diff options
Diffstat (limited to 'id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/struts')
14 files changed, 4538 insertions, 4515 deletions
diff --git a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/struts/action/BasicAction.java b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/struts/action/BasicAction.java index 9bbbe3df0..a34a516df 100644 --- a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/struts/action/BasicAction.java +++ b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/struts/action/BasicAction.java @@ -26,7 +26,6 @@ import javax.servlet.http.HttpServletRequest; import javax.servlet.http.HttpServletResponse; import javax.servlet.http.HttpSession; -import org.apache.log4j.Logger; import org.apache.struts2.interceptor.ServletRequestAware; import org.apache.struts2.interceptor.ServletResponseAware; @@ -38,100 +37,106 @@ import at.gv.egovernment.moa.id.configuration.auth.AuthenticatedUser; import at.gv.egovernment.moa.id.configuration.config.ConfigurationProvider; import at.gv.egovernment.moa.id.configuration.exception.BasicActionException; import at.gv.egovernment.moa.id.configuration.helper.LanguageHelper; +import lombok.extern.slf4j.Slf4j; /** * @author tlenz * */ +@Slf4j public class BasicAction extends ActionSupport implements ServletRequestAware, - ServletResponseAware { - - private static final long serialVersionUID = 7478261301859056771L; - private static Logger log = Logger.getLogger(BasicAction.class); - - protected HttpServletRequest request; - protected HttpServletResponse response; - protected ConfigurationProvider configuration = null; - protected AuthenticatedUser authUser = null; - protected HttpSession session = null; - protected String formID; - - protected static boolean isMoaidMode = false; - - public BasicAction() { - try { - isMoaidMode = ConfigurationProvider.getInstance().isMOAIDMode(); - } catch (ConfigurationException e) { - log.warn("Can NOT load configuration. Set 'moaidmode' to 'false'", e); - } - } - - - protected void populateBasicInformations() throws BasicActionException { - try { - configuration = ConfigurationProvider.getInstance(); - - session = request.getSession(); - Object authUserObj = session.getAttribute(Constants.SESSION_AUTH); - if (authUserObj instanceof AuthenticatedUser) - authUser = (AuthenticatedUser) authUserObj; - - } catch (ConfigurationException e) { - log.warn("An internal error occurs.", e); - addActionError(LanguageHelper.getErrorString("error.login.internal", request)); - throw new BasicActionException(LanguageHelper.getErrorString("error.login.internal", request), e); - - } - } - - public String getConfigToolVersion() { - return configuration.getConfigToolVersion(); - } - - /** - * @return the authUser - */ - public AuthenticatedUser getAuthUser() { - return authUser; - } - - /* (non-Javadoc) - * @see org.apache.struts2.interceptor.ServletResponseAware#setServletResponse(javax.servlet.http.HttpServletResponse) - */ - @Override - public void setServletResponse(HttpServletResponse arg0) { - this.response = arg0; - - } - - /* (non-Javadoc) - * @see org.apache.struts2.interceptor.ServletRequestAware#setServletRequest(javax.servlet.http.HttpServletRequest) - */ - @Override - public void setServletRequest(HttpServletRequest arg0) { - this.request = arg0; - - } - - /** - * @return the formID - */ - public String getFormID() { - return formID; + ServletResponseAware { + + private static final long serialVersionUID = 7478261301859056771L; + + protected HttpServletRequest request; + protected HttpServletResponse response; + protected ConfigurationProvider configuration = null; + protected AuthenticatedUser authUser = null; + protected HttpSession session = null; + protected String formID; + + protected static boolean isMoaidMode = false; + + public BasicAction() { + try { + isMoaidMode = ConfigurationProvider.getInstance().isMOAIDMode(); + } catch (final ConfigurationException e) { + log.warn("Can NOT load configuration. Set 'moaidmode' to 'false'", e); } + } + + protected void populateBasicInformations() throws BasicActionException { + try { + configuration = ConfigurationProvider.getInstance(); + + session = request.getSession(); + final Object authUserObj = session.getAttribute(Constants.SESSION_AUTH); + if (authUserObj instanceof AuthenticatedUser) { + authUser = (AuthenticatedUser) authUserObj; + } + + } catch (final ConfigurationException e) { + log.warn("An internal error occurs.", e); + addActionError(LanguageHelper.getErrorString("error.login.internal", request)); + throw new BasicActionException(LanguageHelper.getErrorString("error.login.internal", request), e); - /** - * @param formID the formID to set - */ - public void setFormID(String formID) { - this.formID = formID; } + } + + public String getConfigToolVersion() { + return configuration.getConfigToolVersion(); + } + + /** + * @return the authUser + */ + public AuthenticatedUser getAuthUser() { + return authUser; + } + + /* + * (non-Javadoc) + * + * @see + * org.apache.struts2.interceptor.ServletResponseAware#setServletResponse(javax. + * servlet.http.HttpServletResponse) + */ + @Override + public void setServletResponse(HttpServletResponse arg0) { + this.response = arg0; + + } + + /* + * (non-Javadoc) + * + * @see + * org.apache.struts2.interceptor.ServletRequestAware#setServletRequest(javax. + * servlet.http.HttpServletRequest) + */ + @Override + public void setServletRequest(HttpServletRequest arg0) { + this.request = arg0; + + } + + /** + * @return the formID + */ + public String getFormID() { + return formID; + } + /** + * @param formID the formID to set + */ + public void setFormID(String formID) { + this.formID = formID; + } - public static boolean isMoaidMode() { - return isMoaidMode; - } - - + public static boolean isMoaidMode() { + return isMoaidMode; + } } diff --git a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/struts/action/BasicOAAction.java b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/struts/action/BasicOAAction.java index 20db561d6..ce975bd91 100644 --- a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/struts/action/BasicOAAction.java +++ b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/struts/action/BasicOAAction.java @@ -39,15 +39,14 @@ import java.util.List; import java.util.Map; import java.util.Map.Entry; -import org.apache.log4j.Logger; import org.apache.velocity.VelocityContext; import org.apache.velocity.app.VelocityEngine; import at.gv.egiz.components.configuration.meta.api.ConfigurationStorageException; +import at.gv.egiz.eaaf.core.impl.gui.AbstractGUIFormBuilderConfiguration; import at.gv.egiz.eaaf.core.impl.gui.velocity.VelocityProvider; import at.gv.egiz.eaaf.core.impl.utils.KeyValueUtils; import at.gv.egiz.eaaf.core.impl.utils.Random; -import at.gv.egovernment.moa.id.auth.frontend.builder.AbstractServiceProviderSpecificGUIFormBuilderConfiguration; import at.gv.egovernment.moa.id.auth.frontend.utils.FormBuildUtils; import at.gv.egovernment.moa.id.commons.config.ConfigurationMigrationUtils; import at.gv.egovernment.moa.id.commons.config.MOAIDConfigurationConstants; @@ -69,152 +68,156 @@ import at.gv.egovernment.moa.id.configuration.helper.LanguageHelper; import at.gv.egovernment.moa.id.configuration.helper.MailHelper; import at.gv.egovernment.moa.util.MiscUtil; import iaik.utils.URLDecoder; +import lombok.extern.slf4j.Slf4j; /** * @author tlenz * */ +@Slf4j public class BasicOAAction extends BasicAction { - private static final long serialVersionUID = 5676123696807646246L; - private final Logger log = Logger.getLogger(BasicOAAction.class); - - protected LinkedHashMap<String, IOnlineApplicationData> formList; - protected long oaid = -1; - - private String oaidobj; - private boolean newOA; - private boolean isMetaDataRefreshRequired = false; - - private InputStream stream = null; - - - - /** - * - */ - public BasicOAAction() { - super(); - - formList = new LinkedHashMap<String, IOnlineApplicationData>(); - - OAGeneralConfig generalOA = new OAGeneralConfig(); - formList.put(generalOA.getName(), generalOA); - - } - - protected OnlineApplication populateOnlineApplicationFromRequest() throws BasicOAActionException{ - if (!ValidationHelper.validateOAID(oaidobj)) { - throw new BasicOAActionException( - LanguageHelper.getErrorString("errors.edit.oa.oaid", request), - Constants.STRUTS_ERROR); - + private static final long serialVersionUID = 5676123696807646246L; + + protected LinkedHashMap<String, IOnlineApplicationData> formList; + protected long oaid = -1; + + private String oaidobj; + private boolean newOA; + private boolean isMetaDataRefreshRequired = false; + + private InputStream stream = null; + + /** + * + */ + public BasicOAAction() { + super(); + + formList = new LinkedHashMap<>(); + + final OAGeneralConfig generalOA = new OAGeneralConfig(); + formList.put(generalOA.getName(), generalOA); + + } + + protected OnlineApplication populateOnlineApplicationFromRequest() throws BasicOAActionException { + if (!ValidationHelper.validateOAID(oaidobj)) { + throw new BasicOAActionException( + LanguageHelper.getErrorString("errors.edit.oa.oaid", request), + Constants.STRUTS_ERROR); + + } + oaid = Long.valueOf(oaidobj); + + UserDatabase userdb = null; + OnlineApplication onlineapplication = null; + + if (authUser.isAdmin()) { + onlineapplication = configuration.getDbRead().getOnlineApplication(oaid); + } else { + userdb = configuration.getUserManagement().getUserWithID(authUser.getUserID()); + + if (!authUser.isAdmin() && userdb.isIsMailAddressVerified() != null && !userdb + .isIsMailAddressVerified()) { + log.info("Online-Applikation managemant disabled. Mail address is not verified."); + throw new BasicOAActionException( + LanguageHelper.getErrorString("error.editoa.mailverification", request), + Constants.STRUTS_SUCCESS); + + } + + // TODO: change to direct Database operation + final List<String> oas = userdb.getOnlineApplication(); + for (final String oa : oas) { + if (oa.equals(oaid)) { + onlineapplication = configuration.getDbRead().getOnlineApplication(oaid); + break; } - oaid = Long.valueOf(oaidobj); + } + if (onlineapplication == null) { + throw new BasicOAActionException( + LanguageHelper.getErrorString("errors.edit.oa.oaid", request), + Constants.STRUTS_ERROR); + } + } - UserDatabase userdb = null; - OnlineApplication onlineapplication = null; + return onlineapplication; - if (authUser.isAdmin()) - onlineapplication = configuration.getDbRead().getOnlineApplication(oaid); + } - else { - userdb = configuration.getUserManagement().getUserWithID(authUser.getUserID()); + protected void populateBasicNewOnlineApplicationInformation() { + session.setAttribute(Constants.SESSION_OAID, null); - if (!authUser.isAdmin() && userdb.isIsMailAddressVerified() != null && !userdb.isIsMailAddressVerified()) { - log.info("Online-Applikation managemant disabled. Mail address is not verified."); - throw new BasicOAActionException( - LanguageHelper.getErrorString("error.editoa.mailverification", request), - Constants.STRUTS_SUCCESS); + setNewOA(true); - } + formID = Random.nextRandom(); + session.setAttribute(Constants.SESSION_FORMID, formID); + session.setAttribute(Constants.SESSION_BKUFORMPREVIEW, null); + } - // TODO: change to direct Database operation - List<String> oas = userdb.getOnlineApplication(); - for (String oa : oas) { - if (oa.equals(oaid)) { - onlineapplication = configuration.getDbRead().getOnlineApplication(oaid); - break; - } - } - if (onlineapplication == null) { - throw new BasicOAActionException( - LanguageHelper.getErrorString("errors.edit.oa.oaid", request), - Constants.STRUTS_ERROR); - } + protected OnlineApplication postProcessSaveOnlineApplication(OnlineApplication onlineapplication, + boolean persistOA) throws BasicOAActionException { + if (onlineapplication == null) { + onlineapplication = new OnlineApplication(); + onlineapplication.setIsNew(true); + onlineapplication.setIsActive(false); + + if (!authUser.isAdmin()) { + onlineapplication.setIsAdminRequired(true); + + } else { + isMetaDataRefreshRequired = true; + } + + } else { + onlineapplication.setIsNew(false); + if (!authUser.isAdmin() && !onlineapplication.getPublicURLPrefix().equals(getGeneralOA() + .getIdentifier())) { + + onlineapplication.setIsAdminRequired(true); + onlineapplication.setIsActive(false); + log.info("User with ID " + authUser.getUserID() + + " change OA-PublicURLPrefix. Reaktivation is required."); + } + + } + + if (onlineapplication.isIsAdminRequired() == null + || authUser.isAdmin() && getGeneralOA().isActive() && onlineapplication.isIsAdminRequired()) { + + onlineapplication.setIsAdminRequired(false); + isMetaDataRefreshRequired = true; + + UserDatabase userdb = null; + if (onlineapplication.getHjid() != null) { + userdb = configuration.getUserManagement().getUsersWithOADBID(onlineapplication.getHjid()); + } + + if (userdb != null && !userdb.isIsAdmin()) { + try { + MailHelper.sendUserOnlineApplicationActivationMail(userdb.getGivenname(), userdb.getFamilyname(), + userdb.getInstitut(), onlineapplication.getPublicURLPrefix(), userdb.getMail()); + } catch (final ConfigurationException e) { + log.warn("Sending Mail to User " + userdb.getMail() + " failed", e); } - - return onlineapplication; - - } - - protected void populateBasicNewOnlineApplicationInformation() { - session.setAttribute(Constants.SESSION_OAID, null); - - setNewOA(true); - - formID = Random.nextRandom(); - session.setAttribute(Constants.SESSION_FORMID, formID); - session.setAttribute(Constants.SESSION_BKUFORMPREVIEW, null); + } + } + + // save OA configuration + final String error = saveOAConfigToDatabase(onlineapplication, persistOA); + if (MiscUtil.isNotEmpty(error)) { + log.warn("OA configuration can not be stored!"); + addActionError(error); + + formID = Random.nextRandom(); + session.setAttribute(Constants.SESSION_FORMID, formID); + + throw new BasicOAActionException(error, Constants.STRUTS_ERROR_VALIDATION); } - - protected OnlineApplication postProcessSaveOnlineApplication(OnlineApplication onlineapplication, boolean persistOA) throws BasicOAActionException { - if (onlineapplication == null) { - onlineapplication = new OnlineApplication(); - onlineapplication.setIsNew(true); - onlineapplication.setIsActive(false); - - if (!authUser.isAdmin()) { - onlineapplication.setIsAdminRequired(true); - - } else - isMetaDataRefreshRequired = true; - - } else { - onlineapplication.setIsNew(false); - if (!authUser.isAdmin() && !onlineapplication.getPublicURLPrefix().equals(getGeneralOA().getIdentifier())) { - - onlineapplication.setIsAdminRequired(true); - onlineapplication.setIsActive(false); - log.info("User with ID " + authUser.getUserID() + " change OA-PublicURLPrefix. Reaktivation is required."); - } - - } - - if ((onlineapplication.isIsAdminRequired() == null) - || (authUser.isAdmin() && getGeneralOA().isActive() && onlineapplication.isIsAdminRequired())) { - - onlineapplication.setIsAdminRequired(false); - isMetaDataRefreshRequired = true; - - UserDatabase userdb = null; - if (onlineapplication.getHjid() != null) - userdb = configuration.getUserManagement().getUsersWithOADBID(onlineapplication.getHjid()); - - if (userdb != null && !userdb.isIsAdmin()) { - try { - MailHelper.sendUserOnlineApplicationActivationMail(userdb.getGivenname(), userdb.getFamilyname(), - userdb.getInstitut(), onlineapplication.getPublicURLPrefix(), userdb.getMail()); - } catch (ConfigurationException e) { - log.warn("Sending Mail to User " + userdb.getMail() + " failed", e); - } - } - } - - //save OA configuration - String error = saveOAConfigToDatabase(onlineapplication, persistOA); - if (MiscUtil.isNotEmpty(error)) { - log.warn("OA configuration can not be stored!"); - addActionError(error); - - formID = Random.nextRandom(); - session.setAttribute(Constants.SESSION_FORMID, formID); - - throw new BasicOAActionException(error, Constants.STRUTS_ERROR_VALIDATION); - } // //set metadata reload flag if reload is required -// +// // if (getPvp2OA() != null && getPvp2OA().getMetaDataURL() != null) { // // try { @@ -234,290 +237,302 @@ public class BasicOAAction extends BasicAction { // } // // } - - return onlineapplication; - } - - protected OnlineApplication preProcessSaveOnlineApplication() throws BasicOAActionException { - try { - Object formidobj = session.getAttribute(Constants.SESSION_FORMID); - if (formidobj != null && formidobj instanceof String) { - String formid = (String) formidobj; - if (!formid.equals(formID)) { - throw new BasicOAActionException( - "FormIDs does not match. Some suspect Form is received from user " + authUser.getFamilyName() - + authUser.getGivenName() + authUser.getUserID(), - Constants.STRUTS_ERROR); - } - } else { - throw new BasicOAActionException( - "FormIDs does not match. Some suspect Form is received from user " + authUser.getFamilyName() - + authUser.getGivenName() + authUser.getUserID(), - Constants.STRUTS_ERROR); - - } - session.setAttribute(Constants.SESSION_FORMID, null); - - UserDatabase userdb = configuration.getUserManagement().getUserWithID(authUser.getUserID()); - if (!authUser.isAdmin() && userdb.isIsMailAddressVerified() != null && !userdb.isIsMailAddressVerified()) { - log.info("Online-Applikation managemant disabled. Mail address is not verified."); - throw new BasicOAActionException( - LanguageHelper.getErrorString("error.editoa.mailverification", request), - Constants.STRUTS_SUCCESS); - } - - OnlineApplication onlineapplication = null; - - Long oaid = getOAIDFromSession(); - - // valid DBID and check entry - OAGeneralConfig oaGeneralForm = ((OAGeneralConfig)formList.get(new OAGeneralConfig().getName())); - String oaidentifier = oaGeneralForm.getIdentifier(); - if (MiscUtil.isEmpty(oaidentifier)) { - log.info("Empty OA identifier"); - throw new BasicOAActionException( - LanguageHelper.getErrorString("validation.general.oaidentifier.empty", request), - Constants.STRUTS_ERROR_VALIDATION); - - } else { - - if (!ValidationHelper.validateURL(oaidentifier)) { - log.warn("OnlineapplikationIdentifier is not a valid URL: " + oaidentifier); - throw new BasicOAActionException( - LanguageHelper.getErrorString("validation.general.oaidentifier.valid", - new Object[]{ValidationHelper.getNotValidOAIdentifierCharacters()}, request), - Constants.STRUTS_ERROR_VALIDATION); - - } else { - - if (oaid == -1) { - List<OnlineApplication> oaList = configuration.getDbRead().getAllOnlineApplications(); - - if (oaList != null) { - for (OnlineApplication el : oaList) { - if (el.getPublicURLPrefix().startsWith(oaidentifier) ) - onlineapplication = el; - - } - } - - if (onlineapplication == null) { - onlineapplication = configuration.getDbRead().getOnlineApplication(oaidentifier); - - } - - if (onlineapplication != null) { - log.info("The OAIdentifier is not unique"); - throw new BasicOAActionException( - LanguageHelper.getErrorString( - "validation.general.oaidentifier.notunique", - new Object[]{onlineapplication.getPublicURLPrefix()}, - request), - Constants.STRUTS_ERROR_VALIDATION); - - } else - setNewOA(true); - - } else { - onlineapplication = configuration.getDbRead().getOnlineApplication(oaid); - if (!oaidentifier.equals(onlineapplication.getPublicURLPrefix())) { - - OnlineApplication dbOA = null; - List<OnlineApplication> oaList = configuration.getDbRead().getAllOnlineApplications(); - for (OnlineApplication el : oaList) { - if (el.getPublicURLPrefix().startsWith(oaidentifier) ) - dbOA = el; - - } - if (dbOA == null) - dbOA = configuration.getDbRead().getOnlineApplication(oaidentifier); - - if ( (dbOA != null && !dbOA.getHjid().equals(oaid))) { - log.info("The OAIdentifier is not unique"); - throw new BasicOAActionException( - LanguageHelper.getErrorString( - "validation.general.oaidentifier.notunique", - new Object[]{dbOA.getPublicURLPrefix()}, - request), - Constants.STRUTS_ERROR_VALIDATION); - - } - } - } - } - } - - return onlineapplication; - - } catch (BasicOAActionException e) { - formID = Random.nextRandom(); - session.setAttribute(Constants.SESSION_FORMID, formID); - - throw e; - } - - } - - protected Long getOAIDFromSession() throws BasicOAActionException { - Object oadbid = request.getSession().getAttribute(Constants.SESSION_OAID); - Long oaid = (long) -1; - - if (oadbid != null) { - try { - oaid = (Long) oadbid; - if (oaid < 0 || oaid > Long.MAX_VALUE) { - throw new BasicOAActionException( - LanguageHelper.getErrorString("errors.edit.oa.oaid", request), - Constants.STRUTS_ERROR); + + return onlineapplication; + } + + protected OnlineApplication preProcessSaveOnlineApplication() throws BasicOAActionException { + try { + final Object formidobj = session.getAttribute(Constants.SESSION_FORMID); + if (formidobj != null && formidobj instanceof String) { + final String formid = (String) formidobj; + if (!formid.equals(formID)) { + throw new BasicOAActionException( + "FormIDs does not match. Some suspect Form is received from user " + authUser.getFamilyName() + + authUser.getGivenName() + authUser.getUserID(), + Constants.STRUTS_ERROR); + } + } else { + throw new BasicOAActionException( + "FormIDs does not match. Some suspect Form is received from user " + authUser.getFamilyName() + + authUser.getGivenName() + authUser.getUserID(), + Constants.STRUTS_ERROR); + + } + session.setAttribute(Constants.SESSION_FORMID, null); + + final UserDatabase userdb = configuration.getUserManagement().getUserWithID(authUser.getUserID()); + if (!authUser.isAdmin() && userdb.isIsMailAddressVerified() != null && !userdb + .isIsMailAddressVerified()) { + log.info("Online-Applikation managemant disabled. Mail address is not verified."); + throw new BasicOAActionException( + LanguageHelper.getErrorString("error.editoa.mailverification", request), + Constants.STRUTS_SUCCESS); + } + + OnlineApplication onlineapplication = null; + + final Long oaid = getOAIDFromSession(); + + // valid DBID and check entry + final OAGeneralConfig oaGeneralForm = (OAGeneralConfig) formList.get(new OAGeneralConfig().getName()); + final String oaidentifier = oaGeneralForm.getIdentifier(); + if (MiscUtil.isEmpty(oaidentifier)) { + log.info("Empty OA identifier"); + throw new BasicOAActionException( + LanguageHelper.getErrorString("validation.general.oaidentifier.empty", request), + Constants.STRUTS_ERROR_VALIDATION); + + } else { + + if (!ValidationHelper.validateURL(oaidentifier)) { + log.warn("OnlineapplikationIdentifier is not a valid URL: " + oaidentifier); + throw new BasicOAActionException( + LanguageHelper.getErrorString("validation.general.oaidentifier.valid", + new Object[] { ValidationHelper.getNotValidOAIdentifierCharacters() }, request), + Constants.STRUTS_ERROR_VALIDATION); + + } else { + + if (oaid == -1) { + final List<OnlineApplication> oaList = configuration.getDbRead().getAllOnlineApplications(); + + if (oaList != null) { + for (final OnlineApplication el : oaList) { + if (el.getPublicURLPrefix().startsWith(oaidentifier)) { + onlineapplication = el; } - } catch (Throwable t) { - throw new BasicOAActionException( - LanguageHelper.getErrorString("errors.edit.oa.oaid", request), - Constants.STRUTS_ERROR); + } + } + + if (onlineapplication == null) { + onlineapplication = configuration.getDbRead().getOnlineApplication(oaidentifier); + } + + if (onlineapplication != null) { + log.info("The OAIdentifier is not unique"); + throw new BasicOAActionException( + LanguageHelper.getErrorString( + "validation.general.oaidentifier.notunique", + new Object[] { onlineapplication.getPublicURLPrefix() }, + request), + Constants.STRUTS_ERROR_VALIDATION); + + } else { + setNewOA(true); + } + + } else { + onlineapplication = configuration.getDbRead().getOnlineApplication(oaid); + if (!oaidentifier.equals(onlineapplication.getPublicURLPrefix())) { + + OnlineApplication dbOA = null; + final List<OnlineApplication> oaList = configuration.getDbRead().getAllOnlineApplications(); + for (final OnlineApplication el : oaList) { + if (el.getPublicURLPrefix().startsWith(oaidentifier)) { + dbOA = el; + } + + } + if (dbOA == null) { + dbOA = configuration.getDbRead().getOnlineApplication(oaidentifier); + } + + if (dbOA != null && !dbOA.getHjid().equals(oaid)) { + log.info("The OAIdentifier is not unique"); + throw new BasicOAActionException( + LanguageHelper.getErrorString( + "validation.general.oaidentifier.notunique", + new Object[] { dbOA.getPublicURLPrefix() }, + request), + Constants.STRUTS_ERROR_VALIDATION); + + } + } + } } - - return oaid; + } + + return onlineapplication; + + } catch (final BasicOAActionException e) { + formID = Random.nextRandom(); + session.setAttribute(Constants.SESSION_FORMID, formID); + + throw e; } - - protected String preProcessDeleteOnlineApplication() throws BasicOAActionException { - try { - Object formidobj = session.getAttribute(Constants.SESSION_FORMID); - if (formidobj != null && formidobj instanceof String) { - String formid = (String) formidobj; - if (!formid.equals(formID)) { - log.warn("FormIDs does not match. Some suspect Form is received from user " + authUser.getFamilyName() - + authUser.getGivenName() + authUser.getUserID()); - throw new BasicOAActionException( - "FormIDs does not match. Some suspect Form is received from user " + authUser.getFamilyName() - + authUser.getGivenName() + authUser.getUserID(), - Constants.STRUTS_ERROR); - - } - } else { - log.warn("FormIDs does not match. Some suspect Form is received from user " + authUser.getFamilyName() - + authUser.getGivenName() + authUser.getUserID()); - throw new BasicOAActionException( - "FormIDs does not match. Some suspect Form is received from user " + authUser.getFamilyName() - + authUser.getGivenName() + authUser.getUserID(), - Constants.STRUTS_ERROR); - } - session.setAttribute(Constants.SESSION_FORMID, null); - - UserDatabase userdb = configuration.getUserManagement().getUserWithID(authUser.getUserID()); - if (!authUser.isAdmin() && userdb.isIsMailAddressVerified() != null && !userdb.isIsMailAddressVerified()) { - log.info("Online-Applikation managemant disabled. Mail address is not verified."); - throw new BasicOAActionException( - LanguageHelper.getErrorString("error.editoa.mailverification", request), - Constants.STRUTS_SUCCESS); - - } - - String oaidentifier = getGeneralOA().getIdentifier(); - if (MiscUtil.isEmpty(oaidentifier)) { - log.info("Empty OA identifier"); - formID = Random.nextRandom(); - session.setAttribute(Constants.SESSION_FORMID, formID); - - throw new BasicOAActionException( - LanguageHelper.getErrorString("validation.general.oaidentifier.empty", request), - Constants.STRUTS_ERROR_VALIDATION); - - } else { - if (ValidationHelper.isValidOAIdentifier(oaidentifier)) { - log.warn("IdentificationNumber contains potentail XSS characters: " + oaidentifier); - formID = Random.nextRandom(); - session.setAttribute(Constants.SESSION_FORMID, formID); - - throw new BasicOAActionException( - LanguageHelper.getErrorString("validation.general.oaidentifier.valid", - new Object[]{ValidationHelper.getNotValidOAIdentifierCharacters()}, request), - Constants.STRUTS_ERROR_VALIDATION); - } - } - - return oaidentifier; - - } catch (BasicOAActionException e) { - formID = Random.nextRandom(); - session.setAttribute(Constants.SESSION_FORMID, formID); - - throw e; - } + + } + + protected Long getOAIDFromSession() throws BasicOAActionException { + final Object oadbid = request.getSession().getAttribute(Constants.SESSION_OAID); + Long oaid = (long) -1; + + if (oadbid != null) { + try { + oaid = (Long) oadbid; + if (oaid < 0 || oaid > Long.MAX_VALUE) { + throw new BasicOAActionException( + LanguageHelper.getErrorString("errors.edit.oa.oaid", request), + Constants.STRUTS_ERROR); + } + + } catch (final Throwable t) { + throw new BasicOAActionException( + LanguageHelper.getErrorString("errors.edit.oa.oaid", request), + Constants.STRUTS_ERROR); + } } - - private String saveOAConfigToDatabase(OnlineApplication dboa, boolean persistOA) { - - for (IOnlineApplicationData form : formList.values()) - form.store(dboa, authUser, request); - - try { - if (dboa.isIsNew()) { - if (!authUser.isAdmin()) { - UserDatabase user = configuration.getUserManagement().getUserWithID(authUser.getUserID()); - List<String> useroas = user.getOnlineApplication(); - if (useroas == null) useroas = new ArrayList<String>(); + return oaid; + } + + protected String preProcessDeleteOnlineApplication() throws BasicOAActionException { + try { + final Object formidobj = session.getAttribute(Constants.SESSION_FORMID); + if (formidobj != null && formidobj instanceof String) { + final String formid = (String) formidobj; + if (!formid.equals(formID)) { + log.warn("FormIDs does not match. Some suspect Form is received from user " + authUser + .getFamilyName() + + authUser.getGivenName() + authUser.getUserID()); + throw new BasicOAActionException( + "FormIDs does not match. Some suspect Form is received from user " + authUser.getFamilyName() + + authUser.getGivenName() + authUser.getUserID(), + Constants.STRUTS_ERROR); - useroas.add(String.valueOf(dboa.getHjid())); - configuration.getUserManagement().saveOrUpdate(user); - - } else { - if (persistOA) - save(dboa); - - } - - } else - if (persistOA) - save(dboa); - - } catch (MOADatabaseException e) { - log.warn("Online-Application can not be stored.", e); - return LanguageHelper.getErrorString("error.db.oa.store", request); } + } else { + log.warn("FormIDs does not match. Some suspect Form is received from user " + authUser.getFamilyName() + + authUser.getGivenName() + authUser.getUserID()); + throw new BasicOAActionException( + "FormIDs does not match. Some suspect Form is received from user " + authUser.getFamilyName() + + authUser.getGivenName() + authUser.getUserID(), + Constants.STRUTS_ERROR); + } + session.setAttribute(Constants.SESSION_FORMID, null); + + final UserDatabase userdb = configuration.getUserManagement().getUserWithID(authUser.getUserID()); + if (!authUser.isAdmin() && userdb.isIsMailAddressVerified() != null && !userdb + .isIsMailAddressVerified()) { + log.info("Online-Applikation managemant disabled. Mail address is not verified."); + throw new BasicOAActionException( + LanguageHelper.getErrorString("error.editoa.mailverification", request), + Constants.STRUTS_SUCCESS); + + } + + final String oaidentifier = getGeneralOA().getIdentifier(); + if (MiscUtil.isEmpty(oaidentifier)) { + log.info("Empty OA identifier"); + formID = Random.nextRandom(); + session.setAttribute(Constants.SESSION_FORMID, formID); + + throw new BasicOAActionException( + LanguageHelper.getErrorString("validation.general.oaidentifier.empty", request), + Constants.STRUTS_ERROR_VALIDATION); - return null; + } else { + if (ValidationHelper.isValidOAIdentifier(oaidentifier)) { + log.warn("IdentificationNumber contains potentail XSS characters: " + oaidentifier); + formID = Random.nextRandom(); + session.setAttribute(Constants.SESSION_FORMID, formID); + + throw new BasicOAActionException( + LanguageHelper.getErrorString("validation.general.oaidentifier.valid", + new Object[] { ValidationHelper.getNotValidOAIdentifierCharacters() }, request), + Constants.STRUTS_ERROR_VALIDATION); + } + } + + return oaidentifier; + + } catch (final BasicOAActionException e) { + formID = Random.nextRandom(); + session.setAttribute(Constants.SESSION_FORMID, formID); + + throw e; + } + } + + private String saveOAConfigToDatabase(OnlineApplication dboa, boolean persistOA) { + + for (final IOnlineApplicationData form : formList.values()) { + form.store(dboa, authUser, request); } - - protected void save(OnlineApplication oa) throws MOADatabaseException { - try { - STORK storkConfig = null; - try { - MOAIDConfiguration moaidConfig = - ConfigurationProvider.getInstance().getDbRead().getMOAIDConfiguration(); - - storkConfig = moaidConfig.getAuthComponentGeneral().getForeignIdentities().getSTORK(); - - } catch (Exception e) { - - } - - log.debug("JaxB to Key/Value configuration transformation started ..."); - Map<String, String> keyValueConfig = - ConfigurationMigrationUtils.convertHyberJaxBOnlineApplicationToKeyValue(oa, storkConfig); - - log.debug("JaxB to Key/Value configuration transformation finished. Start Key/Value storage process ..."); - - String serviceIdentifier = keyValueConfig.get(MOAIDConfigurationConstants.PREFIX_SERVICES); - if (MiscUtil.isEmpty(serviceIdentifier)) { - log.info("Use default ServiceIdentifier."); - serviceIdentifier = MOAIDConfigurationConstants.PREFIX_OA; - } - - if (oa.getHjid() == null) { - log.debug("No hjID -> find new Service ID ..."); - String hjID = configuration.getConfigModule().buildArrayIdentifier( - MOAIDConfigurationConstants.PREFIX_MOAID_SERVICES + "." + serviceIdentifier, 0, keyValueConfig); - log.debug("Find new hjID: " + hjID + " for service: " + oa.getPublicURLPrefix()); - oa.setHjid(Long.valueOf(hjID)); - - } else { - //TODO: work-around for old config tool and new key/value configuration - //see: NewConfigurationDBRead.java Line 81 + + try { + if (dboa.isIsNew()) { + if (!authUser.isAdmin()) { + final UserDatabase user = configuration.getUserManagement().getUserWithID(authUser.getUserID()); + + List<String> useroas = user.getOnlineApplication(); + if (useroas == null) { + useroas = new ArrayList<>(); + } + + useroas.add(String.valueOf(dboa.getHjid())); + configuration.getUserManagement().saveOrUpdate(user); + + } else { + if (persistOA) { + save(dboa); + } + + } + + } else if (persistOA) { + save(dboa); + } + + } catch (final MOADatabaseException e) { + log.warn("Online-Application can not be stored.", e); + return LanguageHelper.getErrorString("error.db.oa.store", request); + } + + return null; + } + + protected void save(OnlineApplication oa) throws MOADatabaseException { + try { + STORK storkConfig = null; + try { + final MOAIDConfiguration moaidConfig = + ConfigurationProvider.getInstance().getDbRead().getMOAIDConfiguration(); + + storkConfig = moaidConfig.getAuthComponentGeneral().getForeignIdentities().getSTORK(); + + } catch (final Exception e) { + + } + + log.debug("JaxB to Key/Value configuration transformation started ..."); + final Map<String, String> keyValueConfig = + ConfigurationMigrationUtils.convertHyberJaxBOnlineApplicationToKeyValue(oa, storkConfig); + + log.debug( + "JaxB to Key/Value configuration transformation finished. Start Key/Value storage process ..."); + + String serviceIdentifier = keyValueConfig.get(MOAIDConfigurationConstants.PREFIX_SERVICES); + if (MiscUtil.isEmpty(serviceIdentifier)) { + log.info("Use default ServiceIdentifier."); + serviceIdentifier = MOAIDConfigurationConstants.PREFIX_OA; + } + + if (oa.getHjid() == null) { + log.debug("No hjID -> find new Service ID ..."); + final String hjID = configuration.getConfigModule().buildArrayIdentifier( + MOAIDConfigurationConstants.PREFIX_MOAID_SERVICES + "." + serviceIdentifier, 0, keyValueConfig); + log.debug("Find new hjID: " + hjID + " for service: " + oa.getPublicURLPrefix()); + oa.setHjid(Long.valueOf(hjID)); + + } else { + // TODO: work-around for old config tool and new key/value configuration + // see: NewConfigurationDBRead.java Line 81 // if (oa.getHjid() > 1000000) { -// if (serviceIdentifier.equals(MOAIDConfigurationConstants.PREFIX_GATEWAY)) +// if (serviceIdentifier.equals(MOAIDConfigurationConstants.PREFIX_GATEWAY)) // oa.setHjid(oa.getHjid() - 1000000); // else if (serviceIdentifier.equals(MOAIDConfigurationConstants.PREFIX_IIDP)) // oa.setHjid(oa.getHjid() - 2000000); @@ -525,208 +540,210 @@ public class BasicOAAction extends BasicAction { // oa.setHjid(oa.getHjid() - 3000000); // else // log.warn("Inconsistent state found! Service Identifier for OA found but Hjid is > 1000000."); -// +// // } - - } - - Map<String, String> absolutKeyValue = KeyValueUtils.makeKeysAbsolut( - keyValueConfig, - MOAIDConfigurationConstants.PREFIX_MOAID_SERVICES + "." + serviceIdentifier + "." + String.valueOf(oa.getHjid()), - MOAIDConfigurationConstants.PREFIX_MOAID_SERVICES); - - configuration.getConfigModule().storeChanges(absolutKeyValue, null, null); - - log.info("MOA-ID Service Key/Value configuration successfull stored."); - - - } catch (ConfigurationStorageException | at.gv.egiz.components.configuration.api.ConfigurationException e) { - log.warn("MOAID Configuration can not be stored in Database", e); - throw new MOADatabaseException(e.getMessage(), e); - - } - + + } + + final Map<String, String> absolutKeyValue = KeyValueUtils.makeKeysAbsolut( + keyValueConfig, + MOAIDConfigurationConstants.PREFIX_MOAID_SERVICES + "." + serviceIdentifier + "." + String.valueOf( + oa.getHjid()), + MOAIDConfigurationConstants.PREFIX_MOAID_SERVICES); + + configuration.getConfigModule().storeChanges(absolutKeyValue, null, null); + + log.info("MOA-ID Service Key/Value configuration successfull stored."); + + } catch (ConfigurationStorageException + | at.gv.egiz.components.configuration.api.ConfigurationException e) { + log.warn("MOAID Configuration can not be stored in Database", e); + throw new MOADatabaseException(e.getMessage(), e); + } - - protected boolean delete(OnlineApplication onlineapplication) { - try { - log.debug("JaxB to Key/Value configuration transformation started ..."); - Map<String, String> keyValueConfig = - ConfigurationMigrationUtils.convertHyberJaxBOnlineApplicationToKeyValue(onlineapplication, null); - - log.debug("JaxB to Key/Value configuration transformation finished. Start Key/Value storage process ..."); - - String serviceIdentifier = keyValueConfig.get(MOAIDConfigurationConstants.PREFIX_SERVICES); - if (MiscUtil.isEmpty(serviceIdentifier)) { - log.info("Use default ServiceIdentifier."); - serviceIdentifier = MOAIDConfigurationConstants.PREFIX_OA; - } - - String deleteServiceKey = - MOAIDConfigurationConstants.PREFIX_MOAID_SERVICES + "." + serviceIdentifier + "." + String.valueOf(onlineapplication.getHjid()) + ".*"; - - configuration.getConfigModule().storeChanges(null, null, Arrays.asList(new String[]{deleteServiceKey})); - - log.info("MOA-ID Service Key/Value configuration successfull stored."); - return true; - - } catch (ConfigurationStorageException e) { - log.warn("MOAID Configuration can not be stored in Database", e); - - } - - return false; - + + } + + protected boolean delete(OnlineApplication onlineapplication) { + try { + log.debug("JaxB to Key/Value configuration transformation started ..."); + final Map<String, String> keyValueConfig = + ConfigurationMigrationUtils.convertHyberJaxBOnlineApplicationToKeyValue(onlineapplication, null); + + log.debug( + "JaxB to Key/Value configuration transformation finished. Start Key/Value storage process ..."); + + String serviceIdentifier = keyValueConfig.get(MOAIDConfigurationConstants.PREFIX_SERVICES); + if (MiscUtil.isEmpty(serviceIdentifier)) { + log.info("Use default ServiceIdentifier."); + serviceIdentifier = MOAIDConfigurationConstants.PREFIX_OA; + } + + final String deleteServiceKey = + MOAIDConfigurationConstants.PREFIX_MOAID_SERVICES + "." + serviceIdentifier + "." + String.valueOf( + onlineapplication.getHjid()) + ".*"; + + configuration.getConfigModule().storeChanges(null, null, Arrays.asList(new String[] { + deleteServiceKey })); + + log.info("MOA-ID Service Key/Value configuration successfull stored."); + return true; + + } catch (final ConfigurationStorageException e) { + log.warn("MOAID Configuration can not be stored in Database", e); + } - - public String bkuFramePreview() { - String preview = null; + return false; - try { - populateBasicInformations(); - - } catch (BasicActionException e) { - return Constants.STRUTS_ERROR; - - } - InputStream input = null; + } - try { - Object mapobj = session.getAttribute(Constants.SESSION_BKUFORMPREVIEW); - if (mapobj != null && mapobj instanceof Map<?, ?>) { - - ConfigurationProvider config = ConfigurationProvider.getInstance(); - String templateURL = config.getConfigRootDir() + ConfigurationProvider.HTMLTEMPLATE_DIR - + ConfigurationProvider.HTMLTEMPLATE_FILE; - - File file = new File(new URI(templateURL)); - input = new FileInputStream(file); - - String contextpath = config.getMOAIDInstanceURL(); - if (MiscUtil.isEmpty(contextpath)) { - log.info("NO MOA-ID instance URL configurated."); - input.close(); - throw new ConfigurationException("No MOA-ID instance configurated"); - - } - - //set parameters - Map<String, Object> params = (Map<String, Object>) mapobj; - params.put( - AbstractServiceProviderSpecificGUIFormBuilderConfiguration.PARAM_AUTHCONTEXT, - contextpath); - - request.setCharacterEncoding("UTF-8"); - String module = request.getParameter(Constants.REQUEST_FORMCUSTOM_MODULE); - String value = request.getParameter(Constants.REQUEST_FORMCUSTOM_VALUE); - - if (value != null) { - String[] query = URLDecoder.decode(request.getQueryString()).split("&"); - value = query[1].substring("value=".length()); - } + public String bkuFramePreview() { - synchronized (params) { - if (MiscUtil.isNotEmpty(module)) { - if (params.containsKey(module)) { - if (MiscUtil.isNotEmpty(value)) { - if (FormBuildUtils.PARAM_FONTFAMILY.contains(module) || FormBuildUtils.PARAM_HEADER_TEXT.contains(module) - || value.startsWith("#")) - params.put(module, value); - else - params.put(module, "#" + value); - - } else { - params.put(module, FormBuildUtils.getDefaultMap().get(module)); - } - } - } - } - - //write preview - VelocityEngine engine = VelocityProvider.getClassPathVelocityEngine(); - VelocityContext context = new VelocityContext(); - Iterator<Entry<String, Object>> interator = params.entrySet().iterator(); - while (interator.hasNext()) { - Entry<String, Object> el = interator.next(); - context.put(el.getKey(), el.getValue()); - - } - StringWriter writer = new StringWriter(); - engine.evaluate(context, writer, "BKUSelection_preview", - new BufferedReader(new InputStreamReader(input))); - stream = new ByteArrayInputStream(writer.toString().getBytes("UTF-8")); + String preview = null; - } else { - preview = LanguageHelper.getErrorString("error.bkuformpreview.notpossible", request); + try { + populateBasicInformations(); - } + } catch (final BasicActionException e) { + return Constants.STRUTS_ERROR; + + } + InputStream input = null; + + try { + final Object mapobj = session.getAttribute(Constants.SESSION_BKUFORMPREVIEW); + if (mapobj != null && mapobj instanceof Map<?, ?>) { + + final ConfigurationProvider config = ConfigurationProvider.getInstance(); + final String templateURL = config.getConfigRootDir() + ConfigurationProvider.HTMLTEMPLATE_DIR + + ConfigurationProvider.HTMLTEMPLATE_FILE; - } catch (Exception e) { - log.warn("BKUSelection Preview can not be generated.", e); - preview = LanguageHelper.getErrorString("error.bkuformpreview.notpossible", request); + final File file = new File(new URI(templateURL)); + input = new FileInputStream(file); + + final String contextpath = config.getMOAIDInstanceURL(); + if (MiscUtil.isEmpty(contextpath)) { + log.info("NO MOA-ID instance URL configurated."); + input.close(); + throw new ConfigurationException("No MOA-ID instance configurated"); } - if (stream == null && MiscUtil.isNotEmpty(preview)) { - try { - stream = new ByteArrayInputStream(preview.getBytes("UTF-8")); - - } catch (UnsupportedEncodingException e) { - e.printStackTrace(); - - } + // set parameters + final Map<String, Object> params = (Map<String, Object>) mapobj; + params.put( + AbstractGUIFormBuilderConfiguration.PARAM_AUTHCONTEXT, + contextpath); + + request.setCharacterEncoding("UTF-8"); + final String module = request.getParameter(Constants.REQUEST_FORMCUSTOM_MODULE); + String value = request.getParameter(Constants.REQUEST_FORMCUSTOM_VALUE); + + if (value != null) { + final String[] query = URLDecoder.decode(request.getQueryString()).split("&"); + value = query[1].substring("value=".length()); } - - - return Constants.STRUTS_SUCCESS; - } - - - /** - * @param oaidobj the oaidobj to set - */ - public void setOaidobj(String oaidobj) { - this.oaidobj = oaidobj; - } - - /** - * @return the newOA - */ - public boolean isNewOA() { - return newOA; - } - /** - * @param newOA the newOA to set - */ - public void setNewOA(boolean newOA) { - this.newOA = newOA; - } - - public OAGeneralConfig getGeneralOA() { - return (OAGeneralConfig) formList.get(new OAGeneralConfig().getName()); - } + synchronized (params) { + if (MiscUtil.isNotEmpty(module)) { + if (params.containsKey(module)) { + if (MiscUtil.isNotEmpty(value)) { + if (FormBuildUtils.PARAM_FONTFAMILY.contains(module) || FormBuildUtils.PARAM_HEADER_TEXT + .contains(module) + || value.startsWith("#")) { + params.put(module, value); + } else { + params.put(module, "#" + value); + } - public void setGeneralOA(OAGeneralConfig generalOA) { - formList.put(generalOA.getName(), generalOA); - } - - - public OAPVP2Config getPvp2OA() { - return (OAPVP2Config) formList.get(new OAPVP2Config().getName()); - } + } else { + params.put(module, FormBuildUtils.getDefaultMap().get(module)); + } + } + } + } + + // write preview + final VelocityEngine engine = VelocityProvider.getClassPathVelocityEngine(); + final VelocityContext context = new VelocityContext(); + final Iterator<Entry<String, Object>> interator = params.entrySet().iterator(); + while (interator.hasNext()) { + final Entry<String, Object> el = interator.next(); + context.put(el.getKey(), el.getValue()); + + } + final StringWriter writer = new StringWriter(); + engine.evaluate(context, writer, "BKUSelection_preview", + new BufferedReader(new InputStreamReader(input))); + stream = new ByteArrayInputStream(writer.toString().getBytes("UTF-8")); + + } else { + preview = LanguageHelper.getErrorString("error.bkuformpreview.notpossible", request); + + } + + } catch (final Exception e) { + log.warn("BKUSelection Preview can not be generated.", e); + preview = LanguageHelper.getErrorString("error.bkuformpreview.notpossible", request); - public void setPvp2OA(OAPVP2Config pvp2oa) { - formList.put(pvp2oa.getName(), pvp2oa); } - /** - * @return the stream - */ - public InputStream getStream() { - return stream; - } + if (stream == null && MiscUtil.isNotEmpty(preview)) { + try { + stream = new ByteArrayInputStream(preview.getBytes("UTF-8")); + + } catch (final UnsupportedEncodingException e) { + e.printStackTrace(); + + } + } + return Constants.STRUTS_SUCCESS; + } + + /** + * @param oaidobj the oaidobj to set + */ + public void setOaidobj(String oaidobj) { + this.oaidobj = oaidobj; + } + + /** + * @return the newOA + */ + public boolean isNewOA() { + return newOA; + } + + /** + * @param newOA the newOA to set + */ + public void setNewOA(boolean newOA) { + this.newOA = newOA; + } + + public OAGeneralConfig getGeneralOA() { + return (OAGeneralConfig) formList.get(new OAGeneralConfig().getName()); + } + + public void setGeneralOA(OAGeneralConfig generalOA) { + formList.put(generalOA.getName(), generalOA); + } + + public OAPVP2Config getPvp2OA() { + return (OAPVP2Config) formList.get(new OAPVP2Config().getName()); + } + + public void setPvp2OA(OAPVP2Config pvp2oa) { + formList.put(pvp2oa.getName(), pvp2oa); + } + + /** + * @return the stream + */ + public InputStream getStream() { + return stream; + } } diff --git a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/struts/action/EditGeneralConfigAction.java b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/struts/action/EditGeneralConfigAction.java index 8e057db0f..0992d7f1a 100644 --- a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/struts/action/EditGeneralConfigAction.java +++ b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/struts/action/EditGeneralConfigAction.java @@ -30,7 +30,6 @@ import java.util.Map; import java.util.Set; import org.apache.commons.lang3.StringUtils; -import org.apache.log4j.Logger; import at.gv.egiz.components.configuration.meta.api.ConfigurationStorageException; import at.gv.egiz.eaaf.core.impl.utils.KeyValueUtils; @@ -76,164 +75,160 @@ import at.gv.egovernment.moa.id.configuration.helper.StringHelper; import at.gv.egovernment.moa.id.configuration.validation.moaconfig.MOAConfigValidator; import at.gv.egovernment.moa.id.configuration.validation.moaconfig.StorkConfigValidator; import at.gv.egovernment.moa.util.MiscUtil; +import lombok.extern.slf4j.Slf4j; - +@Slf4j public class EditGeneralConfigAction extends BasicAction { - - private static final Logger log = Logger.getLogger(EditGeneralConfigAction.class); - private static final long serialVersionUID = 1L; - - private GeneralMOAIDConfig moaconfig; - private GeneralStorkConfig storkconfig; - - private String formID; - - public String loadConfig() { - try { - populateBasicInformations(); - - - } catch (BasicActionException e) { - return Constants.STRUTS_ERROR; - - } - - if (authUser.isAdmin()) { - - - MOAIDConfiguration dbconfig = configuration.getDbRead().getMOAIDConfiguration(); - - moaconfig = new GeneralMOAIDConfig(); - moaconfig.parse(dbconfig); - if (moaconfig == null) { - log.error("MOA configuration is null"); - } - if (moaconfig.isMoaidMode()) { - storkconfig = new GeneralStorkConfig(); - storkconfig.parse(dbconfig); - if (storkconfig == null) { - log.error("Stork configuration is null"); - } - } + private static final long serialVersionUID = 1L; + + private GeneralMOAIDConfig moaconfig; + private GeneralStorkConfig storkconfig; + + private String formID; + + public String loadConfig() { + try { + populateBasicInformations(); + + } catch (final BasicActionException e) { + return Constants.STRUTS_ERROR; + + } + + if (authUser.isAdmin()) { + + final MOAIDConfiguration dbconfig = configuration.getDbRead().getMOAIDConfiguration(); + + moaconfig = new GeneralMOAIDConfig(); + moaconfig.parse(dbconfig); + if (moaconfig == null) { + log.error("MOA configuration is null"); + } + + if (moaconfig.isMoaidMode()) { + storkconfig = new GeneralStorkConfig(); + storkconfig.parse(dbconfig); + if (storkconfig == null) { + log.error("Stork configuration is null"); + } + } + + formID = Random.nextRandom(); + session.setAttribute(Constants.SESSION_FORMID, formID); + + return Constants.STRUTS_SUCCESS; + + } else { + addActionError(LanguageHelper.getErrorString("errors.notallowed", request)); + return Constants.STRUTS_NOTALLOWED; + } + } + + public String saveConfig() { + try { + populateBasicInformations(); + + } catch (final BasicActionException e) { + return Constants.STRUTS_ERROR; + + } + + final Object formidobj = session.getAttribute(Constants.SESSION_FORMID); + if (formidobj != null && formidobj instanceof String) { + final String formid = (String) formidobj; + if (!formid.equals(formID)) { + log.warn("FormIDs does not match. Some suspect Form is received from user " + + authUser.getFamilyName() + authUser.getGivenName() + authUser.getUserID()); + return Constants.STRUTS_ERROR; + } + } else { + log.warn("FormIDs does not match. Some suspect Form is received from user " + + authUser.getFamilyName() + authUser.getGivenName() + authUser.getUserID()); + return Constants.STRUTS_ERROR; + } + session.setAttribute(Constants.SESSION_FORMID, null); + + boolean isMoaidMode = false; + try { + isMoaidMode = ConfigurationProvider.getInstance().isMOAIDMode(); + } catch (final ConfigurationException e) { + log.warn("Can NOT load configuration. Set 'moaidmode' to 'false'", e); + } + + if (authUser.isAdmin()) { + + final MOAConfigValidator validator = new MOAConfigValidator(); + + final List<String> errors = validator.validate(moaconfig, request, isMoaidMode); + + if (isMoaidMode) { + errors.addAll(new StorkConfigValidator().validate(storkconfig, request)); + } + + if (errors.size() > 0) { + log.info("General MOA-ID configuration has some errors."); + for (final String el : errors) { + addActionError(el); + } + + if (moaconfig.getSecLayerTransformation() != null) { + session.setAttribute(Constants.SESSION_SLTRANSFORMATION, moaconfig.getSecLayerTransformation()); + } + + formID = Random.nextRandom(); + session.setAttribute(Constants.SESSION_FORMID, formID); + + return Constants.STRUTS_ERROR_VALIDATION; + + } else { + if (moaconfig.getSecLayerTransformation() == null && + session.getAttribute(Constants.SESSION_SLTRANSFORMATION) != null && + session.getAttribute(Constants.SESSION_SLTRANSFORMATION) instanceof Map<?, ?>) { + moaconfig.setSecLayerTransformation((Map<String, byte[]>) session.getAttribute( + Constants.SESSION_SLTRANSFORMATION)); + + } + } + + final String error = saveFormToDatabase(isMoaidMode); + if (error != null) { + log.warn("General MOA-ID config can not be stored in Database"); + + // set new formID + formID = Random.nextRandom(); + session.setAttribute(Constants.SESSION_FORMID, formID); + + addActionError(error); + return Constants.STRUTS_ERROR_VALIDATION; + } + + session.setAttribute(Constants.SESSION_SLTRANSFORMATION, null); + + } else { + addActionError(LanguageHelper.getErrorString("errors.notallowed", request)); + return Constants.STRUTS_NOTALLOWED; + } + + addActionMessage(LanguageHelper.getGUIString("webpages.moaconfig.save.success", request)); + return Constants.STRUTS_SUCCESS; + } + + public String back() { + try { + populateBasicInformations(); + + } catch (final BasicActionException e) { + return Constants.STRUTS_ERROR; + + } + + return Constants.STRUTS_SUCCESS; + } - - - formID = Random.nextRandom(); - session.setAttribute(Constants.SESSION_FORMID, formID); - - return Constants.STRUTS_SUCCESS; - - } else { - addActionError(LanguageHelper.getErrorString("errors.notallowed", request)); - return Constants.STRUTS_NOTALLOWED; - } - } - - public String saveConfig() { - try { - populateBasicInformations(); - - } catch (BasicActionException e) { - return Constants.STRUTS_ERROR; - - } - - Object formidobj = session.getAttribute(Constants.SESSION_FORMID); - if (formidobj != null && formidobj instanceof String) { - String formid = (String) formidobj; - if (!formid.equals(formID)) { - log.warn("FormIDs does not match. Some suspect Form is received from user " - + authUser.getFamilyName() + authUser.getGivenName() + authUser.getUserID()); - return Constants.STRUTS_ERROR; - } - } else { - log.warn("FormIDs does not match. Some suspect Form is received from user " - + authUser.getFamilyName() + authUser.getGivenName() + authUser.getUserID()); - return Constants.STRUTS_ERROR; - } - session.setAttribute(Constants.SESSION_FORMID, null); - - boolean isMoaidMode = false; - try { - isMoaidMode = ConfigurationProvider.getInstance().isMOAIDMode(); - } catch (ConfigurationException e) { - log.warn("Can NOT load configuration. Set 'moaidmode' to 'false'", e); - } - - if (authUser.isAdmin()) { - - MOAConfigValidator validator = new MOAConfigValidator(); - - List<String> errors = validator.validate(moaconfig, request, isMoaidMode); - - if (isMoaidMode) - errors.addAll(new StorkConfigValidator().validate(storkconfig, request)); - - if (errors.size() > 0) { - log.info("General MOA-ID configuration has some errors."); - for (String el : errors) - addActionError(el); - - if (moaconfig.getSecLayerTransformation() != null) { - session.setAttribute(Constants.SESSION_SLTRANSFORMATION, moaconfig.getSecLayerTransformation()); - } - - formID = Random.nextRandom(); - session.setAttribute(Constants.SESSION_FORMID, formID); - - return Constants.STRUTS_ERROR_VALIDATION; - - } else { - if (moaconfig.getSecLayerTransformation() == null && - session.getAttribute(Constants.SESSION_SLTRANSFORMATION) != null && - session.getAttribute(Constants.SESSION_SLTRANSFORMATION) instanceof Map<?, ?> ) { - moaconfig.setSecLayerTransformation((Map<String, byte[]>) - session.getAttribute(Constants.SESSION_SLTRANSFORMATION)); - - } - } - - String error = saveFormToDatabase(isMoaidMode); - if (error != null) { - log.warn("General MOA-ID config can not be stored in Database"); - - //set new formID - formID = Random.nextRandom(); - session.setAttribute(Constants.SESSION_FORMID, formID); - - addActionError(error); - return Constants.STRUTS_ERROR_VALIDATION; - } - - session.setAttribute(Constants.SESSION_SLTRANSFORMATION, null); - - } else { - addActionError(LanguageHelper.getErrorString("errors.notallowed", request)); - return Constants.STRUTS_NOTALLOWED; - } - - - addActionMessage(LanguageHelper.getGUIString("webpages.moaconfig.save.success", request)); - return Constants.STRUTS_SUCCESS; - } - - public String back() { - try { - populateBasicInformations(); - - - } catch (BasicActionException e) { - return Constants.STRUTS_ERROR; - - } - - return Constants.STRUTS_SUCCESS; - } - - private String saveFormToDatabase(boolean isMoaidMode) { - - log.debug("Saving form to database"); + private String saveFormToDatabase(boolean isMoaidMode) { + + log.debug("Saving form to database"); // log.error("Saving form to db"); // log.info("SV frm db"); @@ -244,630 +239,649 @@ public class EditGeneralConfigAction extends BasicAction { // log.error(" SES PARAM: " + obj.toString()); // } - try { - log.error(" ASSERTION " + moaconfig.getTimeoutAssertion()); - } catch (Exception ex) { - ex.printStackTrace(); - } - - MOAIDConfiguration dbconfig = configuration.getDbRead().getMOAIDConfiguration(); - if (dbconfig == null) - dbconfig = new MOAIDConfiguration(); - - - AuthComponentGeneral dbauth = dbconfig.getAuthComponentGeneral(); - if (dbauth == null) { - dbauth = new AuthComponentGeneral(); - dbconfig.setAuthComponentGeneral(dbauth); - } - - GeneralConfiguration dbauthgeneral = dbauth.getGeneralConfiguration(); - if (dbauthgeneral == null) { - dbauthgeneral = new GeneralConfiguration(); - dbauth.setGeneralConfiguration(dbauthgeneral); - } - + try { + log.error(" ASSERTION " + moaconfig.getTimeoutAssertion()); + } catch (final Exception ex) { + ex.printStackTrace(); + } + + MOAIDConfiguration dbconfig = configuration.getDbRead().getMOAIDConfiguration(); + if (dbconfig == null) { + dbconfig = new MOAIDConfiguration(); + } + + AuthComponentGeneral dbauth = dbconfig.getAuthComponentGeneral(); + if (dbauth == null) { + dbauth = new AuthComponentGeneral(); + dbconfig.setAuthComponentGeneral(dbauth); + } + + GeneralConfiguration dbauthgeneral = dbauth.getGeneralConfiguration(); + if (dbauthgeneral == null) { + dbauthgeneral = new GeneralConfiguration(); + dbauth.setGeneralConfiguration(dbauthgeneral); + } + // GeneralConfiguration oldauthgeneral = null; // if (oldauth != null) // oldauthgeneral = oldauth.getGeneralConfiguration(); - - //set Public URL Prefix - String pubURLPrefix = moaconfig.getPublicURLPrefix(); - if (moaconfig.isVirtualPublicURLPrefixEnabled()) { - dbauthgeneral.setPublicURLPreFix( - KeyValueUtils.normalizeCSVValueString(pubURLPrefix)); - - } else { - if (pubURLPrefix.contains(KeyValueUtils.CSV_DELIMITER)) { - dbauthgeneral.setPublicURLPreFix( - pubURLPrefix.trim().substring(0, - pubURLPrefix.indexOf(KeyValueUtils.CSV_DELIMITER))); - - } else - dbauthgeneral.setPublicURLPreFix( - StringUtils.chomp(pubURLPrefix.trim())); - - } - - dbauthgeneral.setVirtualPublicURLPrefixEnabled( - moaconfig.isVirtualPublicURLPrefixEnabled()); - - + + // set Public URL Prefix + final String pubURLPrefix = moaconfig.getPublicURLPrefix(); + if (moaconfig.isVirtualPublicURLPrefixEnabled()) { + dbauthgeneral.setPublicURLPreFix( + KeyValueUtils.normalizeCSVValueString(pubURLPrefix)); + + } else { + if (pubURLPrefix.contains(KeyValueUtils.CSV_DELIMITER)) { + dbauthgeneral.setPublicURLPreFix( + pubURLPrefix.trim().substring(0, + pubURLPrefix.indexOf(KeyValueUtils.CSV_DELIMITER))); + + } else { + dbauthgeneral.setPublicURLPreFix( + StringUtils.chomp(pubURLPrefix.trim())); + } + + } + + dbauthgeneral.setVirtualPublicURLPrefixEnabled( + moaconfig.isVirtualPublicURLPrefixEnabled()); + // if (MiscUtil.isNotEmpty(moaconfig.getAlternativeSourceID())) // dbauthgeneral.setAlternativeSourceID(moaconfig.getAlternativeSourceID()); // else { // if (oldauthgeneral != null) // dbauthgeneral.setAlternativeSourceID(oldauthgeneral.getAlternativeSourceID()); // } - + // if (MiscUtil.isNotEmpty(moaconfig.getCertStoreDirectory())) // dbauthgeneral.setCertStoreDirectory(moaconfig.getCertStoreDirectory()); - - TimeOuts dbtimeouts = dbauthgeneral.getTimeOuts(); - if (dbtimeouts == null) { - dbtimeouts = new TimeOuts(); - dbauthgeneral.setTimeOuts(dbtimeouts); - } - if (MiscUtil.isEmpty(moaconfig.getTimeoutAssertion())) - dbtimeouts.setAssertion(BigInteger.valueOf(GeneralMOAIDConfig.DEFAULTTIMEOUTASSERTION)); - else - dbtimeouts.setAssertion(new BigInteger(moaconfig.getTimeoutAssertion())); - - if (MiscUtil.isEmpty(moaconfig.getTimeoutMOASessionCreated())) - dbtimeouts.setMOASessionCreated(BigInteger.valueOf(GeneralMOAIDConfig.DEFAULTTIMEOUTMOASESSIONCREATED)); - else - dbtimeouts.setMOASessionCreated(new BigInteger(moaconfig.getTimeoutMOASessionCreated())); - - if (MiscUtil.isEmpty(moaconfig.getTimeoutMOASessionUpdated())) - dbtimeouts.setMOASessionUpdated(BigInteger.valueOf(GeneralMOAIDConfig.DEFAULTTIMEOUTMOASESSIONUPDATED)); - else - dbtimeouts.setMOASessionUpdated(new BigInteger(moaconfig.getTimeoutMOASessionUpdated())); - - dbauthgeneral.setTrustManagerRevocationChecking(moaconfig.isTrustmanagerrevocationcheck()); - - - - Protocols dbprotocols = dbauth.getProtocols(); - if (dbprotocols == null) { - dbprotocols = new Protocols(); - dbauth.setProtocols(dbprotocols); - } - LegacyAllowed legprot = dbprotocols.getLegacyAllowed(); - if (legprot == null) { - legprot = new LegacyAllowed(); - dbprotocols.setLegacyAllowed(legprot); - } - - List<String> el = legprot.getProtocolName(); - if (el == null) { - el = new ArrayList<String>(); - legprot.setProtocolName(el); - - } - - //Workaround for DB cleaning is only needed for one or the releases (insert in 2.1.1) - if (el.size() > 2) - el.clear(); - - if (el.contains(Constants.MOA_CONFIG_PROTOCOL_PVP2)) { - if (!moaconfig.isLegacy_pvp2()) - el.remove(Constants.MOA_CONFIG_PROTOCOL_PVP2); - - } else { - if (moaconfig.isLegacy_pvp2()) - el.add(Constants.MOA_CONFIG_PROTOCOL_PVP2); - } - - if (el.contains(Constants.MOA_CONFIG_PROTOCOL_SAML1)) { - if (!moaconfig.isLegacy_saml1()) - el.remove(Constants.MOA_CONFIG_PROTOCOL_SAML1); - - } else { - if (moaconfig.isLegacy_saml1()) - el.add(Constants.MOA_CONFIG_PROTOCOL_SAML1); - } - - SAML1 saml1= dbprotocols.getSAML1(); - if (saml1 == null) { - saml1 = new SAML1(); - dbprotocols.setSAML1(saml1); - } - saml1.setIsActive(moaconfig.isProtocolActiveSAML1()); - - if (MiscUtil.isNotEmpty(moaconfig.getSaml1SourceID())) { - saml1.setSourceID(moaconfig.getSaml1SourceID()); - - } else { - if (MiscUtil.isNotEmpty(saml1.getSourceID())) - saml1.setSourceID(moaconfig.getSaml1SourceID()); - - } - - - OAuth oauth= dbprotocols.getOAuth(); - if (oauth == null) { - oauth = new OAuth(); - dbprotocols.setOAuth(oauth); - } - - PVP2 pvp2 = dbprotocols.getPVP2(); - if (pvp2 == null) { - pvp2 = new PVP2(); - dbprotocols.setPVP2(pvp2); - } - - if (isMoaidMode) { - oauth.setIsActive(moaconfig.isProtocolActiveOAuth()); - pvp2.setIsActive(moaconfig.isProtocolActivePVP21()); - - } - - if (MiscUtil.isNotEmpty(moaconfig.getPvp2IssuerName())) - pvp2.setIssuerName(moaconfig.getPvp2IssuerName()); + + TimeOuts dbtimeouts = dbauthgeneral.getTimeOuts(); + if (dbtimeouts == null) { + dbtimeouts = new TimeOuts(); + dbauthgeneral.setTimeOuts(dbtimeouts); + } + if (MiscUtil.isEmpty(moaconfig.getTimeoutAssertion())) { + dbtimeouts.setAssertion(BigInteger.valueOf(GeneralMOAIDConfig.DEFAULTTIMEOUTASSERTION)); + } else { + dbtimeouts.setAssertion(new BigInteger(moaconfig.getTimeoutAssertion())); + } + + if (MiscUtil.isEmpty(moaconfig.getTimeoutMOASessionCreated())) { + dbtimeouts.setMOASessionCreated(BigInteger.valueOf(GeneralMOAIDConfig.DEFAULTTIMEOUTMOASESSIONCREATED)); + } else { + dbtimeouts.setMOASessionCreated(new BigInteger(moaconfig.getTimeoutMOASessionCreated())); + } + + if (MiscUtil.isEmpty(moaconfig.getTimeoutMOASessionUpdated())) { + dbtimeouts.setMOASessionUpdated(BigInteger.valueOf(GeneralMOAIDConfig.DEFAULTTIMEOUTMOASESSIONUPDATED)); + } else { + dbtimeouts.setMOASessionUpdated(new BigInteger(moaconfig.getTimeoutMOASessionUpdated())); + } + + dbauthgeneral.setTrustManagerRevocationChecking(moaconfig.isTrustmanagerrevocationcheck()); + + Protocols dbprotocols = dbauth.getProtocols(); + if (dbprotocols == null) { + dbprotocols = new Protocols(); + dbauth.setProtocols(dbprotocols); + } + LegacyAllowed legprot = dbprotocols.getLegacyAllowed(); + if (legprot == null) { + legprot = new LegacyAllowed(); + dbprotocols.setLegacyAllowed(legprot); + } + + List<String> el = legprot.getProtocolName(); + if (el == null) { + el = new ArrayList<>(); + legprot.setProtocolName(el); + + } + + // Workaround for DB cleaning is only needed for one or the releases (insert in + // 2.1.1) + if (el.size() > 2) { + el.clear(); + } + + if (el.contains(Constants.MOA_CONFIG_PROTOCOL_PVP2)) { + if (!moaconfig.isLegacy_pvp2()) { + el.remove(Constants.MOA_CONFIG_PROTOCOL_PVP2); + } + + } else { + if (moaconfig.isLegacy_pvp2()) { + el.add(Constants.MOA_CONFIG_PROTOCOL_PVP2); + } + } + + if (el.contains(Constants.MOA_CONFIG_PROTOCOL_SAML1)) { + if (!moaconfig.isLegacy_saml1()) { + el.remove(Constants.MOA_CONFIG_PROTOCOL_SAML1); + } + + } else { + if (moaconfig.isLegacy_saml1()) { + el.add(Constants.MOA_CONFIG_PROTOCOL_SAML1); + } + } + + SAML1 saml1 = dbprotocols.getSAML1(); + if (saml1 == null) { + saml1 = new SAML1(); + dbprotocols.setSAML1(saml1); + } + saml1.setIsActive(moaconfig.isProtocolActiveSAML1()); + + if (MiscUtil.isNotEmpty(moaconfig.getSaml1SourceID())) { + saml1.setSourceID(moaconfig.getSaml1SourceID()); + + } else { + if (MiscUtil.isNotEmpty(saml1.getSourceID())) { + saml1.setSourceID(moaconfig.getSaml1SourceID()); + } + + } + + OAuth oauth = dbprotocols.getOAuth(); + if (oauth == null) { + oauth = new OAuth(); + dbprotocols.setOAuth(oauth); + } + + PVP2 pvp2 = dbprotocols.getPVP2(); + if (pvp2 == null) { + pvp2 = new PVP2(); + dbprotocols.setPVP2(pvp2); + } + + if (isMoaidMode) { + oauth.setIsActive(moaconfig.isProtocolActiveOAuth()); + pvp2.setIsActive(moaconfig.isProtocolActivePVP21()); + + } + + if (MiscUtil.isNotEmpty(moaconfig.getPvp2IssuerName())) { + pvp2.setIssuerName(moaconfig.getPvp2IssuerName()); // if (MiscUtil.isNotEmpty(moaconfig.getPvp2PublicUrlPrefix())) // pvp2.setPublicURLPrefix(moaconfig.getPvp2PublicUrlPrefix()); - - Organization pvp2org = pvp2.getOrganization(); - if (pvp2org == null) { - pvp2org = new Organization(); - pvp2.setOrganization(pvp2org); - } - if (MiscUtil.isNotEmpty(moaconfig.getPvp2OrgDisplayName())) - pvp2org.setDisplayName(StringHelper.getUTF8String( - moaconfig.getPvp2OrgDisplayName())); - if (MiscUtil.isNotEmpty(moaconfig.getPvp2OrgName())) - pvp2org.setName(StringHelper.getUTF8String(moaconfig.getPvp2OrgName())); - if (MiscUtil.isNotEmpty(moaconfig.getPvp2OrgURL())) - pvp2org.setURL(moaconfig.getPvp2OrgURL()); - - List<Contact> pvp2cont = pvp2.getContact(); - if (pvp2cont == null) { - pvp2cont = new ArrayList<Contact>(); - pvp2.setContact(pvp2cont); - } - - if (pvp2cont.size() == 0) { - Contact cont = new Contact(); - pvp2cont.add(cont); - } - - Contact cont = pvp2cont.get(0); - if (MiscUtil.isNotEmpty(moaconfig.getPvp2Contact().getCompany())) - cont.setCompany(StringHelper.getUTF8String( - moaconfig.getPvp2Contact().getCompany())); - - if (MiscUtil.isNotEmpty(moaconfig.getPvp2Contact().getGivenname())) - cont.setGivenName(StringHelper.getUTF8String( - moaconfig.getPvp2Contact().getGivenname())); - - if (cont.getMail() != null && cont.getMail().size() > 0) - cont.getMail().set(0, moaconfig.getPvp2Contact().getMail()); - else - cont.setMail(Arrays.asList(moaconfig.getPvp2Contact().getMail())); - - if (cont.getPhone() != null && cont.getPhone().size() > 0) - cont.getPhone().set(0, moaconfig.getPvp2Contact().getPhone()); - else - cont.setPhone(Arrays.asList(moaconfig.getPvp2Contact().getPhone())); - - cont.setSurName(StringHelper.getUTF8String(moaconfig.getPvp2Contact().getSurname())); - if (MiscUtil.isNotEmpty(moaconfig.getPvp2Contact().getType())) - cont.setType(moaconfig.getPvp2Contact().getType()); - - - ChainingModes dbchainingmodes = dbconfig.getChainingModes(); - if (dbchainingmodes == null) { - dbchainingmodes = new ChainingModes(); - dbconfig.setChainingModes(dbchainingmodes); - } - - dbchainingmodes.setSystemDefaultMode( - ChainingModeType.fromValue("pkix")); - - - if (isMoaidMode) { - SSO dbsso = dbauth.getSSO(); - if (dbsso == null) { - dbsso = new SSO(); - dbauth.setSSO(dbsso); - } - - if (MiscUtil.isNotEmpty(moaconfig.getSsoFriendlyName())) - dbsso.setFriendlyName(StringHelper.getUTF8String( - moaconfig.getSsoFriendlyName())); - if (MiscUtil.isNotEmpty(moaconfig.getSsoSpecialText())) - dbsso.setSpecialText(StringHelper.getUTF8String( - moaconfig.getSsoSpecialText())); - // if (MiscUtil.isNotEmpty(moaconfig.getSsoPublicUrl())) - // dbsso.setPublicURL(moaconfig.getSsoPublicUrl()); - - if (MiscUtil.isNotEmpty(moaconfig.getSsoTarget())) { - - if (!ValidationHelper.isValidAdminTarget(moaconfig.getSsoTarget())) { - String num = moaconfig.getSsoTarget().replaceAll(" ", ""); - String pre = null; - if (num.startsWith(Constants.IDENIFICATIONTYPE_FN)) { - num = num.substring(Constants.IDENIFICATIONTYPE_FN.length()); - - num = at.gv.egovernment.moa.util.StringUtils.deleteLeadingZeros(num); - pre = Constants.IDENIFICATIONTYPE_FN; - } - - if (num.startsWith(Constants.IDENIFICATIONTYPE_ZVR)) { - num = num.substring(Constants.IDENIFICATIONTYPE_ZVR.length()); - pre = Constants.IDENIFICATIONTYPE_ZVR; - } - - if (num.startsWith(Constants.IDENIFICATIONTYPE_ERSB)){ - num = num.substring(Constants.IDENIFICATIONTYPE_ERSB.length()); - pre = Constants.IDENIFICATIONTYPE_ERSB; - } - - dbsso.setTarget(Constants.PREFIX_WPBK + pre + "+" + num); - - } else { - dbsso.setTarget(moaconfig.getSsoTarget()); - - } - } - // if (MiscUtil.isNotEmpty(moaconfig.getSsoIdentificationNumber())) { - // IdentificationNumber ssoid = dbsso.getIdentificationNumber(); - // if (ssoid == null) { - // ssoid = new IdentificationNumber(); - // dbsso.setIdentificationNumber(ssoid); - // } - // ssoid.setValue(moaconfig.getSsoIdentificationNumber()); - // } - - DefaultBKUs dbbkus = dbconfig.getDefaultBKUs(); - - if (dbbkus == null) { - dbbkus = new DefaultBKUs(); - dbconfig.setDefaultBKUs(dbbkus); - } - - if (MiscUtil.isNotEmpty(moaconfig.getDefaultBKUHandy())) - dbbkus.setHandyBKU(moaconfig.getDefaultBKUHandy()); - else - dbbkus.setHandyBKU(new String()); - - if (MiscUtil.isNotEmpty(moaconfig.getDefaultBKUOnline())) - dbbkus.setOnlineBKU(moaconfig.getDefaultBKUOnline()); - else - dbbkus.setOnlineBKU(new String()); - - if (MiscUtil.isNotEmpty(moaconfig.getDefaultBKULocal())) - dbbkus.setLocalBKU(moaconfig.getDefaultBKULocal()); - else - dbbkus.setLocalBKU(new String()); - - - - IdentityLinkSigners idlsigners = dbauth.getIdentityLinkSigners(); - if (idlsigners == null) { - idlsigners = new IdentityLinkSigners(); - dbauth.setIdentityLinkSigners(idlsigners); - } - - ForeignIdentities dbforeign = dbauth.getForeignIdentities(); - if (dbforeign == null) { - dbforeign = new ForeignIdentities(); - dbauth.setForeignIdentities(dbforeign); - } - - if (MiscUtil.isNotEmpty(moaconfig.getSzrgwURL())) { - ConnectionParameterClientAuthType forcon = dbforeign.getConnectionParameter(); - if (forcon == null) { - forcon = new ConnectionParameterClientAuthType(); - dbforeign.setConnectionParameter(forcon); - } - - if (KeyValueUtils.isCSVValueString(moaconfig.getSzrgwURL())) - forcon.setURL(KeyValueUtils.normalizeCSVValueString(moaconfig.getSzrgwURL())); - - else { - if (moaconfig.getSzrgwURL().contains(KeyValueUtils.CSV_DELIMITER)) - forcon.setURL( - moaconfig.getSzrgwURL().trim().substring(0, - moaconfig.getSzrgwURL().indexOf(KeyValueUtils.CSV_DELIMITER))); - - else - forcon.setURL( - StringUtils.chomp(moaconfig.getSzrgwURL().trim())); - - } - - } - - ForeignIdentities foreign = dbauth.getForeignIdentities(); - if (foreign != null) { - STORK stork = foreign.getSTORK(); - if (stork == null) { - stork = new STORK(); - foreign.setSTORK(stork); - - } - - try { - log.error("QAAAA " + storkconfig.getDefaultQaa()); - stork.setGeneral_eIDAS_LOA(storkconfig.getDefaultQaa()); - - if (storkconfig.getAttributes() != null) { - List<StorkAttribute> dbStorkAttr = new ArrayList<StorkAttribute>(); - stork.setAttributes(dbStorkAttr); - - - for (StorkAttribute attr : storkconfig.getAttributes()) { - if (attr != null && MiscUtil.isNotEmpty(attr.getName())) - dbStorkAttr.add(attr); - - else - log.info("Remove null or empty STORK attribute"); - } - - } else - stork.setAttributes((List<StorkAttribute>) (new ArrayList<StorkAttribute>())); - - if (storkconfig.getCpepslist() != null) { - List<CPEPS> dbStorkCPEPS = new ArrayList<CPEPS>(); - stork.setCPEPS(dbStorkCPEPS); - - for (CPEPS cpeps : storkconfig.getCpepslist()) { - if (cpeps != null && MiscUtil.isNotEmpty(cpeps.getURL()) && - MiscUtil.isNotEmpty(cpeps.getCountryCode())) { - - if (cpeps.getCountryCode().equals("CC") && - cpeps.getURL().equals("http://")) - log.info("Remove dummy STORK CPEPS entry."); - - else - dbStorkCPEPS.add(cpeps); - - } else - log.info("Remove null or emtpy STORK CPEPS configuration"); - } - - } else - stork.setCPEPS((List<CPEPS>) (new ArrayList<CPEPS>())); - - } catch (Exception e) { - e.printStackTrace(); - - } - - try{ - log.info("CPEPS LIST: " + storkconfig.getCpepslist().size() ); - log.trace("CPEPS 1:" + storkconfig.getCpepslist().get(0).getCountryCode() +storkconfig.getCpepslist().get(0).getURL()); - - } catch (Exception ex) { - log.info("CPEPS LIST is null"); - - } - } - - //write MIS Mandate-Service URLs - if (MiscUtil.isNotEmpty(moaconfig.getMandateURL())) { - OnlineMandates dbmandate = dbauth.getOnlineMandates(); - if (dbmandate == null) { - dbmandate = new OnlineMandates(); - dbauth.setOnlineMandates(dbmandate); - } - ConnectionParameterClientAuthType dbmandateconnection = dbmandate.getConnectionParameter(); - - if (dbmandateconnection == null) { - dbmandateconnection = new ConnectionParameterClientAuthType(); - dbmandate.setConnectionParameter(dbmandateconnection); - } - - if (KeyValueUtils.isCSVValueString(moaconfig.getMandateURL())) - dbmandateconnection.setURL(KeyValueUtils.normalizeCSVValueString(moaconfig.getMandateURL())); - - else { - if (moaconfig.getMandateURL().contains(KeyValueUtils.CSV_DELIMITER)) - dbmandateconnection.setURL( - moaconfig.getMandateURL().trim().substring(0, - moaconfig.getMandateURL().indexOf(KeyValueUtils.CSV_DELIMITER))); - - else - dbmandateconnection.setURL( - StringUtils.chomp(moaconfig.getMandateURL().trim())); - - } - } - - //write ELGA Mandate-Service URLs - if (MiscUtil.isNotEmpty(moaconfig.getElgaMandateServiceURL())) { - if (KeyValueUtils.isCSVValueString(moaconfig.getElgaMandateServiceURL())) - dbconfig.setElgaMandateServiceURLs(KeyValueUtils.normalizeCSVValueString(moaconfig.getElgaMandateServiceURL())); - - else { - if (moaconfig.getElgaMandateServiceURL().contains(KeyValueUtils.CSV_DELIMITER)) - dbconfig.setElgaMandateServiceURLs( - moaconfig.getElgaMandateServiceURL().trim().substring(0, - moaconfig.getElgaMandateServiceURL().indexOf(KeyValueUtils.CSV_DELIMITER))); - - else - dbconfig.setElgaMandateServiceURLs( - StringUtils.chomp(moaconfig.getElgaMandateServiceURL().trim())); - - } - } else - dbconfig.setElgaMandateServiceURLs(null); - } - - - //write E-ID System URLs - if (MiscUtil.isNotEmpty(moaconfig.getEidSystemServiceURL())) { - if (KeyValueUtils.isCSVValueString(moaconfig.getEidSystemServiceURL())) - dbconfig.setEidSystemServiceURLs(KeyValueUtils.normalizeCSVValueString(moaconfig.getEidSystemServiceURL())); - - else { - if (moaconfig.getEidSystemServiceURL().contains(KeyValueUtils.CSV_DELIMITER)) - dbconfig.setEidSystemServiceURLs( - moaconfig.getEidSystemServiceURL().trim().substring(0, - moaconfig.getEidSystemServiceURL().indexOf(KeyValueUtils.CSV_DELIMITER))); - - else - dbconfig.setEidSystemServiceURLs( - StringUtils.chomp(moaconfig.getEidSystemServiceURL().trim())); - - } - - } else - dbconfig.setEidSystemServiceURLs(null); - - - if (isMoaidMode) { - MOASP dbmoasp = dbauth.getMOASP(); - if (dbmoasp == null) { - dbmoasp = new MOASP(); - dbauth.setMOASP(dbmoasp); - } - if (MiscUtil.isNotEmpty(moaconfig.getMoaspssURL())) { - ConnectionParameterClientAuthType moaspcon = dbmoasp.getConnectionParameter(); - if (moaspcon == null) { - moaspcon = new ConnectionParameterClientAuthType(); - dbmoasp.setConnectionParameter(moaspcon); - } - moaspcon.setURL(moaconfig.getMoaspssURL()); - } - VerifyIdentityLink moaidl = dbmoasp.getVerifyIdentityLink(); - if (moaidl == null) { - moaidl = new VerifyIdentityLink(); - dbmoasp.setVerifyIdentityLink(moaidl); - } - moaidl.setTrustProfileID(moaconfig.getMoaspssIdlTrustProfile()); - moaidl.setTestTrustProfileID(moaconfig.getMoaspssIdlTrustProfileTest()); - - VerifyAuthBlock moaauth = dbmoasp.getVerifyAuthBlock(); - if (moaauth == null) { - moaauth = new VerifyAuthBlock(); - dbmoasp.setVerifyAuthBlock(moaauth); - } - moaauth.setTrustProfileID(moaconfig.getMoaspssAuthTrustProfile()); - moaauth.setTestTrustProfileID(moaconfig.getMoaspssAuthTrustProfileTest()); - - if (moaauth.getVerifyTransformsInfoProfileID() != null && - moaauth.getVerifyTransformsInfoProfileID().size() > 0) - moaauth.getVerifyTransformsInfoProfileID().set(0, moaconfig.getAuthTransformList().get(0)); - - else { - if (moaauth.getVerifyTransformsInfoProfileID() == null) { - moaauth.setVerifyTransformsInfoProfileID(new ArrayList<String>()); - - } - moaauth.getVerifyTransformsInfoProfileID().add(moaconfig.getAuthTransformList().get(0)); - } - - SecurityLayer seclayertrans = dbauth.getSecurityLayer(); - if (seclayertrans == null) { - seclayertrans = new SecurityLayer(); - dbauth.setSecurityLayer(seclayertrans); - } - List<TransformsInfoType> trans = new ArrayList<TransformsInfoType>(); - Map<String, byte[]> moatrans = moaconfig.getSecLayerTransformation(); - if (moatrans != null) { - Set<String> keys = moatrans.keySet(); - for (String key : keys) { - TransformsInfoType elem = new TransformsInfoType(); - elem.setFilename(key); - elem.setTransformation(moatrans.get(key)); - trans.add(elem); - } - } - if (trans.size() > 0) - seclayertrans.setTransformsInfo(trans); - - - SLRequestTemplates slrequesttempl = dbconfig.getSLRequestTemplates(); - if (slrequesttempl == null) { - slrequesttempl = new SLRequestTemplates(); - dbconfig.setSLRequestTemplates(slrequesttempl); - } - if (MiscUtil.isNotEmpty(moaconfig.getSLRequestTemplateHandy())) - slrequesttempl.setHandyBKU(moaconfig.getSLRequestTemplateHandy()); - if (MiscUtil.isNotEmpty(moaconfig.getSLRequestTemplateLocal())) - slrequesttempl.setLocalBKU(moaconfig.getSLRequestTemplateLocal()); - if (MiscUtil.isNotEmpty(moaconfig.getSLRequestTemplateOnline())) - slrequesttempl.setOnlineBKU(moaconfig.getSLRequestTemplateOnline()); - - } - - if (MiscUtil.isNotEmpty(moaconfig.getTrustedCACerts())) - dbconfig.setTrustedCACertificates(moaconfig.getTrustedCACerts()); - - //save config - try { - log.debug("JaxB to Key/Value configuration transformation started ..."); - Map<String, String> keyValueConfig = - ConfigurationMigrationUtils.convertHyberJaxBMOAIDConfigToKeyValue(dbconfig); - - log.debug("JaxB to Key/Value configuration transformation finished. Start Key/Value storage process ..."); - - configuration.getConfigModule().storeChanges(keyValueConfig, null, null); - - log.info("General MOA-ID Key/Value configuration successfull stored."); - - - } catch (ConfigurationStorageException e) { - log.warn("MOAID Configuration can not be stored in Database", e); - return LanguageHelper.getErrorString("error.db.oa.store", request); - - } finally { - - - } - - return null; - } - - /** - * @return the moaconfig - */ - public GeneralMOAIDConfig getMoaconfig() { - return moaconfig; - } - - /** - * @param moaconfig the moaconfig to set - */ - public void setMoaconfig(GeneralMOAIDConfig moaconfig) { - this.moaconfig = moaconfig; - } - - /** - * Gets the storkconfig. - * - * @return the storkconfig - */ - public GeneralStorkConfig getStorkconfig() { - return storkconfig; - } - - /** - * Sets the storkconfig. - * - * @param storkconfig the new storkconfig - */ - public void setStorkconfig(GeneralStorkConfig storkconfig) { - this.storkconfig = storkconfig; - } - - /** - * @return the formID - */ - public String getFormID() { - return formID; - } - - /** - * @param formID the formID to set - */ - public void setFormID(String formID) { - this.formID = formID; - } - - - + } + + Organization pvp2org = pvp2.getOrganization(); + if (pvp2org == null) { + pvp2org = new Organization(); + pvp2.setOrganization(pvp2org); + } + if (MiscUtil.isNotEmpty(moaconfig.getPvp2OrgDisplayName())) { + pvp2org.setDisplayName(StringHelper.getUTF8String( + moaconfig.getPvp2OrgDisplayName())); + } + if (MiscUtil.isNotEmpty(moaconfig.getPvp2OrgName())) { + pvp2org.setName(StringHelper.getUTF8String(moaconfig.getPvp2OrgName())); + } + if (MiscUtil.isNotEmpty(moaconfig.getPvp2OrgURL())) { + pvp2org.setURL(moaconfig.getPvp2OrgURL()); + } + + List<Contact> pvp2cont = pvp2.getContact(); + if (pvp2cont == null) { + pvp2cont = new ArrayList<>(); + pvp2.setContact(pvp2cont); + } + + if (pvp2cont.size() == 0) { + final Contact cont = new Contact(); + pvp2cont.add(cont); + } + + final Contact cont = pvp2cont.get(0); + if (MiscUtil.isNotEmpty(moaconfig.getPvp2Contact().getCompany())) { + cont.setCompany(StringHelper.getUTF8String( + moaconfig.getPvp2Contact().getCompany())); + } + + if (MiscUtil.isNotEmpty(moaconfig.getPvp2Contact().getGivenname())) { + cont.setGivenName(StringHelper.getUTF8String( + moaconfig.getPvp2Contact().getGivenname())); + } + + if (cont.getMail() != null && cont.getMail().size() > 0) { + cont.getMail().set(0, moaconfig.getPvp2Contact().getMail()); + } else { + cont.setMail(Arrays.asList(moaconfig.getPvp2Contact().getMail())); + } + + if (cont.getPhone() != null && cont.getPhone().size() > 0) { + cont.getPhone().set(0, moaconfig.getPvp2Contact().getPhone()); + } else { + cont.setPhone(Arrays.asList(moaconfig.getPvp2Contact().getPhone())); + } + + cont.setSurName(StringHelper.getUTF8String(moaconfig.getPvp2Contact().getSurname())); + if (MiscUtil.isNotEmpty(moaconfig.getPvp2Contact().getType())) { + cont.setType(moaconfig.getPvp2Contact().getType()); + } + + ChainingModes dbchainingmodes = dbconfig.getChainingModes(); + if (dbchainingmodes == null) { + dbchainingmodes = new ChainingModes(); + dbconfig.setChainingModes(dbchainingmodes); + } + + dbchainingmodes.setSystemDefaultMode( + ChainingModeType.fromValue("pkix")); + + if (isMoaidMode) { + SSO dbsso = dbauth.getSSO(); + if (dbsso == null) { + dbsso = new SSO(); + dbauth.setSSO(dbsso); + } + + if (MiscUtil.isNotEmpty(moaconfig.getSsoFriendlyName())) { + dbsso.setFriendlyName(StringHelper.getUTF8String( + moaconfig.getSsoFriendlyName())); + } + if (MiscUtil.isNotEmpty(moaconfig.getSsoSpecialText())) { + dbsso.setSpecialText(StringHelper.getUTF8String( + moaconfig.getSsoSpecialText())); + // if (MiscUtil.isNotEmpty(moaconfig.getSsoPublicUrl())) + // dbsso.setPublicURL(moaconfig.getSsoPublicUrl()); + } + + if (MiscUtil.isNotEmpty(moaconfig.getSsoTarget())) { + + if (!ValidationHelper.isValidAdminTarget(moaconfig.getSsoTarget())) { + String num = moaconfig.getSsoTarget().replaceAll(" ", ""); + String pre = null; + if (num.startsWith(Constants.IDENIFICATIONTYPE_FN)) { + num = num.substring(Constants.IDENIFICATIONTYPE_FN.length()); + + num = at.gv.egovernment.moa.util.StringUtils.deleteLeadingZeros(num); + pre = Constants.IDENIFICATIONTYPE_FN; + } + + if (num.startsWith(Constants.IDENIFICATIONTYPE_ZVR)) { + num = num.substring(Constants.IDENIFICATIONTYPE_ZVR.length()); + pre = Constants.IDENIFICATIONTYPE_ZVR; + } + + if (num.startsWith(Constants.IDENIFICATIONTYPE_ERSB)) { + num = num.substring(Constants.IDENIFICATIONTYPE_ERSB.length()); + pre = Constants.IDENIFICATIONTYPE_ERSB; + } + + dbsso.setTarget(Constants.PREFIX_WPBK + pre + "+" + num); + + } else { + dbsso.setTarget(moaconfig.getSsoTarget()); + + } + } + // if (MiscUtil.isNotEmpty(moaconfig.getSsoIdentificationNumber())) { + // IdentificationNumber ssoid = dbsso.getIdentificationNumber(); + // if (ssoid == null) { + // ssoid = new IdentificationNumber(); + // dbsso.setIdentificationNumber(ssoid); + // } + // ssoid.setValue(moaconfig.getSsoIdentificationNumber()); + // } + + DefaultBKUs dbbkus = dbconfig.getDefaultBKUs(); + + if (dbbkus == null) { + dbbkus = new DefaultBKUs(); + dbconfig.setDefaultBKUs(dbbkus); + } + + if (MiscUtil.isNotEmpty(moaconfig.getDefaultBKUHandy())) { + dbbkus.setHandyBKU(moaconfig.getDefaultBKUHandy()); + } else { + dbbkus.setHandyBKU(new String()); + } + + if (MiscUtil.isNotEmpty(moaconfig.getDefaultBKUOnline())) { + dbbkus.setOnlineBKU(moaconfig.getDefaultBKUOnline()); + } else { + dbbkus.setOnlineBKU(new String()); + } + + if (MiscUtil.isNotEmpty(moaconfig.getDefaultBKULocal())) { + dbbkus.setLocalBKU(moaconfig.getDefaultBKULocal()); + } else { + dbbkus.setLocalBKU(new String()); + } + + IdentityLinkSigners idlsigners = dbauth.getIdentityLinkSigners(); + if (idlsigners == null) { + idlsigners = new IdentityLinkSigners(); + dbauth.setIdentityLinkSigners(idlsigners); + } + + ForeignIdentities dbforeign = dbauth.getForeignIdentities(); + if (dbforeign == null) { + dbforeign = new ForeignIdentities(); + dbauth.setForeignIdentities(dbforeign); + } + + if (MiscUtil.isNotEmpty(moaconfig.getSzrgwURL())) { + ConnectionParameterClientAuthType forcon = dbforeign.getConnectionParameter(); + if (forcon == null) { + forcon = new ConnectionParameterClientAuthType(); + dbforeign.setConnectionParameter(forcon); + } + + if (KeyValueUtils.isCSVValueString(moaconfig.getSzrgwURL())) { + forcon.setURL(KeyValueUtils.normalizeCSVValueString(moaconfig.getSzrgwURL())); + } else { + if (moaconfig.getSzrgwURL().contains(KeyValueUtils.CSV_DELIMITER)) { + forcon.setURL( + moaconfig.getSzrgwURL().trim().substring(0, + moaconfig.getSzrgwURL().indexOf(KeyValueUtils.CSV_DELIMITER))); + } else { + forcon.setURL( + StringUtils.chomp(moaconfig.getSzrgwURL().trim())); + } + + } + + } + + final ForeignIdentities foreign = dbauth.getForeignIdentities(); + if (foreign != null) { + STORK stork = foreign.getSTORK(); + if (stork == null) { + stork = new STORK(); + foreign.setSTORK(stork); + + } + + try { + log.error("QAAAA " + storkconfig.getDefaultQaa()); + stork.setGeneral_eIDAS_LOA(storkconfig.getDefaultQaa()); + + if (storkconfig.getAttributes() != null) { + final List<StorkAttribute> dbStorkAttr = new ArrayList<>(); + stork.setAttributes(dbStorkAttr); + + for (final StorkAttribute attr : storkconfig.getAttributes()) { + if (attr != null && MiscUtil.isNotEmpty(attr.getName())) { + dbStorkAttr.add(attr); + } else { + log.info("Remove null or empty STORK attribute"); + } + } + + } else { + stork.setAttributes(new ArrayList<StorkAttribute>()); + } + + if (storkconfig.getCpepslist() != null) { + final List<CPEPS> dbStorkCPEPS = new ArrayList<>(); + stork.setCPEPS(dbStorkCPEPS); + + for (final CPEPS cpeps : storkconfig.getCpepslist()) { + if (cpeps != null && MiscUtil.isNotEmpty(cpeps.getURL()) && + MiscUtil.isNotEmpty(cpeps.getCountryCode())) { + + if (cpeps.getCountryCode().equals("CC") && + cpeps.getURL().equals("http://")) { + log.info("Remove dummy STORK CPEPS entry."); + } else { + dbStorkCPEPS.add(cpeps); + } + + } else { + log.info("Remove null or emtpy STORK CPEPS configuration"); + } + } + + } else { + stork.setCPEPS(new ArrayList<CPEPS>()); + } + + } catch (final Exception e) { + e.printStackTrace(); + + } + + try { + log.info("CPEPS LIST: " + storkconfig.getCpepslist().size()); + log.trace("CPEPS 1:" + storkconfig.getCpepslist().get(0).getCountryCode() + storkconfig + .getCpepslist().get(0).getURL()); + + } catch (final Exception ex) { + log.info("CPEPS LIST is null"); + + } + } + + // write MIS Mandate-Service URLs + if (MiscUtil.isNotEmpty(moaconfig.getMandateURL())) { + OnlineMandates dbmandate = dbauth.getOnlineMandates(); + if (dbmandate == null) { + dbmandate = new OnlineMandates(); + dbauth.setOnlineMandates(dbmandate); + } + ConnectionParameterClientAuthType dbmandateconnection = dbmandate.getConnectionParameter(); + + if (dbmandateconnection == null) { + dbmandateconnection = new ConnectionParameterClientAuthType(); + dbmandate.setConnectionParameter(dbmandateconnection); + } + + if (KeyValueUtils.isCSVValueString(moaconfig.getMandateURL())) { + dbmandateconnection.setURL(KeyValueUtils.normalizeCSVValueString(moaconfig.getMandateURL())); + } else { + if (moaconfig.getMandateURL().contains(KeyValueUtils.CSV_DELIMITER)) { + dbmandateconnection.setURL( + moaconfig.getMandateURL().trim().substring(0, + moaconfig.getMandateURL().indexOf(KeyValueUtils.CSV_DELIMITER))); + } else { + dbmandateconnection.setURL( + StringUtils.chomp(moaconfig.getMandateURL().trim())); + } + + } + } + + // write ELGA Mandate-Service URLs + if (MiscUtil.isNotEmpty(moaconfig.getElgaMandateServiceURL())) { + if (KeyValueUtils.isCSVValueString(moaconfig.getElgaMandateServiceURL())) { + dbconfig.setElgaMandateServiceURLs(KeyValueUtils.normalizeCSVValueString(moaconfig + .getElgaMandateServiceURL())); + } else { + if (moaconfig.getElgaMandateServiceURL().contains(KeyValueUtils.CSV_DELIMITER)) { + dbconfig.setElgaMandateServiceURLs( + moaconfig.getElgaMandateServiceURL().trim().substring(0, + moaconfig.getElgaMandateServiceURL().indexOf(KeyValueUtils.CSV_DELIMITER))); + } else { + dbconfig.setElgaMandateServiceURLs( + StringUtils.chomp(moaconfig.getElgaMandateServiceURL().trim())); + } + + } + } else { + dbconfig.setElgaMandateServiceURLs(null); + } + } + + // write E-ID System URLs + if (MiscUtil.isNotEmpty(moaconfig.getEidSystemServiceURL())) { + if (KeyValueUtils.isCSVValueString(moaconfig.getEidSystemServiceURL())) { + dbconfig.setEidSystemServiceURLs(KeyValueUtils.normalizeCSVValueString(moaconfig + .getEidSystemServiceURL())); + } else { + if (moaconfig.getEidSystemServiceURL().contains(KeyValueUtils.CSV_DELIMITER)) { + dbconfig.setEidSystemServiceURLs( + moaconfig.getEidSystemServiceURL().trim().substring(0, + moaconfig.getEidSystemServiceURL().indexOf(KeyValueUtils.CSV_DELIMITER))); + } else { + dbconfig.setEidSystemServiceURLs( + StringUtils.chomp(moaconfig.getEidSystemServiceURL().trim())); + } + + } + + } else { + dbconfig.setEidSystemServiceURLs(null); + } + + if (isMoaidMode) { + MOASP dbmoasp = dbauth.getMOASP(); + if (dbmoasp == null) { + dbmoasp = new MOASP(); + dbauth.setMOASP(dbmoasp); + } + if (MiscUtil.isNotEmpty(moaconfig.getMoaspssURL())) { + ConnectionParameterClientAuthType moaspcon = dbmoasp.getConnectionParameter(); + if (moaspcon == null) { + moaspcon = new ConnectionParameterClientAuthType(); + dbmoasp.setConnectionParameter(moaspcon); + } + moaspcon.setURL(moaconfig.getMoaspssURL()); + } + VerifyIdentityLink moaidl = dbmoasp.getVerifyIdentityLink(); + if (moaidl == null) { + moaidl = new VerifyIdentityLink(); + dbmoasp.setVerifyIdentityLink(moaidl); + } + moaidl.setTrustProfileID(moaconfig.getMoaspssIdlTrustProfile()); + moaidl.setTestTrustProfileID(moaconfig.getMoaspssIdlTrustProfileTest()); + + VerifyAuthBlock moaauth = dbmoasp.getVerifyAuthBlock(); + if (moaauth == null) { + moaauth = new VerifyAuthBlock(); + dbmoasp.setVerifyAuthBlock(moaauth); + } + moaauth.setTrustProfileID(moaconfig.getMoaspssAuthTrustProfile()); + moaauth.setTestTrustProfileID(moaconfig.getMoaspssAuthTrustProfileTest()); + + if (moaauth.getVerifyTransformsInfoProfileID() != null && + moaauth.getVerifyTransformsInfoProfileID().size() > 0) { + moaauth.getVerifyTransformsInfoProfileID().set(0, moaconfig.getAuthTransformList().get(0)); + } else { + if (moaauth.getVerifyTransformsInfoProfileID() == null) { + moaauth.setVerifyTransformsInfoProfileID(new ArrayList<String>()); + + } + moaauth.getVerifyTransformsInfoProfileID().add(moaconfig.getAuthTransformList().get(0)); + } + + SecurityLayer seclayertrans = dbauth.getSecurityLayer(); + if (seclayertrans == null) { + seclayertrans = new SecurityLayer(); + dbauth.setSecurityLayer(seclayertrans); + } + final List<TransformsInfoType> trans = new ArrayList<>(); + final Map<String, byte[]> moatrans = moaconfig.getSecLayerTransformation(); + if (moatrans != null) { + final Set<String> keys = moatrans.keySet(); + for (final String key : keys) { + final TransformsInfoType elem = new TransformsInfoType(); + elem.setFilename(key); + elem.setTransformation(moatrans.get(key)); + trans.add(elem); + } + } + if (trans.size() > 0) { + seclayertrans.setTransformsInfo(trans); + } + + SLRequestTemplates slrequesttempl = dbconfig.getSLRequestTemplates(); + if (slrequesttempl == null) { + slrequesttempl = new SLRequestTemplates(); + dbconfig.setSLRequestTemplates(slrequesttempl); + } + if (MiscUtil.isNotEmpty(moaconfig.getSLRequestTemplateHandy())) { + slrequesttempl.setHandyBKU(moaconfig.getSLRequestTemplateHandy()); + } + if (MiscUtil.isNotEmpty(moaconfig.getSLRequestTemplateLocal())) { + slrequesttempl.setLocalBKU(moaconfig.getSLRequestTemplateLocal()); + } + if (MiscUtil.isNotEmpty(moaconfig.getSLRequestTemplateOnline())) { + slrequesttempl.setOnlineBKU(moaconfig.getSLRequestTemplateOnline()); + } + + } + + if (MiscUtil.isNotEmpty(moaconfig.getTrustedCACerts())) { + dbconfig.setTrustedCACertificates(moaconfig.getTrustedCACerts()); + } + + // save config + try { + log.debug("JaxB to Key/Value configuration transformation started ..."); + final Map<String, String> keyValueConfig = + ConfigurationMigrationUtils.convertHyberJaxBMOAIDConfigToKeyValue(dbconfig); + + log.debug( + "JaxB to Key/Value configuration transformation finished. Start Key/Value storage process ..."); + + configuration.getConfigModule().storeChanges(keyValueConfig, null, null); + + log.info("General MOA-ID Key/Value configuration successfull stored."); + + } catch (final ConfigurationStorageException e) { + log.warn("MOAID Configuration can not be stored in Database", e); + return LanguageHelper.getErrorString("error.db.oa.store", request); + + } finally { + + } + + return null; + } + + /** + * @return the moaconfig + */ + public GeneralMOAIDConfig getMoaconfig() { + return moaconfig; + } + + /** + * @param moaconfig the moaconfig to set + */ + public void setMoaconfig(GeneralMOAIDConfig moaconfig) { + this.moaconfig = moaconfig; + } + + /** + * Gets the storkconfig. + * + * @return the storkconfig + */ + public GeneralStorkConfig getStorkconfig() { + return storkconfig; + } + + /** + * Sets the storkconfig. + * + * @param storkconfig the new storkconfig + */ + public void setStorkconfig(GeneralStorkConfig storkconfig) { + this.storkconfig = storkconfig; + } + + /** + * @return the formID + */ + @Override + public String getFormID() { + return formID; + } + + /** + * @param formID the formID to set + */ + @Override + public void setFormID(String formID) { + this.formID = formID; + } } diff --git a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/struts/action/EditOAAction.java b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/struts/action/EditOAAction.java index 31126d14f..1ad6e7d6b 100644 --- a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/struts/action/EditOAAction.java +++ b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/struts/action/EditOAAction.java @@ -27,8 +27,6 @@ import java.util.HashMap; import java.util.List; import java.util.Map; -import org.apache.log4j.Logger; - import at.gv.egiz.eaaf.core.impl.utils.Random; import at.gv.egovernment.moa.id.auth.frontend.utils.FormBuildUtils; import at.gv.egovernment.moa.id.commons.db.dao.config.UserDatabase; @@ -53,505 +51,512 @@ import at.gv.egovernment.moa.id.configuration.exception.BasicActionException; import at.gv.egovernment.moa.id.configuration.exception.BasicOAActionException; import at.gv.egovernment.moa.id.configuration.helper.LanguageHelper; import at.gv.egovernment.moa.id.configuration.helper.MailHelper; +import lombok.extern.slf4j.Slf4j; +@Slf4j public class EditOAAction extends BasicOAAction { - private final Logger log = Logger.getLogger(EditOAAction.class); - private static final long serialVersionUID = 1L; - - private String nextPage; - - public EditOAAction() { - super(); - - OATargetConfiguration oaTarget = new OATargetConfiguration(); - formList.put(oaTarget.getName(), oaTarget); - - OAAuthenticationData authOA = new OAAuthenticationData(); - formList.put(authOA.getName(), authOA); - - OASAML1Config saml1OA = new OASAML1Config(); - formList.put(saml1OA.getName(), saml1OA); - - if (isMoaidMode) { - OABPKEncryption bPKEncDec = new OABPKEncryption(); - formList.put(bPKEncDec.getName(), bPKEncDec); - - OASSOConfig ssoOA = new OASSOConfig(); - formList.put(ssoOA.getName(), ssoOA); - - OAPVP2Config pvp2OA = new OAPVP2Config(); - formList.put(pvp2OA.getName(), pvp2OA); - - OAOAuth20Config oauth20OA = new OAOAuth20Config(); - formList.put(oauth20OA.getName(), oauth20OA); - - OASTORKConfig storkOA = new OASTORKConfig(); - formList.put(storkOA.getName(), storkOA); - - Map<String, String> map = new HashMap<String, String>(); - map.putAll(FormBuildUtils.getDefaultMap()); - FormularCustomization formOA = new FormularCustomization(map); - formList.put(formOA.getName(), formOA); - - OARevisionsLogData revisOA = new OARevisionsLogData(); - formList.put(revisOA.getName(), revisOA); - } - - } - - // STRUTS actions - public String inital() { - try { - populateBasicInformations(); - - OnlineApplication onlineapplication = populateOnlineApplicationFromRequest(); - - if (onlineapplication == null) { - addActionError(LanguageHelper.getErrorString( - "errors.listOAs.noOA", request)); - return Constants.STRUTS_SUCCESS; - } - - List<String> errors = new ArrayList<String>(); - for (IOnlineApplicationData form : formList.values()) { - List<String> error = form.parse(onlineapplication, authUser, - request); - if (error != null) - errors.addAll(error); - } - if (errors.size() > 0) { - for (String el : errors) - addActionError(el); - } - - setNewOA(false); - - formID = Random.nextRandom(); - session.setAttribute(Constants.SESSION_FORMID, formID); - session.setAttribute(Constants.SESSION_OAID, oaid); - - return Constants.STRUTS_OA_EDIT; - - } catch (BasicActionException e) { - return Constants.STRUTS_ERROR; - - } catch (BasicOAActionException e) { - addActionError(e.getStrutsError()); - return e.getStrutsReturnValue(); - - } finally { - - } - } - - public String newOA() { - log.debug("insert new Online-Application"); - - try { - populateBasicInformations(); - - populateBasicNewOnlineApplicationInformation(); - - // prepare attribute helper list - ArrayList<AttributeHelper> attributes = new ArrayList<AttributeHelper>(); - - try { - for (StorkAttribute current : configuration.getDbRead() - .getMOAIDConfiguration().getAuthComponentGeneral() - .getForeignIdentities().getSTORK().getAttributes()) - attributes.add(new AttributeHelper(current)); - - - } catch (NullPointerException e) { - - } - - if (getStorkOA() != null) - getStorkOA().setHelperAttributes(attributes); - - UserDatabase userdb = configuration.getUserManagement().getUserWithID(authUser - .getUserID()); - - if (!authUser.isAdmin() && userdb.isIsMailAddressVerified() != null - && !userdb.isIsMailAddressVerified()) { - log.info("Online-Applikation managemant disabled. Mail address is not verified."); - addActionError(LanguageHelper.getErrorString( - "error.editoa.mailverification", request)); - return Constants.STRUTS_SUCCESS; - } - - if (formList.get(new OAOAuth20Config().getName()) != null) - session.setAttribute( - Constants.SESSION_OAUTH20SECRET, - ((OAOAuth20Config) formList.get(new OAOAuth20Config().getName())) - .getClientSecret()); - - if (getFormOA() != null) - session.setAttribute(Constants.SESSION_BKUFORMPREVIEW, getFormOA().getFormMap()); - - - nextPage = Constants.STRUTS_RETURNAREA_VALUES.main.name(); - - return Constants.STRUTS_OA_EDIT; - - } catch (BasicActionException e) { - return Constants.STRUTS_ERROR; - - } finally { - - } - } - - public String saveOA() { - - OnlineApplication onlineapplication = null; - - try { - populateBasicInformations(); - onlineapplication = preProcessSaveOnlineApplication(); - - List<String> errors = new ArrayList<String>(); - - // validate forms - for (IOnlineApplicationData form : formList.values()) - errors.addAll(form.validate(getGeneralOA(), authUser, request)); - - // Do not allow SSO in combination with special BKUSelection features - if (getSsoOA() != null && getSsoOA().isUseSSO() - && (getFormOA() != null && getFormOA().isOnlyMandateAllowed() || !getFormOA() - .isShowMandateLoginButton())) { - log.warn("Special BKUSelection features can not be used in combination with SSO"); - errors.add(LanguageHelper.getErrorString( - "validation.general.bkuselection.specialfeatures.valid", - request)); - } - - if (errors.size() > 0) { - log.info("OAConfiguration with ID " - + getGeneralOA().getIdentifier() + " has some errors."); - for (String el : errors) - addActionError(el); - - formID = Random.nextRandom(); - session.setAttribute(Constants.SESSION_FORMID, formID); - return Constants.STRUTS_ERROR_VALIDATION; - - } else { - try { - onlineapplication = postProcessSaveOnlineApplication(onlineapplication, true); - - } catch (BasicOAActionException e) { - addActionError(e.getStrutsError()); - return e.getStrutsReturnValue(); - } - - } - - Object nextPageAttr = session - .getAttribute(Constants.SESSION_RETURNAREA); - if (nextPageAttr != null && nextPageAttr instanceof String) { - nextPage = (String) nextPageAttr; - session.setAttribute(Constants.SESSION_RETURNAREA, null); - - } else { - nextPage = Constants.STRUTS_RETURNAREA_VALUES.main.name(); - } - - if (onlineapplication.isIsAdminRequired()) { - int numoas = 0; - int numusers = 0; - - List<OnlineApplication> openOAs = configuration.getDbRead() - .getAllNewOnlineApplications(); - if (openOAs != null) - numoas = openOAs.size(); - - List<UserDatabase> openUsers = configuration.getUserManagement().getAllNewUsers(); - if (openUsers != null) - numusers = openUsers.size(); - try { - - addActionMessage(LanguageHelper.getGUIString( - "webpages.oaconfig.success.admin", getGeneralOA() - .getIdentifier(), request)); - - if (numusers > 0 || numoas > 0) - MailHelper.sendAdminMail(numoas, numusers); - - } catch (ConfigurationException e) { - log.warn("Sending Mail to Admin failed.", e); - } - - } else - addActionMessage(LanguageHelper.getGUIString( - "webpages.oaconfig.success", - getGeneralOA().getIdentifier(), request)); - - // remove session attributes - session.setAttribute(Constants.SESSION_OAID, null); - session.removeAttribute(Constants.SESSION_BKUSELECTIONTEMPLATE); - session.removeAttribute(Constants.SESSION_SENDASSERTIONTEMPLATE); - - return Constants.STRUTS_SUCCESS; - - } catch (BasicActionException e) { - return Constants.STRUTS_ERROR; - - } catch (BasicOAActionException e) { - addActionError(e.getStrutsError()); - return e.getStrutsReturnValue(); - - } finally { - - } - } - - public String cancleAndBackOA() { - try { - populateBasicInformations(); - - Object nextPageAttr = session - .getAttribute(Constants.SESSION_RETURNAREA); - if (nextPageAttr != null && nextPageAttr instanceof String) { - nextPage = (String) nextPageAttr; - session.setAttribute(Constants.SESSION_RETURNAREA, null); - - } else { - nextPage = Constants.STRUTS_RETURNAREA_VALUES.main.name(); - } - - session.setAttribute(Constants.SESSION_OAID, null); - - addActionMessage(LanguageHelper.getGUIString( - "webpages.oaconfig.cancle", getGeneralOA().getIdentifier(), - request)); - - return Constants.STRUTS_SUCCESS; - - } catch (BasicActionException e) { - return Constants.STRUTS_ERROR; - - } finally { - - } - } - - public String deleteOA() { - String oaidentifier = null; - try { - populateBasicInformations(); - - Object nextPageAttr = session - .getAttribute(Constants.SESSION_RETURNAREA); - if (nextPageAttr != null && nextPageAttr instanceof String) { - nextPage = (String) nextPageAttr; - - } else { - nextPage = Constants.STRUTS_RETURNAREA_VALUES.main.name(); - } - - oaidentifier = preProcessDeleteOnlineApplication(); - List<OnlineApplication> onlineapplications = configuration.getDbRead() - .getOnlineApplications(oaidentifier); - - Long oaid = getOAIDFromSession(); - - OnlineApplication onlineapplication = null; - - if (onlineapplications != null && onlineapplications.size() > 1) { - log.info("Found more then one OA with PublicURLPrefix in configuration. " - + "Select OA with DB Id ..."); - - for (OnlineApplication oa : onlineapplications) { - if (oa.getHjid().equals(oaid)) { - if (onlineapplication == null) - onlineapplication = oa; - - else { - log.error("Found more then one OA with same PublicURLPrefix and same DBID."); - new BasicOAActionException( - "Found more then one OA with same PublicURLPrefix and same DBID.", - Constants.STRUTS_SUCCESS); - - } - } - } - - } else if (onlineapplications != null && onlineapplications.size() == 1) - onlineapplication = onlineapplications.get(0); - - request.getSession().setAttribute(Constants.SESSION_OAID, null); - + private static final long serialVersionUID = 1L; + + private String nextPage; + + public EditOAAction() { + super(); + + final OATargetConfiguration oaTarget = new OATargetConfiguration(); + formList.put(oaTarget.getName(), oaTarget); + + final OAAuthenticationData authOA = new OAAuthenticationData(); + formList.put(authOA.getName(), authOA); + + final OASAML1Config saml1OA = new OASAML1Config(); + formList.put(saml1OA.getName(), saml1OA); + + if (isMoaidMode) { + final OABPKEncryption bPKEncDec = new OABPKEncryption(); + formList.put(bPKEncDec.getName(), bPKEncDec); + + final OASSOConfig ssoOA = new OASSOConfig(); + formList.put(ssoOA.getName(), ssoOA); + + final OAPVP2Config pvp2OA = new OAPVP2Config(); + formList.put(pvp2OA.getName(), pvp2OA); + + final OAOAuth20Config oauth20OA = new OAOAuth20Config(); + formList.put(oauth20OA.getName(), oauth20OA); + + final OASTORKConfig storkOA = new OASTORKConfig(); + formList.put(storkOA.getName(), storkOA); + + final Map<String, String> map = new HashMap<>(); + map.putAll(FormBuildUtils.getDefaultMap()); + final FormularCustomization formOA = new FormularCustomization(map); + formList.put(formOA.getName(), formOA); + + final OARevisionsLogData revisOA = new OARevisionsLogData(); + formList.put(revisOA.getName(), revisOA); + } + + } + + // STRUTS actions + public String inital() { + try { + populateBasicInformations(); + + final OnlineApplication onlineapplication = populateOnlineApplicationFromRequest(); + + if (onlineapplication == null) { + addActionError(LanguageHelper.getErrorString( + "errors.listOAs.noOA", request)); + return Constants.STRUTS_SUCCESS; + } + + final List<String> errors = new ArrayList<>(); + for (final IOnlineApplicationData form : formList.values()) { + final List<String> error = form.parse(onlineapplication, authUser, + request); + if (error != null) { + errors.addAll(error); + } + } + if (errors.size() > 0) { + for (final String el : errors) { + addActionError(el); + } + } + + setNewOA(false); + + formID = Random.nextRandom(); + session.setAttribute(Constants.SESSION_FORMID, formID); + session.setAttribute(Constants.SESSION_OAID, oaid); + + return Constants.STRUTS_OA_EDIT; + + } catch (final BasicActionException e) { + return Constants.STRUTS_ERROR; + + } catch (final BasicOAActionException e) { + addActionError(e.getStrutsError()); + return e.getStrutsReturnValue(); + + } finally { + + } + } + + public String newOA() { + log.debug("insert new Online-Application"); + + try { + populateBasicInformations(); + + populateBasicNewOnlineApplicationInformation(); + + // prepare attribute helper list + final ArrayList<AttributeHelper> attributes = new ArrayList<>(); + + try { + for (final StorkAttribute current : configuration.getDbRead() + .getMOAIDConfiguration().getAuthComponentGeneral() + .getForeignIdentities().getSTORK().getAttributes()) { + attributes.add(new AttributeHelper(current)); + } + + } catch (final NullPointerException e) { + + } + + if (getStorkOA() != null) { + getStorkOA().setHelperAttributes(attributes); + } + + final UserDatabase userdb = configuration.getUserManagement().getUserWithID(authUser + .getUserID()); + + if (!authUser.isAdmin() && userdb.isIsMailAddressVerified() != null + && !userdb.isIsMailAddressVerified()) { + log.info("Online-Applikation managemant disabled. Mail address is not verified."); + addActionError(LanguageHelper.getErrorString( + "error.editoa.mailverification", request)); + return Constants.STRUTS_SUCCESS; + } + + if (formList.get(new OAOAuth20Config().getName()) != null) { + session.setAttribute( + Constants.SESSION_OAUTH20SECRET, + ((OAOAuth20Config) formList.get(new OAOAuth20Config().getName())) + .getClientSecret()); + } + + if (getFormOA() != null) { + session.setAttribute(Constants.SESSION_BKUFORMPREVIEW, getFormOA().getFormMap()); + } + + nextPage = Constants.STRUTS_RETURNAREA_VALUES.main.name(); + + return Constants.STRUTS_OA_EDIT; + + } catch (final BasicActionException e) { + return Constants.STRUTS_ERROR; + + } finally { + + } + } + + public String saveOA() { + + OnlineApplication onlineapplication = null; + + try { + populateBasicInformations(); + onlineapplication = preProcessSaveOnlineApplication(); + + final List<String> errors = new ArrayList<>(); + + // validate forms + for (final IOnlineApplicationData form : formList.values()) { + errors.addAll(form.validate(getGeneralOA(), authUser, request)); + } + + // Do not allow SSO in combination with special BKUSelection features + if (getSsoOA() != null && getSsoOA().isUseSSO() + && (getFormOA() != null && getFormOA().isOnlyMandateAllowed() || !getFormOA() + .isShowMandateLoginButton())) { + log.warn("Special BKUSelection features can not be used in combination with SSO"); + errors.add(LanguageHelper.getErrorString( + "validation.general.bkuselection.specialfeatures.valid", + request)); + } + + if (errors.size() > 0) { + log.info("OAConfiguration with ID " + + getGeneralOA().getIdentifier() + " has some errors."); + for (final String el : errors) { + addActionError(el); + } + + formID = Random.nextRandom(); + session.setAttribute(Constants.SESSION_FORMID, formID); + return Constants.STRUTS_ERROR_VALIDATION; + + } else { + try { + onlineapplication = postProcessSaveOnlineApplication(onlineapplication, true); + + } catch (final BasicOAActionException e) { + addActionError(e.getStrutsError()); + return e.getStrutsReturnValue(); + } + + } + + final Object nextPageAttr = session + .getAttribute(Constants.SESSION_RETURNAREA); + if (nextPageAttr != null && nextPageAttr instanceof String) { + nextPage = (String) nextPageAttr; + session.setAttribute(Constants.SESSION_RETURNAREA, null); + + } else { + nextPage = Constants.STRUTS_RETURNAREA_VALUES.main.name(); + } + + if (onlineapplication.isIsAdminRequired()) { + int numoas = 0; + int numusers = 0; + + final List<OnlineApplication> openOAs = configuration.getDbRead() + .getAllNewOnlineApplications(); + if (openOAs != null) { + numoas = openOAs.size(); + } + + final List<UserDatabase> openUsers = configuration.getUserManagement().getAllNewUsers(); + if (openUsers != null) { + numusers = openUsers.size(); + } + try { + + addActionMessage(LanguageHelper.getGUIString( + "webpages.oaconfig.success.admin", getGeneralOA() + .getIdentifier(), request)); + + if (numusers > 0 || numoas > 0) { + MailHelper.sendAdminMail(numoas, numusers); + } + + } catch (final ConfigurationException e) { + log.warn("Sending Mail to Admin failed.", e); + } + + } else { + addActionMessage(LanguageHelper.getGUIString( + "webpages.oaconfig.success", + getGeneralOA().getIdentifier(), request)); + } + + // remove session attributes + session.setAttribute(Constants.SESSION_OAID, null); + session.removeAttribute(Constants.SESSION_BKUSELECTIONTEMPLATE); + session.removeAttribute(Constants.SESSION_SENDASSERTIONTEMPLATE); + + return Constants.STRUTS_SUCCESS; + + } catch (final BasicActionException e) { + return Constants.STRUTS_ERROR; + + } catch (final BasicOAActionException e) { + addActionError(e.getStrutsError()); + return e.getStrutsReturnValue(); + + } finally { + + } + } + + public String cancleAndBackOA() { + try { + populateBasicInformations(); + + final Object nextPageAttr = session + .getAttribute(Constants.SESSION_RETURNAREA); + if (nextPageAttr != null && nextPageAttr instanceof String) { + nextPage = (String) nextPageAttr; + session.setAttribute(Constants.SESSION_RETURNAREA, null); + + } else { + nextPage = Constants.STRUTS_RETURNAREA_VALUES.main.name(); + } + + session.setAttribute(Constants.SESSION_OAID, null); + + addActionMessage(LanguageHelper.getGUIString( + "webpages.oaconfig.cancle", getGeneralOA().getIdentifier(), + request)); + + return Constants.STRUTS_SUCCESS; + + } catch (final BasicActionException e) { + return Constants.STRUTS_ERROR; + + } finally { + + } + } + + public String deleteOA() { + String oaidentifier = null; + try { + populateBasicInformations(); + + final Object nextPageAttr = session + .getAttribute(Constants.SESSION_RETURNAREA); + if (nextPageAttr != null && nextPageAttr instanceof String) { + nextPage = (String) nextPageAttr; + + } else { + nextPage = Constants.STRUTS_RETURNAREA_VALUES.main.name(); + } + + oaidentifier = preProcessDeleteOnlineApplication(); + final List<OnlineApplication> onlineapplications = configuration.getDbRead() + .getOnlineApplications(oaidentifier); + + final Long oaid = getOAIDFromSession(); + + OnlineApplication onlineapplication = null; + + if (onlineapplications != null && onlineapplications.size() > 1) { + log.info("Found more then one OA with PublicURLPrefix in configuration. " + + "Select OA with DB Id ..."); + + for (final OnlineApplication oa : onlineapplications) { + if (oa.getHjid().equals(oaid)) { + if (onlineapplication == null) { + onlineapplication = oa; + } else { + log.error("Found more then one OA with same PublicURLPrefix and same DBID."); + new BasicOAActionException( + "Found more then one OA with same PublicURLPrefix and same DBID.", + Constants.STRUTS_SUCCESS); + + } + } + } + + } else if (onlineapplications != null && onlineapplications.size() == 1) { + onlineapplication = onlineapplications.get(0); + } + + request.getSession().setAttribute(Constants.SESSION_OAID, null); + // try { // if (MiscUtil.isNotEmpty(onlineapplication.getAuthComponentOA() // .getOAPVP2().getMetadataURL())) { -// +// // MOAIDConfiguration moaconfig = configuration.getDbRead() // .getMOAIDConfiguration(); // moaconfig.setPvp2RefreshItem(new Date()); // ConfigurationDBUtils.saveOrUpdate(moaconfig); -// +// // } -// } catch (NullPointerException e) { +// } catch (NullPointerException e) { // log.debug("Found no MetadataURL in OA-Databaseconfig"); -// +// // } catch (Throwable e) { // log.info("Set metadata refresh flag FAILED.", e); // } - - if (onlineapplication != null && delete(onlineapplication)) { - - if (!authUser.isAdmin()) { - UserDatabase user = configuration.getUserManagement().getUserWithID(authUser - .getUserID()); - List<String> useroas = user.getOnlineApplication(); - - for (String oa : useroas) { - if (oa.equals(onlineapplication.getHjid())) { - useroas.remove(oa); - } - } - - try { - configuration.getUserManagement().saveOrUpdate(user); - - } catch (MOADatabaseException e) { - log.warn("User information can not be updated in database", - e); - addActionError(LanguageHelper.getGUIString( - "error.db.oa.store", request)); - return Constants.STRUTS_ERROR; - } - } - - addActionMessage(LanguageHelper.getGUIString( - "webpages.oaconfig.delete.message", oaidentifier, request)); - - return Constants.STRUTS_SUCCESS; - - } else { - addActionError(LanguageHelper.getGUIString( - "webpages.oaconfig.delete.error", oaidentifier, request)); - return Constants.STRUTS_SUCCESS; - } - - } catch (BasicActionException e) { - return Constants.STRUTS_ERROR; - - } catch (BasicOAActionException e) { - addActionError(e.getStrutsError()); - return e.getStrutsReturnValue(); - - } finally { - - } - - } - - public OAAuthenticationData getAuthOA() { - return (OAAuthenticationData) formList.get(new OAAuthenticationData() - .getName()); - } - - public void setAuthOA(OAAuthenticationData generalOA) { - formList.put(generalOA.getName(), generalOA); - } - - public OASAML1Config getSaml1OA() { - return (OASAML1Config) formList.get(new OASAML1Config().getName()); - } - - public void setSaml1OA(OASAML1Config saml1oa) { - formList.put(saml1oa.getName(), saml1oa); - } - - public OASSOConfig getSsoOA() { - return (OASSOConfig) formList.get(new OASSOConfig().getName()); - } - - public void setSsoOA(OASSOConfig ssoOA) { - formList.put(ssoOA.getName(), ssoOA); - } - - public OASTORKConfig getStorkOA() { - return (OASTORKConfig) formList.get(new OASTORKConfig().getName()); - } - - public void setStorkOA(OASTORKConfig storkOA) { - formList.put(storkOA.getName(), storkOA); - } - - - public OARevisionsLogData getRevisionsLogOA() { - return (OARevisionsLogData) formList.get(new OARevisionsLogData().getName()); - } - - public void setRevisionsLogOA(OARevisionsLogData storkOA) { - formList.put(storkOA.getName(), storkOA); - } - - - /** - * @return the nextPage - */ - public String getNextPage() { - return nextPage; - } - - /** - * @return the formOA - */ - public FormularCustomization getFormOA() { - return (FormularCustomization) formList.get(new FormularCustomization( - null).getName()); - } - - /** - * @param formOA - * the formOA to set - */ - public void setFormOA(FormularCustomization formOA) { - formList.put(formOA.getName(), formOA); - } - - public OAOAuth20Config getOauth20OA() { - return (OAOAuth20Config) formList.get(new OAOAuth20Config().getName()); - } - - public void setOauth20OA(OAOAuth20Config oauth20OA) { - formList.put(oauth20OA.getName(), oauth20OA); - } - - /** - * @return the formOA - */ - public OATargetConfiguration getTargetConfig() { - return (OATargetConfiguration) formList.get(new OATargetConfiguration() - .getName()); - } - - /** - * @param formOA - * the formOA to set - */ - public void setTargetConfig(OATargetConfiguration formOA) { - formList.put(formOA.getName(), formOA); - } - - /** - * @return the bPK encryption/decryption form - */ - public OABPKEncryption getBPKEncDecr() { - return (OABPKEncryption) formList.get(new OABPKEncryption().getName()); - } - - /** - * @param bPK encryption/decryption form - * the bPK encryption/decryption form to set - */ - public void setBPKEncDecr(OABPKEncryption formOA) { - formList.put(formOA.getName(), formOA); - } - + + if (onlineapplication != null && delete(onlineapplication)) { + + if (!authUser.isAdmin()) { + final UserDatabase user = configuration.getUserManagement().getUserWithID(authUser + .getUserID()); + final List<String> useroas = user.getOnlineApplication(); + + for (final String oa : useroas) { + if (oa.equals(onlineapplication.getHjid())) { + useroas.remove(oa); + } + } + + try { + configuration.getUserManagement().saveOrUpdate(user); + + } catch (final MOADatabaseException e) { + log.warn("User information can not be updated in database", + e); + addActionError(LanguageHelper.getGUIString( + "error.db.oa.store", request)); + return Constants.STRUTS_ERROR; + } + } + + addActionMessage(LanguageHelper.getGUIString( + "webpages.oaconfig.delete.message", oaidentifier, request)); + + return Constants.STRUTS_SUCCESS; + + } else { + addActionError(LanguageHelper.getGUIString( + "webpages.oaconfig.delete.error", oaidentifier, request)); + return Constants.STRUTS_SUCCESS; + } + + } catch (final BasicActionException e) { + return Constants.STRUTS_ERROR; + + } catch (final BasicOAActionException e) { + addActionError(e.getStrutsError()); + return e.getStrutsReturnValue(); + + } finally { + + } + + } + + public OAAuthenticationData getAuthOA() { + return (OAAuthenticationData) formList.get(new OAAuthenticationData() + .getName()); + } + + public void setAuthOA(OAAuthenticationData generalOA) { + formList.put(generalOA.getName(), generalOA); + } + + public OASAML1Config getSaml1OA() { + return (OASAML1Config) formList.get(new OASAML1Config().getName()); + } + + public void setSaml1OA(OASAML1Config saml1oa) { + formList.put(saml1oa.getName(), saml1oa); + } + + public OASSOConfig getSsoOA() { + return (OASSOConfig) formList.get(new OASSOConfig().getName()); + } + + public void setSsoOA(OASSOConfig ssoOA) { + formList.put(ssoOA.getName(), ssoOA); + } + + public OASTORKConfig getStorkOA() { + return (OASTORKConfig) formList.get(new OASTORKConfig().getName()); + } + + public void setStorkOA(OASTORKConfig storkOA) { + formList.put(storkOA.getName(), storkOA); + } + + public OARevisionsLogData getRevisionsLogOA() { + return (OARevisionsLogData) formList.get(new OARevisionsLogData().getName()); + } + + public void setRevisionsLogOA(OARevisionsLogData storkOA) { + formList.put(storkOA.getName(), storkOA); + } + + /** + * @return the nextPage + */ + public String getNextPage() { + return nextPage; + } + + /** + * @return the formOA + */ + public FormularCustomization getFormOA() { + return (FormularCustomization) formList.get(new FormularCustomization( + null).getName()); + } + + /** + * @param formOA the formOA to set + */ + public void setFormOA(FormularCustomization formOA) { + formList.put(formOA.getName(), formOA); + } + + public OAOAuth20Config getOauth20OA() { + return (OAOAuth20Config) formList.get(new OAOAuth20Config().getName()); + } + + public void setOauth20OA(OAOAuth20Config oauth20OA) { + formList.put(oauth20OA.getName(), oauth20OA); + } + + /** + * @return the formOA + */ + public OATargetConfiguration getTargetConfig() { + return (OATargetConfiguration) formList.get(new OATargetConfiguration() + .getName()); + } + + /** + * @param formOA the formOA to set + */ + public void setTargetConfig(OATargetConfiguration formOA) { + formList.put(formOA.getName(), formOA); + } + + /** + * @return the bPK encryption/decryption form + */ + public OABPKEncryption getBPKEncDecr() { + return (OABPKEncryption) formList.get(new OABPKEncryption().getName()); + } + + /** + * @param bPK encryption/decryption form the bPK encryption/decryption form to + * set + */ + public void setBPKEncDecr(OABPKEncryption formOA) { + formList.put(formOA.getName(), formOA); + } + } diff --git a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/struts/action/IDPGatewayAction.java b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/struts/action/IDPGatewayAction.java index e238c6d37..6a6cf1d27 100644 --- a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/struts/action/IDPGatewayAction.java +++ b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/struts/action/IDPGatewayAction.java @@ -25,8 +25,6 @@ package at.gv.egovernment.moa.id.configuration.struts.action; import java.util.LinkedHashMap; import at.gv.egovernment.moa.id.configuration.data.oa.IOnlineApplicationData; -import at.gv.egovernment.moa.id.configuration.data.oa.OAMOAIDPInterfederationConfig; -import at.gv.egovernment.moa.id.configuration.data.oa.OAPVP2Config; import at.gv.egovernment.moa.id.configuration.data.oa.PVPGatewayInterfederationConfig; /** @@ -35,22 +33,22 @@ import at.gv.egovernment.moa.id.configuration.data.oa.PVPGatewayInterfederationC */ public class IDPGatewayAction extends InterfederationIDPAction { - private static final long serialVersionUID = -2047128481980413334L; - - public IDPGatewayAction() { - super(); - formList.putAll(buildIDPGatewayFormList()); - } - - public static LinkedHashMap<String, IOnlineApplicationData> buildIDPGatewayFormList() { - - LinkedHashMap<String, IOnlineApplicationData> forms = - new LinkedHashMap<String, IOnlineApplicationData>(); - - PVPGatewayInterfederationConfig pvpGatewayconfig = new PVPGatewayInterfederationConfig(); - forms.put(pvpGatewayconfig.getName(), pvpGatewayconfig); - - return forms; - } + private static final long serialVersionUID = -2047128481980413334L; + + public IDPGatewayAction() { + super(); + formList.putAll(buildIDPGatewayFormList()); + } + + public static LinkedHashMap<String, IOnlineApplicationData> buildIDPGatewayFormList() { + + final LinkedHashMap<String, IOnlineApplicationData> forms = + new LinkedHashMap<>(); + + final PVPGatewayInterfederationConfig pvpGatewayconfig = new PVPGatewayInterfederationConfig(); + forms.put(pvpGatewayconfig.getName(), pvpGatewayconfig); + + return forms; + } } diff --git a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/struts/action/ImportExportAction.java b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/struts/action/ImportExportAction.java index d72505c0f..e2458a6a5 100644 --- a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/struts/action/ImportExportAction.java +++ b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/struts/action/ImportExportAction.java @@ -38,7 +38,6 @@ import javax.xml.bind.JAXBContext; import javax.xml.bind.JAXBException; import javax.xml.bind.Unmarshaller; -import org.apache.log4j.Logger; import org.springframework.beans.BeansException; import at.gv.egiz.components.configuration.api.Configuration; @@ -52,472 +51,468 @@ import at.gv.egovernment.moa.id.configuration.config.ConfigurationProvider; import at.gv.egovernment.moa.id.configuration.exception.BasicActionException; import at.gv.egovernment.moa.id.configuration.helper.LanguageHelper; import at.gv.egovernment.moa.util.MiscUtil; +import lombok.extern.slf4j.Slf4j; +@Slf4j public class ImportExportAction extends BasicAction { - - private static final Logger log = Logger.getLogger(ImportExportAction.class); - private static final long serialVersionUID = 1L; - - private String formID; - private File fileUpload = null; - private String fileUploadContentType = null; - private String fileUploadFileName = null; - - private InputStream fileInputStream; - - public String init() { - try { - populateBasicInformations(); - - } catch (BasicActionException e) { - return Constants.STRUTS_ERROR; - - } - - if (authUser.isAdmin()) { - - formID = Random.nextRandom(); - session.setAttribute(Constants.SESSION_FORMID, formID); - - return Constants.STRUTS_SUCCESS; - - } else { - log.info("No access to Import/Export for User with ID" + authUser.getUserID()); - addActionError(LanguageHelper.getErrorString("errors.notallowed", request)); - return Constants.STRUTS_NOTALLOWED; - } - } - - public String importLegacyConfig() throws ConfigurationException { - try { - populateBasicInformations(); - - } catch (BasicActionException e) { - return Constants.STRUTS_ERROR; - - } - - Object formidobj = session.getAttribute(Constants.SESSION_FORMID); - if (formidobj != null && formidobj instanceof String) { - String formid = (String) formidobj; - if (!formid.equals(formID)) { - log.warn("FormIDs does not match. Some suspect Form is received from user " - + authUser.getFamilyName() + authUser.getGivenName() + authUser.getUserID()); - return Constants.STRUTS_ERROR; - } - } else { - log.warn("FormIDs does not match. Some suspect Form is received from user " - + authUser.getFamilyName() + authUser.getGivenName() + authUser.getUserID()); - return Constants.STRUTS_ERROR; - } - session.setAttribute(Constants.SESSION_FORMID, null); - - if (authUser.isAdmin()) { - - //load legacy config if it is configured - - if (fileUpload == null) { - addActionError(LanguageHelper.getErrorString("errors.importexport.nofile", request)); - - formID = Random.nextRandom(); - session.setAttribute(Constants.SESSION_FORMID, formID); - return Constants.STRUTS_ERROR_VALIDATION; - } - - Properties result = null; - - try { - log.warn("WARNING! The legacy import deletes the hole old config"); - - InputStream inStream = new FileInputStream(fileUpload); - // get config from xml file - JAXBContext jc = JAXBContext.newInstance("at.gv.egovernment.moa.id.commons.db.dao.config.deprecated"); - Unmarshaller m = jc.createUnmarshaller(); - MOAIDConfiguration config = (MOAIDConfiguration) m.unmarshal(inStream); - - // serialize config to JSON properties - result = ConfigurationUtil.moaIdConfigToJsonProperties(config); - - if (result == null || result.isEmpty()) { - log.info("Legacy configuration has is empty"); - addActionError(LanguageHelper.getErrorString("errors.importexport.legacyimport", new Object[] {"Empty Configuratiobn"}, request)); - - formID = Random.nextRandom(); - session.setAttribute(Constants.SESSION_FORMID, formID); - return Constants.STRUTS_ERROR_VALIDATION; - - } - - } catch (JAXBException | FileNotFoundException e) { - log.info("Legacy configuration has an Import Error", e); - addActionError(LanguageHelper.getErrorString("errors.importexport.legacyimport", new Object[] {e.getMessage()}, request)); - - formID = Random.nextRandom(); - session.setAttribute(Constants.SESSION_FORMID, formID); - return Constants.STRUTS_ERROR_VALIDATION; - - } - - try { - //check if XML config should be use - log.warn("WARNING! MOA-ID 2.0 is started with XML configuration. This setup overstrike the actual configuration in the Database!"); - - Configuration dbConfiguration = - (Configuration) ConfigurationProvider.getInstance().getContext().getBean("moaidconfig"); - - if (dbConfiguration == null) { - log.warn("Open Database connection FAILED."); - addActionError("Open Database connection FAILED."); - - formID = Random.nextRandom(); - session.setAttribute(Constants.SESSION_FORMID, formID); - return Constants.STRUTS_ERROR_VALIDATION; - - } - - boolean isOverwriteData = true; - - List<String> keys = Arrays.asList(dbConfiguration.getConfigurationIds()); - - if (keys == null) { - log.info("Configuration is not readable."); - throw new MOADatabaseException("Configuration is not readable."); - } - - if (isOverwriteData) { - // remove existing entries - for (String key : keys) { - dbConfiguration.deleteIds(key); - } - } - - Enumeration<?> propertyNames = result.propertyNames(); - - while (propertyNames.hasMoreElements()) { - String key = (String) propertyNames.nextElement(); - String json = result.getProperty(key); - - dbConfiguration.setStringValue(key, json); - } - - } catch (ConfigurationException | MOADatabaseException | at.gv.egiz.components.configuration.api.ConfigurationException e1) { - log.warn("General MOA-ID config can not be stored in Database", e1); - addActionError(e1.getMessage()); - - formID = Random.nextRandom(); - session.setAttribute(Constants.SESSION_FORMID, formID); - return Constants.STRUTS_ERROR_VALIDATION; - - } - - finally { - - } - - //set new formID - formID = Random.nextRandom(); - session.setAttribute(Constants.SESSION_FORMID, formID); - - log.info("Legacy Configuration load is completed."); - addActionMessage(LanguageHelper.getGUIString("webpages.inportexport.success", request)); - return Constants.STRUTS_SUCCESS; - - } else { - log.info("No access to Import/Export for User with ID" + authUser.getUserID()); - addActionError(LanguageHelper.getErrorString("errors.notallowed", request)); - return Constants.STRUTS_NOTALLOWED; - } - } - - public String downloadXMLConfig() { - try { - populateBasicInformations(); - - } catch (BasicActionException e) { - return Constants.STRUTS_ERROR; - - } - - Object formidobj = session.getAttribute(Constants.SESSION_FORMID); - if (formidobj != null && formidobj instanceof String) { - String formid = (String) formidobj; - if (!formid.equals(formID)) { - log.warn("FormIDs does not match. Some suspect Form is received from user " - + authUser.getFamilyName() + authUser.getGivenName() + authUser.getUserID()); - return Constants.STRUTS_ERROR; - } - } else { - log.warn("FormIDs does not match. Some suspect Form is received from user " - + authUser.getFamilyName() + authUser.getGivenName() + authUser.getUserID()); - return Constants.STRUTS_ERROR; - } - session.setAttribute(Constants.SESSION_FORMID, null); - - if (authUser.isAdmin()) { - - log.info("Write MOA-ID 3.x config"); - try { - - Configuration dbConfiguration = - (Configuration) ConfigurationProvider.getInstance().getContext().getBean("moaidconfig"); - - if (dbConfiguration == null) { - log.warn("Open Database connection FAILED."); - addActionError("Open Database connection FAILED."); - - formID = Random.nextRandom(); - session.setAttribute(Constants.SESSION_FORMID, formID); - return Constants.STRUTS_ERROR_VALIDATION; - - } - - Properties result = new Properties(); - String[] allConfigIDs = dbConfiguration.getConfigurationIds(); - for (String key : allConfigIDs) { - String value = dbConfiguration.getStringValue(key); - if (MiscUtil.isNotEmpty(value)) { - result.put(key, value); - log.debug("Put key: " + key + " with value: " + value + " to property file."); - - } else - log.info("Leave key: " + key + " Reason: Value is null or empty"); - - } - - - if (result.isEmpty()) { - log.info("No MOA-ID 3.x configruation available"); - addActionError(LanguageHelper.getErrorString("errors.importexport.export.noconfig", request)); - - formID = Random.nextRandom(); - session.setAttribute(Constants.SESSION_FORMID, formID); - return Constants.STRUTS_ERROR_VALIDATION; - } - - ByteArrayOutputStream output = new ByteArrayOutputStream(); - result.store(output, null); - fileInputStream = new ByteArrayInputStream(output.toByteArray()); - - } catch (IOException | at.gv.egiz.components.configuration.api.ConfigurationException e) { - log.info("MOA-ID 3.x configruation could not be exported into file.", e); - addActionError(LanguageHelper.getErrorString("errors.importexport.export", - new Object[]{e.getMessage()}, request)); - - formID = Random.nextRandom(); - session.setAttribute(Constants.SESSION_FORMID, formID); - return Constants.STRUTS_ERROR_VALIDATION; - - } catch (ConfigurationException | BeansException e) { - log.warn("Open Database connection FAILED."); - addActionError("Open Database connection FAILED."); - - formID = Random.nextRandom(); - session.setAttribute(Constants.SESSION_FORMID, formID); - return Constants.STRUTS_ERROR_VALIDATION; - } - - finally { - - } - - - //set new formID - formID = Random.nextRandom(); - session.setAttribute(Constants.SESSION_FORMID, formID); - - return Constants.STRUTS_SUCCESS; - } else { - log.info("No access to Import/Export for User with ID" + authUser.getUserID()); - addActionError(LanguageHelper.getErrorString("errors.notallowed", request)); - return Constants.STRUTS_NOTALLOWED; - } - } - - - public String importXMLConfig() { - try { - populateBasicInformations(); - - } catch (BasicActionException e) { - return Constants.STRUTS_ERROR; - - } - - Object formidobj = session.getAttribute(Constants.SESSION_FORMID); - if (formidobj != null && formidobj instanceof String) { - String formid = (String) formidobj; - if (!formid.equals(formID)) { - log.warn("FormIDs does not match. Some suspect Form is received from user " - + authUser.getFamilyName() + authUser.getGivenName() + authUser.getUserID()); - return Constants.STRUTS_ERROR; - } - } else { - log.warn("FormIDs does not match. Some suspect Form is received from user " - + authUser.getFamilyName() + authUser.getGivenName() + authUser.getUserID()); - return Constants.STRUTS_ERROR; - } - - session.setAttribute(Constants.SESSION_FORMID, null); - - if (authUser.isAdmin()) { - - if (fileUpload == null) { - addActionError(LanguageHelper.getErrorString("errors.importexport.nofile", request)); - - formID = Random.nextRandom(); - session.setAttribute(Constants.SESSION_FORMID, formID); - - return Constants.STRUTS_ERROR_VALIDATION; - } - - log.info("Load configuration from MOA-ID 3.x XML configuration"); - - try { - - Properties inProperties = new Properties(); - inProperties.load(new FileInputStream(fileUpload)); - - //check if XML config should be use - log.warn("WARNING! MOA-ID 2.0 is started with XML configuration. This setup overstrike the actual configuration in the Database!"); - - Configuration dbConfiguration = - (Configuration) ConfigurationProvider.getInstance().getContext().getBean("moaidconfig"); - - if (dbConfiguration == null) { - log.warn("Open Database connection FAILED."); - addActionError("Open Database connection FAILED."); - - formID = Random.nextRandom(); - session.setAttribute(Constants.SESSION_FORMID, formID); - return Constants.STRUTS_ERROR_VALIDATION; - - } - - boolean isOverwriteData = true; - - List<String> keys = Arrays.asList(dbConfiguration.getConfigurationIds()); - - if (keys == null) { - log.info("Configuration is not readable."); - throw new MOADatabaseException("Configuration is not readable."); - } - - if (isOverwriteData) { - // remove existing entries - for (String key : keys) { - dbConfiguration.deleteIds(key); - } - } - - Enumeration<?> propertyNames = inProperties.propertyNames(); - - while (propertyNames.hasMoreElements()) { - String key = (String) propertyNames.nextElement(); - String json = inProperties.getProperty(key); - - dbConfiguration.setStringValue(key, json); - } - - } catch (Exception e) { - log.warn("MOA-ID XML configuration can not be loaded from File.", e); - addActionError(LanguageHelper.getErrorString("errors.importexport.import", - new Object[]{e.getMessage()}, request)); - - formID = Random.nextRandom(); - session.setAttribute(Constants.SESSION_FORMID, formID); - return Constants.STRUTS_ERROR_VALIDATION; - - } - - finally { - - } - - //set new formID - formID = Random.nextRandom(); - session.setAttribute(Constants.SESSION_FORMID, formID); - - log.info("XML Configuration load is completed."); - addActionMessage(LanguageHelper.getGUIString("webpages.inportexport.success", request)); - return Constants.STRUTS_SUCCESS; - - } else { - log.info("No access to Import/Export for User with ID" + authUser.getUserID()); - addActionError(LanguageHelper.getErrorString("errors.notallowed", request)); - return Constants.STRUTS_NOTALLOWED; - } - - } - - /** - * @return the fileUpload - */ - public File getFileUpload() { - return fileUpload; - } - - - - /** - * @param fileUpload the fileUpload to set - */ - public void setFileUpload(File fileUpload) { - this.fileUpload = fileUpload; - } - - - - /** - * @return the fileUploadContentType - */ - public String getFileUploadContentType() { - return fileUploadContentType; - } - - - - /** - * @param fileUploadContentType the fileUploadContentType to set - */ - public void setFileUploadContentType(String fileUploadContentType) { - this.fileUploadContentType = fileUploadContentType; - } - - - - /** - * @return the fileUploadFileName - */ - public String getFileUploadFileName() { - return fileUploadFileName; - } - - - - /** - * @param fileUploadFileName the fileUploadFileName to set - */ - public void setFileUploadFileName(String fileUploadFileName) { - this.fileUploadFileName = fileUploadFileName; - } - - - public InputStream getFileInputStream() { - return fileInputStream; - } - - /** - * @return the formID - */ - public String getFormID() { - return formID; - } - - /** - * @param formID the formID to set - */ - public void setFormID(String formID) { - this.formID = formID; - } - + + private static final long serialVersionUID = 1L; + + private String formID; + private File fileUpload = null; + private String fileUploadContentType = null; + private String fileUploadFileName = null; + + private InputStream fileInputStream; + + public String init() { + try { + populateBasicInformations(); + + } catch (final BasicActionException e) { + return Constants.STRUTS_ERROR; + + } + + if (authUser.isAdmin()) { + + formID = Random.nextRandom(); + session.setAttribute(Constants.SESSION_FORMID, formID); + + return Constants.STRUTS_SUCCESS; + + } else { + log.info("No access to Import/Export for User with ID" + authUser.getUserID()); + addActionError(LanguageHelper.getErrorString("errors.notallowed", request)); + return Constants.STRUTS_NOTALLOWED; + } + } + + public String importLegacyConfig() throws ConfigurationException { + try { + populateBasicInformations(); + + } catch (final BasicActionException e) { + return Constants.STRUTS_ERROR; + + } + + final Object formidobj = session.getAttribute(Constants.SESSION_FORMID); + if (formidobj != null && formidobj instanceof String) { + final String formid = (String) formidobj; + if (!formid.equals(formID)) { + log.warn("FormIDs does not match. Some suspect Form is received from user " + + authUser.getFamilyName() + authUser.getGivenName() + authUser.getUserID()); + return Constants.STRUTS_ERROR; + } + } else { + log.warn("FormIDs does not match. Some suspect Form is received from user " + + authUser.getFamilyName() + authUser.getGivenName() + authUser.getUserID()); + return Constants.STRUTS_ERROR; + } + session.setAttribute(Constants.SESSION_FORMID, null); + + if (authUser.isAdmin()) { + + // load legacy config if it is configured + + if (fileUpload == null) { + addActionError(LanguageHelper.getErrorString("errors.importexport.nofile", request)); + + formID = Random.nextRandom(); + session.setAttribute(Constants.SESSION_FORMID, formID); + return Constants.STRUTS_ERROR_VALIDATION; + } + + Properties result = null; + + try { + log.warn("WARNING! The legacy import deletes the hole old config"); + + final InputStream inStream = new FileInputStream(fileUpload); + // get config from xml file + final JAXBContext jc = JAXBContext.newInstance( + "at.gv.egovernment.moa.id.commons.db.dao.config.deprecated"); + final Unmarshaller m = jc.createUnmarshaller(); + final MOAIDConfiguration config = (MOAIDConfiguration) m.unmarshal(inStream); + + // serialize config to JSON properties + result = ConfigurationUtil.moaIdConfigToJsonProperties(config); + + if (result == null || result.isEmpty()) { + log.info("Legacy configuration has is empty"); + addActionError(LanguageHelper.getErrorString("errors.importexport.legacyimport", new Object[] { + "Empty Configuratiobn" }, request)); + + formID = Random.nextRandom(); + session.setAttribute(Constants.SESSION_FORMID, formID); + return Constants.STRUTS_ERROR_VALIDATION; + + } + + } catch (JAXBException | FileNotFoundException e) { + log.info("Legacy configuration has an Import Error", e); + addActionError(LanguageHelper.getErrorString("errors.importexport.legacyimport", new Object[] { e + .getMessage() }, request)); + + formID = Random.nextRandom(); + session.setAttribute(Constants.SESSION_FORMID, formID); + return Constants.STRUTS_ERROR_VALIDATION; + + } + + try { + // check if XML config should be use + log.warn( + "WARNING! MOA-ID 2.0 is started with XML configuration. This setup overstrike the actual configuration in the Database!"); + + final Configuration dbConfiguration = + (Configuration) ConfigurationProvider.getInstance().getContext().getBean("moaidconfig"); + + if (dbConfiguration == null) { + log.warn("Open Database connection FAILED."); + addActionError("Open Database connection FAILED."); + + formID = Random.nextRandom(); + session.setAttribute(Constants.SESSION_FORMID, formID); + return Constants.STRUTS_ERROR_VALIDATION; + + } + + final boolean isOverwriteData = true; + + final List<String> keys = Arrays.asList(dbConfiguration.getConfigurationIds()); + + if (keys == null) { + log.info("Configuration is not readable."); + throw new MOADatabaseException("Configuration is not readable."); + } + + if (isOverwriteData) { + // remove existing entries + for (final String key : keys) { + dbConfiguration.deleteIds(key); + } + } + + final Enumeration<?> propertyNames = result.propertyNames(); + + while (propertyNames.hasMoreElements()) { + final String key = (String) propertyNames.nextElement(); + final String json = result.getProperty(key); + + dbConfiguration.setStringValue(key, json); + } + + } catch (ConfigurationException | MOADatabaseException + | at.gv.egiz.components.configuration.api.ConfigurationException e1) { + log.warn("General MOA-ID config can not be stored in Database", e1); + addActionError(e1.getMessage()); + + formID = Random.nextRandom(); + session.setAttribute(Constants.SESSION_FORMID, formID); + return Constants.STRUTS_ERROR_VALIDATION; + + } + + finally { + + } + + // set new formID + formID = Random.nextRandom(); + session.setAttribute(Constants.SESSION_FORMID, formID); + + log.info("Legacy Configuration load is completed."); + addActionMessage(LanguageHelper.getGUIString("webpages.inportexport.success", request)); + return Constants.STRUTS_SUCCESS; + + } else { + log.info("No access to Import/Export for User with ID" + authUser.getUserID()); + addActionError(LanguageHelper.getErrorString("errors.notallowed", request)); + return Constants.STRUTS_NOTALLOWED; + } + } + + public String downloadXMLConfig() { + try { + populateBasicInformations(); + + } catch (final BasicActionException e) { + return Constants.STRUTS_ERROR; + + } + + final Object formidobj = session.getAttribute(Constants.SESSION_FORMID); + if (formidobj != null && formidobj instanceof String) { + final String formid = (String) formidobj; + if (!formid.equals(formID)) { + log.warn("FormIDs does not match. Some suspect Form is received from user " + + authUser.getFamilyName() + authUser.getGivenName() + authUser.getUserID()); + return Constants.STRUTS_ERROR; + } + } else { + log.warn("FormIDs does not match. Some suspect Form is received from user " + + authUser.getFamilyName() + authUser.getGivenName() + authUser.getUserID()); + return Constants.STRUTS_ERROR; + } + session.setAttribute(Constants.SESSION_FORMID, null); + + if (authUser.isAdmin()) { + + log.info("Write MOA-ID 3.x config"); + try { + + final Configuration dbConfiguration = + (Configuration) ConfigurationProvider.getInstance().getContext().getBean("moaidconfig"); + + if (dbConfiguration == null) { + log.warn("Open Database connection FAILED."); + addActionError("Open Database connection FAILED."); + + formID = Random.nextRandom(); + session.setAttribute(Constants.SESSION_FORMID, formID); + return Constants.STRUTS_ERROR_VALIDATION; + + } + + final Properties result = new Properties(); + final String[] allConfigIDs = dbConfiguration.getConfigurationIds(); + for (final String key : allConfigIDs) { + final String value = dbConfiguration.getStringValue(key); + if (MiscUtil.isNotEmpty(value)) { + result.put(key, value); + log.debug("Put key: " + key + " with value: " + value + " to property file."); + + } else { + log.info("Leave key: " + key + " Reason: Value is null or empty"); + } + + } + + if (result.isEmpty()) { + log.info("No MOA-ID 3.x configruation available"); + addActionError(LanguageHelper.getErrorString("errors.importexport.export.noconfig", request)); + + formID = Random.nextRandom(); + session.setAttribute(Constants.SESSION_FORMID, formID); + return Constants.STRUTS_ERROR_VALIDATION; + } + + final ByteArrayOutputStream output = new ByteArrayOutputStream(); + result.store(output, null); + fileInputStream = new ByteArrayInputStream(output.toByteArray()); + + } catch (IOException | at.gv.egiz.components.configuration.api.ConfigurationException e) { + log.info("MOA-ID 3.x configruation could not be exported into file.", e); + addActionError(LanguageHelper.getErrorString("errors.importexport.export", + new Object[] { e.getMessage() }, request)); + + formID = Random.nextRandom(); + session.setAttribute(Constants.SESSION_FORMID, formID); + return Constants.STRUTS_ERROR_VALIDATION; + + } catch (ConfigurationException | BeansException e) { + log.warn("Open Database connection FAILED."); + addActionError("Open Database connection FAILED."); + + formID = Random.nextRandom(); + session.setAttribute(Constants.SESSION_FORMID, formID); + return Constants.STRUTS_ERROR_VALIDATION; + } + + finally { + + } + + // set new formID + formID = Random.nextRandom(); + session.setAttribute(Constants.SESSION_FORMID, formID); + + return Constants.STRUTS_SUCCESS; + } else { + log.info("No access to Import/Export for User with ID" + authUser.getUserID()); + addActionError(LanguageHelper.getErrorString("errors.notallowed", request)); + return Constants.STRUTS_NOTALLOWED; + } + } + + public String importXMLConfig() { + try { + populateBasicInformations(); + + } catch (final BasicActionException e) { + return Constants.STRUTS_ERROR; + + } + + final Object formidobj = session.getAttribute(Constants.SESSION_FORMID); + if (formidobj != null && formidobj instanceof String) { + final String formid = (String) formidobj; + if (!formid.equals(formID)) { + log.warn("FormIDs does not match. Some suspect Form is received from user " + + authUser.getFamilyName() + authUser.getGivenName() + authUser.getUserID()); + return Constants.STRUTS_ERROR; + } + } else { + log.warn("FormIDs does not match. Some suspect Form is received from user " + + authUser.getFamilyName() + authUser.getGivenName() + authUser.getUserID()); + return Constants.STRUTS_ERROR; + } + + session.setAttribute(Constants.SESSION_FORMID, null); + + if (authUser.isAdmin()) { + + if (fileUpload == null) { + addActionError(LanguageHelper.getErrorString("errors.importexport.nofile", request)); + + formID = Random.nextRandom(); + session.setAttribute(Constants.SESSION_FORMID, formID); + + return Constants.STRUTS_ERROR_VALIDATION; + } + + log.info("Load configuration from MOA-ID 3.x XML configuration"); + + try { + + final Properties inProperties = new Properties(); + inProperties.load(new FileInputStream(fileUpload)); + + // check if XML config should be use + log.warn( + "WARNING! MOA-ID 2.0 is started with XML configuration. This setup overstrike the actual configuration in the Database!"); + + final Configuration dbConfiguration = + (Configuration) ConfigurationProvider.getInstance().getContext().getBean("moaidconfig"); + + if (dbConfiguration == null) { + log.warn("Open Database connection FAILED."); + addActionError("Open Database connection FAILED."); + + formID = Random.nextRandom(); + session.setAttribute(Constants.SESSION_FORMID, formID); + return Constants.STRUTS_ERROR_VALIDATION; + + } + + final boolean isOverwriteData = true; + + final List<String> keys = Arrays.asList(dbConfiguration.getConfigurationIds()); + + if (keys == null) { + log.info("Configuration is not readable."); + throw new MOADatabaseException("Configuration is not readable."); + } + + if (isOverwriteData) { + // remove existing entries + for (final String key : keys) { + dbConfiguration.deleteIds(key); + } + } + + final Enumeration<?> propertyNames = inProperties.propertyNames(); + + while (propertyNames.hasMoreElements()) { + final String key = (String) propertyNames.nextElement(); + final String json = inProperties.getProperty(key); + + dbConfiguration.setStringValue(key, json); + } + + } catch (final Exception e) { + log.warn("MOA-ID XML configuration can not be loaded from File.", e); + addActionError(LanguageHelper.getErrorString("errors.importexport.import", + new Object[] { e.getMessage() }, request)); + + formID = Random.nextRandom(); + session.setAttribute(Constants.SESSION_FORMID, formID); + return Constants.STRUTS_ERROR_VALIDATION; + + } + + finally { + + } + + // set new formID + formID = Random.nextRandom(); + session.setAttribute(Constants.SESSION_FORMID, formID); + + log.info("XML Configuration load is completed."); + addActionMessage(LanguageHelper.getGUIString("webpages.inportexport.success", request)); + return Constants.STRUTS_SUCCESS; + + } else { + log.info("No access to Import/Export for User with ID" + authUser.getUserID()); + addActionError(LanguageHelper.getErrorString("errors.notallowed", request)); + return Constants.STRUTS_NOTALLOWED; + } + + } + + /** + * @return the fileUpload + */ + public File getFileUpload() { + return fileUpload; + } + + /** + * @param fileUpload the fileUpload to set + */ + public void setFileUpload(File fileUpload) { + this.fileUpload = fileUpload; + } + + /** + * @return the fileUploadContentType + */ + public String getFileUploadContentType() { + return fileUploadContentType; + } + + /** + * @param fileUploadContentType the fileUploadContentType to set + */ + public void setFileUploadContentType(String fileUploadContentType) { + this.fileUploadContentType = fileUploadContentType; + } + + /** + * @return the fileUploadFileName + */ + public String getFileUploadFileName() { + return fileUploadFileName; + } + + /** + * @param fileUploadFileName the fileUploadFileName to set + */ + public void setFileUploadFileName(String fileUploadFileName) { + this.fileUploadFileName = fileUploadFileName; + } + + public InputStream getFileInputStream() { + return fileInputStream; + } + + /** + * @return the formID + */ + @Override + public String getFormID() { + return formID; + } + + /** + * @param formID the formID to set + */ + @Override + public void setFormID(String formID) { + this.formID = formID; + } + } diff --git a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/struts/action/IndexAction.java b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/struts/action/IndexAction.java index 6f9d233b1..666785e24 100644 --- a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/struts/action/IndexAction.java +++ b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/struts/action/IndexAction.java @@ -35,7 +35,6 @@ import javax.servlet.http.HttpServletRequest; import javax.servlet.http.HttpSession; import org.apache.commons.lang.StringEscapeUtils; -import org.apache.log4j.Logger; import org.joda.time.DateTime; import org.opensaml.common.SAMLObject; import org.opensaml.common.binding.BasicSAMLMessageContext; @@ -78,817 +77,837 @@ import at.gv.egovernment.moa.id.configuration.helper.DateTimeHelper; import at.gv.egovernment.moa.id.configuration.helper.LanguageHelper; import at.gv.egovernment.moa.id.configuration.helper.MailHelper; import at.gv.egovernment.moa.util.MiscUtil; +import lombok.extern.slf4j.Slf4j; +@Slf4j public class IndexAction extends BasicAction { - - /** - * @throws ConfigurationException - */ - - private static final long serialVersionUID = -2781497863862504896L; - - private static final Logger log = Logger.getLogger(IndexAction.class); - - private String password; - private String username; - private UserDatabaseFrom user = null; - private String formID; - - private String ssologouturl; - - private boolean pvp2LoginActiv = false; - - public IndexAction() throws BasicActionException { - super(); - } - - public String start() { - try { - populateBasicInformations(); - - } catch (BasicActionException e) { - return Constants.STRUTS_ERROR; - - } - - pvp2LoginActiv = configuration.isPVP2LoginActive(); - - if (session.getAttribute(Constants.SESSION_I18n) == null) - session.setAttribute(Constants.SESSION_I18n, - Locale.forLanguageTag(configuration.getDefaultLanguage())); - - if (configuration.isLoginDeaktivated()) { - return "loginWithOutAuth"; - - } else { - return Constants.STRUTS_SUCCESS; - - } - } - - public String authenticate() { - - try { - populateBasicInformations(); - - } catch (BasicActionException e) { - return Constants.STRUTS_ERROR; - - } - - pvp2LoginActiv = configuration.isPVP2LoginActive(); - - String key = null; - - if (MiscUtil.isNotEmpty(username)) { - if (ValidationHelper.containsNotValidCharacter(username, false)) { - log.warn("Username contains potentail XSS characters: " + StringEscapeUtils.escapeHtml(username)); - addActionError(LanguageHelper.getErrorString("validation.edituser.username.valid", - new Object[] {ValidationHelper.getNotValidCharacter(false)}, request )); - return Constants.STRUTS_ERROR; - } - } else { - log.warn("Username is empty"); - addActionError(LanguageHelper.getErrorString("validation.edituser.username.empty", request)); - return Constants.STRUTS_ERROR; - } - - if (MiscUtil.isEmpty(password)) { - log.warn("Password is empty"); - addActionError(LanguageHelper.getErrorString("validation.edituser.password.empty", request)); - return Constants.STRUTS_ERROR; - - } else { - key = AuthenticationHelper.generateKeyFormPassword(password); - if (key == null) { - addActionError(LanguageHelper.getErrorString("validation.edituser.password.valid", request)); - return Constants.STRUTS_ERROR; - } - } - - - UserDatabase dbuser = configuration.getUserManagement().getUserWithUserName(username); - if (dbuser == null) { - log.warn("Unknown Username"); - addActionError(LanguageHelper.getErrorString("webpages.index.login.notallowed", request)); - return Constants.STRUTS_ERROR; - - } else { - //TODO: maybe remove this default value in a later version - if (dbuser.isIsUsernamePasswordAllowed() == null) - dbuser.setIsUsernamePasswordAllowed(true); - - if (!dbuser.isIsActive() || !dbuser.isIsUsernamePasswordAllowed()) { - log.warn("Username " + StringEscapeUtils.escapeHtml(dbuser.getUsername()) + " is not active or Username/Password login is not allowed"); - addActionError(LanguageHelper.getErrorString("webpages.index.login.notallowed", request)); - return Constants.STRUTS_ERROR; - } - - if (!dbuser.getPassword().equals(key)) { - log.warn("Username " + StringEscapeUtils.escapeHtml(dbuser.getUsername()) + " use a false password"); - addActionError(LanguageHelper.getErrorString("webpages.index.login.notallowed", request)); - return Constants.STRUTS_ERROR; - } - - //TODO: maybe remove this default value in a later version - boolean ismandateuser = false; - if (dbuser.isIsMandateUser() != null) - ismandateuser = dbuser.isIsMandateUser(); - - int sessionTimeOut = session.getMaxInactiveInterval(); - Date sessionExpired = new Date(new Date().getTime() + - (sessionTimeOut * Constants.ONE_MINUTE_IN_MILLIS)); - - AuthenticatedUser authuser = new AuthenticatedUser(dbuser, - true, - ismandateuser, - false, - dbuser.getHjid()+"dbID", - "username/password", - sessionExpired); - - //store user as authenticated user - AuthenticationManager authManager = AuthenticationManager.getInstance(); - authManager.setActiveUser(authuser); - - Date date = DateTimeHelper.parseDateTime(dbuser.getLastLogin()); - if (date != null) - authuser.setLastLogin(date);; - - dbuser.setLastLogin(DateTimeHelper.getDateTime(new Date())); - - try { - configuration.getUserManagement().saveOrUpdate(dbuser); - - } catch (MOADatabaseException e) { - log.warn("UserDatabase communicaton error", e); - addActionError(LanguageHelper.getErrorString("error.login", request)); - return Constants.STRUTS_ERROR; - } - finally { - } - - HttpSession session = generateNewJSession(request); - session.setAttribute(Constants.SESSION_AUTH, authuser); - - return Constants.STRUTS_SUCCESS; - } - } - - public String pvp2login() { - - try { - populateBasicInformations(); - - } catch (BasicActionException e) { - return Constants.STRUTS_ERROR; - - } - - String method = request.getMethod(); - if (session == null) { - log.info("NO HTTP Session"); - return Constants.STRUTS_ERROR; - } - - String authID = (String) session.getAttribute(Constants.SESSION_PVP2REQUESTID); - session.setAttribute(Constants.SESSION_PVP2REQUESTID, null); - - if (method.equals("POST")) { - - try { - pvp2LoginActiv = configuration.isPVP2LoginActive(); - - //Decode with HttpPost Binding - HTTPPostDecoder decode = new HTTPPostDecoder(new BasicParserPool()); - BasicSAMLMessageContext<Response, ?, ?> messageContext = new BasicSAMLMessageContext<Response, SAMLObject, SAMLObject>(); - messageContext - .setInboundMessageTransport(new HttpServletRequestAdapter( - request)); - decode.decode(messageContext); - - Response samlResponse = (Response) messageContext.getInboundMessage(); - - //ckeck InResponseTo matchs requestID - if (MiscUtil.isEmpty(authID)) { - log.info("NO AuthRequestID"); - return Constants.STRUTS_ERROR; - } - - if (!authID.equals(samlResponse.getInResponseTo())) { - log.warn("PVPRequestID does not match PVP2 Assertion ID!"); - return Constants.STRUTS_ERROR; - - } - - //check response destination - String serviceURL = configuration.getPublicUrlPreFix(request); - if (!serviceURL.endsWith("/")) - serviceURL = serviceURL + "/"; - - String responseDestination = samlResponse.getDestination(); - if (MiscUtil.isEmpty(responseDestination) || - !responseDestination.equals(serviceURL + Constants.SERVLET_PVP2ASSERTION)) { - log.warn("PVPResponse destination does not match requested destination"); - return Constants.STRUTS_ERROR; - } - - //check if response is signed - Signature sign = samlResponse.getSignature(); - if (sign == null) { - log.info("Only http POST Requests can be used"); - addActionError(LanguageHelper.getErrorString("error.login", request)); - return Constants.STRUTS_ERROR; - } - - //validate signature - PVP2Utils.validateSignature(samlResponse, configuration); - - log.info("PVP2 Assertion is valid"); - - if (samlResponse.getStatus().getStatusCode().getValue().equals(StatusCode.SUCCESS_URI)) { - - List<org.opensaml.saml2.core.Assertion> saml2assertions = new ArrayList<org.opensaml.saml2.core.Assertion>(); - - //check encrypted Assertion - List<EncryptedAssertion> encryAssertionList = samlResponse.getEncryptedAssertions(); - if (encryAssertionList != null && encryAssertionList.size() > 0) { - //decrypt assertions - - log.debug("Found encryped assertion. Start decryption ..."); - - KeyStore keyStore = configuration.getPVP2KeyStore(); - - X509Credential authDecCredential = new KeyStoreX509CredentialAdapter( - keyStore, - configuration.getPVP2KeystoreAuthRequestEncryptionKeyAlias(), - configuration.getPVP2KeystoreAuthRequestEncryptionKeyPassword().toCharArray()); - - - StaticKeyInfoCredentialResolver skicr = - new StaticKeyInfoCredentialResolver(authDecCredential); - - ChainingEncryptedKeyResolver encryptedKeyResolver = new ChainingEncryptedKeyResolver(); - encryptedKeyResolver.getResolverChain().add( new InlineEncryptedKeyResolver() ); - encryptedKeyResolver.getResolverChain().add( new EncryptedElementTypeEncryptedKeyResolver() ); - encryptedKeyResolver.getResolverChain().add( new SimpleRetrievalMethodEncryptedKeyResolver() ); - - Decrypter samlDecrypter = - new Decrypter(null, skicr, encryptedKeyResolver); - - for (EncryptedAssertion encAssertion : encryAssertionList) { - saml2assertions.add(samlDecrypter.decrypt(encAssertion)); - - } - - log.debug("Assertion decryption finished. "); - - } else { - saml2assertions = samlResponse.getAssertions(); - - } - - for (org.opensaml.saml2.core.Assertion saml2assertion : saml2assertions) { - - Conditions conditions = saml2assertion.getConditions(); - DateTime notbefore = conditions.getNotBefore(); - DateTime notafter = conditions.getNotOnOrAfter(); - if ( notbefore.isAfterNow() || notafter.isBeforeNow() ) { - log.warn("PVP2 Assertion is out of Date"); - return Constants.STRUTS_ERROR; - - } - - Subject subject = saml2assertion.getSubject(); - if (subject == null) { - log.warn("Assertion has no Subject element"); - return Constants.STRUTS_ERROR; - - } - - NameID nameID = subject.getNameID(); - if (nameID == null) { - log.warn("No NameID element in PVP2 assertion!"); - return Constants.STRUTS_ERROR; - } - - String bpkwbpk = nameID.getNameQualifier() + "+" + nameID.getValue(); - - int sessionTimeOut = session.getMaxInactiveInterval(); - Date sessionExpired = new Date(new Date().getTime() + - (sessionTimeOut * Constants.ONE_MINUTE_IN_MILLIS)); - - //search user - UserDatabase dbuser = configuration.getUserManagement().getUserWithUserBPKWBPK(bpkwbpk); - if (dbuser == null) { - log.info("No user found with bpk/wbpk " + bpkwbpk); - - //read PVP2 assertion attributes; - user = new UserDatabaseFrom(); - user.setActive(false); - user.setAdmin(false); - user.setBpk(bpkwbpk); - user.setIsusernamepasswordallowed(false); - user.setIsmandateuser(false); - user.setPVPGenerated(true); - - //loop through the nodes to get what we want - List<AttributeStatement> attributeStatements = saml2assertion.getAttributeStatements(); - for (int i = 0; i < attributeStatements.size(); i++) - { - List<Attribute> attributes = attributeStatements.get(i).getAttributes(); - for (int x = 0; x < attributes.size(); x++) - { - String strAttributeName = attributes.get(x).getDOM().getAttribute("Name"); - - if (strAttributeName.equals(PVPAttributeDefinitions.PRINCIPAL_NAME_NAME)) { - user.setFamilyName(attributes.get(x).getAttributeValues().get(0).getDOM().getFirstChild().getNodeValue()); - } - - if (strAttributeName.equals(PVPAttributeDefinitions.GIVEN_NAME_NAME)) { - user.setGivenName(attributes.get(x).getAttributeValues().get(0).getDOM().getFirstChild().getNodeValue()); - } - - if (strAttributeName.equals(PVPAttributeDefinitions.MANDATE_TYPE_NAME)) { - user.setIsmandateuser(true); - } - - if (strAttributeName.equals(PVPAttributeDefinitions.MANDATE_LEG_PER_FULL_NAME_NAME)) { - user.setInstitut(attributes.get(x).getAttributeValues().get(0).getDOM().getFirstChild().getNodeValue()); - } - } - } - - //create AuthUser data element - authUser = AuthenticatedUser.generateUserRequestUser(user, - nameID.getValue(), - nameID.getFormat(), - sessionExpired); - - //store user as authenticated user - AuthenticationManager authManager = AuthenticationManager.getInstance(); - authManager.setActiveUser(authUser); - - //set Random value - formID = Random.nextRandom(); - session.setAttribute(Constants.SESSION_FORMID, formID); - session.setAttribute(Constants.SESSION_FORM, user); - session.setAttribute(Constants.SESSION_AUTH, authUser); - - - return Constants.STRUTS_NEWUSER; - - } else { - if (!dbuser.isIsActive()) { - - if (!dbuser.isIsMailAddressVerified()) { - - formID = Random.nextRandom(); - session.setAttribute(Constants.SESSION_FORMID, formID); - - user = new UserDatabaseFrom(dbuser); - authUser = new AuthenticatedUser(dbuser, - false, - dbuser.isIsMandateUser(), - true, - nameID.getValue(), - nameID.getFormat(), - sessionExpired); - - //store user as authenticated user - AuthenticationManager authManager = AuthenticationManager.getInstance(); - authManager.setActiveUser(authUser); - - session.setAttribute(Constants.SESSION_FORM, user); - session.setAttribute(Constants.SESSION_AUTH, authUser); - - return Constants.STRUTS_NEWUSER; - - } - - log.info("User with bpk/wbpk " + bpkwbpk + " is not active"); - addActionError(LanguageHelper.getErrorString("webpages.index.username.notactive", request)); - return Constants.STRUTS_ERROR; - } - - //TODO: maybe remove this default value in a later version - boolean ismandateuser = false; - if (dbuser.isIsMandateUser() != null) - ismandateuser = dbuser.isIsMandateUser(); - - authUser = new AuthenticatedUser(dbuser, true, - ismandateuser, - true, - nameID.getValue(), - nameID.getFormat(), - sessionExpired); - - //store user as authenticated user - AuthenticationManager authManager = AuthenticationManager.getInstance(); - authManager.setActiveUser(authUser); - - Date date = DateTimeHelper.parseDateTime(dbuser.getLastLogin()); - if (date != null) - authUser.setLastLogin(date);; - - dbuser.setLastLogin(DateTimeHelper.getDateTime(new Date())); - - try { - configuration.getUserManagement().saveOrUpdate(dbuser); - - } catch (MOADatabaseException e) { - log.warn("UserDatabase communicaton error", e); - addActionError(LanguageHelper.getErrorString("error.login", request)); - return Constants.STRUTS_ERROR; - } - finally { - } - - HttpSession newsession = generateNewJSession(request); - newsession.setAttribute(Constants.SESSION_AUTH, authUser); - return Constants.STRUTS_SUCCESS; - - } - } - - log.info("PVP2 Assertion was maybe not well formed, because no Assertion element could be found."); - addActionError(LanguageHelper.getErrorString("error.login.internal", request)); - return Constants.STRUTS_ERROR; - - } else { - log.info("Receive Error Assertion."); - addActionError(LanguageHelper.getErrorString("error.login", request)); - return Constants.STRUTS_ERROR; - } - - } catch (Exception e) { - log.warn("An internal error occurs.", e); - addActionError(LanguageHelper.getErrorString("error.login.internal", request)); - return Constants.STRUTS_ERROR; - } - - } else { - log.info("Only http POST Requests can be used"); - addActionError(LanguageHelper.getErrorString("error.login.internal", request)); - return Constants.STRUTS_ERROR; - } - } - - public String requestNewUser() { - - try { - populateBasicInformations(); - - } catch (BasicActionException e) { - return Constants.STRUTS_ERROR; - - } - - if (session == null) { - log.warn("No active Session found"); - return Constants.STRUTS_ERROR; - } - - Object formidobj = session.getAttribute(Constants.SESSION_FORMID); - if (formidobj != null && formidobj instanceof String) { - String formid = (String) formidobj; - if (!formid.equals(formID)) { - log.warn("FormIDs does not match. Some suspect Form is received from user " - + authUser.getFamilyName() + authUser.getGivenName() + authUser.getUserID()); - return Constants.STRUTS_ERROR; - } - } else { - log.warn("FormIDs does not match. Some suspect Form is received from user " - + authUser.getFamilyName() + authUser.getGivenName() + authUser.getUserID()); - return Constants.STRUTS_ERROR; - } - session.setAttribute(Constants.SESSION_FORMID, null); - - Object sessionformobj = session.getAttribute(Constants.SESSION_FORM); - if (sessionformobj != null && sessionformobj instanceof UserDatabaseFrom) { - UserDatabaseFrom sessionform = (UserDatabaseFrom) sessionformobj; - - Object authUserObj = session.getAttribute(Constants.SESSION_AUTH); - authUser = (AuthenticatedUser) authUserObj; - - if (user == null) { - log.warn("No form transmited"); - return Constants.STRUTS_ERROR; - } - - //get UserID - String useridobj = user.getUserID(); - long userID = -1; - if (MiscUtil.isEmpty(useridobj)) { - userID = -1; - - } else { - if (!ValidationHelper.validateOAID(useridobj)){ - log.warn("User with ID " + authUser.getUserID() - + " would access UserDatabase ID " + useridobj); - addActionError(LanguageHelper.getErrorString("errors.edit.user.notallowed", request)); - return Constants.STRUTS_ERROR; - } - userID = Long.valueOf(useridobj); - } - - String check; - if (!sessionform.isIsmandateuser()) { - check = user.getInstitut(); - if (MiscUtil.isNotEmpty(check)) { - if (ValidationHelper.containsNotValidCharacter(check, false)) { - log.warn("Organisation contains potentail XSS characters: " + StringEscapeUtils.escapeHtml(check)); - addActionError(LanguageHelper.getErrorString("validation.edituser.institut.valid", - new Object[] {ValidationHelper.getNotValidCharacter(false)}, request )); - } - } else { - log.warn("Organisation is empty"); - addActionError(LanguageHelper.getErrorString("validation.edituser.institut.empty", request)); - } - } - - check = user.getMail(); - if (MiscUtil.isNotEmpty(check)) { - if (!ValidationHelper.isEmailAddressFormat(check)) { - log.warn("Mailaddress is not valid: " + StringEscapeUtils.escapeHtml(check)); - addActionError(LanguageHelper.getErrorString("validation.edituser.mail.valid", - new Object[] {ValidationHelper.getNotValidCharacter(false)}, request )); - } - } else { - log.warn("Mailaddress is empty"); - addActionError(LanguageHelper.getErrorString("validation.edituser.mail.empty", request)); - } - - check = user.getPhone(); - if (MiscUtil.isNotEmpty(check)) { - if (!ValidationHelper.validatePhoneNumber(check)) { - log.warn("No valid Phone Number: " + StringEscapeUtils.escapeHtml(check)); - addActionError(LanguageHelper.getErrorString("validation.edituser.phone.valid", - new Object[] {ValidationHelper.getNotValidCharacter(false)}, request )); - } - } else { - log.warn("Phonenumber is empty"); - addActionError(LanguageHelper.getErrorString("validation.edituser.phone.empty", request)); - } - - if (hasActionErrors()) { - log.info("Some form errors found. Send user back to form"); - - user.setPVPGenerated(true); - user.setFamilyName(sessionform.getFamilyName()); - user.setGivenName(sessionform.getGivenName()); - user.setIsmandateuser(sessionform.isIsmandateuser()); - user.setBpk(sessionform.getBpk()); - - if (sessionform.isIsmandateuser()) - user.setInstitut(sessionform.getInstitut()); - - formID = Random.nextRandom(); - session.setAttribute(Constants.SESSION_FORMID, formID); - - return Constants.STRUTS_NEWUSER; - } - - UserDatabase dbuser; - - if (userID < 0) { - dbuser = new UserDatabase(); - dbuser.setBpk(sessionform.getBpk()); - dbuser.setFamilyname(sessionform.getFamilyName()); - dbuser.setGivenname(sessionform.getGivenName()); - - if (sessionform.isIsmandateuser()) - dbuser.setInstitut(sessionform.getInstitut()); - else - dbuser.setInstitut(user.getInstitut()); - - dbuser.setIsPVP2Generated(true); - dbuser.setLastLogin(DateTimeHelper.getDateTime(new Date())); - dbuser.setIsActive(false); - dbuser.setIsAdmin(false); - dbuser.setIsMandateUser(sessionform.isIsmandateuser()); - dbuser.setIsUsernamePasswordAllowed(false); - - } else - dbuser = configuration.getUserManagement().getUserWithID(userID); - - dbuser.setMail(user.getMail()); - dbuser.setPhone(user.getPhone()); - dbuser.setIsAdminRequest(true); - dbuser.setIsMailAddressVerified(false); - dbuser.setUserRequestTokken(Random.nextRandom()); - - try { - configuration.getUserManagement().saveOrUpdate(dbuser); - - MailHelper.sendUserMailAddressVerification(dbuser); - - } catch (MOADatabaseException e) { - log.warn("New UserRequest can not be stored in database", e); - return Constants.STRUTS_ERROR; - - } catch (ConfigurationException e) { - log.warn("Sending of mailaddress verification mail failed.", e); - addActionError(LanguageHelper.getErrorString("error.mail.send", request)); - return Constants.STRUTS_NEWUSER; - } - - finally { - session.setAttribute(Constants.SESSION_FORM, null); - session.setAttribute(Constants.SESSION_AUTH, null); - } - - addActionMessage(LanguageHelper.getGUIString("webpages.edituser.changemailaddress.verify", request)); - - session.invalidate(); - - return Constants.STRUTS_SUCCESS; - - } else { - log.warn("No SessionForm found"); - return Constants.STRUTS_ERROR; - } - - } - - public String mailAddressVerification() { - - try { - populateBasicInformations(); - - } catch (BasicActionException e) { - return Constants.STRUTS_ERROR; - - } - - String userrequesttokken = request.getParameter(Constants.REQUEST_USERREQUESTTOKKEN); - if (MiscUtil.isNotEmpty(userrequesttokken)) { - - userrequesttokken = StringEscapeUtils.escapeHtml(userrequesttokken); - - try { - Long.parseLong(userrequesttokken); - - } catch (NumberFormatException e) { - log.warn("Verificationtokken has no number format."); - return Constants.STRUTS_ERROR; - } - - UserDatabase dbuser = configuration.getUserManagement().getNewUserWithTokken(userrequesttokken); - if (dbuser != null) { - dbuser.setUserRequestTokken(null); - dbuser.setIsMailAddressVerified(true); - - if (dbuser.isIsActive()) - dbuser.setIsAdminRequest(false); - - try { - configuration.getUserManagement().saveOrUpdate(dbuser); - - int numoas = 0; - int numusers = 0; - - List<OnlineApplication> openOAs = configuration.getDbRead().getAllNewOnlineApplications(); - if (openOAs != null) - numoas = openOAs.size(); - - List<UserDatabase> openUsers = configuration.getUserManagement().getAllNewUsers(); - if (openUsers != null) - numusers = openUsers.size(); - - if (numusers > 0 || numoas > 0) - MailHelper.sendAdminMail(numoas, numusers); - - } catch (MOADatabaseException e) { - log.warn("Userinformation can not be stored in Database.", e); - addActionError(LanguageHelper.getErrorString("error.mail.verification", request)); - - } catch (ConfigurationException e) { - log.warn("Send mail to admin failed.", e); - } - - finally { - } - - addActionMessage(LanguageHelper.getGUIString("validation.newuser.mailaddress", request)); - return Constants.STRUTS_SUCCESS; - } - } - - return Constants.STRUTS_ERROR; - } - - public String logout() { - HttpSession session = request.getSession(false); - - if (session != null) { - if (MiscUtil.isNotEmpty((String)session.getAttribute(Constants.SESSION_SLOSUCCESS))) - addActionMessage((String)session.getAttribute(Constants.SESSION_SLOSUCCESS)); - - if (MiscUtil.isNotEmpty((String)session.getAttribute(Constants.SESSION_SLOERROR))) - addActionError((String)session.getAttribute(Constants.SESSION_SLOERROR)); - - session.invalidate(); - - } - - return Constants.STRUTS_SUCCESS; - } - - private HttpSession generateNewJSession(HttpServletRequest request) { - HttpSession session = request.getSession(false); - - if (session != null) { - - HashMap<String, Object> attributes = new HashMap<String,Object>(); - - Enumeration<String> enames = session.getAttributeNames(); - while (enames.hasMoreElements()) { - String name = enames.nextElement(); - if (!name.equals("JSESSIONID")) - attributes.put(name, session.getAttribute( name)); - } - session.invalidate(); - - session = request.getSession(true); - for (Entry<String,Object> et : attributes.entrySet()) - session.setAttribute( et.getKey(), et.getValue()); - - } else - session = request.getSession(true); - - return session; - } - - /** - * @return the password - */ - public String getPassword() { - return password; - } - - /** - * @param password the password to set - */ - public void setPassword(String password) { - this.password = password; - } - - /** - * @return the username - */ - public String getUsername() { - return username; - } - - /** - * @param username the username to set - */ - public void setUsername(String username) { - this.username = username; - } - - /** - * @return the user - */ - public UserDatabaseFrom getUser() { - return user; - } - - /** - * @param user the user to set - */ - public void setUser(UserDatabaseFrom user) { - this.user = user; - } - - /** - * @return the ssologouturl - */ - public String getSsologouturl() { - return ssologouturl; - } - - /** - * @return the formID - */ - public String getFormID() { - return formID; - } - - /** - * @param formID the formID to set - */ - public void setFormID(String formID) { - this.formID = formID; - } - - /** - * @return the pvp2LoginActiv - */ - public boolean isPvp2LoginActiv() { - return pvp2LoginActiv; - } - - + + /** + * @throws ConfigurationException + */ + + private static final long serialVersionUID = -2781497863862504896L; + + private String password; + private String username; + private UserDatabaseFrom user = null; + private String formID; + + private String ssologouturl; + + private boolean pvp2LoginActiv = false; + + public IndexAction() throws BasicActionException { + super(); + } + + public String start() { + try { + populateBasicInformations(); + + } catch (final BasicActionException e) { + return Constants.STRUTS_ERROR; + + } + + pvp2LoginActiv = configuration.isPVP2LoginActive(); + + if (session.getAttribute(Constants.SESSION_I18n) == null) { + session.setAttribute(Constants.SESSION_I18n, + Locale.forLanguageTag(configuration.getDefaultLanguage())); + } + + if (configuration.isLoginDeaktivated()) { + return "loginWithOutAuth"; + + } else { + return Constants.STRUTS_SUCCESS; + + } + } + + public String authenticate() { + + try { + populateBasicInformations(); + + } catch (final BasicActionException e) { + return Constants.STRUTS_ERROR; + + } + + pvp2LoginActiv = configuration.isPVP2LoginActive(); + + String key = null; + + if (MiscUtil.isNotEmpty(username)) { + if (ValidationHelper.containsNotValidCharacter(username, false)) { + log.warn("Username contains potentail XSS characters: " + StringEscapeUtils.escapeHtml(username)); + addActionError(LanguageHelper.getErrorString("validation.edituser.username.valid", + new Object[] { ValidationHelper.getNotValidCharacter(false) }, request)); + return Constants.STRUTS_ERROR; + } + } else { + log.warn("Username is empty"); + addActionError(LanguageHelper.getErrorString("validation.edituser.username.empty", request)); + return Constants.STRUTS_ERROR; + } + + if (MiscUtil.isEmpty(password)) { + log.warn("Password is empty"); + addActionError(LanguageHelper.getErrorString("validation.edituser.password.empty", request)); + return Constants.STRUTS_ERROR; + + } else { + key = AuthenticationHelper.generateKeyFormPassword(password); + if (key == null) { + addActionError(LanguageHelper.getErrorString("validation.edituser.password.valid", request)); + return Constants.STRUTS_ERROR; + } + } + + final UserDatabase dbuser = configuration.getUserManagement().getUserWithUserName(username); + if (dbuser == null) { + log.warn("Unknown Username"); + addActionError(LanguageHelper.getErrorString("webpages.index.login.notallowed", request)); + return Constants.STRUTS_ERROR; + + } else { + // TODO: maybe remove this default value in a later version + if (dbuser.isIsUsernamePasswordAllowed() == null) { + dbuser.setIsUsernamePasswordAllowed(true); + } + + if (!dbuser.isIsActive() || !dbuser.isIsUsernamePasswordAllowed()) { + log.warn("Username " + StringEscapeUtils.escapeHtml(dbuser.getUsername()) + + " is not active or Username/Password login is not allowed"); + addActionError(LanguageHelper.getErrorString("webpages.index.login.notallowed", request)); + return Constants.STRUTS_ERROR; + } + + if (!dbuser.getPassword().equals(key)) { + log.warn("Username " + StringEscapeUtils.escapeHtml(dbuser.getUsername()) + " use a false password"); + addActionError(LanguageHelper.getErrorString("webpages.index.login.notallowed", request)); + return Constants.STRUTS_ERROR; + } + + // TODO: maybe remove this default value in a later version + boolean ismandateuser = false; + if (dbuser.isIsMandateUser() != null) { + ismandateuser = dbuser.isIsMandateUser(); + } + + final int sessionTimeOut = session.getMaxInactiveInterval(); + final Date sessionExpired = new Date(new Date().getTime() + + sessionTimeOut * Constants.ONE_MINUTE_IN_MILLIS); + + final AuthenticatedUser authuser = new AuthenticatedUser(dbuser, + true, + ismandateuser, + false, + dbuser.getHjid() + "dbID", + "username/password", + sessionExpired); + + // store user as authenticated user + final AuthenticationManager authManager = AuthenticationManager.getInstance(); + authManager.setActiveUser(authuser); + + final Date date = DateTimeHelper.parseDateTime(dbuser.getLastLogin()); + if (date != null) { + authuser.setLastLogin(date); + } + + dbuser.setLastLogin(DateTimeHelper.getDateTime(new Date())); + + try { + configuration.getUserManagement().saveOrUpdate(dbuser); + + } catch (final MOADatabaseException e) { + log.warn("UserDatabase communicaton error", e); + addActionError(LanguageHelper.getErrorString("error.login", request)); + return Constants.STRUTS_ERROR; + } finally { + } + + final HttpSession session = generateNewJSession(request); + session.setAttribute(Constants.SESSION_AUTH, authuser); + + return Constants.STRUTS_SUCCESS; + } + } + + public String pvp2login() { + + try { + populateBasicInformations(); + + } catch (final BasicActionException e) { + return Constants.STRUTS_ERROR; + + } + + final String method = request.getMethod(); + if (session == null) { + log.info("NO HTTP Session"); + return Constants.STRUTS_ERROR; + } + + final String authID = (String) session.getAttribute(Constants.SESSION_PVP2REQUESTID); + session.setAttribute(Constants.SESSION_PVP2REQUESTID, null); + + if (method.equals("POST")) { + + try { + pvp2LoginActiv = configuration.isPVP2LoginActive(); + + // Decode with HttpPost Binding + final HTTPPostDecoder decode = new HTTPPostDecoder(new BasicParserPool()); + final BasicSAMLMessageContext<Response, ?, ?> messageContext = + new BasicSAMLMessageContext<>(); + messageContext + .setInboundMessageTransport(new HttpServletRequestAdapter( + request)); + decode.decode(messageContext); + + final Response samlResponse = (Response) messageContext.getInboundMessage(); + + // ckeck InResponseTo matchs requestID + if (MiscUtil.isEmpty(authID)) { + log.info("NO AuthRequestID"); + return Constants.STRUTS_ERROR; + } + + if (!authID.equals(samlResponse.getInResponseTo())) { + log.warn("PVPRequestID does not match PVP2 Assertion ID!"); + return Constants.STRUTS_ERROR; + + } + + // check response destination + String serviceURL = configuration.getPublicUrlPreFix(request); + if (!serviceURL.endsWith("/")) { + serviceURL = serviceURL + "/"; + } + + final String responseDestination = samlResponse.getDestination(); + if (MiscUtil.isEmpty(responseDestination) || + !responseDestination.equals(serviceURL + Constants.SERVLET_PVP2ASSERTION)) { + log.warn("PVPResponse destination does not match requested destination"); + return Constants.STRUTS_ERROR; + } + + // check if response is signed + final Signature sign = samlResponse.getSignature(); + if (sign == null) { + log.info("Only http POST Requests can be used"); + addActionError(LanguageHelper.getErrorString("error.login", request)); + return Constants.STRUTS_ERROR; + } + + // validate signature + PVP2Utils.validateSignature(samlResponse, configuration); + + log.info("PVP2 Assertion is valid"); + + if (samlResponse.getStatus().getStatusCode().getValue().equals(StatusCode.SUCCESS_URI)) { + + List<org.opensaml.saml2.core.Assertion> saml2assertions = + new ArrayList<>(); + + // check encrypted Assertion + final List<EncryptedAssertion> encryAssertionList = samlResponse.getEncryptedAssertions(); + if (encryAssertionList != null && encryAssertionList.size() > 0) { + // decrypt assertions + + log.debug("Found encryped assertion. Start decryption ..."); + + final KeyStore keyStore = configuration.getPVP2KeyStore(); + + final X509Credential authDecCredential = new KeyStoreX509CredentialAdapter( + keyStore, + configuration.getPVP2KeystoreAuthRequestEncryptionKeyAlias(), + configuration.getPVP2KeystoreAuthRequestEncryptionKeyPassword().toCharArray()); + + final StaticKeyInfoCredentialResolver skicr = + new StaticKeyInfoCredentialResolver(authDecCredential); + + final ChainingEncryptedKeyResolver encryptedKeyResolver = new ChainingEncryptedKeyResolver(); + encryptedKeyResolver.getResolverChain().add(new InlineEncryptedKeyResolver()); + encryptedKeyResolver.getResolverChain().add(new EncryptedElementTypeEncryptedKeyResolver()); + encryptedKeyResolver.getResolverChain().add(new SimpleRetrievalMethodEncryptedKeyResolver()); + + final Decrypter samlDecrypter = + new Decrypter(null, skicr, encryptedKeyResolver); + + for (final EncryptedAssertion encAssertion : encryAssertionList) { + saml2assertions.add(samlDecrypter.decrypt(encAssertion)); + + } + + log.debug("Assertion decryption finished. "); + + } else { + saml2assertions = samlResponse.getAssertions(); + + } + + for (final org.opensaml.saml2.core.Assertion saml2assertion : saml2assertions) { + + final Conditions conditions = saml2assertion.getConditions(); + final DateTime notbefore = conditions.getNotBefore(); + final DateTime notafter = conditions.getNotOnOrAfter(); + if (notbefore.isAfterNow() || notafter.isBeforeNow()) { + log.warn("PVP2 Assertion is out of Date"); + return Constants.STRUTS_ERROR; + + } + + final Subject subject = saml2assertion.getSubject(); + if (subject == null) { + log.warn("Assertion has no Subject element"); + return Constants.STRUTS_ERROR; + + } + + final NameID nameID = subject.getNameID(); + if (nameID == null) { + log.warn("No NameID element in PVP2 assertion!"); + return Constants.STRUTS_ERROR; + } + + final String bpkwbpk = nameID.getNameQualifier() + "+" + nameID.getValue(); + + final int sessionTimeOut = session.getMaxInactiveInterval(); + final Date sessionExpired = new Date(new Date().getTime() + + sessionTimeOut * Constants.ONE_MINUTE_IN_MILLIS); + + // search user + final UserDatabase dbuser = configuration.getUserManagement().getUserWithUserBPKWBPK(bpkwbpk); + if (dbuser == null) { + log.info("No user found with bpk/wbpk " + bpkwbpk); + + // read PVP2 assertion attributes; + user = new UserDatabaseFrom(); + user.setActive(false); + user.setAdmin(false); + user.setBpk(bpkwbpk); + user.setIsusernamepasswordallowed(false); + user.setIsmandateuser(false); + user.setPVPGenerated(true); + + // loop through the nodes to get what we want + final List<AttributeStatement> attributeStatements = saml2assertion.getAttributeStatements(); + for (final AttributeStatement attributeStatement : attributeStatements) { + final List<Attribute> attributes = attributeStatement.getAttributes(); + for (final Attribute attribute : attributes) { + final String strAttributeName = attribute.getDOM().getAttribute("Name"); + + if (strAttributeName.equals(PVPAttributeDefinitions.PRINCIPAL_NAME_NAME)) { + user.setFamilyName(attribute.getAttributeValues().get(0).getDOM().getFirstChild() + .getNodeValue()); + } + + if (strAttributeName.equals(PVPAttributeDefinitions.GIVEN_NAME_NAME)) { + user.setGivenName(attribute.getAttributeValues().get(0).getDOM().getFirstChild() + .getNodeValue()); + } + + if (strAttributeName.equals(PVPAttributeDefinitions.MANDATE_TYPE_NAME)) { + user.setIsmandateuser(true); + } + + if (strAttributeName.equals(PVPAttributeDefinitions.MANDATE_LEG_PER_FULL_NAME_NAME)) { + user.setInstitut(attribute.getAttributeValues().get(0).getDOM().getFirstChild() + .getNodeValue()); + } + } + } + + // create AuthUser data element + authUser = AuthenticatedUser.generateUserRequestUser(user, + nameID.getValue(), + nameID.getFormat(), + sessionExpired); + + // store user as authenticated user + final AuthenticationManager authManager = AuthenticationManager.getInstance(); + authManager.setActiveUser(authUser); + + // set Random value + formID = Random.nextRandom(); + session.setAttribute(Constants.SESSION_FORMID, formID); + session.setAttribute(Constants.SESSION_FORM, user); + session.setAttribute(Constants.SESSION_AUTH, authUser); + + return Constants.STRUTS_NEWUSER; + + } else { + if (!dbuser.isIsActive()) { + + if (!dbuser.isIsMailAddressVerified()) { + + formID = Random.nextRandom(); + session.setAttribute(Constants.SESSION_FORMID, formID); + + user = new UserDatabaseFrom(dbuser); + authUser = new AuthenticatedUser(dbuser, + false, + dbuser.isIsMandateUser(), + true, + nameID.getValue(), + nameID.getFormat(), + sessionExpired); + + // store user as authenticated user + final AuthenticationManager authManager = AuthenticationManager.getInstance(); + authManager.setActiveUser(authUser); + + session.setAttribute(Constants.SESSION_FORM, user); + session.setAttribute(Constants.SESSION_AUTH, authUser); + + return Constants.STRUTS_NEWUSER; + + } + + log.info("User with bpk/wbpk " + bpkwbpk + " is not active"); + addActionError(LanguageHelper.getErrorString("webpages.index.username.notactive", request)); + return Constants.STRUTS_ERROR; + } + + // TODO: maybe remove this default value in a later version + boolean ismandateuser = false; + if (dbuser.isIsMandateUser() != null) { + ismandateuser = dbuser.isIsMandateUser(); + } + + authUser = new AuthenticatedUser(dbuser, true, + ismandateuser, + true, + nameID.getValue(), + nameID.getFormat(), + sessionExpired); + + // store user as authenticated user + final AuthenticationManager authManager = AuthenticationManager.getInstance(); + authManager.setActiveUser(authUser); + + final Date date = DateTimeHelper.parseDateTime(dbuser.getLastLogin()); + if (date != null) { + authUser.setLastLogin(date); + } + + dbuser.setLastLogin(DateTimeHelper.getDateTime(new Date())); + + try { + configuration.getUserManagement().saveOrUpdate(dbuser); + + } catch (final MOADatabaseException e) { + log.warn("UserDatabase communicaton error", e); + addActionError(LanguageHelper.getErrorString("error.login", request)); + return Constants.STRUTS_ERROR; + } finally { + } + + final HttpSession newsession = generateNewJSession(request); + newsession.setAttribute(Constants.SESSION_AUTH, authUser); + return Constants.STRUTS_SUCCESS; + + } + } + + log.info("PVP2 Assertion was maybe not well formed, because no Assertion element could be found."); + addActionError(LanguageHelper.getErrorString("error.login.internal", request)); + return Constants.STRUTS_ERROR; + + } else { + log.info("Receive Error Assertion."); + addActionError(LanguageHelper.getErrorString("error.login", request)); + return Constants.STRUTS_ERROR; + } + + } catch (final Exception e) { + log.warn("An internal error occurs.", e); + addActionError(LanguageHelper.getErrorString("error.login.internal", request)); + return Constants.STRUTS_ERROR; + } + + } else { + log.info("Only http POST Requests can be used"); + addActionError(LanguageHelper.getErrorString("error.login.internal", request)); + return Constants.STRUTS_ERROR; + } + } + + public String requestNewUser() { + + try { + populateBasicInformations(); + + } catch (final BasicActionException e) { + return Constants.STRUTS_ERROR; + + } + + if (session == null) { + log.warn("No active Session found"); + return Constants.STRUTS_ERROR; + } + + final Object formidobj = session.getAttribute(Constants.SESSION_FORMID); + if (formidobj != null && formidobj instanceof String) { + final String formid = (String) formidobj; + if (!formid.equals(formID)) { + log.warn("FormIDs does not match. Some suspect Form is received from user " + + authUser.getFamilyName() + authUser.getGivenName() + authUser.getUserID()); + return Constants.STRUTS_ERROR; + } + } else { + log.warn("FormIDs does not match. Some suspect Form is received from user " + + authUser.getFamilyName() + authUser.getGivenName() + authUser.getUserID()); + return Constants.STRUTS_ERROR; + } + session.setAttribute(Constants.SESSION_FORMID, null); + + final Object sessionformobj = session.getAttribute(Constants.SESSION_FORM); + if (sessionformobj != null && sessionformobj instanceof UserDatabaseFrom) { + final UserDatabaseFrom sessionform = (UserDatabaseFrom) sessionformobj; + + final Object authUserObj = session.getAttribute(Constants.SESSION_AUTH); + authUser = (AuthenticatedUser) authUserObj; + + if (user == null) { + log.warn("No form transmited"); + return Constants.STRUTS_ERROR; + } + + // get UserID + final String useridobj = user.getUserID(); + long userID = -1; + if (MiscUtil.isEmpty(useridobj)) { + userID = -1; + + } else { + if (!ValidationHelper.validateOAID(useridobj)) { + log.warn("User with ID " + authUser.getUserID() + + " would access UserDatabase ID " + useridobj); + addActionError(LanguageHelper.getErrorString("errors.edit.user.notallowed", request)); + return Constants.STRUTS_ERROR; + } + userID = Long.valueOf(useridobj); + } + + String check; + if (!sessionform.isIsmandateuser()) { + check = user.getInstitut(); + if (MiscUtil.isNotEmpty(check)) { + if (ValidationHelper.containsNotValidCharacter(check, false)) { + log.warn("Organisation contains potentail XSS characters: " + StringEscapeUtils.escapeHtml( + check)); + addActionError(LanguageHelper.getErrorString("validation.edituser.institut.valid", + new Object[] { ValidationHelper.getNotValidCharacter(false) }, request)); + } + } else { + log.warn("Organisation is empty"); + addActionError(LanguageHelper.getErrorString("validation.edituser.institut.empty", request)); + } + } + + check = user.getMail(); + if (MiscUtil.isNotEmpty(check)) { + if (!ValidationHelper.isEmailAddressFormat(check)) { + log.warn("Mailaddress is not valid: " + StringEscapeUtils.escapeHtml(check)); + addActionError(LanguageHelper.getErrorString("validation.edituser.mail.valid", + new Object[] { ValidationHelper.getNotValidCharacter(false) }, request)); + } + } else { + log.warn("Mailaddress is empty"); + addActionError(LanguageHelper.getErrorString("validation.edituser.mail.empty", request)); + } + + check = user.getPhone(); + if (MiscUtil.isNotEmpty(check)) { + if (!ValidationHelper.validatePhoneNumber(check)) { + log.warn("No valid Phone Number: " + StringEscapeUtils.escapeHtml(check)); + addActionError(LanguageHelper.getErrorString("validation.edituser.phone.valid", + new Object[] { ValidationHelper.getNotValidCharacter(false) }, request)); + } + } else { + log.warn("Phonenumber is empty"); + addActionError(LanguageHelper.getErrorString("validation.edituser.phone.empty", request)); + } + + if (hasActionErrors()) { + log.info("Some form errors found. Send user back to form"); + + user.setPVPGenerated(true); + user.setFamilyName(sessionform.getFamilyName()); + user.setGivenName(sessionform.getGivenName()); + user.setIsmandateuser(sessionform.isIsmandateuser()); + user.setBpk(sessionform.getBpk()); + + if (sessionform.isIsmandateuser()) { + user.setInstitut(sessionform.getInstitut()); + } + + formID = Random.nextRandom(); + session.setAttribute(Constants.SESSION_FORMID, formID); + + return Constants.STRUTS_NEWUSER; + } + + UserDatabase dbuser; + + if (userID < 0) { + dbuser = new UserDatabase(); + dbuser.setBpk(sessionform.getBpk()); + dbuser.setFamilyname(sessionform.getFamilyName()); + dbuser.setGivenname(sessionform.getGivenName()); + + if (sessionform.isIsmandateuser()) { + dbuser.setInstitut(sessionform.getInstitut()); + } else { + dbuser.setInstitut(user.getInstitut()); + } + + dbuser.setIsPVP2Generated(true); + dbuser.setLastLogin(DateTimeHelper.getDateTime(new Date())); + dbuser.setIsActive(false); + dbuser.setIsAdmin(false); + dbuser.setIsMandateUser(sessionform.isIsmandateuser()); + dbuser.setIsUsernamePasswordAllowed(false); + + } else { + dbuser = configuration.getUserManagement().getUserWithID(userID); + } + + dbuser.setMail(user.getMail()); + dbuser.setPhone(user.getPhone()); + dbuser.setIsAdminRequest(true); + dbuser.setIsMailAddressVerified(false); + dbuser.setUserRequestTokken(Random.nextRandom()); + + try { + configuration.getUserManagement().saveOrUpdate(dbuser); + + MailHelper.sendUserMailAddressVerification(dbuser); + + } catch (final MOADatabaseException e) { + log.warn("New UserRequest can not be stored in database", e); + return Constants.STRUTS_ERROR; + + } catch (final ConfigurationException e) { + log.warn("Sending of mailaddress verification mail failed.", e); + addActionError(LanguageHelper.getErrorString("error.mail.send", request)); + return Constants.STRUTS_NEWUSER; + } + + finally { + session.setAttribute(Constants.SESSION_FORM, null); + session.setAttribute(Constants.SESSION_AUTH, null); + } + + addActionMessage(LanguageHelper.getGUIString("webpages.edituser.changemailaddress.verify", request)); + + session.invalidate(); + + return Constants.STRUTS_SUCCESS; + + } else { + log.warn("No SessionForm found"); + return Constants.STRUTS_ERROR; + } + + } + + public String mailAddressVerification() { + + try { + populateBasicInformations(); + + } catch (final BasicActionException e) { + return Constants.STRUTS_ERROR; + + } + + String userrequesttokken = request.getParameter(Constants.REQUEST_USERREQUESTTOKKEN); + if (MiscUtil.isNotEmpty(userrequesttokken)) { + + userrequesttokken = StringEscapeUtils.escapeHtml(userrequesttokken); + + try { + Long.parseLong(userrequesttokken); + + } catch (final NumberFormatException e) { + log.warn("Verificationtokken has no number format."); + return Constants.STRUTS_ERROR; + } + + final UserDatabase dbuser = configuration.getUserManagement().getNewUserWithTokken(userrequesttokken); + if (dbuser != null) { + dbuser.setUserRequestTokken(null); + dbuser.setIsMailAddressVerified(true); + + if (dbuser.isIsActive()) { + dbuser.setIsAdminRequest(false); + } + + try { + configuration.getUserManagement().saveOrUpdate(dbuser); + + int numoas = 0; + int numusers = 0; + + final List<OnlineApplication> openOAs = configuration.getDbRead().getAllNewOnlineApplications(); + if (openOAs != null) { + numoas = openOAs.size(); + } + + final List<UserDatabase> openUsers = configuration.getUserManagement().getAllNewUsers(); + if (openUsers != null) { + numusers = openUsers.size(); + } + + if (numusers > 0 || numoas > 0) { + MailHelper.sendAdminMail(numoas, numusers); + } + + } catch (final MOADatabaseException e) { + log.warn("Userinformation can not be stored in Database.", e); + addActionError(LanguageHelper.getErrorString("error.mail.verification", request)); + + } catch (final ConfigurationException e) { + log.warn("Send mail to admin failed.", e); + } + + finally { + } + + addActionMessage(LanguageHelper.getGUIString("validation.newuser.mailaddress", request)); + return Constants.STRUTS_SUCCESS; + } + } + + return Constants.STRUTS_ERROR; + } + + public String logout() { + final HttpSession session = request.getSession(false); + + if (session != null) { + if (MiscUtil.isNotEmpty((String) session.getAttribute(Constants.SESSION_SLOSUCCESS))) { + addActionMessage((String) session.getAttribute(Constants.SESSION_SLOSUCCESS)); + } + + if (MiscUtil.isNotEmpty((String) session.getAttribute(Constants.SESSION_SLOERROR))) { + addActionError((String) session.getAttribute(Constants.SESSION_SLOERROR)); + } + + session.invalidate(); + + } + + return Constants.STRUTS_SUCCESS; + } + + private HttpSession generateNewJSession(HttpServletRequest request) { + HttpSession session = request.getSession(false); + + if (session != null) { + + final HashMap<String, Object> attributes = new HashMap<>(); + + final Enumeration<String> enames = session.getAttributeNames(); + while (enames.hasMoreElements()) { + final String name = enames.nextElement(); + if (!name.equals("JSESSIONID")) { + attributes.put(name, session.getAttribute(name)); + } + } + session.invalidate(); + + session = request.getSession(true); + for (final Entry<String, Object> et : attributes.entrySet()) { + session.setAttribute(et.getKey(), et.getValue()); + } + + } else { + session = request.getSession(true); + } + + return session; + } + + /** + * @return the password + */ + public String getPassword() { + return password; + } + + /** + * @param password the password to set + */ + public void setPassword(String password) { + this.password = password; + } + + /** + * @return the username + */ + public String getUsername() { + return username; + } + + /** + * @param username the username to set + */ + public void setUsername(String username) { + this.username = username; + } + + /** + * @return the user + */ + public UserDatabaseFrom getUser() { + return user; + } + + /** + * @param user the user to set + */ + public void setUser(UserDatabaseFrom user) { + this.user = user; + } + + /** + * @return the ssologouturl + */ + public String getSsologouturl() { + return ssologouturl; + } + + /** + * @return the formID + */ + @Override + public String getFormID() { + return formID; + } + + /** + * @param formID the formID to set + */ + @Override + public void setFormID(String formID) { + this.formID = formID; + } + + /** + * @return the pvp2LoginActiv + */ + public boolean isPvp2LoginActiv() { + return pvp2LoginActiv; + } + } diff --git a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/struts/action/InterfederationIDPAction.java b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/struts/action/InterfederationIDPAction.java index 180f32235..3918dfc16 100644 --- a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/struts/action/InterfederationIDPAction.java +++ b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/struts/action/InterfederationIDPAction.java @@ -25,8 +25,6 @@ package at.gv.egovernment.moa.id.configuration.struts.action; import java.util.ArrayList; import java.util.List; -import org.apache.log4j.Logger; - import at.gv.egiz.eaaf.core.impl.utils.Random; import at.gv.egovernment.moa.id.commons.db.dao.config.deprecated.AttributeProviderPlugin; import at.gv.egovernment.moa.id.commons.db.dao.config.deprecated.IdentificationNumber; @@ -46,438 +44,444 @@ import at.gv.egovernment.moa.id.configuration.exception.BasicActionException; import at.gv.egovernment.moa.id.configuration.exception.BasicOAActionException; import at.gv.egovernment.moa.id.configuration.helper.FormDataHelper; import at.gv.egovernment.moa.id.configuration.helper.LanguageHelper; +import lombok.extern.slf4j.Slf4j; /** * @author tlenz * */ +@Slf4j public class InterfederationIDPAction extends BasicOAAction { - private static final Logger log = Logger.getLogger(InterfederationIDPAction.class); - private static final long serialVersionUID = 2879192135387083131L; - - public static final String STRUTS_IDP_VIDP = "-VIDP"; - public static final String STRUTS_IDP_MOA = "-MOAIDP"; - public static final String STRUTS_IDP_GATEWAY = "-IDPGATEWAY"; - - private List<OAListElement> formOAs; - - private String interfederationType; - - public InterfederationIDPAction() { - super(); - - } - - public String listAllIDPs() { - try { - populateBasicInformations(); - - if (authUser.isAdmin()) { - List<OnlineApplication> dbOAs = configuration.getDbRead().getAllOnlineApplications(); - - if (dbOAs == null || dbOAs.size() == 0) { - addActionError(LanguageHelper.getErrorString("errors.listOAs.noOA", request)); - - } else { - formOAs = FormDataHelper.populateFormWithInderfederationIDPs(dbOAs); - } - - session.setAttribute(Constants.SESSION_RETURNAREA, - Constants.STRUTS_RETURNAREA_VALUES.main.name()); - - return Constants.STRUTS_SUCCESS; - - } else { - log.warn("User with ID " + authUser.getUserID() + " not allowed to manage interfederation IDPs."); - addActionError(LanguageHelper.getErrorString("errors.notallowed", request)); - return Constants.STRUTS_NOTALLOWED; - } - - } catch (BasicActionException e) { - return Constants.STRUTS_ERROR; - - } finally { - - } - } - - public String newIDP() { - log.debug("insert new interfederation IDP"); - - try { - populateBasicInformations(); - - if (!authUser.isAdmin()) { - log.warn("User with ID " + authUser.getUserID() + " not allowed to manage interfederation IDPs."); - addActionError(LanguageHelper.getErrorString("errors.notallowed", request)); - return Constants.STRUTS_NOTALLOWED; - } - - populateBasicNewOnlineApplicationInformation(); - - if (STRUTS_IDP_MOA.equals(interfederationType)) { - formList.putAll(MOAIDPAction.buildMOAIDPFormList()); - - } else if (STRUTS_IDP_GATEWAY.equals(interfederationType)) { - formList.putAll(IDPGatewayAction.buildIDPGatewayFormList()); - - } else if (STRUTS_IDP_VIDP.equals(interfederationType)) { - formList.putAll(VIDPAction.buildVIDPFormList()); - getStorkOA().setVidpEnabled(true); - getStorkOA().getAttributeProviderPlugins().add(new AttributeProviderPlugin()); - session.setAttribute(Constants.SESSION_BKUFORMPREVIEW, getFormOA().getFormMap()); - - } else { - log.warn("Unkown interfederation IDP type"); - addActionError("Unkown interfederation IDP type"); - return Constants.STRUTS_ERROR; - } - - - - } catch (BasicActionException e) { - return Constants.STRUTS_ERROR; - - } finally { - - } - - return Constants.STRUTS_OA_EDIT + interfederationType; - - } - - public String loadIDPInformation() { - try { - populateBasicInformations(); - - if (!authUser.isAdmin()) { - log.warn("User with ID " + authUser.getUserID() + " not allowed to manage interfederation IDPs."); - addActionError(LanguageHelper.getErrorString("errors.notallowed", request)); - return Constants.STRUTS_NOTALLOWED; - } - - OnlineApplication oa = populateOnlineApplicationFromRequest(); - - if (oa.isIsInterfederationIDP() != null - && oa.isIsInterfederationIDP()) { - - formList.putAll(MOAIDPAction.buildMOAIDPFormList()); - interfederationType = STRUTS_IDP_MOA; - - } else if (oa.getAuthComponentOA().getOASTORK() != null - && oa.getAuthComponentOA().getOASTORK().isVidpEnabled() != null - && oa.getAuthComponentOA().getOASTORK().isVidpEnabled()) { - - formList.putAll(VIDPAction.buildVIDPFormList()); - if (getStorkOA().getAttributeProviderPlugins() == null || - getStorkOA().getAttributeProviderPlugins().size() == 0) - getStorkOA().getAttributeProviderPlugins().add(new AttributeProviderPlugin()); - interfederationType = STRUTS_IDP_VIDP; - - } else if (oa.isIsInterfederationGateway() != null && oa.isIsInterfederationGateway()) { - formList.putAll(IDPGatewayAction.buildIDPGatewayFormList()); - interfederationType = STRUTS_IDP_GATEWAY; - - } else { - log.warn("Requested application is not an interfederation IDP."); - return Constants.STRUTS_NOTALLOWED; - } - - parseOAToForm(oa); - return Constants.STRUTS_SUCCESS + interfederationType; - - - } catch (BasicActionException e) { - return Constants.STRUTS_ERROR; - - } catch (BasicOAActionException e) { - addActionError(e.getStrutsError()); - return e.getStrutsReturnValue(); - - } finally { - - } - } - - public String saveIDP() { - - OnlineApplication onlineapplication= null; - - try { - populateBasicInformations(); - - if (!authUser.isAdmin()) { - log.warn("User with ID " + authUser.getUserID() + " not allowed to manage interfederation IDPs."); - addActionError(LanguageHelper.getErrorString("errors.notallowed", request)); - return Constants.STRUTS_NOTALLOWED; - } - - onlineapplication = preProcessSaveOnlineApplication(); - - if ( onlineapplication != null && - !((onlineapplication.isIsInterfederationIDP() != null && onlineapplication.isIsInterfederationIDP()) || - (onlineapplication.isIsInterfederationGateway() != null && onlineapplication.isIsInterfederationGateway()) || - (onlineapplication.getAuthComponentOA().getOASTORK() != null - && onlineapplication.getAuthComponentOA().getOASTORK().isVidpEnabled() != null - && onlineapplication.getAuthComponentOA().getOASTORK().isVidpEnabled()))) { - log.warn("IDP which should be stored is not of type interfederation IDP."); - addActionError("IDP which should be stored is not of type MOA-ID interfederation IDP."); - return Constants.STRUTS_ERROR; - - } - - List<String> errors = new ArrayList<String>(); - - //validate forms - for (IOnlineApplicationData form : formList.values()) - errors.addAll(form.validate(getGeneralOA(), authUser, request)); - - - if (getPvp2OA() != null) { - boolean publicServiceAllowed = ValidationHelper.isPublicServiceAllowed(getPvp2OA().getMetaDataURL()); - if (!publicServiceAllowed && !getGeneralOA().isBusinessService()) { - log.info("Metadata URL " + getPvp2OA().getMetaDataURL() + " does not allow PublicService."); - errors.add(LanguageHelper.getErrorString("validation.interfederation.moaidp.metadataurl.publicservice", - new Object[] {getPvp2OA().getMetaDataURL()}, request )); - getGeneralOA().setBusinessService(true); - - } - } - - - if (errors.size() > 0) { - log.info("IDP-Configuration with ID " + getGeneralOA().getIdentifier() + " has some errors."); - for (String el : errors) - addActionError(el); - - formID = Random.nextRandom(); - session.setAttribute(Constants.SESSION_FORMID, formID); - return Constants.STRUTS_ERROR_VALIDATION; - - } else { - onlineapplication = postProcessSaveOnlineApplication(onlineapplication, - !(this instanceof MOAIDPAction)); - - //set default Target interfederated nameID caluclation - if (getPvp2OA() != null) { - if (getGeneralOA().isBusinessService()) { - IdentificationNumber businessID = onlineapplication.getAuthComponentOA().getIdentificationNumber(); - if (businessID == null) { - businessID = new IdentificationNumber(); - onlineapplication.getAuthComponentOA().setIdentificationNumber(businessID); - } - businessID.setValue(Constants.PREFIX_WPBK + "MOA-IDP+MOA-IDP"); - } else - onlineapplication.setTarget("MOA-IDP"); - - try { - save(onlineapplication); - - } catch (MOADatabaseException e) { - log.warn("Online-Application can not be stored.", e); - return LanguageHelper.getErrorString("error.db.oa.store", request); - } - } - } - - //remove session attributes - session.setAttribute(Constants.SESSION_OAID, null); - - addActionMessage(LanguageHelper.getGUIString("webpages.idp.success", getGeneralOA().getIdentifier(), request)); - return Constants.STRUTS_SUCCESS; - - - } catch (BasicActionException e) { - return Constants.STRUTS_ERROR; - - } catch (BasicOAActionException e) { - addActionError(e.getStrutsError()); - return e.getStrutsReturnValue(); - - } finally { - - } - } - - public String cancleAndBackIDP() { - try { - populateBasicInformations(); - - if (!authUser.isAdmin()) { - log.warn("User with ID " + authUser.getUserID() + " not allowed to manage interfederation IDPs."); - addActionError(LanguageHelper.getErrorString("errors.notallowed", request)); - return Constants.STRUTS_NOTALLOWED; - } - - session.setAttribute(Constants.SESSION_OAID, null); - addActionMessage(LanguageHelper.getGUIString("webpages.idp.cancle", getGeneralOA().getIdentifier(), request)); - - return Constants.STRUTS_SUCCESS; - - } catch (BasicActionException e) { - return Constants.STRUTS_ERROR; - - } finally { - - } - } - - public String deleteIDP() { - String oaidentifier = null; - try { - populateBasicInformations(); - - if (!authUser.isAdmin()) { - log.warn("User with ID " + authUser.getUserID() + " not allowed to manage interfederation IDPs."); - addActionError(LanguageHelper.getErrorString("errors.notallowed", request)); - return Constants.STRUTS_NOTALLOWED; - } - - oaidentifier = preProcessDeleteOnlineApplication(); - - session.setAttribute(Constants.SESSION_OAID, null); - OnlineApplication onlineapplication = configuration.getDbRead().getOnlineApplication(oaidentifier); - + + private static final long serialVersionUID = 2879192135387083131L; + + public static final String STRUTS_IDP_VIDP = "-VIDP"; + public static final String STRUTS_IDP_MOA = "-MOAIDP"; + public static final String STRUTS_IDP_GATEWAY = "-IDPGATEWAY"; + + private List<OAListElement> formOAs; + + private String interfederationType; + + public InterfederationIDPAction() { + super(); + + } + + public String listAllIDPs() { + try { + populateBasicInformations(); + + if (authUser.isAdmin()) { + final List<OnlineApplication> dbOAs = configuration.getDbRead().getAllOnlineApplications(); + + if (dbOAs == null || dbOAs.size() == 0) { + addActionError(LanguageHelper.getErrorString("errors.listOAs.noOA", request)); + + } else { + formOAs = FormDataHelper.populateFormWithInderfederationIDPs(dbOAs); + } + + session.setAttribute(Constants.SESSION_RETURNAREA, + Constants.STRUTS_RETURNAREA_VALUES.main.name()); + + return Constants.STRUTS_SUCCESS; + + } else { + log.warn("User with ID " + authUser.getUserID() + " not allowed to manage interfederation IDPs."); + addActionError(LanguageHelper.getErrorString("errors.notallowed", request)); + return Constants.STRUTS_NOTALLOWED; + } + + } catch (final BasicActionException e) { + return Constants.STRUTS_ERROR; + + } finally { + + } + } + + public String newIDP() { + log.debug("insert new interfederation IDP"); + + try { + populateBasicInformations(); + + if (!authUser.isAdmin()) { + log.warn("User with ID " + authUser.getUserID() + " not allowed to manage interfederation IDPs."); + addActionError(LanguageHelper.getErrorString("errors.notallowed", request)); + return Constants.STRUTS_NOTALLOWED; + } + + populateBasicNewOnlineApplicationInformation(); + + if (STRUTS_IDP_MOA.equals(interfederationType)) { + formList.putAll(MOAIDPAction.buildMOAIDPFormList()); + + } else if (STRUTS_IDP_GATEWAY.equals(interfederationType)) { + formList.putAll(IDPGatewayAction.buildIDPGatewayFormList()); + + } else if (STRUTS_IDP_VIDP.equals(interfederationType)) { + formList.putAll(VIDPAction.buildVIDPFormList()); + getStorkOA().setVidpEnabled(true); + getStorkOA().getAttributeProviderPlugins().add(new AttributeProviderPlugin()); + session.setAttribute(Constants.SESSION_BKUFORMPREVIEW, getFormOA().getFormMap()); + + } else { + log.warn("Unkown interfederation IDP type"); + addActionError("Unkown interfederation IDP type"); + return Constants.STRUTS_ERROR; + } + + } catch (final BasicActionException e) { + return Constants.STRUTS_ERROR; + + } finally { + + } + + return Constants.STRUTS_OA_EDIT + interfederationType; + + } + + public String loadIDPInformation() { + try { + populateBasicInformations(); + + if (!authUser.isAdmin()) { + log.warn("User with ID " + authUser.getUserID() + " not allowed to manage interfederation IDPs."); + addActionError(LanguageHelper.getErrorString("errors.notallowed", request)); + return Constants.STRUTS_NOTALLOWED; + } + + final OnlineApplication oa = populateOnlineApplicationFromRequest(); + + if (oa.isIsInterfederationIDP() != null + && oa.isIsInterfederationIDP()) { + + formList.putAll(MOAIDPAction.buildMOAIDPFormList()); + interfederationType = STRUTS_IDP_MOA; + + } else if (oa.getAuthComponentOA().getOASTORK() != null + && oa.getAuthComponentOA().getOASTORK().isVidpEnabled() != null + && oa.getAuthComponentOA().getOASTORK().isVidpEnabled()) { + + formList.putAll(VIDPAction.buildVIDPFormList()); + if (getStorkOA().getAttributeProviderPlugins() == null || + getStorkOA().getAttributeProviderPlugins().size() == 0) { + getStorkOA().getAttributeProviderPlugins().add(new AttributeProviderPlugin()); + } + interfederationType = STRUTS_IDP_VIDP; + + } else if (oa.isIsInterfederationGateway() != null && oa.isIsInterfederationGateway()) { + formList.putAll(IDPGatewayAction.buildIDPGatewayFormList()); + interfederationType = STRUTS_IDP_GATEWAY; + + } else { + log.warn("Requested application is not an interfederation IDP."); + return Constants.STRUTS_NOTALLOWED; + } + + parseOAToForm(oa); + return Constants.STRUTS_SUCCESS + interfederationType; + + } catch (final BasicActionException e) { + return Constants.STRUTS_ERROR; + + } catch (final BasicOAActionException e) { + addActionError(e.getStrutsError()); + return e.getStrutsReturnValue(); + + } finally { + + } + } + + public String saveIDP() { + + OnlineApplication onlineapplication = null; + + try { + populateBasicInformations(); + + if (!authUser.isAdmin()) { + log.warn("User with ID " + authUser.getUserID() + " not allowed to manage interfederation IDPs."); + addActionError(LanguageHelper.getErrorString("errors.notallowed", request)); + return Constants.STRUTS_NOTALLOWED; + } + + onlineapplication = preProcessSaveOnlineApplication(); + + if (onlineapplication != null && + !(onlineapplication.isIsInterfederationIDP() != null && onlineapplication.isIsInterfederationIDP() + || + onlineapplication.isIsInterfederationGateway() != null && onlineapplication + .isIsInterfederationGateway() || + onlineapplication.getAuthComponentOA().getOASTORK() != null + && onlineapplication.getAuthComponentOA().getOASTORK().isVidpEnabled() != null + && onlineapplication.getAuthComponentOA().getOASTORK().isVidpEnabled())) { + log.warn("IDP which should be stored is not of type interfederation IDP."); + addActionError("IDP which should be stored is not of type MOA-ID interfederation IDP."); + return Constants.STRUTS_ERROR; + + } + + final List<String> errors = new ArrayList<>(); + + // validate forms + for (final IOnlineApplicationData form : formList.values()) { + errors.addAll(form.validate(getGeneralOA(), authUser, request)); + } + + if (getPvp2OA() != null) { + final boolean publicServiceAllowed = ValidationHelper.isPublicServiceAllowed(getPvp2OA() + .getMetaDataURL()); + if (!publicServiceAllowed && !getGeneralOA().isBusinessService()) { + log.info("Metadata URL " + getPvp2OA().getMetaDataURL() + " does not allow PublicService."); + errors.add(LanguageHelper.getErrorString( + "validation.interfederation.moaidp.metadataurl.publicservice", + new Object[] { getPvp2OA().getMetaDataURL() }, request)); + getGeneralOA().setBusinessService(true); + + } + } + + if (errors.size() > 0) { + log.info("IDP-Configuration with ID " + getGeneralOA().getIdentifier() + " has some errors."); + for (final String el : errors) { + addActionError(el); + } + + formID = Random.nextRandom(); + session.setAttribute(Constants.SESSION_FORMID, formID); + return Constants.STRUTS_ERROR_VALIDATION; + + } else { + onlineapplication = postProcessSaveOnlineApplication(onlineapplication, + !(this instanceof MOAIDPAction)); + + // set default Target interfederated nameID caluclation + if (getPvp2OA() != null) { + if (getGeneralOA().isBusinessService()) { + IdentificationNumber businessID = onlineapplication.getAuthComponentOA() + .getIdentificationNumber(); + if (businessID == null) { + businessID = new IdentificationNumber(); + onlineapplication.getAuthComponentOA().setIdentificationNumber(businessID); + } + businessID.setValue(Constants.PREFIX_WPBK + "MOA-IDP+MOA-IDP"); + } else { + onlineapplication.setTarget("MOA-IDP"); + } + + try { + save(onlineapplication); + + } catch (final MOADatabaseException e) { + log.warn("Online-Application can not be stored.", e); + return LanguageHelper.getErrorString("error.db.oa.store", request); + } + } + } + + // remove session attributes + session.setAttribute(Constants.SESSION_OAID, null); + + addActionMessage(LanguageHelper.getGUIString("webpages.idp.success", getGeneralOA().getIdentifier(), + request)); + return Constants.STRUTS_SUCCESS; + + } catch (final BasicActionException e) { + return Constants.STRUTS_ERROR; + + } catch (final BasicOAActionException e) { + addActionError(e.getStrutsError()); + return e.getStrutsReturnValue(); + + } finally { + + } + } + + public String cancleAndBackIDP() { + try { + populateBasicInformations(); + + if (!authUser.isAdmin()) { + log.warn("User with ID " + authUser.getUserID() + " not allowed to manage interfederation IDPs."); + addActionError(LanguageHelper.getErrorString("errors.notallowed", request)); + return Constants.STRUTS_NOTALLOWED; + } + + session.setAttribute(Constants.SESSION_OAID, null); + addActionMessage(LanguageHelper.getGUIString("webpages.idp.cancle", getGeneralOA().getIdentifier(), + request)); + + return Constants.STRUTS_SUCCESS; + + } catch (final BasicActionException e) { + return Constants.STRUTS_ERROR; + + } finally { + + } + } + + public String deleteIDP() { + String oaidentifier = null; + try { + populateBasicInformations(); + + if (!authUser.isAdmin()) { + log.warn("User with ID " + authUser.getUserID() + " not allowed to manage interfederation IDPs."); + addActionError(LanguageHelper.getErrorString("errors.notallowed", request)); + return Constants.STRUTS_NOTALLOWED; + } + + oaidentifier = preProcessDeleteOnlineApplication(); + + session.setAttribute(Constants.SESSION_OAID, null); + final OnlineApplication onlineapplication = configuration.getDbRead().getOnlineApplication( + oaidentifier); + // try { // if (onlineapplication.getAuthComponentOA().getOAPVP2() != null && // MiscUtil.isNotEmpty(onlineapplication.getAuthComponentOA().getOAPVP2().getMetadataURL())) { // MOAIDConfiguration moaconfig = configuration.getDbRead().getMOAIDConfiguration(); // moaconfig.setPvp2RefreshItem(new Date()); // ConfigurationDBUtils.saveOrUpdate(moaconfig); -// +// // } // } catch (Throwable e) { // log.info("Found no MetadataURL in OA-Databaseconfig!", e); // } - - if (delete(onlineapplication)) { - addActionMessage(LanguageHelper.getGUIString("webpages.oaconfig.delete.message", oaidentifier, request)); - return Constants.STRUTS_SUCCESS; - - } else { - addActionError(LanguageHelper.getGUIString("webpages.oaconfig.delete.error", oaidentifier, request)); - return Constants.STRUTS_SUCCESS; - } - - } catch (BasicActionException e) { - return Constants.STRUTS_ERROR; - - } catch (BasicOAActionException e) { - addActionError(e.getStrutsError()); - return e.getStrutsReturnValue(); - - } finally { - - } - - } - - /** - * @param oa - */ - private void parseOAToForm(OnlineApplication oa) { - List<String> errors = new ArrayList<String>(); - for (IOnlineApplicationData form : formList.values()) { - List<String> error = form.parse(oa, authUser, request); - if (error != null) - errors.addAll(error); - } - if (errors.size() > 0) { - for (String el : errors) - addActionError(el); - } - setNewOA(false); - + if (delete(onlineapplication)) { + addActionMessage(LanguageHelper.getGUIString("webpages.oaconfig.delete.message", oaidentifier, + request)); + return Constants.STRUTS_SUCCESS; - formID = Random.nextRandom(); - session.setAttribute(Constants.SESSION_FORMID, formID); - session.setAttribute(Constants.SESSION_OAID, oaid); - } - - /** - * @return the formOAs - */ - public List<OAListElement> getFormOAs() { - return formOAs; - } - - public OAMOAIDPInterfederationConfig getMoaIDP() { - return (OAMOAIDPInterfederationConfig) formList.get(new OAMOAIDPInterfederationConfig().getName()); - } + } else { + addActionError(LanguageHelper.getGUIString("webpages.oaconfig.delete.error", oaidentifier, request)); + return Constants.STRUTS_SUCCESS; + } - public void setMoaIDP(OAMOAIDPInterfederationConfig pvp2oa) { - formList.put(pvp2oa.getName(), pvp2oa); - } + } catch (final BasicActionException e) { + return Constants.STRUTS_ERROR; - public PVPGatewayInterfederationConfig getPVPGateway() { - return (PVPGatewayInterfederationConfig) formList.get(new PVPGatewayInterfederationConfig().getName()); - } - - public void setPVPGateway(PVPGatewayInterfederationConfig val) { - formList.put(val.getName(), val); - } - - /** - * @return the formOA - */ - public OATargetConfiguration getTargetConfig() { - return (OATargetConfiguration) formList.get(new OATargetConfiguration().getName()); - } + } catch (final BasicOAActionException e) { + addActionError(e.getStrutsError()); + return e.getStrutsReturnValue(); - /** - * @param formOA the formOA to set - */ - public void setTargetConfig(OATargetConfiguration formOA) { - formList.put(formOA.getName(), formOA); - } - - /** - * @return the formOA - */ - public FormularCustomization getFormOA() { - return (FormularCustomization) formList.get(new FormularCustomization(null).getName()); - } + } finally { - /** - * @param formOA the formOA to set - */ - public void setFormOA(FormularCustomization formOA) { - formList.put(formOA.getName(), formOA); - } - - public OASTORKConfig getStorkOA() { - return (OASTORKConfig) formList.get(new OASTORKConfig().getName()); } - public void setStorkOA(OASTORKConfig storkOA) { - formList.put(storkOA.getName(), storkOA); + } + + /** + * @param oa + */ + private void parseOAToForm(OnlineApplication oa) { + final List<String> errors = new ArrayList<>(); + for (final IOnlineApplicationData form : formList.values()) { + final List<String> error = form.parse(oa, authUser, request); + if (error != null) { + errors.addAll(error); + } } - - - public OAAuthenticationData getAuthOA() { - return (OAAuthenticationData) formList.get(new OAAuthenticationData().getName()); + if (errors.size() > 0) { + for (final String el : errors) { + addActionError(el); + } } - public void setAuthOA(OAAuthenticationData generalOA) { - formList.put(generalOA.getName(), generalOA); - } - - - /** - * @return the interfederationType - */ - public String getInterfederationType() { - return interfederationType; - } - - /** - * @param interfederationType the interfederationType to set - */ - public void setInterfederationType(String interfederationType) { - this.interfederationType = interfederationType; - } - - - + setNewOA(false); + + formID = Random.nextRandom(); + session.setAttribute(Constants.SESSION_FORMID, formID); + session.setAttribute(Constants.SESSION_OAID, oaid); + } + + /** + * @return the formOAs + */ + public List<OAListElement> getFormOAs() { + return formOAs; + } + + public OAMOAIDPInterfederationConfig getMoaIDP() { + return (OAMOAIDPInterfederationConfig) formList.get(new OAMOAIDPInterfederationConfig().getName()); + } + + public void setMoaIDP(OAMOAIDPInterfederationConfig pvp2oa) { + formList.put(pvp2oa.getName(), pvp2oa); + } + + public PVPGatewayInterfederationConfig getPVPGateway() { + return (PVPGatewayInterfederationConfig) formList.get(new PVPGatewayInterfederationConfig().getName()); + } + + public void setPVPGateway(PVPGatewayInterfederationConfig val) { + formList.put(val.getName(), val); + } + + /** + * @return the formOA + */ + public OATargetConfiguration getTargetConfig() { + return (OATargetConfiguration) formList.get(new OATargetConfiguration().getName()); + } + + /** + * @param formOA the formOA to set + */ + public void setTargetConfig(OATargetConfiguration formOA) { + formList.put(formOA.getName(), formOA); + } + + /** + * @return the formOA + */ + public FormularCustomization getFormOA() { + return (FormularCustomization) formList.get(new FormularCustomization(null).getName()); + } + + /** + * @param formOA the formOA to set + */ + public void setFormOA(FormularCustomization formOA) { + formList.put(formOA.getName(), formOA); + } + + public OASTORKConfig getStorkOA() { + return (OASTORKConfig) formList.get(new OASTORKConfig().getName()); + } + + public void setStorkOA(OASTORKConfig storkOA) { + formList.put(storkOA.getName(), storkOA); + } + + public OAAuthenticationData getAuthOA() { + return (OAAuthenticationData) formList.get(new OAAuthenticationData().getName()); + } + + public void setAuthOA(OAAuthenticationData generalOA) { + formList.put(generalOA.getName(), generalOA); + } + + /** + * @return the interfederationType + */ + public String getInterfederationType() { + return interfederationType; + } + + /** + * @param interfederationType the interfederationType to set + */ + public void setInterfederationType(String interfederationType) { + this.interfederationType = interfederationType; + } + } diff --git a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/struts/action/ListOAsAction.java b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/struts/action/ListOAsAction.java index ca018d5b0..11be61bb6 100644 --- a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/struts/action/ListOAsAction.java +++ b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/struts/action/ListOAsAction.java @@ -25,179 +25,162 @@ package at.gv.egovernment.moa.id.configuration.struts.action; import java.util.ArrayList; import java.util.List; -import javax.servlet.http.HttpServletRequest; -import javax.servlet.http.HttpServletResponse; -import javax.servlet.http.HttpSession; - -import org.apache.log4j.Logger; -import org.apache.struts2.interceptor.ServletRequestAware; -import org.apache.struts2.interceptor.ServletResponseAware; - -import com.opensymphony.xwork2.ActionSupport; - -import at.gv.egovernment.moa.id.commons.db.dao.config.deprecated.OnlineApplication; import at.gv.egovernment.moa.id.commons.db.dao.config.UserDatabase; +import at.gv.egovernment.moa.id.commons.db.dao.config.deprecated.OnlineApplication; import at.gv.egovernment.moa.id.commons.validation.ValidationHelper; import at.gv.egovernment.moa.id.config.webgui.exception.ConfigurationException; import at.gv.egovernment.moa.id.configuration.Constants; -import at.gv.egovernment.moa.id.configuration.auth.AuthenticatedUser; import at.gv.egovernment.moa.id.configuration.data.OAListElement; import at.gv.egovernment.moa.id.configuration.exception.BasicActionException; import at.gv.egovernment.moa.id.configuration.helper.FormDataHelper; import at.gv.egovernment.moa.id.configuration.helper.LanguageHelper; import at.gv.egovernment.moa.util.MiscUtil; +import lombok.extern.slf4j.Slf4j; +@Slf4j public class ListOAsAction extends BasicAction { - - private final Logger log = Logger.getLogger(ListOAsAction.class); - - private static final long serialVersionUID = 1L; - - private List<OAListElement> formOAs; - private String friendlyname; - - public ListOAsAction() throws ConfigurationException { + + private static final long serialVersionUID = 1L; + + private List<OAListElement> formOAs; + private String friendlyname; + + public ListOAsAction() throws ConfigurationException { // configuration = ConfigurationProvider.getInstance(); - } - - - public String listAllOnlineAppliactions() { - try { - populateBasicInformations(); - - } catch (BasicActionException e) { - return Constants.STRUTS_ERROR; - - } - - List<OnlineApplication> dbOAs = null; - - if (authUser.isAdmin()) { - dbOAs = configuration.getDbRead().getAllOnlineApplications(); - - } else { - UserDatabase authUserDB = configuration.getUserManagement().getUserWithID(authUser.getUserID()); - - if (authUserDB != null) { - for (String el : authUserDB.getOnlineApplication()) { - dbOAs.add(configuration.getDbRead().getOnlineApplication(Long.valueOf(el))); - - } - } - } - - if (dbOAs == null || dbOAs.size() == 0) { - addActionError(LanguageHelper.getErrorString("errors.listOAs.noOA", request)); - - } else { - formOAs = FormDataHelper.populateFormWithOAs(dbOAs); - } - - session.setAttribute(Constants.SESSION_RETURNAREA, - Constants.STRUTS_RETURNAREA_VALUES.main.name()); - - - return Constants.STRUTS_SUCCESS; - } - - public String searchOAInit() { - - try { - populateBasicInformations(); - - } catch (BasicActionException e) { - return Constants.STRUTS_ERROR; - - } - - formOAs = null; - friendlyname = ""; - - return Constants.STRUTS_SUCCESS; - - } - - public String searchOA() { - try { - populateBasicInformations(); - - } catch (BasicActionException e) { - return Constants.STRUTS_ERROR; - - } - - if (MiscUtil.isEmpty(friendlyname)) { - log.info("SearchOA textfield is empty"); - addActionError(LanguageHelper.getErrorString("validation.general.oafriendlyname.empty", request)); - return Constants.STRUTS_SUCCESS; - - } else { - if (ValidationHelper.containsNotValidCharacter(friendlyname, false)) { - log.warn("SearchOA textfield contains potential XSS characters"); - addActionError(LanguageHelper.getErrorString("validation.general.oafriendlyname.valid", - new Object[] {ValidationHelper.getNotValidCharacter(false)}, request)); - return Constants.STRUTS_SUCCESS; - } - } - - List<OnlineApplication> dbOAs = null; - - if (authUser.isAdmin()) { - dbOAs = configuration.getDbRead().searchOnlineApplications(friendlyname); - - } else { - UserDatabase authUserDB = configuration.getUserManagement().getUserWithID(authUser.getUserID()); - if (authUserDB != null) { - List<String> alldbOAs = authUserDB.getOnlineApplication(); - - dbOAs = new ArrayList<OnlineApplication>(); - - for (String el : alldbOAs) { - OnlineApplication oa = configuration.getDbRead().getOnlineApplication(Long.valueOf(el)); - - if (oa.getPublicURLPrefix() - .toLowerCase().indexOf(friendlyname.toLowerCase()) > -1) - dbOAs.add(oa); - } - } - } - - if (dbOAs == null || dbOAs.size() == 0) { - log.debug("No IDPs found with Identifier " + friendlyname); - addActionError(LanguageHelper.getErrorString("errors.listOAs.noOA", request)); - - } else { - formOAs = FormDataHelper.populateFormWithOAs(dbOAs); - - } - - - return Constants.STRUTS_SUCCESS; - } - - /** - * @return the formOAs - */ - public List<OAListElement> getFormOAs() { - return formOAs; - } - - - /** - * @return the friendlyname - */ - public String getFriendlyname() { - return friendlyname; - } - - - /** - * @param friendlyname the friendlyname to set - */ - public void setFriendlyname(String friendlyname) { - this.friendlyname = friendlyname; - } - - + } + + public String listAllOnlineAppliactions() { + try { + populateBasicInformations(); + + } catch (final BasicActionException e) { + return Constants.STRUTS_ERROR; + + } + + List<OnlineApplication> dbOAs = null; + + if (authUser.isAdmin()) { + dbOAs = configuration.getDbRead().getAllOnlineApplications(); + + } else { + final UserDatabase authUserDB = configuration.getUserManagement().getUserWithID(authUser.getUserID()); + + if (authUserDB != null) { + for (final String el : authUserDB.getOnlineApplication()) { + dbOAs.add(configuration.getDbRead().getOnlineApplication(Long.valueOf(el))); + + } + } + } + + if (dbOAs == null || dbOAs.size() == 0) { + addActionError(LanguageHelper.getErrorString("errors.listOAs.noOA", request)); + + } else { + formOAs = FormDataHelper.populateFormWithOAs(dbOAs); + } + + session.setAttribute(Constants.SESSION_RETURNAREA, + Constants.STRUTS_RETURNAREA_VALUES.main.name()); + + return Constants.STRUTS_SUCCESS; + } + + public String searchOAInit() { + + try { + populateBasicInformations(); + + } catch (final BasicActionException e) { + return Constants.STRUTS_ERROR; + + } + + formOAs = null; + friendlyname = ""; + + return Constants.STRUTS_SUCCESS; + + } + + public String searchOA() { + try { + populateBasicInformations(); + + } catch (final BasicActionException e) { + return Constants.STRUTS_ERROR; + + } + + if (MiscUtil.isEmpty(friendlyname)) { + log.info("SearchOA textfield is empty"); + addActionError(LanguageHelper.getErrorString("validation.general.oafriendlyname.empty", request)); + return Constants.STRUTS_SUCCESS; + + } else { + if (ValidationHelper.containsNotValidCharacter(friendlyname, false)) { + log.warn("SearchOA textfield contains potential XSS characters"); + addActionError(LanguageHelper.getErrorString("validation.general.oafriendlyname.valid", + new Object[] { ValidationHelper.getNotValidCharacter(false) }, request)); + return Constants.STRUTS_SUCCESS; + } + } + + List<OnlineApplication> dbOAs = null; + + if (authUser.isAdmin()) { + dbOAs = configuration.getDbRead().searchOnlineApplications(friendlyname); + + } else { + final UserDatabase authUserDB = configuration.getUserManagement().getUserWithID(authUser.getUserID()); + if (authUserDB != null) { + final List<String> alldbOAs = authUserDB.getOnlineApplication(); + + dbOAs = new ArrayList<>(); + + for (final String el : alldbOAs) { + final OnlineApplication oa = configuration.getDbRead().getOnlineApplication(Long.valueOf(el)); + + if (oa.getPublicURLPrefix() + .toLowerCase().indexOf(friendlyname.toLowerCase()) > -1) { + dbOAs.add(oa); + } + } + } + } + + if (dbOAs == null || dbOAs.size() == 0) { + log.debug("No IDPs found with Identifier " + friendlyname); + addActionError(LanguageHelper.getErrorString("errors.listOAs.noOA", request)); + + } else { + formOAs = FormDataHelper.populateFormWithOAs(dbOAs); + + } + + return Constants.STRUTS_SUCCESS; + } + + /** + * @return the formOAs + */ + public List<OAListElement> getFormOAs() { + return formOAs; + } + + /** + * @return the friendlyname + */ + public String getFriendlyname() { + return friendlyname; + } + + /** + * @param friendlyname the friendlyname to set + */ + public void setFriendlyname(String friendlyname) { + this.friendlyname = friendlyname; + } } diff --git a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/struts/action/MOAIDPAction.java b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/struts/action/MOAIDPAction.java index 8c04a382a..ce3af689d 100644 --- a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/struts/action/MOAIDPAction.java +++ b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/struts/action/MOAIDPAction.java @@ -34,26 +34,25 @@ import at.gv.egovernment.moa.id.configuration.data.oa.OAPVP2Config; */ public class MOAIDPAction extends InterfederationIDPAction { - private static final long serialVersionUID = -2047128481980413334L; - - public MOAIDPAction() { - super(); - formList.putAll(buildMOAIDPFormList()); - } - - public static LinkedHashMap<String, IOnlineApplicationData> buildMOAIDPFormList() { - - LinkedHashMap<String, IOnlineApplicationData> forms = - new LinkedHashMap<String, IOnlineApplicationData>(); - - - OAPVP2Config pvp2OA = new OAPVP2Config(); - forms.put(pvp2OA.getName(), pvp2OA); - - OAMOAIDPInterfederationConfig moaidp = new OAMOAIDPInterfederationConfig(); - forms.put(moaidp.getName(), moaidp); - - return forms; - } + private static final long serialVersionUID = -2047128481980413334L; + + public MOAIDPAction() { + super(); + formList.putAll(buildMOAIDPFormList()); + } + + public static LinkedHashMap<String, IOnlineApplicationData> buildMOAIDPFormList() { + + final LinkedHashMap<String, IOnlineApplicationData> forms = + new LinkedHashMap<>(); + + final OAPVP2Config pvp2OA = new OAPVP2Config(); + forms.put(pvp2OA.getName(), pvp2OA); + + final OAMOAIDPInterfederationConfig moaidp = new OAMOAIDPInterfederationConfig(); + forms.put(moaidp.getName(), moaidp); + + return forms; + } } diff --git a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/struts/action/MainAction.java b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/struts/action/MainAction.java index ea6f17fc7..785eb583a 100644 --- a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/struts/action/MainAction.java +++ b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/struts/action/MainAction.java @@ -22,41 +22,41 @@ *******************************************************************************/ package at.gv.egovernment.moa.id.configuration.struts.action; -import org.apache.log4j.Logger; - import at.gv.egovernment.moa.id.configuration.Constants; import at.gv.egovernment.moa.id.configuration.exception.BasicActionException; +import lombok.extern.slf4j.Slf4j; +@Slf4j public class MainAction extends BasicAction { - - private static final long serialVersionUID = 221178766809263908L; - - private static final Logger log = Logger.getLogger(MainAction.class); - - public String changeLanguage() { - - return Constants.STRUTS_SUCCESS; - } - - public String generateMainFrame() { - - try { - populateBasicInformations(); - - } catch (BasicActionException e) { - return Constants.STRUTS_ERROR; - - } - - if (hasActionMessages()) - setActionMessages(getActionMessages()); - - if (hasActionErrors()) - setActionErrors(getActionErrors()); - - session.setAttribute(Constants.SESSION_RETURNAREA, null); - - return Constants.STRUTS_SUCCESS; - } - + + private static final long serialVersionUID = 221178766809263908L; + + public String changeLanguage() { + + return Constants.STRUTS_SUCCESS; + } + + public String generateMainFrame() { + + try { + populateBasicInformations(); + + } catch (final BasicActionException e) { + return Constants.STRUTS_ERROR; + + } + + if (hasActionMessages()) { + setActionMessages(getActionMessages()); + } + + if (hasActionErrors()) { + setActionErrors(getActionErrors()); + } + + session.setAttribute(Constants.SESSION_RETURNAREA, null); + + return Constants.STRUTS_SUCCESS; + } + } diff --git a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/struts/action/OpenAdminRequestsAction.java b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/struts/action/OpenAdminRequestsAction.java index 26d4e13ab..e1965e951 100644 --- a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/struts/action/OpenAdminRequestsAction.java +++ b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/struts/action/OpenAdminRequestsAction.java @@ -24,81 +24,68 @@ package at.gv.egovernment.moa.id.configuration.struts.action; import java.util.List; -import javax.servlet.http.HttpServletRequest; -import javax.servlet.http.HttpServletResponse; -import javax.servlet.http.HttpSession; - -import org.apache.log4j.Logger; -import org.apache.struts2.interceptor.ServletRequestAware; -import org.apache.struts2.interceptor.ServletResponseAware; - -import at.gv.egovernment.moa.id.commons.db.dao.config.deprecated.OnlineApplication; import at.gv.egovernment.moa.id.commons.db.dao.config.UserDatabase; +import at.gv.egovernment.moa.id.commons.db.dao.config.deprecated.OnlineApplication; import at.gv.egovernment.moa.id.configuration.Constants; import at.gv.egovernment.moa.id.configuration.auth.AuthenticatedUser; import at.gv.egovernment.moa.id.configuration.data.OAListElement; import at.gv.egovernment.moa.id.configuration.exception.BasicActionException; import at.gv.egovernment.moa.id.configuration.helper.FormDataHelper; +import lombok.extern.slf4j.Slf4j; -import com.opensymphony.xwork2.ActionSupport; - +@Slf4j public class OpenAdminRequestsAction extends BasicAction { - - private static final Logger log = Logger.getLogger(OpenAdminRequestsAction.class); - - private static final long serialVersionUID = 1L; - - private List<OAListElement> formOAs = null; - private List<AuthenticatedUser> userlist = null; - - - public String init() { - - try { - populateBasicInformations(); - - } catch (BasicActionException e) { - return Constants.STRUTS_ERROR; - - } - - if (authUser.isAdmin()) { - - List<OnlineApplication> dbOAs = configuration.getDbRead().getAllNewOnlineApplications(); - if (dbOAs != null) { - formOAs = FormDataHelper.populateFormWithOAs(dbOAs); - } - - List<UserDatabase> dbUsers = configuration.getUserManagement().getAllNewUsers(); - if (dbUsers != null){ - userlist = FormDataHelper.addFormUsers(dbUsers); - } - - session.setAttribute(Constants.SESSION_RETURNAREA, - Constants.STRUTS_RETURNAREA_VALUES.adminRequestsInit.name()); - - return Constants.STRUTS_SUCCESS; - } else { - log.info("Access to OpenAdminRequest area is not allowed for user with ID" + authUser.getUserID()); - return Constants.STRUTS_NOTALLOWED; - } - - } - - - /** - * @return the formOAs - */ - public List<OAListElement> getFormOAs() { - return formOAs; - } - - - /** - * @return the userlist - */ - public List<AuthenticatedUser> getUserlist() { - return userlist; - } - + + private static final long serialVersionUID = 1L; + + private List<OAListElement> formOAs = null; + private List<AuthenticatedUser> userlist = null; + + public String init() { + + try { + populateBasicInformations(); + + } catch (final BasicActionException e) { + return Constants.STRUTS_ERROR; + + } + + if (authUser.isAdmin()) { + + final List<OnlineApplication> dbOAs = configuration.getDbRead().getAllNewOnlineApplications(); + if (dbOAs != null) { + formOAs = FormDataHelper.populateFormWithOAs(dbOAs); + } + + final List<UserDatabase> dbUsers = configuration.getUserManagement().getAllNewUsers(); + if (dbUsers != null) { + userlist = FormDataHelper.addFormUsers(dbUsers); + } + + session.setAttribute(Constants.SESSION_RETURNAREA, + Constants.STRUTS_RETURNAREA_VALUES.adminRequestsInit.name()); + + return Constants.STRUTS_SUCCESS; + } else { + log.info("Access to OpenAdminRequest area is not allowed for user with ID" + authUser.getUserID()); + return Constants.STRUTS_NOTALLOWED; + } + + } + + /** + * @return the formOAs + */ + public List<OAListElement> getFormOAs() { + return formOAs; + } + + /** + * @return the userlist + */ + public List<AuthenticatedUser> getUserlist() { + return userlist; + } + } diff --git a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/struts/action/UserManagementAction.java b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/struts/action/UserManagementAction.java index 26afb0205..6a60b6816 100644 --- a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/struts/action/UserManagementAction.java +++ b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/struts/action/UserManagementAction.java @@ -26,14 +26,6 @@ import java.io.ByteArrayInputStream; import java.io.InputStream; import java.util.List; -import javax.servlet.http.HttpServletRequest; -import javax.servlet.http.HttpServletResponse; -import javax.servlet.http.HttpSession; - -import org.apache.log4j.Logger; -import org.apache.struts2.interceptor.ServletRequestAware; -import org.apache.struts2.interceptor.ServletResponseAware; - import at.gv.egiz.eaaf.core.impl.utils.Random; import at.gv.egovernment.moa.id.commons.db.dao.config.UserDatabase; import at.gv.egovernment.moa.id.commons.db.ex.MOADatabaseException; @@ -49,564 +41,570 @@ import at.gv.egovernment.moa.id.configuration.helper.LanguageHelper; import at.gv.egovernment.moa.id.configuration.helper.MailHelper; import at.gv.egovernment.moa.id.configuration.validation.UserDatabaseFormValidator; import at.gv.egovernment.moa.util.MiscUtil; +import lombok.extern.slf4j.Slf4j; -import com.opensymphony.xwork2.ActionSupport; - +@Slf4j public class UserManagementAction extends BasicAction { - - private static final Logger log = Logger.getLogger(UserManagementAction.class); - - private static final long serialVersionUID = 1L; - - private List<AuthenticatedUser> userlist = null; - private UserDatabaseFrom user = null; - - private String useridobj = null; - private static boolean newUser = false; - private InputStream stream; - private String nextPage; - private String formID; - - public String init() { - try { - populateBasicInformations(); - - } catch (BasicActionException e) { - return Constants.STRUTS_ERROR; - - } - - if (session == null) { - log.info("No http Session found."); - return Constants.STRUTS_ERROR; - } - - if (authUser.isAdmin()) { - - log.info("Show NewserRequests"); - - log.info("Show UserList"); - - List<UserDatabase> dbuserlist = configuration.getUserManagement().getAllUsers(); - - if (dbuserlist != null) { - userlist = FormDataHelper.addFormUsers(dbuserlist); - } - - session.setAttribute(Constants.SESSION_RETURNAREA, - Constants.STRUTS_RETURNAREA_VALUES.usermanagementInit.name()); - - return Constants.STRUTS_SUCCESS; - - } else { - log.info("User with ID " + authUser.getUserID() + " is not admin. Show only EditUser Frame"); - UserDatabase dbuser = configuration.getUserManagement().getUserWithID(authUser.getUserID()); - if (dbuser == null) { - return Constants.STRUTS_REAUTHENTICATE; - } - user = new UserDatabaseFrom(dbuser); - - session.setAttribute(Constants.SESSION_RETURNAREA, - Constants.STRUTS_RETURNAREA_VALUES.main.name()); - - formID = Random.nextRandom(); - session.setAttribute(Constants.SESSION_FORMID, formID); - - return Constants.STRUTS_NOTALLOWED; - } - } - - public String createuser() { - try { - populateBasicInformations(); - - } catch (BasicActionException e) { - return Constants.STRUTS_ERROR; - - } - - nextPage = Constants.STRUTS_RETURNAREA_VALUES.usermanagementInit.name(); - - if (authUser.isAdmin()) { - - user = new UserDatabaseFrom(); - - newUser = true; - - formID = Random.nextRandom(); - session.setAttribute(Constants.SESSION_FORMID, formID); - return Constants.STRUTS_SUCCESS; - - } else { - return Constants.STRUTS_NOTALLOWED; - } - } - - public String edituser() { - try { - populateBasicInformations(); - - } catch (BasicActionException e) { - return Constants.STRUTS_ERROR; - - } - - Object nextPageAttr = session.getAttribute(Constants.SESSION_RETURNAREA); - if (nextPageAttr != null && nextPageAttr instanceof String - && MiscUtil.isNotEmpty((String)nextPageAttr) ) { - nextPage = (String) nextPageAttr; - - } else { - nextPage = Constants.STRUTS_RETURNAREA_VALUES.usermanagementInit.name(); - } - - formID = Random.nextRandom(); - session.setAttribute(Constants.SESSION_FORMID, formID); - - if (authUser.isAdmin()) { - long userid = -1; - - if (!ValidationHelper.validateOAID(useridobj)) { - addActionError(LanguageHelper.getErrorString("errors.edit.user.userid", request)); - return Constants.STRUTS_ERROR; - } - userid = Long.valueOf(useridobj); - - UserDatabase dbuser = configuration.getUserManagement().getUserWithID(userid); - if (dbuser == null) { - log.info("No User with ID " + userid + " in Database");; - addActionError(LanguageHelper.getErrorString("errors.edit.user.userid", request)); - return Constants.STRUTS_ERROR; - } - user = new UserDatabaseFrom(dbuser); - - newUser = false; - - return Constants.STRUTS_SUCCESS; - - } else { - log.info("User with ID " + authUser.getUserID() + " is not admin. Show his own EditUser Frame"); - UserDatabase dbuser = configuration.getUserManagement().getUserWithID(authUser.getUserID()); - user = new UserDatabaseFrom(dbuser); - return Constants.STRUTS_SUCCESS; - } - } - - public String saveuser() { - try { - populateBasicInformations(); - - } catch (BasicActionException e) { - return Constants.STRUTS_ERROR; - - } - - Object formidobj = session.getAttribute(Constants.SESSION_FORMID); - if (formidobj != null && formidobj instanceof String) { - String formid = (String) formidobj; - if (!formid.equals(formID)) { - log.warn("FormIDs does not match. Some suspect Form is received from user " - + authUser.getFamilyName() + authUser.getGivenName() + authUser.getUserID()); - return Constants.STRUTS_ERROR; - } - } else { - log.warn("FormIDs does not match. Some suspect Form is received from user " - + authUser.getFamilyName() + authUser.getGivenName() + authUser.getUserID()); - return Constants.STRUTS_ERROR; - } - session.setAttribute(Constants.SESSION_FORMID, null); - - String useridobj = user.getUserID(); - long userID = -1; - if (MiscUtil.isEmpty(useridobj)) { - userID = -1; - - } else { - if (!ValidationHelper.validateOAID(useridobj)){ - log.warn("User with ID " + authUser.getUserID() - + " would access UserDatabase ID " + useridobj); - addActionError(LanguageHelper.getErrorString("errors.edit.user.notallowed", request)); - return Constants.STRUTS_ERROR; - } - userID = Long.valueOf(useridobj); - } - - UserDatabase dbuser = configuration.getUserManagement().getUserWithID(userID); - - if( dbuser == null) { - dbuser = new UserDatabase(); - dbuser.setIsMandateUser(false); - dbuser.setIsAdminRequest(false); - dbuser.setIsPVP2Generated(false); - dbuser.setUserRequestTokken(null); - dbuser.setIsMailAddressVerified(false); - dbuser.setUsername(user.getUsername()); - } - - List<String> errors; - UserDatabaseFormValidator validator = new UserDatabaseFormValidator(); - - boolean ispvp2 = false; - boolean ismandate = false; - if (dbuser.isIsPVP2Generated() != null) - ispvp2 = dbuser.isIsPVP2Generated(); - - if (dbuser.isIsMandateUser() != null) - ismandate = dbuser.isIsMandateUser(); - - errors = validator.validate(user, userID, ispvp2, ismandate, request); - - if (errors.size() > 0) { - log.info("UserDataForm has some erros."); - for (String el : errors) - addActionError(el); - user.setPassword(""); - - if (MiscUtil.isEmpty(user.getUsername())) - newUser = true; - - user.setIsmandateuser(ismandate); - user.setPVPGenerated(ispvp2); - if (dbuser.isIsUsernamePasswordAllowed() != null) - user.setIsusernamepasswordallowed(dbuser.isIsUsernamePasswordAllowed()); - - formID = Random.nextRandom(); - session.setAttribute(Constants.SESSION_FORMID, formID); - - return Constants.STRUTS_ERROR_VALIDATION; - } - - if (!authUser.isAdmin()) { - if (authUser.getUserID() != userID) { - log.warn("User with ID " + authUser.getUserID() - + " would access UserDatabase Entry " + user.getUsername()); - addActionError(LanguageHelper.getErrorString("errors.edit.user.notallowed", request)); - return Constants.STRUTS_ERROR; - } - - } - - if (!user.getMail().equals(dbuser.getMail()) && !authUser.isAdmin()) { - dbuser.setIsMailAddressVerified(false); - dbuser.setUserRequestTokken(Random.nextRandom()); - - try { - MailHelper.sendUserMailAddressVerification(dbuser); - addActionMessage(LanguageHelper.getGUIString("webpages.edituser.changemailaddress.verify", request)); - - } catch (ConfigurationException e) { - log.warn("Sending of mailaddress verification mail failed.", e); - addActionError(LanguageHelper.getErrorString("error.mail.send", request)); - } - } - - Object nextPageAttr = session.getAttribute(Constants.SESSION_RETURNAREA); - if (nextPageAttr != null && nextPageAttr instanceof String - && MiscUtil.isNotEmpty((String)nextPageAttr) ) { - nextPage = (String) nextPageAttr; - - if (nextPage.equals(Constants.STRUTS_RETURNAREA_VALUES.adminRequestsInit.name()) && - user.isActive()) { - dbuser.setIsAdminRequest(false); - try { - if (dbuser.isIsMandateUser()) - MailHelper.sendUserAccountActivationMail(dbuser.getGivenname(), dbuser.getFamilyname(), - dbuser.getInstitut(), user.getMail()); - else - MailHelper.sendUserAccountActivationMail(dbuser.getGivenname(), dbuser.getFamilyname(), - null, user.getMail()); - - } catch (ConfigurationException e) { - log.warn("Send UserAccountActivation mail failed", e); - } - } - session.setAttribute(Constants.SESSION_RETURNAREA, null); - - } else { - nextPage = Constants.STRUTS_RETURNAREA_VALUES.usermanagementInit.name(); - } - - String error = saveFormToDB(dbuser); - - if (error != null) { - log.warn("UserData can not be stored in Database"); - addActionError(error); - return Constants.STRUTS_SUCCESS; - } - - return Constants.STRUTS_SUCCESS; - } - - public String deleteuser() { - try { - populateBasicInformations(); - - } catch (BasicActionException e) { - return Constants.STRUTS_ERROR; - - } - - Object formidobj = session.getAttribute(Constants.SESSION_FORMID); - if (formidobj != null && formidobj instanceof String) { - String formid = (String) formidobj; - if (!formid.equals(formID)) { - log.warn("FormIDs does not match. Some suspect Form is received from user " - + authUser.getFamilyName() + authUser.getGivenName() + authUser.getUserID()); - return Constants.STRUTS_ERROR; - } - } else { - log.warn("FormIDs does not match. Some suspect Form is received from user " - + authUser.getFamilyName() + authUser.getGivenName() + authUser.getUserID()); - return Constants.STRUTS_ERROR; - } - session.setAttribute(Constants.SESSION_FORMID, null); - - String useridobj = user.getUserID(); - long userID = -1; - if (MiscUtil.isEmpty(useridobj)) { - userID = -1; - - } else { - if (!ValidationHelper.validateOAID(useridobj)){ - log.warn("User with ID " + authUser.getUserID() - + " would access UserDatabase ID " + useridobj); - addActionError(LanguageHelper.getErrorString("errors.edit.user.notallowed", request)); - return Constants.STRUTS_ERROR; - } - userID = Long.valueOf(useridobj); - } - - if (!authUser.isAdmin()) { - if (authUser.getUserID() != userID) { - log.warn("User with ID " + authUser.getUserID() - + " would access UserDatabase Entry " + user.getUsername()); - addActionError(LanguageHelper.getErrorString("errors.edit.user.notallowed", request)); - return Constants.STRUTS_ERROR; - } - } - - Object nextPageAttr = session.getAttribute(Constants.SESSION_RETURNAREA); - if (nextPageAttr != null && nextPageAttr instanceof String - && MiscUtil.isNotEmpty((String)nextPageAttr) ) { - nextPage = (String) nextPageAttr; - session.setAttribute(Constants.SESSION_RETURNAREA, null); - - } else { - nextPage = Constants.STRUTS_RETURNAREA_VALUES.usermanagementInit.name(); - } - - UserDatabase dbuser = configuration.getUserManagement().getUserWithID(userID); - if (dbuser != null) { - dbuser.setOaIDs(null); - - try { - configuration.getUserManagement().saveOrUpdate(dbuser); - configuration.getUserManagement().delete(dbuser); - - if (authUser.isAdmin()) { - MailHelper.sendUserAccountRevocationMail(dbuser); - } - - if (dbuser.getHjid().equals(String.valueOf(authUser.getUserID()))) { - return Constants.STRUTS_REAUTHENTICATE; - } - - } catch (MOADatabaseException e) { - log.warn("UserData can not be deleted from Database", e); - addActionError(e.getMessage()); - return Constants.STRUTS_SUCCESS; - - } catch (ConfigurationException e) { - log.warn("Information mail sending failed.", e); - addActionError(e.getMessage()); - return Constants.STRUTS_SUCCESS; - } - - finally { - } - } - - - return Constants.STRUTS_SUCCESS; - } - - public String sendVerificationMail () { - try { - populateBasicInformations(); - - } catch (BasicActionException e) { - return Constants.STRUTS_ERROR; - - } - - String message = LanguageHelper.getErrorString("error.mail.send", request); - - if (authUser != null) { - UserDatabase dbuser = configuration.getUserManagement().getUserWithID(authUser.getUserID()); - - if (dbuser != null) { - dbuser.setIsMailAddressVerified(false); - dbuser.setUserRequestTokken(Random.nextRandom()); - - try { - configuration.getUserManagement().saveOrUpdate(dbuser); - - MailHelper.sendUserMailAddressVerification(dbuser); - - message = LanguageHelper.getErrorString("webpages.edituser.verify.mail.message", request); - - } catch (ConfigurationException e) { - log.warn("Sending of mailaddress verification mail failed.", e); - message = LanguageHelper.getErrorString("error.mail.send", request); - - } catch (MOADatabaseException e) { - log.warn("Access UserInformationDatabase failed.", e); - } - } - } - - stream = new ByteArrayInputStream(message.getBytes()); - - return SUCCESS; - } - - private String saveFormToDB(UserDatabase dbuser) { - - dbuser.setMail(user.getMail()); - dbuser.setPhone(user.getPhone()); - - if (authUser.isAdmin() || dbuser.isIsUsernamePasswordAllowed()) { - dbuser.setIsUsernamePasswordAllowed(user.isIsusernamepasswordallowed()); - - if (authUser.isAdmin()) { - dbuser.setIsActive(user.isActive()); - dbuser.setIsAdmin(user.isAdmin()); - - } - } - - if (dbuser.isIsPVP2Generated() == null || !dbuser.isIsPVP2Generated()) { - dbuser.setFamilyname(user.getFamilyName()); - dbuser.setGivenname(user.getGivenName()); - dbuser.setInstitut(user.getInstitut()); - - if (authUser.isAdmin()) { - dbuser.setBpk(user.getBpk()); - if ( user.getBpk().startsWith(Constants.IDENIFICATIONTYPE_BASEID - + "X" + Constants.IDENIFICATIONTYPE_FN) || - user.getBpk().startsWith(Constants.IDENIFICATIONTYPE_BASEID - + "X" + Constants.IDENIFICATIONTYPE_ZVR) || - user.getBpk().startsWith(Constants.IDENIFICATIONTYPE_BASEID - + "X" + Constants.IDENIFICATIONTYPE_ERSB)) { - dbuser.setIsMandateUser(true); - } - } - - } else { - if (!dbuser.isIsMandateUser()) - dbuser.setInstitut(user.getInstitut()); - } - - if (dbuser.isIsUsernamePasswordAllowed()) { - - if (MiscUtil.isNotEmpty(user.getUsername()) && MiscUtil.isEmpty(dbuser.getUsername())) - dbuser.setUsername(user.getUsername()); - - if (MiscUtil.isNotEmpty(user.getPassword())) { - String key = AuthenticationHelper.generateKeyFormPassword(user.getPassword()); - if (key == null) { - return LanguageHelper.getErrorString("errors.edit.user.save", request); - } - dbuser.setPassword(key); - } - } - - try { - configuration.getUserManagement().saveOrUpdate(dbuser); - } catch (MOADatabaseException e) { - log.warn("User information can not be stored in Database.", e); - return LanguageHelper.getErrorString("errors.edit.user.save", request); - } - - return null; - } - - - /** - * @return the userlist - */ - public List<AuthenticatedUser> getUserlist() { - return userlist; - } - - /** - * @param userlist the userlist to set - */ - public void setUserlist(List<AuthenticatedUser> userlist) { - this.userlist = userlist; - } - - /** - * @return the user - */ - public UserDatabaseFrom getUser() { - return user; - } - - /** - * @param user the user to set - */ - public void setUser(UserDatabaseFrom user) { - this.user = user; - } - - /** - * @return the useridobj - */ - public String getUseridobj() { - return useridobj; - } - - /** - * @param useridobj the useridobj to set - */ - public void setUseridobj(String useridobj) { - this.useridobj = useridobj; - } - - /** - * @return the newUser - */ - public boolean isNewUser() { - return newUser; - } - - /** - * @return the nextPage - */ - public String getNextPage() { - return nextPage; - } - - /** - * @return the stream - */ - public InputStream getStream() { - return stream; - } - - /** - * @return the formID - */ - public String getFormID() { - return formID; - } - - /** - * @param formID the formID to set - */ - public void setFormID(String formID) { - this.formID = formID; - } - + + private static final long serialVersionUID = 1L; + + private List<AuthenticatedUser> userlist = null; + private UserDatabaseFrom user = null; + + private String useridobj = null; + private static boolean newUser = false; + private InputStream stream; + private String nextPage; + private String formID; + + public String init() { + try { + populateBasicInformations(); + + } catch (final BasicActionException e) { + return Constants.STRUTS_ERROR; + + } + + if (session == null) { + log.info("No http Session found."); + return Constants.STRUTS_ERROR; + } + + if (authUser.isAdmin()) { + + log.info("Show NewserRequests"); + + log.info("Show UserList"); + + final List<UserDatabase> dbuserlist = configuration.getUserManagement().getAllUsers(); + + if (dbuserlist != null) { + userlist = FormDataHelper.addFormUsers(dbuserlist); + } + + session.setAttribute(Constants.SESSION_RETURNAREA, + Constants.STRUTS_RETURNAREA_VALUES.usermanagementInit.name()); + + return Constants.STRUTS_SUCCESS; + + } else { + log.info("User with ID " + authUser.getUserID() + " is not admin. Show only EditUser Frame"); + final UserDatabase dbuser = configuration.getUserManagement().getUserWithID(authUser.getUserID()); + if (dbuser == null) { + return Constants.STRUTS_REAUTHENTICATE; + } + user = new UserDatabaseFrom(dbuser); + + session.setAttribute(Constants.SESSION_RETURNAREA, + Constants.STRUTS_RETURNAREA_VALUES.main.name()); + + formID = Random.nextRandom(); + session.setAttribute(Constants.SESSION_FORMID, formID); + + return Constants.STRUTS_NOTALLOWED; + } + } + + public String createuser() { + try { + populateBasicInformations(); + + } catch (final BasicActionException e) { + return Constants.STRUTS_ERROR; + + } + + nextPage = Constants.STRUTS_RETURNAREA_VALUES.usermanagementInit.name(); + + if (authUser.isAdmin()) { + + user = new UserDatabaseFrom(); + + newUser = true; + + formID = Random.nextRandom(); + session.setAttribute(Constants.SESSION_FORMID, formID); + return Constants.STRUTS_SUCCESS; + + } else { + return Constants.STRUTS_NOTALLOWED; + } + } + + public String edituser() { + try { + populateBasicInformations(); + + } catch (final BasicActionException e) { + return Constants.STRUTS_ERROR; + + } + + final Object nextPageAttr = session.getAttribute(Constants.SESSION_RETURNAREA); + if (nextPageAttr != null && nextPageAttr instanceof String + && MiscUtil.isNotEmpty((String) nextPageAttr)) { + nextPage = (String) nextPageAttr; + + } else { + nextPage = Constants.STRUTS_RETURNAREA_VALUES.usermanagementInit.name(); + } + + formID = Random.nextRandom(); + session.setAttribute(Constants.SESSION_FORMID, formID); + + if (authUser.isAdmin()) { + long userid = -1; + + if (!ValidationHelper.validateOAID(useridobj)) { + addActionError(LanguageHelper.getErrorString("errors.edit.user.userid", request)); + return Constants.STRUTS_ERROR; + } + userid = Long.valueOf(useridobj); + + final UserDatabase dbuser = configuration.getUserManagement().getUserWithID(userid); + if (dbuser == null) { + log.info("No User with ID " + userid + " in Database"); + addActionError(LanguageHelper.getErrorString("errors.edit.user.userid", request)); + return Constants.STRUTS_ERROR; + } + user = new UserDatabaseFrom(dbuser); + + newUser = false; + + return Constants.STRUTS_SUCCESS; + + } else { + log.info("User with ID " + authUser.getUserID() + " is not admin. Show his own EditUser Frame"); + final UserDatabase dbuser = configuration.getUserManagement().getUserWithID(authUser.getUserID()); + user = new UserDatabaseFrom(dbuser); + return Constants.STRUTS_SUCCESS; + } + } + + public String saveuser() { + try { + populateBasicInformations(); + + } catch (final BasicActionException e) { + return Constants.STRUTS_ERROR; + + } + + final Object formidobj = session.getAttribute(Constants.SESSION_FORMID); + if (formidobj != null && formidobj instanceof String) { + final String formid = (String) formidobj; + if (!formid.equals(formID)) { + log.warn("FormIDs does not match. Some suspect Form is received from user " + + authUser.getFamilyName() + authUser.getGivenName() + authUser.getUserID()); + return Constants.STRUTS_ERROR; + } + } else { + log.warn("FormIDs does not match. Some suspect Form is received from user " + + authUser.getFamilyName() + authUser.getGivenName() + authUser.getUserID()); + return Constants.STRUTS_ERROR; + } + session.setAttribute(Constants.SESSION_FORMID, null); + + final String useridobj = user.getUserID(); + long userID = -1; + if (MiscUtil.isEmpty(useridobj)) { + userID = -1; + + } else { + if (!ValidationHelper.validateOAID(useridobj)) { + log.warn("User with ID " + authUser.getUserID() + + " would access UserDatabase ID " + useridobj); + addActionError(LanguageHelper.getErrorString("errors.edit.user.notallowed", request)); + return Constants.STRUTS_ERROR; + } + userID = Long.valueOf(useridobj); + } + + UserDatabase dbuser = configuration.getUserManagement().getUserWithID(userID); + + if (dbuser == null) { + dbuser = new UserDatabase(); + dbuser.setIsMandateUser(false); + dbuser.setIsAdminRequest(false); + dbuser.setIsPVP2Generated(false); + dbuser.setUserRequestTokken(null); + dbuser.setIsMailAddressVerified(false); + dbuser.setUsername(user.getUsername()); + } + + List<String> errors; + final UserDatabaseFormValidator validator = new UserDatabaseFormValidator(); + + boolean ispvp2 = false; + boolean ismandate = false; + if (dbuser.isIsPVP2Generated() != null) { + ispvp2 = dbuser.isIsPVP2Generated(); + } + + if (dbuser.isIsMandateUser() != null) { + ismandate = dbuser.isIsMandateUser(); + } + + errors = validator.validate(user, userID, ispvp2, ismandate, request); + + if (errors.size() > 0) { + log.info("UserDataForm has some erros."); + for (final String el : errors) { + addActionError(el); + } + user.setPassword(""); + + if (MiscUtil.isEmpty(user.getUsername())) { + newUser = true; + } + + user.setIsmandateuser(ismandate); + user.setPVPGenerated(ispvp2); + if (dbuser.isIsUsernamePasswordAllowed() != null) { + user.setIsusernamepasswordallowed(dbuser.isIsUsernamePasswordAllowed()); + } + + formID = Random.nextRandom(); + session.setAttribute(Constants.SESSION_FORMID, formID); + + return Constants.STRUTS_ERROR_VALIDATION; + } + + if (!authUser.isAdmin()) { + if (authUser.getUserID() != userID) { + log.warn("User with ID " + authUser.getUserID() + + " would access UserDatabase Entry " + user.getUsername()); + addActionError(LanguageHelper.getErrorString("errors.edit.user.notallowed", request)); + return Constants.STRUTS_ERROR; + } + + } + + if (!user.getMail().equals(dbuser.getMail()) && !authUser.isAdmin()) { + dbuser.setIsMailAddressVerified(false); + dbuser.setUserRequestTokken(Random.nextRandom()); + + try { + MailHelper.sendUserMailAddressVerification(dbuser); + addActionMessage(LanguageHelper.getGUIString("webpages.edituser.changemailaddress.verify", request)); + + } catch (final ConfigurationException e) { + log.warn("Sending of mailaddress verification mail failed.", e); + addActionError(LanguageHelper.getErrorString("error.mail.send", request)); + } + } + + final Object nextPageAttr = session.getAttribute(Constants.SESSION_RETURNAREA); + if (nextPageAttr != null && nextPageAttr instanceof String + && MiscUtil.isNotEmpty((String) nextPageAttr)) { + nextPage = (String) nextPageAttr; + + if (nextPage.equals(Constants.STRUTS_RETURNAREA_VALUES.adminRequestsInit.name()) && + user.isActive()) { + dbuser.setIsAdminRequest(false); + try { + if (dbuser.isIsMandateUser()) { + MailHelper.sendUserAccountActivationMail(dbuser.getGivenname(), dbuser.getFamilyname(), + dbuser.getInstitut(), user.getMail()); + } else { + MailHelper.sendUserAccountActivationMail(dbuser.getGivenname(), dbuser.getFamilyname(), + null, user.getMail()); + } + + } catch (final ConfigurationException e) { + log.warn("Send UserAccountActivation mail failed", e); + } + } + session.setAttribute(Constants.SESSION_RETURNAREA, null); + + } else { + nextPage = Constants.STRUTS_RETURNAREA_VALUES.usermanagementInit.name(); + } + + final String error = saveFormToDB(dbuser); + + if (error != null) { + log.warn("UserData can not be stored in Database"); + addActionError(error); + return Constants.STRUTS_SUCCESS; + } + + return Constants.STRUTS_SUCCESS; + } + + public String deleteuser() { + try { + populateBasicInformations(); + + } catch (final BasicActionException e) { + return Constants.STRUTS_ERROR; + + } + + final Object formidobj = session.getAttribute(Constants.SESSION_FORMID); + if (formidobj != null && formidobj instanceof String) { + final String formid = (String) formidobj; + if (!formid.equals(formID)) { + log.warn("FormIDs does not match. Some suspect Form is received from user " + + authUser.getFamilyName() + authUser.getGivenName() + authUser.getUserID()); + return Constants.STRUTS_ERROR; + } + } else { + log.warn("FormIDs does not match. Some suspect Form is received from user " + + authUser.getFamilyName() + authUser.getGivenName() + authUser.getUserID()); + return Constants.STRUTS_ERROR; + } + session.setAttribute(Constants.SESSION_FORMID, null); + + final String useridobj = user.getUserID(); + long userID = -1; + if (MiscUtil.isEmpty(useridobj)) { + userID = -1; + + } else { + if (!ValidationHelper.validateOAID(useridobj)) { + log.warn("User with ID " + authUser.getUserID() + + " would access UserDatabase ID " + useridobj); + addActionError(LanguageHelper.getErrorString("errors.edit.user.notallowed", request)); + return Constants.STRUTS_ERROR; + } + userID = Long.valueOf(useridobj); + } + + if (!authUser.isAdmin()) { + if (authUser.getUserID() != userID) { + log.warn("User with ID " + authUser.getUserID() + + " would access UserDatabase Entry " + user.getUsername()); + addActionError(LanguageHelper.getErrorString("errors.edit.user.notallowed", request)); + return Constants.STRUTS_ERROR; + } + } + + final Object nextPageAttr = session.getAttribute(Constants.SESSION_RETURNAREA); + if (nextPageAttr != null && nextPageAttr instanceof String + && MiscUtil.isNotEmpty((String) nextPageAttr)) { + nextPage = (String) nextPageAttr; + session.setAttribute(Constants.SESSION_RETURNAREA, null); + + } else { + nextPage = Constants.STRUTS_RETURNAREA_VALUES.usermanagementInit.name(); + } + + final UserDatabase dbuser = configuration.getUserManagement().getUserWithID(userID); + if (dbuser != null) { + dbuser.setOaIDs(null); + + try { + configuration.getUserManagement().saveOrUpdate(dbuser); + configuration.getUserManagement().delete(dbuser); + + if (authUser.isAdmin()) { + MailHelper.sendUserAccountRevocationMail(dbuser); + } + + if (dbuser.getHjid().equals(String.valueOf(authUser.getUserID()))) { + return Constants.STRUTS_REAUTHENTICATE; + } + + } catch (final MOADatabaseException e) { + log.warn("UserData can not be deleted from Database", e); + addActionError(e.getMessage()); + return Constants.STRUTS_SUCCESS; + + } catch (final ConfigurationException e) { + log.warn("Information mail sending failed.", e); + addActionError(e.getMessage()); + return Constants.STRUTS_SUCCESS; + } + + finally { + } + } + + return Constants.STRUTS_SUCCESS; + } + + public String sendVerificationMail() { + try { + populateBasicInformations(); + + } catch (final BasicActionException e) { + return Constants.STRUTS_ERROR; + + } + + String message = LanguageHelper.getErrorString("error.mail.send", request); + + if (authUser != null) { + final UserDatabase dbuser = configuration.getUserManagement().getUserWithID(authUser.getUserID()); + + if (dbuser != null) { + dbuser.setIsMailAddressVerified(false); + dbuser.setUserRequestTokken(Random.nextRandom()); + + try { + configuration.getUserManagement().saveOrUpdate(dbuser); + + MailHelper.sendUserMailAddressVerification(dbuser); + + message = LanguageHelper.getErrorString("webpages.edituser.verify.mail.message", request); + + } catch (final ConfigurationException e) { + log.warn("Sending of mailaddress verification mail failed.", e); + message = LanguageHelper.getErrorString("error.mail.send", request); + + } catch (final MOADatabaseException e) { + log.warn("Access UserInformationDatabase failed.", e); + } + } + } + + stream = new ByteArrayInputStream(message.getBytes()); + + return SUCCESS; + } + + private String saveFormToDB(UserDatabase dbuser) { + + dbuser.setMail(user.getMail()); + dbuser.setPhone(user.getPhone()); + + if (authUser.isAdmin() || dbuser.isIsUsernamePasswordAllowed()) { + dbuser.setIsUsernamePasswordAllowed(user.isIsusernamepasswordallowed()); + + if (authUser.isAdmin()) { + dbuser.setIsActive(user.isActive()); + dbuser.setIsAdmin(user.isAdmin()); + + } + } + + if (dbuser.isIsPVP2Generated() == null || !dbuser.isIsPVP2Generated()) { + dbuser.setFamilyname(user.getFamilyName()); + dbuser.setGivenname(user.getGivenName()); + dbuser.setInstitut(user.getInstitut()); + + if (authUser.isAdmin()) { + dbuser.setBpk(user.getBpk()); + if (user.getBpk().startsWith(Constants.IDENIFICATIONTYPE_BASEID + + "X" + Constants.IDENIFICATIONTYPE_FN) || + user.getBpk().startsWith(Constants.IDENIFICATIONTYPE_BASEID + + "X" + Constants.IDENIFICATIONTYPE_ZVR) || + user.getBpk().startsWith(Constants.IDENIFICATIONTYPE_BASEID + + "X" + Constants.IDENIFICATIONTYPE_ERSB)) { + dbuser.setIsMandateUser(true); + } + } + + } else { + if (!dbuser.isIsMandateUser()) { + dbuser.setInstitut(user.getInstitut()); + } + } + + if (dbuser.isIsUsernamePasswordAllowed()) { + + if (MiscUtil.isNotEmpty(user.getUsername()) && MiscUtil.isEmpty(dbuser.getUsername())) { + dbuser.setUsername(user.getUsername()); + } + + if (MiscUtil.isNotEmpty(user.getPassword())) { + final String key = AuthenticationHelper.generateKeyFormPassword(user.getPassword()); + if (key == null) { + return LanguageHelper.getErrorString("errors.edit.user.save", request); + } + dbuser.setPassword(key); + } + } + + try { + configuration.getUserManagement().saveOrUpdate(dbuser); + } catch (final MOADatabaseException e) { + log.warn("User information can not be stored in Database.", e); + return LanguageHelper.getErrorString("errors.edit.user.save", request); + } + + return null; + } + + /** + * @return the userlist + */ + public List<AuthenticatedUser> getUserlist() { + return userlist; + } + + /** + * @param userlist the userlist to set + */ + public void setUserlist(List<AuthenticatedUser> userlist) { + this.userlist = userlist; + } + + /** + * @return the user + */ + public UserDatabaseFrom getUser() { + return user; + } + + /** + * @param user the user to set + */ + public void setUser(UserDatabaseFrom user) { + this.user = user; + } + + /** + * @return the useridobj + */ + public String getUseridobj() { + return useridobj; + } + + /** + * @param useridobj the useridobj to set + */ + public void setUseridobj(String useridobj) { + this.useridobj = useridobj; + } + + /** + * @return the newUser + */ + public boolean isNewUser() { + return newUser; + } + + /** + * @return the nextPage + */ + public String getNextPage() { + return nextPage; + } + + /** + * @return the stream + */ + public InputStream getStream() { + return stream; + } + + /** + * @return the formID + */ + @Override + public String getFormID() { + return formID; + } + + /** + * @param formID the formID to set + */ + @Override + public void setFormID(String formID) { + this.formID = formID; + } + } diff --git a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/struts/action/VIDPAction.java b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/struts/action/VIDPAction.java index c00eb46a5..5f03d89c1 100644 --- a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/struts/action/VIDPAction.java +++ b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/struts/action/VIDPAction.java @@ -39,37 +39,36 @@ import at.gv.egovernment.moa.id.configuration.data.oa.OATargetConfiguration; */ public class VIDPAction extends InterfederationIDPAction { - private static final long serialVersionUID = 1981465294474566533L; + private static final long serialVersionUID = 1981465294474566533L; + + public VIDPAction() { + super(); + formList.putAll(buildVIDPFormList()); + } + + /** + * @return + * + */ + public static LinkedHashMap<String, IOnlineApplicationData> buildVIDPFormList() { + final LinkedHashMap<String, IOnlineApplicationData> forms = + new LinkedHashMap<>(); + + final OATargetConfiguration oaTarget = new OATargetConfiguration(); + forms.put(oaTarget.getName(), oaTarget); + + final OAAuthenticationData authOA = new OAAuthenticationData(); + forms.put(authOA.getName(), authOA); + + final OASTORKConfig storkOA = new OASTORKConfig(); + forms.put(storkOA.getName(), storkOA); + + final Map<String, String> map = new HashMap<>(); + map.putAll(FormBuildUtils.getDefaultMap()); + final FormularCustomization formOA = new FormularCustomization(map); + forms.put(formOA.getName(), formOA); + + return forms; + } - - public VIDPAction() { - super(); - formList.putAll(buildVIDPFormList()); - } - - /** - * @return - * - */ - public static LinkedHashMap<String, IOnlineApplicationData> buildVIDPFormList() { - LinkedHashMap<String, IOnlineApplicationData> forms = - new LinkedHashMap<String, IOnlineApplicationData>(); - - OATargetConfiguration oaTarget = new OATargetConfiguration(); - forms.put(oaTarget.getName(), oaTarget); - - OAAuthenticationData authOA = new OAAuthenticationData(); - forms.put(authOA.getName(), authOA); - - OASTORKConfig storkOA = new OASTORKConfig(); - forms.put(storkOA.getName(), storkOA); - - Map<String, String> map = new HashMap<String, String>(); - map.putAll(FormBuildUtils.getDefaultMap()); - FormularCustomization formOA = new FormularCustomization(map); - forms.put(formOA.getName(), formOA); - - return forms; - } - } |