diff options
author | Thomas Lenz <tlenz@iaik.tugraz.at> | 2018-07-12 16:16:29 +0200 |
---|---|---|
committer | Thomas Lenz <tlenz@iaik.tugraz.at> | 2018-07-12 16:16:29 +0200 |
commit | 132681b9f3e00158b1671f50b23517462aa54afd (patch) | |
tree | cda5e6b321a44fbb54a959693a4afe71eb25bd6a /id/ConfigWebTool/src/main | |
parent | 3535ae9500b29d0b2d0f317ea7f47a6c25c6f70e (diff) | |
parent | 3b1130e2366138871a92a1f83124a27fa83885dd (diff) | |
download | moa-id-spss-132681b9f3e00158b1671f50b23517462aa54afd.tar.gz moa-id-spss-132681b9f3e00158b1671f50b23517462aa54afd.tar.bz2 moa-id-spss-132681b9f3e00158b1671f50b23517462aa54afd.zip |
Merge branch 'eIDAS_node_2.0_tests' into huge_refactoring
# Conflicts:
# id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/builder/AuthenticationDataBuilder.java
# id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/builder/BPKBuilder.java
# id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/parser/VerifyXMLSignatureResponseParser.java
# id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/validator/VerifyXMLSignatureResponseValidator.java
# id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/auth/OAAuthParameterDecorator.java
# id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/auth/data/DynamicOAAuthParameters.java
# id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/data/AuthenticationData.java
# id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/moduls/AuthenticationManager.java
# id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/builder/attributes/EncryptedBPKAttributeBuilder.java
# id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/utils/AssertionAttributeExtractor.java
# id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/utils/SAML2Utils.java
# id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/verification/metadata/SchemaValidationFilter.java
# id/server/idserverlib/src/main/resources/moaid.authentication.beans.xml
# id/server/idserverlib/src/test/java/at/gv/egovernment/moa/id/module/test/TestRequestImpl.java
# id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/id/commons/MOAIDAuthConstants.java
# id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/id/commons/api/IOAAuthParameters.java
# id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/id/commons/config/ConfigurationMigrationUtils.java
# id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/id/commons/utils/KeyValueUtils.java
# id/server/modules/moa-id-module-bkaMobilaAuthSAML2Test/src/main/java/at/gv/egovernment/moa/id/auth/modules/bkamobileauthtests/BKAMobileAuthModule.java
# id/server/modules/moa-id-module-bkaMobilaAuthSAML2Test/src/main/java/at/gv/egovernment/moa/id/auth/modules/bkamobileauthtests/tasks/FirstBKAMobileAuthTask.java
# id/server/modules/moa-id-module-sl20_authentication/src/main/java/at/gv/egovernment/moa/id/auth/modules/sl20_auth/sl20/JsonSecurityUtils.java
# id/server/modules/moa-id-module-sl20_authentication/src/main/java/at/gv/egovernment/moa/id/auth/modules/sl20_auth/tasks/CreateQualeIDRequestTask.java
# id/server/modules/moa-id-module-sl20_authentication/src/main/java/at/gv/egovernment/moa/id/auth/modules/sl20_auth/tasks/ReceiveQualeIDTask.java
# id/server/modules/module-monitoring/src/main/java/at/gv/egovernment/moa/id/monitoring/IdentityLinkTestModule.java
Diffstat (limited to 'id/ConfigWebTool/src/main')
8 files changed, 219 insertions, 4 deletions
diff --git a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/data/oa/OAAuthenticationData.java b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/data/oa/OAAuthenticationData.java index e907128d9..e896bb80b 100644 --- a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/data/oa/OAAuthenticationData.java +++ b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/data/oa/OAAuthenticationData.java @@ -85,6 +85,11 @@ public class OAAuthenticationData implements IOnlineApplicationData { private boolean useTestIDLValidationTrustStore = false; private boolean useTestAuthblockValidationTrustStore = false; + + //SL2.0 + private boolean sl20Active = false; + private String sl20EndPoints = null; + /** * */ @@ -100,9 +105,9 @@ public class OAAuthenticationData implements IOnlineApplicationData { try { MOAIDConfiguration dbconfig = ConfigurationProvider.getInstance().getDbRead().getMOAIDConfiguration(); - elgaServicesList = KeyValueUtils.getListOfCSVValues(dbconfig.getElgaMandateServiceURLs()); - + try { + elgaServicesList = KeyValueUtils.getListOfCSVValues(dbconfig.getElgaMandateServiceURLs()); misServicesList = KeyValueUtils.getListOfCSVValues( dbconfig.getAuthComponentGeneral().getOnlineMandates().getConnectionParameter().getURL()); } catch (NullPointerException e) {} @@ -253,6 +258,29 @@ public class OAAuthenticationData implements IOnlineApplicationData { useTestIDLValidationTrustStore = oaauth.getTestCredentials().isUseTestIDLTrustStore(); } + //parse SL2.0 information + if (oaauth.isSl20Active()) { + //parse SL2.0 endpoint information + if (oaauth.getSl20EndPoints() != null) { + if (KeyValueUtils.isCSVValueString(oaauth.getSl20EndPoints())) + sl20EndPoints = KeyValueUtils.normalizeCSVValueString(oaauth.getSl20EndPoints()); + + else { + if (oaauth.getSl20EndPoints().contains(KeyValueUtils.CSV_DELIMITER)) { + //remove trailing comma if exist + sl20EndPoints = oaauth.getSl20EndPoints().substring(0, + oaauth.getSl20EndPoints().indexOf(KeyValueUtils.CSV_DELIMITER)); + + } else + sl20EndPoints = oaauth.getSl20EndPoints(); + + } + } + sl20Active = oaauth.isSl20Active(); + + } + + return null; } @@ -392,7 +420,10 @@ public class OAAuthenticationData implements IOnlineApplicationData { testing.setUseTestIDLTrustStore(useTestIDLValidationTrustStore); - + //store SL2.0 information + authoa.setSl20Active(isSl20Active()); + authoa.setSl20EndPoints(getSl20EndPoints()); + return null; } @@ -768,6 +799,28 @@ public class OAAuthenticationData implements IOnlineApplicationData { public List<String> getSzrgwServicesList() { return szrgwServicesList; } + + + public boolean isSl20Active() { + return sl20Active; + } + + public void setSl20Active(boolean sl20Active) { + this.sl20Active = sl20Active; + } + + public String getSl20EndPoints() { + return sl20EndPoints; + } + + public void setSl20EndPoints(String sl20EndPoints) { + if (MiscUtil.isNotEmpty(sl20EndPoints)) + this.sl20EndPoints = + KeyValueUtils.removeAllNewlineFromString(sl20EndPoints); + else + this.sl20EndPoints = sl20EndPoints; + } + } diff --git a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/data/oa/OATargetConfiguration.java b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/data/oa/OATargetConfiguration.java index b4b3aaf13..381bf5cc7 100644 --- a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/data/oa/OATargetConfiguration.java +++ b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/data/oa/OATargetConfiguration.java @@ -27,6 +27,7 @@ import java.util.List; import javax.servlet.http.HttpServletRequest; +import at.gv.egiz.eaaf.core.impl.utils.KeyValueUtils; import at.gv.egovernment.moa.id.commons.db.dao.config.deprecated.AuthComponentOA; import at.gv.egovernment.moa.id.commons.db.dao.config.deprecated.IdentificationNumber; import at.gv.egovernment.moa.id.commons.db.dao.config.deprecated.OnlineApplication; @@ -56,6 +57,8 @@ public class OATargetConfiguration implements IOnlineApplicationData { private String identificationNumber = null; private String identificationType = null; private static List<String> identificationTypeList = null; + + private String foreignbPKTargets = null; public OATargetConfiguration() { targetList = TargetValidator.getListOfTargets(); @@ -145,6 +148,26 @@ public class OATargetConfiguration implements IOnlineApplicationData { } } + + //parse foreign bPK sector list + if (dbOA.getForeignbPKTargetList() != null) { + if (KeyValueUtils.isCSVValueString(dbOA.getForeignbPKTargetList())) + foreignbPKTargets = KeyValueUtils.normalizeCSVValueString(dbOA.getForeignbPKTargetList()); + + else { + if (dbOA.getForeignbPKTargetList().contains(KeyValueUtils.CSV_DELIMITER)) { + //remove trailing comma if exist + foreignbPKTargets = dbOA.getForeignbPKTargetList().substring(0, + dbOA.getForeignbPKTargetList().indexOf(KeyValueUtils.CSV_DELIMITER)); + + } else + foreignbPKTargets = dbOA.getForeignbPKTargetList(); + + } + } + + + return null; } @@ -253,6 +276,9 @@ public class OATargetConfiguration implements IOnlineApplicationData { } } } + + dbOA.setForeignbPKTargetList(getForeignbPKTargets()); + return null; } @@ -401,6 +427,22 @@ public class OATargetConfiguration implements IOnlineApplicationData { public void setSubTargetSet(boolean subTargetSet) { this.subTargetSet = subTargetSet; } + + + public String getForeignbPKTargets() { + return foreignbPKTargets; + } + + + public void setForeignbPKTargets(String foreignbPKTargets) { + if (MiscUtil.isNotEmpty(foreignbPKTargets)) + this.foreignbPKTargets = + KeyValueUtils.removeAllNewlineFromString(foreignbPKTargets); + else + this.foreignbPKTargets = foreignbPKTargets; + } + + } diff --git a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/validation/oa/OAAuthenticationDataValidation.java b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/validation/oa/OAAuthenticationDataValidation.java index a758088b1..6b58a22b4 100644 --- a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/validation/oa/OAAuthenticationDataValidation.java +++ b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/validation/oa/OAAuthenticationDataValidation.java @@ -30,6 +30,7 @@ import javax.servlet.http.HttpServletRequest; import org.apache.log4j.Logger; +import at.gv.egiz.eaaf.core.impl.utils.KeyValueUtils; import at.gv.egovernment.moa.id.commons.MOAIDAuthConstants; import at.gv.egovernment.moa.id.commons.validation.ValidationHelper; import at.gv.egovernment.moa.id.configuration.data.oa.OAAuthenticationData; @@ -187,7 +188,65 @@ public class OAAuthenticationDataValidation { } - + + if (form.isSl20Active()) { + if (MiscUtil.isNotEmpty(form.getSl20EndPoints())) { + log.debug("Validate SL2.0 configuration ... "); + List<String> sl20Endpoints = KeyValueUtils.getListOfCSVValues(form.getSl20EndPoints()); + if (sl20Endpoints.size() == 1) { + String value = sl20Endpoints.get(0); + + if (!value.startsWith(KeyValueUtils.DEFAULT_VALUE + KeyValueUtils.KEYVVALUEDELIMITER) && + value.contains(KeyValueUtils.KEYVVALUEDELIMITER)) { + log.warn("SL2.0 endpoint '" + value + "' has wrong format"); + errors.add(LanguageHelper.getErrorString("validation.general.sl20.endpoints.wrong", + new Object[] {value}, request )); + + } else if (!value.startsWith(KeyValueUtils.DEFAULT_VALUE + KeyValueUtils.KEYVVALUEDELIMITER) && + !value.contains(KeyValueUtils.KEYVVALUEDELIMITER) ) { + log.info("Find one SL2.0 endpoint without 'default='. Start update ... "); + form.setSl20EndPoints(KeyValueUtils.DEFAULT_VALUE + KeyValueUtils.KEYVVALUEDELIMITER + value); + + } + + } else { + boolean findDefault = false; + for (String el : sl20Endpoints) { + if (!el.contains(KeyValueUtils.KEYVVALUEDELIMITER)) { + log.warn("SL2.0 endpoint '" + el + "' has wrong format"); + errors.add(LanguageHelper.getErrorString("validation.general.sl20.endpoints.wrong", + new Object[] {el}, request )); + + } else { + if (el.startsWith(KeyValueUtils.DEFAULT_VALUE + KeyValueUtils.KEYVVALUEDELIMITER)) { + log.debug("Find default endpoint."); + findDefault = true; + + } else { + String firstPart = el.split(KeyValueUtils.KEYVVALUEDELIMITER)[0]; + try { + Integer.valueOf(firstPart); + + } catch (NumberFormatException e) { + log.warn("SL2.0 endpoint '" + el + "' has wrong format", e); + errors.add(LanguageHelper.getErrorString("validation.general.sl20.endpoints.wrong", + new Object[] {el}, request )); + + } + } + } + } + + if (!findDefault) { + log.warn("SL2.0 endpoints contains NO default endpoint"); + errors.add(LanguageHelper.getErrorString("validation.general.sl20.endpoints.default", + new Object[] {}, request )); + + } + } + } + } + return errors; } } diff --git a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/validation/oa/OATargetConfigValidation.java b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/validation/oa/OATargetConfigValidation.java index ca0231577..4807d479e 100644 --- a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/validation/oa/OATargetConfigValidation.java +++ b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/validation/oa/OATargetConfigValidation.java @@ -161,6 +161,10 @@ public class OATargetConfigValidation { } } + + //foreign bPK configuration + + return errors; } } diff --git a/id/ConfigWebTool/src/main/resources/applicationResources_de.properties b/id/ConfigWebTool/src/main/resources/applicationResources_de.properties index 030a30adc..67ee294c9 100644 --- a/id/ConfigWebTool/src/main/resources/applicationResources_de.properties +++ b/id/ConfigWebTool/src/main/resources/applicationResources_de.properties @@ -243,6 +243,7 @@ webpages.oaconfig.general.friendlyname=Name der Online-Applikation webpages.oaconfig.general.isbusinessservice=Privatwirtschaftliche Applikation webpages.oaconfig.general.isstorkservice=Stork Applikation webpages.oaconfig.general.public.header=Öffentlicher Bereich +webpages.oaconfig.general.foreignbpk.header=Fremd-bPK Konfiguration webpages.oaconfig.general.stork.header=STORK Bereich webpages.oaconfig.general.stork.countrycode=Landesvorwahl webpages.oaconfig.general.target.friendlyname=Bezeichnung des Bereichs (Frei w\u00E4hlbar) @@ -262,6 +263,8 @@ webpages.oaconfig.general.aditional.iframe=B\u00FCrgerkartenauswahl im IFrame webpages.oaconfig.general.aditional.useUTC=UTC Zeit verwenden webpages.oaconfig.general.aditional.calculateHPI="TODO!" webpages.oaconfig.general.isHideBPKAuthBlock=bPK/wbPK im AuthBlock ausblenden +webpages.oaconfig.general.foreign.sectors=Sektoren f\u00FCr Fremd-bPKs (CSV) + webpages.oaconfig.general.szrgw.header=Zentraler nationaler eIDAS Connector webpages.oaconfig.general.szrgw.selected=URL zum zentralen eIDAS Connector @@ -559,3 +562,11 @@ validation.general.form.appletredirecttarget=Der RedirectTarget beinhaltet einen validation.general.form.fonttype=Der BKU-Auswahl Schrifttyp enth\u00E4lt nicht erlaubte Zeichen. Folgende Zeichen sind nicht erlaubt\: {0} validation.general.form.applet.width=Die Appleth\u00F6he ist keine g\\u00FCltige Zahl. validation.general.form.applet.height=Die Appletbreite ist keine g\\u00FCltige Zahl. + + +###new +webpages.oaconfig.general.sl20.header=Security Layer für mobile Authententifizierung +webpages.oaconfig.general.sl20.enable=SL2.0 aktivieren +webpages.oaconfig.general.sl20.endpoints=VDA Endpunkt URLs +validation.general.sl20.endpoints.default=SL2.0 Endpunkt beinhaltet keinen 'default' Endpunkt. +validation.general.sl20.endpoints.wrong=SL2.0 Endpunkt ist ung\\u00FCltig formatiert {0}. diff --git a/id/ConfigWebTool/src/main/resources/applicationResources_en.properties b/id/ConfigWebTool/src/main/resources/applicationResources_en.properties index cf87394b9..995fbb225 100644 --- a/id/ConfigWebTool/src/main/resources/applicationResources_en.properties +++ b/id/ConfigWebTool/src/main/resources/applicationResources_en.properties @@ -249,6 +249,7 @@ webpages.oaconfig.general.friendlyname=Name of the Online-Application webpages.oaconfig.general.isbusinessservice=Private sector application webpages.oaconfig.general.isstorkservice=Stork application webpages.oaconfig.general.public.header=Public sector +webpages.oaconfig.general.foreignbpk.header=Foreign sectors configuration webpages.oaconfig.general.stork.header=STORK sector webpages.oaconfig.general.stork.countrycode=Country code webpages.oaconfig.general.target.friendlyname=Name of the sector (arbitrary defined) @@ -268,6 +269,7 @@ webpages.oaconfig.general.aditional.iframe=Selection of citizen card in IFrame webpages.oaconfig.general.aditional.useUTC=Use UTC time webpages.oaconfig.general.aditional.calculateHPI="TODO!" webpages.oaconfig.general.isHideBPKAuthBlock=Hide bPK/wbPK from AuthBlock +webpages.oaconfig.general.foreign.sectors=Sectors for foreign pseudonyms (CSV) webpages.oaconfig.general.szrgw.header=Central national eIDAS Connector webpages.oaconfig.general.szrgw.selected=URL to central eIDAS Connector @@ -557,3 +559,11 @@ validation.general.form.appletredirecttarget=RedirectTarget contains invalud val validation.general.form.fonttype=Font type for CCE selection contains forbidden characters. The following characters are not allowed\: {0} validation.general.form.applet.width=The height of applet is invalid number. validation.general.form.applet.height=The width of applet is invalid number. + + +###new +webpages.oaconfig.general.sl20.header=Security Layer for mobile Authentication +webpages.oaconfig.general.sl20.enable=Activate SL2.0 +webpages.oaconfig.general.sl20.endpoints=VDA endPoint URLs +validation.general.sl20.endpoints.default=SL2.0 endpoint contains NO 'default'. +validation.general.sl20.endpoints.wrong=SL2.0 endpoint {0} is not valid.
\ No newline at end of file diff --git a/id/ConfigWebTool/src/main/webapp/jsp/snippets/OA/authentication.jsp b/id/ConfigWebTool/src/main/webapp/jsp/snippets/OA/authentication.jsp index 59661091b..d2668e264 100644 --- a/id/ConfigWebTool/src/main/webapp/jsp/snippets/OA/authentication.jsp +++ b/id/ConfigWebTool/src/main/webapp/jsp/snippets/OA/authentication.jsp @@ -68,6 +68,27 @@ </s:if> <div class="oa_config_block"> + <h3><%=LanguageHelper.getGUIString("webpages.oaconfig.general.sl20.header", request) %></h3> + <s:checkbox name="authOA.sl20Active" + value="%{authOA.sl20Active}" + labelposition="left" + key="webpages.oaconfig.general.sl20.enable" + cssClass="checkbox"> + </s:checkbox> + + <s:textarea name="authOA.sl20EndPoints" + value="%{authOA.sl20EndPoints}" + labelposition="left" + key="webpages.oaconfig.general.sl20.endpoints" + cssClass="textfield_long" + rows="3" + requiredLabel="true" + style="height:120px;"> + </s:textarea> + </div> + + + <div class="oa_config_block"> <h3><%=LanguageHelper.getGUIString("webpages.oaconfig.general.testing.header", request) %></h3> diff --git a/id/ConfigWebTool/src/main/webapp/jsp/snippets/OA/targetConfiguration.jsp b/id/ConfigWebTool/src/main/webapp/jsp/snippets/OA/targetConfiguration.jsp index b8bd1dc02..a61ce3053 100644 --- a/id/ConfigWebTool/src/main/webapp/jsp/snippets/OA/targetConfiguration.jsp +++ b/id/ConfigWebTool/src/main/webapp/jsp/snippets/OA/targetConfiguration.jsp @@ -111,5 +111,20 @@ </s:else> </div> </s:if> + + <div id="oa_config_foreignbPKArea" class="oa_config_block"> + <h3><%=LanguageHelper.getGUIString("webpages.oaconfig.general.foreignbpk.header", request) %></h3> + <s:textarea name="targetConfig.foreignbPKTargets" + value="%{targetConfig.foreignbPKTargets}" + labelposition="left" + key="webpages.oaconfig.general.foreign.sectors" + cssClass="textfield_long" + rows="6" + requiredLabel="true" + style="height:120px;"> + </s:textarea> + + </div> + </html>
\ No newline at end of file |