diff options
| author | Thomas Lenz <tlenz@iaik.tugraz.at> | 2018-06-12 09:20:52 +0200 |
|---|---|---|
| committer | Thomas Lenz <tlenz@iaik.tugraz.at> | 2018-06-12 09:20:52 +0200 |
| commit | 721d4261b72a12dc6147687d72b81738014be20b (patch) | |
| tree | d95504e0168f897172bc502e88267878a6c9cfa1 /id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config | |
| parent | cb8ae73a6196813c3c749e4396977e5e1e3304b9 (diff) | |
| download | moa-id-spss-721d4261b72a12dc6147687d72b81738014be20b.tar.gz moa-id-spss-721d4261b72a12dc6147687d72b81738014be20b.tar.bz2 moa-id-spss-721d4261b72a12dc6147687d72b81738014be20b.zip | |
add jUnit simple test for AuthDataBuilder and foreign bPK generation
Diffstat (limited to 'id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config')
| -rw-r--r-- | id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/auth/data/UserWhitelistStore.java | 39 |
1 files changed, 29 insertions, 10 deletions
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/auth/data/UserWhitelistStore.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/auth/data/UserWhitelistStore.java index a90d71a18..a32159dd0 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/auth/data/UserWhitelistStore.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/auth/data/UserWhitelistStore.java @@ -18,6 +18,7 @@ import org.springframework.beans.factory.annotation.Autowired; import org.springframework.stereotype.Service; import at.gv.egovernment.moa.id.auth.modules.internal.tasks.UserRestrictionTask; +import at.gv.egovernment.moa.id.commons.MOAIDAuthConstants; import at.gv.egovernment.moa.id.commons.api.AuthConfiguration; import at.gv.egovernment.moa.id.commons.utils.KeyValueUtils; import at.gv.egovernment.moa.util.FileUtils; @@ -35,26 +36,44 @@ public class UserWhitelistStore { @PostConstruct private void initialize() { String whiteListUrl = authConfig.getBasicMOAIDConfiguration(UserRestrictionTask.CONFIG_PROPS_CSV_USER_FILE); - if (MiscUtil.isEmpty(whiteListUrl)) - Logger.debug("Do not initialize user whitelist. Reason: No configuration path to CSV file."); + String internalTarget = authConfig.getBasicMOAIDConfiguration(UserRestrictionTask.CONFIG_PROPS_CSV_USER_SECTOR); + if (MiscUtil.isEmpty(whiteListUrl) || MiscUtil.isEmpty(internalTarget)) + Logger.debug("Do not initialize user whitelist. Reason: NO configuration path to CSV file or NO internal bPK target for whitelist"); else { - absWhiteListUrl = FileUtils.makeAbsoluteURL(whiteListUrl, authConfig.getRootConfigFileDir()); - try { - InputStream is = new FileInputStream(new File(new URL(absWhiteListUrl).toURI())); + if (internalTarget.startsWith(MOAIDAuthConstants.PREFIX_CDID)) + internalTarget = internalTarget.substring(MOAIDAuthConstants.PREFIX_CDID.length()); + else if (internalTarget.startsWith(MOAIDAuthConstants.PREFIX_WPBK)) + internalTarget = internalTarget.substring(MOAIDAuthConstants.PREFIX_WPBK.length()); + else if (internalTarget.startsWith(MOAIDAuthConstants.PREFIX_EIDAS)) + internalTarget = internalTarget.substring(MOAIDAuthConstants.PREFIX_EIDAS.length()); + else { + Logger.warn("Sector: " + internalTarget + " is NOT supported for user whitelist."); + Logger.info("User whitelist-store MAY NOT contains all user from whitelist"); + } + + try { + absWhiteListUrl = new URL(FileUtils.makeAbsoluteURL(whiteListUrl, authConfig.getRootConfigFileDir())) + .toURI().toString().substring("file:".length()); + InputStream is = new FileInputStream(new File(absWhiteListUrl)); String whiteListString = IOUtils.toString(new InputStreamReader(is)); List<String> preWhitelist = KeyValueUtils.getListOfCSVValues(KeyValueUtils.normalizeCSVValueString(whiteListString)); + + //remove prefix if required for (String bPK : preWhitelist) { String[] bPKSplit = bPK.split(":"); if (bPKSplit.length == 1) whitelist.add(bPK); - else if (bPKSplit.length ==2 ) - whitelist.add(bPKSplit[1]); - - else + else if (bPKSplit.length ==2 ) { + if (internalTarget.equals(bPKSplit[0])) + whitelist.add(bPKSplit[1]); + else + Logger.info("Whitelist entry: " + bPK + " has an unsupported target. Entry will be removed ..."); + + } else Logger.info("Whitelist entry: " + bPK + " has an unsupported format. Entry will be removed ..."); } @@ -108,7 +127,7 @@ public class UserWhitelistStore { public boolean isUserbPKInWhitelistDynamic(String bPK, boolean onlyDynamic) { try { if (absWhiteListUrl != null) { - InputStream is = new FileInputStream(new File(new URL(absWhiteListUrl).toURI())); + InputStream is = new FileInputStream(new File(absWhiteListUrl)); String whiteListString = IOUtils.toString(new InputStreamReader(is)); if (whiteListString != null && whiteListString.contains(bPK)) { Logger.trace("Find user with dynamic whitelist check"); |