aboutsummaryrefslogtreecommitdiff
path: root/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/validation/moaconfig/MOAConfigValidator.java
diff options
context:
space:
mode:
Diffstat (limited to 'id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/validation/moaconfig/MOAConfigValidator.java')
-rw-r--r--id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/validation/moaconfig/MOAConfigValidator.java90
1 files changed, 59 insertions, 31 deletions
diff --git a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/validation/moaconfig/MOAConfigValidator.java b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/validation/moaconfig/MOAConfigValidator.java
index 1ea51652a..fcf74a534 100644
--- a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/validation/moaconfig/MOAConfigValidator.java
+++ b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/validation/moaconfig/MOAConfigValidator.java
@@ -32,10 +32,12 @@ import java.util.Map;
import org.apache.log4j.Logger;
+import at.gv.egovernment.moa.id.configuration.Constants;
import at.gv.egovernment.moa.id.configuration.data.GeneralMOAIDConfig;
import at.gv.egovernment.moa.id.configuration.data.pvp2.ContactForm;
import at.gv.egovernment.moa.id.configuration.helper.LanguageHelper;
import at.gv.egovernment.moa.id.configuration.helper.StringHelper;
+import at.gv.egovernment.moa.id.configuration.validation.CompanyNumberValidator;
import at.gv.egovernment.moa.id.configuration.validation.ValidationHelper;
import at.gv.egovernment.moa.util.Base64Utils;
import at.gv.egovernment.moa.util.MiscUtil;
@@ -51,15 +53,26 @@ public class MOAConfigValidator {
log.debug("Validate general MOA configuration");
- String check = form.getAlternativeSourceID();
+ String check = form.getSaml1SourceID();
if (MiscUtil.isNotEmpty(check)) {
if (ValidationHelper.containsPotentialCSSCharacter(check, false)) {
- log.warn("AlternativeSourceID contains potentail XSS characters: " + check);
- errors.add(LanguageHelper.getErrorString("validation.general.AlternativeSourceID",
+ log.warn("SAML1 SourceID contains potentail XSS characters: " + check);
+ errors.add(LanguageHelper.getErrorString("validation.general.SAML1SourceID",
new Object[] {ValidationHelper.getPotentialCSSCharacter(false)} ));
}
}
+ check = form.getPublicURLPrefix();
+ if (MiscUtil.isNotEmpty(check)) {
+ if (!ValidationHelper.validateURL(check)) {
+ log.info("Public URL Prefix is not valid");
+ errors.add(LanguageHelper.getErrorString("validation.general.publicURLprefix.valid"));
+ }
+ } else {
+ log.info("PublicURL Prefix is empty.");
+ errors.add(LanguageHelper.getErrorString("validation.general.publicURLprefix.empty"));
+ }
+
check = form.getTimeoutAssertion();
if (MiscUtil.isNotEmpty(check)) {
if (!ValidationHelper.validateNumber(check)) {
@@ -232,20 +245,20 @@ public class MOAConfigValidator {
}
}
- check = form.getPvp2PublicUrlPrefix();
- if (MiscUtil.isNotEmpty(check)) {
- if (!ValidationHelper.validateURL(check)) {
- log.info("PVP2 Service URL is not valid");
- errors.add(LanguageHelper.getErrorString("validation.general.protocol.pvp2.serviceurl.valid"));
- }
- }
+// check = form.getPvp2PublicUrlPrefix();
+// if (MiscUtil.isNotEmpty(check)) {
+// if (!ValidationHelper.validateURL(check)) {
+// log.info("PVP2 Service URL is not valid");
+// errors.add(LanguageHelper.getErrorString("validation.general.protocol.pvp2.serviceurl.valid"));
+// }
+// }
check = form.getSLRequestTemplateHandy();
if (MiscUtil.isEmpty(check)) {
log.info("Empty SLRequestTemplate Handy-BKU");
errors.add(LanguageHelper.getErrorString("validation.general.slrequest.handy.empty"));
} else {
- if (!ValidationHelper.validateURL(check)) {
+ if (ValidationHelper.isNotValidIdentityLinkSigner(check)) {
log.info("SLRequestTemplate Handy-BKU is not valid");
errors.add(LanguageHelper.getErrorString("validation.general.slrequest.handy.valid"));
}
@@ -256,7 +269,7 @@ public class MOAConfigValidator {
log.info("Empty SLRequestTemplate local BKU");
errors.add(LanguageHelper.getErrorString("validation.general.slrequest.local.empty"));
} else {
- if (!ValidationHelper.validateURL(check)) {
+ if (ValidationHelper.isNotValidIdentityLinkSigner(check)) {
log.info("SLRequestTemplate local BKU is not valid");
errors.add(LanguageHelper.getErrorString("validation.general.slrequest.local.valid"));
}
@@ -267,7 +280,7 @@ public class MOAConfigValidator {
log.info("Empty SLRequestTemplate Online-BKU");
errors.add(LanguageHelper.getErrorString("validation.general.slrequest.online.empty"));
} else {
- if (!ValidationHelper.validateURL(check)) {
+ if (ValidationHelper.isNotValidIdentityLinkSigner(check)) {
log.info("SLRequestTemplate Online-BKU is not valid");
errors.add(LanguageHelper.getErrorString("validation.general.slrequest.online.valid"));
}
@@ -282,22 +295,22 @@ public class MOAConfigValidator {
}
}
- check = form.getSsoIdentificationNumber();
- if (MiscUtil.isNotEmpty(check)) {
- if (ValidationHelper.containsPotentialCSSCharacter(check, false)) {
- log.info("SSO IdentificationNumber is not valid: " + check);
- errors.add(LanguageHelper.getErrorString("validation.general.sso.identificationnumber.valid",
- new Object[] {ValidationHelper.getPotentialCSSCharacter(false)} ));
- }
- }
-
- check = form.getSsoPublicUrl();
- if (MiscUtil.isNotEmpty(check)) {
- if (!ValidationHelper.validateURL(check)) {
- log.info("SSO Public URL is not valid");
- errors.add(LanguageHelper.getErrorString("validation.general.sso.publicurl.valid"));
- }
- }
+// check = form.getSsoIdentificationNumber();
+// if (MiscUtil.isNotEmpty(check)) {
+// if (ValidationHelper.containsPotentialCSSCharacter(check, false)) {
+// log.info("SSO IdentificationNumber is not valid: " + check);
+// errors.add(LanguageHelper.getErrorString("validation.general.sso.identificationnumber.valid",
+// new Object[] {ValidationHelper.getPotentialCSSCharacter(false)} ));
+// }
+// }
+
+// check = form.getSsoPublicUrl();
+// if (MiscUtil.isNotEmpty(check)) {
+// if (!ValidationHelper.validateURL(check)) {
+// log.info("SSO Public URL is not valid");
+// errors.add(LanguageHelper.getErrorString("validation.general.sso.publicurl.valid"));
+// }
+// }
check = form.getSsoSpecialText();
if (MiscUtil.isNotEmpty(check)) {
@@ -315,8 +328,23 @@ public class MOAConfigValidator {
} else {
if (!ValidationHelper.isValidAdminTarget(check)) {
- log.info("Not valid SSO Target");
- errors.add(LanguageHelper.getErrorString("validation.general.sso.target.valid"));
+
+ if (ValidationHelper.containsPotentialCSSCharacter(check, false)) {
+ log.warn("IdentificationNumber contains potentail XSS characters: " + check);
+ errors.add(LanguageHelper.getErrorString("validation.general.sso.target.valid",
+ new Object[] {ValidationHelper.getPotentialCSSCharacter(false)} ));
+ }
+
+ String num = check.replaceAll(" ", "");
+
+ if ( !(num.startsWith(Constants.IDENIFICATIONTYPE_FN) ||
+ num.startsWith(Constants.IDENIFICATIONTYPE_ZVR) ||
+ num.startsWith(Constants.IDENIFICATIONTYPE_ERSB) ) ) {
+
+ log.info("Not valid SSO Target");
+ errors.add(LanguageHelper.getErrorString("validation.general.sso.target.valid"));
+ }
+
}
}
generated by cgit v1.2.3 (git 2.25.1) at 2024-08-01 07:08:21 +0000