diff options
| author | Florian Reimair <florian.reimair@iaik.tugraz.at> | 2014-03-12 10:05:09 +0100 |
|---|---|---|
| committer | Florian Reimair <florian.reimair@iaik.tugraz.at> | 2014-03-12 10:05:09 +0100 |
| commit | c9e26062bfe4464fbc149c875f28b3f230128482 (patch) | |
| tree | 440140b0cf688337310053d1e3c09949418ae0b5 | |
| parent | 1c802614fe489280f93d36bfb6908ebffc96e4aa (diff) | |
| parent | 8ad16443ec20f49e8f14b1dc79c72a8dff674a64 (diff) | |
| download | moa-id-spss-c9e26062bfe4464fbc149c875f28b3f230128482.tar.gz moa-id-spss-c9e26062bfe4464fbc149c875f28b3f230128482.tar.bz2 moa-id-spss-c9e26062bfe4464fbc149c875f28b3f230128482.zip | |
Merge branch 'vidp_consent' into vidp
12 files changed, 693 insertions, 85 deletions
diff --git a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/data/oa/OASTORKConfig.java b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/data/oa/OASTORKConfig.java index 929a3673c..d9f2a4d85 100644 --- a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/data/oa/OASTORKConfig.java +++ b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/data/oa/OASTORKConfig.java @@ -84,6 +84,7 @@ public class OASTORKConfig { // fetch vidp config setVidpEnabled(config.isVidpEnabled()); + setRequireConsent(config.isRequireConsent()); attributeProviderPlugins = config.getAttributeProviders(); // - if no attribute providers are configured, add a dummy @@ -150,6 +151,7 @@ public class OASTORKConfig { */ private boolean vidpEnabled = false; private List<AttributeProviderPlugin> attributeProviderPlugins = new ArrayList<AttributeProviderPlugin>(); + private boolean requireConsent; public List<String> getAvailableAttributeProviderPlugins() { return AttributeProviderFactory.getAvailablePlugins(); @@ -170,4 +172,12 @@ public class OASTORKConfig { public void setVidpEnabled(boolean update) { vidpEnabled = update; } + + public boolean isRequireConsent() { + return requireConsent; + } + + public void setRequireConsent(boolean update) { + requireConsent = update; + } } diff --git a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/struts/action/EditOAAction.java b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/struts/action/EditOAAction.java index 370923ca1..f8a12e58b 100644 --- a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/struts/action/EditOAAction.java +++ b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/struts/action/EditOAAction.java @@ -1036,6 +1036,7 @@ public class EditOAAction extends ActionSupport implements ServletRequestAware, stork.setQaa(storkOA.getQaa()); stork.setOAAttributes(storkOA.getAttributes()); stork.setVidpEnabled(storkOA.isVidpEnabled()); + stork.setRequireConsent(storkOA.isRequireConsent()); stork.setAttributeProviders(storkOA.getAttributeProviderPlugins()); try { diff --git a/id/ConfigWebTool/src/main/resources/applicationResources.properties b/id/ConfigWebTool/src/main/resources/applicationResources.properties index ef52892b3..18d19c06b 100644 --- a/id/ConfigWebTool/src/main/resources/applicationResources.properties +++ b/id/ConfigWebTool/src/main/resources/applicationResources.properties @@ -278,6 +278,7 @@ webpages.oaconfig.oauth20.clientSecret=Client Passwort webpages.oaconfig.oauth20.redirectUri=Redirect Uri webpages.oaconfig.vidp.enabled=VIDP interface aktiv +webpages.oaconfig.vidp.requireconsent=Zustimmung f\u00FCr das Ausliefern der Attribute vom Benutzer einholen? webpages.oaconfig.vidp.ap.new=Neuen Attribut Provider erstellen webpages.oaconfig.vidp.ap.remove=Entfernen webpages.oaconfig.vidp.ap.list=Liste der konfigurierten Attribut Provider diff --git a/id/ConfigWebTool/src/main/webapp/jsp/editOAGeneral.jsp b/id/ConfigWebTool/src/main/webapp/jsp/editOAGeneral.jsp index 78ad500ef..6749b5131 100644 --- a/id/ConfigWebTool/src/main/webapp/jsp/editOAGeneral.jsp +++ b/id/ConfigWebTool/src/main/webapp/jsp/editOAGeneral.jsp @@ -537,6 +537,12 @@ key="webpages.oaconfig.vidp.enabled" cssClass="checkbox" id="OAuseVidp" /></p> + <p><s:checkbox name="storkOA.requireConsent" + value="%{storkOA.requireConsent}" + labelposition="left" + key="webpages.oaconfig.vidp.requireconsent" + cssClass="checkbox" + id="OArequireConsent" /></p> <h5><%=LanguageHelper.getGUIString("webpages.oaconfig.vidp.ap.list", request) %></h5> <table id="stork_aplist"> <tr><th>AP Plugin</th><th>URL</th><th>Attribute (CSV)</th></tr> diff --git a/id/server/auth/src/main/webapp/WEB-INF/urlrewrite.xml b/id/server/auth/src/main/webapp/WEB-INF/urlrewrite.xml index d6df363c5..461ff7efc 100644 --- a/id/server/auth/src/main/webapp/WEB-INF/urlrewrite.xml +++ b/id/server/auth/src/main/webapp/WEB-INF/urlrewrite.xml @@ -61,6 +61,10 @@ <to type="forward">/dispatcher?mod=id_stork2&action=AttributeCollector&%{query-string}</to> </rule> <rule match-type="regex"> + <from>^/stork2/CompleteAuthentication$</from> + <to type="forward">/dispatcher?mod=id_stork2&action=ConsentEvaluator&%{query-string}</to> + </rule> + <rule match-type="regex"> <from>^/stork2/SendPEPSAuthnRequest$</from> <to type="forward">/dispatcher?mod=id_stork2&action=AuthenticationRequest&%{query-string}</to> </rule> diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/auth/OAAuthParameter.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/auth/OAAuthParameter.java index d1de20c4d..31ba64be0 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/auth/OAAuthParameter.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/auth/OAAuthParameter.java @@ -67,7 +67,6 @@ import at.gv.egovernment.moa.id.commons.db.dao.config.TemplatesType; import at.gv.egovernment.moa.id.commons.db.dao.config.TransformsInfoType; import at.gv.egovernment.moa.id.config.ConfigurationUtils; import at.gv.egovernment.moa.id.config.OAParameter; -import at.gv.egovernment.moa.id.protocols.stork2.AttributeProvider; import at.gv.egovernment.moa.id.util.FormBuildUtils; import at.gv.egovernment.moa.logging.Logger; import at.gv.egovernment.moa.util.MiscUtil; @@ -350,6 +349,10 @@ public List<OAStorkAttribute> getRequestedAttributes() { return oa_auth.getOASTORK().getOAAttributes(); } +public boolean isRequireConsentForStorkAttributes() { + return oa_auth.getOASTORK().isRequireConsent(); +} + public List<AttributeProviderPlugin> getStorkAPs() { return oa_auth.getOASTORK().getAttributeProviders(); } diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AttributeCollector.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AttributeCollector.java index 9cd825fc8..7dbbb5734 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AttributeCollector.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AttributeCollector.java @@ -148,12 +148,12 @@ public class AttributeCollector implements IAction { // else, update any existing attributes addOrUpdateAll(container.getResponse().getPersonalAttributeList(), aquiredAttributes); } - - // build response - generateSTORKResponse(container); - - // set new http response - generateRedirectResponse(response, container); + + // ask for consent if necessary + if(oaParam.isRequireConsentForStorkAttributes()) + new ConsentEvaluator().requestConsent(container, response, oaParam); + else + new ConsentEvaluator().generateSTORKResponse(response, container); return "12345"; // AssertionId @@ -186,79 +186,6 @@ public class AttributeCollector implements IAction { } /** - * generates binary response from given response class. - * - * @param container the container - * @throws MOAIDException the mOAID exception - */ - private void generateSTORKResponse(DataContainer container) throws MOAIDException { - MOASTORKRequest request = container.getRequest(); - MOASTORKResponse response = container.getResponse(); - - try { - //Get SAMLEngine instance - STORKSAMLEngine engine = STORKSAMLEngine.getInstance("VIDP"); - Logger.debug("Starting generation of SAML response"); - if(response.isAuthnResponse()) - response.setSTORKAuthnResponse(engine.generateSTORKAuthnResponse(request.getStorkAuthnRequest(), response.getStorkAuthnResponse(), container.getRemoteAddress(), false)); - else - response.setSTORKAttrResponse(engine.generateSTORKAttrQueryResponse(request.getStorkAttrQueryRequest(), response.getStorkAttrQueryResponse(), container.getRemoteAddress(), "", false)); - - //generateSAML Token - Logger.info("SAML response succesfully generated!"); - } catch (STORKSAMLEngineException e) { - Logger.error("Failed to generate STORK SAML Response", e); - throw new MOAIDException("stork.05", null); - } - - Logger.info("STORK SAML Response message succesfully generated "); - } - - /** - * writes the storkresponse to the httpresponse using the velocity engine. - * - * @param httpResp the http resp - * @param container the container - */ - private void generateRedirectResponse(HttpServletResponse httpResp, DataContainer container) { - MOASTORKResponse authnResponse = container.getResponse(); - MOASTORKRequest authnRequest = container.getRequest(); - - // preparing redirection for the client - try { - VelocityEngine velocityEngine = VelocityProvider.getClassPathVelocityEngine(); - Template template = velocityEngine.getTemplate("/resources/templates/stork2_postbinding_template.html"); - VelocityContext context = new VelocityContext(); - - byte[] blob; - if(authnRequest.isAttrRequest()) - blob = authnResponse.getStorkAttrQueryResponse().getTokenSaml(); - else - blob = authnResponse.getStorkAuthnResponse().getTokenSaml(); - - context.put("SAMLResponse", PEPSUtil.encodeSAMLToken(blob)); - Logger.debug("SAMLResponse original: " + new String(blob)); - - Logger.debug("Putting assertion consumer url as action: " + authnRequest.getAssertionConsumerServiceURL()); - context.put("action", authnRequest.getAssertionConsumerServiceURL()); - Logger.debug("Starting template merge"); - StringWriter writer = new StringWriter(); - - Logger.debug("Doing template merge"); - template.merge(context, writer); - Logger.debug("Template merge done"); - - Logger.debug("Sending html content: " + writer.getBuffer().toString()); - Logger.debug("Sending html content2 : " + new String(writer.getBuffer())); - - httpResp.getOutputStream().write(writer.getBuffer().toString().getBytes()); - - } catch (Exception e) { - Logger.error("Velocity error: " + e.getMessage()); - } - } - - /** * Adds or updates all {@link PersonalAttribute} objects given in {@code source} to/in {@code target}. * * @param target the target diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/ConsentEvaluator.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/ConsentEvaluator.java new file mode 100644 index 000000000..79404d4f0 --- /dev/null +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/ConsentEvaluator.java @@ -0,0 +1,204 @@ +package at.gv.egovernment.moa.id.protocols.stork2; + +import java.io.StringWriter; +import java.util.ArrayList; +import java.util.HashMap; +import at.gv.egovernment.moa.id.auth.data.AuthenticationSession; +import at.gv.egovernment.moa.id.auth.exception.MOAIDException; +import at.gv.egovernment.moa.id.auth.stork.VelocityProvider; +import at.gv.egovernment.moa.id.commons.db.ex.MOADatabaseException; +import at.gv.egovernment.moa.id.config.auth.AuthConfigurationProvider; +import at.gv.egovernment.moa.id.config.auth.OAAuthParameter; +import at.gv.egovernment.moa.id.moduls.IAction; +import at.gv.egovernment.moa.id.moduls.IRequest; +import at.gv.egovernment.moa.id.storage.AssertionStorage; +import at.gv.egovernment.moa.logging.Logger; +import eu.stork.peps.auth.commons.PEPSUtil; +import eu.stork.peps.auth.commons.PersonalAttribute; +import eu.stork.peps.auth.engine.STORKSAMLEngine; +import eu.stork.peps.exceptions.STORKSAMLEngineException; +import org.apache.velocity.Template; +import org.apache.velocity.VelocityContext; +import org.apache.velocity.app.VelocityEngine; +import org.opensaml.common.impl.SecureRandomIdentifierGenerator; + +import javax.servlet.http.HttpServletRequest; +import javax.servlet.http.HttpServletResponse; + +/** + * The ConsentEvaluator assists with fetching user consent on the list of attributes to be sent to the asking S-PEPS. + */ +public class ConsentEvaluator implements IAction { + + /** + * The Constant ARTIFACT_ID. + */ + private static final String ARTIFACT_ID = "artifactId"; + + /* (non-Javadoc) + * @see at.gv.egovernment.moa.id.moduls.IAction#processRequest(at.gv.egovernment.moa.id.moduls.IRequest, javax.servlet.http.HttpServletRequest, javax.servlet.http.HttpServletResponse, at.gv.egovernment.moa.id.auth.data.AuthenticationSession) + */ + public String processRequest(IRequest req, HttpServletRequest httpReq, HttpServletResponse httpResp, AuthenticationSession moasession) throws MOAIDException { + + // - fetch the container + String artifactId = (String) httpReq.getParameter(ARTIFACT_ID); + DataContainer container; + try { + container = AssertionStorage.getInstance().get(artifactId, DataContainer.class); + } catch (MOADatabaseException e) { + Logger.error("Error fetching incomplete Stork response from temporary storage. Most likely a timeout occured.", e); + throw new MOAIDException("stork.17", null); + } + + // evaluate response + for(PersonalAttribute current : container.getResponse().getPersonalAttributeList()) { + if(null == httpReq.getParameter(current.getName())) { + current.setStatus("notAvailable"); + current.setValue(new ArrayList<String>()); + current.setComplexValue(new HashMap<String, String>()); + } + } + + // build and send response + generateSTORKResponse(httpResp, container); + + return "12345"; // AssertionId + } + + /** + * Fills the given HttpResponse with the required web page. + * + * @param container the container + * @param response the response + * @param oaParam the oa param + * @return the string + * @throws MOAIDException the mOAID exception + */ + public String requestConsent(DataContainer container, HttpServletResponse response, OAAuthParameter oaParam) throws MOAIDException { + // prepare redirect + String newArtifactId; + try { + + // memorize the container again + Logger.debug("prepare putting the container into temporary storage..."); + + // - generate new key + newArtifactId = new SecureRandomIdentifierGenerator().generateIdentifier(); + + // - put container in temporary store. + AssertionStorage.getInstance().put(newArtifactId, container); + + Logger.debug("...successful"); + + } catch (Exception e1) { + // TODO should we return the response as is to the PEPS? + Logger.error("Error putting incomplete Stork response into temporary storage", e1); + throw new MOAIDException("stork.17", null); + } + + // ask for consent + try { + VelocityEngine velocityEngine = VelocityProvider.getClassPathVelocityEngine(); + Template template = velocityEngine.getTemplate("/resources/templates/stork2_consent.html"); + VelocityContext context = new VelocityContext(); + + context.put("action", AuthConfigurationProvider.getInstance().getPublicURLPrefix() + "/stork2/CompleteAuthentication?" + ARTIFACT_ID + "=" + newArtifactId); + + // assemble table + String table = ""; + for (PersonalAttribute current : container.getResponse().getPersonalAttributeList()) + if ("Available".equals(current.getStatus())) + table += "<tr><td><input type=\"checkbox\" checked=\"yes\" name=\"" + current.getName() + "\"></td><td>" + current.getName() + "</td></tr>\n"; + + context.put("tablecontent", table); + + StringWriter writer = new StringWriter(); + template.merge(context, writer); + response.getOutputStream().write(writer.getBuffer().toString().getBytes()); + + } catch (Exception e) { + Logger.error("Velocity error: " + e.getMessage()); + throw new MOAIDException("stork.17", null); + } + + return "12345"; // AssertionId + } + + /** + * generates binary response from given response class and fill the given HttpResponse with a SAML Post Binding template. + * + * @param httpResp the http resp + * @param container the container + * @throws MOAIDException the mOAID exception + */ + public void generateSTORKResponse(HttpServletResponse httpResp, DataContainer container) throws MOAIDException { + MOASTORKRequest request = container.getRequest(); + MOASTORKResponse response = container.getResponse(); + + try { + //Get SAMLEngine instance + STORKSAMLEngine engine = STORKSAMLEngine.getInstance("VIDP"); + Logger.debug("Starting generation of SAML response"); + if(response.isAuthnResponse()) + response.setSTORKAuthnResponse(engine.generateSTORKAuthnResponse(request.getStorkAuthnRequest(), response.getStorkAuthnResponse(), container.getRemoteAddress(), false)); + else + response.setSTORKAttrResponse(engine.generateSTORKAttrQueryResponse(request.getStorkAttrQueryRequest(), response.getStorkAttrQueryResponse(), container.getRemoteAddress(), "", false)); + + //generateSAML Token + Logger.info("SAML response succesfully generated!"); + } catch (STORKSAMLEngineException e) { + Logger.error("Failed to generate STORK SAML Response", e); + throw new MOAIDException("stork.05", null); + } + + Logger.info("STORK SAML Response message succesfully generated "); + + // preparing redirection for the client + try { + VelocityEngine velocityEngine = VelocityProvider.getClassPathVelocityEngine(); + Template template = velocityEngine.getTemplate("/resources/templates/stork2_postbinding_template.html"); + VelocityContext context = new VelocityContext(); + + byte[] blob; + if(request.isAttrRequest()) + blob = response.getStorkAttrQueryResponse().getTokenSaml(); + else + blob = response.getStorkAuthnResponse().getTokenSaml(); + + context.put("SAMLResponse", PEPSUtil.encodeSAMLToken(blob)); + Logger.debug("SAMLResponse original: " + new String(blob)); + + Logger.debug("Putting assertion consumer url as action: " + request.getAssertionConsumerServiceURL()); + context.put("action", request.getAssertionConsumerServiceURL()); + Logger.debug("Starting template merge"); + StringWriter writer = new StringWriter(); + + Logger.debug("Doing template merge"); + template.merge(context, writer); + Logger.debug("Template merge done"); + + Logger.debug("Sending html content: " + writer.getBuffer().toString()); + Logger.debug("Sending html content2 : " + new String(writer.getBuffer())); + + httpResp.getOutputStream().write(writer.getBuffer().toString().getBytes()); + + } catch (Exception e) { + Logger.error("Velocity error: " + e.getMessage()); + } + } + + /* (non-Javadoc) + * @see at.gv.egovernment.moa.id.moduls.IAction#needAuthentication(at.gv.egovernment.moa.id.moduls.IRequest, javax.servlet.http.HttpServletRequest, javax.servlet.http.HttpServletResponse) + */ + public boolean needAuthentication(IRequest req, HttpServletRequest httpReq, HttpServletResponse httpResp) { + // this action does not need any authentication. The authentication is already done by the preceding AuthenticationRequest-Action. + return false; + } + + /* (non-Javadoc) + * @see at.gv.egovernment.moa.id.moduls.IAction#getDefaultActionName() + */ + public String getDefaultActionName() { + return STORKProtocol.CONSENT_EVALUATOR; + } +} diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/STORKProtocol.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/STORKProtocol.java index e415daf3e..19d1c7f15 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/STORKProtocol.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/STORKProtocol.java @@ -26,12 +26,14 @@ public class STORKProtocol implements IModulInfo, MOAIDAuthConstants { public static final String AUTHENTICATIONREQUEST = "AuthenticationRequest"; public static final String ATTRIBUTE_COLLECTOR = "AttributeCollector"; public static final String MANDATERETRIEVALREQUEST = "MandateRetrievalRequest"; + public static final String CONSENT_EVALUATOR = "ConsentEvaluator"; private static HashMap<String, IAction> actions = new HashMap<String, IAction>(); static { actions.put(AUTHENTICATIONREQUEST, new AuthenticationRequest()); actions.put(ATTRIBUTE_COLLECTOR, new AttributeCollector()); + actions.put(CONSENT_EVALUATOR, new ConsentEvaluator()); } public String getName() { @@ -63,7 +65,7 @@ public class STORKProtocol implements IModulInfo, MOAIDAuthConstants { MOASTORKRequest STORK2Request = new MOASTORKRequest(); - if (AttributeCollector.class.getSimpleName().equals(action)) + if (AttributeCollector.class.getSimpleName().equals(action) || ConsentEvaluator.class.getSimpleName().equals(action)) return STORK2Request; //extract STORK Response from HTTP Request diff --git a/id/server/idserverlib/src/main/resources/resources/properties/id_messages_de.properties b/id/server/idserverlib/src/main/resources/resources/properties/id_messages_de.properties index f6a296fde..d45abbf1c 100644 --- a/id/server/idserverlib/src/main/resources/resources/properties/id_messages_de.properties +++ b/id/server/idserverlib/src/main/resources/resources/properties/id_messages_de.properties @@ -211,6 +211,7 @@ stork.13=Fehler beim Sammeln eines Attributes in einem AttributProviderPlugin stork.14=Es wurde weder Authentifizierungs/ noch Attributerequest empfangen
stork.15=Unbekannte request.
stork.16=Ein Attribute aus zwei verschiedenen Quellen unterscheidet sich\: {0}
+stork.17=Fehler beim Einholen der Zustimmung für Attribut\u00FCbertragung durch den Benutzer
pvp2.00={0} ist kein gueltiger consumer service index
pvp2.01=Fehler beim kodieren der PVP2 Antwort
diff --git a/id/server/idserverlib/src/main/resources/resources/templates/stork2_consent.html b/id/server/idserverlib/src/main/resources/resources/templates/stork2_consent.html new file mode 100644 index 000000000..2ad03e34e --- /dev/null +++ b/id/server/idserverlib/src/main/resources/resources/templates/stork2_consent.html @@ -0,0 +1,444 @@ +<!DOCTYPE html> +<html> +<head> +<meta content="text/html; charset=utf-8" http-equiv="Content-Type"> + + <!-- MOA-ID 2.x BKUSelection Layout CSS --> + <style type="text/css"> + @media screen and (min-width: 650px) { + + body { + margin:0; + padding:0; + color : #000; + background-color : #fff; + text-align: center; + background-color: #6B7B8B; + } + + #bku_header h2 { + font-size: 0.8em; + } + + + #page { + display: block; + border: 2px solid rgb(0,0,0); + width: 650px; + height: 460px; + margin: 0 auto; + margin-top: 5%; + position: relative; + border-radius: 25px; + background: rgb(255,255,255); + } + + #page1 { + text-align: center; + } + + #main { + /* clear:both; */ + position:relative; + margin: 0 auto; + width: 250px; + text-align: center; + } + + .OA_header { + /* background-color: white;*/ + font-size: 20pt; + margin-bottom: 25px; + margin-top: 25px; + } + + #leftcontent { + /*float:left; */ + width:250px; + margin-bottom: 25px; + text-align: left; + border: 1px solid rgb(0,0,0); + } + + #selectArea { + font-size: 15px; + padding-bottom: 65px; + } + + #leftcontent { + width: 300px; + margin-top: 30px; + } + + #bku_header { + height: 5%; + padding-bottom: 3px; + padding-top: 3px; + } + + #bkulogin { + overflow:auto; + min-width: 190px; + height: 260px; + } + + h2#tabheader{ + font-size: 1.1em; + padding-left: 2%; + padding-right: 2%; + position: relative; + } + + .setAssertionButton_full { + background: #efefef; + cursor: pointer; + margin-top: 15px; + width: 100px; + height: 30px + } + + #leftbutton { + width: 30%; + float:left; + margin-left: 40px; + } + + #rightbutton { + width: 30%; + float:right; + margin-right: 45px; + text-align: right; + } + + button { + height: 25px; + width: 75px; + margin-bottom: 10px; + } + + #validation { + position: absolute; + bottom: 0px; + margin-left: 270px; + padding-bottom: 10px; + } + + } + + @media screen and (max-width: 205px) { + #bku_header h2 { + font-size: 0.8em; + margin-top: -0.4em; + padding-top: 0.4em; + } + + #bkulogin { + min-height: 150px; + } + } + + @media screen and (max-width: 249px) and (min-width: 206px) { + #bku_header h2 { + font-size: 0.9em; + margin-top: -0.45em; + padding-top: 0.45em; + } + + #bkulogin { + height: 180px; + } + } + + @media screen and (max-width: 299px) and (min-width: 250px) { + #bku_header h2 { + font-size: 1.1em; + margin-top: -0.55em; + padding-top: 0.55em; + } + } + + @media screen and (max-width: 649px) and (min-width: 400px) { + #bku_header h2 { + font-size: 1.3em; + margin-top: -0.65em; + padding-top: 0.65em; + } + } + + + + @media screen and (max-width: 649px) { + + body { + margin:0; + padding:0; + color : #000; + text-align: center; + font-size: 100%; + background-color: #MAIN_BACKGOUNDCOLOR#; + } + + #page { + visibility: hidden; + margin-top: 0%; + } + + #page1 { + visibility: hidden; + } + + #main { + visibility: hidden; + } + + #validation { + visibility: hidden; + display: none; + } + + .OA_header { + margin-bottom: 0px; + margin-top: 0px; + font-size: 0pt; + visibility: hidden; + } + + #leftcontent { + visibility: visible; + margin-bottom: 0px; + text-align: left; + border:none; + vertical-align: middle; + min-height: 173px; + min-width: 204px; + + } + + #bku_header { + height: 10%; + min-height: 1.2em; + margin-top: 1%; + } + + h2#tabheader{ + padding-left: 2%; + padding-right: 2%; + position: relative; + top: 50%; + } + + #bkulogin { + min-width: 190px; + height: 155px; + } + + .setAssertionButton_full { + background: #efefef; + cursor: pointer; + margin-top: 15px; + width: 70px; + height: 25px; + } + + input[type=button] { +/* height: 11%; */ + width: 70%; + } + } + + * { + margin: 0; + padding: 0; + font-family: #FONTTYPE#; + } + + #selectArea { + padding-top: 10px; + padding-bottom: 55px; + padding-left: 10px; + } + + .setAssertionButton { + background: #efefef; + cursor: pointer; + margin-top: 15px; + width: 70px; + height: 25px; + } + + #leftbutton { + width: 35%; + float:left; + margin-left: 15px; + } + + #rightbutton { + width: 35%; + float:right; + margin-right: 25px; + text-align: right; + } + + .verticalcenter { + vertical-align: middle; + } + + input { + /*border:1px solid #000;*/ + cursor: pointer; + } + + + #installJava, #BrowserNOK { + clear:both; + font-size:0.8em; + padding:4px; + } + + .selectText{ + + } + + .selectTextHeader{ + + } + + .sendButton { + width: 30%; + margin-bottom: 1%; + } + + #leftcontent a { + text-decoration:none; + color: #000; + /* display:block;*/ + padding:4px; + } + + #leftcontent a:hover, #leftcontent a:focus, #leftcontent a:active { + text-decoration:underline; + color: #000; + } + + .infobutton { + background-color: #005a00; + color: white; + font-family: serif; + text-decoration: none; + padding-top: 2px; + padding-right: 4px; + padding-bottom: 2px; + padding-left: 4px; + font-weight: bold; + } + + .hell { + background-color : #MAIN_BACKGOUNDCOLOR#; + color: #MAIN_COLOR#; + } + + .dunkel { + background-color: #HEADER_BACKGROUNDCOLOR#; + color: #HEADER_COLOR#; + } + + .main_header { + color: black; + font-size: 32pt; + position: absolute; + right: 10%; + top: 40px; + + } + + #controls { + text-align: right; + } + + </style> +<!-- MOA-ID 2.x BKUSelection JavaScript fucnctions--> +<script type="text/javascript"> + function isIE() { + return (/MSIE (\d+\.\d+);/.test(navigator.userAgent)); + } + function isFullscreen() { + try { + return ((top.innerWidth == screen.width) && (top.innerHeight == screen.height)); + } catch (e) { + return false; + } + } + function isActivexEnabled() { + var supported = null; + try { + supported = !!new ActiveXObject("htmlfile"); + } catch (e) { + supported = false; + } + return supported; + } + function generateIFrame(iFrameURL) { + var el = document.getElementById("bkulogin"); + var width = el.clientWidth; + var heigth = el.clientHeight - 20; + var parent = el.parentNode; + + iFrameURL += "&heigth=" + heigth; + iFrameURL += "&width=" + width; + + var iframe = document.createElement("iframe"); + iframe.setAttribute("src", iFrameURL); + iframe.setAttribute("width", el.clientWidth - 1); + iframe.setAttribute("height", el.clientHeight - 1); + iframe.setAttribute("frameborder", "0"); + iframe.setAttribute("scrolling", "no"); + iframe.setAttribute("title", "Login"); + parent.replaceChild(iframe, el); + } + function onChangeChecks() { + if (top.innerWidth < 650) { + document.getElementById("moaidform").setAttribute("target","_parent"); + } else { + document.getElementById("moaidform").removeAttribute("target"); + } + + } + </script> +<title>#HEADER_TEXT#</title> +</head> +<body onload="onChangeChecks();" onresize="onChangeChecks();"> + <div id="page"> + <div id="page1" class="case selected-case" role="main"> + <h2 class="OA_header" role="heading">STORK Informationsfreigabe</h2> + <div id="main"> + <div id="leftcontent" class="hell" role="application"> + <form method="POST" action="${action}"> + <div id="bku_header" class="dunkel"> + <h2 id="tabheader" class="dunkel" role="heading">STORK Informationsfreigabe</h2> + </div> + <div id="bkulogin" class="hell" role="form"> + Alle angehakten Daten werden an das fragende Drittland übermittelt. + <table> + ${tablecontent} + </table> + </div> + <div id="controls" class="hell"> + <input type="submit" value="weiter" /> + </div> + </form> + </div> + </div> + </div> + <div id="validation"> + <a href="http://validator.w3.org/check?uri="> <img + style="border: 0; width: 88px; height: 31px" + src="#CONTEXTPATH#/img/valid-html5-blue.png" alt="HTML5 ist valide!" /> + </a> <a href="http://jigsaw.w3.org/css-validator/"> <img + style="border: 0; width: 88px; height: 31px" + src="http://jigsaw.w3.org/css-validator/images/vcss-blue" + alt="CSS ist valide!" /> + </a> + </div> + </div> +</body> +</html
\ No newline at end of file diff --git a/id/server/moa-id-commons/src/main/resources/config/moaid_config_2.0.xsd b/id/server/moa-id-commons/src/main/resources/config/moaid_config_2.0.xsd index b7e8f6ff3..936363169 100644 --- a/id/server/moa-id-commons/src/main/resources/config/moaid_config_2.0.xsd +++ b/id/server/moa-id-commons/src/main/resources/config/moaid_config_2.0.xsd @@ -883,11 +883,16 @@ <xsd:element name="OA_STORK"> <xsd:complexType> <xsd:sequence> - <xsd:element name="StorkLogonEnabled" type="xsd:boolean"/> - <xsd:element ref="Qaa" minOccurs="0" maxOccurs="1"/> - <xsd:element ref="OAAttributes" minOccurs="0" maxOccurs="unbounded"/> + <xsd:element name="StorkLogonEnabled" + type="xsd:boolean" /> + <xsd:element ref="Qaa" minOccurs="0" maxOccurs="1" /> + <xsd:element ref="OAAttributes" minOccurs="0" + maxOccurs="unbounded" /> <xsd:element name="VidpEnabled" type="xsd:boolean"></xsd:element> - <xsd:element ref="AttributeProviders" maxOccurs="unbounded" minOccurs="0"></xsd:element> + <xsd:element ref="AttributeProviders" + maxOccurs="unbounded" minOccurs="0"> + </xsd:element> + <xsd:element name="requireConsent" type="xsd:boolean"></xsd:element> </xsd:sequence> </xsd:complexType> </xsd:element> |