diff options
Diffstat (limited to 'id/ConfigWebTool/src/main/java/at')
17 files changed, 1166 insertions, 72 deletions
diff --git a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/Constants.java b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/Constants.java index b87f38a3c..19af2876d 100644 --- a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/Constants.java +++ b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/Constants.java @@ -3,15 +3,14 @@ package at.gv.egovernment.moa.id.configuration; public class Constants { public static final String STRUTS_SUCCESS = "success"; public static final String STRUTS_ERROR = "error"; - - public static final String STRUTS_OA_GENERAL = "oa_general"; - public static final String STRUTS_OA_SAML1 = "oa_saml1"; - public static final String STRUTS_OA_PVP2 = "oa_pvp2"; - public static final String STRUTS_OA_SSO = "oa_sso"; - public static final String STRUTS_OA_STORK = "oa_stork"; + public static final String STRUTS_ERROR_VALIDATION = "error_validation"; + public static final String STRUTS_OA_EDIT = "editOA"; + public static final String STRUTS_REAUTHENTICATE = "reauthentication"; + public static final String STRUTS_NOTALLOWED = "notallowed"; public static final String SESSION_AUTH = "authsession"; public static final String SESSION_AUTH_ERROR = "authsessionerror"; + public static final String SESSION_OAID = "oadbidentifier"; public static final String REQUEST_OAID = "oaid"; diff --git a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/data/GeneralMOAIDConfig.java b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/data/GeneralMOAIDConfig.java new file mode 100644 index 000000000..f0c4e3314 --- /dev/null +++ b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/data/GeneralMOAIDConfig.java @@ -0,0 +1,48 @@ +package at.gv.egovernment.moa.id.configuration.data; + +import at.gv.egovernment.moa.id.commons.db.dao.config.AuthComponentGeneral; +import at.gv.egovernment.moa.id.commons.db.dao.config.ConnectionParameterClientAuthType; +import at.gv.egovernment.moa.id.commons.db.dao.config.ForeignIdentities; +import at.gv.egovernment.moa.id.commons.db.dao.config.GeneralConfiguration; +import at.gv.egovernment.moa.id.commons.db.dao.config.MOAIDConfiguration; +import at.gv.egovernment.moa.id.commons.db.dao.config.STORK; + +public class GeneralMOAIDConfig { + + private String szrgwURL = null; + private String alternativeSourceID = null; + private String certStoreDirectory = null; + + + public void parse(MOAIDConfiguration config) { + + if (config != null) { + AuthComponentGeneral auth = config.getAuthComponentGeneral(); + + if (auth != null) { + ForeignIdentities foreign = auth.getForeignIdentities(); + + if (foreign != null) { + ConnectionParameterClientAuthType connect_foreign = foreign.getConnectionParameter(); + if (connect_foreign != null) { + szrgwURL = connect_foreign.getURL(); + } + + STORK stork = foreign.getSTORK(); + if (stork != null) { + //TODO: add Stork config + + } + } + + GeneralConfiguration authgen = auth.getGeneralConfiguration(); + if (authgen != null) { + alternativeSourceID = authgen.getAlternativeSourceID(); + certStoreDirectory = authgen.getCertStoreDirectory(); + } + } + + } + + } +} diff --git a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/data/oa/OAGeneralConfig.java b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/data/oa/OAGeneralConfig.java index f38d5679c..ebd1b3862 100644 --- a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/data/oa/OAGeneralConfig.java +++ b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/data/oa/OAGeneralConfig.java @@ -49,7 +49,7 @@ public class OAGeneralConfig { private boolean calculateHPI = false; private String keyBoxIdentifier = null; - private static List<String> keyBoxIdentifierList; + private static Map<String, String> keyBoxIdentifierList; private String templateURL = null; @@ -58,15 +58,21 @@ public class OAGeneralConfig { public OAGeneralConfig() { - + keyBoxIdentifierList = new HashMap<String, String>(); + MOAKeyBoxSelector[] values = MOAKeyBoxSelector.values(); + for (int i=0; i<values.length; i++) { + keyBoxIdentifierList.put(values[i].value(), values[i].value()); + } } public void parse(OnlineApplication dbOAConfig) { - + + isActive = dbOAConfig.isIsActive(); + friendlyName = dbOAConfig.getFriendlyName(); - keyBoxIdentifier = dbOAConfig.getKeyBoxIdentifier().toString(); + keyBoxIdentifier = dbOAConfig.getKeyBoxIdentifier().value(); identifier = dbOAConfig.getPublicURLPrefix(); target = dbOAConfig.getTarget(); @@ -113,13 +119,7 @@ public class OAGeneralConfig { for (TransformsInfoType el : transforminfos) { transformations.put(el.getFilename(), el.getTransformation()); } - - keyBoxIdentifierList = new ArrayList<String>(); - MOAKeyBoxSelector[] values = MOAKeyBoxSelector.values(); - for (int i=0; i<values.length; i++) { - keyBoxIdentifierList.add(values[i].value()); - } - + useIFrame = oaauth.isUseIFrame(); useUTC = oaauth.isUseUTC(); } @@ -342,7 +342,7 @@ public class OAGeneralConfig { /** * @return the keyBoxIdentifierList */ - public List<String> getKeyBoxIdentifierList() { + public Map<String, String> getKeyBoxIdentifierList() { return keyBoxIdentifierList; } @@ -350,8 +350,8 @@ public class OAGeneralConfig { /** * @param keyBoxIdentifierList the keyBoxIdentifierList to set */ - public void setKeyBoxIdentifierList(List<String> keyBoxIdentifierList) { - this.keyBoxIdentifierList = keyBoxIdentifierList; + public void setKeyBoxIdentifierList(Map<String, String> list) { + keyBoxIdentifierList = list; } diff --git a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/data/oa/OAPVP2Config.java b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/data/oa/OAPVP2Config.java index 1269e8077..fdce518a7 100644 --- a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/data/oa/OAPVP2Config.java +++ b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/data/oa/OAPVP2Config.java @@ -1,6 +1,9 @@ package at.gv.egovernment.moa.id.configuration.data.oa; import java.io.File; +import java.io.FileInputStream; +import java.io.FileNotFoundException; +import java.io.IOException; import java.security.cert.CertificateException; import java.util.ArrayList; import java.util.List; @@ -13,13 +16,13 @@ import at.gv.egovernment.moa.id.commons.db.dao.config.OAPVP2; import at.gv.egovernment.moa.id.commons.db.dao.config.OnlineApplication; import at.gv.egovernment.moa.id.configuration.helper.LanguageHelper; import at.gv.egovernment.moa.id.configuration.struts.action.EditOAAction; +import at.gv.egovernment.moa.util.MiscUtil; public class OAPVP2Config { private final Logger log = Logger.getLogger(OAPVP2Config.class); private String metaDataURL = null; - private byte[] certificate = null; private String certificateDN = null; private File fileUpload = null; @@ -39,16 +42,27 @@ public class OAPVP2Config { metaDataURL = pvp2.getMetadataURL(); try { - X509Certificate x509 = new X509Certificate(pvp2.getCertificate()); - certificateDN = x509.getSubjectDN().getName(); + byte[] cert = pvp2.getCertificate(); + + if (MiscUtil.isNotEmpty(cert)) { + X509Certificate x509 = new X509Certificate(cert); + certificateDN = x509.getSubjectDN().getName(); + } } catch (CertificateException e) { log.warn("PVP2 certificate can not be loaded from Online-Applikation with ID " + dbOAConfig.getPublicURLPrefix()); - errors.add(LanguageHelper.getErrorString("error.oa.pvp2.certificate", null)); + errors.add(LanguageHelper.getErrorString("error.oa.pvp2.certificate")); } } } return errors; } + + public byte[] getCertificate() throws CertificateException, IOException { + + FileInputStream filestream = new FileInputStream(fileUpload); + X509Certificate x509 = new X509Certificate(filestream); + return x509.getEncoded(); + } public String getMetaDataURL() { return metaDataURL; @@ -56,12 +70,6 @@ public class OAPVP2Config { public void setMetaDataURL(String metaDataURL) { this.metaDataURL = metaDataURL; } - public byte[] getCertificate() { - return certificate; - } - public void setCertificate(byte[] certificate) { - this.certificate = certificate; - } /** * @return the certificateDN diff --git a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/exception/ConfigurationException.java b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/exception/ConfigurationException.java index 39a18309a..e83bf6997 100644 --- a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/exception/ConfigurationException.java +++ b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/exception/ConfigurationException.java @@ -7,11 +7,11 @@ public class ConfigurationException extends Exception { private static final long serialVersionUID = 1L; public ConfigurationException(String errorname) { - super(LanguageHelper.getErrorString(errorname, null)); + super(LanguageHelper.getErrorString(errorname)); } public ConfigurationException(String errorname, Throwable e) { - super(LanguageHelper.getErrorString(errorname, null), e); + super(LanguageHelper.getErrorString(errorname), e); } } diff --git a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/helper/LanguageHelper.java b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/helper/LanguageHelper.java index 80db5877c..08f200c50 100644 --- a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/helper/LanguageHelper.java +++ b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/helper/LanguageHelper.java @@ -17,10 +17,18 @@ public class LanguageHelper { return guiRes_DE.getString(code); } + public static String getGUIString(String code) { + return guiRes_DE.getString(code); + } + public static String getErrorString(String code, HttpServletRequest request) { return errorRes_DE.getString(code); } + public static String getErrorString(String code) { + return errorRes_DE.getString(code); + } + public static String getGUIString(String code, String parameter, HttpServletRequest request) { return MessageFormat.format(getGUIString(code, request), parameter); @@ -30,5 +38,10 @@ public class LanguageHelper { return MessageFormat.format(getGUIString(code, request), parameter); } + + public static String getErrorString(String code, Object[] parameter) { + + return MessageFormat.format(getGUIString(code), parameter); + } } diff --git a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/struts/action/EditGeneralConfigAction.java b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/struts/action/EditGeneralConfigAction.java new file mode 100644 index 000000000..1cd4ecc0c --- /dev/null +++ b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/struts/action/EditGeneralConfigAction.java @@ -0,0 +1,128 @@ +package at.gv.egovernment.moa.id.configuration.struts.action; + +import javax.servlet.http.HttpServletRequest; +import javax.servlet.http.HttpServletResponse; + +import org.apache.struts2.interceptor.ServletRequestAware; +import org.apache.struts2.interceptor.ServletResponseAware; + +import at.gv.egovernment.moa.id.commons.db.ConfigurationDBRead; +import at.gv.egovernment.moa.id.commons.db.ConfigurationDBUtils; +import at.gv.egovernment.moa.id.commons.db.dao.config.MOAIDConfiguration; +import at.gv.egovernment.moa.id.configuration.Constants; +import at.gv.egovernment.moa.id.configuration.auth.AuthenticatedUser; +import at.gv.egovernment.moa.id.configuration.data.GeneralMOAIDConfig; +import at.gv.egovernment.moa.id.configuration.helper.LanguageHelper; + +import com.opensymphony.xwork2.ActionSupport; + +public class EditGeneralConfigAction extends ActionSupport + implements ServletRequestAware, ServletResponseAware { + + private static final long serialVersionUID = 1L; + private HttpServletRequest request; + private HttpServletResponse response; + + private AuthenticatedUser authUser; + + private GeneralMOAIDConfig moaconfig; + + public String loadConfig() { + + Object authUserObj = request.getSession().getAttribute(Constants.SESSION_AUTH); + + if (authUserObj != null && authUserObj instanceof AuthenticatedUser) { + authUser = (AuthenticatedUser) authUserObj; + + if (authUser.isAdmin()) { + + MOAIDConfiguration dbconfig = ConfigurationDBRead.getMOAIDConfiguration(); + + moaconfig = new GeneralMOAIDConfig(); + moaconfig.parse(dbconfig); + + ConfigurationDBUtils.closeSession(); + + return Constants.STRUTS_SUCCESS; + + } else { + addActionError(LanguageHelper.getErrorString("errors.notallowed", request)); + return Constants.STRUTS_NOTALLOWED; + } + + } else + return Constants.STRUTS_REAUTHENTICATE; + } + + public String saveConfig() { + + Object authUserObj = request.getSession().getAttribute(Constants.SESSION_AUTH); + + if (authUserObj != null && authUserObj instanceof AuthenticatedUser) { + authUser = (AuthenticatedUser) authUserObj; + + if (authUser.isAdmin()) { + + + + + + + } else { + addActionError(LanguageHelper.getErrorString("errors.notallowed", request)); + return Constants.STRUTS_NOTALLOWED; + } + + } else + return Constants.STRUTS_REAUTHENTICATE; + + return Constants.STRUTS_SUCCESS; + } + + public String back() { + + Object authUserObj = request.getSession().getAttribute(Constants.SESSION_AUTH); + + if (authUserObj != null && authUserObj instanceof AuthenticatedUser) { + authUser = (AuthenticatedUser) authUserObj; + } else + return Constants.STRUTS_REAUTHENTICATE; + + return Constants.STRUTS_SUCCESS; + } + + public void setServletResponse(HttpServletResponse response) { + this.response = response; + + } + + public void setServletRequest(HttpServletRequest request) { + this.request = request; + + } + + /** + * @return the authUser + */ + public AuthenticatedUser getAuthUser() { + return authUser; + } + + /** + * @return the moaconfig + */ + public GeneralMOAIDConfig getMoaconfig() { + return moaconfig; + } + + /** + * @param moaconfig the moaconfig to set + */ + public void setMoaconfig(GeneralMOAIDConfig moaconfig) { + this.moaconfig = moaconfig; + } + + + + +} diff --git a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/struts/action/EditOAAction.java b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/struts/action/EditOAAction.java index 82bc1b8c4..1c498ecc2 100644 --- a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/struts/action/EditOAAction.java +++ b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/struts/action/EditOAAction.java @@ -1,5 +1,8 @@ package at.gv.egovernment.moa.id.configuration.struts.action; +import java.io.IOException; +import java.math.BigInteger; +import java.security.cert.CertificateException; import java.util.ArrayList; import java.util.List; @@ -12,8 +15,21 @@ import org.apache.struts2.interceptor.ServletResponseAware; import at.gv.egovernment.moa.id.commons.db.ConfigurationDBRead; import at.gv.egovernment.moa.id.commons.db.ConfigurationDBUtils; +import at.gv.egovernment.moa.id.commons.db.dao.config.AuthComponentOA; +import at.gv.egovernment.moa.id.commons.db.dao.config.BKUURLS; +import at.gv.egovernment.moa.id.commons.db.dao.config.IdentificationNumber; import at.gv.egovernment.moa.id.commons.db.dao.config.MOAKeyBoxSelector; +import at.gv.egovernment.moa.id.commons.db.dao.config.Mandates; +import at.gv.egovernment.moa.id.commons.db.dao.config.OAPVP2; +import at.gv.egovernment.moa.id.commons.db.dao.config.OASAML1; +import at.gv.egovernment.moa.id.commons.db.dao.config.OASSO; import at.gv.egovernment.moa.id.commons.db.dao.config.OnlineApplication; +import at.gv.egovernment.moa.id.commons.db.dao.config.STORK; +import at.gv.egovernment.moa.id.commons.db.dao.config.TemplateType; +import at.gv.egovernment.moa.id.commons.db.dao.config.TemplatesType; +import at.gv.egovernment.moa.id.commons.db.dao.config.TransformsInfoType; +import at.gv.egovernment.moa.id.commons.db.dao.config.UserDatabase; +import at.gv.egovernment.moa.id.commons.db.ex.MOADatabaseException; import at.gv.egovernment.moa.id.configuration.Constants; import at.gv.egovernment.moa.id.configuration.auth.AuthenticatedUser; import at.gv.egovernment.moa.id.configuration.data.oa.OAGeneralConfig; @@ -24,6 +40,11 @@ import at.gv.egovernment.moa.id.configuration.data.oa.OASTORKConfig; import at.gv.egovernment.moa.id.configuration.helper.LanguageHelper; import at.gv.egovernment.moa.id.configuration.validation.ValidationHelper; import at.gv.egovernment.moa.id.configuration.validation.oa.OAGeneralConfigValidation; +import at.gv.egovernment.moa.id.configuration.validation.oa.OAPVP2ConfigValidation; +import at.gv.egovernment.moa.id.configuration.validation.oa.OASAML1ConfigValidation; +import at.gv.egovernment.moa.id.configuration.validation.oa.OASSOConfigValidation; +import at.gv.egovernment.moa.id.configuration.validation.oa.OASTORKConfigValidation; +import at.gv.egovernment.moa.util.MiscUtil; import com.opensymphony.xwork2.ActionSupport; @@ -40,6 +61,7 @@ ServletResponseAware { private AuthenticatedUser authUser; private String oaidobj; + private boolean newOA; private OAGeneralConfig generalOA = new OAGeneralConfig(); private OAPVP2Config pvp2OA = new OAPVP2Config(); @@ -54,9 +76,10 @@ ServletResponseAware { if (authUserObj != null && authUserObj instanceof AuthenticatedUser) { authUser = (AuthenticatedUser) authUserObj; - } + } else + return Constants.STRUTS_REAUTHENTICATE; - long oaid = -1;; + long oaid = -1; if (!ValidationHelper.validateOAID(oaidobj)) { addActionError(LanguageHelper.getErrorString("errors.edit.oa.oaid", request)); @@ -64,6 +87,8 @@ ServletResponseAware { } oaid = Long.valueOf(oaidobj); + request.getSession().setAttribute(Constants.SESSION_OAID, oaid); + OnlineApplication onlineapplication = ConfigurationDBRead.getOnlineApplication(oaid); generalOA.parse(onlineapplication); @@ -77,36 +102,354 @@ ServletResponseAware { } ConfigurationDBUtils.closeSession(); - - return Constants.STRUTS_OA_GENERAL; + + newOA = false; + + return Constants.STRUTS_OA_EDIT; + } + + public String newOA() { + log.debug("insert new Online-Application"); + + request.getSession().setAttribute(Constants.SESSION_OAID, null); + + Object authUserObj = request.getSession().getAttribute(Constants.SESSION_AUTH); + + if (authUserObj != null && authUserObj instanceof AuthenticatedUser) { + authUser = (AuthenticatedUser) authUserObj; + } else + return Constants.STRUTS_REAUTHENTICATE; + + newOA = true; + + return Constants.STRUTS_OA_EDIT; } - public String saveGeneral() { + public String saveOA() { + + Object authUserObj = request.getSession().getAttribute(Constants.SESSION_AUTH); + + if (authUserObj != null && authUserObj instanceof AuthenticatedUser) { + authUser = (AuthenticatedUser) authUserObj; + } else + return Constants.STRUTS_REAUTHENTICATE; + + OnlineApplication onlineapplication = null; + List<String> errors = new ArrayList<String>(); - OAGeneralConfigValidation validatior = new OAGeneralConfigValidation(); + Object oadbid = request.getSession().getAttribute(Constants.SESSION_OAID); + Long oaid = (long) -1; + + if (oadbid != null ) { + try { + oaid = (Long) oadbid; + if (oaid < 0 || oaid > Long.MAX_VALUE) { + addActionError(LanguageHelper.getErrorString("errors.edit.oa.oaid", request)); + return Constants.STRUTS_ERROR; + } + + } catch (Throwable t) { + addActionError(LanguageHelper.getErrorString("errors.edit.oa.oaid", request)); + return Constants.STRUTS_ERROR; + } + } + + //valid DBID and check entry + String oaidentifier = generalOA.getIdentifier(); + if (MiscUtil.isEmpty(oaidentifier)) { + log.info("Empty OA identifier"); + errors.add(LanguageHelper.getErrorString("validation.general.oaidentifier.empty")); + + } else { + if (ValidationHelper.isValidOAIdentifier(oaidentifier)) { + log.warn("IdentificationNumber contains potentail XSS characters: " + oaidentifier); + errors.add(LanguageHelper.getErrorString("validation.general.oaidentifier.valid", + new Object[] {ValidationHelper.getNotValidOAIdentifierCharacters()} )); + } else { + + if (oaid == -1) { + onlineapplication = ConfigurationDBRead.getOnlineApplication(oaidentifier); + if (onlineapplication != null) { + log.info("The OAIdentifier is not unique"); + errors.add(LanguageHelper.getErrorString("validation.general.oaidentifier.notunique")); + } + + } else { + onlineapplication = ConfigurationDBRead.getOnlineApplication(oaid); + if (!oaidentifier.equals(onlineapplication.getPublicURLPrefix())) { + + if (ConfigurationDBRead.getOnlineApplication(oaidentifier) != null) { + log.info("The OAIdentifier is not unique"); + errors.add(LanguageHelper.getErrorString("validation.general.oaidentifier.notunique")); + } + } + } + } + } + + //check form + OAGeneralConfigValidation validatior_general = new OAGeneralConfigValidation(); + OAPVP2ConfigValidation validatior_pvp2 = new OAPVP2ConfigValidation(); + OASAML1ConfigValidation validatior_saml1 = new OASAML1ConfigValidation(); + OASSOConfigValidation validatior_sso = new OASSOConfigValidation(); + OASTORKConfigValidation validator_stork = new OASTORKConfigValidation(); - List<String> errors = validatior.validate(generalOA); + errors.addAll(validatior_general.validate(generalOA, authUser.isAdmin())); + errors.addAll(validatior_pvp2.validate(pvp2OA)); + errors.addAll(validatior_saml1.validate(saml1OA, generalOA)); + errors.addAll(validatior_sso.validate(ssoOA, authUser.isAdmin())); + errors.addAll(validator_stork.validate(storkOA)); if (errors.size() > 0) { log.info("OAConfiguration with ID " + generalOA.getIdentifier() + " has some errors."); for (String el : errors) addActionError(el); - return Constants.STRUTS_ERROR; + return Constants.STRUTS_ERROR_VALIDATION; + + } else { + + String error = saveOAConfigToDatabase(onlineapplication); + if (MiscUtil.isNotEmpty(error)) { + log.warn("OA configuration can not be stored!"); + addActionError(error); + return Constants.STRUTS_ERROR_VALIDATION; + } } + + + request.getSession().setAttribute(Constants.SESSION_OAID, null); addActionMessage(LanguageHelper.getGUIString("webpages.oaconfig.success", generalOA.getIdentifier(), request)); + ConfigurationDBUtils.closeSession(); + return Constants.STRUTS_SUCCESS; } - public String cancleAndBack() { + public String cancleAndBackOA() { + + request.getSession().setAttribute(Constants.SESSION_OAID, null); addActionMessage(LanguageHelper.getGUIString("webpages.oaconfig.cancle", generalOA.getIdentifier(), request)); + ConfigurationDBUtils.closeSession(); + return Constants.STRUTS_SUCCESS; } + public String deleteOA() { + + String oaidentifier = generalOA.getIdentifier(); + if (MiscUtil.isEmpty(oaidentifier)) { + log.info("Empty OA identifier"); + addActionError(LanguageHelper.getErrorString("validation.general.oaidentifier.empty")); + return Constants.STRUTS_ERROR_VALIDATION; + + } else { + if (ValidationHelper.isValidOAIdentifier(oaidentifier)) { + log.warn("IdentificationNumber contains potentail XSS characters: " + oaidentifier); + addActionError(LanguageHelper.getErrorString("validation.general.oaidentifier.valid", + new Object[] {ValidationHelper.getNotValidOAIdentifierCharacters()} )); + return Constants.STRUTS_ERROR_VALIDATION; + } + } + + OnlineApplication onlineapplication = ConfigurationDBRead.getOnlineApplication(oaidentifier); + + request.getSession().setAttribute(Constants.SESSION_OAID, null); + if (ConfigurationDBUtils.delete(onlineapplication)) { + + if (!authUser.isAdmin()) { + UserDatabase user = ConfigurationDBRead.getUserWithID(authUser.getUserID()); + List<OnlineApplication> useroas = user.getRegistratedOAs(); + + for (OnlineApplication oa : useroas) { + if (oa.getHjid().equals(onlineapplication.getHjid())) { + useroas.remove(oa); + } + } + + try { + ConfigurationDBUtils.saveOrUpdate(user); + + } catch (MOADatabaseException e) { + log.warn("User information can not be updated in database", e); + addActionError(LanguageHelper.getGUIString("error.db.oa.store", request)); + return Constants.STRUTS_ERROR; + } + } + + ConfigurationDBUtils.closeSession(); + + addActionMessage(LanguageHelper.getGUIString("webpages.oaconfig.delete.message", generalOA.getIdentifier(), request)); + + return Constants.STRUTS_SUCCESS; + + } else { + ConfigurationDBUtils.closeSession(); + addActionError(LanguageHelper.getGUIString("webpages.oaconfig.delete.error", generalOA.getIdentifier(), request)); + return Constants.STRUTS_SUCCESS; + } + + + + } + + private String saveOAConfigToDatabase(OnlineApplication dboa) { + + boolean newentry = false; + + if (dboa == null) { + dboa = new OnlineApplication(); + newentry = true; + dboa.setIsActive(false); + } + + AuthComponentOA authoa = dboa.getAuthComponentOA(); + if (authoa == null) { + authoa = new AuthComponentOA(); + dboa.setAuthComponentOA(authoa); + } + + if (authUser.isAdmin()) + dboa.setIsActive(generalOA.isActive()); + + dboa.setFriendlyName(generalOA.getFriendlyName()); + dboa.setCalculateHPI(generalOA.isCalculateHPI()); + dboa.setKeyBoxIdentifier(MOAKeyBoxSelector.fromValue(generalOA.getKeyBoxIdentifier())); + dboa.setPublicURLPrefix(generalOA.getIdentifier()); + + if (generalOA.isBusinessService()) { + dboa.setType(Constants.MOA_CONFIG_BUSINESSSERVICE); + + IdentificationNumber idnumber = new IdentificationNumber(); + idnumber.setValue(generalOA.getIdentificationNumber()); + authoa.setIdentificationNumber(idnumber); + + } + else { + dboa.setType(null); + dboa.setTarget(generalOA.getTarget()); + dboa.setTargetFriendlyName(generalOA.getTargetFriendlyName()); + + } + + BKUURLS bkuruls = new BKUURLS(); + authoa.setBKUURLS(bkuruls); + bkuruls.setHandyBKU(generalOA.getBkuHandyURL()); + bkuruls.setLocalBKU(generalOA.getBkuLocalURL()); + bkuruls.setOnlineBKU(generalOA.getBkuOnlineURL()); + + Mandates mandates = new Mandates(); + mandates.setProfiles(generalOA.getMandateProfiles()); + authoa.setMandates(mandates); + + authoa.setSlVersion(generalOA.getSlVersion()); + authoa.setUseIFrame(generalOA.isUseIFrame()); + authoa.setUseUTC(generalOA.isUseUTC()); + + TemplatesType templates = authoa.getTemplates(); + if (templates == null) { + templates = new TemplatesType(); + authoa.setTemplates(templates); + } + templates.setAditionalAuthBlockText(generalOA.getAditionalAuthBlockText()); + + TemplateType template = templates.getTemplate(); + if (template == null) { + //TODO: if OA specific templateURL is required + + } + + //set default transformation if it is empty + List<TransformsInfoType> transformsInfo = authoa.getTransformsInfo(); + if (transformsInfo == null) { + //TODO: set OA specific transformation if it is required + + } + + OAPVP2 pvp2 = authoa.getOAPVP2(); + if (pvp2 == null) { + pvp2 = new OAPVP2(); + authoa.setOAPVP2(pvp2); + } + + pvp2.setMetadataURL(pvp2OA.getMetaDataURL()); + try { + + if (pvp2OA.getFileUpload() != null) + pvp2.setCertificate(pvp2OA.getCertificate()); + + } catch (CertificateException e) { + log.info("Uploaded Certificate can not be found", e); + return LanguageHelper.getErrorString("validation.pvp2.certificate.notfound"); + } catch (IOException e) { + log.info("Uploaded Certificate can not be parsed", e); + return LanguageHelper.getErrorString("validation.pvp2.certificate.format"); + } + + OASAML1 saml1 = authoa.getOASAML1(); + if (saml1 == null) { + saml1 = new OASAML1(); + authoa.setOASAML1(saml1); + } + saml1.setProvideAUTHBlock(saml1OA.isProvideAuthBlock()); + saml1.setProvideCertificate(saml1OA.isProvideCertificate()); + saml1.setProvideFullMandatorData(saml1OA.isProvideFullMandateData()); + saml1.setProvideIdentityLink(saml1OA.isProvideIdentityLink()); + saml1.setProvideStammzahl(saml1OA.isProvideStammZahl()); + saml1.setUseCondition(saml1OA.isUseCondition()); + saml1.setConditionLength(BigInteger.valueOf(saml1OA.getConditionLength())); + //TODO: set sourceID + //saml1.setSourceID(""); + + OASSO sso = authoa.getOASSO(); + if (sso == null) { + sso = new OASSO(); + authoa.setOASSO(sso); + sso.setAuthDataFrame(true); + } + sso.setUseSSO(ssoOA.isUseSSO()); + + if (authUser.isAdmin()) + sso.setAuthDataFrame(ssoOA.isShowAuthDataFrame()); + + sso.setSingleLogOutURL(ssoOA.getSingleLogOutURL()); + + + STORK stork = authoa.getSTORK(); + if (stork == null) { + //TODO: make stork configurable + + } + + try { + if (newentry) { + ConfigurationDBUtils.save(dboa); + + if (!authUser.isAdmin()) { + UserDatabase user = ConfigurationDBRead.getUserWithID(authUser.getUserID()); + List<OnlineApplication> useroas = user.getRegistratedOAs(); + if (useroas == null) + useroas = new ArrayList<OnlineApplication>(); + + useroas.add(dboa); + ConfigurationDBUtils.save(user); + } + } + + else + ConfigurationDBUtils.saveOrUpdate(dboa); + + } catch (MOADatabaseException e) { + log.warn("Online-Application can not be stored.", e); + return LanguageHelper.getErrorString("error.db.oa.store"); + } + + return null; + } + public String setGeneralOAConfig() { return Constants.STRUTS_SUCCESS; @@ -214,4 +557,18 @@ ServletResponseAware { return authUser; } + /** + * @return the newOA + */ + public boolean isNewOA() { + return newOA; + } + + /** + * @param newOA the newOA to set + */ + public void setNewOA(boolean newOA) { + this.newOA = newOA; + } + } diff --git a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/struts/action/ListOAsAction.java b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/struts/action/ListOAsAction.java index cc613ef7b..9e6e04644 100644 --- a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/struts/action/ListOAsAction.java +++ b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/struts/action/ListOAsAction.java @@ -6,6 +6,7 @@ import java.util.List; import javax.servlet.http.HttpServletRequest; import javax.servlet.http.HttpServletResponse; +import org.apache.log4j.Logger; import org.apache.struts2.interceptor.ServletRequestAware; import org.apache.struts2.interceptor.ServletResponseAware; @@ -21,10 +22,14 @@ import at.gv.egovernment.moa.id.configuration.config.ConfigurationProvider; import at.gv.egovernment.moa.id.configuration.data.OAListElement; import at.gv.egovernment.moa.id.configuration.exception.ConfigurationException; import at.gv.egovernment.moa.id.configuration.helper.LanguageHelper; +import at.gv.egovernment.moa.id.configuration.validation.ValidationHelper; +import at.gv.egovernment.moa.util.MiscUtil; public class ListOAsAction extends ActionSupport implements ServletRequestAware, ServletResponseAware { + private final Logger log = Logger.getLogger(ListOAsAction.class); + private static final long serialVersionUID = 1L; private HttpServletRequest request; @@ -33,10 +38,8 @@ public class ListOAsAction extends ActionSupport implements ServletRequestAware, private ConfigurationProvider configuration; private List<OAListElement> formOAs; - - private AuthenticatedUser authUser; - + private String friendlyname; public ListOAsAction() throws ConfigurationException { configuration = ConfigurationProvider.getInstance(); @@ -59,32 +62,90 @@ public class ListOAsAction extends ActionSupport implements ServletRequestAware, UserDatabase authUserDB = ConfigurationDBRead.getUserWithID(authUser.getUserID()); dbOAs = authUserDB.getRegistratedOAs(); } + + addFormOAs(dbOAs); + + return Constants.STRUTS_SUCCESS; + } - formOAs = new ArrayList<OAListElement>(); - if (dbOAs == null) { - addActionError(LanguageHelper.getErrorString("errors.listOAs.noOA", request)); + return Constants.STRUTS_ERROR; + } + + public String searchOAInit() { + + Object authUserObj = request.getSession().getAttribute(Constants.SESSION_AUTH); + + if (authUserObj != null && authUserObj instanceof AuthenticatedUser) { + authUser = (AuthenticatedUser) authUserObj; + + formOAs = null; + friendlyname = ""; + + return Constants.STRUTS_SUCCESS; + + } else { + return Constants.STRUTS_REAUTHENTICATE; + } + } + + public String searchOA() { + + Object authUserObj = request.getSession().getAttribute(Constants.SESSION_AUTH); + + if (authUserObj != null && authUserObj instanceof AuthenticatedUser) { + authUser = (AuthenticatedUser) authUserObj; + + if (MiscUtil.isEmpty(friendlyname)) { + log.info("SearchOA textfield is empty"); + addActionError(LanguageHelper.getErrorString("validation.general.oafriendlyname.empty", request)); return Constants.STRUTS_SUCCESS; } else { - for (OnlineApplication dboa : dbOAs) { - OAListElement listoa = new OAListElement(); - listoa.setActive(dboa.isIsActive()); - listoa.setDataBaseID(dboa.getHjid()); - listoa.setOaFriendlyName(dboa.getFriendlyName()); - listoa.setOaIdentifier(dboa.getPublicURLPrefix()); - listoa.setOaType(dboa.getType()); - formOAs.add(listoa); - } + if (ValidationHelper.containsPotentialCSSCharacter(friendlyname, false)) { + log.warn("SearchOA textfield contains potential XSS characters"); + addActionError(LanguageHelper.getErrorString("validation.general.oafriendlyname", + new Object[] {ValidationHelper.getPotentialCSSCharacter(false)}, request)); + return Constants.STRUTS_SUCCESS; + } } - return Constants.STRUTS_SUCCESS; + List<OnlineApplication> dbOAs = null; - } + if (authUser.isAdmin()) { + dbOAs = ConfigurationDBRead.searchOnlineApplications(friendlyname); + + } else { + dbOAs = ConfigurationDBRead.searchOnlineApplicationsFromUser(authUser.getUserID(), friendlyname); + + } - return Constants.STRUTS_ERROR; + addFormOAs(dbOAs); + + return Constants.STRUTS_SUCCESS; + } + + return Constants.STRUTS_REAUTHENTICATE; } + private void addFormOAs(List<OnlineApplication> dbOAs) { + + formOAs = new ArrayList<OAListElement>(); + if (dbOAs == null) { + addActionError(LanguageHelper.getErrorString("errors.listOAs.noOA", request)); + + } else { + for (OnlineApplication dboa : dbOAs) { + OAListElement listoa = new OAListElement(); + listoa.setActive(dboa.isIsActive()); + listoa.setDataBaseID(dboa.getHjid()); + listoa.setOaFriendlyName(dboa.getFriendlyName()); + listoa.setOaIdentifier(dboa.getPublicURLPrefix()); + listoa.setOaType(dboa.getType()); + formOAs.add(listoa); + } + } + } public void setServletResponse(HttpServletResponse arg0) { this.response = arg0; @@ -107,6 +168,24 @@ public class ListOAsAction extends ActionSupport implements ServletRequestAware, */ public List<OAListElement> getFormOAs() { return formOAs; + } + + + /** + * @return the friendlyname + */ + public String getFriendlyname() { + return friendlyname; + } + + + /** + * @param friendlyname the friendlyname to set + */ + public void setFriendlyname(String friendlyname) { + this.friendlyname = friendlyname; } + + } diff --git a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/validation/CompanyNumberValidator.java b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/validation/CompanyNumberValidator.java new file mode 100644 index 000000000..820aa7c57 --- /dev/null +++ b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/validation/CompanyNumberValidator.java @@ -0,0 +1,56 @@ +package at.gv.egovernment.moa.id.configuration.validation; + +import org.apache.commons.lang.StringUtils; + +public class CompanyNumberValidator implements IdentificationNumberValidator { + + public boolean validate(String commercialRegisterNumber) { + + String normalizedNumber = commercialRegisterNumber.replaceAll(" ", ""); + if(normalizedNumber.startsWith("FN")) { + normalizedNumber = normalizedNumber.substring(2); + return checkCommercialRegisterNumber(normalizedNumber); + + } else + return true; + } + + private boolean checkCommercialRegisterNumber(String commercialRegisterNumber) { + if (commercialRegisterNumber == null) { + return false; + } + commercialRegisterNumber = StringUtils.leftPad(commercialRegisterNumber, 7, + '0'); + if (!commercialRegisterNumber.matches("\\d{6}[abdfghikmpstvwxzy]")) { + return false; + } + String digits = commercialRegisterNumber.substring(0, + commercialRegisterNumber.length() - 1); + char checkDigit = commercialRegisterNumber.charAt(commercialRegisterNumber + .length() - 1); + boolean result = calcCheckDigitFromCommercialRegisterNumber(digits) == checkDigit; + return result; + } + + public static char calcCheckDigitFromCommercialRegisterNumber( + String commercialRegisterDigits) { + final int[] WEIGHT = { 6, 4, 14, 15, 10, 1 }; + final char[] CHECKDIGIT = { 'a', 'b', 'd', 'f', 'g', 'h', 'i', 'k', 'm', + 'p', 's', 't', 'v', 'w', 'x', 'y', 'z' }; + if (commercialRegisterDigits == null) { + throw new NullPointerException("Commercial register number missing."); + } + commercialRegisterDigits = StringUtils.leftPad(commercialRegisterDigits, 6, + '0'); + if (!commercialRegisterDigits.matches("\\d{6}")) { + throw new IllegalArgumentException( + "Invalid commercial register number provided."); + } + int sum = 0; + for (int i = 0; i < commercialRegisterDigits.length(); i++) { + int value = commercialRegisterDigits.charAt(i) - '0'; + sum += WEIGHT[i] * value; + } + return CHECKDIGIT[sum % 17]; + } +} diff --git a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/validation/IdentificationNumberValidator.java b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/validation/IdentificationNumberValidator.java new file mode 100644 index 000000000..19a5bb805 --- /dev/null +++ b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/validation/IdentificationNumberValidator.java @@ -0,0 +1,7 @@ +package at.gv.egovernment.moa.id.configuration.validation; + +public interface IdentificationNumberValidator { + + boolean validate(String idNumber); + +} diff --git a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/validation/ValidationHelper.java b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/validation/ValidationHelper.java index 445674582..a1bb23008 100644 --- a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/validation/ValidationHelper.java +++ b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/validation/ValidationHelper.java @@ -1,31 +1,165 @@ package at.gv.egovernment.moa.id.configuration.validation; +import java.net.MalformedURLException; +import java.net.URL; +import java.text.ParseException; +import java.text.SimpleDateFormat; +import java.util.regex.Matcher; +import java.util.regex.Pattern; + +import org.apache.log4j.Logger; + public class ValidationHelper { + private static final Logger log = Logger.getLogger(ValidationHelper.class); + public static boolean validateOAID(String oaIDObj) { if (oaIDObj != null) { - long oaID = Long.valueOf(oaIDObj); + try { + + long oaID = Long.valueOf(oaIDObj); - if (oaID > 0 && oaID < Long.MAX_VALUE) - return true; + if (oaID > 0 && oaID < Long.MAX_VALUE) + return true; + + } catch (Throwable t) { + log.warn("No valid DataBase OAID received! " + oaIDObj); + } } return false; } - public static boolean validateURL(String url) { + public static boolean validateNumber(String value) { + + log.debug("Validate Number " + value); + + try { + float num = Float.valueOf(value); + + return true; + + } catch (NumberFormatException e) { + return false; + } + + + } + + + public static boolean validateURL(String urlString) { + + log.debug("Validate URL " + urlString); - return true; + if (urlString.startsWith("http") || urlString.startsWith("https")) { + try { + URL url =new URL(urlString); + return true; + + } catch (MalformedURLException e) { + } + } + + return false; } - public static boolean validateIdentificationNumber(String idnumber) { + public static boolean isValidTarget(String target) { + + log.debug("Ueberpruefe Parameter Target"); + + Pattern pattern = Pattern.compile("[a-zA-Z-]{1,5}"); + Matcher matcher = pattern.matcher(target); + boolean b = matcher.matches(); + if (b) { + log.debug("Parameter Target erfolgreich ueberprueft"); + return true; + } + else { + log.error("Fehler Ueberpruefung Parameter Target. Target entspricht nicht den Kriterien (nur Zeichen a-z, A-Z und -, sowie 1-5 Zeichen lang)"); + return false; + } + + } + + public static boolean isValidSourceID(String sourceID) { + + log.debug("Ueberpruefe Parameter sourceID"); + + Pattern pattern = Pattern.compile("[\\w-_]{1,20}"); + Matcher matcher = pattern.matcher(sourceID); + boolean b = matcher.matches(); + if (b) { + log.debug("Parameter sourceID erfolgreich ueberprueft"); + return true; + } + else { + log.error("Fehler Ueberpruefung Parameter sourceID. SourceID entspricht nicht den Kriterien (nur Zeichen a-z, A-Z, - und _, sowie 1-20 Zeichen lang)"); + return false; + } + } + + public static boolean isDateFormat(String dateString) { + SimpleDateFormat sdf = new SimpleDateFormat("dd.MM.yyyy"); + try { + sdf.parse(dateString); + return true; + + } catch (ParseException e) { + return false; + } + } + + public static boolean isEmailAddressFormat(String address) { + if (address == null) { + return false; + } + return Pattern.compile("^[a-zA-Z0-9._%+-]+@[a-zA-Z0-9.-]+\\.[a-zA-Z]{2,6}$").matcher(address).matches(); + } + + public static boolean isValidOAIdentifier(String param) { + if (param == null) { + return false; + } + return param.indexOf(";") != -1 || + param.indexOf("%") != -1 || + param.indexOf("\"") != -1 || + param.indexOf("'") != -1 || + param.indexOf("?") != -1 || + param.indexOf("`") != -1 || + param.indexOf(",") != -1 || + param.indexOf("<") != -1 || + param.indexOf(">") != -1 || + param.indexOf("\\") != -1; - return true; } - //TODO: insert XSS check from OVS - public static boolean isXSSIncluded(String input) { + public static String getNotValidOAIdentifierCharacters() { - return false; + return "; % \" ' ` , < > \\"; + } + + public static boolean containsPotentialCSSCharacter(String param, boolean commaallowed) { + + if (param == null) { + return false; + } + return param.indexOf(";") != -1 || + param.indexOf("%") != -1 || + param.indexOf("\"") != -1 || + param.indexOf("'") != -1 || + param.indexOf("?") != -1 || + param.indexOf("`") != -1 || + ( param.indexOf(",") != -1 && !commaallowed ) || + param.indexOf("<") != -1 || + param.indexOf(">") != -1 || + param.indexOf("\\") != -1 || + param.indexOf("/") != -1; } + public static String getPotentialCSSCharacter(boolean commaallowed) { + + if (commaallowed) + return "; % \" ' ` < > \\ /"; + else + return "; % \" ' ` , < > \\ /"; + } } diff --git a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/validation/oa/OAGeneralConfigValidation.java b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/validation/oa/OAGeneralConfigValidation.java index fec79873b..06b50ac3c 100644 --- a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/validation/oa/OAGeneralConfigValidation.java +++ b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/validation/oa/OAGeneralConfigValidation.java @@ -2,15 +2,178 @@ package at.gv.egovernment.moa.id.configuration.validation.oa; import java.util.ArrayList; import java.util.List; +import java.util.Map; +import org.apache.log4j.Logger; + +import at.gv.egovernment.moa.id.commons.db.dao.config.MOAKeyBoxSelector; import at.gv.egovernment.moa.id.configuration.data.oa.OAGeneralConfig; +import at.gv.egovernment.moa.id.configuration.helper.LanguageHelper; +import at.gv.egovernment.moa.id.configuration.validation.CompanyNumberValidator; +import at.gv.egovernment.moa.id.configuration.validation.ValidationHelper; +import at.gv.egovernment.moa.util.MiscUtil; public class OAGeneralConfigValidation { - public List<String> validate(OAGeneralConfig oageneral) { + private static final Logger log = Logger.getLogger(OASSOConfigValidation.class); + + public List<String> validate(OAGeneralConfig form, boolean isAdmin) { List<String> errors = new ArrayList<String>(); + //validate aditionalAuthBlockText + String check = form.getAditionalAuthBlockText(); + if (MiscUtil.isNotEmpty(check)) { + if (ValidationHelper.containsPotentialCSSCharacter(check, false)) { + log.warn("AditionalAuthBlockText contains potentail XSS characters: " + check); + errors.add(LanguageHelper.getErrorString("validation.general.aditionalauthblocktext", + new Object[] {ValidationHelper.getPotentialCSSCharacter(false)} )); + } + } + + //Check BKU URLs + check =form.getBkuHandyURL(); + if (MiscUtil.isEmpty(check)) { + log.info("Empty Handy-BKU URL"); + errors.add(LanguageHelper.getErrorString("validation.general.bku.handy.empty")); + + } else { + if (!ValidationHelper.validateURL(check)) { + log.info("Not valid Handy-BKU URL"); + errors.add(LanguageHelper.getErrorString("validation.general.bku.handy.valid")); + } + } + + check =form.getBkuLocalURL(); + if (MiscUtil.isEmpty(check)) { + log.info("Empty Local-BKU URL"); + errors.add(LanguageHelper.getErrorString("validation.general.bku.local.empty")); + + } else { + if (!ValidationHelper.validateURL(check)) { + log.info("Not valid Online-BKU URL"); + errors.add(LanguageHelper.getErrorString("validation.general.bku.local.valid")); + } + } + + check =form.getBkuOnlineURL(); + if (MiscUtil.isEmpty(check)) { + log.info("Empty Online-BKU URL"); + errors.add(LanguageHelper.getErrorString("validation.general.bku.online.empty")); + + } else { + if (!ValidationHelper.validateURL(check)) { + log.info("Not valid Online-BKU URL"); + errors.add(LanguageHelper.getErrorString("validation.general.bku.online.valid")); + } + } + + //check OA FriendlyName + check = form.getFriendlyName(); + if (MiscUtil.isNotEmpty(check)) { + if (ValidationHelper.containsPotentialCSSCharacter(check, false)) { + log.warn("OAFriendlyName contains potentail XSS characters: " + check); + errors.add(LanguageHelper.getErrorString("validation.general.oafriendlyname", + new Object[] {ValidationHelper.getPotentialCSSCharacter(false)} )); + } + } + + //check KeyBoxIdentifier + check = form.getKeyBoxIdentifier(); + if (MiscUtil.isEmpty(check)) { + log.info("Empty KeyBoxIdentifier"); + errors.add(LanguageHelper.getErrorString("validation.general.keyboxidentifier.empty")); + } else { + Map<String, String> list = form.getKeyBoxIdentifierList(); + if (!list.containsKey(check)) { + log.info("Not valid KeyBoxIdentifier " + check); + errors.add(LanguageHelper.getErrorString("validation.general.keyboxidentifier.valid")); + } + } + + //check Mandate Profiles + check = form.getMandateProfiles(); + if (MiscUtil.isNotEmpty(check)) { + if (ValidationHelper.containsPotentialCSSCharacter(check, true)) { + log.warn("MandateProfiles contains potentail XSS characters: " + check); + errors.add(LanguageHelper.getErrorString("validation.general.mandate.profiles", + new Object[] {ValidationHelper.getPotentialCSSCharacter(true)} )); + } + } + + //check SL Version + check = form.getSlVersion(); + if (MiscUtil.isEmpty(check)) { + log.info("Empty SLVersion. Set SLVersion to 1.2"); + form.setSlVersion("1.2"); + + } else { + if (!ValidationHelper.validateNumber(check)) { + log.info("Not valid SLVersion"); + errors.add(LanguageHelper.getErrorString("validation.general.slversion")); + } + } + + boolean businessservice = form.isBusinessService(); + + if (businessservice) { + //check identification number + check = form.getIdentificationNumber(); + if (MiscUtil.isEmpty(check)) { + log.info("Empty IdentificationNumber"); + errors.add(LanguageHelper.getErrorString("validation.general.identificationnumber.empty")); + + } else { + if (ValidationHelper.containsPotentialCSSCharacter(check, false)) { + log.warn("IdentificationNumber contains potentail XSS characters: " + check); + errors.add(LanguageHelper.getErrorString("validation.general.identificationnumber.valid", + new Object[] {ValidationHelper.getPotentialCSSCharacter(false)} )); + } + + if (check.startsWith("FN")) { + CompanyNumberValidator val = new CompanyNumberValidator(); + if (val.validate(check)) { + log.info("Not valid CompanyNumber"); + errors.add(LanguageHelper.getErrorString("validation.general.identificationnumber.fn.valid")); + } + } + } + + try { + float slversion = Float.valueOf(form.getSlVersion()); + if (slversion < 1.2) { + log.info("BusinessService Applications requires SLVersion >= 1.2"); + errors.add(LanguageHelper.getErrorString("validation.general.slversion.business")); + form.setSlVersion("1.2"); + } + + } catch (NumberFormatException e) { + } + + } else { + //check targetFrindlyName(); + check = form.getTargetFriendlyName(); + if (MiscUtil.isNotEmpty(check)) { + if (ValidationHelper.containsPotentialCSSCharacter(check, false)) { + log.warn("TargetFriendlyName contains potentail XSS characters: " + check); + errors.add(LanguageHelper.getErrorString("validation.general.targetfriendlyname", + new Object[] {ValidationHelper.getPotentialCSSCharacter(false)} )); + } + } + + //check Target + check = form.getTarget(); + if (MiscUtil.isEmpty(check)) { + log.info("Empty Target"); + errors.add(LanguageHelper.getErrorString("validation.general.target.empty")); + + } else { + if (!ValidationHelper.isValidTarget(check)) { + log.info("Not valid Target"); + errors.add(LanguageHelper.getErrorString("validation.general.target.valid")); + } + } + } return errors; } diff --git a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/validation/oa/OAPVP2ConfigValidation.java b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/validation/oa/OAPVP2ConfigValidation.java index adc7333db..4a1ef9261 100644 --- a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/validation/oa/OAPVP2ConfigValidation.java +++ b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/validation/oa/OAPVP2ConfigValidation.java @@ -1,5 +1,44 @@ package at.gv.egovernment.moa.id.configuration.validation.oa; +import java.io.IOException; +import java.security.cert.CertificateException; +import java.util.ArrayList; +import java.util.List; + +import org.apache.log4j.Logger; + +import at.gv.egovernment.moa.id.configuration.data.oa.OAPVP2Config; +import at.gv.egovernment.moa.id.configuration.helper.LanguageHelper; +import at.gv.egovernment.moa.id.configuration.validation.ValidationHelper; +import at.gv.egovernment.moa.util.MiscUtil; + public class OAPVP2ConfigValidation { + private static final Logger log = Logger.getLogger(OAPVP2ConfigValidation.class); + + public List<String> validate(OAPVP2Config form) { + + List<String> errors = new ArrayList<String>(); + + String url = form.getMetaDataURL(); + if (MiscUtil.isNotEmpty(url) && !ValidationHelper.validateURL(url)) { + log.info("MetaDataURL has no valid form."); + errors.add(LanguageHelper.getErrorString("validation.pvp2.metadataurl.valid")); + } + + try { + if (form.getFileUpload() != null) + form.getCertificate(); + + } catch (CertificateException e) { + log.info("Uploaded Certificate can not be found", e); + errors.add(LanguageHelper.getErrorString("validation.pvp2.certificate.notfound")); + + } catch (IOException e) { + log.info("Uploaded Certificate can not be parsed", e); + errors.add(LanguageHelper.getErrorString("validation.pvp2.certificate.format")); + } + + return errors; + } } diff --git a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/validation/oa/OASAML1ConfigValidation.java b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/validation/oa/OASAML1ConfigValidation.java index f2fb22ae7..147ea45e9 100644 --- a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/validation/oa/OASAML1ConfigValidation.java +++ b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/validation/oa/OASAML1ConfigValidation.java @@ -1,5 +1,27 @@ package at.gv.egovernment.moa.id.configuration.validation.oa; +import java.util.ArrayList; +import java.util.List; + +import org.apache.log4j.Logger; + +import at.gv.egovernment.moa.id.configuration.data.oa.OAGeneralConfig; +import at.gv.egovernment.moa.id.configuration.data.oa.OASAML1Config; +import at.gv.egovernment.moa.id.configuration.helper.LanguageHelper; + public class OASAML1ConfigValidation { + private static final Logger log = Logger.getLogger(OASAML1ConfigValidation.class); + + public List<String> validate(OASAML1Config form, OAGeneralConfig general) { + + List<String> errors = new ArrayList<String>(); + + if (general.isBusinessService() && form.isProvideStammZahl()) { + log.info("ProvideStammZahl can not be used with BusinessService applications"); + errors.add(LanguageHelper.getErrorString("validation.saml1.providestammzahl")); + } + + return errors; + } } diff --git a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/validation/oa/OASSOConfigValidation.java b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/validation/oa/OASSOConfigValidation.java index 5694d8fa4..22e2406f2 100644 --- a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/validation/oa/OASSOConfigValidation.java +++ b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/validation/oa/OASSOConfigValidation.java @@ -1,5 +1,35 @@ package at.gv.egovernment.moa.id.configuration.validation.oa; -public class OASSOConfigValidation { +import java.util.ArrayList; +import java.util.List; + +import org.apache.log4j.Logger; +import at.gv.egovernment.moa.id.configuration.data.oa.OASSOConfig; +import at.gv.egovernment.moa.id.configuration.helper.LanguageHelper; +import at.gv.egovernment.moa.id.configuration.validation.ValidationHelper; +import at.gv.egovernment.moa.util.MiscUtil; + +public class OASSOConfigValidation { + + private static final Logger log = Logger.getLogger(OASSOConfigValidation.class); + + public List<String> validate(OASSOConfig form, boolean isAdmin) { + + List<String> errors = new ArrayList<String>(); + + String urlString = form.getSingleLogOutURL(); + if (MiscUtil.isEmpty(urlString)) { + log.info("No Single Log-Out URL"); + //TODO: set error if it is implemented + //errors.add(LanguageHelper.getErrorString("validation.sso.logouturl.empty")); + } else { + if (!ValidationHelper.validateURL(urlString) && form.isUseSSO()) { + log.info("Single Log-Out url validation error"); + errors.add(LanguageHelper.getErrorString("validation.sso.logouturl.valid")); + } + } + + return errors; + } } diff --git a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/validation/oa/OASTORKConfigValidation.java b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/validation/oa/OASTORKConfigValidation.java index ccd1b66ff..76183caad 100644 --- a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/validation/oa/OASTORKConfigValidation.java +++ b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/validation/oa/OASTORKConfigValidation.java @@ -1,5 +1,16 @@ package at.gv.egovernment.moa.id.configuration.validation.oa; -public class OASTORKConfigValidation { +import java.util.ArrayList; +import java.util.List; + +import at.gv.egovernment.moa.id.configuration.data.oa.OASTORKConfig; +public class OASTORKConfigValidation { + public List<String> validate(OASTORKConfig oageneral) { + + List<String> errors = new ArrayList<String>(); + + + return errors; + } } |