diff options
Diffstat (limited to 'id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/validation')
12 files changed, 169 insertions, 142 deletions
diff --git a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/validation/FormularCustomizationValitator.java b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/validation/FormularCustomizationValitator.java index 758aa7dc7..ae7ee3c8e 100644 --- a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/validation/FormularCustomizationValitator.java +++ b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/validation/FormularCustomizationValitator.java @@ -25,6 +25,8 @@ package at.gv.egovernment.moa.id.configuration.validation; import java.util.ArrayList; import java.util.List; +import javax.servlet.http.HttpServletRequest; + import org.apache.log4j.Logger; import at.gv.egovernment.moa.id.configuration.data.FormularCustomization; @@ -35,14 +37,14 @@ public class FormularCustomizationValitator { private static final Logger log = Logger.getLogger(FormularCustomizationValitator.class); - public List<String> validate(FormularCustomization form) { + public List<String> validate(FormularCustomization form, HttpServletRequest request) { List<String> errors = new ArrayList<String>(); String check; if (form.isOnlyMandateAllowed() && !form.isShowMandateLoginButton()) { log.warn("OnlyMandateAllowed in combination with hidden MandateLoginCheckbox is not possible."); - errors.add(LanguageHelper.getErrorString("validation.general.bkuselection.specialfeatures.combination")); + errors.add(LanguageHelper.getErrorString("validation.general.bkuselection.specialfeatures.combination", request)); } check = form.getBackGroundColor(); @@ -52,7 +54,7 @@ public class FormularCustomizationValitator { if (!ValidationHelper.isValidHexValue(check)) { log.warn("BKUSelectionBackGroundColor is not a valid hex value " + check); - errors.add(LanguageHelper.getErrorString("validation.general.form.color.background")); + errors.add(LanguageHelper.getErrorString("validation.general.form.color.background", request)); } } @@ -63,7 +65,7 @@ public class FormularCustomizationValitator { if (!ValidationHelper.isValidHexValue(check)) { log.warn("BKUSelectionFrontColor is not a valid hex value " + check); - errors.add(LanguageHelper.getErrorString("validation.general.form.color.front")); + errors.add(LanguageHelper.getErrorString("validation.general.form.color.front", request)); } } @@ -74,7 +76,7 @@ public class FormularCustomizationValitator { if (!ValidationHelper.isValidHexValue(check)) { log.warn("HeaderBackGroundColor is not a valid hex value " + check); - errors.add(LanguageHelper.getErrorString("validation.general.form.header.color.back")); + errors.add(LanguageHelper.getErrorString("validation.general.form.header.color.back", request)); } } @@ -85,7 +87,7 @@ public class FormularCustomizationValitator { if (!ValidationHelper.isValidHexValue(check)) { log.warn("HeaderFrontColor is not a valid hex value " + check); - errors.add(LanguageHelper.getErrorString("validation.general.form.header.color.front")); + errors.add(LanguageHelper.getErrorString("validation.general.form.header.color.front", request)); } } @@ -94,7 +96,7 @@ public class FormularCustomizationValitator { if (ValidationHelper.containsPotentialCSSCharacter(check, false)) { log.warn("HeaderText contains potentail XSS characters: " + check); errors.add(LanguageHelper.getErrorString("validation.general.form.header.text", - new Object[] {ValidationHelper.getPotentialCSSCharacter(false)} )); + new Object[] {ValidationHelper.getPotentialCSSCharacter(false)}, request )); } } @@ -105,7 +107,7 @@ public class FormularCustomizationValitator { if (!ValidationHelper.isValidHexValue(check)) { log.warn("ButtonBackGroundColor is not a valid hex value " + check); - errors.add(LanguageHelper.getErrorString("validation.general.form.button.color.back")); + errors.add(LanguageHelper.getErrorString("validation.general.form.button.color.back", request)); } } @@ -116,7 +118,7 @@ public class FormularCustomizationValitator { if (!ValidationHelper.isValidHexValue(check)) { log.warn("ButtonBackGroundColorFocus is not a valid hex value " + check); - errors.add(LanguageHelper.getErrorString("validation.general.form.button.color.back.focus")); + errors.add(LanguageHelper.getErrorString("validation.general.form.button.color.back.focus", request)); } } @@ -127,7 +129,7 @@ public class FormularCustomizationValitator { if (!ValidationHelper.isValidHexValue(check)) { log.warn("ButtonFrontColor is not a valid hex value " + check); - errors.add(LanguageHelper.getErrorString("validation.general.form.button.color.front")); + errors.add(LanguageHelper.getErrorString("validation.general.form.button.color.front", request)); } } @@ -135,7 +137,7 @@ public class FormularCustomizationValitator { if (MiscUtil.isNotEmpty(check)) { if (!FormularCustomization.appletRedirectTargetList.contains(check)) { log.warn("AppletRedirectTarget has not valid value " + check); - errors.add(LanguageHelper.getErrorString("validation.general.form.appletredirecttarget")); + errors.add(LanguageHelper.getErrorString("validation.general.form.appletredirecttarget", request)); } } @@ -144,7 +146,7 @@ public class FormularCustomizationValitator { if (ValidationHelper.containsPotentialCSSCharacter(check, true)) { log.warn("FontType contains potentail XSS characters: " + check); errors.add(LanguageHelper.getErrorString("validation.general.form.fonttype", - new Object[] {ValidationHelper.getPotentialCSSCharacter(true)} )); + new Object[] {ValidationHelper.getPotentialCSSCharacter(true)}, request )); } } @@ -153,7 +155,7 @@ public class FormularCustomizationValitator { if (!ValidationHelper.validateNumber(check)) { log.warn("Applet height "+ check + " is no valid number"); errors.add(LanguageHelper.getErrorString("validation.general.form.applet.height", - new Object[] {ValidationHelper.getPotentialCSSCharacter(true)} )); + new Object[] {ValidationHelper.getPotentialCSSCharacter(true)}, request )); } } @@ -162,7 +164,7 @@ public class FormularCustomizationValitator { if (!ValidationHelper.validateNumber(check)) { log.warn("Applet width "+ check + " is no valid number"); errors.add(LanguageHelper.getErrorString("validation.general.form.applet.width", - new Object[] {ValidationHelper.getPotentialCSSCharacter(true)} )); + new Object[] {ValidationHelper.getPotentialCSSCharacter(true)}, request )); } } diff --git a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/validation/UserDatabaseFormValidator.java b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/validation/UserDatabaseFormValidator.java index a837ee855..3ed0157da 100644 --- a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/validation/UserDatabaseFormValidator.java +++ b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/validation/UserDatabaseFormValidator.java @@ -25,6 +25,8 @@ package at.gv.egovernment.moa.id.configuration.validation; import java.util.ArrayList; import java.util.List; +import javax.servlet.http.HttpServletRequest; + import org.apache.log4j.Logger; import at.gv.egovernment.moa.id.commons.db.ConfigurationDBRead; @@ -38,7 +40,8 @@ public class UserDatabaseFormValidator { private static final Logger log = Logger.getLogger(UserDatabaseFormValidator.class); - public List<String> validate(UserDatabaseFrom form, long userID, boolean isPVP2Generated, boolean isMandateUser) { + public List<String> validate(UserDatabaseFrom form, long userID, boolean isPVP2Generated, + boolean isMandateUser, HttpServletRequest request) { List<String> errors = new ArrayList<String>(); String check = null; @@ -49,11 +52,11 @@ public class UserDatabaseFormValidator { if (ValidationHelper.containsPotentialCSSCharacter(check, false)) { log.warn("GivenName contains potentail XSS characters: " + check); errors.add(LanguageHelper.getErrorString("validation.edituser.givenname.valid", - new Object[] {ValidationHelper.getPotentialCSSCharacter(false)} )); + new Object[] {ValidationHelper.getPotentialCSSCharacter(false)}, request )); } } else { log.warn("GivenName is empty"); - errors.add(LanguageHelper.getErrorString("validation.edituser.givenname.empty")); + errors.add(LanguageHelper.getErrorString("validation.edituser.givenname.empty", request)); } @@ -62,11 +65,11 @@ public class UserDatabaseFormValidator { if (ValidationHelper.containsPotentialCSSCharacter(check, false)) { log.warn("FamilyName contains potentail XSS characters: " + check); errors.add(LanguageHelper.getErrorString("validation.edituser.familyname.valid", - new Object[] {ValidationHelper.getPotentialCSSCharacter(false)} )); + new Object[] {ValidationHelper.getPotentialCSSCharacter(false)}, request )); } } else { log.warn("FamilyName is empty"); - errors.add(LanguageHelper.getErrorString("validation.edituser.familyname.empty")); + errors.add(LanguageHelper.getErrorString("validation.edituser.familyname.empty", request)); } } @@ -76,11 +79,11 @@ public class UserDatabaseFormValidator { if (ValidationHelper.containsPotentialCSSCharacter(check, false)) { log.warn("Organisation contains potentail XSS characters: " + check); errors.add(LanguageHelper.getErrorString("validation.edituser.institut.valid", - new Object[] {ValidationHelper.getPotentialCSSCharacter(false)} )); + new Object[] {ValidationHelper.getPotentialCSSCharacter(false)}, request )); } } else { log.warn("Organisation is empty"); - errors.add(LanguageHelper.getErrorString("validation.edituser.institut.empty")); + errors.add(LanguageHelper.getErrorString("validation.edituser.institut.empty", request)); } } @@ -89,11 +92,11 @@ public class UserDatabaseFormValidator { if (!ValidationHelper.isEmailAddressFormat(check)) { log.warn("Mailaddress is not valid: " + check); errors.add(LanguageHelper.getErrorString("validation.edituser.mail.valid", - new Object[] {ValidationHelper.getPotentialCSSCharacter(false)} )); + new Object[] {ValidationHelper.getPotentialCSSCharacter(false)}, request )); } } else { log.warn("Mailaddress is empty"); - errors.add(LanguageHelper.getErrorString("validation.edituser.mail.empty")); + errors.add(LanguageHelper.getErrorString("validation.edituser.mail.empty", request)); } check = form.getPhone(); @@ -101,11 +104,11 @@ public class UserDatabaseFormValidator { if (ValidationHelper.containsPotentialCSSCharacter(check, false)) { log.warn("Phonenumber contains potentail XSS characters: " + check); errors.add(LanguageHelper.getErrorString("validation.edituser.phone.valid", - new Object[] {ValidationHelper.getPotentialCSSCharacter(false)} )); + new Object[] {ValidationHelper.getPotentialCSSCharacter(false)}, request )); } } else { log.warn("Phonenumber is empty"); - errors.add(LanguageHelper.getErrorString("validation.edituser.phone.empty")); + errors.add(LanguageHelper.getErrorString("validation.edituser.phone.empty", request)); } if (form.isIsusernamepasswordallowed()) { @@ -114,25 +117,25 @@ public class UserDatabaseFormValidator { if (ValidationHelper.containsPotentialCSSCharacter(check, false)) { log.warn("Username contains potentail XSS characters: " + check); errors.add(LanguageHelper.getErrorString("validation.edituser.username.valid", - new Object[] {ValidationHelper.getPotentialCSSCharacter(false)} )); + new Object[] {ValidationHelper.getPotentialCSSCharacter(false)}, request )); } else { UserDatabase dbuser = ConfigurationDBRead.getUserWithUserName(check); if (dbuser != null && userID != dbuser.getHjid()) { log.warn("Username " + check + " exists in UserDatabase"); - errors.add(LanguageHelper.getErrorString("validation.edituser.username.duplicate")); + errors.add(LanguageHelper.getErrorString("validation.edituser.username.duplicate", request)); form.setUsername(""); } } } else { if (userID == -1) { log.warn("Username is empty"); - errors.add(LanguageHelper.getErrorString("validation.edituser.username.empty")); + errors.add(LanguageHelper.getErrorString("validation.edituser.username.empty", request)); } else { UserDatabase dbuser = ConfigurationDBRead.getUserWithID(userID); if (dbuser == null) { log.warn("Username is empty"); - errors.add(LanguageHelper.getErrorString("validation.edituser.username.empty")); + errors.add(LanguageHelper.getErrorString("validation.edituser.username.empty", request)); } else { form.setUsername(dbuser.getUsername()); } @@ -144,12 +147,12 @@ public class UserDatabaseFormValidator { if (MiscUtil.isEmpty(check)) { if (userID == -1) { log.warn("Password is empty"); - errors.add(LanguageHelper.getErrorString("validation.edituser.password.empty")); + errors.add(LanguageHelper.getErrorString("validation.edituser.password.empty", request)); } else { UserDatabase dbuser = ConfigurationDBRead.getUserWithID(userID); if (dbuser == null || MiscUtil.isEmpty(dbuser.getPassword())) { log.warn("Password is empty"); - errors.add(LanguageHelper.getErrorString("validation.edituser.password.empty")); + errors.add(LanguageHelper.getErrorString("validation.edituser.password.empty", request)); } } @@ -159,12 +162,12 @@ public class UserDatabaseFormValidator { String key = AuthenticationHelper.generateKeyFormPassword(check); if (key == null) { - errors.add(LanguageHelper.getErrorString("validation.edituser.password.valid")); + errors.add(LanguageHelper.getErrorString("validation.edituser.password.valid", request)); } } else { - errors.add(LanguageHelper.getErrorString("validation.edituser.password.equal")); + errors.add(LanguageHelper.getErrorString("validation.edituser.password.equal", request)); } } } @@ -174,7 +177,7 @@ public class UserDatabaseFormValidator { if (ValidationHelper.containsPotentialCSSCharacter(check, false)) { log.warn("BPK contains potentail XSS characters: " + check); errors.add(LanguageHelper.getErrorString("validation.edituser.bpk.valid", - new Object[] {ValidationHelper.getPotentialCSSCharacter(false)} )); + new Object[] {ValidationHelper.getPotentialCSSCharacter(false)}, request )); } } diff --git a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/validation/moaconfig/MOAConfigValidator.java b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/validation/moaconfig/MOAConfigValidator.java index 3723a09e9..cfa00f0e1 100644 --- a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/validation/moaconfig/MOAConfigValidator.java +++ b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/validation/moaconfig/MOAConfigValidator.java @@ -30,6 +30,8 @@ import java.util.HashMap; import java.util.List; import java.util.Map; +import javax.servlet.http.HttpServletRequest; + import org.apache.log4j.Logger; import at.gv.egovernment.moa.id.configuration.Constants; @@ -46,7 +48,7 @@ public class MOAConfigValidator { private static final Logger log = Logger.getLogger(MOAConfigValidator.class); - public List<String> validate(GeneralMOAIDConfig form) { + public List<String> validate(GeneralMOAIDConfig form, HttpServletRequest request) { List<String> errors = new ArrayList<String>(); @@ -58,7 +60,7 @@ public class MOAConfigValidator { if (ValidationHelper.containsPotentialCSSCharacter(check, false)) { log.warn("SAML1 SourceID contains potentail XSS characters: " + check); errors.add(LanguageHelper.getErrorString("validation.general.SAML1SourceID", - new Object[] {ValidationHelper.getPotentialCSSCharacter(false)} )); + new Object[] {ValidationHelper.getPotentialCSSCharacter(false)}, request )); } } @@ -66,11 +68,11 @@ public class MOAConfigValidator { if (MiscUtil.isNotEmpty(check)) { if (!ValidationHelper.validateURL(check)) { log.info("Public URL Prefix is not valid"); - errors.add(LanguageHelper.getErrorString("validation.general.publicURLprefix.valid")); + errors.add(LanguageHelper.getErrorString("validation.general.publicURLprefix.valid", request)); } } else { log.info("PublicURL Prefix is empty."); - errors.add(LanguageHelper.getErrorString("validation.general.publicURLprefix.empty")); + errors.add(LanguageHelper.getErrorString("validation.general.publicURLprefix.empty", request)); } check = form.getTimeoutAssertion(); @@ -78,7 +80,7 @@ public class MOAConfigValidator { if (!ValidationHelper.validateNumber(check)) { log.warn("Assertion Timeout is no number " + check); errors.add(LanguageHelper.getErrorString("validation.general.timeouts.assertion.valid", - new Object[] {ValidationHelper.getNotValidOAIdentifierCharacters()} )); + new Object[] {ValidationHelper.getNotValidOAIdentifierCharacters()}, request )); } } check = form.getTimeoutMOASessionCreated(); @@ -86,7 +88,7 @@ public class MOAConfigValidator { if (!ValidationHelper.validateNumber(check)) { log.warn("MOASessionCreated Timeout is no number " + check); errors.add(LanguageHelper.getErrorString("validation.general.timeouts.moasessioncreated.valid", - new Object[] {ValidationHelper.getNotValidOAIdentifierCharacters()} )); + new Object[] {ValidationHelper.getNotValidOAIdentifierCharacters()}, request )); } } check = form.getTimeoutMOASessionUpdated(); @@ -94,7 +96,7 @@ public class MOAConfigValidator { if (!ValidationHelper.validateNumber(check)) { log.warn("MOASessionUpdated Timeout is no number " + check); errors.add(LanguageHelper.getErrorString("validation.general.timeouts.moasessionupdated.valid", - new Object[] {ValidationHelper.getNotValidOAIdentifierCharacters()} )); + new Object[] {ValidationHelper.getNotValidOAIdentifierCharacters()}, request )); } } @@ -103,18 +105,18 @@ public class MOAConfigValidator { if (ValidationHelper.isValidOAIdentifier(check)) { log.warn("CertStoreDirectory contains potentail XSS characters: " + check); errors.add(LanguageHelper.getErrorString("validation.general.certStoreDirectory.valid", - new Object[] {ValidationHelper.getNotValidOAIdentifierCharacters()} )); + new Object[] {ValidationHelper.getNotValidOAIdentifierCharacters()}, request )); } } else { log.info("CertStoreDirectory is empty."); - errors.add(LanguageHelper.getErrorString("validation.general.certStoreDirectory.empty")); + errors.add(LanguageHelper.getErrorString("validation.general.certStoreDirectory.empty", request)); } check = form.getDefaultBKUHandy(); if (MiscUtil.isNotEmpty(check)) { if (!ValidationHelper.validateURL(check)) { log.info("Not valid Handy-BKU URL"); - errors.add(LanguageHelper.getErrorString("validation.general.bku.handy.valid")); + errors.add(LanguageHelper.getErrorString("validation.general.bku.handy.valid", request)); } } @@ -122,7 +124,7 @@ public class MOAConfigValidator { if (MiscUtil.isNotEmpty(check)) { if (!ValidationHelper.validateURL(check)) { log.info("Not valid Online-BKU URL"); - errors.add(LanguageHelper.getErrorString("validation.general.bku.local.valid")); + errors.add(LanguageHelper.getErrorString("validation.general.bku.local.valid", request)); } } @@ -130,19 +132,19 @@ public class MOAConfigValidator { if (MiscUtil.isNotEmpty(check)) { if (!ValidationHelper.validateURL(check)) { log.info("Not valid Online-BKU URL"); - errors.add(LanguageHelper.getErrorString("validation.general.bku.online.valid")); + errors.add(LanguageHelper.getErrorString("validation.general.bku.online.valid", request)); } } check = form.getDefaultchainigmode(); if (MiscUtil.isEmpty(check)) { log.info("Empty Defaultchainigmode"); - errors.add(LanguageHelper.getErrorString("validation.general.Defaultchainigmode.empty")); + errors.add(LanguageHelper.getErrorString("validation.general.Defaultchainigmode.empty", request)); } else { Map<String, String> list = form.getChainigmodelist(); if (!list.containsKey(check)) { log.info("Not valid Defaultchainigmode " + check); - errors.add(LanguageHelper.getErrorString("validation.general.Defaultchainigmode.valid")); + errors.add(LanguageHelper.getErrorString("validation.general.Defaultchainigmode.valid", request)); } } @@ -150,7 +152,7 @@ public class MOAConfigValidator { if (MiscUtil.isNotEmpty(check)) { if (!ValidationHelper.validateURL(check)) { log.info("Not valid Online-Mandate Service URL"); - errors.add(LanguageHelper.getErrorString("validation.general.mandateservice.valid")); + errors.add(LanguageHelper.getErrorString("validation.general.mandateservice.valid", request)); } } @@ -158,7 +160,7 @@ public class MOAConfigValidator { List<String> authtranslist = new ArrayList<String>(); if (MiscUtil.isEmpty(check)) { log.info("Empty MoaspssAuthTransformation"); - errors.add(LanguageHelper.getErrorString("validation.general.moasp.auth.transformation.empty")); + errors.add(LanguageHelper.getErrorString("validation.general.moasp.auth.transformation.empty", request)); } else { //is only required if more then one transformation is in use @@ -184,24 +186,24 @@ public class MOAConfigValidator { check = form.getMoaspssAuthTrustProfile(); if (MiscUtil.isEmpty(check)) { log.info("Empty MOA-SP/SS Authblock TrustProfile"); - errors.add(LanguageHelper.getErrorString("validation.general.moasp.auth.trustprofile.empty")); + errors.add(LanguageHelper.getErrorString("validation.general.moasp.auth.trustprofile.empty", request)); } else { if (ValidationHelper.containsPotentialCSSCharacter(check, false)) { log.info("Authblock TrustProfile is not valid: " +check); errors.add(LanguageHelper.getErrorString("validation.general.moasp.auth.trustprofile.valid", - new Object[] {ValidationHelper.getPotentialCSSCharacter(false)} )); + new Object[] {ValidationHelper.getPotentialCSSCharacter(false)}, request )); } } check = form.getMoaspssIdlTrustProfile(); if (MiscUtil.isEmpty(check)) { log.info("Empty MOA-SP/SS IdentityLink TrustProfile"); - errors.add(LanguageHelper.getErrorString("validation.general.moasp.idl.trustprofile.empty")); + errors.add(LanguageHelper.getErrorString("validation.general.moasp.idl.trustprofile.empty", request)); } else { if (ValidationHelper.containsPotentialCSSCharacter(check, false)) { log.info("IdentityLink TrustProfile is not valid: " +check); errors.add(LanguageHelper.getErrorString("validation.general.moasp.idl.trustprofile.valid", - new Object[] {ValidationHelper.getPotentialCSSCharacter(false)} )); + new Object[] {ValidationHelper.getPotentialCSSCharacter(false)}, request )); } } @@ -209,7 +211,7 @@ public class MOAConfigValidator { if (MiscUtil.isNotEmpty(check)) { if (!ValidationHelper.validateURL(check)) { log.info("Not valid MOA-SP/SS Service URL"); - errors.add(LanguageHelper.getErrorString("validation.general.moaspss.url.valid")); + errors.add(LanguageHelper.getErrorString("validation.general.moaspss.url.valid", request)); } } @@ -218,7 +220,7 @@ public class MOAConfigValidator { if (ValidationHelper.containsPotentialCSSCharacter(check, false)) { log.info("PVP2 IssuerName is not valid: " + check); errors.add(LanguageHelper.getErrorString("validation.general.protocol.pvp2.issuername.valid", - new Object[] {ValidationHelper.getPotentialCSSCharacter(false)} )); + new Object[] {ValidationHelper.getPotentialCSSCharacter(false)}, request )); } } @@ -227,7 +229,7 @@ public class MOAConfigValidator { if (ValidationHelper.containsPotentialCSSCharacter(check, false)) { log.info("PVP2 organisation display name is not valid: " + check); errors.add(LanguageHelper.getErrorString("validation.general.protocol.pvp2.org.displayname.valid", - new Object[] {ValidationHelper.getPotentialCSSCharacter(false)} )); + new Object[] {ValidationHelper.getPotentialCSSCharacter(false)}, request )); } } @@ -236,7 +238,7 @@ public class MOAConfigValidator { if (ValidationHelper.containsPotentialCSSCharacter(check, false)) { log.info("PVP2 organisation name is not valid: " + check); errors.add(LanguageHelper.getErrorString("validation.general.protocol.pvp2.org.name.valid", - new Object[] {ValidationHelper.getPotentialCSSCharacter(false)} )); + new Object[] {ValidationHelper.getPotentialCSSCharacter(false)}, request )); } } @@ -244,7 +246,7 @@ public class MOAConfigValidator { if (MiscUtil.isNotEmpty(check)) { if (!ValidationHelper.validateURL(check)) { log.info("PVP2 organisation URL is not valid"); - errors.add(LanguageHelper.getErrorString("validation.general.protocol.pvp2.org.url.valid")); + errors.add(LanguageHelper.getErrorString("validation.general.protocol.pvp2.org.url.valid", request)); } } @@ -259,33 +261,33 @@ public class MOAConfigValidator { check = form.getSLRequestTemplateHandy(); if (MiscUtil.isEmpty(check)) { log.info("Empty SLRequestTemplate Handy-BKU"); - errors.add(LanguageHelper.getErrorString("validation.general.slrequest.handy.empty")); + errors.add(LanguageHelper.getErrorString("validation.general.slrequest.handy.empty", request)); } else { if (ValidationHelper.isNotValidIdentityLinkSigner(check)) { log.info("SLRequestTemplate Handy-BKU is not valid"); - errors.add(LanguageHelper.getErrorString("validation.general.slrequest.handy.valid")); + errors.add(LanguageHelper.getErrorString("validation.general.slrequest.handy.valid", request)); } } check = form.getSLRequestTemplateLocal(); if (MiscUtil.isEmpty(check)) { log.info("Empty SLRequestTemplate local BKU"); - errors.add(LanguageHelper.getErrorString("validation.general.slrequest.local.empty")); + errors.add(LanguageHelper.getErrorString("validation.general.slrequest.local.empty", request)); } else { if (ValidationHelper.isNotValidIdentityLinkSigner(check)) { log.info("SLRequestTemplate local BKU is not valid"); - errors.add(LanguageHelper.getErrorString("validation.general.slrequest.local.valid")); + errors.add(LanguageHelper.getErrorString("validation.general.slrequest.local.valid", request)); } } check = form.getSLRequestTemplateOnline(); if (MiscUtil.isEmpty(check)) { log.info("Empty SLRequestTemplate Online-BKU"); - errors.add(LanguageHelper.getErrorString("validation.general.slrequest.online.empty")); + errors.add(LanguageHelper.getErrorString("validation.general.slrequest.online.empty", request)); } else { if (ValidationHelper.isNotValidIdentityLinkSigner(check)) { log.info("SLRequestTemplate Online-BKU is not valid"); - errors.add(LanguageHelper.getErrorString("validation.general.slrequest.online.valid")); + errors.add(LanguageHelper.getErrorString("validation.general.slrequest.online.valid", request)); } } @@ -294,7 +296,7 @@ public class MOAConfigValidator { if (ValidationHelper.containsPotentialCSSCharacter(check, false)) { log.info("SSO friendlyname is not valid: " + check); errors.add(LanguageHelper.getErrorString("validation.general.sso.friendlyname.valid", - new Object[] {ValidationHelper.getPotentialCSSCharacter(false)} )); + new Object[] {ValidationHelper.getPotentialCSSCharacter(false)}, request )); } } @@ -320,14 +322,14 @@ public class MOAConfigValidator { if (ValidationHelper.containsPotentialCSSCharacter(check, true)) { log.info("SSO SpecialText is not valid: " + check); errors.add(LanguageHelper.getErrorString("validation.general.sso.specialauthtext.valid", - new Object[] {ValidationHelper.getPotentialCSSCharacter(true)} )); + new Object[] {ValidationHelper.getPotentialCSSCharacter(true)} , request)); } } check = form.getSsoTarget(); if (MiscUtil.isEmpty(check)) { log.info("Empty SSO Target"); - errors.add(LanguageHelper.getErrorString("validation.general.sso.target.empty")); + errors.add(LanguageHelper.getErrorString("validation.general.sso.target.empty", request)); } else { if (!ValidationHelper.isValidAdminTarget(check)) { @@ -335,7 +337,7 @@ public class MOAConfigValidator { if (ValidationHelper.containsPotentialCSSCharacter(check, false)) { log.warn("IdentificationNumber contains potentail XSS characters: " + check); errors.add(LanguageHelper.getErrorString("validation.general.sso.target.valid", - new Object[] {ValidationHelper.getPotentialCSSCharacter(false)} )); + new Object[] {ValidationHelper.getPotentialCSSCharacter(false)}, request )); } String num = check.replaceAll(" ", ""); @@ -345,7 +347,7 @@ public class MOAConfigValidator { num.startsWith(Constants.IDENIFICATIONTYPE_ERSB) ) ) { log.info("Not valid SSO Target"); - errors.add(LanguageHelper.getErrorString("validation.general.sso.target.valid")); + errors.add(LanguageHelper.getErrorString("validation.general.sso.target.valid", request)); } } @@ -355,20 +357,20 @@ public class MOAConfigValidator { if (MiscUtil.isNotEmpty(check)) { if (!ValidationHelper.validateURL(check)) { log.info("SZRGW URL is not valid"); - errors.add(LanguageHelper.getErrorString("validation.general.szrgw.url.valid")); + errors.add(LanguageHelper.getErrorString("validation.general.szrgw.url.valid", request)); } } check = form.getTrustedCACerts(); if (MiscUtil.isEmpty(check)) { log.info("Empty TrustCACerts Directory"); - errors.add(LanguageHelper.getErrorString("validation.general.trustedcacerts.empty")); + errors.add(LanguageHelper.getErrorString("validation.general.trustedcacerts.empty", request)); } else { if (ValidationHelper.isNotValidIdentityLinkSigner(check)) { log.info("Not valid TrustCACerts Directory"); errors.add(LanguageHelper.getErrorString("validation.general.trustedcacerts.valid", - new Object[] {ValidationHelper.getNotValidOAIdentifierCharacters()} )); + new Object[] {ValidationHelper.getNotValidOAIdentifierCharacters()}, request )); } } @@ -382,7 +384,7 @@ public class MOAConfigValidator { if (MiscUtil.isNotEmpty(filename)) { if (ValidationHelper.containsPotentialCSSCharacter(filename, false)) { log.info("SL Transformation Filename is not valid"); - errors.add(LanguageHelper.getErrorString("validation.general.slrequest.filename.valid")); + errors.add(LanguageHelper.getErrorString("validation.general.slrequest.filename.valid", request)); } else { try { @@ -394,7 +396,7 @@ public class MOAConfigValidator { log.info("SecurtiyLayerTransformation with FileName " + filename +" can not be loaded." , e); errors.add(LanguageHelper.getErrorString("validation.general.slrequest.file.valid", - new Object[] {filename} )); + new Object[] {filename}, request )); } } } @@ -406,7 +408,7 @@ public class MOAConfigValidator { ContactForm contact = form.getPvp2Contact(); if (contact != null) { PVP2ContactValidator pvp2validator = new PVP2ContactValidator(); - errors.addAll(pvp2validator.validate(contact)); + errors.addAll(pvp2validator.validate(contact, request)); } return errors; diff --git a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/validation/moaconfig/PVP2ContactValidator.java b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/validation/moaconfig/PVP2ContactValidator.java index 5286725df..f7adc1a67 100644 --- a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/validation/moaconfig/PVP2ContactValidator.java +++ b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/validation/moaconfig/PVP2ContactValidator.java @@ -26,6 +26,8 @@ import java.util.ArrayList; import java.util.Arrays; import java.util.List; +import javax.servlet.http.HttpServletRequest; + import org.apache.log4j.Logger; import at.gv.egovernment.moa.id.configuration.data.pvp2.ContactForm; @@ -45,7 +47,7 @@ public class PVP2ContactValidator { private static final Logger log = Logger.getLogger(PVP2ContactValidator.class); - public List<String >validate(ContactForm contact) { + public List<String >validate(ContactForm contact, HttpServletRequest request) { List<String> errors = new ArrayList<String>(); String check = contact.getCompany(); @@ -53,7 +55,7 @@ public class PVP2ContactValidator { if (ValidationHelper.containsPotentialCSSCharacter(check, false)) { log.info("PVP2 Contact: Company is not valid: " + check); errors.add(LanguageHelper.getErrorString("validation.general.protocol.pvp2.contact.company.valid", - new Object[] {ValidationHelper.getPotentialCSSCharacter(false)} )); + new Object[] {ValidationHelper.getPotentialCSSCharacter(false)}, request )); } } @@ -62,7 +64,7 @@ public class PVP2ContactValidator { if (ValidationHelper.containsPotentialCSSCharacter(check, false)) { log.info("PVP2 Contact: GivenName is not valid: " + check); errors.add(LanguageHelper.getErrorString("validation.general.protocol.pvp2.contact.givenname.valid", - new Object[] {ValidationHelper.getPotentialCSSCharacter(false)} )); + new Object[] {ValidationHelper.getPotentialCSSCharacter(false)}, request )); } } @@ -71,28 +73,28 @@ public class PVP2ContactValidator { if (ValidationHelper.containsPotentialCSSCharacter(check, false)) { log.info("PVP2 Contact: SureName is not valid: " + check); errors.add(LanguageHelper.getErrorString("validation.general.protocol.pvp2.contact.surename.valid", - new Object[] {ValidationHelper.getPotentialCSSCharacter(false)} )); + new Object[] {ValidationHelper.getPotentialCSSCharacter(false)}, request )); } } check = contact.getType(); if (MiscUtil.isNotEmpty(check)) { if (!AllowedTypes.contains(check)) { - errors.add(LanguageHelper.getErrorString("validation.general.protocol.pvp2.contact.type.valid")); + errors.add(LanguageHelper.getErrorString("validation.general.protocol.pvp2.contact.type.valid", request)); } } check = contact.getMail(); if (MiscUtil.isNotEmpty(check)) { if (!ValidationHelper.isEmailAddressFormat(check)) { - errors.add(LanguageHelper.getErrorString("validation.general.protocol.pvp2.contact.mail.valid")); + errors.add(LanguageHelper.getErrorString("validation.general.protocol.pvp2.contact.mail.valid", request)); } } check = contact.getPhone(); if (MiscUtil.isNotEmpty(check)) { if (!ValidationHelper.validatePhoneNumber(check)) { - errors.add(LanguageHelper.getErrorString("validation.general.protocol.pvp2.contact.phone.valid")); + errors.add(LanguageHelper.getErrorString("validation.general.protocol.pvp2.contact.phone.valid", request)); } } diff --git a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/validation/moaconfig/StorkConfigValidator.java b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/validation/moaconfig/StorkConfigValidator.java index 93f22730c..a63b3a7b1 100644 --- a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/validation/moaconfig/StorkConfigValidator.java +++ b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/validation/moaconfig/StorkConfigValidator.java @@ -2,6 +2,9 @@ package at.gv.egovernment.moa.id.configuration.validation.moaconfig; import java.util.ArrayList; import java.util.List; + +import javax.servlet.http.HttpServletRequest; + import org.apache.log4j.Logger; import at.gv.egovernment.moa.id.commons.db.dao.config.CPEPS; @@ -15,7 +18,7 @@ public class StorkConfigValidator { private static final Logger log = Logger.getLogger(StorkConfigValidator.class); - public List<String> validate(GeneralStorkConfig form) { + public List<String> validate(GeneralStorkConfig form, HttpServletRequest request) { List<String> errors = new ArrayList<String>(); @@ -31,17 +34,17 @@ public class StorkConfigValidator { if (ValidationHelper.containsPotentialCSSCharacter(check, false)) { log.warn("CPEPS config countrycode contains potentail XSS characters: " + check); errors.add(LanguageHelper.getErrorString("validation.stork.cpeps.cc", - new Object[] {ValidationHelper.getPotentialCSSCharacter(false)} )); + new Object[] {ValidationHelper.getPotentialCSSCharacter(false)}, request )); } if(!check.toLowerCase().matches("^[a-z][a-z]$")) { log.warn("CPEPS config countrycode does not comply to ISO 3166-2 : " + check); errors.add(LanguageHelper.getErrorString("validation.stork.cpeps.cc", - new Object[] {check} )); + new Object[] {check}, request )); } } else { log.warn("CPEPS config countrycode is empty : " + check); errors.add(LanguageHelper.getErrorString("validation.stork.cpeps.empty", - new Object[] {check} )); + new Object[] {check}, request )); } // check url @@ -49,12 +52,12 @@ public class StorkConfigValidator { if (MiscUtil.isNotEmpty(check)) { if (!ValidationHelper.validateURL(check)) { log.info("CPEPS config URL is invalid : " + check); - errors.add(LanguageHelper.getErrorString("validation.stork.cpeps.url")); + errors.add(LanguageHelper.getErrorString("validation.stork.cpeps.url", request)); } } else { log.warn("CPEPS config url is empty : " + check); errors.add(LanguageHelper.getErrorString("validation.stork.cpeps.empty", - new Object[] {check} )); + new Object[] {check}, request )); } } } @@ -64,7 +67,7 @@ public class StorkConfigValidator { if(1 > qaa && 4 < qaa) { log.warn("QAA is out of range : " + qaa); errors.add(LanguageHelper.getErrorString("validation.stork.qaa.outofrange", - new Object[] {qaa} )); + new Object[] {qaa}, request )); } // check attributes @@ -73,12 +76,12 @@ public class StorkConfigValidator { if (ValidationHelper.containsPotentialCSSCharacter(check.getName(), true)) { log.warn("default attributes contains potentail XSS characters: " + check); errors.add(LanguageHelper.getErrorString("validation.stork.requestedattributes", - new Object[] {ValidationHelper.getPotentialCSSCharacter(true)} )); + new Object[] {ValidationHelper.getPotentialCSSCharacter(true)}, request )); } if(!check.getName().toLowerCase().matches("^[a-z0-9]*$")) { log.warn("default attributes do not match the requested format : " + check); errors.add(LanguageHelper.getErrorString("validation.stork.requestedattributes", - new Object[] {check} )); + new Object[] {check}, request )); } } diff --git a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/validation/oa/OAFileUploadValidation.java b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/validation/oa/OAFileUploadValidation.java index 8887aeaad..bee2ba06c 100644 --- a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/validation/oa/OAFileUploadValidation.java +++ b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/validation/oa/OAFileUploadValidation.java @@ -31,6 +31,8 @@ import java.util.HashMap; import java.util.List; import java.util.Map; +import javax.servlet.http.HttpServletRequest; + import org.apache.commons.io.IOUtils; import org.apache.log4j.Logger; @@ -48,7 +50,8 @@ public class OAFileUploadValidation { private static final Logger log = Logger.getLogger(OASSOConfigValidation.class); - public List<String> validate(List<String> fileName, List<File> files, String errorMsgPreFix, Map<String, byte[]> output) { + public List<String> validate(List<String> fileName, List<File> files, + String errorMsgPreFix, Map<String, byte[]> output, HttpServletRequest request) { List<String> errors = new ArrayList<String>(); @@ -56,7 +59,7 @@ public class OAFileUploadValidation { if (fileName.size() > 1) { log.info("Only one BKU-selecten template file can be stored"); - errors.add(LanguageHelper.getErrorString(errorMsgPreFix + ".file.selected")); + errors.add(LanguageHelper.getErrorString(errorMsgPreFix + ".file.selected", request)); } for (int i=0; i<fileName.size(); i++) { @@ -65,7 +68,7 @@ public class OAFileUploadValidation { if (MiscUtil.isNotEmpty(filename)) { if (ValidationHelper.containsPotentialCSSCharacter(filename, false)) { log.info("Filename is not valid"); - errors.add(LanguageHelper.getErrorString(errorMsgPreFix + ".filename.valid")); + errors.add(LanguageHelper.getErrorString(errorMsgPreFix + ".filename.valid", request)); } else { try { @@ -78,7 +81,7 @@ public class OAFileUploadValidation { log.info("File with FileName " + filename +" can not be loaded." , e); errors.add(LanguageHelper.getErrorString(errorMsgPreFix + ".file.valid", - new Object[] {filename} )); + new Object[] {filename}, request )); } } } diff --git a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/validation/oa/OAGeneralConfigValidation.java b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/validation/oa/OAGeneralConfigValidation.java index 637500c1e..92bdc2052 100644 --- a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/validation/oa/OAGeneralConfigValidation.java +++ b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/validation/oa/OAGeneralConfigValidation.java @@ -26,6 +26,8 @@ import java.util.ArrayList; import java.util.List; import java.util.Map; +import javax.servlet.http.HttpServletRequest; + import org.apache.log4j.Logger; import at.gv.egovernment.moa.id.configuration.Constants; @@ -39,7 +41,7 @@ public class OAGeneralConfigValidation { private static final Logger log = Logger.getLogger(OASSOConfigValidation.class); - public List<String> validate(OAGeneralConfig form, boolean isAdmin) { + public List<String> validate(OAGeneralConfig form, boolean isAdmin, HttpServletRequest request) { List<String> errors = new ArrayList<String>(); String check; @@ -51,7 +53,7 @@ public class OAGeneralConfigValidation { if (ValidationHelper.containsPotentialCSSCharacter(check, false)) { log.warn("AditionalAuthBlockText contains potentail XSS characters: " + check); errors.add(LanguageHelper.getErrorString("validation.general.aditionalauthblocktext", - new Object[] {ValidationHelper.getPotentialCSSCharacter(false)} )); + new Object[] {ValidationHelper.getPotentialCSSCharacter(false)}, request )); } } } @@ -66,7 +68,7 @@ public class OAGeneralConfigValidation { // } else { if (!ValidationHelper.validateURL(check)) { log.info("Not valid Handy-BKU URL"); - errors.add(LanguageHelper.getErrorString("validation.general.bku.handy.valid")); + errors.add(LanguageHelper.getErrorString("validation.general.bku.handy.valid", request)); } } @@ -78,7 +80,7 @@ public class OAGeneralConfigValidation { // } else { if (!ValidationHelper.validateURL(check)) { log.info("Not valid Online-BKU URL"); - errors.add(LanguageHelper.getErrorString("validation.general.bku.local.valid")); + errors.add(LanguageHelper.getErrorString("validation.general.bku.local.valid", request)); } } @@ -90,7 +92,7 @@ public class OAGeneralConfigValidation { // } else { if (!ValidationHelper.validateURL(check)) { log.info("Not valid Online-BKU URL"); - errors.add(LanguageHelper.getErrorString("validation.general.bku.online.valid")); + errors.add(LanguageHelper.getErrorString("validation.general.bku.online.valid", request)); } } } @@ -101,11 +103,11 @@ public class OAGeneralConfigValidation { if (ValidationHelper.containsPotentialCSSCharacter(check, false)) { log.warn("OAFriendlyName contains potentail XSS characters: " + check); errors.add(LanguageHelper.getErrorString("validation.general.oafriendlyname.valid", - new Object[] {ValidationHelper.getPotentialCSSCharacter(false)} )); + new Object[] {ValidationHelper.getPotentialCSSCharacter(false)}, request )); } } else { log.info("OA friendlyName is empty"); - errors.add(LanguageHelper.getErrorString("validation.general.oafriendlyname.empty")); + errors.add(LanguageHelper.getErrorString("validation.general.oafriendlyname.empty", request)); } if (isAdmin) { @@ -113,12 +115,12 @@ public class OAGeneralConfigValidation { check = form.getKeyBoxIdentifier(); if (MiscUtil.isEmpty(check)) { log.info("Empty KeyBoxIdentifier"); - errors.add(LanguageHelper.getErrorString("validation.general.keyboxidentifier.empty")); + errors.add(LanguageHelper.getErrorString("validation.general.keyboxidentifier.empty", request)); } else { Map<String, String> list = form.getKeyBoxIdentifierList(); if (!list.containsKey(check)) { log.info("Not valid KeyBoxIdentifier " + check); - errors.add(LanguageHelper.getErrorString("validation.general.keyboxidentifier.valid")); + errors.add(LanguageHelper.getErrorString("validation.general.keyboxidentifier.valid", request)); } } @@ -128,26 +130,26 @@ public class OAGeneralConfigValidation { MiscUtil.isEmpty(form.getSLTemplateURL2()) && MiscUtil.isEmpty(form.getSLTemplateURL3()) ) { log.info("Empty OA-specific SecurityLayer Templates"); - errors.add(LanguageHelper.getErrorString("validation.general.sltemplates.empty")); + errors.add(LanguageHelper.getErrorString("validation.general.sltemplates.empty", request)); } else { check = form.getSLTemplateURL1(); if (MiscUtil.isNotEmpty(check) && ValidationHelper.isNotValidIdentityLinkSigner(check) ) { log.info("First OA-specific SecurityLayer Templates is not valid"); - errors.add(LanguageHelper.getErrorString("validation.general.sltemplate1.valid")); + errors.add(LanguageHelper.getErrorString("validation.general.sltemplate1.valid", request)); } check = form.getSLTemplateURL2(); if (MiscUtil.isNotEmpty(check) && ValidationHelper.isNotValidIdentityLinkSigner(check) ) { log.info("Second OA-specific SecurityLayer Templates is not valid"); - errors.add(LanguageHelper.getErrorString("validation.general.sltemplate2.valid")); + errors.add(LanguageHelper.getErrorString("validation.general.sltemplate2.valid", request)); } check = form.getSLTemplateURL3(); if (MiscUtil.isNotEmpty(check) && ValidationHelper.isNotValidIdentityLinkSigner(check) ) { log.info("Third OA-specific SecurityLayer Templates is not valid"); - errors.add(LanguageHelper.getErrorString("validation.general.sltemplate3.valid")); + errors.add(LanguageHelper.getErrorString("validation.general.sltemplate3.valid", request)); } } } @@ -159,13 +161,13 @@ public class OAGeneralConfigValidation { if (!form.isUseMandates()) { log.info("MandateProfiles configured but useMandates is false."); - errors.add(LanguageHelper.getErrorString("validation.general.mandate.usemandate")); + errors.add(LanguageHelper.getErrorString("validation.general.mandate.usemandate", request)); } if (ValidationHelper.containsPotentialCSSCharacter(check, true)) { log.warn("MandateProfiles contains potentail XSS characters: " + check); errors.add(LanguageHelper.getErrorString("validation.general.mandate.profiles", - new Object[] {ValidationHelper.getPotentialCSSCharacter(true)} )); + new Object[] {ValidationHelper.getPotentialCSSCharacter(true)}, request )); } } @@ -178,12 +180,12 @@ public class OAGeneralConfigValidation { check = form.getStorkSPTargetCountry(); if ((check==null)||(check.length() < 1)) { log.warn("Stork target country is not known"); - errors.add(LanguageHelper.getErrorString("validation.general.stork.sptarget")); + errors.add(LanguageHelper.getErrorString("validation.general.stork.sptarget", request)); } if (check.length() > 10) { log.warn("Incorrect size of Stork target country, too many characters"); - errors.add(LanguageHelper.getErrorString("validation.general.stork.sptargetsize")); + errors.add(LanguageHelper.getErrorString("validation.general.stork.sptargetsize", request)); } @@ -194,27 +196,27 @@ public class OAGeneralConfigValidation { check = form.getIdentificationType(); if (!form.getIdentificationTypeList().contains(check)) { log.info("IdentificationType is not known."); - errors.add(LanguageHelper.getErrorString("validation.general.stork.sptarget")); + errors.add(LanguageHelper.getErrorString("validation.general.stork.sptarget", request)); } //check identification number check = form.getIdentificationNumber(); if (MiscUtil.isEmpty(check)) { log.info("Empty IdentificationNumber"); - errors.add(LanguageHelper.getErrorString("validation.general.identificationnumber.empty")); + errors.add(LanguageHelper.getErrorString("validation.general.identificationnumber.empty", request)); } else { if (ValidationHelper.containsPotentialCSSCharacter(check, false)) { log.warn("IdentificationNumber contains potentail XSS characters: " + check); errors.add(LanguageHelper.getErrorString("validation.general.identificationnumber.valid", - new Object[] {ValidationHelper.getPotentialCSSCharacter(false)} )); + new Object[] {ValidationHelper.getPotentialCSSCharacter(false)}, request )); } if (form.getIdentificationType().equals(Constants.IDENIFICATIONTYPE_FN)) { CompanyNumberValidator val = new CompanyNumberValidator(); if (!val.validate(check)) { log.info("Not valid CompanyNumber"); - errors.add(LanguageHelper.getErrorString("validation.general.identificationnumber.fn.valid")); + errors.add(LanguageHelper.getErrorString("validation.general.identificationnumber.fn.valid", request)); } } } @@ -225,7 +227,7 @@ public class OAGeneralConfigValidation { if (MiscUtil.isNotEmpty(check)) { if (!ValidationHelper.isValidAdminTarget(check)) { log.info("Not valid Target-Subsector"); - errors.add(LanguageHelper.getErrorString("validation.general.target.subsector.valid")); + errors.add(LanguageHelper.getErrorString("validation.general.target.subsector.valid", request)); } } @@ -235,7 +237,7 @@ public class OAGeneralConfigValidation { if (!ValidationHelper.isPublicServiceAllowed(form.getIdentifier())) { log.warn("PublicURLPrefix does not allow PublicService: " + form.getIdentifier()); errors.add(LanguageHelper.getErrorString("validation.general.target.publicserviceurl", - new Object[] {form.getIdentifier()} )); + new Object[] {form.getIdentifier()}, request )); form.setBusinessService(true); return errors; @@ -245,12 +247,12 @@ public class OAGeneralConfigValidation { check = form.getTarget(); if (MiscUtil.isEmpty(check)) { log.info("Empty Target"); - errors.add(LanguageHelper.getErrorString("validation.general.target.empty")); + errors.add(LanguageHelper.getErrorString("validation.general.target.empty", request)); } else { if (!ValidationHelper.isValidTarget(check)) { log.info("Not valid Target"); - errors.add(LanguageHelper.getErrorString("validation.general.target.valid")); + errors.add(LanguageHelper.getErrorString("validation.general.target.valid", request)); } } @@ -262,13 +264,13 @@ public class OAGeneralConfigValidation { if (ValidationHelper.containsPotentialCSSCharacter(check, false)) { log.warn("TargetFriendlyName contains potentail XSS characters: " + check); errors.add(LanguageHelper.getErrorString("validation.general.targetfriendlyname", - new Object[] {ValidationHelper.getPotentialCSSCharacter(false)} )); + new Object[] {ValidationHelper.getPotentialCSSCharacter(false)}, request )); } } if (MiscUtil.isEmpty(form.getTarget()) && MiscUtil.isEmpty(form.getTarget_admin())) { log.info("Empty Target"); - errors.add(LanguageHelper.getErrorString("validation.general.target.empty")); + errors.add(LanguageHelper.getErrorString("validation.general.target.empty", request)); } //check Target @@ -276,7 +278,7 @@ public class OAGeneralConfigValidation { if (MiscUtil.isNotEmpty(check)) { if (!ValidationHelper.isValidTarget(check)) { log.info("Not valid Target"); - errors.add(LanguageHelper.getErrorString("validation.general.target.valid")); + errors.add(LanguageHelper.getErrorString("validation.general.target.valid", request)); } } @@ -285,7 +287,7 @@ public class OAGeneralConfigValidation { if (MiscUtil.isNotEmpty(check)) { if (!ValidationHelper.isValidAdminTarget(check)) { log.info("Not valid Target"); - errors.add(LanguageHelper.getErrorString("validation.general.target.admin.valid")); + errors.add(LanguageHelper.getErrorString("validation.general.target.admin.valid", request)); } } } diff --git a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/validation/oa/OAOAUTH20ConfigValidation.java b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/validation/oa/OAOAUTH20ConfigValidation.java index 249df4dcd..c30c11f5a 100644 --- a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/validation/oa/OAOAUTH20ConfigValidation.java +++ b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/validation/oa/OAOAUTH20ConfigValidation.java @@ -25,6 +25,8 @@ package at.gv.egovernment.moa.id.configuration.validation.oa; import java.util.ArrayList; import java.util.List; +import javax.servlet.http.HttpServletRequest; + import org.apache.commons.lang.StringUtils; import org.apache.log4j.Logger; @@ -36,7 +38,7 @@ public class OAOAUTH20ConfigValidation { private static final Logger log = Logger.getLogger(OAOAUTH20ConfigValidation.class); - public List<String> validate(OAOAuth20Config form) { + public List<String> validate(OAOAuth20Config form, HttpServletRequest request) { List<String> errors = new ArrayList<String>(); @@ -47,7 +49,7 @@ public class OAOAUTH20ConfigValidation { // validate redirectUri if (StringUtils.isNotEmpty(form.getRedirectUri()) && !OAuth20Util.isUrl(form.getRedirectUri())) { - errors.add(LanguageHelper.getErrorString("error.oa.oauth.redirecturi")); + errors.add(LanguageHelper.getErrorString("error.oa.oauth.redirecturi", request)); } return errors; diff --git a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/validation/oa/OAPVP2ConfigValidation.java b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/validation/oa/OAPVP2ConfigValidation.java index 18b6a2d22..b26f2d9d5 100644 --- a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/validation/oa/OAPVP2ConfigValidation.java +++ b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/validation/oa/OAPVP2ConfigValidation.java @@ -27,6 +27,8 @@ import java.security.cert.CertificateException; import java.util.ArrayList; import java.util.List; +import javax.servlet.http.HttpServletRequest; + import org.apache.log4j.Logger; import at.gv.egovernment.moa.id.configuration.data.oa.OAPVP2Config; @@ -39,7 +41,7 @@ public class OAPVP2ConfigValidation { private static final Logger log = Logger.getLogger(OAPVP2ConfigValidation.class); - public List<String> validate(OAPVP2Config form) { + public List<String> validate(OAPVP2Config form, HttpServletRequest request) { List<String> errors = new ArrayList<String>(); try { @@ -50,13 +52,13 @@ public class OAPVP2ConfigValidation { if (MiscUtil.isNotEmpty(check)) { if (!ValidationHelper.validateURL(check)) { log.info("MetaDataURL has no valid form."); - errors.add(LanguageHelper.getErrorString("validation.pvp2.metadataurl.valid")); + errors.add(LanguageHelper.getErrorString("validation.pvp2.metadataurl.valid", request)); } else { metadata = FileUtils.readURL(check); if (MiscUtil.isEmpty(metadata)) { log.info("Filecontent can not be read form MetaDataURL."); - errors.add(LanguageHelper.getErrorString("validation.pvp2.metadataurl.read")); + errors.add(LanguageHelper.getErrorString("validation.pvp2.metadataurl.read", request)); } } } @@ -86,11 +88,11 @@ public class OAPVP2ConfigValidation { } catch (CertificateException e) { log.info("Uploaded Certificate can not be found", e); - errors.add(LanguageHelper.getErrorString("validation.pvp2.certificate.notfound")); + errors.add(LanguageHelper.getErrorString("validation.pvp2.certificate.notfound", request)); } catch (IOException e) { log.info("Metadata can not be loaded from URL", e); - errors.add(LanguageHelper.getErrorString("validation.pvp2.metadataurl.read")); + errors.add(LanguageHelper.getErrorString("validation.pvp2.metadataurl.read", request)); // } catch (MetadataProviderException e) { // log.info("MetaDate verification failed"); diff --git a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/validation/oa/OASAML1ConfigValidation.java b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/validation/oa/OASAML1ConfigValidation.java index 73eba87ff..95104b929 100644 --- a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/validation/oa/OASAML1ConfigValidation.java +++ b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/validation/oa/OASAML1ConfigValidation.java @@ -25,6 +25,8 @@ package at.gv.egovernment.moa.id.configuration.validation.oa; import java.util.ArrayList; import java.util.List; +import javax.servlet.http.HttpServletRequest; + import org.apache.log4j.Logger; import at.gv.egovernment.moa.id.configuration.data.oa.OAGeneralConfig; @@ -35,13 +37,13 @@ public class OASAML1ConfigValidation { private static final Logger log = Logger.getLogger(OASAML1ConfigValidation.class); - public List<String> validate(OASAML1Config form, OAGeneralConfig general) { + public List<String> validate(OASAML1Config form, OAGeneralConfig general, HttpServletRequest request) { List<String> errors = new ArrayList<String>(); if (general.isBusinessService() && form.isProvideStammZahl()) { log.info("ProvideStammZahl can not be used with BusinessService applications"); - errors.add(LanguageHelper.getErrorString("validation.saml1.providestammzahl")); + errors.add(LanguageHelper.getErrorString("validation.saml1.providestammzahl", request)); } return errors; diff --git a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/validation/oa/OASSOConfigValidation.java b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/validation/oa/OASSOConfigValidation.java index dd305d144..6de966b8d 100644 --- a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/validation/oa/OASSOConfigValidation.java +++ b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/validation/oa/OASSOConfigValidation.java @@ -25,6 +25,8 @@ package at.gv.egovernment.moa.id.configuration.validation.oa; import java.util.ArrayList; import java.util.List; +import javax.servlet.http.HttpServletRequest; + import org.apache.log4j.Logger; import at.gv.egovernment.moa.id.configuration.data.oa.OASSOConfig; @@ -36,7 +38,7 @@ public class OASSOConfigValidation { private static final Logger log = Logger.getLogger(OASSOConfigValidation.class); - public List<String> validate(OASSOConfig form, boolean isAdmin) { + public List<String> validate(OASSOConfig form, boolean isAdmin, HttpServletRequest request) { List<String> errors = new ArrayList<String>(); @@ -48,7 +50,7 @@ public class OASSOConfigValidation { } else { if (!ValidationHelper.validateURL(urlString) && form.isUseSSO()) { log.info("Single Log-Out url validation error"); - errors.add(LanguageHelper.getErrorString("validation.sso.logouturl.valid")); + errors.add(LanguageHelper.getErrorString("validation.sso.logouturl.valid", request)); } } diff --git a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/validation/oa/OASTORKConfigValidation.java b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/validation/oa/OASTORKConfigValidation.java index 554aa9ff0..7bdcb65cf 100644 --- a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/validation/oa/OASTORKConfigValidation.java +++ b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/validation/oa/OASTORKConfigValidation.java @@ -25,6 +25,8 @@ package at.gv.egovernment.moa.id.configuration.validation.oa; import java.util.ArrayList; import java.util.List; +import javax.servlet.http.HttpServletRequest; + import org.apache.log4j.Logger; import at.gv.egovernment.moa.id.commons.db.dao.config.AttributeProviderPlugin; @@ -37,7 +39,7 @@ public class OASTORKConfigValidation { private static final Logger log = Logger.getLogger(OASTORKConfigValidation.class); - public List<String> validate(OASTORKConfig oageneral) { + public List<String> validate(OASTORKConfig oageneral, HttpServletRequest request) { List<String> errors = new ArrayList<String>(); @@ -46,29 +48,29 @@ public class OASTORKConfigValidation { if(1 > qaa && 4 < qaa) { log.warn("QAA is out of range : " + qaa); errors.add(LanguageHelper.getErrorString("validation.stork.qaa.outofrange", - new Object[] {qaa} )); + new Object[] {qaa}, request )); } if (oageneral.isVidpEnabled()) { for(AttributeProviderPlugin current : oageneral.getAttributeProviderPlugins()) { if (MiscUtil.isEmpty(current.getUrl()) || !ValidationHelper.validateURL(current.getUrl())) { log.info("AttributeProviderPlugin URL has no valid form."); - errors.add(LanguageHelper.getErrorString("validation.stork.ap.url.valid")); + errors.add(LanguageHelper.getErrorString("validation.stork.ap.url.valid", request)); } if (MiscUtil.isEmpty(current.getName())) { log.info("AttributeProviderPlugin Name is empty."); - errors.add(LanguageHelper.getErrorString("validation.stork.ap.name.empty")); + errors.add(LanguageHelper.getErrorString("validation.stork.ap.name.empty", request)); } else { if (!oageneral.getAvailableAttributeProviderPlugins().contains(current.getName())) { log.info("AttributeProviderPlugin Name is not supported."); - errors.add(LanguageHelper.getErrorString("validation.stork.ap.name.valid")); + errors.add(LanguageHelper.getErrorString("validation.stork.ap.name.valid", request)); } } if (MiscUtil.isEmpty(current.getAttributes()) || !current.getAttributes().matches("[a-zA-Z]+(, ?[a-zA-Z]+)*")) { log.info("AttributeProviderPlugin attributes are empty or do not match csv format."); - errors.add(LanguageHelper.getErrorString("validation.stork.ap.attributes.valid")); + errors.add(LanguageHelper.getErrorString("validation.stork.ap.attributes.valid", request)); } } |