diff options
Diffstat (limited to 'id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/struts/action')
11 files changed, 1238 insertions, 952 deletions
diff --git a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/struts/action/BasicAction.java b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/struts/action/BasicAction.java index 67bd13dd2..9630bc232 100644 --- a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/struts/action/BasicAction.java +++ b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/struts/action/BasicAction.java @@ -54,6 +54,7 @@ public class BasicAction extends ActionSupport implements ServletRequestAware, protected ConfigurationProvider configuration = null; protected AuthenticatedUser authUser = null; protected HttpSession session = null; + protected String formID; protected void populateBasicInformations() throws BasicActionException { try { @@ -101,6 +102,19 @@ public class BasicAction extends ActionSupport implements ServletRequestAware, } + /** + * @return the formID + */ + public String getFormID() { + return formID; + } + + /** + * @param formID the formID to set + */ + public void setFormID(String formID) { + this.formID = formID; + } } diff --git a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/struts/action/BasicOAAction.java b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/struts/action/BasicOAAction.java new file mode 100644 index 000000000..43954828c --- /dev/null +++ b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/struts/action/BasicOAAction.java @@ -0,0 +1,452 @@ +/* + * Copyright 2014 Federal Chancellery Austria + * MOA-ID has been developed in a cooperation between BRZ, the Federal + * Chancellery Austria - ICT staff unit, and Graz University of Technology. + * + * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by + * the European Commission - subsequent versions of the EUPL (the "Licence"); + * You may not use this work except in compliance with the Licence. + * You may obtain a copy of the Licence at: + * http://www.osor.eu/eupl/ + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the Licence is distributed on an "AS IS" basis, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the Licence for the specific language governing permissions and + * limitations under the Licence. + * + * This product combines work with different licenses. See the "NOTICE" text + * file for details on the various modules and licenses. + * The "NOTICE" text file is part of the distribution. Any derivative works + * that you distribute must include a readable copy of the "NOTICE" text file. + */ +package at.gv.egovernment.moa.id.configuration.struts.action; + +import java.util.ArrayList; +import java.util.Date; +import java.util.LinkedHashMap; +import java.util.List; + +import org.apache.log4j.Logger; + +import at.gv.egovernment.moa.id.commons.db.ConfigurationDBRead; +import at.gv.egovernment.moa.id.commons.db.ConfigurationDBUtils; +import at.gv.egovernment.moa.id.commons.db.dao.config.MOAIDConfiguration; +import at.gv.egovernment.moa.id.commons.db.dao.config.OnlineApplication; +import at.gv.egovernment.moa.id.commons.db.dao.config.UserDatabase; +import at.gv.egovernment.moa.id.commons.db.ex.MOADatabaseException; +import at.gv.egovernment.moa.id.commons.validation.ValidationHelper; +import at.gv.egovernment.moa.id.configuration.Constants; +import at.gv.egovernment.moa.id.configuration.data.oa.IOnlineApplicationData; +import at.gv.egovernment.moa.id.configuration.data.oa.OAGeneralConfig; +import at.gv.egovernment.moa.id.configuration.data.oa.OAPVP2Config; +import at.gv.egovernment.moa.id.configuration.exception.BasicOAActionException; +import at.gv.egovernment.moa.id.configuration.exception.ConfigurationException; +import at.gv.egovernment.moa.id.configuration.helper.LanguageHelper; +import at.gv.egovernment.moa.id.configuration.helper.MailHelper; +import at.gv.egovernment.moa.id.util.Random; +import at.gv.egovernment.moa.util.MiscUtil; + +/** + * @author tlenz + * + */ +public class BasicOAAction extends BasicAction { + + private static final long serialVersionUID = 5676123696807646246L; + private final Logger log = Logger.getLogger(BasicOAAction.class); + + protected LinkedHashMap<String, IOnlineApplicationData> formList; + protected long oaid = -1; + + private String oaidobj; + private boolean newOA; + private boolean isMetaDataRefreshRequired = false; + + /** + * + */ + public BasicOAAction() { + formList = new LinkedHashMap<String, IOnlineApplicationData>(); + + OAGeneralConfig generalOA = new OAGeneralConfig(); + formList.put(generalOA.getName(), generalOA); + + } + + protected OnlineApplication populateOnlineApplicationFromRequest() throws BasicOAActionException{ + if (!ValidationHelper.validateOAID(oaidobj)) { + throw new BasicOAActionException( + LanguageHelper.getErrorString("errors.edit.oa.oaid", request), + Constants.STRUTS_ERROR); + + } + oaid = Long.valueOf(oaidobj); + + UserDatabase userdb = null; + OnlineApplication onlineapplication = null; + + if (authUser.isAdmin()) + onlineapplication = ConfigurationDBRead.getOnlineApplication(oaid); + + else { + userdb = ConfigurationDBRead.getUserWithID(authUser.getUserID()); + + if (!authUser.isAdmin() && userdb.isIsMailAddressVerified() != null && !userdb.isIsMailAddressVerified()) { + log.info("Online-Applikation managemant disabled. Mail address is not verified."); + throw new BasicOAActionException( + LanguageHelper.getErrorString("error.editoa.mailverification", request), + Constants.STRUTS_SUCCESS); + + } + + // TODO: change to direct Database operation + List<OnlineApplication> oas = userdb.getOnlineApplication(); + for (OnlineApplication oa : oas) { + if (oa.getHjid() == oaid) { + onlineapplication = oa; + break; + } + } + if (onlineapplication == null) { + throw new BasicOAActionException( + LanguageHelper.getErrorString("errors.edit.oa.oaid", request), + Constants.STRUTS_ERROR); + } + } + + return onlineapplication; + + } + + protected void populateBasicNewOnlineApplicationInformation() { + session.setAttribute(Constants.SESSION_OAID, null); + + setNewOA(true); + + formID = Random.nextRandom(); + session.setAttribute(Constants.SESSION_FORMID, formID); + session.setAttribute(Constants.SESSION_BKUFORMPREVIEW, null); + } + + protected OnlineApplication postProcessSaveOnlineApplication(OnlineApplication onlineapplication ) throws BasicOAActionException { + if (onlineapplication == null) { + onlineapplication = new OnlineApplication(); + onlineapplication.setIsNew(true); + onlineapplication.setIsActive(false); + + if (!authUser.isAdmin()) { + onlineapplication.setIsAdminRequired(true); + + } else + isMetaDataRefreshRequired = true; + + } else { + onlineapplication.setIsNew(false); + if (!authUser.isAdmin() && !onlineapplication.getPublicURLPrefix().equals(getGeneralOA().getIdentifier())) { + + onlineapplication.setIsAdminRequired(true); + onlineapplication.setIsActive(false); + log.info("User with ID " + authUser.getUserID() + " change OA-PublicURLPrefix. Reaktivation is required."); + } + + } + + if ((onlineapplication.isIsAdminRequired() == null) + || (authUser.isAdmin() && getGeneralOA().isActive() && onlineapplication.isIsAdminRequired())) { + + onlineapplication.setIsAdminRequired(false); + isMetaDataRefreshRequired = true; + + UserDatabase userdb = null; + if (onlineapplication.getHjid() != null) + userdb = ConfigurationDBRead.getUsersWithOADBID(onlineapplication.getHjid()); + + if (userdb != null && !userdb.isIsAdmin()) { + try { + MailHelper.sendUserOnlineApplicationActivationMail(userdb.getGivenname(), userdb.getFamilyname(), + userdb.getInstitut(), onlineapplication.getPublicURLPrefix(), userdb.getMail()); + } catch (ConfigurationException e) { + log.warn("Sending Mail to User " + userdb.getMail() + " failed", e); + } + } + } + + //save OA configuration + String error = saveOAConfigToDatabase(onlineapplication); + if (MiscUtil.isNotEmpty(error)) { + log.warn("OA configuration can not be stored!"); + addActionError(error); + + formID = Random.nextRandom(); + session.setAttribute(Constants.SESSION_FORMID, formID); + + throw new BasicOAActionException(error, Constants.STRUTS_ERROR_VALIDATION); + } + + //set metadata reload flag if reload is required + + if (getPvp2OA() != null && getPvp2OA().getMetaDataURL() != null) { + + try { + if (isMetaDataRefreshRequired + || !getPvp2OA().getMetaDataURL().equals(onlineapplication.getAuthComponentOA().getOAPVP2().getMetadataURL()) + || getPvp2OA().getFileUpload() != null + || getPvp2OA().isReLoad()) { + + log.debug("Set PVP2 Metadata refresh flag."); + MOAIDConfiguration moaconfig = ConfigurationDBRead.getMOAIDConfiguration(); + moaconfig.setPvp2RefreshItem(new Date()); + ConfigurationDBUtils.saveOrUpdate(moaconfig); + + } + } catch (Throwable e) { + log.info("Found no MetadataURL in OA-Databaseconfig!", e); + } + + } + + return onlineapplication; + } + + protected OnlineApplication preProcessSaveOnlineApplication() throws BasicOAActionException { + try { + Object formidobj = session.getAttribute(Constants.SESSION_FORMID); + if (formidobj != null && formidobj instanceof String) { + String formid = (String) formidobj; + if (!formid.equals(formID)) { + throw new BasicOAActionException( + "FormIDs does not match. Some suspect Form is received from user " + authUser.getFamilyName() + + authUser.getGivenName() + authUser.getUserID(), + Constants.STRUTS_ERROR); + } + } else { + throw new BasicOAActionException( + "FormIDs does not match. Some suspect Form is received from user " + authUser.getFamilyName() + + authUser.getGivenName() + authUser.getUserID(), + Constants.STRUTS_ERROR); + + } + session.setAttribute(Constants.SESSION_FORMID, null); + + UserDatabase userdb = ConfigurationDBRead.getUserWithID(authUser.getUserID()); + if (!authUser.isAdmin() && userdb.isIsMailAddressVerified() != null && !userdb.isIsMailAddressVerified()) { + log.info("Online-Applikation managemant disabled. Mail address is not verified."); + throw new BasicOAActionException( + LanguageHelper.getErrorString("error.editoa.mailverification", request), + Constants.STRUTS_SUCCESS); + } + + OnlineApplication onlineapplication = null; + + Object oadbid = request.getSession().getAttribute(Constants.SESSION_OAID); + Long oaid = (long) -1; + + if (oadbid != null) { + try { + oaid = (Long) oadbid; + if (oaid < 0 || oaid > Long.MAX_VALUE) { + throw new BasicOAActionException( + LanguageHelper.getErrorString("errors.edit.oa.oaid", request), + Constants.STRUTS_ERROR); + } + + } catch (Throwable t) { + throw new BasicOAActionException( + LanguageHelper.getErrorString("errors.edit.oa.oaid", request), + Constants.STRUTS_ERROR); + } + } + + // valid DBID and check entry + OAGeneralConfig oaGeneralForm = ((OAGeneralConfig)formList.get(new OAGeneralConfig().getName())); + String oaidentifier = oaGeneralForm.getIdentifier(); + if (MiscUtil.isEmpty(oaidentifier)) { + log.info("Empty OA identifier"); + throw new BasicOAActionException( + LanguageHelper.getErrorString("validation.general.oaidentifier.empty", request), + Constants.STRUTS_ERROR_VALIDATION); + + } else { + + if (!ValidationHelper.validateURL(oaidentifier)) { + log.warn("OnlineapplikationIdentifier is not a valid URL: " + oaidentifier); + throw new BasicOAActionException( + LanguageHelper.getErrorString("validation.general.oaidentifier.valid", + new Object[]{ValidationHelper.getNotValidOAIdentifierCharacters()}, request), + Constants.STRUTS_ERROR_VALIDATION); + + } else { + + if (oaid == -1) { + onlineapplication = ConfigurationDBRead.getOnlineApplication(oaidentifier); + setNewOA(true); + if (onlineapplication != null) { + log.info("The OAIdentifier is not unique"); + throw new BasicOAActionException( + LanguageHelper.getErrorString("validation.general.oaidentifier.notunique", request), + Constants.STRUTS_ERROR_VALIDATION); + + } + + } else { + onlineapplication = ConfigurationDBRead.getOnlineApplication(oaid); + if (!oaidentifier.equals(onlineapplication.getPublicURLPrefix())) { + + if (ConfigurationDBRead.getOnlineApplication(oaidentifier) != null) { + log.info("The OAIdentifier is not unique"); + throw new BasicOAActionException( + LanguageHelper.getErrorString("validation.general.oaidentifier.notunique", request), + Constants.STRUTS_ERROR_VALIDATION); + + } + } + } + } + } + + return onlineapplication; + + } catch (BasicOAActionException e) { + formID = Random.nextRandom(); + session.setAttribute(Constants.SESSION_FORMID, formID); + + throw e; + } + + } + + protected String preProcessDeleteOnlineApplication() throws BasicOAActionException { + try { + Object formidobj = session.getAttribute(Constants.SESSION_FORMID); + if (formidobj != null && formidobj instanceof String) { + String formid = (String) formidobj; + if (!formid.equals(formID)) { + log.warn("FormIDs does not match. Some suspect Form is received from user " + authUser.getFamilyName() + + authUser.getGivenName() + authUser.getUserID()); + throw new BasicOAActionException( + "FormIDs does not match. Some suspect Form is received from user " + authUser.getFamilyName() + + authUser.getGivenName() + authUser.getUserID(), + Constants.STRUTS_ERROR); + + } + } else { + log.warn("FormIDs does not match. Some suspect Form is received from user " + authUser.getFamilyName() + + authUser.getGivenName() + authUser.getUserID()); + throw new BasicOAActionException( + "FormIDs does not match. Some suspect Form is received from user " + authUser.getFamilyName() + + authUser.getGivenName() + authUser.getUserID(), + Constants.STRUTS_ERROR); + } + session.setAttribute(Constants.SESSION_FORMID, null); + + UserDatabase userdb = ConfigurationDBRead.getUserWithID(authUser.getUserID()); + if (!authUser.isAdmin() && userdb.isIsMailAddressVerified() != null && !userdb.isIsMailAddressVerified()) { + log.info("Online-Applikation managemant disabled. Mail address is not verified."); + throw new BasicOAActionException( + LanguageHelper.getErrorString("error.editoa.mailverification", request), + Constants.STRUTS_SUCCESS); + + } + + String oaidentifier = getGeneralOA().getIdentifier(); + if (MiscUtil.isEmpty(oaidentifier)) { + log.info("Empty OA identifier"); + formID = Random.nextRandom(); + session.setAttribute(Constants.SESSION_FORMID, formID); + + throw new BasicOAActionException( + LanguageHelper.getErrorString("validation.general.oaidentifier.empty", request), + Constants.STRUTS_ERROR_VALIDATION); + + } else { + if (ValidationHelper.isValidOAIdentifier(oaidentifier)) { + log.warn("IdentificationNumber contains potentail XSS characters: " + oaidentifier); + formID = Random.nextRandom(); + session.setAttribute(Constants.SESSION_FORMID, formID); + + throw new BasicOAActionException( + LanguageHelper.getErrorString("validation.general.oaidentifier.valid", + new Object[]{ValidationHelper.getNotValidOAIdentifierCharacters()}, request), + Constants.STRUTS_ERROR_VALIDATION); + } + } + + return oaidentifier; + + } catch (BasicOAActionException e) { + formID = Random.nextRandom(); + session.setAttribute(Constants.SESSION_FORMID, formID); + + throw e; + } + } + + private String saveOAConfigToDatabase(OnlineApplication dboa) { + + for (IOnlineApplicationData form : formList.values()) + form.store(dboa, authUser, request); + + try { + if (dboa.isIsNew()) { + ConfigurationDBUtils.save(dboa); + + if (!authUser.isAdmin()) { + UserDatabase user = ConfigurationDBRead.getUserWithID(authUser.getUserID()); + + List<OnlineApplication> useroas = user.getOnlineApplication(); + if (useroas == null) useroas = new ArrayList<OnlineApplication>(); + + useroas.add(dboa); + ConfigurationDBUtils.saveOrUpdate(user); + } + } else + ConfigurationDBUtils.saveOrUpdate(dboa); + + } catch (MOADatabaseException e) { + log.warn("Online-Application can not be stored.", e); + return LanguageHelper.getErrorString("error.db.oa.store", request); + } + + return null; + } + + /** + * @param oaidobj the oaidobj to set + */ + public void setOaidobj(String oaidobj) { + this.oaidobj = oaidobj; + } + + /** + * @return the newOA + */ + public boolean isNewOA() { + return newOA; + } + + /** + * @param newOA the newOA to set + */ + public void setNewOA(boolean newOA) { + this.newOA = newOA; + } + + public OAGeneralConfig getGeneralOA() { + return (OAGeneralConfig) formList.get(new OAGeneralConfig().getName()); + } + + public void setGeneralOA(OAGeneralConfig generalOA) { + formList.put(generalOA.getName(), generalOA); + } + + + public OAPVP2Config getPvp2OA() { + return (OAPVP2Config) formList.get(new OAPVP2Config().getName()); + } + + public void setPvp2OA(OAPVP2Config pvp2oa) { + formList.put(pvp2oa.getName(), pvp2oa); + } + +} diff --git a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/struts/action/EditGeneralConfigAction.java b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/struts/action/EditGeneralConfigAction.java index cb3a2a1ff..0a308a354 100644 --- a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/struts/action/EditGeneralConfigAction.java +++ b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/struts/action/EditGeneralConfigAction.java @@ -65,6 +65,7 @@ import at.gv.egovernment.moa.id.commons.db.dao.config.TrustAnchor; import at.gv.egovernment.moa.id.commons.db.dao.config.VerifyAuthBlock; import at.gv.egovernment.moa.id.commons.db.dao.config.VerifyIdentityLink; import at.gv.egovernment.moa.id.commons.db.ex.MOADatabaseException; +import at.gv.egovernment.moa.id.commons.validation.ValidationHelper; import at.gv.egovernment.moa.id.configuration.Constants; import at.gv.egovernment.moa.id.configuration.auth.AuthenticatedUser; import at.gv.egovernment.moa.id.configuration.data.GeneralMOAIDConfig; @@ -72,7 +73,6 @@ import at.gv.egovernment.moa.id.configuration.data.GeneralStorkConfig; import at.gv.egovernment.moa.id.configuration.exception.BasicActionException; import at.gv.egovernment.moa.id.configuration.helper.LanguageHelper; import at.gv.egovernment.moa.id.configuration.helper.StringHelper; -import at.gv.egovernment.moa.id.configuration.validation.ValidationHelper; import at.gv.egovernment.moa.id.configuration.validation.moaconfig.MOAConfigValidator; import at.gv.egovernment.moa.id.configuration.validation.moaconfig.StorkConfigValidator; import at.gv.egovernment.moa.id.util.Random; @@ -165,13 +165,31 @@ public class EditGeneralConfigAction extends BasicAction { log.info("General MOA-ID configuration has some errors."); for (String el : errors) addActionError(el); + + if (moaconfig.getSecLayerTransformation() != null) { + session.setAttribute(Constants.SESSION_SLTRANSFORMATION, moaconfig.getSecLayerTransformation()); + } formID = Random.nextRandom(); session.setAttribute(Constants.SESSION_FORMID, formID); + return Constants.STRUTS_ERROR_VALIDATION; + + } else { + if (moaconfig.getSecLayerTransformation() == null && + session.getAttribute(Constants.SESSION_SLTRANSFORMATION) != null && + session.getAttribute(Constants.SESSION_SLTRANSFORMATION) instanceof Map<?, ?> ) { + moaconfig.setSecLayerTransformation((Map<String, byte[]>) + session.getAttribute(Constants.SESSION_SLTRANSFORMATION)); + + } } + + String error = saveFormToDatabase(); + + session.setAttribute(Constants.SESSION_SLTRANSFORMATION, null); if (error != null) { log.warn("General MOA-ID config can not be stored in Database"); diff --git a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/struts/action/EditOAAction.java b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/struts/action/EditOAAction.java index cc2cf3bf0..e15d1e958 100644 --- a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/struts/action/EditOAAction.java +++ b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/struts/action/EditOAAction.java @@ -28,147 +28,103 @@ import at.gv.egovernment.moa.id.commons.db.ConfigurationDBUtils; import at.gv.egovernment.moa.id.commons.db.dao.config.*; import at.gv.egovernment.moa.id.commons.db.ex.MOADatabaseException; import at.gv.egovernment.moa.id.configuration.Constants; -import at.gv.egovernment.moa.id.configuration.auth.AuthenticatedUser; import at.gv.egovernment.moa.id.configuration.config.ConfigurationProvider; import at.gv.egovernment.moa.id.configuration.data.FormularCustomization; import at.gv.egovernment.moa.id.configuration.data.oa.*; import at.gv.egovernment.moa.id.configuration.exception.BasicActionException; +import at.gv.egovernment.moa.id.configuration.exception.BasicOAActionException; import at.gv.egovernment.moa.id.configuration.exception.ConfigurationException; import at.gv.egovernment.moa.id.configuration.helper.LanguageHelper; import at.gv.egovernment.moa.id.configuration.helper.MailHelper; -import at.gv.egovernment.moa.id.configuration.helper.StringHelper; -import at.gv.egovernment.moa.id.configuration.validation.FormularCustomizationValitator; -import at.gv.egovernment.moa.id.configuration.validation.TargetValidator; -import at.gv.egovernment.moa.id.configuration.validation.ValidationHelper; -import at.gv.egovernment.moa.id.configuration.validation.oa.*; import at.gv.egovernment.moa.id.util.FormBuildUtils; import at.gv.egovernment.moa.id.util.Random; import at.gv.egovernment.moa.util.MiscUtil; -import com.opensymphony.xwork2.ActionSupport; import iaik.utils.URLDecoder; import org.apache.log4j.Logger; -import org.apache.struts2.interceptor.ServletRequestAware; -import org.apache.struts2.interceptor.ServletResponseAware; -import javax.servlet.http.HttpServletRequest; -import javax.servlet.http.HttpServletResponse; -import javax.servlet.http.HttpSession; import java.io.*; -import java.math.BigInteger; -import java.security.cert.CertificateException; import java.util.*; -public class EditOAAction extends BasicAction { +public class EditOAAction extends BasicOAAction { private final Logger log = Logger.getLogger(EditOAAction.class); private static final long serialVersionUID = 1L; - - private String oaidobj; - private boolean newOA; - private String formID; - - private boolean onlyBusinessService = false; - private boolean subTargetSet = false; - private boolean deaktivededBusinessService = false; - private boolean isMetaDataRefreshRequired = false; - + private String nextPage; - - private OAGeneralConfig generalOA = new OAGeneralConfig(); - private OAPVP2Config pvp2OA = new OAPVP2Config(); - private OASAML1Config saml1OA = new OASAML1Config(); - private OASSOConfig ssoOA = new OASSOConfig(); - private OAOAuth20Config oauth20OA = new OAOAuth20Config(); - private OASTORKConfig storkOA = new OASTORKConfig(); - private FormularCustomization formOA = new FormularCustomization(); - private InputStream stream; - - private Map<String, byte[]> sendAssertionForm = new HashMap<String, byte[]>(); - private Map<String, byte[]> bkuSelectionForm = new HashMap<String, byte[]>(); + + public EditOAAction() { + super(); + + OATargetConfiguration oaTarget = new OATargetConfiguration(); + formList.put(oaTarget.getName(), oaTarget); + + OAAuthenticationData authOA = new OAAuthenticationData(); + formList.put(authOA.getName(), authOA); + + OASSOConfig ssoOA = new OASSOConfig(); + formList.put(ssoOA.getName(), ssoOA); + + OASAML1Config saml1OA = new OASAML1Config(); + formList.put(saml1OA.getName(), saml1OA); + + OAPVP2Config pvp2OA = new OAPVP2Config(); + formList.put(pvp2OA.getName(), pvp2OA); + + OAOAuth20Config oauth20OA = new OAOAuth20Config(); + formList.put(oauth20OA.getName(), oauth20OA); + + OASTORKConfig storkOA = new OASTORKConfig(); + formList.put(storkOA.getName(), storkOA); + + Map<String, String> map = new HashMap<String, String>(); + map.putAll(FormBuildUtils.getDefaultMap()); + FormularCustomization formOA = new FormularCustomization(map); + formList.put(formOA.getName(), formOA); + + } + // STRUTS actions public String inital() { try { populateBasicInformations(); + + OnlineApplication onlineapplication = populateOnlineApplicationFromRequest(); + if (onlineapplication == null) { + addActionError(LanguageHelper.getErrorString("errors.listOAs.noOA", request)); + return Constants.STRUTS_SUCCESS; + } + + List<String> errors = new ArrayList<String>(); + for (IOnlineApplicationData form : formList.values()) { + List<String> error = form.parse(onlineapplication, authUser, request); + if (error != null) + errors.addAll(error); + } + if (errors.size() > 0) { + for (String el : errors) + addActionError(el); + } + + setNewOA(false); + + ConfigurationDBUtils.closeSession(); + + formID = Random.nextRandom(); + session.setAttribute(Constants.SESSION_FORMID, formID); + session.setAttribute(Constants.SESSION_OAID, oaid); + + return Constants.STRUTS_OA_EDIT; + } catch (BasicActionException e) { return Constants.STRUTS_ERROR; + } catch (BasicOAActionException e) { + addActionError(e.getStrutsError()); + return e.getStrutsReturnValue(); } - - long oaid = -1; - - if (!ValidationHelper.validateOAID(oaidobj)) { - addActionError(LanguageHelper.getErrorString("errors.edit.oa.oaid", request)); - return Constants.STRUTS_ERROR; - } - oaid = Long.valueOf(oaidobj); - - UserDatabase userdb = null; - OnlineApplication onlineapplication = null; - - if (authUser.isAdmin()) - onlineapplication = ConfigurationDBRead.getOnlineApplication(oaid); - - else { - userdb = ConfigurationDBRead.getUserWithID(authUser.getUserID()); - - if (!authUser.isAdmin() && userdb.isIsMailAddressVerified() != null && !userdb.isIsMailAddressVerified()) { - log.info("Online-Applikation managemant disabled. Mail address is not verified."); - addActionError(LanguageHelper.getErrorString("error.editoa.mailverification", request)); - return Constants.STRUTS_SUCCESS; - } - - // TODO: change to direct Database operation - List<OnlineApplication> oas = userdb.getOnlineApplication(); - for (OnlineApplication oa : oas) { - if (oa.getHjid() == oaid) { - onlineapplication = oa; - break; - } - } - if (onlineapplication == null) { - addActionError(LanguageHelper.getErrorString("errors.edit.oa.oaid", request)); - return Constants.STRUTS_ERROR; - } - } - - generalOA.parse(onlineapplication); - ssoOA.parse(onlineapplication); - saml1OA.parse(onlineapplication); - oauth20OA.parse(onlineapplication, request); - session.setAttribute(Constants.SESSION_OAUTH20SECRET, this.oauth20OA.getClientSecret()); - - storkOA.parse(onlineapplication); - - Map<String, String> map = new HashMap<String, String>(); - map.putAll(FormBuildUtils.getDefaultMap()); - formOA.parse(onlineapplication, map); - - session.setAttribute(Constants.SESSION_BKUFORMPREVIEW, map); - - List<String> errors = pvp2OA.parse(onlineapplication, request); - - if (errors.size() > 0) { - for (String el : errors) - addActionError(el); - } - - subTargetSet = MiscUtil.isNotEmpty(generalOA.getTarget_subsector()); - - // set UserSpezific OA Parameters - if (!authUser.isAdmin()) generateUserSpecificConfigurationOptions(userdb); - - ConfigurationDBUtils.closeSession(); - session.setAttribute(Constants.SESSION_OAID, oaid); - - formID = Random.nextRandom(); - session.setAttribute(Constants.SESSION_FORMID, formID); - - newOA = false; - - return Constants.STRUTS_OA_EDIT; } public String newOA() { @@ -177,14 +133,19 @@ public class EditOAAction extends BasicAction { try { populateBasicInformations(); + populateBasicNewOnlineApplicationInformation(); + + // prepare attribute helper list + ArrayList<AttributeHelper> attributes = new ArrayList<AttributeHelper>(); + for(StorkAttribute current : ConfigurationDBRead.getMOAIDConfiguration().getAuthComponentGeneral().getForeignIdentities().getSTORK().getAttributes()) + attributes.add(new AttributeHelper(current)); + getStorkOA().setHelperAttributes(attributes); + } catch (BasicActionException e) { return Constants.STRUTS_ERROR; } - - session.setAttribute(Constants.SESSION_OAID, null); - nextPage = Constants.STRUTS_RETURNAREA_VALUES.main.name(); - + UserDatabase userdb = ConfigurationDBRead.getUserWithID(authUser.getUserID()); if (!authUser.isAdmin() && userdb.isIsMailAddressVerified() != null && !userdb.isIsMailAddressVerified()) { @@ -193,183 +154,45 @@ public class EditOAAction extends BasicAction { return Constants.STRUTS_SUCCESS; } - MOAIDConfiguration moaidconfig = ConfigurationDBRead.getMOAIDConfiguration(); - if (moaidconfig != null) { - DefaultBKUs defaultbkus = moaidconfig.getDefaultBKUs(); - if (defaultbkus != null) { - generalOA.setBkuHandyURL(defaultbkus.getHandyBKU()); - generalOA.setBkuLocalURL(defaultbkus.getLocalBKU()); - generalOA.setBkuOnlineURL(defaultbkus.getOnlineBKU()); - } - } - - // set UserSpezific OA Parameters - if (!authUser.isAdmin()) generateUserSpecificConfigurationOptions(userdb); - ConfigurationDBUtils.closeSession(); - - //VIDP attribute provider configuration - storkOA = new OASTORKConfig(); - storkOA.getAttributeProviderPlugins().add(new AttributeProviderPlugin()); + session.setAttribute(Constants.SESSION_OAUTH20SECRET, ((OAOAuth20Config)formList.get(new OAOAuth20Config().getName())).getClientSecret()); + nextPage = Constants.STRUTS_RETURNAREA_VALUES.main.name(); - newOA = true; - formID = Random.nextRandom(); - session.setAttribute(Constants.SESSION_FORMID, formID); - - session.setAttribute(Constants.SESSION_BKUFORMPREVIEW, null); - - this.oauth20OA.generateClientSecret(); - session.setAttribute(Constants.SESSION_OAUTH20SECRET, this.oauth20OA.getClientSecret()); - return Constants.STRUTS_OA_EDIT; } public String saveOA() { + + OnlineApplication onlineapplication= null; + try { populateBasicInformations(); + onlineapplication = preProcessSaveOnlineApplication(); + } catch (BasicActionException e) { return Constants.STRUTS_ERROR; + } catch (BasicOAActionException e) { + addActionError(e.getStrutsError()); + return e.getStrutsReturnValue(); + } - Object formidobj = session.getAttribute(Constants.SESSION_FORMID); - if (formidobj != null && formidobj instanceof String) { - String formid = (String) formidobj; - if (!formid.equals(formID)) { - log.warn("FormIDs does not match. Some suspect Form is received from user " + authUser.getFamilyName() - + authUser.getGivenName() + authUser.getUserID()); - return Constants.STRUTS_ERROR; - } - } else { - log.warn("FormIDs does not match. Some suspect Form is received from user " + authUser.getFamilyName() - + authUser.getGivenName() + authUser.getUserID()); - return Constants.STRUTS_ERROR; - } - session.setAttribute(Constants.SESSION_FORMID, null); - - UserDatabase userdb = ConfigurationDBRead.getUserWithID(authUser.getUserID()); - if (!authUser.isAdmin() && userdb.isIsMailAddressVerified() != null && !userdb.isIsMailAddressVerified()) { - log.info("Online-Applikation managemant disabled. Mail address is not verified."); - addActionError(LanguageHelper.getErrorString("error.editoa.mailverification", request)); - return Constants.STRUTS_SUCCESS; - } - - OnlineApplication onlineapplication = null; List<String> errors = new ArrayList<String>(); - - Object oadbid = request.getSession().getAttribute(Constants.SESSION_OAID); - Long oaid = (long) -1; - - if (oadbid != null) { - try { - oaid = (Long) oadbid; - if (oaid < 0 || oaid > Long.MAX_VALUE) { - addActionError(LanguageHelper.getErrorString("errors.edit.oa.oaid", request)); - return Constants.STRUTS_ERROR; - } - - } catch (Throwable t) { - addActionError(LanguageHelper.getErrorString("errors.edit.oa.oaid", request)); - return Constants.STRUTS_ERROR; - } - } - - // valid DBID and check entry - String oaidentifier = generalOA.getIdentifier(); - if (MiscUtil.isEmpty(oaidentifier)) { - log.info("Empty OA identifier"); - errors.add(LanguageHelper.getErrorString("validation.general.oaidentifier.empty", request)); - - } else { - - if (!ValidationHelper.validateURL(oaidentifier)) { - log.warn("OnlineapplikationIdentifier is not a valid URL: " + oaidentifier); - errors.add(LanguageHelper.getErrorString("validation.general.oaidentifier.valid", - new Object[]{ValidationHelper.getNotValidOAIdentifierCharacters()}, request)); - } else { - - if (oaid == -1) { - onlineapplication = ConfigurationDBRead.getOnlineApplication(oaidentifier); - newOA = true; - if (onlineapplication != null) { - log.info("The OAIdentifier is not unique"); - errors.add(LanguageHelper.getErrorString("validation.general.oaidentifier.notunique", request)); - } - - } else { - onlineapplication = ConfigurationDBRead.getOnlineApplication(oaid); - if (!oaidentifier.equals(onlineapplication.getPublicURLPrefix())) { - - if (ConfigurationDBRead.getOnlineApplication(oaidentifier) != null) { - log.info("The OAIdentifier is not unique"); - errors.add(LanguageHelper.getErrorString("validation.general.oaidentifier.notunique", request)); - } - } - } - } - } - - // set UserSpezific OA Parameters - if (!authUser.isAdmin()) generateUserSpecificConfigurationOptions(userdb); - - // check form - OAGeneralConfigValidation validatior_general = new OAGeneralConfigValidation(); - OAPVP2ConfigValidation validatior_pvp2 = new OAPVP2ConfigValidation(); - OASAML1ConfigValidation validatior_saml1 = new OASAML1ConfigValidation(); - OASSOConfigValidation validatior_sso = new OASSOConfigValidation(); - OASTORKConfigValidation validator_stork = new OASTORKConfigValidation(); - FormularCustomizationValitator validator_form = new FormularCustomizationValitator(); - OAOAUTH20ConfigValidation validatior_oauth20 = new OAOAUTH20ConfigValidation(); - OAFileUploadValidation valiator_fileUpload = new OAFileUploadValidation(); - - errors.addAll(validatior_general.validate(generalOA, authUser.isAdmin(), request)); - errors.addAll(validatior_pvp2.validate(pvp2OA, request)); - errors.addAll(validatior_saml1.validate(saml1OA, generalOA, request)); - errors.addAll(validatior_sso.validate(ssoOA, authUser.isAdmin(), request)); - errors.addAll(validator_stork.validate(storkOA, request)); - errors.addAll(validator_form.validate(formOA, request)); - errors.addAll(validatior_oauth20.validate(oauth20OA, request)); - - //validate BKU-selection template - List<String> templateError = valiator_fileUpload.validate(generalOA.getBkuSelectionFileUploadFileName() - , generalOA.getBkuSelectionFileUpload(), "validation.general.bkuselection", bkuSelectionForm, request); - if (templateError != null && templateError.size() == 0) { - if (bkuSelectionForm != null && bkuSelectionForm.size() > 0) - session.setAttribute(Constants.SESSION_BKUSELECTIONTEMPLATE, bkuSelectionForm); - - else - bkuSelectionForm = (Map<String, byte[]>) session.getAttribute(Constants.SESSION_BKUSELECTIONTEMPLATE); - - } else { - errors.addAll(templateError); - - } - - //validate send-assertion template - templateError = valiator_fileUpload.validate(generalOA.getSendAssertionFileUploadFileName() - , generalOA.getSendAssertionFileUpload(), "validation.general.sendassertion", sendAssertionForm, request); - if (templateError != null && templateError.size() == 0) { - if (sendAssertionForm != null && sendAssertionForm.size() > 0) - session.setAttribute(Constants.SESSION_SENDASSERTIONTEMPLATE, sendAssertionForm); - - else - sendAssertionForm = (Map<String, byte[]>) session.getAttribute(Constants.SESSION_SENDASSERTIONTEMPLATE); - - } else { - errors.addAll(templateError); - - } - + + //validate forms + for (IOnlineApplicationData form : formList.values()) + errors.addAll(form.validate(getGeneralOA(), authUser, request)); // Do not allow SSO in combination with special BKUSelection features - if (ssoOA.isUseSSO() && (formOA.isOnlyMandateAllowed() || !formOA.isShowMandateLoginButton())) { + if (getSsoOA().isUseSSO() && (getFormOA().isOnlyMandateAllowed() || !getFormOA().isShowMandateLoginButton())) { log.warn("Special BKUSelection features can not be used in combination with SSO"); errors.add(LanguageHelper.getErrorString("validation.general.bkuselection.specialfeatures.valid", request)); } if (errors.size() > 0) { - log.info("OAConfiguration with ID " + generalOA.getIdentifier() + " has some errors."); + log.info("OAConfiguration with ID " + getGeneralOA().getIdentifier() + " has some errors."); for (String el : errors) addActionError(el); @@ -378,80 +201,14 @@ public class EditOAAction extends BasicAction { return Constants.STRUTS_ERROR_VALIDATION; } else { - - boolean newentry = false; - - if (onlineapplication == null) { - onlineapplication = new OnlineApplication(); - newentry = true; - onlineapplication.setIsActive(false); - - if (!authUser.isAdmin()) { - onlineapplication.setIsAdminRequired(true); - - } else - isMetaDataRefreshRequired = true; - - } else { - if (!authUser.isAdmin() && !onlineapplication.getPublicURLPrefix().equals(generalOA.getIdentifier())) { - - onlineapplication.setIsAdminRequired(true); - onlineapplication.setIsActive(false); - log.info("User with ID " + authUser.getUserID() + " change OA-PublicURLPrefix. Reaktivation is required."); - } - - } - - if ((onlineapplication.isIsAdminRequired() == null) - || (authUser.isAdmin() && generalOA.isActive() && onlineapplication.isIsAdminRequired())) { - - onlineapplication.setIsAdminRequired(false); - isMetaDataRefreshRequired = true; - - if (onlineapplication.getHjid() != null) - userdb = ConfigurationDBRead.getUsersWithOADBID(onlineapplication.getHjid()); - - if (userdb != null && !userdb.isIsAdmin()) { - try { - MailHelper.sendUserOnlineApplicationActivationMail(userdb.getGivenname(), userdb.getFamilyname(), - userdb.getInstitut(), onlineapplication.getPublicURLPrefix(), userdb.getMail()); - } catch (ConfigurationException e) { - log.warn("Sending Mail to User " + userdb.getMail() + " failed", e); - } - } - } - - //save OA configuration - String error = saveOAConfigToDatabase(onlineapplication, newentry); - if (MiscUtil.isNotEmpty(error)) { - log.warn("OA configuration can not be stored!"); - addActionError(error); - - formID = Random.nextRandom(); - session.setAttribute(Constants.SESSION_FORMID, formID); - return Constants.STRUTS_ERROR_VALIDATION; - } - - //set metadata reload flag if reload is required - if (pvp2OA.getMetaDataURL() != null) { - - try { - if (isMetaDataRefreshRequired - || !pvp2OA.getMetaDataURL().equals(onlineapplication.getAuthComponentOA().getOAPVP2().getMetadataURL()) - || pvp2OA.getFileUpload() != null - || pvp2OA.isReLoad()) { - - log.debug("Set PVP2 Metadata refresh flag."); - MOAIDConfiguration moaconfig = ConfigurationDBRead.getMOAIDConfiguration(); - moaconfig.setPvp2RefreshItem(new Date()); - ConfigurationDBUtils.saveOrUpdate(moaconfig); - - } - } catch (Throwable e) { - log.info("Found no MetadataURL in OA-Databaseconfig!", e); - } - - } + try { + onlineapplication = postProcessSaveOnlineApplication(onlineapplication); + + } catch (BasicOAActionException e) { + addActionError(e.getStrutsError()); + return e.getStrutsReturnValue(); + } + } Object nextPageAttr = session.getAttribute(Constants.SESSION_RETURNAREA); @@ -474,7 +231,7 @@ public class EditOAAction extends BasicAction { if (openUsers != null) numusers = openUsers.size(); try { - addActionMessage(LanguageHelper.getGUIString("webpages.oaconfig.success.admin", generalOA.getIdentifier(), request)); + addActionMessage(LanguageHelper.getGUIString("webpages.oaconfig.success.admin", getGeneralOA().getIdentifier(), request)); if (numusers > 0 || numoas > 0) MailHelper.sendAdminMail(numoas, numusers); @@ -483,7 +240,7 @@ public class EditOAAction extends BasicAction { } } else - addActionMessage(LanguageHelper.getGUIString("webpages.oaconfig.success", generalOA.getIdentifier(), request)); + addActionMessage(LanguageHelper.getGUIString("webpages.oaconfig.success", getGeneralOA().getIdentifier(), request)); //remove session attributes session.setAttribute(Constants.SESSION_OAID, null); @@ -514,7 +271,7 @@ public class EditOAAction extends BasicAction { session.setAttribute(Constants.SESSION_OAID, null); - addActionMessage(LanguageHelper.getGUIString("webpages.oaconfig.cancle", generalOA.getIdentifier(), request)); + addActionMessage(LanguageHelper.getGUIString("webpages.oaconfig.cancle", getGeneralOA().getIdentifier(), request)); ConfigurationDBUtils.closeSession(); @@ -522,65 +279,30 @@ public class EditOAAction extends BasicAction { } public String deleteOA() { + String oaidentifier = null; try { populateBasicInformations(); + + Object nextPageAttr = session.getAttribute(Constants.SESSION_RETURNAREA); + if (nextPageAttr != null && nextPageAttr instanceof String) { + nextPage = (String) nextPageAttr; + + } else { + nextPage = Constants.STRUTS_RETURNAREA_VALUES.main.name(); + } + + oaidentifier = preProcessDeleteOnlineApplication(); + } catch (BasicActionException e) { return Constants.STRUTS_ERROR; + } catch (BasicOAActionException e) { + addActionError(e.getStrutsError()); + return e.getStrutsReturnValue(); + } - Object formidobj = session.getAttribute(Constants.SESSION_FORMID); - if (formidobj != null && formidobj instanceof String) { - String formid = (String) formidobj; - if (!formid.equals(formID)) { - log.warn("FormIDs does not match. Some suspect Form is received from user " + authUser.getFamilyName() - + authUser.getGivenName() + authUser.getUserID()); - return Constants.STRUTS_ERROR; - } - } else { - log.warn("FormIDs does not match. Some suspect Form is received from user " + authUser.getFamilyName() - + authUser.getGivenName() + authUser.getUserID()); - return Constants.STRUTS_ERROR; - } - session.setAttribute(Constants.SESSION_FORMID, null); - - Object nextPageAttr = session.getAttribute(Constants.SESSION_RETURNAREA); - if (nextPageAttr != null && nextPageAttr instanceof String) { - nextPage = (String) nextPageAttr; - - } else { - nextPage = Constants.STRUTS_RETURNAREA_VALUES.main.name(); - } - - UserDatabase userdb = ConfigurationDBRead.getUserWithID(authUser.getUserID()); - if (!authUser.isAdmin() && userdb.isIsMailAddressVerified() != null && !userdb.isIsMailAddressVerified()) { - log.info("Online-Applikation managemant disabled. Mail address is not verified."); - addActionError(LanguageHelper.getErrorString("error.editoa.mailverification", request)); - return Constants.STRUTS_SUCCESS; - } - - String oaidentifier = generalOA.getIdentifier(); - if (MiscUtil.isEmpty(oaidentifier)) { - log.info("Empty OA identifier"); - addActionError(LanguageHelper.getErrorString("validation.general.oaidentifier.empty", request)); - - formID = Random.nextRandom(); - session.setAttribute(Constants.SESSION_FORMID, formID); - return Constants.STRUTS_ERROR_VALIDATION; - - } else { - if (ValidationHelper.isValidOAIdentifier(oaidentifier)) { - log.warn("IdentificationNumber contains potentail XSS characters: " + oaidentifier); - addActionError(LanguageHelper.getErrorString("validation.general.oaidentifier.valid", - new Object[]{ValidationHelper.getNotValidOAIdentifierCharacters()}, request)); - - formID = Random.nextRandom(); - session.setAttribute(Constants.SESSION_FORMID, formID); - return Constants.STRUTS_ERROR_VALIDATION; - } - } - OnlineApplication onlineapplication = ConfigurationDBRead.getOnlineApplication(oaidentifier); request.getSession().setAttribute(Constants.SESSION_OAID, null); @@ -620,13 +342,13 @@ public class EditOAAction extends BasicAction { ConfigurationDBUtils.closeSession(); - addActionMessage(LanguageHelper.getGUIString("webpages.oaconfig.delete.message", generalOA.getIdentifier(), request)); + addActionMessage(LanguageHelper.getGUIString("webpages.oaconfig.delete.message", oaidentifier, request)); return Constants.STRUTS_SUCCESS; } else { ConfigurationDBUtils.closeSession(); - addActionError(LanguageHelper.getGUIString("webpages.oaconfig.delete.error", generalOA.getIdentifier(), request)); + addActionError(LanguageHelper.getGUIString("webpages.oaconfig.delete.error", oaidentifier, request)); return Constants.STRUTS_SUCCESS; } @@ -711,467 +433,37 @@ public class EditOAAction extends BasicAction { return Constants.STRUTS_SUCCESS; } - - private String saveOAConfigToDatabase(OnlineApplication dboa, boolean newentry) { - - AuthComponentOA authoa = dboa.getAuthComponentOA(); - if (authoa == null) { - authoa = new AuthComponentOA(); - dboa.setAuthComponentOA(authoa); - } - - if (authUser.isAdmin()) dboa.setIsActive(generalOA.isActive()); - - dboa.setFriendlyName(generalOA.getFriendlyName()); - dboa.setCalculateHPI(generalOA.isCalculateHPI()); - dboa.setRemoveBPKFromAuthBlock(generalOA.isHideBPKAuthBlock()); - - if (authUser.isAdmin()) - dboa.setKeyBoxIdentifier(MOAKeyBoxSelector.fromValue(generalOA.getKeyBoxIdentifier())); - else { - if (newentry) dboa.setKeyBoxIdentifier(MOAKeyBoxSelector.SECURE_SIGNATURE_KEYPAIR); - } - - dboa.setPublicURLPrefix(generalOA.getIdentifier()); - - if (generalOA.isBusinessService() || onlyBusinessService) { - - dboa.setType(Constants.MOA_CONFIG_BUSINESSSERVICE); - - String num = generalOA.getIdentificationNumber().replaceAll(" ", ""); - if (num.startsWith(Constants.IDENIFICATIONTYPE_FN)) { - num = num.substring(Constants.IDENIFICATIONTYPE_FN.length()); - - num = at.gv.egovernment.moa.util.StringUtils.deleteLeadingZeros(num); - - // num = StringUtils.leftPad(num, 7, '0'); - } - - if (num.startsWith(Constants.IDENIFICATIONTYPE_ZVR)) - num = num.substring(Constants.IDENIFICATIONTYPE_ZVR.length()); - - if (num.startsWith(Constants.IDENIFICATIONTYPE_ERSB)) - num = num.substring(Constants.IDENIFICATIONTYPE_ERSB.length()); - - IdentificationNumber idnumber = new IdentificationNumber(); - - if (generalOA.getIdentificationType().equals(Constants.IDENIFICATIONTYPE_STORK)) { - idnumber.setValue(Constants.PREFIX_STORK + "AT" + "+" + num); - idnumber.setType(Constants.BUSINESSSERVICENAMES.get(generalOA.getIdentificationType())); - } else { - idnumber.setValue(Constants.PREFIX_WPBK + generalOA.getIdentificationType() + "+" + num); - idnumber.setType(Constants.BUSINESSSERVICENAMES.get(generalOA.getIdentificationType())); - } - - - authoa.setIdentificationNumber(idnumber); - - } else { - dboa.setType(null); - - if (authUser.isAdmin()) { - if (MiscUtil.isNotEmpty(generalOA.getTarget_admin()) && generalOA.isAdminTarget()) { - dboa.setTarget(generalOA.getTarget_admin()); - dboa.setTargetFriendlyName(generalOA.getTargetFriendlyName()); - - } else { - - String target = generalOA.getTarget(); - - if (MiscUtil.isNotEmpty(generalOA.getTarget_subsector()) && subTargetSet) - dboa.setTarget(target + "-" + generalOA.getTarget_subsector()); - else - dboa.setTarget(target); - - String targetname = TargetValidator.getTargetFriendlyName(target); - if (MiscUtil.isNotEmpty(targetname)) dboa.setTargetFriendlyName(targetname); - - } - - } else { - - if (MiscUtil.isNotEmpty(generalOA.getTarget())) { - - String target = generalOA.getTarget(); - - if (MiscUtil.isNotEmpty(generalOA.getTarget_subsector()) && subTargetSet) - dboa.setTarget(target + "-" + generalOA.getTarget_subsector()); - - else - dboa.setTarget(target); - - String targetname = TargetValidator.getTargetFriendlyName(target); - if (MiscUtil.isNotEmpty(targetname)) dboa.setTargetFriendlyName(targetname); - - } - } - } - - //store BKU-URLs - BKUURLS bkuruls = new BKUURLS(); - authoa.setBKUURLS(bkuruls); - if (authUser.isAdmin()) { - bkuruls.setHandyBKU(generalOA.getBkuHandyURL()); - bkuruls.setLocalBKU(generalOA.getBkuLocalURL()); - bkuruls.setOnlineBKU(generalOA.getBkuOnlineURL()); - } - - TemplatesType templates = authoa.getTemplates(); - if (templates == null) { - templates = new TemplatesType(); - authoa.setTemplates(templates); - } - - //store BKU-selection and send-assertion templates - if (authUser.isAdmin()) { - - if (generalOA.isDeleteBKUTemplate()) - templates.setBKUSelectionTemplate(null); - - if (generalOA.isDeleteSendAssertionTemplate()) - templates.setSendAssertionTemplate(null); - - - if (bkuSelectionForm != null && bkuSelectionForm.size() > 0) { - TransformsInfoType template = new TransformsInfoType(); - - Iterator<String> interator = bkuSelectionForm.keySet().iterator(); - template.setFilename(interator.next()); - template.setTransformation(bkuSelectionForm.get( - template.getFilename())); - - templates.setBKUSelectionTemplate(template); - } - - if (sendAssertionForm != null && sendAssertionForm.size() > 0) { - TransformsInfoType template = new TransformsInfoType(); - - Iterator<String> interator = sendAssertionForm.keySet().iterator(); - template.setFilename(interator.next()); - template.setTransformation(sendAssertionForm.get( - template.getFilename())); - - templates.setSendAssertionTemplate(template); - } - } - - - //store BKU-selection customization - BKUSelectionCustomizationType bkuselectioncustom = templates.getBKUSelectionCustomization(); - if (bkuselectioncustom == null) { - bkuselectioncustom = new BKUSelectionCustomizationType(); - templates.setBKUSelectionCustomization(bkuselectioncustom); - } - - Mandates mandates = new Mandates(); - if (generalOA.isUseMandates()) { - mandates.setProfiles(generalOA.getMandateProfiles()); - - } else { - mandates.setProfiles(new String()); - } - - authoa.setMandates(mandates); - bkuselectioncustom.setMandateLoginButton(MiscUtil.isNotEmpty(generalOA.getMandateProfiles())); - bkuselectioncustom.setOnlyMandateLoginAllowed(formOA.isOnlyMandateAllowed()); - - if (authUser.isAdmin()) { - templates.setAditionalAuthBlockText(generalOA.getAditionalAuthBlockText()); - - List<TemplateType> template = templates.getTemplate(); - if (generalOA.isLegacy()) { - - if (template == null) - template = new ArrayList<TemplateType>(); - else - template.clear(); - - if (MiscUtil.isNotEmpty(generalOA.getSLTemplateURL1())) { - TemplateType el = new TemplateType(); - el.setURL(generalOA.getSLTemplateURL1()); - template.add(el); - } else - template.add(new TemplateType()); - if (MiscUtil.isNotEmpty(generalOA.getSLTemplateURL2())) { - TemplateType el = new TemplateType(); - el.setURL(generalOA.getSLTemplateURL2()); - template.add(el); - } else - template.add(new TemplateType()); - if (MiscUtil.isNotEmpty(generalOA.getSLTemplateURL3())) { - TemplateType el = new TemplateType(); - el.setURL(generalOA.getSLTemplateURL3()); - template.add(el); - } else - template.add(new TemplateType()); - - } else { - if (template != null && template.size() > 0) template.clear(); - } - - bkuselectioncustom.setBackGroundColor(parseColor(formOA.getBackGroundColor())); - bkuselectioncustom.setFrontColor(parseColor(formOA.getFrontColor())); - - bkuselectioncustom.setHeaderBackGroundColor(parseColor(formOA.getHeader_BackGroundColor())); - bkuselectioncustom.setHeaderFrontColor(parseColor(formOA.getHeader_FrontColor())); - bkuselectioncustom.setHeaderText(formOA.getHeader_text()); - - bkuselectioncustom.setButtonBackGroundColor(parseColor(formOA.getButton_BackGroundColor())); - bkuselectioncustom.setButtonBackGroundColorFocus(parseColor(formOA.getButton_BackGroundColorFocus())); - bkuselectioncustom.setButtonFontColor(parseColor(formOA.getButton_FrontColor())); - - if (MiscUtil.isNotEmpty(formOA.getAppletRedirectTarget())) - bkuselectioncustom.setAppletRedirectTarget(formOA.getAppletRedirectTarget()); - - bkuselectioncustom.setFontType(formOA.getFontType()); - - bkuselectioncustom.setAppletHeight(formOA.getApplet_height()); - bkuselectioncustom.setAppletWidth(formOA.getApplet_width()); - - } - - // set default transformation if it is empty - List<TransformsInfoType> transformsInfo = authoa.getTransformsInfo(); - if (transformsInfo == null) { - // TODO: set OA specific transformation if it is required - - } - - OAPVP2 pvp2 = authoa.getOAPVP2(); - if (pvp2 == null) { - pvp2 = new OAPVP2(); - authoa.setOAPVP2(pvp2); - } - - pvp2.setMetadataURL(pvp2OA.getMetaDataURL()); - try { - - if (pvp2OA.getFileUpload() != null) pvp2.setCertificate(pvp2OA.getCertificate()); - - } catch (CertificateException e) { - log.info("Uploaded Certificate can not be found", e); - return LanguageHelper.getErrorString("validation.pvp2.certificate.notfound", request); - } catch (IOException e) { - log.info("Uploaded Certificate can not be parsed", e); - return LanguageHelper.getErrorString("validation.pvp2.certificate.format", request); - } - - OASAML1 saml1 = authoa.getOASAML1(); - if (saml1 == null) { - saml1 = new OASAML1(); - authoa.setOASAML1(saml1); - saml1.setIsActive(false); - } - - if (authUser.isAdmin()) { - saml1.setIsActive(saml1OA.isActive()); - } - - if (saml1.isIsActive() != null && saml1.isIsActive()) { - saml1.setProvideAUTHBlock(saml1OA.isProvideAuthBlock()); - saml1.setProvideCertificate(saml1OA.isProvideCertificate()); - saml1.setProvideFullMandatorData(saml1OA.isProvideFullMandateData()); - saml1.setProvideIdentityLink(saml1OA.isProvideIdentityLink()); - saml1.setProvideStammzahl(saml1OA.isProvideStammZahl()); - saml1.setUseCondition(saml1OA.isUseCondition()); - saml1.setConditionLength(BigInteger.valueOf(saml1OA.getConditionLength())); - // TODO: set sourceID - // saml1.setSourceID(""); - } - - OASSO sso = authoa.getOASSO(); - if (sso == null) { - sso = new OASSO(); - authoa.setOASSO(sso); - sso.setAuthDataFrame(true); - } - sso.setUseSSO(ssoOA.isUseSSO()); - - if (authUser.isAdmin()) sso.setAuthDataFrame(ssoOA.isShowAuthDataFrame()); - - sso.setSingleLogOutURL(ssoOA.getSingleLogOutURL()); - - if (oauth20OA != null) { - log.debug("Saving OAuth 2.0 configuration:"); - OAOAUTH20 oaOAuth20 = authoa.getOAOAUTH20(); - if (oaOAuth20 == null) { - oaOAuth20 = new OAOAUTH20(); - authoa.setOAOAUTH20(oaOAuth20); - } - - oaOAuth20.setOAuthClientId(generalOA.getIdentifier()); - // oaOAuth20.setOAuthClientSecret(oauth20OA.getClientSecret()); - oaOAuth20.setOAuthRedirectUri(oauth20OA.getRedirectUri()); - log.debug("client id: " + oauth20OA.getClientId()); - log.debug("client secret: " + oauth20OA.getClientSecret()); - log.debug("redirect uri:" + oauth20OA.getRedirectUri()); - - oaOAuth20.setOAuthClientSecret((String) request.getSession().getAttribute(Constants.SESSION_OAUTH20SECRET)); - request.getSession().setAttribute(Constants.SESSION_OAUTH20SECRET, null); - - } - - - // fetch stork configuration from database model - OASTORK stork = authoa.getOASTORK(); - if (stork == null) { - // if there is none, create a new one with default values. - stork = new OASTORK(); - authoa.setOASTORK(stork); - stork.setStorkLogonEnabled(false); - } - // transfer the incoming data to the database model - stork.setStorkLogonEnabled(storkOA.isStorkLogonEnabled()); - stork.setQaa(storkOA.getQaa()); - stork.setOAAttributes(storkOA.getAttributes()); - stork.setVidpEnabled(storkOA.isVidpEnabled()); - stork.setRequireConsent(storkOA.isRequireConsent()); - stork.setAttributeProviders(storkOA.getAttributeProviderPlugins()); - stork.setCPEPS(storkOA.getEnabledCPEPS()); - - try { - if (newentry) { - ConfigurationDBUtils.save(dboa); - - if (!authUser.isAdmin()) { - UserDatabase user = ConfigurationDBRead.getUserWithID(authUser.getUserID()); - - List<OnlineApplication> useroas = user.getOnlineApplication(); - if (useroas == null) useroas = new ArrayList<OnlineApplication>(); - - useroas.add(dboa); - ConfigurationDBUtils.saveOrUpdate(user); - } - } else - ConfigurationDBUtils.saveOrUpdate(dboa); - - } catch (MOADatabaseException e) { - log.warn("Online-Application can not be stored.", e); - return LanguageHelper.getErrorString("error.db.oa.store", request); - } - - return null; - } - - private String parseColor(String color) { - String value = ""; - - if (MiscUtil.isNotEmpty(color)) { - if (!color.startsWith("#")) - value = "#" + color; - else - value = color; - } - return value; - } - - private void generateUserSpecificConfigurationOptions(UserDatabase userdb) { - - if (userdb.isIsMandateUser() != null && userdb.isIsMandateUser()) { - String bpk = userdb.getBpk(); - if (bpk.startsWith(Constants.IDENIFICATIONTYPE_BASEID_FN) || bpk.startsWith(Constants.IDENIFICATIONTYPE_BASEID_ZVR) || bpk.startsWith(Constants.IDENIFICATIONTYPE_STORK)) { - onlyBusinessService = true; - generalOA.setBusinessService(true); - } - - deaktivededBusinessService = true; - - String[] split = bpk.split("\\+"); - generalOA.setIdentificationType(split[1].substring(1)); - - if (bpk.startsWith(Constants.IDENIFICATIONTYPE_BASEID_FN)) - generalOA.setIdentificationNumber(at.gv.egovernment.moa.util.StringUtils.deleteLeadingZeros(split[2])); - else - generalOA.setIdentificationNumber(split[2]); - - } - - } - - public String setGeneralOAConfig() { - - return Constants.STRUTS_SUCCESS; - } - - public String setSAML1OAConfig() { - - return Constants.STRUTS_SUCCESS; + + public OAAuthenticationData getAuthOA() { + return (OAAuthenticationData) formList.get(new OAAuthenticationData().getName()); } - public String setPVP2OAConfig() { - - return Constants.STRUTS_SUCCESS; - } - - public String setSSOOAConfig() { - - return Constants.STRUTS_SUCCESS; - } - - public String setSTORKOAConfig() { - - return Constants.STRUTS_SUCCESS; - } - - public OAGeneralConfig getGeneralOA() { - return generalOA; - } - - public void setGeneralOA(OAGeneralConfig generalOA) { - this.generalOA = generalOA; - } - - public OAPVP2Config getPvp2OA() { - return pvp2OA; - } - - public void setPvp2OA(OAPVP2Config pvp2oa) { - pvp2OA = pvp2oa; + public void setAuthOA(OAAuthenticationData generalOA) { + formList.put(generalOA.getName(), generalOA); } public OASAML1Config getSaml1OA() { - return saml1OA; + return (OASAML1Config) formList.get(new OASAML1Config().getName()); } public void setSaml1OA(OASAML1Config saml1oa) { - saml1OA = saml1oa; + formList.put(saml1oa.getName(), saml1oa); } public OASSOConfig getSsoOA() { - return ssoOA; + return (OASSOConfig) formList.get(new OASSOConfig().getName()); } public void setSsoOA(OASSOConfig ssoOA) { - this.ssoOA = ssoOA; + formList.put(ssoOA.getName(), ssoOA); } public OASTORKConfig getStorkOA() { - return storkOA; + return (OASTORKConfig) formList.get(new OASTORKConfig().getName()); } public void setStorkOA(OASTORKConfig storkOA) { - this.storkOA = storkOA; - } - - /** - * @param oaidobj the oaidobj to set - */ - public void setOaidobj(String oaidobj) { - this.oaidobj = oaidobj; - } - - /** - * @return the newOA - */ - public boolean isNewOA() { - return newOA; - } - - /** - * @param newOA the newOA to set - */ - public void setNewOA(boolean newOA) { - this.newOA = newOA; + formList.put(storkOA.getName(), storkOA); } /** @@ -1182,75 +474,17 @@ public class EditOAAction extends BasicAction { } /** - * @return the formID - */ - public String getFormID() { - return formID; - } - - /** - * @param formID the formID to set - */ - public void setFormID(String formID) { - this.formID = formID; - } - - /** - * @return the onlyBusinessService - */ - public boolean isOnlyBusinessService() { - return onlyBusinessService; - } - - /** - * @param onlyBusinessService the onlyBusinessService to set - */ - public void setOnlyBusinessService(boolean onlyBusinessService) { - this.onlyBusinessService = onlyBusinessService; - } - - - /** - * @return the subTargetSet - */ - public boolean isSubTargetSet() { - return subTargetSet; - } - - /** - * @param subTargetSet the subTargetSet to set - */ - public void setSubTargetSet(boolean subTargetSet) { - this.subTargetSet = subTargetSet; - } - - /** - * @return the deaktivededBusinessService - */ - public boolean isDeaktivededBusinessService() { - return deaktivededBusinessService; - } - - - /** - * @param deaktivededBusinessService the deaktivededBusinessService to set - */ - public void setDeaktivededBusinessService(boolean deaktivededBusinessService) { - this.deaktivededBusinessService = deaktivededBusinessService; - } - - /** * @return the formOA */ public FormularCustomization getFormOA() { - return formOA; + return (FormularCustomization) formList.get(new FormularCustomization(null).getName()); } /** * @param formOA the formOA to set */ public void setFormOA(FormularCustomization formOA) { - this.formOA = formOA; + formList.put(formOA.getName(), formOA); } /** @@ -1261,11 +495,25 @@ public class EditOAAction extends BasicAction { } public OAOAuth20Config getOauth20OA() { - return oauth20OA; + return (OAOAuth20Config) formList.get(new OAOAuth20Config().getName()); } public void setOauth20OA(OAOAuth20Config oauth20OA) { - this.oauth20OA = oauth20OA; + formList.put(oauth20OA.getName(), oauth20OA); + } + + /** + * @return the formOA + */ + public OATargetConfiguration getTargetConfig() { + return (OATargetConfiguration) formList.get(new OATargetConfiguration().getName()); + } + + /** + * @param formOA the formOA to set + */ + public void setTargetConfig(OATargetConfiguration formOA) { + formList.put(formOA.getName(), formOA); } } diff --git a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/struts/action/IndexAction.java b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/struts/action/IndexAction.java index d04592aa3..e019b70bb 100644 --- a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/struts/action/IndexAction.java +++ b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/struts/action/IndexAction.java @@ -77,13 +77,12 @@ import org.opensaml.xml.security.x509.X509Credential; import org.opensaml.xml.signature.Signature; import org.opensaml.xml.signature.impl.ExplicitKeySignatureTrustEngine; -import com.opensymphony.xwork2.ActionSupport; - import at.gv.egovernment.moa.id.commons.db.ConfigurationDBRead; import at.gv.egovernment.moa.id.commons.db.ConfigurationDBUtils; import at.gv.egovernment.moa.id.commons.db.dao.config.OnlineApplication; import at.gv.egovernment.moa.id.commons.db.dao.config.UserDatabase; import at.gv.egovernment.moa.id.commons.db.ex.MOADatabaseException; +import at.gv.egovernment.moa.id.commons.validation.ValidationHelper; import at.gv.egovernment.moa.id.configuration.Constants; import at.gv.egovernment.moa.id.configuration.auth.AuthenticatedUser; import at.gv.egovernment.moa.id.configuration.config.ConfigurationProvider; @@ -94,7 +93,6 @@ import at.gv.egovernment.moa.id.configuration.helper.AuthenticationHelper; import at.gv.egovernment.moa.id.configuration.helper.DateTimeHelper; import at.gv.egovernment.moa.id.configuration.helper.LanguageHelper; import at.gv.egovernment.moa.id.configuration.helper.MailHelper; -import at.gv.egovernment.moa.id.configuration.validation.ValidationHelper; import at.gv.egovernment.moa.id.protocols.pvp2x.PVPConstants; import at.gv.egovernment.moa.id.util.Random; import at.gv.egovernment.moa.util.MiscUtil; @@ -215,14 +213,8 @@ public class IndexAction extends BasicAction { if (dbuser.isIsMandateUser() != null) ismandateuser = dbuser.isIsMandateUser(); - AuthenticatedUser authuser = new AuthenticatedUser( - dbuser.getHjid(), - dbuser.getGivenname(), - dbuser.getFamilyname(), - dbuser.getInstitut(), - dbuser.getUsername(), + AuthenticatedUser authuser = new AuthenticatedUser(dbuser, true, - dbuser.isIsAdmin(), ismandateuser, false); @@ -424,16 +416,7 @@ public class IndexAction extends BasicAction { user.setIsusernamepasswordallowed(false); user.setIsmandateuser(false); user.setPVPGenerated(true); - - authUser = new AuthenticatedUser(); - authUser.setAdmin(false); - authUser.setAuthenticated(false); - authUser.setLastLogin(null); - authUser.setUserID(-1); - authUser.setUserName(null); - authUser.setPVP2Login(true); - authUser.setMandateUser(false); - + //loop through the nodes to get what we want List<AttributeStatement> attributeStatements = saml2assertion.getAttributeStatements(); for (int i = 0; i < attributeStatements.size(); i++) @@ -445,26 +428,24 @@ public class IndexAction extends BasicAction { if (strAttributeName.equals(PVPConstants.PRINCIPAL_NAME_NAME)) { user.setFamilyName(attributes.get(x).getAttributeValues().get(0).getDOM().getTextContent()); - authUser.setFamilyName(user.getFamilyName()); } if (strAttributeName.equals(PVPConstants.GIVEN_NAME_NAME)) { user.setGivenName(attributes.get(x).getAttributeValues().get(0).getDOM().getTextContent()); - authUser.setGivenName(user.getGivenName()); } if (strAttributeName.equals(PVPConstants.MANDATE_TYPE_NAME)) { - authUser.setMandateUser(true); user.setIsmandateuser(true); } if (strAttributeName.equals(PVPConstants.MANDATE_LEG_PER_FULL_NAME_NAME)) { user.setInstitut(attributes.get(x).getAttributeValues().get(0).getDOM().getTextContent()); - authUser.setInstitute(user.getInstitut()); } } } + authUser = AuthenticatedUser.generateUserRequestUser(user); + //set Random value formID = Random.nextRandom(); session.setAttribute(Constants.SESSION_FORMID, formID); @@ -484,14 +465,8 @@ public class IndexAction extends BasicAction { session.setAttribute(Constants.SESSION_FORMID, formID); user = new UserDatabaseFrom(dbuser); - authUser = new AuthenticatedUser( - dbuser.getHjid(), - dbuser.getGivenname(), - dbuser.getFamilyname(), - dbuser.getInstitut(), - dbuser.getUsername(), + authUser = new AuthenticatedUser(dbuser, false, - false, dbuser.isIsMandateUser(), true); session.setAttribute(Constants.SESSION_FORM, user); @@ -511,14 +486,7 @@ public class IndexAction extends BasicAction { if (dbuser.isIsMandateUser() != null) ismandateuser = dbuser.isIsMandateUser(); - authUser = new AuthenticatedUser( - dbuser.getHjid(), - dbuser.getGivenname(), - dbuser.getFamilyname(), - dbuser.getInstitut(), - dbuser.getUsername(), - true, - dbuser.isIsAdmin(), + authUser = new AuthenticatedUser(dbuser, true, ismandateuser, true); diff --git a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/struts/action/InterfederationIDPAction.java b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/struts/action/InterfederationIDPAction.java new file mode 100644 index 000000000..215fd9a17 --- /dev/null +++ b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/struts/action/InterfederationIDPAction.java @@ -0,0 +1,455 @@ +/* + * Copyright 2014 Federal Chancellery Austria + * MOA-ID has been developed in a cooperation between BRZ, the Federal + * Chancellery Austria - ICT staff unit, and Graz University of Technology. + * + * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by + * the European Commission - subsequent versions of the EUPL (the "Licence"); + * You may not use this work except in compliance with the Licence. + * You may obtain a copy of the Licence at: + * http://www.osor.eu/eupl/ + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the Licence is distributed on an "AS IS" basis, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the Licence for the specific language governing permissions and + * limitations under the Licence. + * + * This product combines work with different licenses. See the "NOTICE" text + * file for details on the various modules and licenses. + * The "NOTICE" text file is part of the distribution. Any derivative works + * that you distribute must include a readable copy of the "NOTICE" text file. + */ +package at.gv.egovernment.moa.id.configuration.struts.action; + +import java.util.ArrayList; +import java.util.Date; +import java.util.List; + +import org.apache.log4j.Logger; + +import at.gv.egovernment.moa.id.commons.db.ConfigurationDBRead; +import at.gv.egovernment.moa.id.commons.db.ConfigurationDBUtils; +import at.gv.egovernment.moa.id.commons.db.dao.config.AttributeProviderPlugin; +import at.gv.egovernment.moa.id.commons.db.dao.config.IdentificationNumber; +import at.gv.egovernment.moa.id.commons.db.dao.config.MOAIDConfiguration; +import at.gv.egovernment.moa.id.commons.db.dao.config.OnlineApplication; +import at.gv.egovernment.moa.id.commons.db.dao.config.UserDatabase; +import at.gv.egovernment.moa.id.commons.validation.ValidationHelper; +import at.gv.egovernment.moa.id.configuration.Constants; +import at.gv.egovernment.moa.id.configuration.data.FormularCustomization; +import at.gv.egovernment.moa.id.configuration.data.OAListElement; +import at.gv.egovernment.moa.id.configuration.data.oa.IOnlineApplicationData; +import at.gv.egovernment.moa.id.configuration.data.oa.OAAuthenticationData; +import at.gv.egovernment.moa.id.configuration.data.oa.OAMOAIDPInterfederationConfig; +import at.gv.egovernment.moa.id.configuration.data.oa.OAOAuth20Config; +import at.gv.egovernment.moa.id.configuration.data.oa.OASTORKConfig; +import at.gv.egovernment.moa.id.configuration.data.oa.OATargetConfiguration; +import at.gv.egovernment.moa.id.configuration.exception.BasicActionException; +import at.gv.egovernment.moa.id.configuration.exception.BasicOAActionException; +import at.gv.egovernment.moa.id.configuration.helper.FormDataHelper; +import at.gv.egovernment.moa.id.configuration.helper.LanguageHelper; +import at.gv.egovernment.moa.id.util.Random; +import at.gv.egovernment.moa.util.MiscUtil; + +/** + * @author tlenz + * + */ +public class InterfederationIDPAction extends BasicOAAction { + private static final Logger log = Logger.getLogger(InterfederationIDPAction.class); + private static final long serialVersionUID = 2879192135387083131L; + + public static final String STRUTS_IDP_VIDP = "-VIDP"; + public static final String STRUTS_IDP_MOA = "-MOAIDP"; + + private List<OAListElement> formOAs; + + private String interfederationType; + + public InterfederationIDPAction() { + super(); + + } + + public String listAllIDPs() { + try { + populateBasicInformations(); + + if (authUser.isAdmin()) { + List<OnlineApplication> dbOAs = ConfigurationDBRead.getAllOnlineApplications(); + + if (dbOAs == null || dbOAs.size() == 0) { + addActionError(LanguageHelper.getErrorString("errors.listOAs.noOA", request)); + + } else { + formOAs = FormDataHelper.populateFormWithInderfederationIDPs(dbOAs); + } + + session.setAttribute(Constants.SESSION_RETURNAREA, + Constants.STRUTS_RETURNAREA_VALUES.main.name()); + + ConfigurationDBUtils.closeSession(); + + return Constants.STRUTS_SUCCESS; + + } else { + log.warn("User with ID " + authUser.getUserID() + " not allowed to manage interfederation IDPs."); + addActionError(LanguageHelper.getErrorString("errors.notallowed", request)); + return Constants.STRUTS_NOTALLOWED; + } + + } catch (BasicActionException e) { + return Constants.STRUTS_ERROR; + + } + } + + public String newIDP() { + log.debug("insert new interfederation IDP"); + + try { + populateBasicInformations(); + + if (!authUser.isAdmin()) { + log.warn("User with ID " + authUser.getUserID() + " not allowed to manage interfederation IDPs."); + addActionError(LanguageHelper.getErrorString("errors.notallowed", request)); + return Constants.STRUTS_NOTALLOWED; + } + + if (STRUTS_IDP_MOA.equals(interfederationType)) { + formList.putAll(MOAIDPAction.buildMOAIDPFormList()); + + } else if (STRUTS_IDP_VIDP.equals(interfederationType)) { + formList.putAll(VIDPAction.buildVIDPFormList()); + getStorkOA().setVidpEnabled(true); + getStorkOA().getAttributeProviderPlugins().add(new AttributeProviderPlugin()); + + } else { + log.warn("Unkown interfederation IDP type"); + addActionError("Unkown interfederation IDP type"); + return Constants.STRUTS_ERROR; + } + + populateBasicNewOnlineApplicationInformation(); + + } catch (BasicActionException e) { + return Constants.STRUTS_ERROR; + + } + + return Constants.STRUTS_OA_EDIT + interfederationType; + + } + + public String loadIDPInformation() { + try { + populateBasicInformations(); + + if (!authUser.isAdmin()) { + log.warn("User with ID " + authUser.getUserID() + " not allowed to manage interfederation IDPs."); + addActionError(LanguageHelper.getErrorString("errors.notallowed", request)); + return Constants.STRUTS_NOTALLOWED; + } + + OnlineApplication oa = populateOnlineApplicationFromRequest(); + + if (oa.isIsInterfederationIDP() != null + && oa.isIsInterfederationIDP()) { + + formList.putAll(MOAIDPAction.buildMOAIDPFormList()); + interfederationType = STRUTS_IDP_MOA; + + } else if (oa.getAuthComponentOA().getOASTORK() != null + && oa.getAuthComponentOA().getOASTORK().isVidpEnabled() != null + && oa.getAuthComponentOA().getOASTORK().isVidpEnabled()) { + + formList.putAll(VIDPAction.buildVIDPFormList()); + if (getStorkOA().getAttributeProviderPlugins() == null || + getStorkOA().getAttributeProviderPlugins().size() == 0) + getStorkOA().getAttributeProviderPlugins().add(new AttributeProviderPlugin()); + interfederationType = STRUTS_IDP_VIDP; + + } else { + log.warn("Requested application is not an interfederation IDP."); + return Constants.STRUTS_NOTALLOWED; + } + + parseOAToForm(oa); + return Constants.STRUTS_SUCCESS + interfederationType; + + + } catch (BasicActionException e) { + return Constants.STRUTS_ERROR; + + } catch (BasicOAActionException e) { + addActionError(e.getStrutsError()); + return e.getStrutsReturnValue(); + + } + } + + public String saveIDP() { + + OnlineApplication onlineapplication= null; + + try { + populateBasicInformations(); + + if (!authUser.isAdmin()) { + log.warn("User with ID " + authUser.getUserID() + " not allowed to manage interfederation IDPs."); + addActionError(LanguageHelper.getErrorString("errors.notallowed", request)); + return Constants.STRUTS_NOTALLOWED; + } + + onlineapplication = preProcessSaveOnlineApplication(); + + if ( onlineapplication != null && + !((onlineapplication.isIsInterfederationIDP() != null && onlineapplication.isIsInterfederationIDP()) || + (onlineapplication.getAuthComponentOA().getOASTORK() != null + && onlineapplication.getAuthComponentOA().getOASTORK().isVidpEnabled() != null + && onlineapplication.getAuthComponentOA().getOASTORK().isVidpEnabled()))) { + log.warn("IDP which should be stored is not of type interfederation IDP."); + addActionError("IDP which should be stored is not of type MOA-ID interfederation IDP."); + return Constants.STRUTS_ERROR; + + } + + List<String> errors = new ArrayList<String>(); + + //validate forms + for (IOnlineApplicationData form : formList.values()) + errors.addAll(form.validate(getGeneralOA(), authUser, request)); + + + boolean publicServiceAllowed = ValidationHelper.isPublicServiceAllowed(getPvp2OA().getMetaDataURL()); + if (!publicServiceAllowed && !getGeneralOA().isBusinessService()) { + log.info("Metadata URL " + getPvp2OA().getMetaDataURL() + " does not allow PublicService."); + errors.add(LanguageHelper.getErrorString("validation.interfederation.moaidp.metadataurl.publicservice", + new Object[] {getPvp2OA().getMetaDataURL()}, request )); + getGeneralOA().setBusinessService(true); + + } + + + if (errors.size() > 0) { + log.info("IDP-Configuration with ID " + getGeneralOA().getIdentifier() + " has some errors."); + for (String el : errors) + addActionError(el); + + formID = Random.nextRandom(); + session.setAttribute(Constants.SESSION_FORMID, formID); + return Constants.STRUTS_ERROR_VALIDATION; + + } else { + + //set default Target interfederated nameID caluclation + if (getGeneralOA().isBusinessService()) { + IdentificationNumber businessID = onlineapplication.getAuthComponentOA().getIdentificationNumber(); + if (businessID == null) { + businessID = new IdentificationNumber(); + onlineapplication.getAuthComponentOA().setIdentificationNumber(businessID); + } + businessID.setValue(Constants.PREFIX_WPBK + "MOA-IDP"); + + } else + onlineapplication.setTarget("MOA-IDP"); + + postProcessSaveOnlineApplication(onlineapplication); + + } + + //remove session attributes + session.setAttribute(Constants.SESSION_OAID, null); + ConfigurationDBUtils.closeSession(); + + addActionMessage(LanguageHelper.getGUIString("webpages.idp.success", getGeneralOA().getIdentifier(), request)); + return Constants.STRUTS_SUCCESS; + + + } catch (BasicActionException e) { + return Constants.STRUTS_ERROR; + + } catch (BasicOAActionException e) { + addActionError(e.getStrutsError()); + return e.getStrutsReturnValue(); + + } + } + + public String cancleAndBackIDP() { + try { + populateBasicInformations(); + + if (!authUser.isAdmin()) { + log.warn("User with ID " + authUser.getUserID() + " not allowed to manage interfederation IDPs."); + addActionError(LanguageHelper.getErrorString("errors.notallowed", request)); + return Constants.STRUTS_NOTALLOWED; + } + + } catch (BasicActionException e) { + return Constants.STRUTS_ERROR; + + } + + session.setAttribute(Constants.SESSION_OAID, null); + addActionMessage(LanguageHelper.getGUIString("webpages.idp.cancle", getGeneralOA().getIdentifier(), request)); + ConfigurationDBUtils.closeSession(); + + return Constants.STRUTS_SUCCESS; + } + + public String deleteIDP() { + String oaidentifier = null; + try { + populateBasicInformations(); + + if (!authUser.isAdmin()) { + log.warn("User with ID " + authUser.getUserID() + " not allowed to manage interfederation IDPs."); + addActionError(LanguageHelper.getErrorString("errors.notallowed", request)); + return Constants.STRUTS_NOTALLOWED; + } + + oaidentifier = preProcessDeleteOnlineApplication(); + + + } catch (BasicActionException e) { + return Constants.STRUTS_ERROR; + + } catch (BasicOAActionException e) { + addActionError(e.getStrutsError()); + return e.getStrutsReturnValue(); + + } + + session.setAttribute(Constants.SESSION_OAID, null); + OnlineApplication onlineapplication = ConfigurationDBRead.getOnlineApplication(oaidentifier); + + try { + if (MiscUtil.isNotEmpty(onlineapplication.getAuthComponentOA().getOAPVP2().getMetadataURL())) { + + MOAIDConfiguration moaconfig = ConfigurationDBRead.getMOAIDConfiguration(); + moaconfig.setPvp2RefreshItem(new Date()); + ConfigurationDBUtils.saveOrUpdate(moaconfig); + + } + } catch (Throwable e) { + log.info("Found no MetadataURL in OA-Databaseconfig!", e); + } + + if (ConfigurationDBUtils.delete(onlineapplication)) { + + ConfigurationDBUtils.closeSession(); + addActionMessage(LanguageHelper.getGUIString("webpages.oaconfig.delete.message", oaidentifier, request)); + return Constants.STRUTS_SUCCESS; + + } else { + ConfigurationDBUtils.closeSession(); + addActionError(LanguageHelper.getGUIString("webpages.oaconfig.delete.error", oaidentifier, request)); + return Constants.STRUTS_SUCCESS; + } + + } + + /** + * @param oa + */ + private void parseOAToForm(OnlineApplication oa) { + List<String> errors = new ArrayList<String>(); + for (IOnlineApplicationData form : formList.values()) { + List<String> error = form.parse(oa, authUser, request); + if (error != null) + errors.addAll(error); + } + if (errors.size() > 0) { + for (String el : errors) + addActionError(el); + } + + setNewOA(false); + + ConfigurationDBUtils.closeSession(); + + formID = Random.nextRandom(); + session.setAttribute(Constants.SESSION_FORMID, formID); + session.setAttribute(Constants.SESSION_OAID, oaid); + } + + /** + * @return the formOAs + */ + public List<OAListElement> getFormOAs() { + return formOAs; + } + + public OAMOAIDPInterfederationConfig getMoaIDP() { + return (OAMOAIDPInterfederationConfig) formList.get(new OAMOAIDPInterfederationConfig().getName()); + } + + public void setMoaIDP(OAMOAIDPInterfederationConfig pvp2oa) { + formList.put(pvp2oa.getName(), pvp2oa); + } + + /** + * @return the formOA + */ + public OATargetConfiguration getTargetConfig() { + return (OATargetConfiguration) formList.get(new OATargetConfiguration().getName()); + } + + /** + * @param formOA the formOA to set + */ + public void setTargetConfig(OATargetConfiguration formOA) { + formList.put(formOA.getName(), formOA); + } + + /** + * @return the formOA + */ + public FormularCustomization getFormOA() { + return (FormularCustomization) formList.get(new FormularCustomization(null).getName()); + } + + /** + * @param formOA the formOA to set + */ + public void setFormOA(FormularCustomization formOA) { + formList.put(formOA.getName(), formOA); + } + + public OASTORKConfig getStorkOA() { + return (OASTORKConfig) formList.get(new OASTORKConfig().getName()); + } + + public void setStorkOA(OASTORKConfig storkOA) { + formList.put(storkOA.getName(), storkOA); + } + + + public OAAuthenticationData getAuthOA() { + return (OAAuthenticationData) formList.get(new OAAuthenticationData().getName()); + } + + public void setAuthOA(OAAuthenticationData generalOA) { + formList.put(generalOA.getName(), generalOA); + } + + + /** + * @return the interfederationType + */ + public String getInterfederationType() { + return interfederationType; + } + + /** + * @param interfederationType the interfederationType to set + */ + public void setInterfederationType(String interfederationType) { + this.interfederationType = interfederationType; + } + + + +} diff --git a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/struts/action/ListOAsAction.java b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/struts/action/ListOAsAction.java index e51ee7ca6..7f7f083c9 100644 --- a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/struts/action/ListOAsAction.java +++ b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/struts/action/ListOAsAction.java @@ -39,6 +39,7 @@ import at.gv.egovernment.moa.id.commons.db.ConfigurationDBRead; import at.gv.egovernment.moa.id.commons.db.ConfigurationDBUtils; import at.gv.egovernment.moa.id.commons.db.dao.config.OnlineApplication; import at.gv.egovernment.moa.id.commons.db.dao.config.UserDatabase; +import at.gv.egovernment.moa.id.commons.validation.ValidationHelper; import at.gv.egovernment.moa.id.configuration.Constants; import at.gv.egovernment.moa.id.configuration.auth.AuthenticatedUser; import at.gv.egovernment.moa.id.configuration.data.OAListElement; @@ -46,7 +47,6 @@ import at.gv.egovernment.moa.id.configuration.exception.BasicActionException; import at.gv.egovernment.moa.id.configuration.exception.ConfigurationException; import at.gv.egovernment.moa.id.configuration.helper.FormDataHelper; import at.gv.egovernment.moa.id.configuration.helper.LanguageHelper; -import at.gv.egovernment.moa.id.configuration.validation.ValidationHelper; import at.gv.egovernment.moa.util.MiscUtil; public class ListOAsAction extends BasicAction { @@ -88,7 +88,7 @@ public class ListOAsAction extends BasicAction { addActionError(LanguageHelper.getErrorString("errors.listOAs.noOA", request)); } else { - formOAs = FormDataHelper.addFormOAs(dbOAs); + formOAs = FormDataHelper.populateFormWithOAs(dbOAs); } session.setAttribute(Constants.SESSION_RETURNAREA, @@ -160,14 +160,11 @@ public class ListOAsAction extends BasicAction { } if (dbOAs == null || dbOAs.size() == 0) { - log.debug("No OAs found with Identifier " + friendlyname); + log.debug("No IDPs found with Identifier " + friendlyname); addActionError(LanguageHelper.getErrorString("errors.listOAs.noOA", request)); - } else { - - formOAs = FormDataHelper.addFormOAs(dbOAs); - session.setAttribute(Constants.SESSION_RETURNAREA, - Constants.STRUTS_RETURNAREA_VALUES.main.name()); + } else { + formOAs = FormDataHelper.populateFormWithOAs(dbOAs); } diff --git a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/struts/action/MOAIDPAction.java b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/struts/action/MOAIDPAction.java new file mode 100644 index 000000000..8c04a382a --- /dev/null +++ b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/struts/action/MOAIDPAction.java @@ -0,0 +1,59 @@ +/* + * Copyright 2014 Federal Chancellery Austria + * MOA-ID has been developed in a cooperation between BRZ, the Federal + * Chancellery Austria - ICT staff unit, and Graz University of Technology. + * + * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by + * the European Commission - subsequent versions of the EUPL (the "Licence"); + * You may not use this work except in compliance with the Licence. + * You may obtain a copy of the Licence at: + * http://www.osor.eu/eupl/ + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the Licence is distributed on an "AS IS" basis, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the Licence for the specific language governing permissions and + * limitations under the Licence. + * + * This product combines work with different licenses. See the "NOTICE" text + * file for details on the various modules and licenses. + * The "NOTICE" text file is part of the distribution. Any derivative works + * that you distribute must include a readable copy of the "NOTICE" text file. + */ +package at.gv.egovernment.moa.id.configuration.struts.action; + +import java.util.LinkedHashMap; + +import at.gv.egovernment.moa.id.configuration.data.oa.IOnlineApplicationData; +import at.gv.egovernment.moa.id.configuration.data.oa.OAMOAIDPInterfederationConfig; +import at.gv.egovernment.moa.id.configuration.data.oa.OAPVP2Config; + +/** + * @author tlenz + * + */ +public class MOAIDPAction extends InterfederationIDPAction { + + private static final long serialVersionUID = -2047128481980413334L; + + public MOAIDPAction() { + super(); + formList.putAll(buildMOAIDPFormList()); + } + + public static LinkedHashMap<String, IOnlineApplicationData> buildMOAIDPFormList() { + + LinkedHashMap<String, IOnlineApplicationData> forms = + new LinkedHashMap<String, IOnlineApplicationData>(); + + + OAPVP2Config pvp2OA = new OAPVP2Config(); + forms.put(pvp2OA.getName(), pvp2OA); + + OAMOAIDPInterfederationConfig moaidp = new OAMOAIDPInterfederationConfig(); + forms.put(moaidp.getName(), moaidp); + + return forms; + } + +} diff --git a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/struts/action/OpenAdminRequestsAction.java b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/struts/action/OpenAdminRequestsAction.java index a4c768eda..283b3604a 100644 --- a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/struts/action/OpenAdminRequestsAction.java +++ b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/struts/action/OpenAdminRequestsAction.java @@ -67,7 +67,7 @@ public class OpenAdminRequestsAction extends BasicAction { List<OnlineApplication> dbOAs = ConfigurationDBRead.getAllNewOnlineApplications(); if (dbOAs != null) { - formOAs = FormDataHelper.addFormOAs(dbOAs); + formOAs = FormDataHelper.populateFormWithOAs(dbOAs); } List<UserDatabase> dbUsers = ConfigurationDBRead.getAllNewUsers(); diff --git a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/struts/action/UserManagementAction.java b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/struts/action/UserManagementAction.java index 382dc6372..5799c88b2 100644 --- a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/struts/action/UserManagementAction.java +++ b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/struts/action/UserManagementAction.java @@ -38,6 +38,7 @@ import at.gv.egovernment.moa.id.commons.db.ConfigurationDBRead; import at.gv.egovernment.moa.id.commons.db.ConfigurationDBUtils; import at.gv.egovernment.moa.id.commons.db.dao.config.UserDatabase; import at.gv.egovernment.moa.id.commons.db.ex.MOADatabaseException; +import at.gv.egovernment.moa.id.commons.validation.ValidationHelper; import at.gv.egovernment.moa.id.configuration.Constants; import at.gv.egovernment.moa.id.configuration.auth.AuthenticatedUser; import at.gv.egovernment.moa.id.configuration.data.UserDatabaseFrom; @@ -48,7 +49,6 @@ import at.gv.egovernment.moa.id.configuration.helper.FormDataHelper; import at.gv.egovernment.moa.id.configuration.helper.LanguageHelper; import at.gv.egovernment.moa.id.configuration.helper.MailHelper; import at.gv.egovernment.moa.id.configuration.validation.UserDatabaseFormValidator; -import at.gv.egovernment.moa.id.configuration.validation.ValidationHelper; import at.gv.egovernment.moa.id.util.Random; import at.gv.egovernment.moa.util.MiscUtil; diff --git a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/struts/action/VIDPAction.java b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/struts/action/VIDPAction.java new file mode 100644 index 000000000..8588dd286 --- /dev/null +++ b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/struts/action/VIDPAction.java @@ -0,0 +1,75 @@ +/* + * Copyright 2014 Federal Chancellery Austria + * MOA-ID has been developed in a cooperation between BRZ, the Federal + * Chancellery Austria - ICT staff unit, and Graz University of Technology. + * + * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by + * the European Commission - subsequent versions of the EUPL (the "Licence"); + * You may not use this work except in compliance with the Licence. + * You may obtain a copy of the Licence at: + * http://www.osor.eu/eupl/ + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the Licence is distributed on an "AS IS" basis, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the Licence for the specific language governing permissions and + * limitations under the Licence. + * + * This product combines work with different licenses. See the "NOTICE" text + * file for details on the various modules and licenses. + * The "NOTICE" text file is part of the distribution. Any derivative works + * that you distribute must include a readable copy of the "NOTICE" text file. + */ +package at.gv.egovernment.moa.id.configuration.struts.action; + +import java.util.HashMap; +import java.util.LinkedHashMap; +import java.util.Map; + +import at.gv.egovernment.moa.id.configuration.data.FormularCustomization; +import at.gv.egovernment.moa.id.configuration.data.oa.IOnlineApplicationData; +import at.gv.egovernment.moa.id.configuration.data.oa.OAAuthenticationData; +import at.gv.egovernment.moa.id.configuration.data.oa.OASTORKConfig; +import at.gv.egovernment.moa.id.configuration.data.oa.OATargetConfiguration; +import at.gv.egovernment.moa.id.util.FormBuildUtils; + +/** + * @author tlenz + * + */ +public class VIDPAction extends InterfederationIDPAction { + + private static final long serialVersionUID = 1981465294474566533L; + + + public VIDPAction() { + super(); + formList.putAll(buildVIDPFormList()); + } + + /** + * @return + * + */ + public static LinkedHashMap<String, IOnlineApplicationData> buildVIDPFormList() { + LinkedHashMap<String, IOnlineApplicationData> forms = + new LinkedHashMap<String, IOnlineApplicationData>(); + + OATargetConfiguration oaTarget = new OATargetConfiguration(); + forms.put(oaTarget.getName(), oaTarget); + + OAAuthenticationData authOA = new OAAuthenticationData(); + forms.put(authOA.getName(), authOA); + + OASTORKConfig storkOA = new OASTORKConfig(); + forms.put(storkOA.getName(), storkOA); + + Map<String, String> map = new HashMap<String, String>(); + map.putAll(FormBuildUtils.getDefaultMap()); + FormularCustomization formOA = new FormularCustomization(map); + forms.put(formOA.getName(), formOA); + + return forms; + } + +} |