diff options
Diffstat (limited to 'id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/data/oa/OAOAuth20Config.java')
-rw-r--r-- | id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/data/oa/OAOAuth20Config.java | 72 |
1 files changed, 66 insertions, 6 deletions
diff --git a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/data/oa/OAOAuth20Config.java b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/data/oa/OAOAuth20Config.java index 3617c192e..b95090a55 100644 --- a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/data/oa/OAOAuth20Config.java +++ b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/data/oa/OAOAuth20Config.java @@ -27,6 +27,7 @@ import java.util.List; import java.util.UUID; import javax.servlet.http.HttpServletRequest; +import javax.servlet.http.HttpSession; import org.apache.commons.lang.StringUtils; import org.apache.log4j.Logger; @@ -34,10 +35,13 @@ import org.apache.log4j.Logger; import at.gv.egovernment.moa.id.commons.db.dao.config.AuthComponentOA; import at.gv.egovernment.moa.id.commons.db.dao.config.OAOAUTH20; import at.gv.egovernment.moa.id.commons.db.dao.config.OnlineApplication; +import at.gv.egovernment.moa.id.configuration.Constants; +import at.gv.egovernment.moa.id.configuration.auth.AuthenticatedUser; import at.gv.egovernment.moa.id.configuration.helper.LanguageHelper; +import at.gv.egovernment.moa.id.configuration.validation.oa.OAOAUTH20ConfigValidation; import at.gv.egovernment.moa.id.protocols.oauth20.OAuth20Util; -public class OAOAuth20Config { +public class OAOAuth20Config implements IOnlineApplicationData{ private final Logger log = Logger.getLogger(OAOAuth20Config.class); @@ -45,12 +49,24 @@ public class OAOAuth20Config { private String clientSecret = null; private String redirectUri = null; - public OAOAuth20Config() { + public OAOAuth20Config() { + this.generateClientSecret(); + } - public List<String> parse(OnlineApplication dbOAConfig, HttpServletRequest request) { + /* (non-Javadoc) + * @see at.gv.egovernment.moa.id.configuration.data.oa.IOnlineApplicationData#getName() + */ + @Override + public String getName() { + return "OAOpenIDConnect"; + } + + public List<String> parse(OnlineApplication dbOAConfig, AuthenticatedUser authUser, HttpServletRequest request) { List<String> errors = new ArrayList<String>(); + HttpSession session = request.getSession(); + AuthComponentOA authdata = dbOAConfig.getAuthComponentOA(); if (authdata != null) { // set client id to public url prefix @@ -77,7 +93,52 @@ public class OAOAuth20Config { } } - return errors; + session.setAttribute(Constants.SESSION_OAUTH20SECRET, this.getClientSecret()); + + return null; + } + + + /* (non-Javadoc) + * @see at.gv.egovernment.moa.id.configuration.data.oa.IOnlineApplicationData#validate(at.gv.egovernment.moa.id.configuration.data.oa.OAGeneralConfig, at.gv.egovernment.moa.id.configuration.auth.AuthenticatedUser, javax.servlet.http.HttpServletRequest) + */ + @Override + public List<String> validate(OAGeneralConfig general, + AuthenticatedUser authUser, HttpServletRequest request) { + return new OAOAUTH20ConfigValidation().validate(this, request); + + } + + /* (non-Javadoc) + * @see at.gv.egovernment.moa.id.configuration.data.oa.IOnlineApplicationData#store(at.gv.egovernment.moa.id.commons.db.dao.config.OnlineApplication, at.gv.egovernment.moa.id.configuration.auth.AuthenticatedUser, javax.servlet.http.HttpServletRequest) + */ + @Override + public String store(OnlineApplication dbOA, AuthenticatedUser authUser, + HttpServletRequest request) { + AuthComponentOA authoa = dbOA.getAuthComponentOA(); + if (authoa == null) { + authoa = new AuthComponentOA(); + dbOA.setAuthComponentOA(authoa); + } + + log.debug("Saving OAuth 2.0 configuration:"); + OAOAUTH20 oaOAuth20 = authoa.getOAOAUTH20(); + if (oaOAuth20 == null) { + oaOAuth20 = new OAOAUTH20(); + authoa.setOAOAUTH20(oaOAuth20); + } + + oaOAuth20.setOAuthClientId(dbOA.getPublicURLPrefix()); + // oaOAuth20.setOAuthClientSecret(oauth20OA.getClientSecret()); + oaOAuth20.setOAuthRedirectUri(getRedirectUri()); + log.debug("client id: " + getClientId()); + log.debug("client secret: " + getClientSecret()); + log.debug("redirect uri:" + getRedirectUri()); + + oaOAuth20.setOAuthClientSecret((String) request.getSession().getAttribute(Constants.SESSION_OAUTH20SECRET)); + request.getSession().setAttribute(Constants.SESSION_OAUTH20SECRET, null); + + return null; } public String getClientId() { @@ -106,6 +167,5 @@ public class OAOAuth20Config { public void generateClientSecret() { this.clientSecret = UUID.randomUUID().toString(); - } - + } } |