move BKU Authentication preprocessing into a seperate task.

The GenerateIFrameTemplateServlet only put all request parameters into process-managment context

3 files changed, 55 insertions, 117 deletions

diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/parser/StartAuthentificationParameterParser.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/parser/StartAuthentificationParameterParser.java
index 998aa67eb..004961116 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/parser/StartAuthentificationParameterParser.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/parser/StartAuthentificationParameterParser.java
@@ -38,6 +38,7 @@ import at.gv.egovernment.moa.id.config.TargetToSectorNameMapper;
 import at.gv.egovernment.moa.id.config.auth.AuthConfigurationProviderFactory;
 import at.gv.egovernment.moa.id.config.auth.OAAuthParameter;
 import at.gv.egovernment.moa.id.moduls.IRequest;
+import at.gv.egovernment.moa.id.process.api.ExecutionContext;
 import at.gv.egovernment.moa.id.util.ParamValidatorUtils;
 import at.gv.egovernment.moa.logging.Logger;
 import at.gv.egovernment.moa.util.FileUtils;
@@ -279,7 +280,7 @@ public class StartAuthentificationParameterParser extends MOAIDAuthConstants{
 		
 	}
 	
-	public static void parse(HttpServletRequest req, HttpServletResponse resp, 
+	public static void parse(ExecutionContext ec, HttpServletRequest req, 
 			AuthenticationSession moasession, IRequest request) throws WrongParametersException, MOAIDException {
 		
 		
@@ -299,12 +300,12 @@ public class StartAuthentificationParameterParser extends MOAIDAuthConstants{
 		moasession.setAction(action);
 				
 		//get Parameters from request
-		String target = req.getParameter(PARAM_TARGET);
-	    String oaURL = req.getParameter(PARAM_OA);
-	    String bkuURL = req.getParameter(PARAM_BKU);
-	    String templateURL = req.getParameter(PARAM_TEMPLATE);
-	    String useMandate = req.getParameter(PARAM_USEMANDATE);
-	    String ccc = req.getParameter(PARAM_CCC);
+		String target = (String) ec.get(PARAM_TARGET);
+	    String oaURL = (String) ec.get(PARAM_OA);
+	    String bkuURL = (String) ec.get(PARAM_BKU);
+	    String templateURL = (String) ec.get(PARAM_TEMPLATE);
+	    String useMandate = (String) ec.get(PARAM_USEMANDATE);
+	    String ccc = (String) ec.get(PARAM_CCC);
 
 	    if (request.getOnlineApplicationConfiguration() != null &&
 	    		request.getOnlineApplicationConfiguration().isOnlyMandateAllowed()) {
@@ -313,8 +314,7 @@ public class StartAuthentificationParameterParser extends MOAIDAuthConstants{
 	    	useMandate = String.valueOf(request.getOnlineApplicationConfiguration().isOnlyMandateAllowed());
 	    	
 	    }
-	    	
-	    
+	    		    
 	    oaURL = request.getOAURL();
 	    target = request.getTarget();
 	    	    
@@ -332,4 +332,5 @@ public class StartAuthentificationParameterParser extends MOAIDAuthConstants{
 	private static boolean isEmpty(String param) {
 		return param == null || param.length() == 0;
 	}
+
 }
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/GenerateIFrameTemplateServlet.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/GenerateIFrameTemplateServlet.java
index 6feb0b260..2a63968dd 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/GenerateIFrameTemplateServlet.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/GenerateIFrameTemplateServlet.java
@@ -23,7 +23,9 @@
 package at.gv.egovernment.moa.id.auth.servlet;
 
 import java.io.IOException;
+import java.util.Enumeration;
 import java.util.List;
+import java.util.Map;
 
 import javax.servlet.ServletException;
 import javax.servlet.http.HttpServletRequest;
@@ -66,27 +68,13 @@ public class GenerateIFrameTemplateServlet extends AuthServlet {
     	String pendingRequestID = null;
 		
 	    try {
-	    	String bkuid = req.getParameter(MOAIDAuthConstants.PARAM_BKU);
-	    	String useMandate = req.getParameter(MOAIDAuthConstants.PARAM_USEMANDATE);
-	    	String ccc = req.getParameter(MOAIDAuthConstants.PARAM_CCC);
-	    	String moasessionid = req.getParameter(MOAIDAuthConstants.PARAM_SESSIONID);
-	    		    	
-	    	moasessionid = StringEscapeUtils.escapeHtml(moasessionid);
-	    	
-	    	AuthenticationSession moasession = null;
-
-	    	if (MiscUtil.isEmpty(bkuid) || MiscUtil.isEmpty(moasessionid)) {
-	    		Logger.warn("MOASessionID or BKU-type is empty. Maybe an old BKU-selection template is in use.");
-	    		throw new MOAIDException("auth.23", new Object[] {});
-	    	}
-	    	
+	    	String moasessionid = req.getParameter(MOAIDAuthConstants.PARAM_SESSIONID);	    		    
+	    	moasessionid = StringEscapeUtils.escapeHtml(moasessionid);	    	
+	    	AuthenticationSession moasession = null;	    	
 	    	try {	    		
-	    	    pendingRequestID = AuthenticationSessionStoreage.getPendingRequestID(moasessionid);
-			
+	    	    pendingRequestID = AuthenticationSessionStoreage.getPendingRequestID(moasessionid);			
 	    	    moasession = AuthenticationSessionStoreage.getSession(moasessionid);
-	    	    
-//	    	    AuthenticationSessionStoreage.changeSessionID(moasession);
-			
+	    	    			
 			} catch (MOADatabaseException e) {
 				Logger.info("MOASession with SessionID="+ moasessionid + " is not found in Database");
 				throw new MOAIDException("init.04", new Object[] {
@@ -97,89 +85,36 @@ public class GenerateIFrameTemplateServlet extends AuthServlet {
 				throw new MOAIDException("auth.18", new Object[] {});
 			}
 	    	
-	    	//load OA Config
-			OAAuthParameter oaParam = AuthConfigurationProviderFactory.getInstance()
-					.getOnlineApplicationParameter(moasession.getOAURLRequested());
-			
-			if (oaParam == null)
-				throw new AuthenticationException("auth.00", new Object[] { moasession.getOAURLRequested() });
-			
-			else {
-	    					
-				//get Target from config or from request in case of SAML 1				
-				String target = null;
-				IRequest pendingReq = RequestStorage.getPendingRequest(pendingRequestID);				
-				if (pendingReq == null) {
-					Logger.info("No PendingRequest with Id: " + pendingRequestID + " Maybe, a transaction timeout occure.");
-					throw new MOAIDException("auth.28", new Object[]{pendingRequestID});
-					
-				}
-				
-				MOAReversionLogger.getInstance().logEvent(pendingReq.getOnlineApplicationConfiguration(), 
-						pendingReq, MOAIDEventConstants.AUTHPROCESS_BKUTYPE_SELECTED, bkuid);
-				
-				if (MiscUtil.isNotEmpty(pendingReq.getTarget()) && 
-						pendingReq.requestedModule().equals("id_saml1"))
-					target = pendingReq.getTarget();
-				else
-					target = oaParam.getTarget();
-								
-		    	String bkuURL = oaParam.getBKUURL(bkuid);
-		    	if (MiscUtil.isEmpty(bkuURL)) {
-		    		Logger.info("No OA specific BKU defined. Use BKU from default configuration");
-		    		bkuURL = AuthConfigurationProviderFactory.getInstance().getDefaultBKUURL(bkuid);
-		    	}
-		    	
-		    	//search for OA specific template
-		    	String templateURL = null;
-		    	List<String> oaTemplateURLList = oaParam.getTemplateURL();
-		    	if ( oaTemplateURLList != null && oaTemplateURLList.size() > 0
-		    			&& MiscUtil.isNotEmpty(oaTemplateURLList.get(0)) ) {
-		    		templateURL = oaTemplateURLList.get(0);
-		    		
-		    	} else {		    	
-		    		templateURL = AuthConfigurationProviderFactory.getInstance().getSLRequestTemplates(bkuid);
-		    	}
-		    	
-		    	//make url absolut if it is a local url
-	    		if (MiscUtil.isNotEmpty(templateURL))
-	    			templateURL = FileUtils.makeAbsoluteURL(templateURL, 
-	    					AuthConfigurationProviderFactory.getInstance().getRootConfigFileDir());
-		    	
-		    	if (oaParam.isOnlyMandateAllowed()) 
-		    		useMandate = "true";
-		    	
-		    	if (!oaParam.isShowMandateCheckBox())
-		    		useMandate = "false";
-		    	
-		    	//parse all OA parameters i
-		    	StartAuthentificationParameterParser.parse(moasession, 
-		    											   target, 
-		    											   moasession.getOAURLRequested(),
-		    											   bkuURL,
-		    											   templateURL,
-		    											   useMandate,
-		    											   ccc, 
-		    											   moasession.getModul(),
-		    											   moasession.getAction(),
-		    											   req);
-			}
+
 
 			ExecutionContext ec = new ExecutionContextImpl();
-			// set execution context
-			ec.put("ccc", moasession.getCcc());
-			ec.put("useMandate", moasession.getUseMandate());
-			ec.put("bkuURL", moasession.getBkuURL());
+			// set execution context			
+			Enumeration<String> reqParamNames = req.getParameterNames();
+			while(reqParamNames.hasMoreElements()) {
+				String paramName = reqParamNames.nextElement();
+				if (MiscUtil.isNotEmpty(paramName))
+					ec.put(paramName, req.getParameter(paramName));
+				
+			}
+			
 			ec.put("pendingRequestID", pendingRequestID);
-
+			ec.put(MOAIDAuthConstants.PARAM_SESSIONID, moasessionid);
+			
+//	    	String bkuid = req.getParameter(MOAIDAuthConstants.PARAM_BKU);
+//	    	String useMandate = req.getParameter(MOAIDAuthConstants.PARAM_USEMANDATE);
+//	    	String ccc = req.getParameter(MOAIDAuthConstants.PARAM_CCC);
+//			ec.put("ccc", moasession.getCcc());
+//			ec.put("useMandate", moasession.getUseMandate());
+//			ec.put("bkuURL", moasession.getBkuURL());
+			
 			// select and create process instance
 			String processDefinitionId = ModuleRegistration.getInstance().selectProcess(ec);
-			String processInstanceId = getProcessEngine().createProcessInstance(processDefinitionId, ec);
-
 			if (processDefinitionId == null) {
 				Logger.warn("No suitable process found for SessionID " + moasession.getSessionID());
 				throw new MOAIDException("process.02", new Object[] { moasession.getSessionID() });
-			}
+			}			
+			
+			String processInstanceId = getProcessEngine().createProcessInstance(processDefinitionId, ec);
 
 			// keep process instance id in moa session
 			moasession.setProcessInstanceId(processInstanceId);
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/moduls/AuthenticationManager.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/moduls/AuthenticationManager.java
index 11fa2bb42..39cb5b9c8 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/moduls/AuthenticationManager.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/moduls/AuthenticationManager.java
@@ -28,6 +28,7 @@ import java.lang.reflect.InvocationTargetException;
 import java.security.NoSuchAlgorithmException;
 import java.util.ArrayList;
 import java.util.Collection;
+import java.util.Enumeration;
 import java.util.Iterator;
 import java.util.List;
 import java.util.Map.Entry;
@@ -623,21 +624,22 @@ public class AuthenticationManager extends MOAIDAuthConstants {
 		try {
 			
 			if (legacyallowed && legacyparamavail) {
-				
-				//parse request parameter into MOASession			
-				StartAuthentificationParameterParser.parse(request, response, moasession, target);
-								
-			    Logger.info("Start Authentication Module: " + moasession.getModul() 
-			    		+ " Action: " + moasession.getAction());
-	
-				// create execution context
+
+				// create execution context				
 				ExecutionContext executionContext = new ExecutionContextImpl();
-				executionContext.put("ccc", moasession.getCcc());
-				executionContext.put("useMandate", moasession.getUseMandate());
-				executionContext.put("bkuURL", moasession.getBkuURL());
-				executionContext.put(PARAM_SESSIONID, moasession.getSessionID());
+				executionContext.put(MOAIDAuthConstants.PARAM_SESSIONID, moasession.getSessionID());
 				executionContext.put("pendingRequestID", target.getRequestID());
-
+				
+				executionContext.put("isLegacyRequest", true);
+				
+				Enumeration<String> reqParamNames = request.getParameterNames();
+				while(reqParamNames.hasMoreElements()) {
+					String paramName = reqParamNames.nextElement();
+					if (MiscUtil.isNotEmpty(paramName))
+						executionContext.put(paramName, request.getParameter(paramName));
+					
+				}			
+				
 				// create process instance
 				String processDefinitionId = ModuleRegistration.getInstance().selectProcess(executionContext);
 
@@ -660,7 +662,7 @@ public class AuthenticationManager extends MOAIDAuthConstants {
 					throw new MOAIDException("init.04", new Object[] {
 							moasession.getSessionID()});
 				}
-
+				
 		    	// start process
 				processEngine.start(processInstanceId);