aboutsummaryrefslogtreecommitdiff
path: root/id/server/idserverlib/src/main
diff options
context:
space:
mode:
authorkstranacher <kstranacher@d688527b-c9ab-4aba-bd8d-4036d912da1d>2011-06-21 15:40:44 +0000
committerkstranacher <kstranacher@d688527b-c9ab-4aba-bd8d-4036d912da1d>2011-06-21 15:40:44 +0000
commit9bbe4aa713e2c38dcfba02880c9b2cb63e82a859 (patch)
tree614d8a454de5a3985c18ef00ce53f689107da14f /id/server/idserverlib/src/main
parent07449c789f2561bb768d111e5b7d2c14e5dec26f (diff)
downloadmoa-id-spss-9bbe4aa713e2c38dcfba02880c9b2cb63e82a859.tar.gz
moa-id-spss-9bbe4aa713e2c38dcfba02880c9b2cb63e82a859.tar.bz2
moa-id-spss-9bbe4aa713e2c38dcfba02880c9b2cb63e82a859.zip
* Update MOA-ID (Template Mechanismus für Online-Vollmachten inkl. MOA-ID Config)
* Update BK-Auswahl Howto * Update Default-Konfigurationen * Löschen von A1-Signatur Texten * Entfernung von tempates.war git-svn-id: https://joinup.ec.europa.eu/svn/moa-idspss/trunk@1206 d688527b-c9ab-4aba-bd8d-4036d912da1d
Diffstat (limited to 'id/server/idserverlib/src/main')
-rw-r--r--id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/AuthenticationServer.java6
-rw-r--r--id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/builder/AuthenticationBlockAssertionBuilder.java7
-rw-r--r--id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/builder/CreateXMLSignatureRequestBuilder.java54
-rw-r--r--id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/builder/GetIdentityLinkFormBuilder.java235
-rw-r--r--id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/builder/SAMLArtifactBuilder.java9
-rw-r--r--id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/data/AuthenticationSession.java7
-rw-r--r--id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/GetMISSessionIDServlet.java10
-rw-r--r--id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/VerifyAuthenticationBlockServlet.java5
-rw-r--r--id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/ConfigurationBuilder.java91
-rw-r--r--id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/OnlineMandatesTemplates.java54
-rw-r--r--id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/auth/OAAuthParameter.java24
-rw-r--r--id/server/idserverlib/src/main/resources/resources/properties/id_messages_de.properties1
12 files changed, 424 insertions, 79 deletions
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/AuthenticationServer.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/AuthenticationServer.java
index a772e0457..af7841321 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/AuthenticationServer.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/AuthenticationServer.java
@@ -291,6 +291,7 @@ public class AuthenticationServer implements MOAIDAuthConstants {
* may be <code>null</code>; in this case, the default location will be used
* @param useMandate Indicates if mandate is used or not
* @param templateURL URL providing an HTML template for the HTML form generated
+ * @param templateMandteURL URL providing an HTML template for the HTML form generated (for signing in mandates mode)
* @param scheme determines the protocol used
* @return HTML form
* @throws AuthenticationException
@@ -391,6 +392,8 @@ public class AuthenticationServer implements MOAIDAuthConstants {
ex);
}
}
+
+
String pushInfobox = "";
VerifyInfoboxParameters verifyInfoboxParameters = oaParam.getVerifyInfoboxParameters();
if (verifyInfoboxParameters != null) {
@@ -887,6 +890,8 @@ public class AuthenticationServer implements MOAIDAuthConstants {
session.setExtendedSAMLAttributesAUTH(new Vector()); // Initialize SAML Attributes
session.setExtendedSAMLAttributesOA(new Vector());
+ //System.out.println("SAML set: " + session.getExtendedSAMLAttributesAUTH().size());
+
if (verifyInfoboxParameters != null) {
infoboxParameters = verifyInfoboxParameters.getInfoboxParameters();
@@ -1720,6 +1725,7 @@ public class AuthenticationServer implements MOAIDAuthConstants {
}
AuthenticationData authData = null;
synchronized (authenticationDataStore) {
+ System.out.println("assertionHandle: " + assertionHandle);
authData = (AuthenticationData) authenticationDataStore.get(assertionHandle);
if (authData == null) {
Logger.error("Assertion not found for SAML Artifact: " + samlArtifact);
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/builder/AuthenticationBlockAssertionBuilder.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/builder/AuthenticationBlockAssertionBuilder.java
index bab387b4a..d105c3206 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/builder/AuthenticationBlockAssertionBuilder.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/builder/AuthenticationBlockAssertionBuilder.java
@@ -190,9 +190,12 @@ public class AuthenticationBlockAssertionBuilder extends AuthenticationAssertion
}
ExtendedSAMLAttribute bpkAttribute =
new ExtendedSAMLAttributeImpl("bPK", bpkSamlValueElement, Constants.MOA_NS_URI, ExtendedSAMLAttribute.ADD_TO_AUTHBLOCK_ONLY);
-
+
+ System.out.println("extendedSAMLAttributes: " + extendedSAMLAttributes.size());
+
extendedSAMLAttributes.add(bpkAttribute);
- //gebeORwbpk = gebeORwbpk + MessageFormat.format(BPK_ATTRIBUTE, new Object[] { identityLinkValue, identityLinkType });
+
+ //gebeORwbpk = gebeORwbpk + MessageFormat.format(BPK_ATTRIBUTE, new Object[] { identityLinkValue, identityLinkType });
wbpkNSDeclaration = " xmlns:pr=\"" + PD_NS_URI + "\"";
//..BZ
}
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/builder/CreateXMLSignatureRequestBuilder.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/builder/CreateXMLSignatureRequestBuilder.java
index c61e2dd84..4d29c9135 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/builder/CreateXMLSignatureRequestBuilder.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/builder/CreateXMLSignatureRequestBuilder.java
@@ -152,8 +152,8 @@ public class CreateXMLSignatureRequestBuilder implements Constants {
// request += "</style>";
request += "</head>";
request += "<body>";
- request += "<h4 class=\"h4style\">Authentication Data:</h4>";
- request += "<p class=\"titlestyle\">Personal Data</p>";
+ request += "<h4 class=\"h4style\">Anmeldedaten für (Requesting Application Access for):</h4>";
+ request += "<p class=\"titlestyle\">Persönliche Daten (Personal Data)</p>";
request += "<table class=\"parameters\">";
request += "<tr>";
request += "<td class=\"italicstyle\">Name:</td>";
@@ -162,21 +162,21 @@ public class CreateXMLSignatureRequestBuilder implements Constants {
request += "</td>";
request += "</tr>";
request += "</table>";
- request += "<p class=\"titlestyle\">Application Data</p>";
+ request += "<p class=\"titlestyle\">Daten zur Anwendung (Application Data)</p>";
request += "<table class=\"parameters\">";
request += "<tr>";
- request += "<td class=\"italicstyle\">Name:</td>";
+ request += "<td class=\"italicstyle\">Dienst (Service):</td>";
request += "<td class=\"normalstyle\">";
// friendlyname from OA
request += StringUtils.isEmpty(oaParam.getFriendlyName()) ? "" : oaParam.getFriendlyName();
request += "</td>";
request += "</tr>";
request += "<tr>";
- request += "<td class=\"italicstyle\">Country:</td>";
- request += "<td class=\"normalstyle\">Austria</td>";
+ request += "<td class=\"italicstyle\">Land (Country):</td>";
+ request += "<td class=\"normalstyle\">Österreich (Austria)</td>";
request += "</tr>";
request += "</table>";
- request += "<p class=\"titlestyle\">Technical Parameters</p>";
+ request += "<p class=\"titlestyle\">Technische Parameter (Technical Parameters)</p>";
request += "<table class=\"parameters\">";
request += "<tr>";
request += "<td class=\"italicstyle\">URL:</td>";
@@ -203,7 +203,7 @@ public class CreateXMLSignatureRequestBuilder implements Constants {
// OA is publicservice
request += "<tr>";
request += "<td class=\"italicstyle\">";
- request += "Sector:</td>";
+ request += "Sektor (Sector):</td>";
request += "<td class=\"normalstyle\">";
request += target + " (" + sectorName + ")";
request += "</td>";
@@ -212,27 +212,45 @@ public class CreateXMLSignatureRequestBuilder implements Constants {
}
request += "<tr>";
- request += "<td class=\"italicstyle\">Date:</td>";
+ request += "<td class=\"italicstyle\">Datum (Date):</td>";
request += "<td class=\"normalstyle\">";
request += date;
request += "</td>";
request += "</tr>";
request += "<tr>";
- request += "<td class=\"italicstyle\">Time:</td>";
+ request += "<td class=\"italicstyle\">Zeit (Time):</td>";
request += "<td class=\"normalstyle\">";
request += time;
request += "</td>";
request += "</tr>";
request += "</table>";
- request += "<p class=\"normalstyle\">I hereby request to access this e-government application by using my " +
- "domestic electronic identity. <br/>" +
- "I further affirm that I am not yet registered with the Austrian Central " +
- "Residents Registry and that I am not obliged to register with the Austrian " +
- "Central Residents Registry according to Austrian law.<br/>" +
- "In the event I am not yet registered with the Supplementary Register, I " +
- "explicitly grant to do so according to §6 (5) E-Government Act (EGovG, idF: " +
- "BGBl. I Nr. 7/2008 und BGBl. I Nr. 59/2008).</p>";
+ request += "<p class=\"normalstyle\">Mit der Anmeldung erfolgt eine Abfrage des Ergänzungsregister für " +
+ "natürliche Personen (ERnP), damit ich meinen elektronischen " +
+ "Identitätsnachweis (meine elektronische Identitätskarte) unmittelbar " +
+ "als Österreichische Bürgerkarte verwenden kann. Ich bin nicht im " +
+ "Zentralen Melderegister eingetragen und stimme, sofern ich nicht im " +
+ "ERnP eingetragen bin, einer Eintragung ins ERnP zu. Ich nehme zur " +
+ "Kenntnis, dass die Eintragung ins ERnP ausschließlich der Aufzeichnung " +
+ "jener Daten, die für die eindeutige Identität notwendig sind, dient.</p>";
+
+ request += "<p class=\"normalstyle\">I affirm that I am not registered with the Austrian Central " +
+ "Register of Residents or the Supplementary Register for Natural Persons. I therefore " +
+ "apply for registration in the Supplementary Register for Natural Persons in order to use " +
+ "my electronic identity (my electronic ID card) as an Austrian citizen card. I take note " +
+ "that registration in the Supplementary Register for Natural Persons solely serves keeping " +
+ "records of those data that are used for validation of unique identity and that those data " +
+ "is only used for e-government purposes.</p>";
+
+
+// request += "<p class=\"normalstyle\">I hereby request to access this e-government application by using my " +
+// "domestic electronic identity. <br/>" +
+// "I further affirm that I am not yet registered with the Austrian Central " +
+// "Residents Registry and that I am not obliged to register with the Austrian " +
+// "Central Residents Registry according to Austrian law.<br/>" +
+// "In the event I am not yet registered with the Supplementary Register, I " +
+// "explicitly grant to do so according to §6 (5) E-Government Act (EGovG, idF: " +
+// "BGBl. I Nr. 7/2008 und BGBl. I Nr. 59/2008).</p>";
request += "</body>";
request += "</html>";
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/builder/GetIdentityLinkFormBuilder.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/builder/GetIdentityLinkFormBuilder.java
index 9bab8643f..dcaed084a 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/builder/GetIdentityLinkFormBuilder.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/builder/GetIdentityLinkFormBuilder.java
@@ -15,11 +15,19 @@
*/
package at.gv.egovernment.moa.id.auth.builder;
+import java.io.BufferedReader;
import java.io.IOException;
import java.io.StringReader;
import java.io.StringWriter;
+import at.gv.egovernment.moa.id.AuthenticationException;
import at.gv.egovernment.moa.id.BuildException;
+import at.gv.egovernment.moa.id.config.ConfigurationException;
+import at.gv.egovernment.moa.id.config.OnlineMandatesTemplates;
+import at.gv.egovernment.moa.id.config.auth.AuthConfigurationProvider;
+import at.gv.egovernment.moa.id.config.auth.OAAuthParameter;
+import at.gv.egovernment.moa.logging.Logger;
+import at.gv.egovernment.moa.util.FileUtils;
/**
* Builder for HTML form requesting the security layer implementation
@@ -43,6 +51,8 @@ public class GetIdentityLinkFormBuilder extends Builder {
private static final String CERTINFO_DATAURL_TAG = "<CertInfoDataURL>";
/** special tag in the HTML template to be substituted for the infoboxes to be pushed from the BKU */
private static final String PUSHINFOBOX_TAG = "<PushInfobox>";
+ /** special tag in the HTML template to be substituted for the BKU URL */
+ private static final String MANDATE_TAG = "<Mandate>";
/** private static int all contains the representation to replace all tags*/
private static final int ALL = -1;
@@ -83,48 +93,101 @@ public class GetIdentityLinkFormBuilder extends Builder {
"</body>" + nl +
"</html>";
- /** default HTML template */
- private static final String DEFAULT_HTML_TEMPLATE_FOR_MANDATES =
+ /** default HTML template for mandates */
+ private static final String DEFAULT_HTML_TEMPLATE_FOR_MANDATES_OLD =
"<html>" + nl +
"<head>" + nl +
- "<meta http-equiv=\"content-type\" content=\"text/html; charset=UTF-8\">" + nl +
+ "<meta http-equiv=\"content-type\" content=\"text/html; charset=UTF-8\">" + nl +
"<title>Vollmachten-Anmeldung</title>" + nl +
- "<script type=\"text/javascript\">" + nl +
- "window.onload=function() {" + nl +
- "document.VollmachtenForm.submit();" + nl +
- "document.VollmachtenForm.Senden.disabled=true;" + nl +
- "return;" + nl +
- "}" + nl +
- "</script>" + nl +
- "</head>" + nl +
- "<body>" + nl +
- "<form name=\"VollmachtenForm\"" + nl +
- " action=\"" + BKU_TAG + "\"" + nl +
- " method=\"post\">" + nl +
- " <input type=\"hidden\" " + nl +
- " name=\"XMLRequest\"" + nl +
- " value=\"" + XMLREQUEST_TAG + "\"/>" + nl +
- " <input type=\"hidden\" " + nl +
- " name=\"DataURL\"" + nl +
- " value=\"" + DATAURL_TAG + "\"/>" + nl +
- " <input type=\"hidden\" " + nl +
- " name=\"PushInfobox\"" + nl +
- " value=\"" + PUSHINFOBOX_TAG + "\"/>" + nl +
- " <input type=\"submit\" value=\"Starte Signatur\" name=\"Senden\"/>" + nl +
- "</form>" + nl +
- "<form name=\"CertificateInfoForm\"" + nl +
- " action=\"" + BKU_TAG + "\"" + nl +
- " method=\"post\">" + nl +
- " <input type=\"hidden\" " + nl +
- " name=\"XMLRequest\"" + nl +
- " value=\"" + CERTINFO_XMLREQUEST_TAG + "\"/>" + nl +
- " <input type=\"hidden\" " + nl +
- " name=\"DataURL\"" + nl +
- " value=\"" + CERTINFO_DATAURL_TAG + "\"/>" + nl +
-// " <input type=\"submit\" value=\"Information zu Wurzelzertifikaten\"/>" + nl +
- " <input type=\"hidden\" value=\"Information zu Wurzelzertifikaten\"/>" + nl +
- "</form>" + nl +
- "</body>" + nl +
+ "<script language=\"javascript\">" + nl +
+ " function fillFrame() {" + nl +
+ " var f = top.frames['mandate'];" + nl +
+ " with (f.document) {" + nl +
+ " open();" + nl +
+ " <Mandate>" + nl +
+ " close();" + nl +
+ " }" + nl +
+ " }" + nl +
+ "</script>" + nl +
+ "</head>" + nl +
+ "<body onLoad=\"fillFrame(); return false;\">" + nl +
+ "<h2>Vollmachten-Anmeldung</h2>" + nl +
+ "<iframe name=\"mandate\" src=\"\" frameborder=\"0\" width=\"250\" height=\"400\"></iframe>" + nl +
+ "</body>" + nl +
+ "</html>";
+
+
+ /** default HTML template - iFrame */
+ private static final String DEFAULT_HTML_TEMPLATE_IFRAME_FOR_MANDATES_OLD =
+ "<html>" +
+ "<head>" +
+ //"<base target=\"_parent\">" +
+ "<meta http-equiv=\"content-type\" content=\"text/html; charset=UTF-8\">" +
+ "<title>Vollmachten-Anmeldung</title>" +
+ "</head>" +
+ "<body onLoad=\"document.VollmachtenForm.submit();\">" +
+ "<form name=\"VollmachtenForm\"" +
+ " action=\"" + BKU_TAG + "\"" +
+ " method=\"post\">" +
+ " <input type=\"hidden\" " +
+ " name=\"XMLRequest\"" +
+ " value=\"" + XMLREQUEST_TAG + "\"/>" +
+ " <input type=\"hidden\" " +
+ " name=\"DataURL\"" +
+ " value=\"" + DATAURL_TAG + "\"/>" +
+ " <input type=\"hidden\" " +
+ " name=\"PushInfobox\"" +
+ " value=\"" + PUSHINFOBOX_TAG + "\"/>" +
+ " <input type=\"submit\" value=\"Starte Signatur\" name=\"Senden\"/>" +
+ "</form>" +
+ "<form name=\"CertificateInfoForm\"" +
+ " action=\"" + BKU_TAG + "\"" +
+ " method=\"post\">" +
+ " <input type=\"hidden\" " +
+ " name=\"XMLRequest\"" +
+ " value=\"" + CERTINFO_XMLREQUEST_TAG + "\"/>" +
+ " <input type=\"hidden\" " +
+ " name=\"DataURL\"" +
+ " value=\"" + CERTINFO_DATAURL_TAG + "\"/>" +
+ " <input type=\"hidden\" value=\"Information zu Wurzelzertifikaten\"/>" +
+ "</form>" +
+ "</body>" +
+ "</html>";
+
+ /** default HTML template for Online mandates */
+ private static final String DEFAULT_HTML_TEMPLATE_IFRAME_FOR_MANDATES =
+ "<html>" +
+ "<head>" +
+ "<meta http-equiv=\"content-type\" content=\"text/html; charset=UTF-8\">" +
+ "<title>Vollmachten-Anmeldung</title>" +
+ "</head>" +
+ "<body onLoad=\"document.VollmachtenForm.submit();\">" +
+ "<form name=\"VollmachtenForm\"" +
+ " action=\"" + BKU_TAG + "\"" +
+ " method=\"post\">" +
+ " <input type=\"hidden\" " +
+ " name=\"XMLRequest\"" +
+ " value=\"" + XMLREQUEST_TAG + "\"/>" +
+ " <input type=\"hidden\" " +
+ " name=\"DataURL\"" +
+ " value=\"" + DATAURL_TAG + "\"/>" +
+ " <input type=\"hidden\" " +
+ " name=\"PushInfobox\"" +
+ " value=\"" + PUSHINFOBOX_TAG + "\"/>" +
+ " <input type=\"submit\" value=\"Starte Signatur\" name=\"Senden\"/>" +
+ "</form>" +
+ "<form name=\"CertificateInfoForm\"" +
+ " action=\"" + BKU_TAG + "\"" +
+ " method=\"post\">" +
+ " <input type=\"hidden\" " +
+ " name=\"XMLRequest\"" +
+ " value=\"" + CERTINFO_XMLREQUEST_TAG + "\"/>" +
+ " <input type=\"hidden\" " +
+ " name=\"DataURL\"" +
+ " value=\"" + CERTINFO_DATAURL_TAG + "\"/>" +
+ " <input type=\"hidden\" value=\"Information zu Wurzelzertifikaten\"/>" +
+ "</form>" +
+ "</body>" +
"</html>";
/**
@@ -167,25 +230,101 @@ public class GetIdentityLinkFormBuilder extends Builder {
/**
* Builds the HTML form, including XML Request and data URL as parameters.
*
- * @param htmlTemplate template to be used for the HTML form;
- * may be <code>null</code>, in this case a default layout will be produced
* @param xmlRequest XML Request to be sent as a parameter in the form
* @param bkuURL URL of the "B&uuml;rgerkartenumgebung" the form will be submitted to;
* may be <code>null</code>, in this case the default URL will be used
* @param dataURL DataURL to be sent as a parameter in the form
*/
public String buildCreateSignature(
- String bkuURL,
+ String bkuURL,
String xmlRequest,
- String dataURL)
+ String dataURL,
+ String oaUrl)
throws BuildException
{
- String htmlForm = DEFAULT_HTML_TEMPLATE_FOR_MANDATES;
- htmlForm = replaceTag(htmlForm, BKU_TAG, bkuURL, true, ALL);
- htmlForm = replaceTag(htmlForm, XMLREQUEST_TAG, encodeParameter(xmlRequest), true, ALL);
- htmlForm = replaceTag(htmlForm, DATAURL_TAG, dataURL, true, ALL);
- return htmlForm;
+ String htmlForm = "";
+ OAAuthParameter oaParam;
+ try {
+ oaParam = AuthConfigurationProvider.getInstance().getOnlineApplicationParameter(oaUrl);
+ } catch (ConfigurationException e) {
+ Logger.error("Error on building HTMl form for online mandates: " + e.getMessage());
+ throw new BuildException("builder.03", null);
+ }
+
+ OnlineMandatesTemplates[] templatesOnlineMandates = oaParam.getTemplateOnlineMandates();
+ if (templatesOnlineMandates == null) {
+ // no templates given
+ htmlForm = DEFAULT_HTML_TEMPLATE_IFRAME_FOR_MANDATES;
+ htmlForm = replaceTag(htmlForm, BKU_TAG, bkuURL, true, ALL);
+ htmlForm = replaceTag(htmlForm, XMLREQUEST_TAG, encodeParameter(xmlRequest), true, ALL);
+ htmlForm = replaceTag(htmlForm, DATAURL_TAG, dataURL, true, ALL);
+ } else {
+ String moaidTemplateUrl = null;
+ String mandateTemplateUrl = null;
+ // check for configured bku URL
+ for (int i = 0; i < templatesOnlineMandates.length; i++) {
+ if (templatesOnlineMandates[i].getBkuURL().compareToIgnoreCase(bkuURL) == 0) {
+ moaidTemplateUrl = templatesOnlineMandates[i].getMoaIdTemplateURL();
+ mandateTemplateUrl = templatesOnlineMandates[i].getMandatesTemplateURL();
+ }
+ }
+ if (moaidTemplateUrl == null || mandateTemplateUrl == null) {
+ Logger.debug("Configured and used BKU URL are not equal. So standard template is used.");
+ htmlForm = DEFAULT_HTML_TEMPLATE_IFRAME_FOR_MANDATES;
+ htmlForm = replaceTag(htmlForm, BKU_TAG, bkuURL, true, ALL);
+ htmlForm = replaceTag(htmlForm, XMLREQUEST_TAG, encodeParameter(xmlRequest), true, ALL);
+ htmlForm = replaceTag(htmlForm, DATAURL_TAG, dataURL, true, ALL);
+ } else {
+ // use configured templates
+ String moaidTemplate;
+ String mandateTemplate;
+ try {
+ moaidTemplate = new String(FileUtils.readURL(moaidTemplateUrl));
+ } catch (IOException ex) {
+ throw new BuildException("auth.03", new Object[] { moaidTemplateUrl, ex.toString()},ex);
+ }
+ try {
+ mandateTemplate = new String(FileUtils.readURL(mandateTemplateUrl));
+ } catch (IOException ex) {
+ throw new BuildException("auth.03", new Object[] { mandateTemplateUrl, ex.toString()},ex);
+ }
+
+
+ // Mandatem template with iFrame
+ htmlForm = mandateTemplate;
+
+
+ // HTML form with XML signature request, which is filled into the iFrame
+ String htmlFormiFrame = moaidTemplate;
+ htmlFormiFrame = replaceTag(htmlFormiFrame, BKU_TAG, bkuURL, true, ALL);
+ htmlFormiFrame = replaceTag(htmlFormiFrame, XMLREQUEST_TAG, encodeParameter(xmlRequest), true, ALL);
+ htmlFormiFrame = replaceTag(htmlFormiFrame, DATAURL_TAG, dataURL, true, ALL);
+ htmlFormiFrame = htmlFormiFrame.replaceAll("\"", "\\\"");
+ htmlFormiFrame = htmlFormiFrame.replaceAll("'", "\\\\'");
+
+ // add writeln('[data]') for each line in the iframe
+ BufferedReader reader = new BufferedReader(new StringReader(htmlFormiFrame));
+ String str;
+ String htmlFormiFrameWriteLn = "";
+ try {
+ while ((str = reader.readLine()) != null) {
+ if (str.length() > 0)
+ htmlFormiFrameWriteLn += "writeln('" + str + "');";
+ }
+ } catch(IOException e) {
+ throw new BuildException("builder.03", null);
+ }
+
+ htmlForm = replaceTag(htmlForm, MANDATE_TAG, htmlFormiFrameWriteLn, true, ALL);
+
+ }
+
+ }
+
+ return htmlForm;
+
}
+
/**
* Encodes a string for inclusion as a parameter in the form.
* Double quotes are substituted by <code>"&amp;quot;"</code>.
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/builder/SAMLArtifactBuilder.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/builder/SAMLArtifactBuilder.java
index f0e9c7484..c94eb0b25 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/builder/SAMLArtifactBuilder.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/builder/SAMLArtifactBuilder.java
@@ -64,6 +64,10 @@ public class SAMLArtifactBuilder {
byte[] sourceID;
// alternative sourceId
String alternativeSourceID = AuthConfigurationProvider.getInstance().getGenericConfigurationParameter(GENERIC_CONFIG_PARAM_SOURCEID);
+
+ System.out.println("alternativeSourceID: " + alternativeSourceID);
+ System.out.println("authURL: " + authURL);
+
if (!ParepUtils.isEmpty(alternativeSourceID)) {
// if generic config parameter "AuthenticationServer.SourceID" is given, use that sourceID instead of authURL;
sourceID = md.digest(alternativeSourceID.getBytes());
@@ -71,6 +75,9 @@ public class SAMLArtifactBuilder {
} else {
sourceID = md.digest(authURL.getBytes());
}
+
+ System.out.println("sourceID: " + new String(sourceID));
+
byte[] assertionHandle = md.digest(sessionID.getBytes());
ByteArrayOutputStream out = new ByteArrayOutputStream(42);
out.write(0);
@@ -78,7 +85,9 @@ public class SAMLArtifactBuilder {
out.write(sourceID, 0, 20);
out.write(assertionHandle, 0, 20);
byte[] samlArtifact = out.toByteArray();
+ System.out.println("samlArtifact: " + new String(samlArtifact));
String samlArtifactBase64 = Base64Utils.encode(samlArtifact);
+ System.out.println("samlArtifact Base64: " + samlArtifactBase64);
return samlArtifactBase64;
}
catch (Throwable ex) {
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/data/AuthenticationSession.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/data/AuthenticationSession.java
index 554b5012e..3d040d476 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/data/AuthenticationSession.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/data/AuthenticationSession.java
@@ -64,6 +64,7 @@ public class AuthenticationSession {
* HTML template URL
*/
private String templateURL;
+
/**
* URL of the BKU
*/
@@ -363,14 +364,16 @@ public class AuthenticationSession {
public String getTemplateURL() {
return templateURL;
}
-
+
+
/**
* @param string the template URL
*/
public void setTemplateURL(String string) {
templateURL = string;
}
-
+
+
/**
* Returns the SAML Attributes to be appended to the AUTHBlock. Maybe <code>null</code>.
*
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/GetMISSessionIDServlet.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/GetMISSessionIDServlet.java
index 4c0abdb0f..0270eb3cb 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/GetMISSessionIDServlet.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/GetMISSessionIDServlet.java
@@ -16,6 +16,7 @@ import javax.servlet.http.HttpServletResponse;
import org.apache.commons.fileupload.FileUploadException;
import org.apache.commons.lang.StringEscapeUtils;
+import at.gv.egovernment.moa.id.AuthenticationException;
import at.gv.egovernment.moa.id.BuildException;
import at.gv.egovernment.moa.id.MOAIDException;
import at.gv.egovernment.moa.id.auth.AuthenticationServer;
@@ -32,6 +33,7 @@ import at.gv.egovernment.moa.id.util.client.mis.simple.MISMandate;
import at.gv.egovernment.moa.id.util.client.mis.simple.MISSimpleClient;
import at.gv.egovernment.moa.id.util.client.mis.simple.MISSimpleClientException;
import at.gv.egovernment.moa.logging.Logger;
+import at.gv.egovernment.moa.util.FileUtils;
/**
* Servlet requested for getting the foreign eID
@@ -143,8 +145,8 @@ public class GetMISSessionIDServlet extends AuthServlet {
session.getSessionID());
Logger.debug(createXMLSignatureRequestOrRedirect);
-
- String request = getHTMLForm(createXMLSignatureRequestOrRedirect, session.getBkuURL(), dataurl);
+
+ String request = getHTMLForm(createXMLSignatureRequestOrRedirect, session.getBkuURL(), dataurl, session.getPublicOAURLPrefix());
resp.setContentType("text/html;charset=UTF-8");
PrintWriter out = new PrintWriter(resp.getOutputStream());
@@ -164,8 +166,8 @@ public class GetMISSessionIDServlet extends AuthServlet {
}
}
- private static String getHTMLForm(String request, String bkuURI, String dataURL) throws BuildException {
- return new GetIdentityLinkFormBuilder().buildCreateSignature(bkuURI, request, dataURL);
+ private static String getHTMLForm(String request, String bkuURI, String dataURL, String oaUrl) throws BuildException {
+ return new GetIdentityLinkFormBuilder().buildCreateSignature(bkuURI, request, dataURL, oaUrl);
}
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/VerifyAuthenticationBlockServlet.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/VerifyAuthenticationBlockServlet.java
index f1fb15be0..44a1f3098 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/VerifyAuthenticationBlockServlet.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/VerifyAuthenticationBlockServlet.java
@@ -102,6 +102,7 @@ public class VerifyAuthenticationBlockServlet extends AuthServlet {
resp.setHeader(MOAIDAuthConstants.HEADER_PRAGMA,MOAIDAuthConstants.HEADER_VALUE_PRAGMA);
resp.setHeader(MOAIDAuthConstants.HEADER_CACHE_CONTROL,MOAIDAuthConstants.HEADER_VALUE_CACHE_CONTROL);
resp.addHeader(MOAIDAuthConstants.HEADER_CACHE_CONTROL,MOAIDAuthConstants.HEADER_VALUE_CACHE_CONTROL_IE);
+
Map parameters;
try
@@ -142,8 +143,10 @@ public class VerifyAuthenticationBlockServlet extends AuthServlet {
}
resp.setContentType("text/html");
resp.setStatus(302);
- resp.addHeader("Location", redirectURL);
+
+ resp.addHeader("Location", redirectURL);
Logger.debug("REDIRECT TO: " + redirectURL);
+
}
catch (MOAIDException ex) {
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/ConfigurationBuilder.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/ConfigurationBuilder.java
index b5275cdd5..5a598b03d 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/ConfigurationBuilder.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/ConfigurationBuilder.java
@@ -94,6 +94,13 @@ public class ConfigurationBuilder {
/** an XPATH-Expression */
protected static final String AUTH_TEMPLATE_XPATH =
ROOT + CONF + "AuthComponent/" + CONF + "Templates/" + CONF + "Template/@URL";
+ /** an XPATH-Expression */
+ public static final String AUTH_TEMPLATE_ONLINEMANDATES_BKU_XPATH =
+ ROOT + CONF + "AuthComponent/" + CONF + "Templates/" + CONF + "OnlineMandates/" + CONF + "BKU";
+
+
+ //protected static final String AUTH_MANDATE_TEMPLATE_XPATH =
+// ROOT + CONF + "AuthComponent/" + CONF + "Templates/" + CONF + "MandateTemplate/@URL";
/** an XPATH-Expression */
protected static final String INPUT_PROCESSOR_TEMPLATE_XPATH =
ROOT + CONF + "AuthComponent/" + CONF + "Templates/" + CONF + "InputProcessorSignTemplate/@URL";
@@ -145,6 +152,11 @@ public class ConfigurationBuilder {
/** an XPATH-Expression */
protected static final String OA_AUTH_COMPONENT_TEMPLATE_XPATH =
CONF + "Templates/" + CONF + "Template/@URL";
+ /** an XPATH-Expression */
+ public static final String OA_AUTH_COMPONENT_TEMPLATE_ONLINEMANDATES_BKU_XPATH =
+ CONF + "Templates/" + CONF + "OnlineMandates/" + CONF + "BKU";
+ //protected static final String OA_AUTH_COMPONENT_MANDATE_TEMPLATE_XPATH =
+ //CONF + "Templates/" + CONF + "MandateTemplate/@URL";
/** an XPATH-Expression */
protected static final String OA_AUTH_COMPONENT_TRANSFORMS_INFO_FILENAME_XPATH = CONF + "TransformsInfo/@filename";
/** an XPATH-Expression */
@@ -465,10 +477,12 @@ public class ConfigurationBuilder {
String bkuSelectionTemplateURL =
XPathUtils.getAttributeValue(configElem_, AUTH_BKUSELECT_TEMPLATE_XPATH, null);
String templateURL =
- XPathUtils.getAttributeValue(configElem_, AUTH_TEMPLATE_XPATH, null);
+ XPathUtils.getAttributeValue(configElem_, AUTH_TEMPLATE_XPATH, null);
String inputProcessorSignTemplateURL =
XPathUtils.getAttributeValue(configElem_, INPUT_PROCESSOR_TEMPLATE_XPATH, null);
+ OnlineMandatesTemplates[] templatesOnlineMandates = buildTemplateOnlineMandates(configElem_);
+
List OA_set = new ArrayList();
NodeList OAIter = XPathUtils.selectNodeList(configElem_, OA_XPATH);
@@ -536,7 +550,9 @@ public class ConfigurationBuilder {
oap.setProvideIdentityLink(BoolUtils.valueOf(authComponent.getAttribute("provideIdentityLink")));
oap.setProvideCertificate(BoolUtils.valueOf(authComponent.getAttribute("provideCertificate")));
oap.setBkuSelectionTemplateURL(buildTemplateURL(authComponent, OA_AUTH_COMPONENT_BKUSELECT_TEMPLATE_XPATH, bkuSelectionTemplateURL));
- oap.setTemplateURL(buildTemplateURL(authComponent, OA_AUTH_COMPONENT_TEMPLATE_XPATH, templateURL));
+ oap.setTemplateURL(buildTemplateURL(authComponent, OA_AUTH_COMPONENT_TEMPLATE_XPATH, templateURL));
+ oap.setTemplateOnlineMandates(buildTemplateOnlineMandatesOA(authComponent, templatesOnlineMandates));
+
oap.setInputProcessorSignTemplateURL(buildTemplateURL(authComponent, INPUT_PROCESSOR_TEMPLATE_XPATH, inputProcessorSignTemplateURL));
// load OA specific transforms if present
String[] transformsInfoFileNames = buildTransformsInfoFileNames(authComponent, OA_AUTH_COMPONENT_TRANSFORMS_INFO_FILENAME_XPATH);
@@ -590,6 +606,77 @@ public class ConfigurationBuilder {
}
return templateURL;
}
+
+
+
+ protected OnlineMandatesTemplates[] buildTemplateOnlineMandates(Node contextNode) {
+ String xpathExpr = AUTH_TEMPLATE_ONLINEMANDATES_BKU_XPATH;
+ List onlineMandatesTemplatesList = new ArrayList();
+
+ NodeIterator bkuIter = XPathUtils.selectNodeIterator(contextNode, xpathExpr);
+
+ Element bkuElem;
+ while ((bkuElem = (Element) bkuIter.nextNode()) != null) {
+ String bkuUrl = XPathUtils.getAttributeValue(bkuElem, "@URL", null);
+ String moaidTemplateUrl = XPathUtils.getAttributeValue(bkuElem, CONF + "MOA-ID-Template/@URL", null);
+ String mandateTemplateUrl = XPathUtils.getAttributeValue(bkuElem, CONF + "MandateTemplate/@URL", null);
+
+ OnlineMandatesTemplates template = new OnlineMandatesTemplates();
+ template.setBkuURL(bkuUrl);
+ if (moaidTemplateUrl != null) {
+ moaidTemplateUrl = FileUtils.makeAbsoluteURL(moaidTemplateUrl, rootConfigFileDir_);
+ }
+ if (moaidTemplateUrl != null) {
+ mandateTemplateUrl = FileUtils.makeAbsoluteURL(mandateTemplateUrl, rootConfigFileDir_);
+ }
+ template.setMoaIdTemplateURL(moaidTemplateUrl);
+ template.setMandatesTemplateURL(mandateTemplateUrl);
+
+ onlineMandatesTemplatesList.add(template);
+
+ }
+
+ if (onlineMandatesTemplatesList.isEmpty())
+ return null;
+
+ OnlineMandatesTemplates[] onlinemandatesTemplates = new OnlineMandatesTemplates[onlineMandatesTemplatesList.size()];
+ onlineMandatesTemplatesList.toArray(onlinemandatesTemplates);
+
+ return onlinemandatesTemplates;
+
+ }
+
+ protected OnlineMandatesTemplates[] buildTemplateOnlineMandatesOA(Node contextNode, OnlineMandatesTemplates[] defaultTemplatesOnlineMandates) {
+
+ String xpathExpr = OA_AUTH_COMPONENT_TEMPLATE_ONLINEMANDATES_BKU_XPATH;
+ List onlineMandatesTemplatesList = new ArrayList();
+
+ NodeIterator bkuIter = XPathUtils.selectNodeIterator(contextNode, xpathExpr);
+
+ Element bkuElem;
+ while ((bkuElem = (Element) bkuIter.nextNode()) != null) {
+ String bkuUrl = XPathUtils.getAttributeValue(bkuElem, "@URL", null);
+ String moaidTemplateUrl = XPathUtils.getAttributeValue(bkuElem, CONF + "MOA-ID-Template/@URL", null);
+ String mandateTemplateUrl = XPathUtils.getAttributeValue(bkuElem, CONF + "MandateTemplate/@URL", null);
+
+ OnlineMandatesTemplates template = new OnlineMandatesTemplates();
+ template.setBkuURL(bkuUrl);
+ template.setMoaIdTemplateURL(moaidTemplateUrl);
+ template.setMandatesTemplateURL(mandateTemplateUrl);
+
+ onlineMandatesTemplatesList.add(template);
+
+ }
+
+ if (onlineMandatesTemplatesList.isEmpty())
+ return defaultTemplatesOnlineMandates;
+
+ OnlineMandatesTemplates[] onlinemandatesTemplates = new OnlineMandatesTemplates[onlineMandatesTemplatesList.size()];
+ onlineMandatesTemplatesList.toArray(onlinemandatesTemplates);
+
+ return onlinemandatesTemplates;
+
+ }
/**
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/OnlineMandatesTemplates.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/OnlineMandatesTemplates.java
new file mode 100644
index 000000000..9ff2467a0
--- /dev/null
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/OnlineMandatesTemplates.java
@@ -0,0 +1,54 @@
+package at.gv.egovernment.moa.id.config;
+
+public class OnlineMandatesTemplates {
+
+ private String bkuURL;
+
+ private String moaIdTemplateURL;
+
+ private String mandatesTemplateURL;
+
+ /**
+ * @return the bkuURL
+ */
+ public String getBkuURL() {
+ return bkuURL;
+ }
+
+ /**
+ * @param bkuURL the bkuURL to set
+ */
+ public void setBkuURL(String bkuURL) {
+ this.bkuURL = bkuURL;
+ }
+
+ /**
+ * @return the moaIdTemplateURL
+ */
+ public String getMoaIdTemplateURL() {
+ return moaIdTemplateURL;
+ }
+
+ /**
+ * @param moaIdTemplateURL the moaIdTemplateURL to set
+ */
+ public void setMoaIdTemplateURL(String moaIdTemplateURL) {
+ this.moaIdTemplateURL = moaIdTemplateURL;
+ }
+
+ /**
+ * @return the mandatesTemplateURL
+ */
+ public String getMandatesTemplateURL() {
+ return mandatesTemplateURL;
+ }
+
+ /**
+ * @param mandatesTemplateURL the mandatesTemplateURL to set
+ */
+ public void setMandatesTemplateURL(String mandatesTemplateURL) {
+ this.mandatesTemplateURL = mandatesTemplateURL;
+ }
+
+
+}
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/auth/OAAuthParameter.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/auth/OAAuthParameter.java
index aa5aa21a3..fbaf32c1c 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/auth/OAAuthParameter.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/auth/OAAuthParameter.java
@@ -16,6 +16,7 @@
package at.gv.egovernment.moa.id.config.auth;
import at.gv.egovernment.moa.id.config.OAParameter;
+import at.gv.egovernment.moa.id.config.OnlineMandatesTemplates;
/**
* Configuration parameters belonging to an online application,
@@ -79,6 +80,8 @@ public class OAAuthParameter extends OAParameter {
* template for web page "Anmeldung mit B&uuml;rgerkarte"
*/
private String templateURL;
+
+ private OnlineMandatesTemplates[] templateOnlineMandates;
/**
* template for web page "Signatur der Anmeldedaten"
*/
@@ -167,7 +170,8 @@ public class OAAuthParameter extends OAParameter {
return provideCertificate;
}
- /**
+
+/**
* Returns the key box identifier.
* @return String
*/
@@ -193,6 +197,7 @@ public class OAAuthParameter extends OAParameter {
return templateURL;
}
+
/**
* Returns the inputProcessorSignTemplateURL url.
* @return The inputProcessorSignTemplateURL url or <code>null</code> if no url for
@@ -239,6 +244,21 @@ public class OAAuthParameter extends OAParameter {
this.transformsInfos = transformsInfos;
}
/**
+ * @return the templateOnlineMandates
+ */
+public OnlineMandatesTemplates[] getTemplateOnlineMandates() {
+ return templateOnlineMandates;
+}
+
+/**
+ * @param templateOnlineMandates the templateOnlineMandates to set
+ */
+public void setTemplateOnlineMandates(
+ OnlineMandatesTemplates[] templateOnlineMandates) {
+ this.templateOnlineMandates = templateOnlineMandates;
+}
+
+/**
* Sets the provideAuthBlock.
* @param provideAuthBlock The provideAuthBlock to set
*/
@@ -295,7 +315,7 @@ public class OAAuthParameter extends OAParameter {
public void setTemplateURL(String templateURL) {
this.templateURL = templateURL;
}
-
+
/**
* Sets the input processor sign form template url.
*
diff --git a/id/server/idserverlib/src/main/resources/resources/properties/id_messages_de.properties b/id/server/idserverlib/src/main/resources/resources/properties/id_messages_de.properties
index f206f6bbb..b8ee6ac68 100644
--- a/id/server/idserverlib/src/main/resources/resources/properties/id_messages_de.properties
+++ b/id/server/idserverlib/src/main/resources/resources/properties/id_messages_de.properties
@@ -70,6 +70,7 @@ parser.07=Fehler beim Parsen: Assoziatives Array im {0}-InfoboxResponse enthält
builder.00=Fehler beim Aufbau der Struktur "{0}": {1}
builder.01=Fehlerhaftes Template: Kennung "{0}" fehlt
builder.02=Fehler beim Ausblenden von Stammzahlen
+builder.03=Fehler beim Aufbau des HTML Codes für Vollmachten
service.00=Fehler beim Aufruf des Web Service: {0}
service.01=Fehler beim Aufruf des Web Service: kein Endpoint