getGUIString("webpages.oaconfig.stork.header", request) %></h3>
+							<s:textfield name="storkconfig.defaultAttributes"
+								value="%{storkconfig.defaultAttributes}"
+								labelposition="left"
+								key="webpages.moaconfig.stork.requestedattributes.default"
+								cssClass="textfield_long"/>
+							<s:select list="#{1:'1', 2:'2', 3:'3', 4:'4'}"
+								value="#{storkconfig.defaultQaa}"
+								name="storkconfig.defaultQaa"
+								key="webpages.moaconfig.stork.qaa.default"
+								labelposition="left" />
 							<h4><%=LanguageHelper.getGUIString("webpages.moaconfig.stork.pepslist", request) %></h4>
 							<table id="stork_pepslist">
 								<tr><th>Country Shortcode</th><th>PEPS URL</th>