diff options
Diffstat (limited to 'id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/validation/moaconfig')
-rw-r--r-- | id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/validation/moaconfig/MOAConfigValidator.java | 421 |
1 files changed, 220 insertions, 201 deletions
diff --git a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/validation/moaconfig/MOAConfigValidator.java b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/validation/moaconfig/MOAConfigValidator.java index 717a0c827..247004b75 100644 --- a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/validation/moaconfig/MOAConfigValidator.java +++ b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/validation/moaconfig/MOAConfigValidator.java @@ -46,7 +46,7 @@ public class MOAConfigValidator { private static final Logger log = Logger.getLogger(MOAConfigValidator.class); - public List<String> validate(GeneralMOAIDConfig form, HttpServletRequest request) { + public List<String> validate(GeneralMOAIDConfig form, HttpServletRequest request, boolean isMOAIDMode) { List<String> errors = new ArrayList<String>(); @@ -126,7 +126,7 @@ public class MOAConfigValidator { // } check = form.getDefaultBKUHandy(); - if (MiscUtil.isNotEmpty(check)) { + if (MiscUtil.isNotEmpty(check) && isMOAIDMode) { if (!ValidationHelper.validateURL(check)) { log.info("Not valid Handy-BKU URL"); errors.add(LanguageHelper.getErrorString("validation.general.bku.handy.valid", request)); @@ -134,7 +134,7 @@ public class MOAConfigValidator { } check = form.getDefaultBKULocal(); - if (MiscUtil.isNotEmpty(check)) { + if (MiscUtil.isNotEmpty(check) && isMOAIDMode) { if (!ValidationHelper.validateURL(check)) { log.info("Not valid Online-BKU URL"); errors.add(LanguageHelper.getErrorString("validation.general.bku.local.valid", request)); @@ -142,7 +142,7 @@ public class MOAConfigValidator { } check = form.getDefaultBKUOnline(); - if (MiscUtil.isNotEmpty(check)) { + if (MiscUtil.isNotEmpty(check) && isMOAIDMode) { if (!ValidationHelper.validateURL(check)) { log.info("Not valid Online-BKU URL"); errors.add(LanguageHelper.getErrorString("validation.general.bku.online.valid", request)); @@ -162,7 +162,7 @@ public class MOAConfigValidator { // } check = form.getMandateURL(); - if (MiscUtil.isNotEmpty(check)) { + if (MiscUtil.isNotEmpty(check) && isMOAIDMode) { String[] misURLs = check.split(","); for (String el : misURLs) { if (MiscUtil.isNotEmpty(el) && !ValidationHelper.validateURL(StringUtils.chomp(el.trim()))) { @@ -174,7 +174,7 @@ public class MOAConfigValidator { } check = form.getElgaMandateServiceURL(); - if (MiscUtil.isNotEmpty(check)) { + if (MiscUtil.isNotEmpty(check) && isMOAIDMode) { String[] elgaServiceURLs = check.split(","); for (String el : elgaServiceURLs) { if (MiscUtil.isNotEmpty(el) && !ValidationHelper.validateURL(StringUtils.chomp(el.trim()))) { @@ -185,87 +185,103 @@ public class MOAConfigValidator { } } + check = form.getEidSystemServiceURL(); + if (MiscUtil.isNotEmpty(check)) { + String[] eidServiceURLs = check.split(","); + for (String el : eidServiceURLs) { + if (MiscUtil.isNotEmpty(el) && !ValidationHelper.validateURL(StringUtils.chomp(el.trim()))) { + log.info("Not valid E-ID System Service URL"); + errors.add(LanguageHelper.getErrorString("validation.general.eid.url.valid", + new Object[]{el}, request)); + } + } + } + check = form.getMoaspssAuthTransformations(); List<String> authtranslist = new ArrayList<String>(); - if (MiscUtil.isEmpty(check)) { - log.info("Empty MoaspssAuthTransformation"); - errors.add(LanguageHelper.getErrorString("validation.general.moasp.auth.transformation.empty", request)); - } else { - - //is only required if more then one transformation is in use -// check = StringHelper.formatText(check); -// String[] list = check.split(GeneralMOAIDConfig.LINE_DELIMITER); -// int i=1; -// for(String el : list) { -// if (ValidationHelper.containsPotentialCSSCharacter(el, false)) { -// log.info("IdentityLinkSigners is not valid: " + el); -// errors.add(LanguageHelper.getErrorString("validation.general.moasp.auth.transformation.valid", -// new Object[] {i, ValidationHelper.getPotentialCSSCharacter(false)} )); -// -// } else { -// if (MiscUtil.isNotEmpty(el.trim())) -// authtranslist.add(el.trim()); -// } -// i++; -// } - authtranslist.add(check.trim()); + if (isMOAIDMode) { + if (MiscUtil.isEmpty(check)) { + log.info("Empty MoaspssAuthTransformation"); + errors.add(LanguageHelper.getErrorString("validation.general.moasp.auth.transformation.empty", request)); + } else { + + //is only required if more then one transformation is in use + // check = StringHelper.formatText(check); + // String[] list = check.split(GeneralMOAIDConfig.LINE_DELIMITER); + // int i=1; + // for(String el : list) { + // if (ValidationHelper.containsPotentialCSSCharacter(el, false)) { + // log.info("IdentityLinkSigners is not valid: " + el); + // errors.add(LanguageHelper.getErrorString("validation.general.moasp.auth.transformation.valid", + // new Object[] {i, ValidationHelper.getPotentialCSSCharacter(false)} )); + // + // } else { + // if (MiscUtil.isNotEmpty(el.trim())) + // authtranslist.add(el.trim()); + // } + // i++; + // } + authtranslist.add(check.trim()); + } } form.setAuthTransformList(authtranslist); - check = form.getMoaspssAuthTrustProfile(); - if (MiscUtil.isEmpty(check)) { - log.info("Empty MOA-SP/SS Authblock TrustProfile"); - errors.add(LanguageHelper.getErrorString("validation.general.moasp.auth.trustprofile.empty", request)); - } else { - if (ValidationHelper.containsNotValidCharacter(check, false)) { - log.info("Authblock TrustProfile is not valid: " +check); - errors.add(LanguageHelper.getErrorString("validation.general.moasp.auth.trustprofile.valid", - new Object[] {ValidationHelper.getNotValidCharacter(false)}, request )); + if (isMOAIDMode) { + check = form.getMoaspssAuthTrustProfile(); + if (MiscUtil.isEmpty(check)) { + log.info("Empty MOA-SP/SS Authblock TrustProfile"); + errors.add(LanguageHelper.getErrorString("validation.general.moasp.auth.trustprofile.empty", request)); + } else { + if (ValidationHelper.containsNotValidCharacter(check, false)) { + log.info("Authblock TrustProfile is not valid: " +check); + errors.add(LanguageHelper.getErrorString("validation.general.moasp.auth.trustprofile.valid", + new Object[] {ValidationHelper.getNotValidCharacter(false)}, request )); + } } - } - - check = form.getMoaspssIdlTrustProfile(); - if (MiscUtil.isEmpty(check)) { - log.info("Empty MOA-SP/SS IdentityLink TrustProfile"); - errors.add(LanguageHelper.getErrorString("validation.general.moasp.idl.trustprofile.empty", request)); - } else { - if (ValidationHelper.containsNotValidCharacter(check, false)) { - log.info("IdentityLink TrustProfile is not valid: " +check); - errors.add(LanguageHelper.getErrorString("validation.general.moasp.idl.trustprofile.valid", - new Object[] {ValidationHelper.getNotValidCharacter(false)}, request )); + + check = form.getMoaspssIdlTrustProfile(); + if (MiscUtil.isEmpty(check)) { + log.info("Empty MOA-SP/SS IdentityLink TrustProfile"); + errors.add(LanguageHelper.getErrorString("validation.general.moasp.idl.trustprofile.empty", request)); + } else { + if (ValidationHelper.containsNotValidCharacter(check, false)) { + log.info("IdentityLink TrustProfile is not valid: " +check); + errors.add(LanguageHelper.getErrorString("validation.general.moasp.idl.trustprofile.valid", + new Object[] {ValidationHelper.getNotValidCharacter(false)}, request )); + } } - } - - check = form.getMoaspssAuthTrustProfileTest(); - if (MiscUtil.isEmpty(check)) { - log.info("Empty MOA-SP/SS Test-Authblock TrustProfile"); - errors.add(LanguageHelper.getErrorString("validation.general.moasp.auth.trustprofile.test.empty", request)); - } else { - if (ValidationHelper.containsNotValidCharacter(check, false)) { - log.info("Test-Authblock TrustProfile is not valid: " +check); - errors.add(LanguageHelper.getErrorString("validation.general.moasp.auth.trustprofile.test.valid", - new Object[] {ValidationHelper.getNotValidCharacter(false)}, request )); + + check = form.getMoaspssAuthTrustProfileTest(); + if (MiscUtil.isEmpty(check)) { + log.info("Empty MOA-SP/SS Test-Authblock TrustProfile"); + errors.add(LanguageHelper.getErrorString("validation.general.moasp.auth.trustprofile.test.empty", request)); + } else { + if (ValidationHelper.containsNotValidCharacter(check, false)) { + log.info("Test-Authblock TrustProfile is not valid: " +check); + errors.add(LanguageHelper.getErrorString("validation.general.moasp.auth.trustprofile.test.valid", + new Object[] {ValidationHelper.getNotValidCharacter(false)}, request )); + } } - } - - check = form.getMoaspssIdlTrustProfileTest(); - if (MiscUtil.isEmpty(check)) { - log.info("Empty MOA-SP/SS Test-IdentityLink TrustProfile"); - errors.add(LanguageHelper.getErrorString("validation.general.moasp.idl.trustprofile.test.empty", request)); - } else { - if (ValidationHelper.containsNotValidCharacter(check, false)) { - log.info("Test-IdentityLink TrustProfile is not valid: " +check); - errors.add(LanguageHelper.getErrorString("validation.general.moasp.idl.trustprofile.test.valid", - new Object[] {ValidationHelper.getNotValidCharacter(false)}, request )); + + check = form.getMoaspssIdlTrustProfileTest(); + if (MiscUtil.isEmpty(check)) { + log.info("Empty MOA-SP/SS Test-IdentityLink TrustProfile"); + errors.add(LanguageHelper.getErrorString("validation.general.moasp.idl.trustprofile.test.empty", request)); + } else { + if (ValidationHelper.containsNotValidCharacter(check, false)) { + log.info("Test-IdentityLink TrustProfile is not valid: " +check); + errors.add(LanguageHelper.getErrorString("validation.general.moasp.idl.trustprofile.test.valid", + new Object[] {ValidationHelper.getNotValidCharacter(false)}, request )); + } } - } - - - check = form.getMoaspssURL(); - if (MiscUtil.isNotEmpty(check)) { - if (!ValidationHelper.validateURL(check)) { - log.info("Not valid MOA-SP/SS Service URL"); - errors.add(LanguageHelper.getErrorString("validation.general.moaspss.url.valid", request)); + + + check = form.getMoaspssURL(); + if (MiscUtil.isNotEmpty(check)) { + if (!ValidationHelper.validateURL(check)) { + log.info("Not valid MOA-SP/SS Service URL"); + errors.add(LanguageHelper.getErrorString("validation.general.moaspss.url.valid", request)); + } } } @@ -312,109 +328,111 @@ public class MOAConfigValidator { // } // } - check = form.getSLRequestTemplateHandy(); - if (MiscUtil.isEmpty(check)) { - log.info("Empty SLRequestTemplate Handy-BKU"); - errors.add(LanguageHelper.getErrorString("validation.general.slrequest.handy.empty", request)); - } else { - if (ValidationHelper.isNotValidIdentityLinkSigner(check)) { - log.info("SLRequestTemplate Handy-BKU is not valid"); - errors.add(LanguageHelper.getErrorString("validation.general.slrequest.handy.valid", request)); - } - } - - check = form.getSLRequestTemplateLocal(); - if (MiscUtil.isEmpty(check)) { - log.info("Empty SLRequestTemplate local BKU"); - errors.add(LanguageHelper.getErrorString("validation.general.slrequest.local.empty", request)); - } else { - if (ValidationHelper.isNotValidIdentityLinkSigner(check)) { - log.info("SLRequestTemplate local BKU is not valid"); - errors.add(LanguageHelper.getErrorString("validation.general.slrequest.local.valid", request)); - } - } - - check = form.getSLRequestTemplateOnline(); - if (MiscUtil.isEmpty(check)) { - log.info("Empty SLRequestTemplate Online-BKU"); - errors.add(LanguageHelper.getErrorString("validation.general.slrequest.online.empty", request)); - } else { - if (ValidationHelper.isNotValidIdentityLinkSigner(check)) { - log.info("SLRequestTemplate Online-BKU is not valid"); - errors.add(LanguageHelper.getErrorString("validation.general.slrequest.online.valid", request)); + if (isMOAIDMode) { + check = form.getSLRequestTemplateHandy(); + if (MiscUtil.isEmpty(check)) { + log.info("Empty SLRequestTemplate Handy-BKU"); + errors.add(LanguageHelper.getErrorString("validation.general.slrequest.handy.empty", request)); + } else { + if (ValidationHelper.isNotValidIdentityLinkSigner(check)) { + log.info("SLRequestTemplate Handy-BKU is not valid"); + errors.add(LanguageHelper.getErrorString("validation.general.slrequest.handy.valid", request)); + } } - } - - check = form.getSsoFriendlyName(); - if (MiscUtil.isNotEmpty(check)) { - if (ValidationHelper.containsNotValidCharacter(check, false)) { - log.info("SSO friendlyname is not valid: " + check); - errors.add(LanguageHelper.getErrorString("validation.general.sso.friendlyname.valid", - new Object[] {ValidationHelper.getNotValidCharacter(false)}, request )); + + check = form.getSLRequestTemplateLocal(); + if (MiscUtil.isEmpty(check)) { + log.info("Empty SLRequestTemplate local BKU"); + errors.add(LanguageHelper.getErrorString("validation.general.slrequest.local.empty", request)); + } else { + if (ValidationHelper.isNotValidIdentityLinkSigner(check)) { + log.info("SLRequestTemplate local BKU is not valid"); + errors.add(LanguageHelper.getErrorString("validation.general.slrequest.local.valid", request)); + } } - } - -// check = form.getSsoIdentificationNumber(); -// if (MiscUtil.isNotEmpty(check)) { -// if (ValidationHelper.containsPotentialCSSCharacter(check, false)) { -// log.info("SSO IdentificationNumber is not valid: " + check); -// errors.add(LanguageHelper.getErrorString("validation.general.sso.identificationnumber.valid", -// new Object[] {ValidationHelper.getPotentialCSSCharacter(false)} )); -// } -// } - -// check = form.getSsoPublicUrl(); -// if (MiscUtil.isNotEmpty(check)) { -// if (!ValidationHelper.validateURL(check)) { -// log.info("SSO Public URL is not valid"); -// errors.add(LanguageHelper.getErrorString("validation.general.sso.publicurl.valid")); -// } -// } - - check = form.getSsoSpecialText(); - if (MiscUtil.isNotEmpty(check)) { - if (ValidationHelper.containsNotValidCharacter(check, true)) { - log.info("SSO SpecialText is not valid: " + check); - errors.add(LanguageHelper.getErrorString("validation.general.sso.specialauthtext.valid", - new Object[] {ValidationHelper.getNotValidCharacter(true)} , request)); + + check = form.getSLRequestTemplateOnline(); + if (MiscUtil.isEmpty(check)) { + log.info("Empty SLRequestTemplate Online-BKU"); + errors.add(LanguageHelper.getErrorString("validation.general.slrequest.online.empty", request)); + } else { + if (ValidationHelper.isNotValidIdentityLinkSigner(check)) { + log.info("SLRequestTemplate Online-BKU is not valid"); + errors.add(LanguageHelper.getErrorString("validation.general.slrequest.online.valid", request)); + } } - } - - check = form.getSsoTarget(); - if (MiscUtil.isEmpty(check)) { - log.info("Empty SSO Target"); - //errors.add(LanguageHelper.getErrorString("validation.general.sso.target.empty", request)); - } else { - if (!ValidationHelper.isValidAdminTarget(check)) { - + check = form.getSsoFriendlyName(); + if (MiscUtil.isNotEmpty(check)) { if (ValidationHelper.containsNotValidCharacter(check, false)) { - log.warn("IdentificationNumber contains potentail XSS characters: " + check); - errors.add(LanguageHelper.getErrorString("validation.general.sso.target.valid", + log.info("SSO friendlyname is not valid: " + check); + errors.add(LanguageHelper.getErrorString("validation.general.sso.friendlyname.valid", new Object[] {ValidationHelper.getNotValidCharacter(false)}, request )); } + } + + // check = form.getSsoIdentificationNumber(); + // if (MiscUtil.isNotEmpty(check)) { + // if (ValidationHelper.containsPotentialCSSCharacter(check, false)) { + // log.info("SSO IdentificationNumber is not valid: " + check); + // errors.add(LanguageHelper.getErrorString("validation.general.sso.identificationnumber.valid", + // new Object[] {ValidationHelper.getPotentialCSSCharacter(false)} )); + // } + // } + + // check = form.getSsoPublicUrl(); + // if (MiscUtil.isNotEmpty(check)) { + // if (!ValidationHelper.validateURL(check)) { + // log.info("SSO Public URL is not valid"); + // errors.add(LanguageHelper.getErrorString("validation.general.sso.publicurl.valid")); + // } + // } + + check = form.getSsoSpecialText(); + if (MiscUtil.isNotEmpty(check)) { + if (ValidationHelper.containsNotValidCharacter(check, true)) { + log.info("SSO SpecialText is not valid: " + check); + errors.add(LanguageHelper.getErrorString("validation.general.sso.specialauthtext.valid", + new Object[] {ValidationHelper.getNotValidCharacter(true)} , request)); + } + } + + check = form.getSsoTarget(); + if (MiscUtil.isEmpty(check)) { + log.info("Empty SSO Target"); + //errors.add(LanguageHelper.getErrorString("validation.general.sso.target.empty", request)); - String num = check.replaceAll(" ", ""); - - if ( !(num.startsWith(Constants.IDENIFICATIONTYPE_FN) || - num.startsWith(Constants.IDENIFICATIONTYPE_ZVR) || - num.startsWith(Constants.IDENIFICATIONTYPE_ERSB) ) ) { + } else { + if (!ValidationHelper.isValidAdminTarget(check)) { - log.info("Not valid SSO Target"); - errors.add(LanguageHelper.getErrorString("validation.general.sso.target.valid", request)); + if (ValidationHelper.containsNotValidCharacter(check, false)) { + log.warn("IdentificationNumber contains potentail XSS characters: " + check); + errors.add(LanguageHelper.getErrorString("validation.general.sso.target.valid", + new Object[] {ValidationHelper.getNotValidCharacter(false)}, request )); + } + + String num = check.replaceAll(" ", ""); + + if ( !(num.startsWith(Constants.IDENIFICATIONTYPE_FN) || + num.startsWith(Constants.IDENIFICATIONTYPE_ZVR) || + num.startsWith(Constants.IDENIFICATIONTYPE_ERSB) ) ) { + + log.info("Not valid SSO Target"); + errors.add(LanguageHelper.getErrorString("validation.general.sso.target.valid", request)); + } + } - } - } - - check = form.getSzrgwURL(); - if (MiscUtil.isNotEmpty(check)) { - String[] szrGWServiceURLs = check.split(","); - for (String el : szrGWServiceURLs) { - if (MiscUtil.isNotEmpty(el) && !ValidationHelper.validateURL(StringUtils.chomp(el.trim()))) { - log.info("Not valid Online-Mandate Service URL"); - errors.add(LanguageHelper.getErrorString("validation.general.szrgw.url.valid", - new Object[]{el}, request)); + + check = form.getSzrgwURL(); + if (MiscUtil.isNotEmpty(check)) { + String[] szrGWServiceURLs = check.split(","); + for (String el : szrGWServiceURLs) { + if (MiscUtil.isNotEmpty(el) && !ValidationHelper.validateURL(StringUtils.chomp(el.trim()))) { + log.info("Not valid Online-Mandate Service URL"); + errors.add(LanguageHelper.getErrorString("validation.general.szrgw.url.valid", + new Object[]{el}, request)); + } } } } @@ -433,41 +451,42 @@ public class MOAConfigValidator { } - - if (form.getFileUploadFileName() != null && !form.getFileUploadFileName().isEmpty()) { - HashMap<String, byte[]> map = new HashMap<String, byte[]>(); - for (int i=0; i<form.getFileUploadFileName().size(); i++) { - String filename = form.getFileUploadFileName().get(i); - - if (MiscUtil.isNotEmpty(filename)) { - if (ValidationHelper.containsNotValidCharacter(filename, false)) { - log.info("SL Transformation Filename is not valid"); - errors.add(LanguageHelper.getErrorString("validation.general.slrequest.filename.valid", request)); - - } else { - try { - File file = form.getFileUpload().get(i); - FileInputStream stream = new FileInputStream(file); - map.put(filename, Base64Utils.encode(stream).getBytes("UTF-8")); + if (isMOAIDMode) { + if (form.getFileUploadFileName() != null && !form.getFileUploadFileName().isEmpty()) { + HashMap<String, byte[]> map = new HashMap<String, byte[]>(); + for (int i=0; i<form.getFileUploadFileName().size(); i++) { + String filename = form.getFileUploadFileName().get(i); + + if (MiscUtil.isNotEmpty(filename)) { + if (ValidationHelper.containsNotValidCharacter(filename, false)) { + log.info("SL Transformation Filename is not valid"); + errors.add(LanguageHelper.getErrorString("validation.general.slrequest.filename.valid", request)); - } catch (IOException e) { - log.info("SecurtiyLayerTransformation with FileName " - + filename +" can not be loaded." , e); - errors.add(LanguageHelper.getErrorString("validation.general.slrequest.file.valid", - new Object[] {filename}, request )); - } + } else { + try { + File file = form.getFileUpload().get(i); + FileInputStream stream = new FileInputStream(file); + map.put(filename, Base64Utils.encode(stream).getBytes("UTF-8")); + + } catch (IOException e) { + log.info("SecurtiyLayerTransformation with FileName " + + filename +" can not be loaded." , e); + errors.add(LanguageHelper.getErrorString("validation.general.slrequest.file.valid", + new Object[] {filename}, request )); + } + } } } - } - - form.setSecLayerTransformation(map); - - } else { - if (form.getSecLayerTransformation() == null) { - log.info("AuthBlock Transformation file is empty"); - errors.add(LanguageHelper.getErrorString("validation.general.slrequest.file.empty", request)); + + form.setSecLayerTransformation(map); - } + } else { + if (form.getSecLayerTransformation() == null) { + log.info("AuthBlock Transformation file is empty"); + errors.add(LanguageHelper.getErrorString("validation.general.slrequest.file.empty", request)); + + } + } } |