diff options
| author | Florian Reimair <florian.reimair@iaik.tugraz.at> | 2014-02-25 08:56:03 +0100 |
|---|---|---|
| committer | Florian Reimair <florian.reimair@iaik.tugraz.at> | 2014-02-25 08:56:03 +0100 |
| commit | f2a3b2a78eab55af0f4ad09a160d3fffcd98a187 (patch) | |
| tree | 19e7b1ba0b9f47b20205741508c26f84da46e54a /id/ConfigWebTool/src/main/java/at/gv/egovernment/moa | |
| parent | e220daf9bc0eac36c3e20406865f99f4760a30d3 (diff) | |
| parent | f1d374bb66f3b48f2a14a8d550c4125c04dde7a8 (diff) | |
| download | moa-id-spss-f2a3b2a78eab55af0f4ad09a160d3fffcd98a187.tar.gz moa-id-spss-f2a3b2a78eab55af0f4ad09a160d3fffcd98a187.tar.bz2 moa-id-spss-f2a3b2a78eab55af0f4ad09a160d3fffcd98a187.zip | |
merge tlenz into ap
Diffstat (limited to 'id/ConfigWebTool/src/main/java/at/gv/egovernment/moa')
16 files changed, 712 insertions, 163 deletions
diff --git a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/Constants.java b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/Constants.java index bddfc0aa4..b963890af 100644 --- a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/Constants.java +++ b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/Constants.java @@ -22,6 +22,12 @@ *******************************************************************************/ package at.gv.egovernment.moa.id.configuration; +import java.util.Collection; +import java.util.Hashtable; +import java.util.Map; + +import edu.emory.mathcs.backport.java.util.Collections; + public class Constants { public static final String FILEPREFIX = "file:"; @@ -45,7 +51,9 @@ public class Constants { public static final String SESSION_PVP2REQUESTID = "pvp2requestid"; public static final String SESSION_RETURNAREA = "returnarea"; public static final String SESSION_BKUFORMPREVIEW = "bkuformpreview"; - public static final String SESSION_OAUTH20SECRET = "oauth20secret"; + public static final String SESSION_OAUTH20SECRET = "oauth20secret"; + public static final String SESSION_BKUSELECTIONTEMPLATE = "bkuSelectionTemplate"; + public static final String SESSION_SENDASSERTIONTEMPLATE = "sendAssertionTemplate"; public static enum STRUTS_RETURNAREA_VALUES {adminRequestsInit, main, usermanagementInit}; @@ -80,4 +88,14 @@ public class Constants { public static final String IDENIFICATIONTYPE_BASEID_ZVR = IDENIFICATIONTYPE_BASEID + "X" + IDENIFICATIONTYPE_ZVR; public static final String PREFIX_WPBK = "urn:publicid:gv.at:wbpk+"; + + public static final Map<String, String> BUSINESSSERVICENAMES; + static { + Hashtable<String, String> tmp = new Hashtable<String, String>(); + tmp.put(IDENIFICATIONTYPE_FN, "Firmenbuchnummer"); + tmp.put(IDENIFICATIONTYPE_ZVR, "Vereinsnummer"); + tmp.put(IDENIFICATIONTYPE_ERSB, "ERsB Kennzahl"); + + BUSINESSSERVICENAMES = Collections.unmodifiableMap(tmp); + } } diff --git a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/auth/pvp2/BuildMetadata.java b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/auth/pvp2/BuildMetadata.java index 56f593ce7..9a0f73a1f 100644 --- a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/auth/pvp2/BuildMetadata.java +++ b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/auth/pvp2/BuildMetadata.java @@ -45,6 +45,7 @@ import javax.xml.transform.dom.DOMSource; import javax.xml.transform.stream.StreamResult; import org.apache.log4j.Logger; +import org.joda.time.DateTime; import org.opensaml.Configuration; import org.opensaml.common.impl.SecureRandomIdentifierGenerator; import org.opensaml.common.xml.SAMLConstants; @@ -87,6 +88,8 @@ public class BuildMetadata extends HttpServlet { private static final Logger log = Logger.getLogger(BuildMetadata.class); + private static final int VALIDUNTIL_IN_HOURS = 24; + /** * @see HttpServlet#HttpServlet() */ @@ -118,6 +121,9 @@ public class BuildMetadata extends HttpServlet { EntitiesDescriptor spEntitiesDescriptor = SAML2Utils. createSAMLObject(EntitiesDescriptor.class); + DateTime date = new DateTime(); + spEntitiesDescriptor.setValidUntil(date.plusHours(VALIDUNTIL_IN_HOURS)); + String name = config.getPVP2MetadataEntitiesName(); if (MiscUtil.isEmpty(name)) { log.info("NO Metadata EntitiesName configurated"); @@ -130,6 +136,8 @@ public class BuildMetadata extends HttpServlet { EntityDescriptor spEntityDescriptor = SAML2Utils .createSAMLObject(EntityDescriptor.class); + spEntityDescriptor.setValidUntil(date.plusDays(VALIDUNTIL_IN_HOURS)); + spEntitiesDescriptor.getEntityDescriptors().add(spEntityDescriptor); String serviceURL = config.getPublicUrlPreFix(request); diff --git a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/config/ConfigurationProvider.java b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/config/ConfigurationProvider.java index c4db5a76d..fdd566888 100644 --- a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/config/ConfigurationProvider.java +++ b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/config/ConfigurationProvider.java @@ -128,6 +128,8 @@ public class ConfigurationProvider { UserRequestCleaner.start(); + log.info("MOA-ID-Configuration initialization completed"); + } catch (FileNotFoundException e) { throw new ConfigurationException("config.01", e); diff --git a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/data/FormularCustomization.java b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/data/FormularCustomization.java index 49d556ba4..687925c18 100644 --- a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/data/FormularCustomization.java +++ b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/data/FormularCustomization.java @@ -49,7 +49,10 @@ public class FormularCustomization { private String button_BackGroundColor = null; private String button_BackGroundColorFocus = null; private String button_FrontColor = null; - + private String applet_height = null; + private String applet_width = null; + + private String appletRedirectTarget = null; public static List<String> appletRedirectTargetList = null; @@ -79,6 +82,14 @@ public class FormularCustomization { onlyMandateAllowed = formcustom.isOnlyMandateLoginAllowed(); } + if (formcustom.getAppletHeight() != null) { + applet_height = formcustom.getAppletHeight(); + } + + if (formcustom.getAppletHeight() != null) { + applet_width = formcustom.getAppletWidth(); + } + if (MiscUtil.isNotEmpty(formcustom.getAppletRedirectTarget())) appletRedirectTarget = formcustom.getAppletRedirectTarget(); @@ -351,6 +362,35 @@ public class FormularCustomization { this.fontTypeListValue = fontTypeListValue; } + /** + * @return the applet_height + */ + public String getApplet_height() { + return applet_height; + } + + /** + * @param applet_height the applet_height to set + */ + public void setApplet_height(String applet_height) { + this.applet_height = applet_height; + } + + /** + * @return the applet_width + */ + public String getApplet_width() { + return applet_width; + } + + /** + * @param applet_width the applet_width to set + */ + public void setApplet_width(String applet_width) { + this.applet_width = applet_width; + } + + diff --git a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/data/GeneralMOAIDConfig.java b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/data/GeneralMOAIDConfig.java index c6b9b984a..e16020782 100644 --- a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/data/GeneralMOAIDConfig.java +++ b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/data/GeneralMOAIDConfig.java @@ -57,6 +57,7 @@ import at.gv.egovernment.moa.id.commons.db.dao.config.VerifyAuthBlock; import at.gv.egovernment.moa.id.commons.db.dao.config.VerifyIdentityLink; import at.gv.egovernment.moa.id.configuration.Constants; import at.gv.egovernment.moa.id.configuration.data.pvp2.ContactForm; +import at.gv.egovernment.moa.util.MiscUtil; public class GeneralMOAIDConfig { @@ -69,7 +70,7 @@ public class GeneralMOAIDConfig { private String szrgwURL = null; private String alternativeSourceID = null; private String certStoreDirectory = null; - private boolean trustmanagerrevocationcheck = false; + private boolean trustmanagerrevocationcheck = true; private String timeoutAssertion = String.valueOf(DEFAULTTIMEOUTASSERTION); private String timeoutMOASessionCreated = String.valueOf(DEFAULTTIMEOUTMOASESSIONCREATED); @@ -90,7 +91,8 @@ public class GeneralMOAIDConfig { private boolean legacy_saml1 = false; private boolean legacy_pvp2 = false; - private String pvp2PublicUrlPrefix = null; + private String saml1SourceID = null; + private String pvp2IssuerName = null; private String pvp2OrgName = null; private String pvp2OrgDisplayName = null; @@ -104,7 +106,6 @@ public class GeneralMOAIDConfig { private String ssoTarget = null; private String ssoFriendlyName = null; - private String ssoPublicUrl = null; private String ssoSpecialText = null; private String ssoIdentificationNumber = null; @@ -121,6 +122,8 @@ public class GeneralMOAIDConfig { private String SLRequestTemplateLocal = ""; private String SLRequestTemplateHandy = ""; + private String publicURLPrefix = null; + public GeneralMOAIDConfig() { chainigmodelist = new HashMap<String, String>(); ChainingModeType[] values = ChainingModeType.values(); @@ -156,6 +159,8 @@ public class GeneralMOAIDConfig { certStoreDirectory = authgen.getCertStoreDirectory(); trustmanagerrevocationcheck = authgen.isTrustManagerRevocationChecking(); + publicURLPrefix = authgen.getPublicURLPreFix(); + TimeOuts timeouts = authgen.getTimeOuts(); if (timeouts != null) { @@ -214,6 +219,11 @@ public class GeneralMOAIDConfig { SAML1 saml1 = protocols.getSAML1(); if (saml1 != null) { protocolActiveSAML1 = saml1.isIsActive(); + saml1SourceID = saml1.getSourceID(); + + //TODO: could removed in a later version + if (MiscUtil.isEmpty(saml1SourceID) && MiscUtil.isNotEmpty(alternativeSourceID)) + saml1SourceID = alternativeSourceID; } @@ -228,7 +238,10 @@ public class GeneralMOAIDConfig { protocolActivePVP21 = pvp2.isIsActive(); - pvp2PublicUrlPrefix = pvp2.getPublicURLPrefix(); + //INFO: only for backup + if (MiscUtil.isEmpty(publicURLPrefix)) + publicURLPrefix = pvp2.getPublicURLPrefix(); + pvp2IssuerName = pvp2.getIssuerName(); List<Contact> con = pvp2.getContact(); @@ -263,13 +276,24 @@ public class GeneralMOAIDConfig { if (sso != null) { ssoFriendlyName = sso.getFriendlyName(); - IdentificationNumber idl = sso.getIdentificationNumber(); - if (idl != null) - ssoIdentificationNumber = idl.getValue(); +// IdentificationNumber idl = sso.getIdentificationNumber(); +// if (idl != null) +// ssoIdentificationNumber = idl.getValue(); + + //INFO: only for backup + if (MiscUtil.isEmpty(publicURLPrefix)) + publicURLPrefix = sso.getPublicURL(); - ssoPublicUrl = sso.getPublicURL(); ssoSpecialText = sso.getSpecialText(); - ssoTarget = sso.getTarget(); + + if (MiscUtil.isNotEmpty(sso.getTarget()) && + sso.getTarget().startsWith(Constants.PREFIX_WPBK)) { + ssoTarget = sso.getTarget().substring(Constants.PREFIX_WPBK.length()). + replace("+", ""); + + } else + ssoTarget = sso.getTarget(); + } } @@ -320,20 +344,6 @@ public class GeneralMOAIDConfig { } /** - * @return the alternativeSourceID - */ - public String getAlternativeSourceID() { - return alternativeSourceID; - } - - /** - * @param alternativeSourceID the alternativeSourceID to set - */ - public void setAlternativeSourceID(String alternativeSourceID) { - this.alternativeSourceID = alternativeSourceID; - } - - /** * @return the certStoreDirectory */ public String getCertStoreDirectory() { @@ -488,20 +498,6 @@ public class GeneralMOAIDConfig { } /** - * @return the pvp2PublicUrlPrefix - */ - public String getPvp2PublicUrlPrefix() { - return pvp2PublicUrlPrefix; - } - - /** - * @param pvp2PublicUrlPrefix the pvp2PublicUrlPrefix to set - */ - public void setPvp2PublicUrlPrefix(String pvp2PublicUrlPrefix) { - this.pvp2PublicUrlPrefix = pvp2PublicUrlPrefix; - } - - /** * @return the pvp2IssuerName */ public String getPvp2IssuerName() { @@ -642,20 +638,6 @@ public class GeneralMOAIDConfig { } /** - * @return the ssoPublicUrl - */ - public String getSsoPublicUrl() { - return ssoPublicUrl; - } - - /** - * @param ssoPublicUrl the ssoPublicUrl to set - */ - public void setSsoPublicUrl(String ssoPublicUrl) { - this.ssoPublicUrl = ssoPublicUrl; - } - - /** * @return the ssoSpecialText */ public String getSsoSpecialText() { @@ -913,6 +895,36 @@ public class GeneralMOAIDConfig { public void setProtocolActiveOAuth(boolean protocolActiveOAuth) { this.protocolActiveOAuth = protocolActiveOAuth; } + + /** + * @return the saml1SourceID + */ + public String getSaml1SourceID() { + return saml1SourceID; + } + + /** + * @param saml1SourceID the saml1SourceID to set + */ + public void setSaml1SourceID(String saml1SourceID) { + this.saml1SourceID = saml1SourceID; + } + + /** + * @return the publicURLPrefix + */ + public String getPublicURLPrefix() { + return publicURLPrefix; + } + + /** + * @param publicURLPrefix the publicURLPrefix to set + */ + public void setPublicURLPrefix(String publicURLPrefix) { + this.publicURLPrefix = publicURLPrefix; + } + + diff --git a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/data/oa/OAGeneralConfig.java b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/data/oa/OAGeneralConfig.java index 334124cfd..ba58701fc 100644 --- a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/data/oa/OAGeneralConfig.java +++ b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/data/oa/OAGeneralConfig.java @@ -22,6 +22,7 @@ *******************************************************************************/ package at.gv.egovernment.moa.id.configuration.data.oa; +import java.io.File; import java.util.ArrayList; import java.util.Arrays; import java.util.HashMap; @@ -87,6 +88,16 @@ public class OAGeneralConfig { private Map<String, byte[]> transformations; + private List<File> bkuSelectionFileUpload = null; + private List<String> bkuSelectionFileUploadContentType = null; + private List<String> bkuSelectionFileUploadFileName = new ArrayList<String>(); + + private List<File> sendAssertionFileUpload = null; + private List<String> sendAssertionFileUploadContentType = null; + private List<String> sendAssertionFileUploadFileName = new ArrayList<String>();; + + private boolean deleteBKUTemplate = false; + private boolean deleteSendAssertionTemplate = false; public OAGeneralConfig() { @@ -96,6 +107,8 @@ public class OAGeneralConfig { keyBoxIdentifierList.put(values[i].value(), values[i].value()); } + keyBoxIdentifier = MOAKeyBoxSelector.SECURE_SIGNATURE_KEYPAIR.value(); + bkuLocalURL = Constants.DEFAULT_LOCALBKU_URL; bkuHandyURL = Constants.DEFAULT_HANDYBKU_URL; @@ -225,6 +238,16 @@ public class OAGeneralConfig { SLTemplates.add(el.getURL()); } } + + TransformsInfoType bkuSelectTemplate = templates.getBKUSelectionTemplate(); + if (bkuSelectTemplate != null && MiscUtil.isNotEmpty(bkuSelectTemplate.getFilename())) { + bkuSelectionFileUploadFileName.add(bkuSelectTemplate.getFilename()); + } + + TransformsInfoType sendAssertionTemplate = templates.getSendAssertionTemplate(); + if (sendAssertionTemplate != null && MiscUtil.isNotEmpty(sendAssertionTemplate.getFilename())) { + sendAssertionFileUploadFileName.add(sendAssertionTemplate.getFilename()); + } } if (SLTemplates != null && SLTemplates.size() > 0) @@ -602,7 +625,140 @@ public class OAGeneralConfig { */ public void setUseMandates(boolean useMandates) { this.useMandates = useMandates; + } + + + /** + * @return the bkuSelectionFileUpload + */ + public List<File> getBkuSelectionFileUpload() { + return bkuSelectionFileUpload; + } + + + /** + * @param bkuSelectionFileUpload the bkuSelectionFileUpload to set + */ + public void setBkuSelectionFileUpload(List<File> bkuSelectionFileUpload) { + this.bkuSelectionFileUpload = bkuSelectionFileUpload; + } + + + /** + * @return the bkuSelectionFileUploadContentType + */ + public List<String> getBkuSelectionFileUploadContentType() { + return bkuSelectionFileUploadContentType; + } + + + /** + * @param bkuSelectionFileUploadContentType the bkuSelectionFileUploadContentType to set + */ + public void setBkuSelectionFileUploadContentType( + List<String> bkuSelectionFileUploadContentType) { + this.bkuSelectionFileUploadContentType = bkuSelectionFileUploadContentType; + } + + + /** + * @return the bkuSelectionFileUploadFileName + */ + public List<String> getBkuSelectionFileUploadFileName() { + return bkuSelectionFileUploadFileName; + } + + + /** + * @param bkuSelectionFileUploadFileName the bkuSelectionFileUploadFileName to set + */ + public void setBkuSelectionFileUploadFileName( + List<String> bkuSelectionFileUploadFileName) { + this.bkuSelectionFileUploadFileName = bkuSelectionFileUploadFileName; + } + + + /** + * @return the sendAssertionFileUpload + */ + public List<File> getSendAssertionFileUpload() { + return sendAssertionFileUpload; + } + + + /** + * @param sendAssertionFileUpload the sendAssertionFileUpload to set + */ + public void setSendAssertionFileUpload(List<File> sendAssertionFileUpload) { + this.sendAssertionFileUpload = sendAssertionFileUpload; + } + + + /** + * @return the sendAssertionFileUploadContentType + */ + public List<String> getSendAssertionFileUploadContentType() { + return sendAssertionFileUploadContentType; + } + + + /** + * @param sendAssertionFileUploadContentType the sendAssertionFileUploadContentType to set + */ + public void setSendAssertionFileUploadContentType( + List<String> sendAssertionFileUploadContentType) { + this.sendAssertionFileUploadContentType = sendAssertionFileUploadContentType; + } + + + /** + * @return the sendAssertionFileUploadFileName + */ + public List<String> getSendAssertionFileUploadFileName() { + return sendAssertionFileUploadFileName; + } + + + /** + * @param sendAssertionFileUploadFileName the sendAssertionFileUploadFileName to set + */ + public void setSendAssertionFileUploadFileName( + List<String> sendAssertionFileUploadFileName) { + this.sendAssertionFileUploadFileName = sendAssertionFileUploadFileName; + } + + + /** + * @return the deleteBKUTemplate + */ + public boolean isDeleteBKUTemplate() { + return deleteBKUTemplate; + } + + + /** + * @param deleteBKUTemplate the deleteBKUTemplate to set + */ + public void setDeleteBKUTemplate(boolean deleteBKUTemplate) { + this.deleteBKUTemplate = deleteBKUTemplate; + } + + + /** + * @return the deleteSendAssertionTemplate + */ + public boolean isDeleteSendAssertionTemplate() { + return deleteSendAssertionTemplate; + } + + + /** + * @param deleteSendAssertionTemplate the deleteSendAssertionTemplate to set + */ + public void setDeleteSendAssertionTemplate(boolean deleteSendAssertionTemplate) { + this.deleteSendAssertionTemplate = deleteSendAssertionTemplate; } + } diff --git a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/data/oa/OAPVP2Config.java b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/data/oa/OAPVP2Config.java index 0a03ac77b..843844e22 100644 --- a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/data/oa/OAPVP2Config.java +++ b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/data/oa/OAPVP2Config.java @@ -42,6 +42,8 @@ public class OAPVP2Config { private final Logger log = Logger.getLogger(OAPVP2Config.class); + private boolean reLoad = false; + private String metaDataURL = null; private String certificateDN = null; @@ -139,6 +141,20 @@ public class OAPVP2Config { public void setFileUploadFileName(String fileUploadFileName) { this.fileUploadFileName = fileUploadFileName; } + + /** + * @return the reLoad + */ + public boolean isReLoad() { + return reLoad; + } + + /** + * @param reLoad the reLoad to set + */ + public void setReLoad(boolean reLoad) { + this.reLoad = reLoad; + } } diff --git a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/struts/action/EditGeneralConfigAction.java b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/struts/action/EditGeneralConfigAction.java index 3c8c0e18d..c9e834662 100644 --- a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/struts/action/EditGeneralConfigAction.java +++ b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/struts/action/EditGeneralConfigAction.java @@ -48,7 +48,6 @@ import at.gv.egovernment.moa.id.commons.db.dao.config.Contact; import at.gv.egovernment.moa.id.commons.db.dao.config.DefaultBKUs; import at.gv.egovernment.moa.id.commons.db.dao.config.ForeignIdentities; import at.gv.egovernment.moa.id.commons.db.dao.config.GeneralConfiguration; -import at.gv.egovernment.moa.id.commons.db.dao.config.IdentificationNumber; import at.gv.egovernment.moa.id.commons.db.dao.config.IdentityLinkSigners; import at.gv.egovernment.moa.id.commons.db.dao.config.LegacyAllowed; import at.gv.egovernment.moa.id.commons.db.dao.config.MOAIDConfiguration; @@ -74,6 +73,7 @@ import at.gv.egovernment.moa.id.configuration.auth.AuthenticatedUser; import at.gv.egovernment.moa.id.configuration.data.GeneralMOAIDConfig; import at.gv.egovernment.moa.id.configuration.data.GeneralStorkConfig; import at.gv.egovernment.moa.id.configuration.helper.LanguageHelper; +import at.gv.egovernment.moa.id.configuration.validation.ValidationHelper; import at.gv.egovernment.moa.id.configuration.validation.moaconfig.MOAConfigValidator; import at.gv.egovernment.moa.id.configuration.validation.moaconfig.StorkConfigValidator; import at.gv.egovernment.moa.id.util.Random; @@ -225,16 +225,24 @@ public class EditGeneralConfigAction extends ActionSupport dbauth.setGeneralConfiguration(dbauthgeneral); } - GeneralConfiguration oldauthgeneral = null; - if (oldauth != null) - oldauthgeneral = oldauth.getGeneralConfiguration(); +// GeneralConfiguration oldauthgeneral = null; +// if (oldauth != null) +// oldauthgeneral = oldauth.getGeneralConfiguration(); - if (MiscUtil.isNotEmpty(moaconfig.getAlternativeSourceID())) - dbauthgeneral.setAlternativeSourceID(moaconfig.getAlternativeSourceID()); - else { - if (oldauthgeneral != null) - dbauthgeneral.setAlternativeSourceID(oldauthgeneral.getAlternativeSourceID()); - } + //set Public URL Prefix + String pubURLPrefix = moaconfig.getPublicURLPrefix(); + if(pubURLPrefix.endsWith("/")) { + int length = pubURLPrefix.length(); + pubURLPrefix = pubURLPrefix.substring(0, length-1); + } + dbauthgeneral.setPublicURLPreFix(pubURLPrefix); + +// if (MiscUtil.isNotEmpty(moaconfig.getAlternativeSourceID())) +// dbauthgeneral.setAlternativeSourceID(moaconfig.getAlternativeSourceID()); +// else { +// if (oldauthgeneral != null) +// dbauthgeneral.setAlternativeSourceID(oldauthgeneral.getAlternativeSourceID()); +// } if (MiscUtil.isNotEmpty(moaconfig.getCertStoreDirectory())) dbauthgeneral.setCertStoreDirectory(moaconfig.getCertStoreDirectory()); @@ -287,6 +295,15 @@ public class EditGeneralConfigAction extends ActionSupport } saml1.setIsActive(moaconfig.isProtocolActiveSAML1()); + if (MiscUtil.isNotEmpty(moaconfig.getSaml1SourceID())) { + saml1.setSourceID(moaconfig.getSaml1SourceID()); + + } else { + if (MiscUtil.isNotEmpty(saml1.getSourceID())) + saml1.setSourceID(moaconfig.getSaml1SourceID()); + + } + OAuth oauth= dbprotocols.getOAuth(); if (oauth == null) { oauth = new OAuth(); @@ -304,8 +321,8 @@ public class EditGeneralConfigAction extends ActionSupport if (MiscUtil.isNotEmpty(moaconfig.getPvp2IssuerName())) pvp2.setIssuerName(moaconfig.getPvp2IssuerName()); - if (MiscUtil.isNotEmpty(moaconfig.getPvp2PublicUrlPrefix())) - pvp2.setPublicURLPrefix(moaconfig.getPvp2PublicUrlPrefix()); +// if (MiscUtil.isNotEmpty(moaconfig.getPvp2PublicUrlPrefix())) +// pvp2.setPublicURLPrefix(moaconfig.getPvp2PublicUrlPrefix()); Organization pvp2org = pvp2.getOrganization(); if (pvp2org == null) { @@ -353,20 +370,46 @@ public class EditGeneralConfigAction extends ActionSupport dbsso.setFriendlyName(moaconfig.getSsoFriendlyName()); if (MiscUtil.isNotEmpty(moaconfig.getSsoSpecialText())) dbsso.setSpecialText(moaconfig.getSsoSpecialText()); - if (MiscUtil.isNotEmpty(moaconfig.getSsoPublicUrl())) - dbsso.setPublicURL(moaconfig.getSsoPublicUrl()); +// if (MiscUtil.isNotEmpty(moaconfig.getSsoPublicUrl())) +// dbsso.setPublicURL(moaconfig.getSsoPublicUrl()); - if (MiscUtil.isNotEmpty(moaconfig.getSsoTarget())) - dbsso.setTarget(moaconfig.getSsoTarget()); - - if (MiscUtil.isNotEmpty(moaconfig.getSsoIdentificationNumber())) { - IdentificationNumber ssoid = dbsso.getIdentificationNumber(); - if (ssoid == null) { - ssoid = new IdentificationNumber(); - dbsso.setIdentificationNumber(ssoid); + if (MiscUtil.isNotEmpty(moaconfig.getSsoTarget())) { + + if (!ValidationHelper.isValidAdminTarget(moaconfig.getSsoTarget())) { + String num = moaconfig.getSsoTarget().replaceAll(" ", ""); + String pre = null; + if (num.startsWith(Constants.IDENIFICATIONTYPE_FN)) { + num = num.substring(Constants.IDENIFICATIONTYPE_FN.length()); + + num = at.gv.egovernment.moa.util.StringUtils.deleteLeadingZeros(num); + pre = Constants.IDENIFICATIONTYPE_FN; + } + + if (num.startsWith(Constants.IDENIFICATIONTYPE_ZVR)) { + num = num.substring(Constants.IDENIFICATIONTYPE_ZVR.length()); + pre = Constants.IDENIFICATIONTYPE_ZVR; + } + + if (num.startsWith(Constants.IDENIFICATIONTYPE_ERSB)){ + num = num.substring(Constants.IDENIFICATIONTYPE_ERSB.length()); + pre = Constants.IDENIFICATIONTYPE_ERSB; + } + + dbsso.setTarget(Constants.PREFIX_WPBK + pre + "+" + num); + + } else { + dbsso.setTarget(moaconfig.getSsoTarget()); + } - ssoid.setValue(moaconfig.getSsoIdentificationNumber()); } +// if (MiscUtil.isNotEmpty(moaconfig.getSsoIdentificationNumber())) { +// IdentificationNumber ssoid = dbsso.getIdentificationNumber(); +// if (ssoid == null) { +// ssoid = new IdentificationNumber(); +// dbsso.setIdentificationNumber(ssoid); +// } +// ssoid.setValue(moaconfig.getSsoIdentificationNumber()); +// } DefaultBKUs dbbkus = dbconfig.getDefaultBKUs(); if (dbbkus == null) { diff --git a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/struts/action/EditOAAction.java b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/struts/action/EditOAAction.java index c257c76c8..99bdfdc9c 100644 --- a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/struts/action/EditOAAction.java +++ b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/struts/action/EditOAAction.java @@ -34,6 +34,7 @@ import java.security.cert.CertificateException; import java.util.ArrayList; import java.util.Date; import java.util.HashMap; +import java.util.Iterator; import java.util.List; import java.util.Map; @@ -63,7 +64,6 @@ import at.gv.egovernment.moa.id.commons.db.dao.config.OASSO; import at.gv.egovernment.moa.id.commons.db.dao.config.OASTORK; import at.gv.egovernment.moa.id.commons.db.dao.config.OnlineApplication; import at.gv.egovernment.moa.id.commons.db.dao.config.OnlineApplicationType; -import at.gv.egovernment.moa.id.commons.db.dao.config.STORK; import at.gv.egovernment.moa.id.commons.db.dao.config.TemplateType; import at.gv.egovernment.moa.id.commons.db.dao.config.TemplatesType; import at.gv.egovernment.moa.id.commons.db.dao.config.TransformsInfoType; @@ -85,6 +85,7 @@ import at.gv.egovernment.moa.id.configuration.helper.MailHelper; import at.gv.egovernment.moa.id.configuration.validation.FormularCustomizationValitator; import at.gv.egovernment.moa.id.configuration.validation.TargetValidator; import at.gv.egovernment.moa.id.configuration.validation.ValidationHelper; +import at.gv.egovernment.moa.id.configuration.validation.oa.OAFileUploadValidation; import at.gv.egovernment.moa.id.configuration.validation.oa.OAGeneralConfigValidation; import at.gv.egovernment.moa.id.configuration.validation.oa.OAOAUTH20ConfigValidation; import at.gv.egovernment.moa.id.configuration.validation.oa.OAPVP2ConfigValidation; @@ -126,9 +127,12 @@ public class EditOAAction extends ActionSupport implements ServletRequestAware, private OAOAuth20Config oauth20OA = new OAOAuth20Config(); private OASTORKConfig storkOA = new OASTORKConfig(); private FormularCustomization formOA = new FormularCustomization(); - + private InputStream stream; + private Map<String, byte[]> sendAssertionForm = new HashMap<String, byte[]>(); + private Map<String, byte[]> bkuSelectionForm = new HashMap<String, byte[]>(); + // STRUTS actions public String inital() { HttpSession session = request.getSession(); @@ -365,6 +369,7 @@ public class EditOAAction extends ActionSupport implements ServletRequestAware, OASTORKConfigValidation validator_stork = new OASTORKConfigValidation(); FormularCustomizationValitator validator_form = new FormularCustomizationValitator(); OAOAUTH20ConfigValidation validatior_oauth20 = new OAOAUTH20ConfigValidation(); + OAFileUploadValidation valiator_fileUpload = new OAFileUploadValidation(); errors.addAll(validatior_general.validate(generalOA, authUser.isAdmin())); errors.addAll(validatior_pvp2.validate(pvp2OA)); @@ -374,6 +379,37 @@ public class EditOAAction extends ActionSupport implements ServletRequestAware, errors.addAll(validator_form.validate(formOA)); errors.addAll(validatior_oauth20.validate(oauth20OA)); + //validate BKU-selection template + List<String> templateError = valiator_fileUpload.validate(generalOA.getBkuSelectionFileUploadFileName() + , generalOA.getBkuSelectionFileUpload(), "validation.general.bkuselection", bkuSelectionForm); + if (templateError != null && templateError.size() == 0) { + if (bkuSelectionForm != null && bkuSelectionForm.size() > 0) + session.setAttribute(Constants.SESSION_BKUSELECTIONTEMPLATE, bkuSelectionForm); + + else + bkuSelectionForm = (Map<String, byte[]>) session.getAttribute(Constants.SESSION_BKUSELECTIONTEMPLATE); + + } else { + errors.addAll(templateError); + + } + + //validate send-assertion template + templateError = valiator_fileUpload.validate(generalOA.getSendAssertionFileUploadFileName() + , generalOA.getSendAssertionFileUpload(), "validation.general.sendassertion", sendAssertionForm); + if (templateError != null && templateError.size() == 0) { + if (sendAssertionForm != null && sendAssertionForm.size() > 0) + session.setAttribute(Constants.SESSION_SENDASSERTIONTEMPLATE, sendAssertionForm); + + else + sendAssertionForm = (Map<String, byte[]>) session.getAttribute(Constants.SESSION_SENDASSERTIONTEMPLATE); + + } else { + errors.addAll(templateError); + + } + + // Do not allow SSO in combination with special BKUSelection features if (ssoOA.isUseSSO() && (formOA.isOnlyMandateAllowed() || !formOA.isShowMandateLoginButton())) { log.warn("Special BKUSelection features can not be used in combination with SSO"); @@ -432,12 +468,26 @@ public class EditOAAction extends ActionSupport implements ServletRequestAware, } } } + + //save OA configuration + String error = saveOAConfigToDatabase(onlineapplication, newentry); + if (MiscUtil.isNotEmpty(error)) { + log.warn("OA configuration can not be stored!"); + addActionError(error); + + formID = Random.nextRandom(); + session.setAttribute(Constants.SESSION_FORMID, formID); + return Constants.STRUTS_ERROR_VALIDATION; + } + //set metadata reload flag if reload is required if (pvp2OA.getMetaDataURL() != null) { try { if (isMetaDataRefreshRequired - || !pvp2OA.getMetaDataURL().equals(onlineapplication.getAuthComponentOA().getOAPVP2().getMetadataURL())) { + || !pvp2OA.getMetaDataURL().equals(onlineapplication.getAuthComponentOA().getOAPVP2().getMetadataURL()) + || pvp2OA.getFileUpload() != null + || pvp2OA.isReLoad()) { log.debug("Set PVP2 Metadata refresh flag."); MOAIDConfiguration moaconfig = ConfigurationDBRead.getMOAIDConfiguration(); @@ -451,16 +501,6 @@ public class EditOAAction extends ActionSupport implements ServletRequestAware, } } - - String error = saveOAConfigToDatabase(onlineapplication, newentry); - if (MiscUtil.isNotEmpty(error)) { - log.warn("OA configuration can not be stored!"); - addActionError(error); - - formID = Random.nextRandom(); - session.setAttribute(Constants.SESSION_FORMID, formID); - return Constants.STRUTS_ERROR_VALIDATION; - } } Object nextPageAttr = session.getAttribute(Constants.SESSION_RETURNAREA); @@ -495,9 +535,12 @@ public class EditOAAction extends ActionSupport implements ServletRequestAware, } else addActionMessage(LanguageHelper.getGUIString("webpages.oaconfig.success", generalOA.getIdentifier(), request)); - request.getSession().setAttribute(Constants.SESSION_OAID, null); - ConfigurationDBUtils.closeSession(); + //remove session attributes + session.setAttribute(Constants.SESSION_OAID, null); + session.removeAttribute(Constants.SESSION_BKUSELECTIONTEMPLATE); + session.removeAttribute(Constants.SESSION_SENDASSERTIONTEMPLATE); + ConfigurationDBUtils.closeSession(); return Constants.STRUTS_SUCCESS; } @@ -763,6 +806,7 @@ public class EditOAAction extends ActionSupport implements ServletRequestAware, IdentificationNumber idnumber = new IdentificationNumber(); idnumber.setValue(Constants.PREFIX_WPBK + generalOA.getIdentificationType() + "+" + num); + idnumber.setType(Constants.BUSINESSSERVICENAMES.get(generalOA.getIdentificationType())); authoa.setIdentificationNumber(idnumber); @@ -807,6 +851,7 @@ public class EditOAAction extends ActionSupport implements ServletRequestAware, } } + //store BKU-URLs BKUURLS bkuruls = new BKUURLS(); authoa.setBKUURLS(bkuruls); if (authUser.isAdmin()) { @@ -821,6 +866,41 @@ public class EditOAAction extends ActionSupport implements ServletRequestAware, authoa.setTemplates(templates); } + //store BKU-selection and send-assertion templates + if (authUser.isAdmin()) { + + if(generalOA.isDeleteBKUTemplate()) + templates.setBKUSelectionTemplate(null); + + if (generalOA.isDeleteSendAssertionTemplate()) + templates.setSendAssertionTemplate(null); + + + if (bkuSelectionForm != null && bkuSelectionForm.size() > 0) { + TransformsInfoType template = new TransformsInfoType(); + + Iterator<String> interator = bkuSelectionForm.keySet().iterator(); + template.setFilename(interator.next()); + template.setTransformation(bkuSelectionForm.get( + template.getFilename())); + + templates.setBKUSelectionTemplate(template); + } + + if (sendAssertionForm != null && sendAssertionForm.size() > 0) { + TransformsInfoType template = new TransformsInfoType(); + + Iterator<String> interator = sendAssertionForm.keySet().iterator(); + template.setFilename(interator.next()); + template.setTransformation(sendAssertionForm.get( + template.getFilename())); + + templates.setSendAssertionTemplate(template); + } + } + + + //store BKU-selection customization BKUSelectionCustomizationType bkuselectioncustom = templates.getBKUSelectionCustomization(); if (bkuselectioncustom == null) { bkuselectioncustom = new BKUSelectionCustomizationType(); @@ -854,17 +934,20 @@ public class EditOAAction extends ActionSupport implements ServletRequestAware, TemplateType el = new TemplateType(); el.setURL(generalOA.getSLTemplateURL1()); template.add(el); - } + } else + template.add(new TemplateType()); if (MiscUtil.isNotEmpty(generalOA.getSLTemplateURL2())) { TemplateType el = new TemplateType(); el.setURL(generalOA.getSLTemplateURL2()); template.add(el); - } + }else + template.add(new TemplateType()); if (MiscUtil.isNotEmpty(generalOA.getSLTemplateURL3())) { TemplateType el = new TemplateType(); el.setURL(generalOA.getSLTemplateURL3()); template.add(el); - } + }else + template.add(new TemplateType()); } else { if (template != null && template.size() > 0) template.clear(); @@ -886,6 +969,9 @@ public class EditOAAction extends ActionSupport implements ServletRequestAware, bkuselectioncustom.setFontType(formOA.getFontType()); + bkuselectioncustom.setAppletHeight(formOA.getApplet_height()); + bkuselectioncustom.setAppletWidth(formOA.getApplet_width()); + } // set default transformation if it is empty diff --git a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/struts/action/IndexAction.java b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/struts/action/IndexAction.java index a488d919d..ee9b38f74 100644 --- a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/struts/action/IndexAction.java +++ b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/struts/action/IndexAction.java @@ -138,7 +138,19 @@ public class IndexAction extends ActionSupport implements ServletRequestAware, public String authenticate() { - String key = null; + ConfigurationProvider config; + try { + config = ConfigurationProvider.getInstance(); + pvp2LoginActiv = config.isPVP2LoginActive(); + + } catch (ConfigurationException e1) { + log.warn("An internal error occurs.", e1); + pvp2LoginActiv = false; + } + + + + String key = null; if (MiscUtil.isNotEmpty(username)) { if (ValidationHelper.containsPotentialCSSCharacter(username, false)) { @@ -247,7 +259,8 @@ public class IndexAction extends ActionSupport implements ServletRequestAware, try { ConfigurationProvider config = ConfigurationProvider.getInstance(); - + pvp2LoginActiv = config.isPVP2LoginActive(); + //Decode with HttpPost Binding HTTPPostDecoder decode = new HTTPPostDecoder(new BasicParserPool()); BasicSAMLMessageContext<Response, ?, ?> messageContext = new BasicSAMLMessageContext<Response, SAMLObject, SAMLObject>(); diff --git a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/validation/FormularCustomizationValitator.java b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/validation/FormularCustomizationValitator.java index 6a1eddb14..758aa7dc7 100644 --- a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/validation/FormularCustomizationValitator.java +++ b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/validation/FormularCustomizationValitator.java @@ -148,6 +148,24 @@ public class FormularCustomizationValitator { } } + check = form.getApplet_height(); + if (MiscUtil.isNotEmpty(check)) { + if (!ValidationHelper.validateNumber(check)) { + log.warn("Applet height "+ check + " is no valid number"); + errors.add(LanguageHelper.getErrorString("validation.general.form.applet.height", + new Object[] {ValidationHelper.getPotentialCSSCharacter(true)} )); + } + } + + check = form.getApplet_width(); + if (MiscUtil.isNotEmpty(check)) { + if (!ValidationHelper.validateNumber(check)) { + log.warn("Applet width "+ check + " is no valid number"); + errors.add(LanguageHelper.getErrorString("validation.general.form.applet.width", + new Object[] {ValidationHelper.getPotentialCSSCharacter(true)} )); + } + } + return errors; } diff --git a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/validation/ValidationHelper.java b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/validation/ValidationHelper.java index 46d9f4db8..a95d967bb 100644 --- a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/validation/ValidationHelper.java +++ b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/validation/ValidationHelper.java @@ -167,7 +167,6 @@ public class ValidationHelper { } - public static boolean validateURL(String urlString) { log.debug("Validate URL " + urlString); @@ -184,6 +183,21 @@ public class ValidationHelper { return false; } +// public static boolean validateGeneralURL(String urlString) { +// +// log.debug("Validate URL " + urlString); +// +// try { +// new URL(urlString); +// return true; +// +// } catch (MalformedURLException e) { +// +// } +// +// return false; +// } + public static boolean isValidAdminTarget(String target) { log.debug("Ueberpruefe Parameter Target"); diff --git a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/validation/moaconfig/MOAConfigValidator.java b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/validation/moaconfig/MOAConfigValidator.java index 1ea51652a..fcf74a534 100644 --- a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/validation/moaconfig/MOAConfigValidator.java +++ b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/validation/moaconfig/MOAConfigValidator.java @@ -32,10 +32,12 @@ import java.util.Map; import org.apache.log4j.Logger; +import at.gv.egovernment.moa.id.configuration.Constants; import at.gv.egovernment.moa.id.configuration.data.GeneralMOAIDConfig; import at.gv.egovernment.moa.id.configuration.data.pvp2.ContactForm; import at.gv.egovernment.moa.id.configuration.helper.LanguageHelper; import at.gv.egovernment.moa.id.configuration.helper.StringHelper; +import at.gv.egovernment.moa.id.configuration.validation.CompanyNumberValidator; import at.gv.egovernment.moa.id.configuration.validation.ValidationHelper; import at.gv.egovernment.moa.util.Base64Utils; import at.gv.egovernment.moa.util.MiscUtil; @@ -51,15 +53,26 @@ public class MOAConfigValidator { log.debug("Validate general MOA configuration"); - String check = form.getAlternativeSourceID(); + String check = form.getSaml1SourceID(); if (MiscUtil.isNotEmpty(check)) { if (ValidationHelper.containsPotentialCSSCharacter(check, false)) { - log.warn("AlternativeSourceID contains potentail XSS characters: " + check); - errors.add(LanguageHelper.getErrorString("validation.general.AlternativeSourceID", + log.warn("SAML1 SourceID contains potentail XSS characters: " + check); + errors.add(LanguageHelper.getErrorString("validation.general.SAML1SourceID", new Object[] {ValidationHelper.getPotentialCSSCharacter(false)} )); } } + check = form.getPublicURLPrefix(); + if (MiscUtil.isNotEmpty(check)) { + if (!ValidationHelper.validateURL(check)) { + log.info("Public URL Prefix is not valid"); + errors.add(LanguageHelper.getErrorString("validation.general.publicURLprefix.valid")); + } + } else { + log.info("PublicURL Prefix is empty."); + errors.add(LanguageHelper.getErrorString("validation.general.publicURLprefix.empty")); + } + check = form.getTimeoutAssertion(); if (MiscUtil.isNotEmpty(check)) { if (!ValidationHelper.validateNumber(check)) { @@ -232,20 +245,20 @@ public class MOAConfigValidator { } } - check = form.getPvp2PublicUrlPrefix(); - if (MiscUtil.isNotEmpty(check)) { - if (!ValidationHelper.validateURL(check)) { - log.info("PVP2 Service URL is not valid"); - errors.add(LanguageHelper.getErrorString("validation.general.protocol.pvp2.serviceurl.valid")); - } - } +// check = form.getPvp2PublicUrlPrefix(); +// if (MiscUtil.isNotEmpty(check)) { +// if (!ValidationHelper.validateURL(check)) { +// log.info("PVP2 Service URL is not valid"); +// errors.add(LanguageHelper.getErrorString("validation.general.protocol.pvp2.serviceurl.valid")); +// } +// } check = form.getSLRequestTemplateHandy(); if (MiscUtil.isEmpty(check)) { log.info("Empty SLRequestTemplate Handy-BKU"); errors.add(LanguageHelper.getErrorString("validation.general.slrequest.handy.empty")); } else { - if (!ValidationHelper.validateURL(check)) { + if (ValidationHelper.isNotValidIdentityLinkSigner(check)) { log.info("SLRequestTemplate Handy-BKU is not valid"); errors.add(LanguageHelper.getErrorString("validation.general.slrequest.handy.valid")); } @@ -256,7 +269,7 @@ public class MOAConfigValidator { log.info("Empty SLRequestTemplate local BKU"); errors.add(LanguageHelper.getErrorString("validation.general.slrequest.local.empty")); } else { - if (!ValidationHelper.validateURL(check)) { + if (ValidationHelper.isNotValidIdentityLinkSigner(check)) { log.info("SLRequestTemplate local BKU is not valid"); errors.add(LanguageHelper.getErrorString("validation.general.slrequest.local.valid")); } @@ -267,7 +280,7 @@ public class MOAConfigValidator { log.info("Empty SLRequestTemplate Online-BKU"); errors.add(LanguageHelper.getErrorString("validation.general.slrequest.online.empty")); } else { - if (!ValidationHelper.validateURL(check)) { + if (ValidationHelper.isNotValidIdentityLinkSigner(check)) { log.info("SLRequestTemplate Online-BKU is not valid"); errors.add(LanguageHelper.getErrorString("validation.general.slrequest.online.valid")); } @@ -282,22 +295,22 @@ public class MOAConfigValidator { } } - check = form.getSsoIdentificationNumber(); - if (MiscUtil.isNotEmpty(check)) { - if (ValidationHelper.containsPotentialCSSCharacter(check, false)) { - log.info("SSO IdentificationNumber is not valid: " + check); - errors.add(LanguageHelper.getErrorString("validation.general.sso.identificationnumber.valid", - new Object[] {ValidationHelper.getPotentialCSSCharacter(false)} )); - } - } - - check = form.getSsoPublicUrl(); - if (MiscUtil.isNotEmpty(check)) { - if (!ValidationHelper.validateURL(check)) { - log.info("SSO Public URL is not valid"); - errors.add(LanguageHelper.getErrorString("validation.general.sso.publicurl.valid")); - } - } +// check = form.getSsoIdentificationNumber(); +// if (MiscUtil.isNotEmpty(check)) { +// if (ValidationHelper.containsPotentialCSSCharacter(check, false)) { +// log.info("SSO IdentificationNumber is not valid: " + check); +// errors.add(LanguageHelper.getErrorString("validation.general.sso.identificationnumber.valid", +// new Object[] {ValidationHelper.getPotentialCSSCharacter(false)} )); +// } +// } + +// check = form.getSsoPublicUrl(); +// if (MiscUtil.isNotEmpty(check)) { +// if (!ValidationHelper.validateURL(check)) { +// log.info("SSO Public URL is not valid"); +// errors.add(LanguageHelper.getErrorString("validation.general.sso.publicurl.valid")); +// } +// } check = form.getSsoSpecialText(); if (MiscUtil.isNotEmpty(check)) { @@ -315,8 +328,23 @@ public class MOAConfigValidator { } else { if (!ValidationHelper.isValidAdminTarget(check)) { - log.info("Not valid SSO Target"); - errors.add(LanguageHelper.getErrorString("validation.general.sso.target.valid")); + + if (ValidationHelper.containsPotentialCSSCharacter(check, false)) { + log.warn("IdentificationNumber contains potentail XSS characters: " + check); + errors.add(LanguageHelper.getErrorString("validation.general.sso.target.valid", + new Object[] {ValidationHelper.getPotentialCSSCharacter(false)} )); + } + + String num = check.replaceAll(" ", ""); + + if ( !(num.startsWith(Constants.IDENIFICATIONTYPE_FN) || + num.startsWith(Constants.IDENIFICATIONTYPE_ZVR) || + num.startsWith(Constants.IDENIFICATIONTYPE_ERSB) ) ) { + + log.info("Not valid SSO Target"); + errors.add(LanguageHelper.getErrorString("validation.general.sso.target.valid")); + } + } } diff --git a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/validation/moaconfig/StorkConfigValidator.java b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/validation/moaconfig/StorkConfigValidator.java index 318b3b3e7..93f22730c 100644 --- a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/validation/moaconfig/StorkConfigValidator.java +++ b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/validation/moaconfig/StorkConfigValidator.java @@ -22,37 +22,40 @@ public class StorkConfigValidator { log.debug("Validate general STORK configuration"); // check peps list - for(CPEPS current : form.getCpepslist()) { - // check country code - String check = current.getCountryCode(); - if (MiscUtil.isNotEmpty(check)) { - if (ValidationHelper.containsPotentialCSSCharacter(check, false)) { - log.warn("CPEPS config countrycode contains potentail XSS characters: " + check); - errors.add(LanguageHelper.getErrorString("validation.stork.cpeps.cc", - new Object[] {ValidationHelper.getPotentialCSSCharacter(false)} )); - } - if(!check.toLowerCase().matches("^[a-z][a-z]$")) { - log.warn("CPEPS config countrycode does not comply to ISO 3166-2 : " + check); + + if (form.getCpepslist() != null) { + for(CPEPS current : form.getCpepslist()) { + // check country code + String check = current.getCountryCode(); + if (MiscUtil.isNotEmpty(check)) { + if (ValidationHelper.containsPotentialCSSCharacter(check, false)) { + log.warn("CPEPS config countrycode contains potentail XSS characters: " + check); errors.add(LanguageHelper.getErrorString("validation.stork.cpeps.cc", - new Object[] {check} )); + new Object[] {ValidationHelper.getPotentialCSSCharacter(false)} )); + } + if(!check.toLowerCase().matches("^[a-z][a-z]$")) { + log.warn("CPEPS config countrycode does not comply to ISO 3166-2 : " + check); + errors.add(LanguageHelper.getErrorString("validation.stork.cpeps.cc", + new Object[] {check} )); + } + } else { + log.warn("CPEPS config countrycode is empty : " + check); + errors.add(LanguageHelper.getErrorString("validation.stork.cpeps.empty", + new Object[] {check} )); } - } else { - log.warn("CPEPS config countrycode is empty : " + check); - errors.add(LanguageHelper.getErrorString("validation.stork.cpeps.empty", - new Object[] {check} )); - } - - // check url - check = current.getURL(); - if (MiscUtil.isNotEmpty(check)) { - if (!ValidationHelper.validateURL(check)) { - log.info("CPEPS config URL is invalid : " + check); - errors.add(LanguageHelper.getErrorString("validation.stork.cpeps.url")); + + // check url + check = current.getURL(); + if (MiscUtil.isNotEmpty(check)) { + if (!ValidationHelper.validateURL(check)) { + log.info("CPEPS config URL is invalid : " + check); + errors.add(LanguageHelper.getErrorString("validation.stork.cpeps.url")); + } + } else { + log.warn("CPEPS config url is empty : " + check); + errors.add(LanguageHelper.getErrorString("validation.stork.cpeps.empty", + new Object[] {check} )); } - } else { - log.warn("CPEPS config url is empty : " + check); - errors.add(LanguageHelper.getErrorString("validation.stork.cpeps.empty", - new Object[] {check} )); } } @@ -78,10 +81,12 @@ public class StorkConfigValidator { new Object[] {check} )); } } - } else { - log.warn("no attributes specified"); - errors.add(LanguageHelper.getErrorString("validation.stork.attributes.empty", - new Object[] {} )); + + //TODO: STORK attributes check if no attribute is set +// } else { +// log.warn("no attributes specified"); +// errors.add(LanguageHelper.getErrorString("validation.stork.attributes.empty", +// new Object[] {} )); } return errors; diff --git a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/validation/oa/OAFileUploadValidation.java b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/validation/oa/OAFileUploadValidation.java new file mode 100644 index 000000000..8887aeaad --- /dev/null +++ b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/validation/oa/OAFileUploadValidation.java @@ -0,0 +1,90 @@ +/* + * Copyright 2014 Federal Chancellery Austria + * MOA-ID has been developed in a cooperation between BRZ, the Federal + * Chancellery Austria - ICT staff unit, and Graz University of Technology. + * + * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by + * the European Commission - subsequent versions of the EUPL (the "Licence"); + * You may not use this work except in compliance with the Licence. + * You may obtain a copy of the Licence at: + * http://www.osor.eu/eupl/ + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the Licence is distributed on an "AS IS" basis, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the Licence for the specific language governing permissions and + * limitations under the Licence. + * + * This product combines work with different licenses. See the "NOTICE" text + * file for details on the various modules and licenses. + * The "NOTICE" text file is part of the distribution. Any derivative works + * that you distribute must include a readable copy of the "NOTICE" text file. + */ +package at.gv.egovernment.moa.id.configuration.validation.oa; + +import java.io.File; +import java.io.FileInputStream; +import java.io.IOException; +import java.io.InputStream; +import java.util.ArrayList; +import java.util.HashMap; +import java.util.List; +import java.util.Map; + +import org.apache.commons.io.IOUtils; +import org.apache.log4j.Logger; + +import at.gv.egovernment.moa.id.configuration.data.oa.OAGeneralConfig; +import at.gv.egovernment.moa.id.configuration.helper.LanguageHelper; +import at.gv.egovernment.moa.id.configuration.validation.ValidationHelper; +import at.gv.egovernment.moa.util.Base64Utils; +import at.gv.egovernment.moa.util.MiscUtil; + +/** + * @author tlenz + * + */ +public class OAFileUploadValidation { + + private static final Logger log = Logger.getLogger(OASSOConfigValidation.class); + + public List<String> validate(List<String> fileName, List<File> files, String errorMsgPreFix, Map<String, byte[]> output) { + + List<String> errors = new ArrayList<String>(); + + if (fileName != null) { + + if (fileName.size() > 1) { + log.info("Only one BKU-selecten template file can be stored"); + errors.add(LanguageHelper.getErrorString(errorMsgPreFix + ".file.selected")); + } + + for (int i=0; i<fileName.size(); i++) { + String filename = fileName.get(i); + + if (MiscUtil.isNotEmpty(filename)) { + if (ValidationHelper.containsPotentialCSSCharacter(filename, false)) { + log.info("Filename is not valid"); + errors.add(LanguageHelper.getErrorString(errorMsgPreFix + ".filename.valid")); + + } else { + try { + File file = files.get(i); + InputStream stream = new FileInputStream(file); + output.put(filename, IOUtils.toByteArray(stream)); + stream.close(); + + } catch (IOException e) { + log.info("File with FileName " + + filename +" can not be loaded." , e); + errors.add(LanguageHelper.getErrorString(errorMsgPreFix + ".file.valid", + new Object[] {filename} )); + } + } + } + } + } + + return errors; + } +} diff --git a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/validation/oa/OAGeneralConfigValidation.java b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/validation/oa/OAGeneralConfigValidation.java index c84c44de4..d3a2241d3 100644 --- a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/validation/oa/OAGeneralConfigValidation.java +++ b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/validation/oa/OAGeneralConfigValidation.java @@ -133,19 +133,19 @@ public class OAGeneralConfigValidation { } else { check = form.getSLTemplateURL1(); if (MiscUtil.isNotEmpty(check) && - !ValidationHelper.validateURL(check) ) { + ValidationHelper.isNotValidIdentityLinkSigner(check) ) { log.info("First OA-specific SecurityLayer Templates is not valid"); errors.add(LanguageHelper.getErrorString("validation.general.sltemplate1.valid")); } check = form.getSLTemplateURL2(); if (MiscUtil.isNotEmpty(check) && - !ValidationHelper.validateURL(check) ) { + ValidationHelper.isNotValidIdentityLinkSigner(check) ) { log.info("Second OA-specific SecurityLayer Templates is not valid"); errors.add(LanguageHelper.getErrorString("validation.general.sltemplate2.valid")); } check = form.getSLTemplateURL3(); if (MiscUtil.isNotEmpty(check) && - !ValidationHelper.validateURL(check) ) { + ValidationHelper.isNotValidIdentityLinkSigner(check) ) { log.info("Third OA-specific SecurityLayer Templates is not valid"); errors.add(LanguageHelper.getErrorString("validation.general.sltemplate3.valid")); } |