diff options
author | Thomas Lenz <tlenz@iaik.tugraz.at> | 2017-09-20 12:15:20 +0200 |
---|---|---|
committer | Thomas Lenz <tlenz@iaik.tugraz.at> | 2017-09-20 12:15:20 +0200 |
commit | 3c81d3fef06204f2259b6c0377c8a2a00974c614 (patch) | |
tree | af3f4bf763b113e378bde5a9454023e0ca5c0141 /id/server/moa-id-frontend-resources/src/main/java/at/gv/egovernment/moa | |
parent | 22ccfa1baf256635268a3a65ac59d5a415d19356 (diff) | |
download | moa-id-spss-3c81d3fef06204f2259b6c0377c8a2a00974c614.tar.gz moa-id-spss-3c81d3fef06204f2259b6c0377c8a2a00974c614.tar.bz2 moa-id-spss-3c81d3fef06204f2259b6c0377c8a2a00974c614.zip |
make SAML2 http POST-Binding template and mandate-service selection-template configurable for every online application
Diffstat (limited to 'id/server/moa-id-frontend-resources/src/main/java/at/gv/egovernment/moa')
-rw-r--r-- | id/server/moa-id-frontend-resources/src/main/java/at/gv/egovernment/moa/id/auth/frontend/builder/AbstractServiceProviderSpecificGUIFormBuilderConfiguration.java (renamed from id/server/moa-id-frontend-resources/src/main/java/at/gv/egovernment/moa/id/auth/frontend/builder/ServiceProviderSpecificGUIFormBuilderConfiguration.java) | 8 | ||||
-rw-r--r-- | id/server/moa-id-frontend-resources/src/main/java/at/gv/egovernment/moa/id/auth/frontend/builder/GUIFormBuilderImpl.java | 45 | ||||
-rw-r--r-- | id/server/moa-id-frontend-resources/src/main/java/at/gv/egovernment/moa/id/auth/frontend/builder/IGUIFormBuilder.java | 1 | ||||
-rw-r--r-- | id/server/moa-id-frontend-resources/src/main/java/at/gv/egovernment/moa/id/auth/frontend/builder/SPSpecificGUIBuilderConfigurationWithDBLoad.java | 82 | ||||
-rw-r--r-- | id/server/moa-id-frontend-resources/src/main/java/at/gv/egovernment/moa/id/auth/frontend/builder/SPSpecificGUIBuilderConfigurationWithFileSystemLoad.java | 110 |
5 files changed, 230 insertions, 16 deletions
diff --git a/id/server/moa-id-frontend-resources/src/main/java/at/gv/egovernment/moa/id/auth/frontend/builder/ServiceProviderSpecificGUIFormBuilderConfiguration.java b/id/server/moa-id-frontend-resources/src/main/java/at/gv/egovernment/moa/id/auth/frontend/builder/AbstractServiceProviderSpecificGUIFormBuilderConfiguration.java index 8244d630d..4bb4b0e27 100644 --- a/id/server/moa-id-frontend-resources/src/main/java/at/gv/egovernment/moa/id/auth/frontend/builder/ServiceProviderSpecificGUIFormBuilderConfiguration.java +++ b/id/server/moa-id-frontend-resources/src/main/java/at/gv/egovernment/moa/id/auth/frontend/builder/AbstractServiceProviderSpecificGUIFormBuilderConfiguration.java @@ -39,7 +39,7 @@ import at.gv.egovernment.moa.util.MiscUtil; * @author tlenz * */ -public class ServiceProviderSpecificGUIFormBuilderConfiguration extends AbstractGUIFormBuilderConfiguration { +public abstract class AbstractServiceProviderSpecificGUIFormBuilderConfiguration extends AbstractGUIFormBuilderConfiguration { public static final String VIEW_BKUSELECTION = "loginFormFull.html"; public static final String VIEW_SENDASSERTION = "sendAssertionFormFull.html"; @@ -53,7 +53,7 @@ public class ServiceProviderSpecificGUIFormBuilderConfiguration extends Abstract public static final String PARAM_OANAME = "OAName"; public static final String PARAM_COUNTRYLIST = "countryList"; - private IRequest pendingReq = null; + protected IRequest pendingReq = null; /** * @param authURL PublicURLPrefix of the IDP but never null @@ -61,7 +61,7 @@ public class ServiceProviderSpecificGUIFormBuilderConfiguration extends Abstract * @param formSubmitEndpoint EndPoint on which the form should be submitted, * or null if the form must not submitted */ - public ServiceProviderSpecificGUIFormBuilderConfiguration(String authURL, String viewName, + public AbstractServiceProviderSpecificGUIFormBuilderConfiguration(String authURL, String viewName, String formSubmitEndpoint) { super(authURL, viewName, formSubmitEndpoint); @@ -73,7 +73,7 @@ public class ServiceProviderSpecificGUIFormBuilderConfiguration extends Abstract * @param formSubmitEndpoint EndPoint on which the form should be submitted, * or null if the form must not submitted */ - public ServiceProviderSpecificGUIFormBuilderConfiguration(IRequest pendingReq, String viewName, + public AbstractServiceProviderSpecificGUIFormBuilderConfiguration(IRequest pendingReq, String viewName, String formSubmitEndpoint) { super(pendingReq.getAuthURL(), viewName, formSubmitEndpoint); this.pendingReq = pendingReq; diff --git a/id/server/moa-id-frontend-resources/src/main/java/at/gv/egovernment/moa/id/auth/frontend/builder/GUIFormBuilderImpl.java b/id/server/moa-id-frontend-resources/src/main/java/at/gv/egovernment/moa/id/auth/frontend/builder/GUIFormBuilderImpl.java index e8cd60afb..285c90163 100644 --- a/id/server/moa-id-frontend-resources/src/main/java/at/gv/egovernment/moa/id/auth/frontend/builder/GUIFormBuilderImpl.java +++ b/id/server/moa-id-frontend-resources/src/main/java/at/gv/egovernment/moa/id/auth/frontend/builder/GUIFormBuilderImpl.java @@ -78,24 +78,16 @@ public class GUIFormBuilderImpl implements IGUIFormBuilder { build(httpResp, config, getInternalContentType(config), loggerName); } - - + @Override public void build(HttpServletResponse httpResp, IGUIBuilderConfiguration config, String contentType, String loggerName) throws GUIBuildException { InputStream is = null; try { - String viewName = config.getViewName(); + String viewName = config.getViewName(); + is = getTemplateInputStream(config); - //load Tempate - is = getInternalTemplate(config); - if (is == null) { - Logger.warn("No GUI with viewName:" + viewName + " FOUND."); - throw new GUIBuildException("No GUI with viewName:" + viewName + " FOUND."); - - } - //build Velocity Context from input paramters VelocityContext context = buildContextFromViewParams(config.getViewParameters()); @@ -137,6 +129,35 @@ public class GUIFormBuilderImpl implements IGUIFormBuilder { } + /** + * Generate a new {@link VelocityContext} and populate it with MOA-ID GUI parameters + * + * @param config + * @return + */ + public VelocityContext generateVelocityContextFromConfiguration(IGUIBuilderConfiguration config) { + return buildContextFromViewParams(config.getViewParameters()); + + } + + /** + * Load the template from different resources + * + * @param config + * @return An {@link InputStream} but never null. The {@link InputStream} had to be closed be the invoking method + * @throws GUIBuildException + */ + public InputStream getTemplateInputStream(IGUIBuilderConfiguration config) throws GUIBuildException { + InputStream is = getInternalTemplate(config); + if (is == null) { + Logger.warn("No GUI with viewName:" + config.getViewName() + " FOUND."); + throw new GUIBuildException("No GUI with viewName:" + config.getViewName() + " FOUND."); + + } + return is; + + } + private String getInternalContentType(IGUIBuilderConfiguration config) { if (MiscUtil.isEmpty(config.getDefaultContentType())) return DEFAULT_CONTENT_TYPE; @@ -167,7 +188,7 @@ public class GUIFormBuilderImpl implements IGUIFormBuilder { } catch (Exception e) { //load template from classpath as backup - Logger.info("GUI template:" + viewName + " is not found in configuration directory. " + Logger.debug("GUI template:" + viewName + " is not found in configuration directory. " + " Load template from project library ... "); try { pathLocation = getInternalClasspathTemplateDir(config) + viewName; diff --git a/id/server/moa-id-frontend-resources/src/main/java/at/gv/egovernment/moa/id/auth/frontend/builder/IGUIFormBuilder.java b/id/server/moa-id-frontend-resources/src/main/java/at/gv/egovernment/moa/id/auth/frontend/builder/IGUIFormBuilder.java index 198220e97..8e8a63094 100644 --- a/id/server/moa-id-frontend-resources/src/main/java/at/gv/egovernment/moa/id/auth/frontend/builder/IGUIFormBuilder.java +++ b/id/server/moa-id-frontend-resources/src/main/java/at/gv/egovernment/moa/id/auth/frontend/builder/IGUIFormBuilder.java @@ -64,4 +64,5 @@ public interface IGUIFormBuilder { */ void build(HttpServletResponse httpResp, IGUIBuilderConfiguration config, String contentType, String loggerName) throws GUIBuildException; + } diff --git a/id/server/moa-id-frontend-resources/src/main/java/at/gv/egovernment/moa/id/auth/frontend/builder/SPSpecificGUIBuilderConfigurationWithDBLoad.java b/id/server/moa-id-frontend-resources/src/main/java/at/gv/egovernment/moa/id/auth/frontend/builder/SPSpecificGUIBuilderConfigurationWithDBLoad.java new file mode 100644 index 000000000..13d8d3bb7 --- /dev/null +++ b/id/server/moa-id-frontend-resources/src/main/java/at/gv/egovernment/moa/id/auth/frontend/builder/SPSpecificGUIBuilderConfigurationWithDBLoad.java @@ -0,0 +1,82 @@ +/* + * Copyright 2014 Federal Chancellery Austria + * MOA-ID has been developed in a cooperation between BRZ, the Federal + * Chancellery Austria - ICT staff unit, and Graz University of Technology. + * + * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by + * the European Commission - subsequent versions of the EUPL (the "Licence"); + * You may not use this work except in compliance with the Licence. + * You may obtain a copy of the Licence at: + * http://www.osor.eu/eupl/ + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the Licence is distributed on an "AS IS" basis, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the Licence for the specific language governing permissions and + * limitations under the Licence. + * + * This product combines work with different licenses. See the "NOTICE" text + * file for details on the various modules and licenses. + * The "NOTICE" text file is part of the distribution. Any derivative works + * that you distribute must include a readable copy of the "NOTICE" text file. + */ +package at.gv.egovernment.moa.id.auth.frontend.builder; + +import java.io.ByteArrayInputStream; +import java.io.InputStream; + +import at.gv.egovernment.moa.id.commons.api.IRequest; + +/** + * @author tlenz + * + */ +public class SPSpecificGUIBuilderConfigurationWithDBLoad extends AbstractServiceProviderSpecificGUIFormBuilderConfiguration { + + /** + * @param authURL PublicURLPrefix of the IDP but never null + * @param viewName Name of the template (with suffix) but never null + * @param formSubmitEndpoint EndPoint on which the form should be submitted, + * or null if the form must not submitted + */ + public SPSpecificGUIBuilderConfigurationWithDBLoad(String authURL, String viewName, + String formSubmitEndpoint) { + super(authURL, viewName, formSubmitEndpoint); + + } + + /** + * @param Current processed pending-request DAO but never null + * @param viewName Name of the template (with suffix) but never null + * @param formSubmitEndpoint EndPoint on which the form should be submitted, + * or null if the form must not submitted + */ + public SPSpecificGUIBuilderConfigurationWithDBLoad(IRequest pendingReq, String viewName, + String formSubmitEndpoint) { + super(pendingReq, viewName, formSubmitEndpoint); + + } + + /* (non-Javadoc) + * @see at.gv.egovernment.moa.id.auth.frontend.AbstractGUIFormBuilder#getTemplate(java.lang.String) + */ + @Override + public InputStream getTemplate(String viewName) { + if (pendingReq != null && pendingReq.getOnlineApplicationConfiguration() != null) { + + byte[] oatemplate = null; + if (VIEW_BKUSELECTION.equals(viewName)) + oatemplate = pendingReq.getOnlineApplicationConfiguration().getBKUSelectionTemplate(); + + else if (VIEW_SENDASSERTION.equals(viewName)) + oatemplate = pendingReq.getOnlineApplicationConfiguration().getSendAssertionTemplate(); + + // OA specific template requires a size of 8 bits minimum + if (oatemplate != null && oatemplate.length > 7) + return new ByteArrayInputStream(oatemplate); + } + + return null; + } + +} diff --git a/id/server/moa-id-frontend-resources/src/main/java/at/gv/egovernment/moa/id/auth/frontend/builder/SPSpecificGUIBuilderConfigurationWithFileSystemLoad.java b/id/server/moa-id-frontend-resources/src/main/java/at/gv/egovernment/moa/id/auth/frontend/builder/SPSpecificGUIBuilderConfigurationWithFileSystemLoad.java new file mode 100644 index 000000000..8bb6bc4e3 --- /dev/null +++ b/id/server/moa-id-frontend-resources/src/main/java/at/gv/egovernment/moa/id/auth/frontend/builder/SPSpecificGUIBuilderConfigurationWithFileSystemLoad.java @@ -0,0 +1,110 @@ +/* + * Copyright 2014 Federal Chancellery Austria + * MOA-ID has been developed in a cooperation between BRZ, the Federal + * Chancellery Austria - ICT staff unit, and Graz University of Technology. + * + * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by + * the European Commission - subsequent versions of the EUPL (the "Licence"); + * You may not use this work except in compliance with the Licence. + * You may obtain a copy of the Licence at: + * http://www.osor.eu/eupl/ + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the Licence is distributed on an "AS IS" basis, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the Licence for the specific language governing permissions and + * limitations under the Licence. + * + * This product combines work with different licenses. See the "NOTICE" text + * file for details on the various modules and licenses. + * The "NOTICE" text file is part of the distribution. Any derivative works + * that you distribute must include a readable copy of the "NOTICE" text file. + */ +package at.gv.egovernment.moa.id.auth.frontend.builder; + +import java.io.File; +import java.io.FileInputStream; +import java.io.FileNotFoundException; +import java.io.InputStream; +import java.net.MalformedURLException; +import java.net.URI; +import java.net.URISyntaxException; +import java.net.URL; + +import at.gv.egovernment.moa.id.commons.api.IRequest; +import at.gv.egovernment.moa.logging.Logger; +import at.gv.egovernment.moa.util.FileUtils; +import at.gv.egovernment.moa.util.MiscUtil; + +/** + * @author tlenz + * + */ +public class SPSpecificGUIBuilderConfigurationWithFileSystemLoad extends AbstractServiceProviderSpecificGUIFormBuilderConfiguration { + + private String configKeyIdentifier = null; + private String configRootContextDir = null; + + /** + * @param authURL PublicURLPrefix of the IDP but never null + * @param viewName Name of the template (with suffix) but never null + * @param configKeyIdentifier Identifier of the configuration key in OA configuration that holds the filesystem URI to template + * @param formSubmitEndpoint EndPoint on which the form should be submitted + * @param configRootContextDir Path to MOA-ID-Auth configuration root directory + * or null if the form must not submitted + */ + public SPSpecificGUIBuilderConfigurationWithFileSystemLoad(String authURL, String viewName, + String configKeyIdentifier, String formSubmitEndpoint, String configRootContextDir) { + super(authURL, viewName, formSubmitEndpoint); + this.configKeyIdentifier = configKeyIdentifier; + this.configRootContextDir = configRootContextDir; + + } + + /** + * @param Current processed pending-request DAO but never null + * @param viewName Name of the template (with suffix) but never null + * @param configKeyIdentifier Identifier of the configuration key in OA configuration that holds the filesystem URI to template + * @param formSubmitEndpoint EndPoint on which the form should be submitted + * @param configRootContextDir Path to MOA-ID-Auth configuration root directory + */ + public SPSpecificGUIBuilderConfigurationWithFileSystemLoad(IRequest pendingReq, String viewName, + String configKeyIdentifier, String formSubmitEndpoint, String configRootContextDir) { + super(pendingReq, viewName, formSubmitEndpoint); + this.configKeyIdentifier = configKeyIdentifier; + this.configRootContextDir = configRootContextDir; + + } + + /* (non-Javadoc) + * @see at.gv.egovernment.moa.id.auth.frontend.AbstractGUIFormBuilder#getTemplate(java.lang.String) + */ + @Override + public InputStream getTemplate(String viewName) { + if (pendingReq != null && pendingReq.getOnlineApplicationConfiguration() != null && + configKeyIdentifier != null) { + try { + String templateURL = pendingReq.getOnlineApplicationConfiguration().getConfigurationValue(configKeyIdentifier); + if (MiscUtil.isNotEmpty(templateURL)) { + String absURL = FileUtils.makeAbsoluteURL(templateURL, configRootContextDir); + if (!absURL.startsWith("file:")) { + Logger.warn("GUI template are only loadable from filesystem! " + + "(templateURL: " + absURL + ")"); + return null; + } + + Logger.debug("Load template URL for view: " + viewName + " from: " + absURL); + URI uri = new URL(absURL).toURI(); + return new FileInputStream(new File(uri)); + + } + } catch (FileNotFoundException | URISyntaxException | MalformedURLException e) { + Logger.warn("Template for view: " + viewName + " is NOT loadable! -> Switch to default template", e); + + } + } + + return null; + } + +} |