aboutsummaryrefslogtreecommitdiff
path: root/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/validation/oa
diff options
context:
space:
mode:
authorThomas Lenz <tlenz@iaik.tugraz.at>2014-05-05 16:17:23 +0200
committerThomas Lenz <tlenz@iaik.tugraz.at>2014-05-05 16:17:23 +0200
commitb339f0098307d10723a79ad98e9fabe35f6b02f6 (patch)
tree43fd73a1faa2017ed2ffb5da894f4195a05c8019 /id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/validation/oa
parentb254147e749282209ffc625f4931e748a5e8be7c (diff)
downloadmoa-id-spss-b339f0098307d10723a79ad98e9fabe35f6b02f6.tar.gz
moa-id-spss-b339f0098307d10723a79ad98e9fabe35f6b02f6.tar.bz2
moa-id-spss-b339f0098307d10723a79ad98e9fabe35f6b02f6.zip
refectore OnlineApplication formData
Diffstat (limited to 'id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/validation/oa')
-rw-r--r--id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/validation/oa/OAAuthenticationDataValidation.java151
-rw-r--r--id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/validation/oa/OAGeneralConfigValidation.java117
2 files changed, 152 insertions, 116 deletions
diff --git a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/validation/oa/OAAuthenticationDataValidation.java b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/validation/oa/OAAuthenticationDataValidation.java
new file mode 100644
index 000000000..0bbf2116d
--- /dev/null
+++ b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/validation/oa/OAAuthenticationDataValidation.java
@@ -0,0 +1,151 @@
+/*******************************************************************************
+ * Copyright 2014 Federal Chancellery Austria
+ * MOA-ID has been developed in a cooperation between BRZ, the Federal
+ * Chancellery Austria - ICT staff unit, and Graz University of Technology.
+ *
+ * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by
+ * the European Commission - subsequent versions of the EUPL (the "Licence");
+ * You may not use this work except in compliance with the Licence.
+ * You may obtain a copy of the Licence at:
+ * http://www.osor.eu/eupl/
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the Licence is distributed on an "AS IS" basis,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the Licence for the specific language governing permissions and
+ * limitations under the Licence.
+ *
+ * This product combines work with different licenses. See the "NOTICE" text
+ * file for details on the various modules and licenses.
+ * The "NOTICE" text file is part of the distribution. Any derivative works
+ * that you distribute must include a readable copy of the "NOTICE" text file.
+ *******************************************************************************/
+package at.gv.egovernment.moa.id.configuration.validation.oa;
+
+import java.util.ArrayList;
+import java.util.List;
+import java.util.Map;
+
+import javax.servlet.http.HttpServletRequest;
+
+import org.apache.log4j.Logger;
+
+import at.gv.egovernment.moa.id.commons.validation.ValidationHelper;
+import at.gv.egovernment.moa.id.configuration.data.oa.OAAuthenticationData;
+import at.gv.egovernment.moa.id.configuration.helper.LanguageHelper;
+import at.gv.egovernment.moa.util.MiscUtil;
+
+public class OAAuthenticationDataValidation {
+
+ private static final Logger log = Logger.getLogger(OASSOConfigValidation.class);
+
+ public List<String> validate(OAAuthenticationData form, boolean isAdmin, HttpServletRequest request) {
+
+ List<String> errors = new ArrayList<String>();
+ String check;
+
+
+
+ //Check BKU URLs
+ if (isAdmin) {
+ check =form.getBkuHandyURL();
+ if (MiscUtil.isNotEmpty(check)) {
+// log.info("Empty Handy-BKU URL");
+// errors.add(LanguageHelper.getErrorString("validation.general.bku.handy.empty"));
+//
+// } else {
+ if (!ValidationHelper.validateURL(check)) {
+ log.info("Not valid Handy-BKU URL");
+ errors.add(LanguageHelper.getErrorString("validation.general.bku.handy.valid", request));
+ }
+ }
+
+ check =form.getBkuLocalURL();
+ if (MiscUtil.isNotEmpty(check)) {
+// log.info("Empty Local-BKU URL");
+// errors.add(LanguageHelper.getErrorString("validation.general.bku.local.empty"));
+//
+// } else {
+ if (!ValidationHelper.validateURL(check)) {
+ log.info("Not valid Online-BKU URL");
+ errors.add(LanguageHelper.getErrorString("validation.general.bku.local.valid", request));
+ }
+ }
+
+ check =form.getBkuOnlineURL();
+ if (MiscUtil.isNotEmpty(check)) {
+// log.info("Empty Online-BKU URL");
+// errors.add(LanguageHelper.getErrorString("validation.general.bku.online.empty"));
+//
+// } else {
+ if (!ValidationHelper.validateURL(check)) {
+ log.info("Not valid Online-BKU URL");
+ errors.add(LanguageHelper.getErrorString("validation.general.bku.online.valid", request));
+ }
+ }
+ }
+
+ if (isAdmin) {
+ //check KeyBoxIdentifier
+ check = form.getKeyBoxIdentifier();
+ if (MiscUtil.isEmpty(check)) {
+ log.info("Empty KeyBoxIdentifier");
+ errors.add(LanguageHelper.getErrorString("validation.general.keyboxidentifier.empty", request));
+ } else {
+ Map<String, String> list = form.getKeyBoxIdentifierList();
+ if (!list.containsKey(check)) {
+ log.info("Not valid KeyBoxIdentifier " + check);
+ errors.add(LanguageHelper.getErrorString("validation.general.keyboxidentifier.valid", request));
+ }
+ }
+
+ //check LegacyMode SLTemplates
+ if (form.isLegacy()) {
+ if (MiscUtil.isEmpty(form.getSLTemplateURL1()) &&
+ MiscUtil.isEmpty(form.getSLTemplateURL2()) &&
+ MiscUtil.isEmpty(form.getSLTemplateURL3()) ) {
+ log.info("Empty OA-specific SecurityLayer Templates");
+ errors.add(LanguageHelper.getErrorString("validation.general.sltemplates.empty", request));
+
+ } else {
+ check = form.getSLTemplateURL1();
+ if (MiscUtil.isNotEmpty(check) &&
+ ValidationHelper.isNotValidIdentityLinkSigner(check) ) {
+ log.info("First OA-specific SecurityLayer Templates is not valid");
+ errors.add(LanguageHelper.getErrorString("validation.general.sltemplate1.valid", request));
+ }
+ check = form.getSLTemplateURL2();
+ if (MiscUtil.isNotEmpty(check) &&
+ ValidationHelper.isNotValidIdentityLinkSigner(check) ) {
+ log.info("Second OA-specific SecurityLayer Templates is not valid");
+ errors.add(LanguageHelper.getErrorString("validation.general.sltemplate2.valid", request));
+ }
+ check = form.getSLTemplateURL3();
+ if (MiscUtil.isNotEmpty(check) &&
+ ValidationHelper.isNotValidIdentityLinkSigner(check) ) {
+ log.info("Third OA-specific SecurityLayer Templates is not valid");
+ errors.add(LanguageHelper.getErrorString("validation.general.sltemplate3.valid", request));
+ }
+ }
+ }
+ }
+
+ //check Mandate Profiles
+ check = form.getMandateProfiles();
+ if (MiscUtil.isNotEmpty(check)) {
+
+ if (!form.isUseMandates()) {
+ log.info("MandateProfiles configured but useMandates is false.");
+ errors.add(LanguageHelper.getErrorString("validation.general.mandate.usemandate", request));
+ }
+
+ if (ValidationHelper.containsPotentialCSSCharacter(check, true)) {
+ log.warn("MandateProfiles contains potentail XSS characters: " + check);
+ errors.add(LanguageHelper.getErrorString("validation.general.mandate.profiles",
+ new Object[] {ValidationHelper.getPotentialCSSCharacter(true)}, request ));
+ }
+ }
+
+ return errors;
+ }
+}
diff --git a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/validation/oa/OAGeneralConfigValidation.java b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/validation/oa/OAGeneralConfigValidation.java
index 5f563ac49..82037e39d 100644
--- a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/validation/oa/OAGeneralConfigValidation.java
+++ b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/validation/oa/OAGeneralConfigValidation.java
@@ -24,7 +24,6 @@ package at.gv.egovernment.moa.id.configuration.validation.oa;
import java.util.ArrayList;
import java.util.List;
-import java.util.Map;
import javax.servlet.http.HttpServletRequest;
@@ -45,58 +44,7 @@ public class OAGeneralConfigValidation {
List<String> errors = new ArrayList<String>();
String check;
-
- if (isAdmin) {
- //validate aditionalAuthBlockText
- check = form.getAditionalAuthBlockText();
- if (MiscUtil.isNotEmpty(check)) {
- if (ValidationHelper.containsPotentialCSSCharacter(check, false)) {
- log.warn("AditionalAuthBlockText contains potentail XSS characters: " + check);
- errors.add(LanguageHelper.getErrorString("validation.general.aditionalauthblocktext",
- new Object[] {ValidationHelper.getPotentialCSSCharacter(false)}, request ));
- }
- }
- }
-
- //Check BKU URLs
- if (isAdmin) {
- check =form.getBkuHandyURL();
- if (MiscUtil.isNotEmpty(check)) {
-// log.info("Empty Handy-BKU URL");
-// errors.add(LanguageHelper.getErrorString("validation.general.bku.handy.empty"));
-//
-// } else {
- if (!ValidationHelper.validateURL(check)) {
- log.info("Not valid Handy-BKU URL");
- errors.add(LanguageHelper.getErrorString("validation.general.bku.handy.valid", request));
- }
- }
- check =form.getBkuLocalURL();
- if (MiscUtil.isNotEmpty(check)) {
-// log.info("Empty Local-BKU URL");
-// errors.add(LanguageHelper.getErrorString("validation.general.bku.local.empty"));
-//
-// } else {
- if (!ValidationHelper.validateURL(check)) {
- log.info("Not valid Online-BKU URL");
- errors.add(LanguageHelper.getErrorString("validation.general.bku.local.valid", request));
- }
- }
-
- check =form.getBkuOnlineURL();
- if (MiscUtil.isNotEmpty(check)) {
-// log.info("Empty Online-BKU URL");
-// errors.add(LanguageHelper.getErrorString("validation.general.bku.online.empty"));
-//
-// } else {
- if (!ValidationHelper.validateURL(check)) {
- log.info("Not valid Online-BKU URL");
- errors.add(LanguageHelper.getErrorString("validation.general.bku.online.valid", request));
- }
- }
- }
-
//check OA FriendlyName
check = form.getFriendlyName();
if (MiscUtil.isNotEmpty(check)) {
@@ -109,70 +57,7 @@ public class OAGeneralConfigValidation {
log.info("OA friendlyName is empty");
errors.add(LanguageHelper.getErrorString("validation.general.oafriendlyname.empty", request));
}
-
- if (isAdmin) {
- //check KeyBoxIdentifier
- check = form.getKeyBoxIdentifier();
- if (MiscUtil.isEmpty(check)) {
- log.info("Empty KeyBoxIdentifier");
- errors.add(LanguageHelper.getErrorString("validation.general.keyboxidentifier.empty", request));
- } else {
- Map<String, String> list = form.getKeyBoxIdentifierList();
- if (!list.containsKey(check)) {
- log.info("Not valid KeyBoxIdentifier " + check);
- errors.add(LanguageHelper.getErrorString("validation.general.keyboxidentifier.valid", request));
- }
- }
-
- //check LegacyMode SLTemplates
- if (form.isLegacy()) {
- if (MiscUtil.isEmpty(form.getSLTemplateURL1()) &&
- MiscUtil.isEmpty(form.getSLTemplateURL2()) &&
- MiscUtil.isEmpty(form.getSLTemplateURL3()) ) {
- log.info("Empty OA-specific SecurityLayer Templates");
- errors.add(LanguageHelper.getErrorString("validation.general.sltemplates.empty", request));
-
- } else {
- check = form.getSLTemplateURL1();
- if (MiscUtil.isNotEmpty(check) &&
- ValidationHelper.isNotValidIdentityLinkSigner(check) ) {
- log.info("First OA-specific SecurityLayer Templates is not valid");
- errors.add(LanguageHelper.getErrorString("validation.general.sltemplate1.valid", request));
- }
- check = form.getSLTemplateURL2();
- if (MiscUtil.isNotEmpty(check) &&
- ValidationHelper.isNotValidIdentityLinkSigner(check) ) {
- log.info("Second OA-specific SecurityLayer Templates is not valid");
- errors.add(LanguageHelper.getErrorString("validation.general.sltemplate2.valid", request));
- }
- check = form.getSLTemplateURL3();
- if (MiscUtil.isNotEmpty(check) &&
- ValidationHelper.isNotValidIdentityLinkSigner(check) ) {
- log.info("Third OA-specific SecurityLayer Templates is not valid");
- errors.add(LanguageHelper.getErrorString("validation.general.sltemplate3.valid", request));
- }
- }
- }
- }
-
- //check Mandate Profiles
- check = form.getMandateProfiles();
- if (MiscUtil.isNotEmpty(check)) {
-
- if (!form.isUseMandates()) {
- log.info("MandateProfiles configured but useMandates is false.");
- errors.add(LanguageHelper.getErrorString("validation.general.mandate.usemandate", request));
- }
-
- if (ValidationHelper.containsPotentialCSSCharacter(check, true)) {
- log.warn("MandateProfiles contains potentail XSS characters: " + check);
- errors.add(LanguageHelper.getErrorString("validation.general.mandate.profiles",
- new Object[] {ValidationHelper.getPotentialCSSCharacter(true)}, request ));
- }
- }
-
-
-
+
boolean businessservice = form.isBusinessService();
if (businessservice) {
generated by cgit v1.2.3 (git 2.25.1) at 2024-06-23 02:29:36 +0000