diff options
author | Florian Reimair <florian.reimair@iaik.tugraz.at> | 2013-12-19 12:04:10 +0100 |
---|---|---|
committer | Florian Reimair <florian.reimair@iaik.tugraz.at> | 2014-01-27 16:34:14 +0100 |
commit | f306cf7529f44d09a12a87f177368353fe1d3bc5 (patch) | |
tree | 3031a582d89f9adf933a0f0b706f52f1b0a48d29 | |
parent | 1bb655bbb372f069e907c6ddcc40a43ca1f36e09 (diff) | |
download | moa-id-spss-f306cf7529f44d09a12a87f177368353fe1d3bc5.tar.gz moa-id-spss-f306cf7529f44d09a12a87f177368353fe1d3bc5.tar.bz2 moa-id-spss-f306cf7529f44d09a12a87f177368353fe1d3bc5.zip |
OA qaa and attributes validated and persisted
5 files changed, 92 insertions, 8 deletions
diff --git a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/data/GeneralStorkConfig.java b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/data/GeneralStorkConfig.java index f270ab624..8b527aa8f 100644 --- a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/data/GeneralStorkConfig.java +++ b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/data/GeneralStorkConfig.java @@ -1,10 +1,9 @@ package at.gv.egovernment.moa.id.configuration.data; import java.util.ArrayList; +import java.util.Arrays; import java.util.List; -import edu.emory.mathcs.backport.java.util.Arrays; - import at.gv.egovernment.moa.id.commons.db.dao.config.AuthComponentGeneral; import at.gv.egovernment.moa.id.commons.db.dao.config.CPEPS; import at.gv.egovernment.moa.id.commons.db.dao.config.ForeignIdentities; diff --git a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/data/oa/OASTORKConfig.java b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/data/oa/OASTORKConfig.java index 1884fb808..f6fc4416f 100644 --- a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/data/oa/OASTORKConfig.java +++ b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/data/oa/OASTORKConfig.java @@ -1,12 +1,20 @@ package at.gv.egovernment.moa.id.configuration.data.oa; +import java.util.ArrayList; +import java.util.Arrays; +import java.util.List; + +import at.gv.egovernment.moa.id.commons.db.ConfigurationDBRead; import at.gv.egovernment.moa.id.commons.db.dao.config.AuthComponentOA; import at.gv.egovernment.moa.id.commons.db.dao.config.OASTORK; import at.gv.egovernment.moa.id.commons.db.dao.config.OnlineApplication; +import at.gv.egovernment.moa.id.commons.db.dao.config.RequestedAttributesType; public class OASTORKConfig { private boolean isStorkLogonEnabled = false; + private int qaa; + private List<String> attributes; public OASTORKConfig() { @@ -14,7 +22,7 @@ public class OASTORKConfig { /** * Parses the OA config for stork entities. - * + * * @param dbOAConfig * the db oa config */ @@ -24,6 +32,21 @@ public class OASTORKConfig { OASTORK config = authdata.getOASTORK(); if(config != null) { setStorkLogonEnabled(config.isStorkLogonEnabled()); + + try { + setQaa(config.getQaa()); + } catch(NullPointerException e) { + // if there is no configuration available for the OA, get the default qaa level + setQaa(ConfigurationDBRead.getMOAIDConfiguration().getAuthComponentGeneral().getForeignIdentities().getSTORK().getQualityAuthenticationAssuranceLevel()); + } + + RequestedAttributesType tmp = config.getAttributes(); + if(null == tmp) + // if there is no configuration available for the OA, get the default attributes + tmp = ConfigurationDBRead.getMOAIDConfiguration().getAuthComponentGeneral().getForeignIdentities().getSTORK().getRequestedAttributes(); + attributes = new ArrayList<String>(); + for(String current : tmp.getAttributeValue()) + attributes.add(current); } } } @@ -35,4 +58,28 @@ public class OASTORKConfig { public void setStorkLogonEnabled(boolean enabled) { this.isStorkLogonEnabled = enabled; } + + public int getQaa() { + return qaa; + } + + public void setQaa(int qaa) { + this.qaa = qaa; + } + + public RequestedAttributesType getRequestedAttributesType() { + RequestedAttributesType tmp = new RequestedAttributesType(); + tmp.setAttributeValue(attributes); + return tmp; + } + + public String getAttributes() { + return Arrays.toString(attributes.toArray()).replace("[", "").replace("]", ""); + } + + public void setAttributes(String attributes) { + this.attributes = new ArrayList<String>(); + for(String current : attributes.split(",")) + this.attributes.add(current.trim()); + } } diff --git a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/struts/action/EditOAAction.java b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/struts/action/EditOAAction.java index 5e473d85c..466feba23 100644 --- a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/struts/action/EditOAAction.java +++ b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/struts/action/EditOAAction.java @@ -967,6 +967,8 @@ public class EditOAAction extends ActionSupport implements ServletRequestAware, } // transfer the incoming data to the database model stork.setStorkLogonEnabled(storkOA.isStorkLogonEnabled()); + stork.setQaa(storkOA.getQaa()); + stork.setAttributes(storkOA.getRequestedAttributesType()); try { if (newentry) { diff --git a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/validation/oa/OASTORKConfigValidation.java b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/validation/oa/OASTORKConfigValidation.java index d12d918bd..31cf7bcee 100644 --- a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/validation/oa/OASTORKConfigValidation.java +++ b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/validation/oa/OASTORKConfigValidation.java @@ -3,15 +3,44 @@ package at.gv.egovernment.moa.id.configuration.validation.oa; import java.util.ArrayList; import java.util.List; +import org.apache.log4j.Logger; + import at.gv.egovernment.moa.id.configuration.data.oa.OASTORKConfig; +import at.gv.egovernment.moa.id.configuration.helper.LanguageHelper; +import at.gv.egovernment.moa.id.configuration.validation.ValidationHelper; +import at.gv.egovernment.moa.util.MiscUtil; public class OASTORKConfigValidation { + + private static final Logger log = Logger.getLogger(OASTORKConfigValidation.class); + public List<String> validate(OASTORKConfig oageneral) { - + List<String> errors = new ArrayList<String>(); - - // we only have a checkbox for now, so no need to validate anything here - + + // check qaa + int qaa = oageneral.getQaa(); + if(1 > qaa && 4 < qaa) { + log.warn("QAA is out of range : " + qaa); + errors.add(LanguageHelper.getErrorString("validation.stork.qaa.outofrange", + new Object[] {qaa} )); + } + + // check attributes + String check = oageneral.getAttributes(); + if (MiscUtil.isNotEmpty(check)) { + if (ValidationHelper.containsPotentialCSSCharacter(check, true)) { + log.warn("attributes contains potentail XSS characters: " + check); + errors.add(LanguageHelper.getErrorString("validation.stork.requestedattributes", + new Object[] {ValidationHelper.getPotentialCSSCharacter(true)} )); + } + if(!check.toLowerCase().matches("^[a-z0-9, ]*$")) { + log.warn("attributes do not match the requested format : " + check); + errors.add(LanguageHelper.getErrorString("validation.stork.requestedattributes", + new Object[] {check} )); + } + } + return errors; } } diff --git a/id/server/moa-id-commons/src/main/resources/config/moaid_config_2.0.xsd b/id/server/moa-id-commons/src/main/resources/config/moaid_config_2.0.xsd index 7df6bad3f..9700b0a4f 100644 --- a/id/server/moa-id-commons/src/main/resources/config/moaid_config_2.0.xsd +++ b/id/server/moa-id-commons/src/main/resources/config/moaid_config_2.0.xsd @@ -920,7 +920,10 @@ <xsd:element name="OA_STORK"> <xsd:complexType> <xsd:sequence> - <xsd:element name="StorkLogonEnabled" type="xsd:boolean"/> + <xsd:element name="StorkLogonEnabled" + type="xsd:boolean" /> + <xsd:element ref="Attributes"></xsd:element> + <xsd:element ref="Qaa" maxOccurs="1" minOccurs="0"></xsd:element> </xsd:sequence> </xsd:complexType> </xsd:element> @@ -985,4 +988,8 @@ <xsd:element name="OnlyMandateLoginAllowed" type="xsd:boolean" default="false" minOccurs="0" maxOccurs="1"/> </xsd:sequence> </xsd:complexType> + + <xsd:element name="Attributes" type="RequestedAttributesType"></xsd:element> + + <xsd:element name="Qaa" type="QualityAuthenticationAssuranceLevelType"></xsd:element> </xsd:schema> |