aboutsummaryrefslogtreecommitdiff
diff options
context:
space:
mode:
-rw-r--r--id/server/modules/moa-id-module-ssoTransfer/src/main/java/at/gv/egovernment/moa/id/auth/modules/ssotransfer/servlet/SSOTransferGUIServlet.java2
-rw-r--r--id/server/modules/moa-id-module-ssoTransfer/src/main/java/at/gv/egovernment/moa/id/auth/modules/ssotransfer/servlet/SSOTransferSignalServlet.java15
-rw-r--r--id/server/modules/moa-id-module-ssoTransfer/src/main/java/at/gv/egovernment/moa/id/auth/modules/ssotransfer/task/InitializeRestoreSSOSessionTask.java23
-rw-r--r--id/server/modules/moa-id-module-ssoTransfer/src/main/java/at/gv/egovernment/moa/id/auth/modules/ssotransfer/task/RestoreSSOSessionTask.java24
-rw-r--r--id/server/modules/moa-id-module-ssoTransfer/src/main/java/at/gv/egovernment/moa/id/auth/modules/ssotransfer/utils/GUIUtils.java9
5 files changed, 50 insertions, 23 deletions
diff --git a/id/server/modules/moa-id-module-ssoTransfer/src/main/java/at/gv/egovernment/moa/id/auth/modules/ssotransfer/servlet/SSOTransferGUIServlet.java b/id/server/modules/moa-id-module-ssoTransfer/src/main/java/at/gv/egovernment/moa/id/auth/modules/ssotransfer/servlet/SSOTransferGUIServlet.java
index fae1b6f4d..0bc4a4839 100644
--- a/id/server/modules/moa-id-module-ssoTransfer/src/main/java/at/gv/egovernment/moa/id/auth/modules/ssotransfer/servlet/SSOTransferGUIServlet.java
+++ b/id/server/modules/moa-id-module-ssoTransfer/src/main/java/at/gv/egovernment/moa/id/auth/modules/ssotransfer/servlet/SSOTransferGUIServlet.java
@@ -108,7 +108,7 @@ public class SSOTransferGUIServlet extends AuthServlet {
String token = Random.nextRandom();
AssertionStorage.getInstance().put(token, encodedSSOContainer);
- String containerURL = AuthConfigurationProviderFactory.getInstance().getPublicURLPrefix()
+ String containerURL = authURL
+ SSOTransferConstants.SERVLET_SSOTRANSFER_TO_SMARTPHONE
+ "?"+ SSOTransferConstants.REQ_PARAM_TOKEN + "=" + token;
diff --git a/id/server/modules/moa-id-module-ssoTransfer/src/main/java/at/gv/egovernment/moa/id/auth/modules/ssotransfer/servlet/SSOTransferSignalServlet.java b/id/server/modules/moa-id-module-ssoTransfer/src/main/java/at/gv/egovernment/moa/id/auth/modules/ssotransfer/servlet/SSOTransferSignalServlet.java
index 2f8b8fe2c..b82417ae6 100644
--- a/id/server/modules/moa-id-module-ssoTransfer/src/main/java/at/gv/egovernment/moa/id/auth/modules/ssotransfer/servlet/SSOTransferSignalServlet.java
+++ b/id/server/modules/moa-id-module-ssoTransfer/src/main/java/at/gv/egovernment/moa/id/auth/modules/ssotransfer/servlet/SSOTransferSignalServlet.java
@@ -22,7 +22,12 @@
*/
package at.gv.egovernment.moa.id.auth.modules.ssotransfer.servlet;
+import java.io.IOException;
+
+import javax.servlet.ServletException;
import javax.servlet.annotation.WebServlet;
+import javax.servlet.http.HttpServletRequest;
+import javax.servlet.http.HttpServletResponse;
import at.gv.egovernment.moa.id.auth.servlet.ProcessEngineSignalServlet;
import at.gv.egovernment.moa.logging.Logger;
@@ -42,4 +47,14 @@ public class SSOTransferSignalServlet extends ProcessEngineSignalServlet {
}
+ protected void doGet(HttpServletRequest req, HttpServletResponse resp) throws ServletException, IOException {
+ Logger.debug("Receive http-POST request.");
+ super.doPost(req, resp);
+
+ }
+
+ protected void doPost(HttpServletRequest req, HttpServletResponse resp) throws ServletException, IOException {
+ Logger.debug("Receive http-GET request.");
+ super.doPost(req, resp);
+ }
}
diff --git a/id/server/modules/moa-id-module-ssoTransfer/src/main/java/at/gv/egovernment/moa/id/auth/modules/ssotransfer/task/InitializeRestoreSSOSessionTask.java b/id/server/modules/moa-id-module-ssoTransfer/src/main/java/at/gv/egovernment/moa/id/auth/modules/ssotransfer/task/InitializeRestoreSSOSessionTask.java
index cebf8431b..67566afe5 100644
--- a/id/server/modules/moa-id-module-ssoTransfer/src/main/java/at/gv/egovernment/moa/id/auth/modules/ssotransfer/task/InitializeRestoreSSOSessionTask.java
+++ b/id/server/modules/moa-id-module-ssoTransfer/src/main/java/at/gv/egovernment/moa/id/auth/modules/ssotransfer/task/InitializeRestoreSSOSessionTask.java
@@ -24,35 +24,25 @@ package at.gv.egovernment.moa.id.auth.modules.ssotransfer.task;
import static at.gv.egovernment.moa.id.auth.MOAIDAuthConstants.PARAM_SESSIONID;
-import java.io.ByteArrayOutputStream;
-
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import org.apache.velocity.VelocityContext;
-import net.glxn.qrgen.QRCode;
-import net.glxn.qrgen.image.ImageType;
-
-import com.google.gson.JsonObject;
-
import at.gv.egovernment.moa.id.auth.BaseAuthenticationServer;
-import at.gv.egovernment.moa.id.auth.MOAIDAuthConstants;
import at.gv.egovernment.moa.id.auth.data.AuthenticationSession;
import at.gv.egovernment.moa.id.auth.exception.AuthenticationException;
import at.gv.egovernment.moa.id.auth.exception.WrongParametersException;
import at.gv.egovernment.moa.id.auth.modules.AbstractAuthServletTask;
import at.gv.egovernment.moa.id.auth.modules.TaskExecutionException;
-import at.gv.egovernment.moa.id.auth.modules.ssotransfer.SSOTransferConstants;
import at.gv.egovernment.moa.id.auth.modules.ssotransfer.utils.GUIUtils;
import at.gv.egovernment.moa.id.config.auth.AuthConfigurationProviderFactory;
import at.gv.egovernment.moa.id.moduls.IRequest;
import at.gv.egovernment.moa.id.moduls.RequestStorage;
import at.gv.egovernment.moa.id.process.api.ExecutionContext;
+import at.gv.egovernment.moa.id.util.HTTPUtils;
import at.gv.egovernment.moa.id.util.ParamValidatorUtils;
-import at.gv.egovernment.moa.id.util.Random;
import at.gv.egovernment.moa.logging.Logger;
-import at.gv.egovernment.moa.util.Base64Utils;
/**
* @author tlenz
@@ -69,6 +59,15 @@ public class InitializeRestoreSSOSessionTask extends AbstractAuthServletTask {
throws TaskExecutionException {
try {
+ //create first step of SSO Transfer GUI
+ String authURL = HTTPUtils.extractAuthURLFromRequest(request);
+ if (!AuthConfigurationProviderFactory.getInstance().getPublicURLPrefix().
+ contains(authURL)) {
+ Logger.warn("Requested URL is not allowed.");;
+ response.sendError(500, "Requested URL is not allowed.");
+
+ }
+
String sessionID = (String) executionContext.get(PARAM_SESSIONID);
String pendingRequestID = (String) executionContext.get("pendingRequestID");
@@ -79,7 +78,7 @@ public class InitializeRestoreSSOSessionTask extends AbstractAuthServletTask {
AuthenticationSession moasession = BaseAuthenticationServer.getSession(sessionID);
IRequest pendingReq = RequestStorage.getPendingRequest(pendingRequestID);
- VelocityContext context = GUIUtils.buildSSOTransferGUI(moasession);
+ VelocityContext context = GUIUtils.buildSSOTransferGUI(authURL, moasession);
GUIUtils.printSSOTransferGUI(context, response);
diff --git a/id/server/modules/moa-id-module-ssoTransfer/src/main/java/at/gv/egovernment/moa/id/auth/modules/ssotransfer/task/RestoreSSOSessionTask.java b/id/server/modules/moa-id-module-ssoTransfer/src/main/java/at/gv/egovernment/moa/id/auth/modules/ssotransfer/task/RestoreSSOSessionTask.java
index 270264099..006b27167 100644
--- a/id/server/modules/moa-id-module-ssoTransfer/src/main/java/at/gv/egovernment/moa/id/auth/modules/ssotransfer/task/RestoreSSOSessionTask.java
+++ b/id/server/modules/moa-id-module-ssoTransfer/src/main/java/at/gv/egovernment/moa/id/auth/modules/ssotransfer/task/RestoreSSOSessionTask.java
@@ -49,11 +49,13 @@ import at.gv.egovernment.moa.id.auth.modules.ssotransfer.SSOTransferConstants;
import at.gv.egovernment.moa.id.auth.modules.ssotransfer.utils.GUIUtils;
import at.gv.egovernment.moa.id.auth.modules.ssotransfer.utils.SSOContainerUtils;
import at.gv.egovernment.moa.id.commons.db.ex.MOADatabaseException;
+import at.gv.egovernment.moa.id.config.auth.AuthConfigurationProviderFactory;
import at.gv.egovernment.moa.id.moduls.IRequest;
import at.gv.egovernment.moa.id.moduls.RequestStorage;
import at.gv.egovernment.moa.id.process.api.ExecutionContext;
import at.gv.egovernment.moa.id.protocols.pvp2x.config.PVPConfiguration;
import at.gv.egovernment.moa.id.storage.AuthenticationSessionStoreage;
+import at.gv.egovernment.moa.id.util.HTTPUtils;
import at.gv.egovernment.moa.id.util.ParamValidatorUtils;
import at.gv.egovernment.moa.logging.Logger;
import at.gv.egovernment.moa.util.MiscUtil;
@@ -73,12 +75,13 @@ public class RestoreSSOSessionTask extends AbstractAuthServletTask {
throws TaskExecutionException {
Logger.debug("Receive " + this.getClass().getName() + " request");
-
+
StringBuffer sb = new StringBuffer();
String receivedPostMessage = null;
AuthenticationSession moasession = null;
IRequest pendingReq = null;
- try {
+ String authURL =null;
+ try {
String sessionID = (String) request.getParameter(PARAM_SESSIONID);
String pendingRequestID = (String) executionContext.get("pendingRequestID");
@@ -120,7 +123,7 @@ public class RestoreSSOSessionTask extends AbstractAuthServletTask {
" | validTo:" + validTo +
" | entityIS:" + entityID);
- if (PVPConfiguration.getInstance().getIDPPublicPath().equals(entityID)) {
+ if (PVPConfiguration.getInstance().getIDPPublicPath().contains(entityID)) {
// stored SSO session data is from this IDP - start local session reconstruction
Response ssoInformation = SSOContainerUtils.validateReceivedSSOContainer(sessionBlob);
SSOContainerUtils.parseSSOContainerToMOASessionDataObject(pendingReq, moasession, ssoInformation);
@@ -138,10 +141,12 @@ public class RestoreSSOSessionTask extends AbstractAuthServletTask {
executionContext.put(SSOTransferConstants.FLAG_SSO_SESSION_RESTORED, true);
} else {
- Logger.debug("Received SSO session-data is from IDP: " + entityID
+ Logger.info("Received SSO session-data is from IDP: " + entityID
+ ". Start inderfederation process to restore SSO session ... ");
//change to inderfederated session reconstruction
+ Logger.warn("Device Session Transfer with interfederation is not implemented, yet!!!!");
+
}
} catch (Exception e) {
@@ -173,7 +178,16 @@ public class RestoreSSOSessionTask extends AbstractAuthServletTask {
VelocityContext context;
try {
- context = GUIUtils.buildSSOTransferGUI(moasession);
+ //create first step of SSO Transfer GUI
+ authURL = HTTPUtils.extractAuthURLFromRequest(request);
+ if (!AuthConfigurationProviderFactory.getInstance().getPublicURLPrefix().
+ contains(authURL)) {
+ Logger.warn("Requested URL is not allowed.");;
+ response.sendError(500, "Requested URL is not allowed.");
+
+ }
+
+ context = GUIUtils.buildSSOTransferGUI(authURL, moasession);
GUIUtils.printSSOTransferGUI(context, response);
} catch (IOException | MOAIDException e) {
diff --git a/id/server/modules/moa-id-module-ssoTransfer/src/main/java/at/gv/egovernment/moa/id/auth/modules/ssotransfer/utils/GUIUtils.java b/id/server/modules/moa-id-module-ssoTransfer/src/main/java/at/gv/egovernment/moa/id/auth/modules/ssotransfer/utils/GUIUtils.java
index 1bbaf1dd9..310b8a813 100644
--- a/id/server/modules/moa-id-module-ssoTransfer/src/main/java/at/gv/egovernment/moa/id/auth/modules/ssotransfer/utils/GUIUtils.java
+++ b/id/server/modules/moa-id-module-ssoTransfer/src/main/java/at/gv/egovernment/moa/id/auth/modules/ssotransfer/utils/GUIUtils.java
@@ -34,9 +34,6 @@ import java.net.URI;
import javax.servlet.http.HttpServletResponse;
-import net.glxn.qrgen.QRCode;
-import net.glxn.qrgen.image.ImageType;
-
import org.apache.velocity.VelocityContext;
import org.apache.velocity.app.VelocityEngine;
@@ -51,6 +48,8 @@ import at.gv.egovernment.moa.id.config.auth.AuthConfigurationProviderFactory;
import at.gv.egovernment.moa.id.util.VelocityProvider;
import at.gv.egovernment.moa.logging.Logger;
import at.gv.egovernment.moa.util.Base64Utils;
+import net.glxn.qrgen.QRCode;
+import net.glxn.qrgen.image.ImageType;
/**
* @author tlenz
@@ -62,9 +61,9 @@ public class GUIUtils {
public static final int REFESH_TIMEOUT = 5 * 1000; //5 sec
- public static VelocityContext buildSSOTransferGUI(AuthenticationSession moasession) throws ConfigurationException, IOException {
+ public static VelocityContext buildSSOTransferGUI(String authURL, AuthenticationSession moasession) throws ConfigurationException, IOException {
String token = moasession.getSessionID();
- String containerURL = AuthConfigurationProviderFactory.getInstance().getPublicURLPrefix()
+ String containerURL = authURL
+ SSOTransferConstants.SERVLET_SSOTRANSFER_FROM_SMARTPHONE
+ "?" + MOAIDAuthConstants.PARAM_SESSIONID + "=" + token;