refactor Single Sign-On authentication consents evaluator to get executed by processEngine

author: Thomas Lenz <tlenz@iaik.tugraz.at> 2016-02-19 10:22:11 +0100
committer: Thomas Lenz <tlenz@iaik.tugraz.at> 2016-02-19 10:22:11 +0100
commit: 18f7c6609058ed5c3bfb59c625682f4f4a53d75d (patch)
tree: 6081c9dd22addf5db78d754a431aae86156becfc /id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth
parent: 0d827d781679187d4a73e7b51510539a69a46d79 (diff)
download: moa-id-spss-18f7c6609058ed5c3bfb59c625682f4f4a53d75d.tar.gz
moa-id-spss-18f7c6609058ed5c3bfb59c625682f4f4a53d75d.tar.bz2
moa-id-spss-18f7c6609058ed5c3bfb59c625682f4f4a53d75d.zip
7 files changed, 324 insertions, 238 deletions
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/builder/SendAssertionFormBuilder.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/builder/SendAssertionFormBuilder.java
index d14910319..7121935b0 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/builder/SendAssertionFormBuilder.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/builder/SendAssertionFormBuilder.java
@@ -34,7 +34,8 @@ import java.net.URI;
 import org.apache.commons.io.IOUtils;
 
 import at.gv.egovernment.moa.id.config.auth.AuthConfigurationProviderFactory;
-import at.gv.egovernment.moa.id.config.auth.OAAuthParameter;
+import at.gv.egovernment.moa.id.config.auth.IOAAuthParameters;
+import at.gv.egovernment.moa.id.moduls.IRequest;
 import at.gv.egovernment.moa.id.util.FormBuildUtils;
 import at.gv.egovernment.moa.logging.Logger;
 
@@ -46,8 +47,6 @@ public class SendAssertionFormBuilder {
 	private static final String TEMPLATEBGCOLOR = "style=\"background-color: #COLOR#\"";
 	
 	private static String URL = "#URL#";
-	private static String MODUL = "#MODUL#";
-	private static String ACTION = "#ACTION#";
 	private static String ID = "#ID#";
 	private static String OANAME = "#OAName#";
 	private static String CONTEXTPATH = "#CONTEXTPATH#";
@@ -56,8 +55,7 @@ public class SendAssertionFormBuilder {
 	
 	private static String SERVLET = CONTEXTPATH+"/SSOSendAssertionServlet";
 	
-	private static String getTemplate() {
-		
+	private static String getTemplate() {		
 		String pathLocation;
 		InputStream input = null;
 		try {
@@ -68,12 +66,9 @@ public class SendAssertionFormBuilder {
 				File file = new File(new URI(pathLocation));
 				input = new  FileInputStream(file);
 			
-			} catch (FileNotFoundException e)  {
-				
-				Logger.warn("No LoginFormTempaltes found. Use Generic Templates from package.");
-			
-				pathLocation = "resources/templates/" + HTMLTEMPLATEFULL;
-			
+			} catch (FileNotFoundException e)  {				
+				Logger.warn("No LoginFormTempaltes found. Use Generic Templates from package.");			
+				pathLocation = "resources/templates/" + HTMLTEMPLATEFULL;			
 				input = Thread.currentThread()
 						.getContextClassLoader()
 						.getResourceAsStream(pathLocation);
@@ -82,48 +77,43 @@ public class SendAssertionFormBuilder {
 			
 			return getTemplate(input);
 			
-		} catch (Exception e) {
+		} catch (Exception e) {			
+			return null;
+			
+		} finally {
 			try {
-				input.close();
+				if (input != null)
+					input.close();
 				
-			} catch (IOException e1) {
+			} catch (IOException e) {
 				Logger.warn("SendAssertionTemplate inputstream can not be closed.", e);
+				
 			}
-			
-			return null;
-		}
-		
+		}		
 	}
 	
 	private static String getTemplate(InputStream input) {
+			String template = null;			
+		try {				
 
-			String template = null;
-			
-			try {				
-	
-				StringWriter writer = new StringWriter();
-				IOUtils.copy(input, writer);
-				template = writer.toString();
-				template = template.replace(URL, SERVLET);
-								
-			} catch (Exception e) {
-				Logger.error("Failed to read template", e);
-				
-			} finally {
-				try {
-					input.close();
-					
-				} catch (IOException e) {
-					Logger.warn("SendAssertionTemplate inputstream can not be closed.", e);
-				}
-			}
+			StringWriter writer = new StringWriter();
+			IOUtils.copy(input, writer);
+			template = writer.toString();
+			template = template.replace(URL, SERVLET);
+							
+		} catch (Exception e) {
+			Logger.error("Failed to read template", e);
 			
+		}			
 		return template;
 	}
 
-	public static String buildForm(String modul, String action, String id, OAAuthParameter oaParam, String contextpath) {
+	public static String buildForm(IRequest pendingReq) {
 		String value = null;
 		
+		String contextpath = pendingReq.getAuthURL();
+		IOAAuthParameters oaParam = pendingReq.getOnlineApplicationConfiguration();
+		
 		byte[] oatemplate = oaParam.getSendAssertionTemplate();
 		// OA specific template requires a size of 8 bits minimum
 		if (oatemplate != null && oatemplate.length > 7) {
@@ -137,15 +127,7 @@ public class SendAssertionFormBuilder {
 		}
 		
 		if(value != null) {
-//			if(modul == null) {
-//				modul = SAML1Protocol.PATH;
-//			}
-//			if(action == null) {
-//				action = SAML1Protocol.GETARTIFACT;
-//			}
-			value = value.replace(MODUL, modul);
-			value = value.replace(ACTION, action);
-			value = value.replace(ID, id);
+			value = value.replace(ID, pendingReq.getRequestID());
 			value = value.replace(OANAME, oaParam.getFriendlyName());
 			
 			if (contextpath.endsWith("/"))
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/modules/AbstractAuthServletTask.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/modules/AbstractAuthServletTask.java
index 68d5ae299..559d4fd4f 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/modules/AbstractAuthServletTask.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/modules/AbstractAuthServletTask.java
@@ -12,6 +12,7 @@ import java.util.Map;
 import java.util.Map.Entry;
 
 import javax.servlet.http.HttpServletRequest;
+import javax.servlet.http.HttpServletResponse;
 
 import org.apache.commons.fileupload.FileItem;
 import org.apache.commons.fileupload.FileItemFactory;
@@ -25,6 +26,7 @@ import org.springframework.beans.factory.annotation.Autowired;
 
 import at.gv.egovernment.moa.id.advancedlogging.MOAReversionLogger;
 import at.gv.egovernment.moa.id.auth.MOAIDAuthConstants;
+import at.gv.egovernment.moa.id.auth.builder.DataURLBuilder;
 import at.gv.egovernment.moa.id.auth.data.AuthenticationSession;
 import at.gv.egovernment.moa.id.auth.exception.MOAIDException;
 import at.gv.egovernment.moa.id.commons.db.ex.MOADatabaseException;
@@ -33,6 +35,7 @@ import at.gv.egovernment.moa.id.moduls.IRequest;
 import at.gv.egovernment.moa.id.moduls.IRequestStorage;
 import at.gv.egovernment.moa.id.process.api.ExecutionContext;
 import at.gv.egovernment.moa.id.process.springweb.MoaIdTask;
+import at.gv.egovernment.moa.id.protocols.AbstractAuthProtocolModulController;
 import at.gv.egovernment.moa.id.storage.IAuthenticationSessionStoreage;
 import at.gv.egovernment.moa.logging.Logger;
 import at.gv.egovernment.moa.util.MiscUtil;
@@ -96,6 +99,23 @@ public abstract class AbstractAuthServletTask extends MoaIdTask {
 	}
 
 	/**
+	 * Redirect the authentication process to protocol specific finalization endpoint.  
+	 * 
+	 * @param pendingReq Actually processed protocol specific authentication request
+	 * @param httpResp
+	 */
+	protected void performRedirectToProtocolFinialization(IRequest pendingReq, HttpServletResponse httpResp) {
+		String redirectURL = new DataURLBuilder().buildDataURL(pendingReq.getAuthURL(), 
+				AbstractAuthProtocolModulController.FINALIZEPROTOCOL_ENDPOINT, pendingReq.getRequestID());
+						
+		httpResp.setContentType("text/html");
+		httpResp.setStatus(302);
+		httpResp.addHeader("Location", redirectURL);		
+		Logger.debug("REDIRECT TO: " + redirectURL);
+		
+	}
+	
+	/**
 	 * Parses the request input stream for parameters, assuming parameters are
 	 * encoded UTF-8 (no standard exists how browsers should encode them).
 	 * 
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/modules/SingleSignOnConsentsModuleImpl.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/modules/SingleSignOnConsentsModuleImpl.java
new file mode 100644
index 000000000..d64126de6
--- /dev/null
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/modules/SingleSignOnConsentsModuleImpl.java
@@ -0,0 +1,69 @@
+/*
+ * Copyright 2014 Federal Chancellery Austria
+ * MOA-ID has been developed in a cooperation between BRZ, the Federal
+ * Chancellery Austria - ICT staff unit, and Graz University of Technology.
+ *
+ * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by
+ * the European Commission - subsequent versions of the EUPL (the "Licence");
+ * You may not use this work except in compliance with the Licence.
+ * You may obtain a copy of the Licence at:
+ * http://www.osor.eu/eupl/
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the Licence is distributed on an "AS IS" basis,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the Licence for the specific language governing permissions and
+ * limitations under the Licence.
+ *
+ * This product combines work with different licenses. See the "NOTICE" text
+ * file for details on the various modules and licenses.
+ * The "NOTICE" text file is part of the distribution. Any derivative works
+ * that you distribute must include a readable copy of the "NOTICE" text file.
+ */
+package at.gv.egovernment.moa.id.auth.modules;
+
+import at.gv.egovernment.moa.id.process.api.ExecutionContext;
+
+/**
+ * @author tlenz
+ *
+ */
+public class SingleSignOnConsentsModuleImpl implements AuthModule {
+
+	public static final String PARAM_SSO_CONSENTS_EVALUATION = "ssoconsentsevaluation";
+	
+	/* (non-Javadoc)
+	 * @see at.gv.egovernment.moa.id.auth.modules.AuthModule#getPriority()
+	 */
+	@Override
+	public int getPriority() {
+		return 0;
+		
+	}
+
+	/* (non-Javadoc)
+	 * @see at.gv.egovernment.moa.id.auth.modules.AuthModule#selectProcess(at.gv.egovernment.moa.id.process.api.ExecutionContext)
+	 */
+	@Override
+	public String selectProcess(ExecutionContext context) {
+		Object evaluationObj = context.get(PARAM_SSO_CONSENTS_EVALUATION);
+		if (evaluationObj != null && evaluationObj instanceof Boolean) {
+			boolean evaluateSSOConsents = (boolean) evaluationObj;
+			if (evaluateSSOConsents) {
+				return "SSOConsentsEvluationProcess";
+				
+			}			
+		}
+			
+		return null;
+	}
+
+	/* (non-Javadoc)
+	 * @see at.gv.egovernment.moa.id.auth.modules.AuthModule#getProcessDefinitions()
+	 */
+	@Override
+	public String[] getProcessDefinitions() {
+		return new String[] { "classpath:at/gv/egovernment/moa/id/auth/modules/internal/SingleSignOnConsentEvaluator.process.xml" };
+	}
+
+}
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/modules/internal/tasks/EvaluateSSOConsentsTaskImpl.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/modules/internal/tasks/EvaluateSSOConsentsTaskImpl.java
new file mode 100644
index 000000000..8dcb63550
--- /dev/null
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/modules/internal/tasks/EvaluateSSOConsentsTaskImpl.java
@@ -0,0 +1,115 @@
+/*
+ * Copyright 2014 Federal Chancellery Austria
+ * MOA-ID has been developed in a cooperation between BRZ, the Federal
+ * Chancellery Austria - ICT staff unit, and Graz University of Technology.
+ *
+ * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by
+ * the European Commission - subsequent versions of the EUPL (the "Licence");
+ * You may not use this work except in compliance with the Licence.
+ * You may obtain a copy of the Licence at:
+ * http://www.osor.eu/eupl/
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the Licence is distributed on an "AS IS" basis,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the Licence for the specific language governing permissions and
+ * limitations under the Licence.
+ *
+ * This product combines work with different licenses. See the "NOTICE" text
+ * file for details on the various modules and licenses.
+ * The "NOTICE" text file is part of the distribution. Any derivative works
+ * that you distribute must include a readable copy of the "NOTICE" text file.
+ */
+package at.gv.egovernment.moa.id.auth.modules.internal.tasks;
+
+import javax.servlet.http.HttpServletRequest;
+import javax.servlet.http.HttpServletResponse;
+
+import org.apache.commons.lang.StringEscapeUtils;
+import org.springframework.beans.factory.annotation.Autowired;
+
+import at.gv.egovernment.moa.id.advancedlogging.MOAIDEventConstants;
+import at.gv.egovernment.moa.id.auth.exception.AuthenticationException;
+import at.gv.egovernment.moa.id.auth.exception.MOAIDException;
+import at.gv.egovernment.moa.id.auth.exception.WrongParametersException;
+import at.gv.egovernment.moa.id.auth.modules.AbstractAuthServletTask;
+import at.gv.egovernment.moa.id.auth.modules.TaskExecutionException;
+import at.gv.egovernment.moa.id.moduls.SSOManager;
+import at.gv.egovernment.moa.id.process.api.ExecutionContext;
+import at.gv.egovernment.moa.id.util.ParamValidatorUtils;
+import at.gv.egovernment.moa.logging.Logger;
+import at.gv.egovernment.moa.util.MiscUtil;
+
+/**
+ * Evaluate the Single Sign-On user consent
+ * 
+ * @author tlenz
+ *
+ */
+public class EvaluateSSOConsentsTaskImpl extends AbstractAuthServletTask {
+
+	private static final String PARAM_SSO_CONSENTS = "value";
+	
+	@Autowired private SSOManager ssoManager;
+	
+	/* (non-Javadoc)
+	 * @see at.gv.egovernment.moa.id.process.springweb.MoaIdTask#execute(at.gv.egovernment.moa.id.process.api.ExecutionContext, javax.servlet.http.HttpServletRequest, javax.servlet.http.HttpServletResponse)
+	 */
+	@Override
+	public void execute(ExecutionContext executionContext, HttpServletRequest request, HttpServletResponse response)
+			throws TaskExecutionException {
+		try {
+			//evaluate SSO consents flag
+			String ssoConsentsString = request.getParameter(PARAM_SSO_CONSENTS);
+			ssoConsentsString = StringEscapeUtils.escapeHtml(ssoConsentsString);
+			if (!ParamValidatorUtils.isValidUseMandate(ssoConsentsString))
+				throw new WrongParametersException("EvaluateSSOConsentsTaskImpl", PARAM_SSO_CONSENTS, null);
+			
+			boolean ssoConsents = false;
+			if (MiscUtil.isNotEmpty(ssoConsentsString))
+				ssoConsents = Boolean.parseBoolean(ssoConsentsString);
+			
+			//perform default task initialization 
+			defaultTaskInitialization(request, executionContext);
+			
+			//check SSO session cookie and MOASession object
+			String ssoId = ssoManager.getSSOSessionID(request);
+			boolean isValidSSOSession = ssoManager.isValidSSOSession(ssoId, pendingReq);			
+			if (!(isValidSSOSession && moasession.isAuthenticated() )) {
+				Logger.info("Single Sign-On consents evaluator found NO valid SSO session. Stopping authentication process ...");
+				throw new AuthenticationException("auth.30", null);
+				
+			}
+			
+			//Log consents evaluator event to revisionslog
+			revisionsLogger.logEvent(pendingReq, MOAIDEventConstants.AUTHPROCESS_SSO_ASK_USER_FINISHED, String.valueOf(ssoConsents));
+			
+			//user allow single sign-on authentication
+			if (ssoConsents) {
+				//authenticate pending-request
+				pendingReq.setAuthenticated(true);
+				
+				//store pending-request
+				requestStoreage.storePendingRequest(pendingReq);
+				
+				//redirect to auth. protocol finalization
+				performRedirectToProtocolFinialization(pendingReq, response);
+				
+			} else {
+				//user deny single sign-on authentication
+				throw new AuthenticationException("auth.21", new Object[] {});
+				
+			}
+						
+		} catch (MOAIDException e) {
+			throw new TaskExecutionException(pendingReq, e.getMessage(), e);
+			
+		} catch (Exception e) {
+			Logger.warn("FinalizeAuthenticationTask has an internal error", e);
+			throw new TaskExecutionException(pendingReq, e.getMessage(), e);
+			
+		}
+
+	}
+
+}
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/modules/internal/tasks/FinalizeAuthenticationTask.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/modules/internal/tasks/FinalizeAuthenticationTask.java
index 4fd43b6ba..d1d2cdca8 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/modules/internal/tasks/FinalizeAuthenticationTask.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/modules/internal/tasks/FinalizeAuthenticationTask.java
@@ -28,14 +28,12 @@ import javax.servlet.http.HttpServletResponse;
 import org.springframework.stereotype.Service;
 
 import at.gv.egovernment.moa.id.auth.MOAIDAuthConstants;
-import at.gv.egovernment.moa.id.auth.builder.DataURLBuilder;
 import at.gv.egovernment.moa.id.auth.exception.MOAIDException;
 import at.gv.egovernment.moa.id.auth.modules.AbstractAuthServletTask;
 import at.gv.egovernment.moa.id.auth.modules.TaskExecutionException;
 import at.gv.egovernment.moa.id.commons.db.ex.MOADatabaseException;
 import at.gv.egovernment.moa.id.moduls.RequestImpl;
 import at.gv.egovernment.moa.id.process.api.ExecutionContext;
-import at.gv.egovernment.moa.id.protocols.AbstractAuthProtocolModulController;
 import at.gv.egovernment.moa.logging.Logger;
 import at.gv.egovernment.moa.util.MiscUtil;
 
@@ -93,7 +91,6 @@ public class FinalizeAuthenticationTask extends AbstractAuthServletTask {
 			
 			}
 		
-
 			//set MOASession to authenticated and store MOASession
 			moasession.setAuthenticated(true);
 			String newMOASessionID = authenticatedSessionStorage.changeSessionID(moasession);
@@ -103,16 +100,9 @@ public class FinalizeAuthenticationTask extends AbstractAuthServletTask {
 			pendingReq.setAuthenticated(true);
 			requestStoreage.storePendingRequest(pendingReq);
 		
-			Logger.info("AuthProcess finished. Redirect to Protocol Dispatcher.");
-			
-			String redirectURL = new DataURLBuilder().buildDataURL(pendingReq.getAuthURL(), 
-					AbstractAuthProtocolModulController.FINALIZEPROTOCOL_ENDPOINT, pendingReq.getRequestID());
-							
-			response.setContentType("text/html");
-			response.setStatus(302);
-			response.addHeader("Location", redirectURL);		
-			Logger.debug("REDIRECT TO: " + redirectURL);
-			
+			Logger.info("AuthProcess finished. Redirect to Protocol Dispatcher.");			
+			performRedirectToProtocolFinialization(pendingReq, response);
+						
 		} catch (MOAIDException e) {
 			throw new TaskExecutionException(pendingReq, e.getMessage(), e);
 			
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/modules/internal/tasks/GenerateSSOConsentEvaluatorFrameTask.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/modules/internal/tasks/GenerateSSOConsentEvaluatorFrameTask.java
new file mode 100644
index 000000000..f9f121520
--- /dev/null
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/modules/internal/tasks/GenerateSSOConsentEvaluatorFrameTask.java
@@ -0,0 +1,87 @@
+/*
+ * Copyright 2014 Federal Chancellery Austria
+ * MOA-ID has been developed in a cooperation between BRZ, the Federal
+ * Chancellery Austria - ICT staff unit, and Graz University of Technology.
+ *
+ * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by
+ * the European Commission - subsequent versions of the EUPL (the "Licence");
+ * You may not use this work except in compliance with the Licence.
+ * You may obtain a copy of the Licence at:
+ * http://www.osor.eu/eupl/
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the Licence is distributed on an "AS IS" basis,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the Licence for the specific language governing permissions and
+ * limitations under the Licence.
+ *
+ * This product combines work with different licenses. See the "NOTICE" text
+ * file for details on the various modules and licenses.
+ * The "NOTICE" text file is part of the distribution. Any derivative works
+ * that you distribute must include a readable copy of the "NOTICE" text file.
+ */
+package at.gv.egovernment.moa.id.auth.modules.internal.tasks;
+
+import java.io.PrintWriter;
+
+import javax.servlet.http.HttpServletRequest;
+import javax.servlet.http.HttpServletResponse;
+
+import at.gv.egovernment.moa.id.advancedlogging.MOAIDEventConstants;
+import at.gv.egovernment.moa.id.auth.builder.SendAssertionFormBuilder;
+import at.gv.egovernment.moa.id.auth.exception.MOAIDException;
+import at.gv.egovernment.moa.id.auth.modules.AbstractAuthServletTask;
+import at.gv.egovernment.moa.id.auth.modules.TaskExecutionException;
+import at.gv.egovernment.moa.id.process.api.ExecutionContext;
+import at.gv.egovernment.moa.logging.Logger;
+
+/**
+ * Build a Single Sign-On consents evaluator form
+ * 
+ * @author tlenz
+ *
+ */
+public class GenerateSSOConsentEvaluatorFrameTask extends AbstractAuthServletTask {
+
+	/* (non-Javadoc)
+	 * @see at.gv.egovernment.moa.id.process.springweb.MoaIdTask#execute(at.gv.egovernment.moa.id.process.api.ExecutionContext, javax.servlet.http.HttpServletRequest, javax.servlet.http.HttpServletResponse)
+	 */
+	@Override
+	public void execute(ExecutionContext executionContext, HttpServletRequest request, HttpServletResponse response)
+			throws TaskExecutionException {
+		try {
+			//perform default task initialization 
+			defaultTaskInitialization(request, executionContext);
+									
+			//set authenticated flag to false, because user consents is required
+			pendingReq.setAuthenticated(false);
+		
+			//build consents evaluator form
+			String form = SendAssertionFormBuilder.buildForm(pendingReq);
+
+			//store pending request
+			requestStoreage.storePendingRequest(pendingReq);
+			
+			//Log consents evaluator event to revisionslog
+			revisionsLogger.logEvent(pendingReq.getOnlineApplicationConfiguration(), 
+					pendingReq, MOAIDEventConstants.AUTHPROCESS_SSO_ASK_USER_START);
+			
+			//write form to response object
+			response.setContentType("text/html;charset=UTF-8");
+			PrintWriter out = new PrintWriter(response.getOutputStream()); 
+			out.print(form);
+			out.flush();
+			
+			
+		} catch (MOAIDException e) {
+			throw new TaskExecutionException(pendingReq, e.getMessage(), e);
+			
+		} catch (Exception e) {
+			Logger.warn("FinalizeAuthenticationTask has an internal error", e);
+			throw new TaskExecutionException(pendingReq, e.getMessage(), e);
+			
+		}
+
+	}
+
+}
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/SSOSendAssertionServlet.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/SSOSendAssertionServlet.java
deleted file mode 100644
index 4c895e387..000000000
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/SSOSendAssertionServlet.java
+++ /dev/null
@@ -1,177 +0,0 @@
-///*******************************************************************************
-// * Copyright 2014 Federal Chancellery Austria
-// * MOA-ID has been developed in a cooperation between BRZ, the Federal
-// * Chancellery Austria - ICT staff unit, and Graz University of Technology.
-// * 
-// * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by
-// * the European Commission - subsequent versions of the EUPL (the "Licence");
-// * You may not use this work except in compliance with the Licence.
-// * You may obtain a copy of the Licence at:
-// * http://www.osor.eu/eupl/
-// * 
-// * Unless required by applicable law or agreed to in writing, software
-// * distributed under the Licence is distributed on an "AS IS" basis,
-// * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-// * See the Licence for the specific language governing permissions and
-// * limitations under the Licence.
-// * 
-// * This product combines work with different licenses. See the "NOTICE" text
-// * file for details on the various modules and licenses.
-// * The "NOTICE" text file is part of the distribution. Any derivative works
-// * that you distribute must include a readable copy of the "NOTICE" text file.
-// ******************************************************************************/
-//package at.gv.egovernment.moa.id.auth.servlet;
-//
-//import java.io.IOException;
-//
-//import javax.servlet.ServletException;
-//import javax.servlet.http.HttpServletRequest;
-//import javax.servlet.http.HttpServletResponse;
-//
-//import org.apache.commons.lang.StringEscapeUtils;
-//
-//import at.gv.egovernment.moa.id.advancedlogging.MOAIDEventConstants;
-//import at.gv.egovernment.moa.id.advancedlogging.MOAReversionLogger;
-//import at.gv.egovernment.moa.id.auth.data.AuthenticationSession;
-//import at.gv.egovernment.moa.id.auth.exception.AuthenticationException;
-//import at.gv.egovernment.moa.id.auth.exception.WrongParametersException;
-//import at.gv.egovernment.moa.id.commons.db.ex.MOADatabaseException;
-//import at.gv.egovernment.moa.id.moduls.IRequest;
-//import at.gv.egovernment.moa.id.moduls.RequestStorage;
-//import at.gv.egovernment.moa.id.moduls.SSOManager;
-//import at.gv.egovernment.moa.id.storage.AuthenticationSessionStoreage;
-//import at.gv.egovernment.moa.id.util.ParamValidatorUtils;
-//import at.gv.egovernment.moa.logging.Logger;
-//import at.gv.egovernment.moa.util.MiscUtil;
-//
-//public class SSOSendAssertionServlet extends AuthServlet{
-//
-//	private static final long serialVersionUID = 1L;
-//
-//	private static final String PARAM = "value";
-//	private static final String MODULE = "mod";
-//	private static final String ACTION = "action";
-//	private static final String ID = "identifier";
-//	
-//	protected void doPost(HttpServletRequest req, HttpServletResponse resp)
-//			throws ServletException, IOException {
-//		
-//		String id = null;
-//		Logger.debug("Receive " + SSOSendAssertionServlet.class + " Request");
-//		try {
-//			
-//			Object idObject = req.getParameter(ID);
-//			
-//			if (idObject != null && (idObject instanceof String)) {
-//				id = (String) idObject;
-//			}
-//			
-//			String value = req.getParameter(PARAM);
-//			value = StringEscapeUtils.escapeHtml(value);
-//			if (!ParamValidatorUtils.isValidUseMandate(value))
-//				throw new WrongParametersException("SSOSendAssertionServlet", PARAM, null);		    
-//
-//			//get module and action
-//			Object moduleObject = req.getParameter(MODULE);
-//			String module = null;
-//			if (moduleObject != null && (moduleObject instanceof String)) {
-//				module = (String) moduleObject;
-//			}
-//			
-//
-//			Object actionObject = req.getParameter(ACTION);
-//			String action = null;
-//			if (actionObject != null && (actionObject instanceof String)) {
-//				action = (String) actionObject;
-//			}
-//						
-//			if (MiscUtil.isEmpty(module) || MiscUtil.isEmpty(action) || MiscUtil.isEmpty(id)) {
-//				Logger.warn("No Moduel or Action parameter received!");
-//				throw new WrongParametersException("Module or Action is empty", "", "auth.10");
-//			}
-//			
-//			
-//			SSOManager ssomanager = SSOManager.getInstance();
-//			//get SSO Cookie for Request
-//			String ssoId = ssomanager.getSSOSessionID(req);
-//		
-//			//check SSO session
-//			if (ssoId != null) {
-//				String correspondingMOASession = ssomanager.existsOldSSOSession(ssoId);
-//			
-//				if (correspondingMOASession != null) {
-//					Logger.warn("Request sends an old SSO Session ID("+ssoId+")! " +
-//							"Invalidate the corresponding MOASession with ID="+ correspondingMOASession);
-//				
-//
-//					AuthenticationSessionStoreage.destroySession(correspondingMOASession);
-//					
-//					ssomanager.deleteSSOSessionID(req, resp);
-//				}
-//			}
-//		
-//			boolean isValidSSOSession = ssomanager.isValidSSOSession(ssoId, null);
-//		
-//			String moaSessionID = null;
-//			
-//			if (isValidSSOSession) {
-//			
-//				
-//				//check UseMandate flag
-//				String valueString = null;;
-//				if ((value != null) && (value.compareTo("") != 0)) {
-//					valueString = value;
-//				} else {
-//					valueString = "false";
-//				}
-//
-//				if (valueString.compareToIgnoreCase("true") == 0) {
-//					moaSessionID = AuthenticationSessionStoreage.getMOASessionSSOID(ssoId);
-//					AuthenticationSession moasession = AuthenticationSessionStoreage.getSession(moaSessionID);
-//					AuthenticationSessionStoreage.setAuthenticated(moaSessionID, true);
-//
-//					//log event
-//					//String pendingRequestID = AuthenticationSessionStoreage.getPendingRequestID(moaSessionID);
-//					IRequest pendingReq = RequestStorage.getPendingRequest(id);
-//					MOAReversionLogger.getInstance().logEvent(pendingReq, MOAIDEventConstants.AUTHPROCESS_SSO_ASK_USER_FINISHED);
-//					
-//					//TODO: only for development!!!!!!!
-////					String redirectURL = new DataURLBuilder().buildDataURL(moasession.getAuthURL(), 
-////							ModulUtils.buildAuthURL(module, action, id), "");
-//					
-//					String redirectURL = "Remove commants in Class:SSOSendAssertionServlet Line:141"; 
-//					
-//					resp.setContentType("text/html");
-//					resp.setStatus(302);
-//				
-//					
-//					resp.addHeader("Location", redirectURL);		
-//					Logger.debug("REDIRECT TO: " + redirectURL);
-//					
-//				}
-//					
-//				else {
-//					throw new AuthenticationException("auth.21", new Object[] {});
-//				}
-//			
-//			} else {
-//				handleError("SSO Session is not valid", null, req, resp, id);
-//			}
-//			
-//			
-//		} catch (MOADatabaseException e) {
-//			handleError("SSO Session is not found", e, req, resp, id);
-//			
-//		} catch (WrongParametersException e) {
-//			handleError("Parameter is not valid", e, req, resp, id);
-//			
-//		} catch (AuthenticationException e) {
-//			handleError(e.getMessage(), e, req, resp, id);
-//			
-//	    } catch (Exception e) {
-//	    	Logger.error("SSOSendAssertion has an interal Error.", e);
-//	    }
-//	       
-//	}
-//
-//}
author	Thomas Lenz <tlenz@iaik.tugraz.at>	2016-02-19 10:22:11 +0100
committer	Thomas Lenz <tlenz@iaik.tugraz.at>	2016-02-19 10:22:11 +0100
commit	18f7c6609058ed5c3bfb59c625682f4f4a53d75d (patch)
tree	6081c9dd22addf5db78d754a431aae86156becfc /id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth
parent	0d827d781679187d4a73e7b51510539a69a46d79 (diff)
download	moa-id-spss-18f7c6609058ed5c3bfb59c625682f4f4a53d75d.tar.gz moa-id-spss-18f7c6609058ed5c3bfb59c625682f4f4a53d75d.tar.bz2 moa-id-spss-18f7c6609058ed5c3bfb59c625682f4f4a53d75d.zip