* Update MOA-ID (Template Mechanismus für Online-Vollmachten inkl. MOA-ID Config)

* Update BK-Auswahl Howto * Update Default-Konfigurationen * Löschen von A1-Signatur Texten * Entfernung von tempates.war git-svn-id: https://joinup.ec.europa.eu/svn/moa-idspss/trunk@1206 d688527b-c9ab-4aba-bd8d-4036d912da1d
author: kstranacher <kstranacher@d688527b-c9ab-4aba-bd8d-4036d912da1d> 2011-06-21 15:40:44 +0000
committer: kstranacher <kstranacher@d688527b-c9ab-4aba-bd8d-4036d912da1d> 2011-06-21 15:40:44 +0000
commit: 9bbe4aa713e2c38dcfba02880c9b2cb63e82a859 (patch)
tree: 614d8a454de5a3985c18ef00ce53f689107da14f /id/server/idserverlib
parent: 07449c789f2561bb768d111e5b7d2c14e5dec26f (diff)
download: moa-id-spss-9bbe4aa713e2c38dcfba02880c9b2cb63e82a859.tar.gz
moa-id-spss-9bbe4aa713e2c38dcfba02880c9b2cb63e82a859.tar.bz2
moa-id-spss-9bbe4aa713e2c38dcfba02880c9b2cb63e82a859.zip
12 files changed, 424 insertions, 79 deletions
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/AuthenticationServer.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/AuthenticationServer.java
index a772e0457..af7841321 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/AuthenticationServer.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/AuthenticationServer.java
@@ -291,6 +291,7 @@ public class AuthenticationServer implements MOAIDAuthConstants {
    *                may be <code>null</code>; in this case, the default location will be used
    * @param useMandate Indicates if mandate is used or not               
    * @param templateURL URL providing an HTML template for the HTML form generated
+   * @param templateMandteURL URL providing an HTML template for the HTML form generated (for signing in mandates mode)
    * @param scheme determines the protocol used 
    * @return HTML form
    * @throws AuthenticationException
@@ -391,6 +392,8 @@ public class AuthenticationServer implements MOAIDAuthConstants {
           ex);
       }
     }
+  
+    
     String pushInfobox = "";
     VerifyInfoboxParameters verifyInfoboxParameters = oaParam.getVerifyInfoboxParameters();
     if (verifyInfoboxParameters != null) {
@@ -887,6 +890,8 @@ public class AuthenticationServer implements MOAIDAuthConstants {
     session.setExtendedSAMLAttributesAUTH(new Vector()); // Initialize SAML Attributes
     session.setExtendedSAMLAttributesOA(new Vector());
     
+    //System.out.println("SAML set: " + session.getExtendedSAMLAttributesAUTH().size());
+    
     if (verifyInfoboxParameters != null) {
       
       infoboxParameters = verifyInfoboxParameters.getInfoboxParameters();     
@@ -1720,6 +1725,7 @@ public class AuthenticationServer implements MOAIDAuthConstants {
     }
     AuthenticationData authData = null;
     synchronized (authenticationDataStore) {
+    	System.out.println("assertionHandle: " + assertionHandle);
       authData = (AuthenticationData) authenticationDataStore.get(assertionHandle);
       if (authData == null) {
         Logger.error("Assertion not found for SAML Artifact: " + samlArtifact);
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/builder/AuthenticationBlockAssertionBuilder.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/builder/AuthenticationBlockAssertionBuilder.java
index bab387b4a..d105c3206 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/builder/AuthenticationBlockAssertionBuilder.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/builder/AuthenticationBlockAssertionBuilder.java
@@ -190,9 +190,12 @@ public class AuthenticationBlockAssertionBuilder extends AuthenticationAssertion
       } 
       ExtendedSAMLAttribute bpkAttribute = 
           new ExtendedSAMLAttributeImpl("bPK", bpkSamlValueElement, Constants.MOA_NS_URI, ExtendedSAMLAttribute.ADD_TO_AUTHBLOCK_ONLY);
-         
+      
+      System.out.println("extendedSAMLAttributes: " + extendedSAMLAttributes.size());
+      
      extendedSAMLAttributes.add(bpkAttribute);
-      //gebeORwbpk = gebeORwbpk  + MessageFormat.format(BPK_ATTRIBUTE, new Object[] { identityLinkValue, identityLinkType });
+
+     //gebeORwbpk = gebeORwbpk  + MessageFormat.format(BPK_ATTRIBUTE, new Object[] { identityLinkValue, identityLinkType });
      wbpkNSDeclaration = " xmlns:pr=\"" + PD_NS_URI + "\"";
      //..BZ     
     }
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/builder/CreateXMLSignatureRequestBuilder.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/builder/CreateXMLSignatureRequestBuilder.java
index c61e2dd84..4d29c9135 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/builder/CreateXMLSignatureRequestBuilder.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/builder/CreateXMLSignatureRequestBuilder.java
@@ -152,8 +152,8 @@ public class CreateXMLSignatureRequestBuilder implements Constants {
 //		request += "</style>";
 		request += "</head>";
 		request += "<body>";
-		request += "<h4 class=\"h4style\">Authentication Data:</h4>";
-		request += "<p class=\"titlestyle\">Personal Data</p>";
+		request += "<h4 class=\"h4style\">Anmeldedaten f�r (Requesting Application Access for):</h4>";
+		request += "<p class=\"titlestyle\">Pers�nliche Daten (Personal Data)</p>";
 		request += "<table class=\"parameters\">";
 		request += "<tr>";
 		request += "<td class=\"italicstyle\">Name:</td>";
@@ -162,21 +162,21 @@ public class CreateXMLSignatureRequestBuilder implements Constants {
 		request += "</td>";
 		request += "</tr>";
 		request += "</table>";
-		request += "<p class=\"titlestyle\">Application Data</p>";
+		request += "<p class=\"titlestyle\">Daten zur Anwendung (Application Data)</p>";
 		request += "<table class=\"parameters\">";
 		request += "<tr>";
-		request += "<td class=\"italicstyle\">Name:</td>";
+		request += "<td class=\"italicstyle\">Dienst (Service):</td>";
 		request += "<td class=\"normalstyle\">";
 		// friendlyname from OA
 		request += StringUtils.isEmpty(oaParam.getFriendlyName()) ? "" : oaParam.getFriendlyName();
 		request += "</td>";
 		request += "</tr>";
 		request += "<tr>";
-		request += "<td class=\"italicstyle\">Country:</td>";
-		request += "<td class=\"normalstyle\">Austria</td>";
+		request += "<td class=\"italicstyle\">Land (Country):</td>";
+		request += "<td class=\"normalstyle\">�sterreich (Austria)</td>";
 		request += "</tr>";
 		request += "</table>";
-		request += "<p class=\"titlestyle\">Technical Parameters</p>";
+		request += "<p class=\"titlestyle\">Technische Parameter (Technical Parameters)</p>";
 		request += "<table class=\"parameters\">";
 		request += "<tr>";
 		request += "<td class=\"italicstyle\">URL:</td>";
@@ -203,7 +203,7 @@ public class CreateXMLSignatureRequestBuilder implements Constants {
 			// OA is publicservice
 			request += "<tr>";
 			request += "<td class=\"italicstyle\">";
-			request += "Sector:</td>";
+			request += "Sektor (Sector):</td>";
 			request += "<td class=\"normalstyle\">";
 			request += target + " (" + sectorName + ")";
 			request += "</td>";
@@ -212,27 +212,45 @@ public class CreateXMLSignatureRequestBuilder implements Constants {
 		}
 		
 		request += "<tr>";
-		request += "<td class=\"italicstyle\">Date:</td>";
+		request += "<td class=\"italicstyle\">Datum (Date):</td>";
 		request += "<td class=\"normalstyle\">";   
 		request += date;
 		request += "</td>";
 		request += "</tr>";
 		request += "<tr>";
-		request += "<td class=\"italicstyle\">Time:</td>";
+		request += "<td class=\"italicstyle\">Zeit (Time):</td>";
 		request += "<td class=\"normalstyle\">";
 		request += time;
 		request += "</td>";
 		request += "</tr>";
 		request += "</table>";
 		
-		request += "<p class=\"normalstyle\">I hereby request to access this e-government application by using my " +
-			"domestic electronic identity. <br/>" +
-			"I further affirm that I am not yet registered with the Austrian Central " + 
-			"Residents Registry and that I am not obliged to register with the Austrian " + 
-			"Central Residents Registry according to Austrian law.<br/>" + 
-			"In the event I am not yet registered with the Supplementary Register, I " + 
-			"explicitly grant to do so according to �6 (5) E-Government Act (EGovG, idF: " +
-			"BGBl. I Nr.  7/2008 und BGBl. I Nr. 59/2008).</p>";
+		request += "<p class=\"normalstyle\">Mit der Anmeldung erfolgt eine Abfrage des Erg�nzungsregister f�r " +  
+					"nat�rliche Personen (ERnP), damit ich meinen elektronischen " +  
+					"Identit�tsnachweis (meine elektronische Identit�tskarte) unmittelbar " +  
+					"als �sterreichische B�rgerkarte verwenden kann. Ich bin nicht im " +  
+					"Zentralen Melderegister eingetragen und stimme, sofern ich nicht im " +  
+					"ERnP eingetragen bin, einer Eintragung ins ERnP zu. Ich nehme zur " + 
+					"Kenntnis, dass die Eintragung ins ERnP ausschlie�lich der Aufzeichnung " +  
+					"jener Daten, die f�r die eindeutige Identit�t notwendig sind, dient.</p>";
+
+		request += "<p class=\"normalstyle\">I affirm that I am not registered with the Austrian Central " + 
+					"Register of Residents or the Supplementary Register for Natural Persons. I therefore " + 
+					"apply for registration in the Supplementary Register for Natural Persons in order to use " +
+					"my electronic identity (my electronic ID card) as an Austrian citizen card. I take note " + 
+					"that registration in the Supplementary Register for Natural Persons solely serves keeping " + 
+					"records of those data that are used for validation of unique identity and that those data " +  
+					"is only used for e-government purposes.</p>";
+		
+		
+//		request += "<p class=\"normalstyle\">I hereby request to access this e-government application by using my " +
+//			"domestic electronic identity. <br/>" +
+//			"I further affirm that I am not yet registered with the Austrian Central " + 
+//			"Residents Registry and that I am not obliged to register with the Austrian " + 
+//			"Central Residents Registry according to Austrian law.<br/>" + 
+//			"In the event I am not yet registered with the Supplementary Register, I " + 
+//			"explicitly grant to do so according to �6 (5) E-Government Act (EGovG, idF: " +
+//			"BGBl. I Nr.  7/2008 und BGBl. I Nr. 59/2008).</p>";
 		
 		request += "</body>";
 		request += "</html>";
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/builder/GetIdentityLinkFormBuilder.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/builder/GetIdentityLinkFormBuilder.java
index 9bab8643f..dcaed084a 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/builder/GetIdentityLinkFormBuilder.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/builder/GetIdentityLinkFormBuilder.java
@@ -15,11 +15,19 @@
 */
 package at.gv.egovernment.moa.id.auth.builder;
 
+import java.io.BufferedReader;
 import java.io.IOException;
 import java.io.StringReader;
 import java.io.StringWriter;
 
+import at.gv.egovernment.moa.id.AuthenticationException;
 import at.gv.egovernment.moa.id.BuildException;
+import at.gv.egovernment.moa.id.config.ConfigurationException;
+import at.gv.egovernment.moa.id.config.OnlineMandatesTemplates;
+import at.gv.egovernment.moa.id.config.auth.AuthConfigurationProvider;
+import at.gv.egovernment.moa.id.config.auth.OAAuthParameter;
+import at.gv.egovernment.moa.logging.Logger;
+import at.gv.egovernment.moa.util.FileUtils;
 
 /**
  * Builder for HTML form requesting the security layer implementation
@@ -43,6 +51,8 @@ public class GetIdentityLinkFormBuilder extends Builder {
   private static final String CERTINFO_DATAURL_TAG = "<CertInfoDataURL>";
   /** special tag in the HTML template to be substituted for the infoboxes to be pushed from the BKU */
   private static final String PUSHINFOBOX_TAG = "<PushInfobox>";
+  /** special tag in the HTML template to be substituted for the BKU URL */
+  private static final String MANDATE_TAG = "<Mandate>";
   /** private static int all contains the representation to replace all tags*/
   private static final int ALL = -1;
 
@@ -83,48 +93,101 @@ public class GetIdentityLinkFormBuilder extends Builder {
     "</body>" + nl +
     "</html>";
   
-  /** default HTML template */
-  private static final String DEFAULT_HTML_TEMPLATE_FOR_MANDATES = 
+  /** default HTML template for mandates */
+  private static final String DEFAULT_HTML_TEMPLATE_FOR_MANDATES_OLD = 
     "<html>" + nl +
     "<head>" + nl +
-    "<meta http-equiv=\"content-type\" content=\"text/html; charset=UTF-8\">" + nl +    
+    "<meta http-equiv=\"content-type\" content=\"text/html; charset=UTF-8\">" + nl +
     "<title>Vollmachten-Anmeldung</title>" + nl +
-    "<script type=\"text/javascript\">" + nl +
-	"window.onload=function() {" + nl +
-	"document.VollmachtenForm.submit();"  + nl +
-	"document.VollmachtenForm.Senden.disabled=true;" + nl +
-	"return;" + nl +
-	"}" + nl +
-	"</script>" + nl +
-    "</head>" + nl +
-    "<body>" + nl +
-    "<form name=\"VollmachtenForm\"" + nl +
-    "      action=\"" + BKU_TAG + "\"" + nl +
-    "      method=\"post\">" + nl +
-    "  <input type=\"hidden\" " + nl +
-    "         name=\"XMLRequest\"" + nl +
-    "         value=\"" + XMLREQUEST_TAG + "\"/>" + nl +
-    "  <input type=\"hidden\" " + nl +
-    "         name=\"DataURL\"" + nl +
-    "         value=\"" + DATAURL_TAG + "\"/>" + nl +
-    "  <input type=\"hidden\" " + nl +
-    "         name=\"PushInfobox\"" + nl +
-    "         value=\"" + PUSHINFOBOX_TAG + "\"/>" + nl +
-    "  <input type=\"submit\" value=\"Starte Signatur\" name=\"Senden\"/>" + nl +
-    "</form>" + nl +
-    "<form name=\"CertificateInfoForm\"" + nl +
-    "      action=\"" + BKU_TAG + "\"" + nl +
-    "      method=\"post\">" + nl +
-    "  <input type=\"hidden\" " + nl +
-    "         name=\"XMLRequest\"" + nl +
-    "         value=\"" + CERTINFO_XMLREQUEST_TAG + "\"/>" + nl +
-    "  <input type=\"hidden\" " + nl +
-    "         name=\"DataURL\"" + nl +
-    "         value=\"" + CERTINFO_DATAURL_TAG + "\"/>" + nl +
-//	"  <input type=\"submit\" value=\"Information zu Wurzelzertifikaten\"/>" + nl +    
-    "  <input type=\"hidden\" value=\"Information zu Wurzelzertifikaten\"/>" + nl +
-    "</form>" + nl +
-    "</body>" + nl +
+    "<script language=\"javascript\">" + nl +
+    "	function fillFrame() {" + nl +
+    "		var f = top.frames['mandate'];" + nl +
+    "		with (f.document) {" + nl +
+    "		  	open();" + nl +
+    "           <Mandate>" + nl +  
+	" 		    close();" + nl +
+	"   	}" + nl +
+	"	}" + nl +
+	"</script>" + nl +	
+	"</head>" + nl +
+	"<body onLoad=\"fillFrame(); return false;\">" + nl +
+	"<h2>Vollmachten-Anmeldung</h2>" + nl +
+	"<iframe name=\"mandate\" src=\"\" frameborder=\"0\" width=\"250\" height=\"400\"></iframe>" + nl +    
+	"</body>" + nl +
+    "</html>";
+  
+  
+  /** default HTML template - iFrame */
+  private static final String DEFAULT_HTML_TEMPLATE_IFRAME_FOR_MANDATES_OLD = 
+    "<html>" +
+    "<head>" +
+    //"<base target=\"_parent\">" +
+    "<meta http-equiv=\"content-type\" content=\"text/html; charset=UTF-8\">" +     
+    "<title>Vollmachten-Anmeldung</title>" + 
+    "</head>" + 
+    "<body onLoad=\"document.VollmachtenForm.submit();\">" + 
+    "<form name=\"VollmachtenForm\"" + 
+    "      action=\"" + BKU_TAG + "\"" + 
+    "      method=\"post\">" + 
+    "  <input type=\"hidden\" " + 
+    "         name=\"XMLRequest\"" + 
+    "         value=\"" + XMLREQUEST_TAG + "\"/>" + 
+    "  <input type=\"hidden\" " + 
+    "         name=\"DataURL\"" + 
+    "         value=\"" + DATAURL_TAG + "\"/>" + 
+    "  <input type=\"hidden\" " + 
+    "         name=\"PushInfobox\"" +
+    "         value=\"" + PUSHINFOBOX_TAG + "\"/>" +
+    "  <input type=\"submit\" value=\"Starte Signatur\" name=\"Senden\"/>" +
+    "</form>" + 
+    "<form name=\"CertificateInfoForm\"" + 
+    "      action=\"" + BKU_TAG + "\"" + 
+    "      method=\"post\">" + 
+    "  <input type=\"hidden\" " + 
+    "         name=\"XMLRequest\"" + 
+    "         value=\"" + CERTINFO_XMLREQUEST_TAG + "\"/>" + 
+    "  <input type=\"hidden\" " + 
+    "         name=\"DataURL\"" + 
+    "         value=\"" + CERTINFO_DATAURL_TAG + "\"/>" + 
+    "  <input type=\"hidden\" value=\"Information zu Wurzelzertifikaten\"/>" + 
+    "</form>" + 
+    "</body>" + 
+    "</html>";
+  
+  /** default HTML template for Online mandates */
+  private static final String DEFAULT_HTML_TEMPLATE_IFRAME_FOR_MANDATES = 
+    "<html>" +
+    "<head>" +
+    "<meta http-equiv=\"content-type\" content=\"text/html; charset=UTF-8\">" +     
+    "<title>Vollmachten-Anmeldung</title>" + 
+    "</head>" + 
+    "<body onLoad=\"document.VollmachtenForm.submit();\">" + 
+    "<form name=\"VollmachtenForm\"" + 
+    "      action=\"" + BKU_TAG + "\"" + 
+    "      method=\"post\">" + 
+    "  <input type=\"hidden\" " + 
+    "         name=\"XMLRequest\"" + 
+    "         value=\"" + XMLREQUEST_TAG + "\"/>" + 
+    "  <input type=\"hidden\" " + 
+    "         name=\"DataURL\"" + 
+    "         value=\"" + DATAURL_TAG + "\"/>" + 
+    "  <input type=\"hidden\" " + 
+    "         name=\"PushInfobox\"" +
+    "         value=\"" + PUSHINFOBOX_TAG + "\"/>" +
+    "  <input type=\"submit\" value=\"Starte Signatur\" name=\"Senden\"/>" +
+    "</form>" + 
+    "<form name=\"CertificateInfoForm\"" + 
+    "      action=\"" + BKU_TAG + "\"" + 
+    "      method=\"post\">" + 
+    "  <input type=\"hidden\" " + 
+    "         name=\"XMLRequest\"" + 
+    "         value=\"" + CERTINFO_XMLREQUEST_TAG + "\"/>" + 
+    "  <input type=\"hidden\" " + 
+    "         name=\"DataURL\"" + 
+    "         value=\"" + CERTINFO_DATAURL_TAG + "\"/>" + 
+    "  <input type=\"hidden\" value=\"Information zu Wurzelzertifikaten\"/>" + 
+    "</form>" + 
+    "</body>" + 
     "</html>";
 
   /**
@@ -167,25 +230,101 @@ public class GetIdentityLinkFormBuilder extends Builder {
   /**
    * Builds the HTML form, including XML Request and data URL as parameters.
    * 
-   * @param htmlTemplate template to be used for the HTML form;
-   *         may be <code>null</code>, in this case a default layout will be produced
    * @param xmlRequest XML Request to be sent as a parameter in the form
    * @param bkuURL URL of the "B&uuml;rgerkartenumgebung" the form will be submitted to;
    *         may be <code>null</code>, in this case the default URL will be used
    * @param dataURL DataURL to be sent as a parameter in the form
    */
   public String buildCreateSignature(
-    String bkuURL, 
+	String bkuURL, 
     String xmlRequest, 
-    String dataURL)
+    String dataURL,
+    String oaUrl)
   throws BuildException 
   {      
-  	String htmlForm = DEFAULT_HTML_TEMPLATE_FOR_MANDATES;
-    htmlForm = replaceTag(htmlForm, BKU_TAG, bkuURL, true, ALL);
-    htmlForm = replaceTag(htmlForm, XMLREQUEST_TAG, encodeParameter(xmlRequest), true, ALL);
-    htmlForm = replaceTag(htmlForm, DATAURL_TAG, dataURL, true, ALL);
-  	return htmlForm;
+	  String htmlForm = "";
+	  OAAuthParameter oaParam;
+	   try {
+	      oaParam = AuthConfigurationProvider.getInstance().getOnlineApplicationParameter(oaUrl);
+	   } catch (ConfigurationException e) {
+	      Logger.error("Error on building HTMl form for online mandates: " + e.getMessage());
+         throw new BuildException("builder.03", null);
+	   }
+
+	   OnlineMandatesTemplates[] templatesOnlineMandates = oaParam.getTemplateOnlineMandates();
+	   if (templatesOnlineMandates == null) {
+		   // no templates given
+		   htmlForm = DEFAULT_HTML_TEMPLATE_IFRAME_FOR_MANDATES;	  
+		   htmlForm = replaceTag(htmlForm, BKU_TAG, bkuURL, true, ALL);
+		   htmlForm = replaceTag(htmlForm, XMLREQUEST_TAG, encodeParameter(xmlRequest), true, ALL);
+		   htmlForm = replaceTag(htmlForm, DATAURL_TAG, dataURL, true, ALL);
+	   } else {
+		   String moaidTemplateUrl = null;
+		   String mandateTemplateUrl = null;
+		   // check for configured bku URL
+		   for (int i = 0; i < templatesOnlineMandates.length; i++) {
+			   if (templatesOnlineMandates[i].getBkuURL().compareToIgnoreCase(bkuURL) == 0) {
+				   moaidTemplateUrl = templatesOnlineMandates[i].getMoaIdTemplateURL();
+				   mandateTemplateUrl = templatesOnlineMandates[i].getMandatesTemplateURL();
+			   }			   
+		   }		   
+		   if (moaidTemplateUrl == null || mandateTemplateUrl == null) {
+			   Logger.debug("Configured and used BKU URL are not equal. So standard template is used.");
+			   htmlForm = DEFAULT_HTML_TEMPLATE_IFRAME_FOR_MANDATES;	  
+			   htmlForm = replaceTag(htmlForm, BKU_TAG, bkuURL, true, ALL);
+			   htmlForm = replaceTag(htmlForm, XMLREQUEST_TAG, encodeParameter(xmlRequest), true, ALL);
+			   htmlForm = replaceTag(htmlForm, DATAURL_TAG, dataURL, true, ALL);
+		   } else {
+			   // use configured templates
+			   String moaidTemplate;
+			   String mandateTemplate;
+			   try {
+				   moaidTemplate = new String(FileUtils.readURL(moaidTemplateUrl));
+			   } catch (IOException ex) {
+				   throw new BuildException("auth.03", new Object[] { moaidTemplateUrl, ex.toString()},ex);
+			   }
+			   try {
+				   mandateTemplate = new String(FileUtils.readURL(mandateTemplateUrl));
+			   } catch (IOException ex) {
+				   throw new BuildException("auth.03", new Object[] { mandateTemplateUrl, ex.toString()},ex);
+			   }
+		   
+			   
+			   // Mandatem template with iFrame
+			   htmlForm = mandateTemplate;
+	
+	
+			   // HTML form with XML signature request, which is filled into the iFrame 
+			   String htmlFormiFrame = moaidTemplate;
+			   htmlFormiFrame = replaceTag(htmlFormiFrame, BKU_TAG, bkuURL, true, ALL);
+			   htmlFormiFrame = replaceTag(htmlFormiFrame, XMLREQUEST_TAG, encodeParameter(xmlRequest), true, ALL);
+			   htmlFormiFrame = replaceTag(htmlFormiFrame, DATAURL_TAG, dataURL, true, ALL);	
+			   htmlFormiFrame = htmlFormiFrame.replaceAll("\"", "\\\"");
+			   htmlFormiFrame = htmlFormiFrame.replaceAll("'", "\\\\'");
+
+			   // add writeln('[data]') for each line in the iframe
+			   BufferedReader reader = new BufferedReader(new StringReader(htmlFormiFrame));
+			   String str;
+			   String htmlFormiFrameWriteLn = "";
+			   try {
+				   while ((str = reader.readLine()) != null) {
+					   if (str.length() > 0) 
+						   htmlFormiFrameWriteLn += "writeln('" + str + "');";
+				   }	
+			   } catch(IOException e) {
+				   throw new BuildException("builder.03", null);
+			   }
+	
+			   htmlForm = replaceTag(htmlForm, MANDATE_TAG, htmlFormiFrameWriteLn, true, ALL);
+			   			   
+		   }
+		   
+	   }
+	   
+	   return htmlForm;
+	  
   }
+ 
   /**
    * Encodes a string for inclusion as a parameter in the form.
    * Double quotes are substituted by <code>"&amp;quot;"</code>.
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/builder/SAMLArtifactBuilder.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/builder/SAMLArtifactBuilder.java
index f0e9c7484..c94eb0b25 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/builder/SAMLArtifactBuilder.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/builder/SAMLArtifactBuilder.java
@@ -64,6 +64,10 @@ public class SAMLArtifactBuilder {
       byte[] sourceID;
       // alternative sourceId
       String alternativeSourceID = AuthConfigurationProvider.getInstance().getGenericConfigurationParameter(GENERIC_CONFIG_PARAM_SOURCEID);
+      
+      System.out.println("alternativeSourceID: " + alternativeSourceID);
+      System.out.println("authURL: " + authURL);
+      
       if (!ParepUtils.isEmpty(alternativeSourceID)) {
         // if generic config parameter "AuthenticationServer.SourceID" is given, use that sourceID instead of authURL;
         sourceID = md.digest(alternativeSourceID.getBytes());
@@ -71,6 +75,9 @@ public class SAMLArtifactBuilder {
       } else {
         sourceID = md.digest(authURL.getBytes());
       }
+      
+      System.out.println("sourceID: " + new String(sourceID));
+      
       byte[] assertionHandle = md.digest(sessionID.getBytes());
       ByteArrayOutputStream out = new ByteArrayOutputStream(42);
       out.write(0);
@@ -78,7 +85,9 @@ public class SAMLArtifactBuilder {
       out.write(sourceID, 0, 20);
       out.write(assertionHandle, 0, 20);
       byte[] samlArtifact = out.toByteArray();
+      System.out.println("samlArtifact: " + new String(samlArtifact));
       String samlArtifactBase64 = Base64Utils.encode(samlArtifact);
+      System.out.println("samlArtifact Base64: " + samlArtifactBase64);
       return samlArtifactBase64;
     }
     catch (Throwable ex) {
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/data/AuthenticationSession.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/data/AuthenticationSession.java
index 554b5012e..3d040d476 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/data/AuthenticationSession.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/data/AuthenticationSession.java
@@ -64,6 +64,7 @@ public class AuthenticationSession {
      * HTML template URL
      */
     private String templateURL;
+    
     /**
      * URL of the BKU
      */
@@ -363,14 +364,16 @@ public class AuthenticationSession {
   public String getTemplateURL() {
     return templateURL;
   }
-
+  
+  
   /**
    * @param string the template URL
    */
   public void setTemplateURL(String string) {
     templateURL = string;
   }
-
+  
+  
   /**
    * Returns the SAML Attributes to be appended to the AUTHBlock. Maybe <code>null</code>.
    *
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/GetMISSessionIDServlet.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/GetMISSessionIDServlet.java
index 4c0abdb0f..0270eb3cb 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/GetMISSessionIDServlet.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/GetMISSessionIDServlet.java
@@ -16,6 +16,7 @@ import javax.servlet.http.HttpServletResponse;
 import org.apache.commons.fileupload.FileUploadException;
 import org.apache.commons.lang.StringEscapeUtils;
 
+import at.gv.egovernment.moa.id.AuthenticationException;
 import at.gv.egovernment.moa.id.BuildException;
 import at.gv.egovernment.moa.id.MOAIDException;
 import at.gv.egovernment.moa.id.auth.AuthenticationServer;
@@ -32,6 +33,7 @@ import at.gv.egovernment.moa.id.util.client.mis.simple.MISMandate;
 import at.gv.egovernment.moa.id.util.client.mis.simple.MISSimpleClient;
 import at.gv.egovernment.moa.id.util.client.mis.simple.MISSimpleClientException;
 import at.gv.egovernment.moa.logging.Logger;
+import at.gv.egovernment.moa.util.FileUtils;
 
 /**
  * Servlet requested for getting the foreign eID
@@ -143,8 +145,8 @@ public class GetMISSessionIDServlet extends AuthServlet {
 	               session.getSessionID());
 	    	
 	    	Logger.debug(createXMLSignatureRequestOrRedirect);
-	    	
-	    	String request = getHTMLForm(createXMLSignatureRequestOrRedirect, session.getBkuURL(), dataurl);
+ 
+	    	String request = getHTMLForm(createXMLSignatureRequestOrRedirect, session.getBkuURL(), dataurl, session.getPublicOAURLPrefix());
 
 	    	resp.setContentType("text/html;charset=UTF-8");
 			PrintWriter out = new PrintWriter(resp.getOutputStream());
@@ -164,8 +166,8 @@ public class GetMISSessionIDServlet extends AuthServlet {
 		} 
   }
   
-  private static String getHTMLForm(String request, String bkuURI, String dataURL) throws BuildException {
-	  return new GetIdentityLinkFormBuilder().buildCreateSignature(bkuURI, request, dataURL);
+  private static String getHTMLForm(String request, String bkuURI, String dataURL, String oaUrl) throws BuildException {
+	  return new GetIdentityLinkFormBuilder().buildCreateSignature(bkuURI, request, dataURL, oaUrl);
 	  
   }
   
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/VerifyAuthenticationBlockServlet.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/VerifyAuthenticationBlockServlet.java
index f1fb15be0..44a1f3098 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/VerifyAuthenticationBlockServlet.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/VerifyAuthenticationBlockServlet.java
@@ -102,6 +102,7 @@ public class VerifyAuthenticationBlockServlet extends AuthServlet {
 		resp.setHeader(MOAIDAuthConstants.HEADER_PRAGMA,MOAIDAuthConstants.HEADER_VALUE_PRAGMA);
 		resp.setHeader(MOAIDAuthConstants.HEADER_CACHE_CONTROL,MOAIDAuthConstants.HEADER_VALUE_CACHE_CONTROL);
 		resp.addHeader(MOAIDAuthConstants.HEADER_CACHE_CONTROL,MOAIDAuthConstants.HEADER_VALUE_CACHE_CONTROL_IE);
+		
 		  
     Map parameters;
     try 
@@ -142,8 +143,10 @@ public class VerifyAuthenticationBlockServlet extends AuthServlet {
 			}
 			resp.setContentType("text/html");
 			resp.setStatus(302);
-			resp.addHeader("Location", redirectURL);
+			
+			resp.addHeader("Location", redirectURL);			
 			Logger.debug("REDIRECT TO: " + redirectURL);
+			
 		}
     
 		catch (MOAIDException ex) {
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/ConfigurationBuilder.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/ConfigurationBuilder.java
index b5275cdd5..5a598b03d 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/ConfigurationBuilder.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/ConfigurationBuilder.java
@@ -94,6 +94,13 @@ public class ConfigurationBuilder {
   /** an XPATH-Expression */ 
   protected static final String AUTH_TEMPLATE_XPATH =
     ROOT + CONF + "AuthComponent/" + CONF + "Templates/" + CONF + "Template/@URL";
+    /** an XPATH-Expression */ 
+  public static final String AUTH_TEMPLATE_ONLINEMANDATES_BKU_XPATH =
+	   ROOT + CONF + "AuthComponent/" + CONF + "Templates/" + CONF + "OnlineMandates/" + CONF + "BKU";
+  
+  
+  //protected static final String AUTH_MANDATE_TEMPLATE_XPATH =
+//    ROOT + CONF + "AuthComponent/" + CONF + "Templates/" + CONF + "MandateTemplate/@URL";
   /** an XPATH-Expression */ 
   protected static final String INPUT_PROCESSOR_TEMPLATE_XPATH =
     ROOT + CONF + "AuthComponent/" + CONF + "Templates/" + CONF + "InputProcessorSignTemplate/@URL";
@@ -145,6 +152,11 @@ public class ConfigurationBuilder {
   /** an XPATH-Expression */ 
   protected static final String OA_AUTH_COMPONENT_TEMPLATE_XPATH =
     CONF + "Templates/" + CONF + "Template/@URL";
+  /** an XPATH-Expression */
+  public static final String OA_AUTH_COMPONENT_TEMPLATE_ONLINEMANDATES_BKU_XPATH = 
+	   CONF + "Templates/" + CONF + "OnlineMandates/" + CONF + "BKU";
+  //protected static final String OA_AUTH_COMPONENT_MANDATE_TEMPLATE_XPATH =
+    //CONF + "Templates/" + CONF + "MandateTemplate/@URL";
   /** an XPATH-Expression */ 
   protected static final String OA_AUTH_COMPONENT_TRANSFORMS_INFO_FILENAME_XPATH = CONF + "TransformsInfo/@filename";
   /** an XPATH-Expression */ 
@@ -465,10 +477,12 @@ public class ConfigurationBuilder {
     String bkuSelectionTemplateURL =     
         XPathUtils.getAttributeValue(configElem_, AUTH_BKUSELECT_TEMPLATE_XPATH, null);
     String templateURL =     
-        XPathUtils.getAttributeValue(configElem_, AUTH_TEMPLATE_XPATH, null);
+    	XPathUtils.getAttributeValue(configElem_, AUTH_TEMPLATE_XPATH, null);
     String inputProcessorSignTemplateURL =     
       XPathUtils.getAttributeValue(configElem_, INPUT_PROCESSOR_TEMPLATE_XPATH, null);
     
+    OnlineMandatesTemplates[] templatesOnlineMandates =  buildTemplateOnlineMandates(configElem_);
+
     List OA_set = new ArrayList();
     NodeList OAIter = XPathUtils.selectNodeList(configElem_, OA_XPATH);
 
@@ -536,7 +550,9 @@ public class ConfigurationBuilder {
         oap.setProvideIdentityLink(BoolUtils.valueOf(authComponent.getAttribute("provideIdentityLink")));
         oap.setProvideCertificate(BoolUtils.valueOf(authComponent.getAttribute("provideCertificate")));        
         oap.setBkuSelectionTemplateURL(buildTemplateURL(authComponent, OA_AUTH_COMPONENT_BKUSELECT_TEMPLATE_XPATH, bkuSelectionTemplateURL));
-        oap.setTemplateURL(buildTemplateURL(authComponent, OA_AUTH_COMPONENT_TEMPLATE_XPATH, templateURL));        
+        oap.setTemplateURL(buildTemplateURL(authComponent, OA_AUTH_COMPONENT_TEMPLATE_XPATH, templateURL));
+        oap.setTemplateOnlineMandates(buildTemplateOnlineMandatesOA(authComponent, templatesOnlineMandates));
+      
         oap.setInputProcessorSignTemplateURL(buildTemplateURL(authComponent, INPUT_PROCESSOR_TEMPLATE_XPATH, inputProcessorSignTemplateURL));        
         // load OA specific transforms if present
         String[] transformsInfoFileNames = buildTransformsInfoFileNames(authComponent, OA_AUTH_COMPONENT_TRANSFORMS_INFO_FILENAME_XPATH);        
@@ -590,6 +606,77 @@ public class ConfigurationBuilder {
     }
     return templateURL;
   }
+  
+  
+  
+  protected OnlineMandatesTemplates[] buildTemplateOnlineMandates(Node contextNode) {
+	  String xpathExpr = AUTH_TEMPLATE_ONLINEMANDATES_BKU_XPATH;
+	  List onlineMandatesTemplatesList = new ArrayList();
+	  
+	  NodeIterator bkuIter = XPathUtils.selectNodeIterator(contextNode, xpathExpr);
+	      
+	  Element bkuElem;
+	  while ((bkuElem = (Element) bkuIter.nextNode()) != null) {
+		  String bkuUrl = XPathUtils.getAttributeValue(bkuElem, "@URL", null);	    	  
+		  String moaidTemplateUrl = XPathUtils.getAttributeValue(bkuElem, CONF + "MOA-ID-Template/@URL", null);
+		  String mandateTemplateUrl = XPathUtils.getAttributeValue(bkuElem, CONF + "MandateTemplate/@URL", null);
+	    	  
+		  OnlineMandatesTemplates template = new OnlineMandatesTemplates();
+		  template.setBkuURL(bkuUrl);
+		  if (moaidTemplateUrl != null) {
+			  moaidTemplateUrl = FileUtils.makeAbsoluteURL(moaidTemplateUrl, rootConfigFileDir_);
+		  }
+		  if (moaidTemplateUrl != null) {
+			  mandateTemplateUrl = FileUtils.makeAbsoluteURL(mandateTemplateUrl, rootConfigFileDir_);
+		  }
+		  template.setMoaIdTemplateURL(moaidTemplateUrl);
+		  template.setMandatesTemplateURL(mandateTemplateUrl);
+	    	  
+		  onlineMandatesTemplatesList.add(template);
+		  
+	  }
+	  
+	  if (onlineMandatesTemplatesList.isEmpty())
+		  return null;
+	  
+	  OnlineMandatesTemplates[] onlinemandatesTemplates = new OnlineMandatesTemplates[onlineMandatesTemplatesList.size()];
+	  onlineMandatesTemplatesList.toArray(onlinemandatesTemplates);
+	  
+	  return onlinemandatesTemplates;
+	      
+  }
+  
+  protected OnlineMandatesTemplates[] buildTemplateOnlineMandatesOA(Node contextNode, OnlineMandatesTemplates[] defaultTemplatesOnlineMandates) {
+	  
+	  String xpathExpr = OA_AUTH_COMPONENT_TEMPLATE_ONLINEMANDATES_BKU_XPATH;
+	  List onlineMandatesTemplatesList = new ArrayList();
+	  
+	  NodeIterator bkuIter = XPathUtils.selectNodeIterator(contextNode, xpathExpr);
+	      
+	  Element bkuElem;
+	  while ((bkuElem = (Element) bkuIter.nextNode()) != null) {
+		  String bkuUrl = XPathUtils.getAttributeValue(bkuElem, "@URL", null);	    	  
+		  String moaidTemplateUrl = XPathUtils.getAttributeValue(bkuElem, CONF + "MOA-ID-Template/@URL", null);
+		  String mandateTemplateUrl = XPathUtils.getAttributeValue(bkuElem, CONF + "MandateTemplate/@URL", null);
+	    	  
+		  OnlineMandatesTemplates template = new OnlineMandatesTemplates();
+		  template.setBkuURL(bkuUrl);
+		  template.setMoaIdTemplateURL(moaidTemplateUrl);
+		  template.setMandatesTemplateURL(mandateTemplateUrl);
+	    	  
+		  onlineMandatesTemplatesList.add(template);
+		  
+	  }
+	  
+	  if (onlineMandatesTemplatesList.isEmpty())
+		  return defaultTemplatesOnlineMandates;
+	  
+	  OnlineMandatesTemplates[] onlinemandatesTemplates = new OnlineMandatesTemplates[onlineMandatesTemplatesList.size()];
+	  onlineMandatesTemplatesList.toArray(onlinemandatesTemplates);
+	  
+	  return onlinemandatesTemplates;
+	      
+  }
 
   
   /**
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/OnlineMandatesTemplates.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/OnlineMandatesTemplates.java
new file mode 100644
index 000000000..9ff2467a0
--- /dev/null
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/OnlineMandatesTemplates.java
@@ -0,0 +1,54 @@
+package at.gv.egovernment.moa.id.config;
+
+public class OnlineMandatesTemplates {
+
+	private String bkuURL;
+	
+	private String moaIdTemplateURL;
+	
+	private String mandatesTemplateURL;
+
+	/**
+	 * @return the bkuURL
+	 */
+	public String getBkuURL() {
+		return bkuURL;
+	}
+
+	/**
+	 * @param bkuURL the bkuURL to set
+	 */
+	public void setBkuURL(String bkuURL) {
+		this.bkuURL = bkuURL;
+	}
+
+	/**
+	 * @return the moaIdTemplateURL
+	 */
+	public String getMoaIdTemplateURL() {
+		return moaIdTemplateURL;
+	}
+
+	/**
+	 * @param moaIdTemplateURL the moaIdTemplateURL to set
+	 */
+	public void setMoaIdTemplateURL(String moaIdTemplateURL) {
+		this.moaIdTemplateURL = moaIdTemplateURL;
+	}
+
+	/**
+	 * @return the mandatesTemplateURL
+	 */
+	public String getMandatesTemplateURL() {
+		return mandatesTemplateURL;
+	}
+
+	/**
+	 * @param mandatesTemplateURL the mandatesTemplateURL to set
+	 */
+	public void setMandatesTemplateURL(String mandatesTemplateURL) {
+		this.mandatesTemplateURL = mandatesTemplateURL;
+	}
+	
+	
+}
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/auth/OAAuthParameter.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/auth/OAAuthParameter.java
index aa5aa21a3..fbaf32c1c 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/auth/OAAuthParameter.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/auth/OAAuthParameter.java
@@ -16,6 +16,7 @@
 package at.gv.egovernment.moa.id.config.auth;
 
 import at.gv.egovernment.moa.id.config.OAParameter;
+import at.gv.egovernment.moa.id.config.OnlineMandatesTemplates;
 
 /**
  * Configuration parameters belonging to an online application,
@@ -79,6 +80,8 @@ public class OAAuthParameter extends OAParameter {
    * template for web page "Anmeldung mit B&uuml;rgerkarte"
    */
   private String templateURL;
+
+  private OnlineMandatesTemplates[] templateOnlineMandates;
   /**
    * template for web page "Signatur der Anmeldedaten"
    */
@@ -167,7 +170,8 @@ public class OAAuthParameter extends OAParameter {
     return provideCertificate;
   }
   
-   /**
+
+/**
       * Returns the key box identifier.
       * @return String
       */
@@ -193,6 +197,7 @@ public class OAAuthParameter extends OAParameter {
     return templateURL;
   } 
   
+  
   /**
    * Returns the inputProcessorSignTemplateURL url.
    * @return The inputProcessorSignTemplateURL url or <code>null</code> if no url for
@@ -239,6 +244,21 @@ public class OAAuthParameter extends OAParameter {
     this.transformsInfos = transformsInfos;
   }
   /**
+ * @return the templateOnlineMandates
+ */
+public OnlineMandatesTemplates[] getTemplateOnlineMandates() {
+	return templateOnlineMandates;
+}
+
+/**
+ * @param templateOnlineMandates the templateOnlineMandates to set
+ */
+public void setTemplateOnlineMandates(
+		OnlineMandatesTemplates[] templateOnlineMandates) {
+	this.templateOnlineMandates = templateOnlineMandates;
+}
+
+/**
    * Sets the provideAuthBlock.
    * @param provideAuthBlock The provideAuthBlock to set
    */
@@ -295,7 +315,7 @@ public class OAAuthParameter extends OAParameter {
    public void setTemplateURL(String templateURL) {
       this.templateURL = templateURL;
    }
-
+   
   /**
    * Sets the input processor sign form template url.
    *
diff --git a/id/server/idserverlib/src/main/resources/resources/properties/id_messages_de.properties b/id/server/idserverlib/src/main/resources/resources/properties/id_messages_de.properties
index f206f6bbb..b8ee6ac68 100644
--- a/id/server/idserverlib/src/main/resources/resources/properties/id_messages_de.properties
+++ b/id/server/idserverlib/src/main/resources/resources/properties/id_messages_de.properties
@@ -70,6 +70,7 @@ parser.07=Fehler beim Parsen: Assoziatives Array im {0}-InfoboxResponse enth�lt
 builder.00=Fehler beim Aufbau der Struktur "{0}": {1}
 builder.01=Fehlerhaftes Template: Kennung "{0}" fehlt
 builder.02=Fehler beim Ausblenden von Stammzahlen
+builder.03=Fehler beim Aufbau des HTML Codes f�r Vollmachten
 
 service.00=Fehler beim Aufruf des Web Service: {0}
 service.01=Fehler beim Aufruf des Web Service: kein Endpoint
author	kstranacher <kstranacher@d688527b-c9ab-4aba-bd8d-4036d912da1d>	2011-06-21 15:40:44 +0000
committer	kstranacher <kstranacher@d688527b-c9ab-4aba-bd8d-4036d912da1d>	2011-06-21 15:40:44 +0000
commit	9bbe4aa713e2c38dcfba02880c9b2cb63e82a859 (patch)
tree	614d8a454de5a3985c18ef00ce53f689107da14f /id/server/idserverlib
parent	07449c789f2561bb768d111e5b7d2c14e5dec26f (diff)
download	moa-id-spss-9bbe4aa713e2c38dcfba02880c9b2cb63e82a859.tar.gz moa-id-spss-9bbe4aa713e2c38dcfba02880c9b2cb63e82a859.tar.bz2 moa-id-spss-9bbe4aa713e2c38dcfba02880c9b2cb63e82a859.zip