diff options
author | Thomas Lenz <tlenz@iaik.tugraz.at> | 2014-05-05 08:01:02 +0200 |
---|---|---|
committer | Thomas Lenz <tlenz@iaik.tugraz.at> | 2014-05-05 08:01:02 +0200 |
commit | 79bcdeaa7bec0a6de4e40a7c2f1e9f81be7612aa (patch) | |
tree | eb7e8eafca61e241702841ef51905d77263cfbdd /id/server/moa-id-commons/src/main/java/at/gv/egovernment | |
parent | 9fe8db82075de8780feec90f94063e708e521391 (diff) | |
download | moa-id-spss-79bcdeaa7bec0a6de4e40a7c2f1e9f81be7612aa.tar.gz moa-id-spss-79bcdeaa7bec0a6de4e40a7c2f1e9f81be7612aa.tar.bz2 moa-id-spss-79bcdeaa7bec0a6de4e40a7c2f1e9f81be7612aa.zip |
move validator classes to moa-id-commons
Diffstat (limited to 'id/server/moa-id-commons/src/main/java/at/gv/egovernment')
2 files changed, 491 insertions, 0 deletions
diff --git a/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/id/commons/validation/TargetValidator.java b/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/id/commons/validation/TargetValidator.java new file mode 100644 index 000000000..2ad50568a --- /dev/null +++ b/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/id/commons/validation/TargetValidator.java @@ -0,0 +1,104 @@ +/******************************************************************************* + * Copyright 2014 Federal Chancellery Austria + * MOA-ID has been developed in a cooperation between BRZ, the Federal + * Chancellery Austria - ICT staff unit, and Graz University of Technology. + * + * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by + * the European Commission - subsequent versions of the EUPL (the "Licence"); + * You may not use this work except in compliance with the Licence. + * You may obtain a copy of the Licence at: + * http://www.osor.eu/eupl/ + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the Licence is distributed on an "AS IS" basis, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the Licence for the specific language governing permissions and + * limitations under the Licence. + * + * This product combines work with different licenses. See the "NOTICE" text + * file for details on the various modules and licenses. + * The "NOTICE" text file is part of the distribution. Any derivative works + * that you distribute must include a readable copy of the "NOTICE" text file. + *******************************************************************************/ +package at.gv.egovernment.moa.id.commons.validation; + +import java.util.ArrayList; +import java.util.Collections; +import java.util.HashMap; +import java.util.List; +import java.util.Map; + +import at.gv.egovernment.moa.util.MiscUtil; + + +public class TargetValidator { + + private static Map<String, String> targetList = null; + + static { + targetList = new HashMap<String, String>(); + targetList.put("AR", "Arbeit"); + targetList.put("AS", "Amtliche Statistik"); + targetList.put("BF", "Bildung und Forschung"); + targetList.put("BW", "Bauen und Wohnen"); + targetList.put("EA", "EU und Auswärtige Angelegenheiten"); + targetList.put("EF", "Ein- und Ausfuhr"); + targetList.put("GH", "Gesundheit"); + targetList.put("GS", "Gesellschaft und Soziales"); +// targetList.put("GS-RE", "Restitution"); + targetList.put("JR", "Justiz/Zivilrechtswesen"); + targetList.put("KL", "Kultus"); + targetList.put("KU", "Kunst und Kultur"); + targetList.put("LF", "Land- und Forstwirtschaft"); + targetList.put("LV", "Landesverteidigung"); + targetList.put("RT", "Rundfunk und sonstige Medien sowie Telekommunikation"); + targetList.put("SA", "Steuern und Abgaben"); + targetList.put("SA", "Sport und Freizeit"); + targetList.put("SO", "Sicherheit und Ordnung"); +// targetList.put("SO-VR", "Vereinsregister"); +// targetList.put("SR-RG", "Strafregister"); + targetList.put("SV", "Sozialversicherung"); + targetList.put("UW", "Umwelt"); + targetList.put("VT", "Verkehr und Technik"); + targetList.put("VV", "Vermögensverwaltung"); + targetList.put("WT", "Wirtschaft"); + targetList.put("ZP", "Personenidentität und Bürgerrechte(zur Person)"); + targetList.put("BR", "Bereichsübergreifender Rechtsschutz"); + targetList.put("HR", "Zentrales Rechnungswesen"); + targetList.put("KI", "Auftraggeberinterne allgemeine Kanzleiindizes"); + targetList.put("OI", "Öffentlichkeitsarbeit"); + targetList.put("PV", "Personalverwaltung"); + targetList.put("RD", "Zentraler Rechtsdienst"); + targetList.put("VS", "Zentrale Durchführung von Verwaltungsstrafverfahren"); +// targetList.put("VS-RG", "Zentrales Verwaltungsstrafregister"); + targetList.put("ZU", "Zustellungen"); + } + + public static List<String> getListOfTargets() { + Map<String, String> list = new HashMap<String, String>(); + list.put("", ""); + list.putAll(targetList); + + List<String> sortedList = new ArrayList<String>(); + sortedList.addAll(list.keySet()); + Collections.sort(sortedList); + + return sortedList; + + } + + public static String getTargetFriendlyName(String target) { + String name = targetList.get(target); + + if (MiscUtil.isNotEmpty(name)) + return name; + else + return null; + } + + public static boolean isValidTarget(String target) { + return targetList.containsKey(target); + } + + +} diff --git a/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/id/commons/validation/ValidationHelper.java b/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/id/commons/validation/ValidationHelper.java new file mode 100644 index 000000000..be6d7d01e --- /dev/null +++ b/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/id/commons/validation/ValidationHelper.java @@ -0,0 +1,387 @@ +/******************************************************************************* + * Copyright 2014 Federal Chancellery Austria + * MOA-ID has been developed in a cooperation between BRZ, the Federal + * Chancellery Austria - ICT staff unit, and Graz University of Technology. + * + * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by + * the European Commission - subsequent versions of the EUPL (the "Licence"); + * You may not use this work except in compliance with the Licence. + * You may obtain a copy of the Licence at: + * http://www.osor.eu/eupl/ + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the Licence is distributed on an "AS IS" basis, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the Licence for the specific language governing permissions and + * limitations under the Licence. + * + * This product combines work with different licenses. See the "NOTICE" text + * file for details on the various modules and licenses. + * The "NOTICE" text file is part of the distribution. Any derivative works + * that you distribute must include a readable copy of the "NOTICE" text file. + *******************************************************************************/ +package at.gv.egovernment.moa.id.commons.validation; + +import iaik.asn1.ObjectID; +import iaik.utils.Util; +import iaik.x509.X509Certificate; +import iaik.x509.X509ExtensionInitException; + +import java.io.IOException; +import java.net.MalformedURLException; +import java.net.URL; +import java.net.UnknownHostException; +import java.security.cert.Certificate; +import java.security.cert.CertificateEncodingException; +import java.security.cert.CertificateException; +import java.text.ParseException; +import java.text.SimpleDateFormat; +import java.util.regex.Matcher; +import java.util.regex.Pattern; + +import javax.net.ssl.HttpsURLConnection; +import javax.net.ssl.SSLSession; +import javax.net.ssl.SSLSocket; +import javax.net.ssl.SSLSocketFactory; + +import org.apache.log4j.Logger; + + +public class ValidationHelper { + + public static final String PUBLICSERVICE_URL_POSTFIX = ".gv.at"; + + private static final Logger log = Logger.getLogger(ValidationHelper.class); + private static final String TEMPLATE_DATEFORMAT = "dd.MM.yyyy"; + + + + public static boolean isPublicServiceAllowed(String identifier) { + + SSLSocket socket = null; + + try { + URL url = new URL(identifier); + String host = url.getHost(); + + if (host.endsWith("/")) + host = host.substring(0, host.length()-1); + + if (url.getHost().endsWith(PUBLICSERVICE_URL_POSTFIX)) { + log.debug("PublicURLPrefix with .gv.at Domain found."); + return true; + + } else { + SSLSocketFactory factory = HttpsURLConnection.getDefaultSSLSocketFactory(); + socket = (SSLSocket) factory.createSocket(url.getHost(), url.getPort()); + socket.startHandshake(); + + SSLSession session = socket.getSession(); + Certificate[] servercerts = session.getPeerCertificates(); + X509Certificate[] iaikChain = new X509Certificate[servercerts.length]; + for (int i=0; i<servercerts.length; i++) { + iaikChain[i] = new X509Certificate(servercerts[i].getEncoded()); + } + + + X509Certificate cert = Util.arrangeCertificateChain(iaikChain, false)[0]; + + if (cert != null) { + ObjectID vwOID = new ObjectID("1.2.40.0.10.1.1.1"); // Verwaltungseigenschaft + ObjectID dOID = new ObjectID("1.2.40.0.10.1.1.2"); // Dienstleistereigenschaft + + + if ((cert.getExtension(vwOID) == null) && (cert.getExtension(dOID) == null)) { + return false; + + } else { + log.info("Found correct X509 Extension in server certificate. PublicService is allowed"); + return true; + } + } + + return false; + } + + } catch (MalformedURLException e) { + log.warn("PublicURLPrefix can not parsed to URL", e); + return false; + + } catch (UnknownHostException e) { + log.warn("Can not connect to PublicURLPrefix Server", e); + return false; + + } catch (IOException e) { + log.warn("Can not connect to PublicURLPrefix Server", e); + return false; + + } catch (CertificateEncodingException e) { + log.warn("Can not parse X509 server certificate", e); + return false; + + } catch (CertificateException e) { + log.warn("Can not read X509 server certificate", e); + return false; + + } catch (X509ExtensionInitException e) { + log.warn("Can not read X509 server certificate extension", e); + return false; + } + + finally { + if (socket != null) + try { + socket.close(); + } catch (IOException e) { + log.warn("SSL Socket can not be closed.", e); + } + } + } + + public static boolean validateOAID(String oaIDObj) { + if (oaIDObj != null) { + try { + + long oaID = Long.valueOf(oaIDObj); + + if (oaID > 0 && oaID < Long.MAX_VALUE) + return true; + + } catch (Throwable t) { + log.warn("No valid DataBase OAID received! " + oaIDObj); + } + } + return false; + } + + public static boolean validateNumber(String value) { + + log.debug("Validate Number " + value); + + try { + Float.valueOf(value); + + return true; + + } catch (NumberFormatException e) { + return false; + } + + + } + + public static boolean validatePhoneNumber(String value) { + log.debug ("Validate PhoneNumber " + value); + + /* ************************************************************************************************ + * Legende: + * ======== AA = post/pre-Text + * BB = (+49) + * CC = Vorwahl + * DD = Durchwahl + * EE = Nebenstelle + * Pattern p = Pattern.compile("^ [a-zA-Z .,;:/\\-]* [ ]* [(]{0,1}[ ]*[+]{0,1}[ ]*[0-9]{0,2}[ ]*[)]{0,1} [ ]* [0-9]*[ ]* [0-9][ ]* [0-9]* [ ]* [a-zA-Z .,;:\\/-]* $"); + * ------- AA ------- --------------------- BB --------------------- --------- CC -------- - DD - - EE - ------- AA ------- + * ************************************************************************************************ */ + Pattern pattern = Pattern.compile("^[a-zA-Z .,;:/\\-]*[ ]*[(]{0,1}[ ]*[+]{0,1}[ ]*[0-9]{0,2}[ ]*[)]{0,1}[ ]*[0-9]*[ ]*[0-9]*[ ]*[0-9]*[ ]*[a-zA-Z .,;:\\/-]*$"); + Matcher matcher = pattern.matcher(value); + boolean b = matcher.matches(); + if (b) { + log.debug("Parameter PhoneNumber erfolgreich ueberprueft"); + return true; + } + else { + log.error("Fehler Ueberpruefung Parameter PhoneNumber. PhoneNumber entspricht nicht den Kriterien ^ [a-zA-Z .,;:/\\-]* [ ]* [(]{0,1}[ ]*[+]{0,1}[ ]*[0-9]{0,2}[ ]*[)]{0,1} [ ]* [0-9]*[ ]*[/\\-]{0,1} [ ]*[ ]* [0-9]* [ ]* [a-zA-Z .,;:\\/-]* $"); + return false; + } + + + } + + public static boolean validateURL(String urlString) { + + log.debug("Validate URL " + urlString); + + if (urlString.startsWith("http") || urlString.startsWith("https")) { + try { + new URL(urlString); + return true; + + } catch (MalformedURLException e) { + } + } + + return false; + } + +// public static boolean validateGeneralURL(String urlString) { +// +// log.debug("Validate URL " + urlString); +// +// try { +// new URL(urlString); +// return true; +// +// } catch (MalformedURLException e) { +// +// } +// +// return false; +// } + + public static boolean isValidAdminTarget(String target) { + + log.debug("Ueberpruefe Parameter Target"); + + Pattern pattern = Pattern.compile("[a-zA-Z-]{1,5}"); + Matcher matcher = pattern.matcher(target); + boolean b = matcher.matches(); + if (b) { + log.debug("Parameter SSO-Target erfolgreich ueberprueft. SSO Target is PublicService."); + return true; + } + else { + log.info("Parameter SSO-Target entspricht nicht den Kriterien " + + "(nur Zeichen a-z, A-Z und -, sowie 1-5 Zeichen lang) fuer den oeffentlichen Bereich. " + + "Valiere SSO-Target fuer privatwirtschaftliche Bereiche."); + return false; + } + } + + public static boolean isValidTarget(String target) { + + log.debug("Ueberpruefe Parameter Target"); + + if (TargetValidator.isValidTarget(target)) { + log.debug("Parameter Target erfolgreich ueberprueft"); + return true; + } + else { + log.error("Fehler Ueberpruefung Parameter Target. Target entspricht nicht den Kriterien (nur Zeichen a-z, A-Z und -, sowie 1-5 Zeichen lang)"); + return false; + } + + } + + public static boolean isValidSourceID(String sourceID) { + + log.debug("Ueberpruefe Parameter sourceID"); + + Pattern pattern = Pattern.compile("[\\w-_]{1,20}"); + Matcher matcher = pattern.matcher(sourceID); + boolean b = matcher.matches(); + if (b) { + log.debug("Parameter sourceID erfolgreich ueberprueft"); + return true; + } + else { + log.error("Fehler Ueberpruefung Parameter sourceID. SourceID entspricht nicht den Kriterien (nur Zeichen a-z, A-Z, - und _, sowie 1-20 Zeichen lang)"); + return false; + } + } + + public static boolean isDateFormat(String dateString) { + if (dateString.length() > TEMPLATE_DATEFORMAT.length()) + return false; + + SimpleDateFormat sdf = new SimpleDateFormat(TEMPLATE_DATEFORMAT); + try { + sdf.parse(dateString); + return true; + + } catch (ParseException e) { + return false; + } + } + + public static boolean isEmailAddressFormat(String address) { + if (address == null) { + return false; + } + return Pattern.compile("^[a-zA-Z0-9._%+-]+@[a-zA-Z0-9.-]+\\.[a-zA-Z]{2,6}$").matcher(address).matches(); + } + + public static boolean isValidOAIdentifier(String param) { + if (param == null) { + return false; + } + return param.indexOf(";") != -1 || + param.indexOf("%") != -1 || + param.indexOf("\"") != -1 || + param.indexOf("'") != -1 || + param.indexOf("?") != -1 || + param.indexOf("`") != -1 || + param.indexOf(",") != -1 || + param.indexOf("<") != -1 || + param.indexOf(">") != -1 || + param.indexOf("\\") != -1; + + } + + public static String getNotValidOAIdentifierCharacters() { + + return "; % \" ' ` , < > \\"; + } + + public static boolean containsPotentialCSSCharacter(String param, boolean commaallowed) { + + if (param == null) { + return false; + } + return param.indexOf(";") != -1 || + param.indexOf("%") != -1 || + param.indexOf("\"") != -1 || + param.indexOf("'") != -1 || + param.indexOf("?") != -1 || + param.indexOf("`") != -1 || + ( param.indexOf(",") != -1 && !commaallowed ) || + param.indexOf("<") != -1 || + param.indexOf(">") != -1 || + param.indexOf("\\") != -1 || + param.indexOf("/") != -1; + } + + public static String getPotentialCSSCharacter(boolean commaallowed) { + + if (commaallowed) + return "; % \" ' ` < > \\ /"; + else + return "; % \" ' ` , < > \\ /"; + } + + public static boolean isNotValidIdentityLinkSigner(String param) { + if (param == null) { + return false; + } + return param.indexOf(";") != -1 || + param.indexOf("%") != -1 || + param.indexOf("\"") != -1 || + param.indexOf("'") != -1 || + param.indexOf("?") != -1 || + param.indexOf("`") != -1 || + param.indexOf("<") != -1 || + param.indexOf(">") != -1; + + } + + public static String getNotValidIdentityLinkSignerCharacters() { + + return "; % \" ' ` < >"; + } + + public static boolean isValidHexValue(String param) { + + try { + if (param.startsWith("#") && param.length() <= 7) { + Long.decode(param); + return true; + } + + } catch (Exception e) { + + } + return false; + + } + +} |