diff options
author | mcentner <mcentner@d688527b-c9ab-4aba-bd8d-4036d912da1d> | 2010-07-02 07:14:41 +0000 |
---|---|---|
committer | mcentner <mcentner@d688527b-c9ab-4aba-bd8d-4036d912da1d> | 2010-07-02 07:14:41 +0000 |
commit | 68af85701b6f797b0d662b89b95e043ee949defd (patch) | |
tree | 070935cdd1144aeeb8ce6adddd0da34a72e6ffef /id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/util | |
parent | 3d707db8bf4ec346b8ab6185b8e5ac5403bf2b0a (diff) | |
download | moa-id-spss-68af85701b6f797b0d662b89b95e043ee949defd.tar.gz moa-id-spss-68af85701b6f797b0d662b89b95e043ee949defd.tar.bz2 moa-id-spss-68af85701b6f797b0d662b89b95e043ee949defd.zip |
Merged branch 1.4.7_MOASP_TSL back into trunk.
git-svn-id: https://joinup.ec.europa.eu/svn/moa-idspss/trunk@1165 d688527b-c9ab-4aba-bd8d-4036d912da1d
Diffstat (limited to 'id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/util')
3 files changed, 191 insertions, 4 deletions
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/util/ParamValidatorUtils.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/util/ParamValidatorUtils.java new file mode 100644 index 000000000..684291c59 --- /dev/null +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/util/ParamValidatorUtils.java @@ -0,0 +1,158 @@ +package at.gv.egovernment.moa.id.util;
+
+import java.io.BufferedReader;
+import java.io.IOException;
+import java.io.InputStream;
+import java.io.InputStreamReader;
+import java.net.MalformedURLException;
+import java.net.URL;
+import java.util.regex.Matcher;
+import java.util.regex.Pattern;
+
+
+public class ParamValidatorUtils {
+
+ /**
+ * Checks if the given target is valid
+ * @param target HTTP parameter from request
+ * @return
+ */
+ public static boolean isValidTarget(String target) {
+
+ // if non parameter is given return true
+ if (target == null)
+ return true;
+
+ Pattern pattern = Pattern.compile("[a-zA-Z-]{1,5}");
+ Matcher matcher = pattern.matcher(target);
+ return matcher.matches();
+ }
+
+ /**
+ * Checks if the given bkuURI is valid
+ * @param target HTTP parameter from request
+ * @return
+ */
+ public static boolean isValidBKUURI(String bkuURI) {
+
+ // if non parameter is given return true
+ if (bkuURI == null)
+ return true;
+
+ // check if bkuURI is a valid URL
+ try {
+ new URL(bkuURI);
+ return true;
+ } catch (MalformedURLException e) {
+ return false;
+ }
+ }
+
+ /**
+ * Checks if the given template is valid
+ * @param target HTTP parameter from request
+ * @return
+ */
+ public static boolean isValidTemplate(String template) {
+
+ // if non parameter is given return true
+ if (template == null)
+ return true;
+
+ // check if template is a valid URL
+ try {
+ new URL(template);
+ return true;
+ } catch (MalformedURLException e) {
+ e.printStackTrace();
+ return false;
+ }
+ }
+
+ /**
+ * Checks if the given template is valid
+ * @param target HTTP parameter from request
+ * @return
+ */
+ public static boolean isValidSessionID(String sessionID) {
+
+ // if non parameter is given return true
+ if (sessionID == null)
+ return true;
+
+ Pattern pattern = Pattern.compile("[0-9-]*");
+ Matcher matcher = pattern.matcher(sessionID);
+ return matcher.matches();
+
+
+ }
+
+ /**
+ * Checks if the given oa is valid
+ * @param target HTTP parameter from request
+ * @return
+ */
+ public static boolean isValidOA(String oa) {
+
+ // if non parameter is given return true
+ if (oa == null)
+ return true;
+
+ // check if oa is a valid URL
+ try {
+ new URL(oa);
+ return true;
+ } catch (MalformedURLException e) {
+ return false;
+ }
+ }
+
+ /**
+ * Checks if <BKU>, <XMLRequest>, <DataURL>, <CertInfoXMLRequest>,
+ * <CertInfoDataURL> placeholders are contained in the given string.
+ * The placeholder <PushInfobox> is not checked, as it is only required,
+ * if other infoboxes as identity link will be treated.
+ * @param data
+ * @return
+ */
+ private static boolean checkPlaceHolders(String data) {
+
+ boolean bku = data.contains("<BKU>");
+ boolean xmlrequest = data.contains("<XMLRequest>");
+ boolean dataurl = data.contains("<DataURL>");
+ boolean certinfoxmlrequest = data.contains("<CertInfoXMLRequest>");
+ boolean certinfodataurl = data.contains("<CertInfoDataURL>");
+
+ System.out.println("Check Data: ");
+ System.out.println("bku: " + bku);
+ System.out.println("xmlrequest: " + xmlrequest);
+ System.out.println("dataurl: " + dataurl);
+ System.out.println("certinfoxmlrequest: " + certinfoxmlrequest);
+ System.out.println("certinfodataurl: " + certinfodataurl);
+
+
+ //return bku && xmlrequest && dataurl && certinfoxmlrequest && certinfodataurl;
+ return true;
+
+ }
+
+
+ /**
+ * Converts an input stream to a string
+ * @param is
+ * @return
+ * @throws Exception
+ */
+ private static String convertStreamToString(InputStream is) throws Exception {
+ BufferedReader reader = new BufferedReader(new InputStreamReader(is));
+ StringBuilder sb = new StringBuilder();
+ String line = null;
+ while ((line = reader.readLine()) != null) {
+ sb.append(line);
+ }
+ is.close();
+ return sb.toString();
+ }
+
+}
+
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/util/SSLUtils.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/util/SSLUtils.java index e287e7118..8799082b3 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/util/SSLUtils.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/util/SSLUtils.java @@ -69,10 +69,10 @@ public class SSLUtils { */ public static void initialize() { sslSocketFactories = new HashMap(); - // JSSE Abhängigkeit - //Security.addProvider(new com.sun.net.ssl.internal.ssl.Provider()); - Security.addProvider(new IAIK()); - //System.setProperty("java.protocol.handler.pkgs", "com.sun.net.ssl.internal.www.protocol"); + // JSSE Abhängigkeit + Security.addProvider(new com.sun.net.ssl.internal.ssl.Provider()); + //Security.addProvider(new IAIK()); + System.setProperty("java.protocol.handler.pkgs", "com.sun.net.ssl.internal.www.protocol"); } diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/util/ServletUtils.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/util/ServletUtils.java index 7fa3fe8f0..1915ce40a 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/util/ServletUtils.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/util/ServletUtils.java @@ -73,6 +73,35 @@ public class ServletUtils { Logger.debug("REDIRECT TO: " + redirectURL);
}
+ } + /** + * Writes out whether the CreateXMLSignatureRequest or a Redirect for form input processing + * depending on the requests starting text. + * + * @param resp The httpServletResponse + * @param session The current AuthenticationSession + * @param createXMLSignatureRequestOrRedirect The request + * @param servletGoal The servlet to which the redirect should happen + * @param servletName The servlet name for debug purposes + * @throws MOAIDException + * @throws IOException + */ + public static void writeCreateXMLSignatureRequest(HttpServletResponse resp, AuthenticationSession session, String createXMLSignatureRequestOrRedirect, String servletGoal, String servletName, String dataURL) + throws MOAIDException, + IOException + { + resp.setStatus(307); + resp.addHeader("Location", dataURL); + + //TODO test impact of explicit setting charset with older versions of BKUs (HotSign) + resp.setContentType("text/xml;charset=UTF-8"); + + OutputStream out = resp.getOutputStream(); + out.write(createXMLSignatureRequestOrRedirect.getBytes("UTF-8")); + out.flush(); + out.close(); + Logger.debug("Finished POST " + servletName); + }
}
|