diff options
Diffstat (limited to 'id/ConfigWebTool/src/main/java/at')
35 files changed, 6095 insertions, 0 deletions
diff --git a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/Constants.java b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/Constants.java new file mode 100644 index 000000000..d088edf34 --- /dev/null +++ b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/Constants.java @@ -0,0 +1,29 @@ +package at.gv.egovernment.moa.id.configuration; + +public class Constants { + public static final String STRUTS_SUCCESS = "success"; + public static final String STRUTS_ERROR = "error"; + public static final String STRUTS_ERROR_VALIDATION = "error_validation"; + public static final String STRUTS_OA_EDIT = "editOA"; + public static final String STRUTS_REAUTHENTICATE = "reauthentication"; + public static final String STRUTS_NOTALLOWED = "notallowed"; + + public static final String SESSION_AUTH = "authsession"; + public static final String SESSION_AUTH_ERROR = "authsessionerror"; + public static final String SESSION_OAID = "oadbidentifier"; + + public static final String REQUEST_OAID = "oaid"; + + public static final String BKU_ONLINE = "bkuonline"; + public static final String BKU_LOCAL = "bkulocal"; + public static final String BKU_HANDY = "bkuhandy"; + + + public static final String MOA_CONFIG_BUSINESSSERVICE = "businessService"; + + public static final String MOA_CONFIG_PROTOCOL_SAML1 = "id_saml1"; + public static final String MOA_CONFIG_PROTOCOL_PVP2 = "id_pvp2x"; + + public static final String DEFAULT_LOCALBKU_URL = "https://127.0.0.1:3496/https-security-layer-request"; + public static final String DEFAULT_HANDYBKU_URL = "https://www.handy-signatur.at/mobile/https-security-layer-request/default.aspx"; +} diff --git a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/auth/AuthenticatedUser.java b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/auth/AuthenticatedUser.java new file mode 100644 index 000000000..8f75a357c --- /dev/null +++ b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/auth/AuthenticatedUser.java @@ -0,0 +1,133 @@ +package at.gv.egovernment.moa.id.configuration.auth; + +import java.util.Date; + +public class AuthenticatedUser { + + private boolean isAuthenticated = false; + private boolean isAdmin = false; + + private long userID; + private String givenName; + private String familyName; + private String userName; + private Date lastLogin; + + public AuthenticatedUser() { + + } + + public AuthenticatedUser(long userID, String givenName, String familyName, String userName, + boolean isAuthenticated, boolean isAdmin) { + + this.familyName = familyName; + this.givenName = givenName; + this.userName = userName; + this.userID = userID; + this.isAdmin = isAdmin; + this.isAuthenticated = isAuthenticated; + this.lastLogin = new Date(); + } + + /** + * @return the isAuthenticated + */ + public boolean isAuthenticated() { + return isAuthenticated; + } + + /** + * @param isAuthenticated the isAuthenticated to set + */ + public void setAuthenticated(boolean isAuthenticated) { + this.isAuthenticated = isAuthenticated; + } + + /** + * @return the isAdmin + */ + public boolean isAdmin() { + return isAdmin; + } + + /** + * @param isAdmin the isAdmin to set + */ + public void setAdmin(boolean isAdmin) { + this.isAdmin = isAdmin; + } + + /** + * @return the userID + */ + public long getUserID() { + return userID; + } + + /** + * @param userID the userID to set + */ + public void setUserID(long userID) { + this.userID = userID; + } + + /** + * @return the givenName + */ + public String getGivenName() { + return givenName; + } + + /** + * @param givenName the givenName to set + */ + public void setGivenName(String givenName) { + this.givenName = givenName; + } + + /** + * @return the familyName + */ + public String getFamilyName() { + return familyName; + } + + /** + * @param familyName the familyName to set + */ + public void setFamilyName(String familyName) { + this.familyName = familyName; + } + + /** + * @return the lastLogin + */ + public Date getLastLogin() { + return lastLogin; + } + + /** + * @param lastLogin the lastLogin to set + */ + public void setLastLogin(Date lastLogin) { + this.lastLogin = lastLogin; + } + + /** + * @return the userName + */ + public String getUserName() { + return userName; + } + + /** + * @param userName the userName to set + */ + public void setUserName(String userName) { + this.userName = userName; + } + + + + +} diff --git a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/config/ConfigurationProvider.java b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/config/ConfigurationProvider.java new file mode 100644 index 000000000..aeadbd0bb --- /dev/null +++ b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/config/ConfigurationProvider.java @@ -0,0 +1,85 @@ +package at.gv.egovernment.moa.id.configuration.config; + +import java.io.File; +import java.io.FileInputStream; +import java.io.FileNotFoundException; +import java.io.IOException; +import java.util.Properties; + +import at.gv.egovernment.moa.id.commons.db.ConfigurationDBUtils; +import at.gv.egovernment.moa.id.commons.db.ex.MOADatabaseException; +import at.gv.egovernment.moa.id.configuration.exception.ConfigurationException; +import at.gv.egovernment.moa.logging.Logger; + + +public class ConfigurationProvider { + + private static final String SYSTEM_PROP_CONFIG = "moa.id.webconfig"; + + private static ConfigurationProvider instance; + private Properties props; + private String configFileName; + + public static ConfigurationProvider getInstance() throws ConfigurationException { + if (instance == null) { + instance = new ConfigurationProvider(); + } + + return instance; + } + + private ConfigurationProvider() throws ConfigurationException { + inizialize(); + } + + private void inizialize() throws ConfigurationException { + + configFileName = System.getProperty(SYSTEM_PROP_CONFIG); + + if (configFileName == null) { + throw new ConfigurationException("config.01"); + } + Logger.info("Loading MOA-ID-AUTH configuration " + configFileName); + + //Initial Hibernate Framework + Logger.trace("Initializing Hibernate framework."); + + //Load MOAID-2.0 properties file + File propertiesFile = new File(configFileName); + FileInputStream fis; + props = new Properties(); + + + try { + fis = new FileInputStream(propertiesFile); + props.load(fis); + + // initialize hibernate + synchronized (ConfigurationProvider.class) { + + //Initial config Database + ConfigurationDBUtils.initHibernate(props); + } + Logger.trace("Hibernate initialization finished."); + + + + } catch (FileNotFoundException e) { + throw new ConfigurationException("config.01", e); + } catch (IOException e) { + throw new ConfigurationException("config.02", e); + } catch (MOADatabaseException e) { + throw new ConfigurationException("config.03", e); + } + + } + + public boolean isLoginDeaktivated() { + String result = props.getProperty("general.login.deaktivate", "false"); + return Boolean.parseBoolean(result); + } + + public String getConfigFile() { + return configFileName; + } +} diff --git a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/data/GeneralMOAIDConfig.java b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/data/GeneralMOAIDConfig.java new file mode 100644 index 000000000..59954df7f --- /dev/null +++ b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/data/GeneralMOAIDConfig.java @@ -0,0 +1,835 @@ +package at.gv.egovernment.moa.id.configuration.data; + +import java.io.File; +import java.util.ArrayList; +import java.util.HashMap; +import java.util.List; +import java.util.Map; + +import at.gv.egovernment.moa.id.commons.db.dao.config.AuthComponentGeneral; +import at.gv.egovernment.moa.id.commons.db.dao.config.ChainingModeType; +import at.gv.egovernment.moa.id.commons.db.dao.config.ChainingModes; +import at.gv.egovernment.moa.id.commons.db.dao.config.ConnectionParameterClientAuthType; +import at.gv.egovernment.moa.id.commons.db.dao.config.Contact; +import at.gv.egovernment.moa.id.commons.db.dao.config.DefaultBKUs; +import at.gv.egovernment.moa.id.commons.db.dao.config.ForeignIdentities; +import at.gv.egovernment.moa.id.commons.db.dao.config.GeneralConfiguration; +import at.gv.egovernment.moa.id.commons.db.dao.config.IdentificationNumber; +import at.gv.egovernment.moa.id.commons.db.dao.config.IdentityLinkSigners; +import at.gv.egovernment.moa.id.commons.db.dao.config.IdentityLinkSignersX509SubjectNameItem; +import at.gv.egovernment.moa.id.commons.db.dao.config.LegacyAllowed; +import at.gv.egovernment.moa.id.commons.db.dao.config.MOAIDConfiguration; +import at.gv.egovernment.moa.id.commons.db.dao.config.MOASP; +import at.gv.egovernment.moa.id.commons.db.dao.config.OnlineMandates; +import at.gv.egovernment.moa.id.commons.db.dao.config.Organization; +import at.gv.egovernment.moa.id.commons.db.dao.config.PVP2; +import at.gv.egovernment.moa.id.commons.db.dao.config.Protocols; +import at.gv.egovernment.moa.id.commons.db.dao.config.SLRequestTemplates; +import at.gv.egovernment.moa.id.commons.db.dao.config.SSO; +import at.gv.egovernment.moa.id.commons.db.dao.config.STORK; +import at.gv.egovernment.moa.id.commons.db.dao.config.SecurityLayer; +import at.gv.egovernment.moa.id.commons.db.dao.config.TimeOuts; +import at.gv.egovernment.moa.id.commons.db.dao.config.TransformsInfoType; +import at.gv.egovernment.moa.id.commons.db.dao.config.TrustAnchor; +import at.gv.egovernment.moa.id.commons.db.dao.config.VerifyAuthBlock; +import at.gv.egovernment.moa.id.commons.db.dao.config.VerifyIdentityLink; +import at.gv.egovernment.moa.id.configuration.Constants; +import at.gv.egovernment.moa.id.configuration.data.pvp2.ContactForm; + +public class GeneralMOAIDConfig { + + public static final long DEFAULTTIMEOUTASSERTION = 120; //sec + public static final long DEFAULTTIMEOUTMOASESSIONCREATED = 1200; //sec + public static final long DEFAULTTIMEOUTMOASESSIONUPDATED = 2700; //sec + + public static final String LINE_DELIMITER = ";"; + + private String szrgwURL = null; + private String alternativeSourceID = null; + private String certStoreDirectory = null; + private boolean trustmanagerrevocationcheck = false; + + private String timeoutAssertion = String.valueOf(DEFAULTTIMEOUTASSERTION); + private String timeoutMOASessionCreated = String.valueOf(DEFAULTTIMEOUTMOASESSIONCREATED); + private String timeoutMOASessionUpdated = String.valueOf(DEFAULTTIMEOUTMOASESSIONUPDATED); + + private String moaspssURL = null; + private String moaspssAuthTrustProfile = null; + private String moaspssAuthTransformations = ""; + private List<String> authTransformList = null; + private String moaspssIdlTrustProfile = null; + + private String mandateURL = null; + + private boolean legacy_saml1 = false; + private boolean legacy_pvp2 = false; + + private String pvp2PublicUrlPrefix = null; + private String pvp2IssuerName = null; + private String pvp2OrgName = null; + private String pvp2OrgDisplayName = null; + private String pvp2OrgURL = null; + private ContactForm pvp2Contact = null; + + private List<File> fileUpload = null; + private List<String> fileUploadContentType; + private List<String> fileUploadFileName; + private Map<String, byte[]> secLayerTransformation = null; + + private String ssoTarget = null; + private String ssoFriendlyName = null; + private String ssoPublicUrl = null; + private String ssoSpecialText = null; + private String ssoIdentificationNumber = null; + + private String defaultchainigmode = null; + private static Map<String, String> chainigmodelist; + + private String trustedCACerts = null; + + private String defaultBKUOnline = ""; + private String defaultBKULocal = "https://127.0.0.1:3496/https-security-layer-request"; + private String defaultBKUHandy = "https://www.handy-signatur.at/mobile/https-security-layer-request/default.aspx"; + + private String SLRequestTemplateOnline = ""; + private String SLRequestTemplateLocal = ""; + private String SLRequestTemplateHandy = ""; + + public GeneralMOAIDConfig() { + chainigmodelist = new HashMap<String, String>(); + ChainingModeType[] values = ChainingModeType.values(); + for (int i=0; i<values.length; i++) { + chainigmodelist.put(values[i].value(), values[i].value()); + } + } + + public void parse(MOAIDConfiguration config) { + + if (config != null) { + AuthComponentGeneral auth = config.getAuthComponentGeneral(); + + if (auth != null) { + ForeignIdentities foreign = auth.getForeignIdentities(); + + if (foreign != null) { + ConnectionParameterClientAuthType connect_foreign = foreign.getConnectionParameter(); + if (connect_foreign != null) { + szrgwURL = connect_foreign.getURL(); + } + + STORK stork = foreign.getSTORK(); + if (stork != null) { + //TODO: add Stork config + + } + } + + GeneralConfiguration authgen = auth.getGeneralConfiguration(); + if (authgen != null) { + alternativeSourceID = authgen.getAlternativeSourceID(); + certStoreDirectory = authgen.getCertStoreDirectory(); + trustmanagerrevocationcheck = authgen.isTrustManagerRevocationChecking(); + + TimeOuts timeouts = authgen.getTimeOuts(); + if (timeouts != null) { + + if(timeouts.getAssertion() != null) + timeoutAssertion = String.valueOf(timeouts.getAssertion().longValue()); + if(timeouts.getMOASessionCreated() != null) + timeoutMOASessionCreated = String.valueOf(timeouts.getMOASessionCreated().longValue()); + if(timeouts.getMOASessionUpdated() != null) + timeoutMOASessionUpdated = String.valueOf(timeouts.getMOASessionUpdated().longValue()); + + } + } + + MOASP moaspss = auth.getMOASP(); + if (moaspss != null) { + ConnectionParameterClientAuthType con = moaspss.getConnectionParameter(); + if (con != null) + moaspssURL = con.getURL(); + + VerifyAuthBlock authblock = moaspss.getVerifyAuthBlock(); + if (authblock != null) { + moaspssAuthTrustProfile = authblock.getTrustProfileID(); + + List<String> list = authblock.getVerifyTransformsInfoProfileID(); + for (String el : list) + moaspssAuthTransformations += el + LINE_DELIMITER + "\n"; + } + + VerifyIdentityLink idl = moaspss.getVerifyIdentityLink(); + if (idl != null) { + moaspssIdlTrustProfile = idl.getTrustProfileID(); + } + } + + OnlineMandates mandates = auth.getOnlineMandates(); + if (mandates != null) { + ConnectionParameterClientAuthType con = mandates.getConnectionParameter(); + if (con != null) { + mandateURL = con.getURL(); + } + } + + Protocols protocols = auth.getProtocols(); + if (protocols != null) { + LegacyAllowed legacy = protocols.getLegacyAllowed(); + + if (legacy != null) { + List<String> list = legacy.getProtocolName(); + if (list.contains(Constants.MOA_CONFIG_PROTOCOL_SAML1)) + legacy_saml1 = true; + + if (list.contains(Constants.MOA_CONFIG_PROTOCOL_PVP2)) + legacy_pvp2 = true; + } + + PVP2 pvp2 = protocols.getPVP2(); + if (pvp2 != null) { + pvp2PublicUrlPrefix = pvp2.getPublicURLPrefix(); + pvp2IssuerName = pvp2.getIssuerName(); + + List<Contact> con = pvp2.getContact(); + + //TODO: change to support more contacts + if (con != null && con.size() > 0) { + pvp2Contact = new ContactForm(con.get(0)); + + } + + Organization org = pvp2.getOrganization(); + if (org != null) { + pvp2OrgDisplayName = org.getDisplayName(); + pvp2OrgName = org.getName(); + pvp2OrgURL = org.getURL(); + } + } + } + + SecurityLayer seclayer = auth.getSecurityLayer(); + if (seclayer != null) { + List<TransformsInfoType> list = seclayer.getTransformsInfo(); + + fileUploadFileName = new ArrayList<String>(); + + for (TransformsInfoType el : list) { + fileUploadFileName.add(el.getFilename()); + } + } + + SSO sso = auth.getSSO(); + if (sso != null) { + ssoFriendlyName = sso.getFriendlyName(); + + IdentificationNumber idl = sso.getIdentificationNumber(); + if (idl != null) + ssoIdentificationNumber = idl.getValue(); + + ssoPublicUrl = sso.getPublicURL(); + ssoSpecialText = sso.getSpecialText(); + ssoTarget = sso.getTarget(); + } + } + + ChainingModes modes = config.getChainingModes(); + if (modes != null) { + ChainingModeType defaultmode = modes.getSystemDefaultMode(); + if (defaultmode != null) { + defaultchainigmode = defaultmode.value(); + + } + + List<TrustAnchor> trustanchor = modes.getTrustAnchor(); + if (trustanchor != null) { + //TODO: set addional trust anchors!!!! + } + } + + trustedCACerts = config.getTrustedCACertificates(); + + DefaultBKUs defaultbkus = config.getDefaultBKUs(); + if (defaultbkus != null) { + defaultBKUHandy = defaultbkus.getHandyBKU(); + defaultBKULocal = defaultbkus.getLocalBKU(); + defaultBKUOnline = defaultbkus.getOnlineBKU(); + } + + SLRequestTemplates slreq = config.getSLRequestTemplates(); + if (slreq != null) { + SLRequestTemplateHandy = slreq.getHandyBKU(); + SLRequestTemplateLocal = slreq.getLocalBKU(); + SLRequestTemplateOnline = slreq.getOnlineBKU(); + } + } + } + + /** + * @return the szrgwURL + */ + public String getSzrgwURL() { + return szrgwURL; + } + + /** + * @param szrgwURL the szrgwURL to set + */ + public void setSzrgwURL(String szrgwURL) { + this.szrgwURL = szrgwURL; + } + + /** + * @return the alternativeSourceID + */ + public String getAlternativeSourceID() { + return alternativeSourceID; + } + + /** + * @param alternativeSourceID the alternativeSourceID to set + */ + public void setAlternativeSourceID(String alternativeSourceID) { + this.alternativeSourceID = alternativeSourceID; + } + + /** + * @return the certStoreDirectory + */ + public String getCertStoreDirectory() { + return certStoreDirectory; + } + + /** + * @param certStoreDirectory the certStoreDirectory to set + */ + public void setCertStoreDirectory(String certStoreDirectory) { + this.certStoreDirectory = certStoreDirectory; + } + + /** + * @return the timeoutAssertion + */ + public String getTimeoutAssertion() { + return timeoutAssertion; + } + + /** + * @param timeoutAssertion the timeoutAssertion to set + */ + public void setTimeoutAssertion(String timeoutAssertion) { + this.timeoutAssertion = timeoutAssertion; + } + + /** + * @return the timeoutMOASessionCreated + */ + public String getTimeoutMOASessionCreated() { + return timeoutMOASessionCreated; + } + + /** + * @param timeoutMOASessionCreated the timeoutMOASessionCreated to set + */ + public void setTimeoutMOASessionCreated(String timeoutMOASessionCreated) { + this.timeoutMOASessionCreated = timeoutMOASessionCreated; + } + + /** + * @return the timeoutMOASessionUpdated + */ + public String getTimeoutMOASessionUpdated() { + return timeoutMOASessionUpdated; + } + + /** + * @param timeoutMOASessionUpdated the timeoutMOASessionUpdated to set + */ + public void setTimeoutMOASessionUpdated(String timeoutMOASessionUpdated) { + this.timeoutMOASessionUpdated = timeoutMOASessionUpdated; + } + + /** + * @return the moaspssURL + */ + public String getMoaspssURL() { + return moaspssURL; + } + + /** + * @param moaspssURL the moaspssURL to set + */ + public void setMoaspssURL(String moaspssURL) { + this.moaspssURL = moaspssURL; + } + + /** + * @return the moaspssAuthTrustProfile + */ + public String getMoaspssAuthTrustProfile() { + return moaspssAuthTrustProfile; + } + + /** + * @param moaspssAuthTrustProfile the moaspssAuthTrustProfile to set + */ + public void setMoaspssAuthTrustProfile(String moaspssAuthTrustProfile) { + this.moaspssAuthTrustProfile = moaspssAuthTrustProfile; + } + + /** + * @return the moaspssAuthTransformations + */ + public String getMoaspssAuthTransformations() { + return moaspssAuthTransformations; + } + + /** + * @param moaspssAuthTransformations the moaspssAuthTransformations to set + */ + public void setMoaspssAuthTransformations(String moaspssAuthTransformations) { + this.moaspssAuthTransformations = moaspssAuthTransformations; + } + + /** + * @return the moaspssIdlTrustProfile + */ + public String getMoaspssIdlTrustProfile() { + return moaspssIdlTrustProfile; + } + + /** + * @param moaspssIdlTrustProfile the moaspssIdlTrustProfile to set + */ + public void setMoaspssIdlTrustProfile(String moaspssIdlTrustProfile) { + this.moaspssIdlTrustProfile = moaspssIdlTrustProfile; + } + + /** + * @return the mandateURL + */ + public String getMandateURL() { + return mandateURL; + } + + /** + * @param mandateURL the mandateURL to set + */ + public void setMandateURL(String mandateURL) { + this.mandateURL = mandateURL; + } + + /** + * @return the legacy_saml1 + */ + public boolean isLegacy_saml1() { + return legacy_saml1; + } + + /** + * @param legacy_saml1 the legacy_saml1 to set + */ + public void setLegacy_saml1(boolean legacy_saml1) { + this.legacy_saml1 = legacy_saml1; + } + + /** + * @return the legacy_pvp2 + */ + public boolean isLegacy_pvp2() { + return legacy_pvp2; + } + + /** + * @param legacy_pvp2 the legacy_pvp2 to set + */ + public void setLegacy_pvp2(boolean legacy_pvp2) { + this.legacy_pvp2 = legacy_pvp2; + } + + /** + * @return the pvp2PublicUrlPrefix + */ + public String getPvp2PublicUrlPrefix() { + return pvp2PublicUrlPrefix; + } + + /** + * @param pvp2PublicUrlPrefix the pvp2PublicUrlPrefix to set + */ + public void setPvp2PublicUrlPrefix(String pvp2PublicUrlPrefix) { + this.pvp2PublicUrlPrefix = pvp2PublicUrlPrefix; + } + + /** + * @return the pvp2IssuerName + */ + public String getPvp2IssuerName() { + return pvp2IssuerName; + } + + /** + * @param pvp2IssuerName the pvp2IssuerName to set + */ + public void setPvp2IssuerName(String pvp2IssuerName) { + this.pvp2IssuerName = pvp2IssuerName; + } + + /** + * @return the pvp2OrgName + */ + public String getPvp2OrgName() { + return pvp2OrgName; + } + + /** + * @param pvp2OrgName the pvp2OrgName to set + */ + public void setPvp2OrgName(String pvp2OrgName) { + this.pvp2OrgName = pvp2OrgName; + } + + /** + * @return the pvp2OrgDisplayName + */ + public String getPvp2OrgDisplayName() { + return pvp2OrgDisplayName; + } + + /** + * @param pvp2OrgDisplayName the pvp2OrgDisplayName to set + */ + public void setPvp2OrgDisplayName(String pvp2OrgDisplayName) { + this.pvp2OrgDisplayName = pvp2OrgDisplayName; + } + + /** + * @return the pvp2OrgURL + */ + public String getPvp2OrgURL() { + return pvp2OrgURL; + } + + /** + * @param pvp2OrgURL the pvp2OrgURL to set + */ + public void setPvp2OrgURL(String pvp2OrgURL) { + this.pvp2OrgURL = pvp2OrgURL; + } + + /** + * @return the pvp2Contact + */ + public ContactForm getPvp2Contact() { + return pvp2Contact; + } + + /** + * @param pvp2Contact the pvp2Contact to set + */ + public void setPvp2Contact(ContactForm pvp2Contact) { + this.pvp2Contact = pvp2Contact; + } + + /** + * @return the fileUpload + */ + public List<File> getFileUpload() { + return fileUpload; + } + + /** + * @param fileUpload the fileUpload to set + */ + public void setFileUpload(List<File> fileUpload) { + this.fileUpload = fileUpload; + } + + /** + * @return the fileUploadContentType + */ + public List<String> getFileUploadContentType() { + return fileUploadContentType; + } + + /** + * @param fileUploadContentType the fileUploadContentType to set + */ + public void setFileUploadContentType(List<String> fileUploadContentType) { + this.fileUploadContentType = fileUploadContentType; + } + + /** + * @return the fileUploadFileName + */ + public List<String> getFileUploadFileName() { + return fileUploadFileName; + } + + /** + * @param fileUploadFileName the fileUploadFileName to set + */ + public void setFileUploadFileName(List<String> fileUploadFileName) { + this.fileUploadFileName = fileUploadFileName; + } + + /** + * @return the ssoTarget + */ + public String getSsoTarget() { + return ssoTarget; + } + + /** + * @param ssoTarget the ssoTarget to set + */ + public void setSsoTarget(String ssoTarget) { + this.ssoTarget = ssoTarget; + } + + /** + * @return the ssoFriendlyName + */ + public String getSsoFriendlyName() { + return ssoFriendlyName; + } + + /** + * @param ssoFriendlyName the ssoFriendlyName to set + */ + public void setSsoFriendlyName(String ssoFriendlyName) { + this.ssoFriendlyName = ssoFriendlyName; + } + + /** + * @return the ssoPublicUrl + */ + public String getSsoPublicUrl() { + return ssoPublicUrl; + } + + /** + * @param ssoPublicUrl the ssoPublicUrl to set + */ + public void setSsoPublicUrl(String ssoPublicUrl) { + this.ssoPublicUrl = ssoPublicUrl; + } + + /** + * @return the ssoSpecialText + */ + public String getSsoSpecialText() { + return ssoSpecialText; + } + + /** + * @param ssoSpecialText the ssoSpecialText to set + */ + public void setSsoSpecialText(String ssoSpecialText) { + this.ssoSpecialText = ssoSpecialText; + } + + /** + * @return the ssoIdentificationNumber + */ + public String getSsoIdentificationNumber() { + return ssoIdentificationNumber; + } + + /** + * @param ssoIdentificationNumber the ssoIdentificationNumber to set + */ + public void setSsoIdentificationNumber(String ssoIdentificationNumber) { + this.ssoIdentificationNumber = ssoIdentificationNumber; + } + + /** + * @return the defaultchainigmode + */ + public String getDefaultchainigmode() { + return defaultchainigmode; + } + + /** + * @param defaultchainigmode the defaultchainigmode to set + */ + public void setDefaultchainigmode(String defaultchainigmode) { + this.defaultchainigmode = defaultchainigmode; + } + + /** + * @return the defaultBKUOnline + */ + public String getDefaultBKUOnline() { + return defaultBKUOnline; + } + + /** + * @param defaultBKUOnline the defaultBKUOnline to set + */ + public void setDefaultBKUOnline(String defaultBKUOnline) { + this.defaultBKUOnline = defaultBKUOnline; + } + + /** + * @return the defaultBKULocal + */ + public String getDefaultBKULocal() { + return defaultBKULocal; + } + + /** + * @param defaultBKULocal the defaultBKULocal to set + */ + public void setDefaultBKULocal(String defaultBKULocal) { + this.defaultBKULocal = defaultBKULocal; + } + + /** + * @return the defaultBKUHandy + */ + public String getDefaultBKUHandy() { + return defaultBKUHandy; + } + + /** + * @param defaultBKUHandy the defaultBKUHandy to set + */ + public void setDefaultBKUHandy(String defaultBKUHandy) { + this.defaultBKUHandy = defaultBKUHandy; + } + + /** + * @return the sLRequestTemplateOnline + */ + public String getSLRequestTemplateOnline() { + return SLRequestTemplateOnline; + } + + /** + * @param sLRequestTemplateOnline the sLRequestTemplateOnline to set + */ + public void setSLRequestTemplateOnline(String sLRequestTemplateOnline) { + SLRequestTemplateOnline = sLRequestTemplateOnline; + } + + /** + * @return the sLRequestTemplateLocal + */ + public String getSLRequestTemplateLocal() { + return SLRequestTemplateLocal; + } + + /** + * @param sLRequestTemplateLocal the sLRequestTemplateLocal to set + */ + public void setSLRequestTemplateLocal(String sLRequestTemplateLocal) { + SLRequestTemplateLocal = sLRequestTemplateLocal; + } + + /** + * @return the sLRequestTemplateHandy + */ + public String getSLRequestTemplateHandy() { + return SLRequestTemplateHandy; + } + + /** + * @param sLRequestTemplateHandy the sLRequestTemplateHandy to set + */ + public void setSLRequestTemplateHandy(String sLRequestTemplateHandy) { + SLRequestTemplateHandy = sLRequestTemplateHandy; + } + + /** + * @return the trustmanagerrevocationcheck + */ + public boolean isTrustmanagerrevocationcheck() { + return trustmanagerrevocationcheck; + } + + /** + * @param trustmanagerrevocationcheck the trustmanagerrevocationcheck to set + */ + public void setTrustmanagerrevocationcheck(boolean trustmanagerrevocationcheck) { + this.trustmanagerrevocationcheck = trustmanagerrevocationcheck; + } + + /** + * @return the trustedCACerts + */ + public String getTrustedCACerts() { + return trustedCACerts; + } + + /** + * @param trustedCACerts the trustedCACerts to set + */ + public void setTrustedCACerts(String trustedCACerts) { + this.trustedCACerts = trustedCACerts; + } + + /** + * @return the chainigmodelist + */ + public Map<String, String> getChainigmodelist() { + return chainigmodelist; + } + + /** + * @param chainigmodelist the chainigmodelist to set + */ + public void setChainigmodelist(Map<String, String> chainigmodelist) { + GeneralMOAIDConfig.chainigmodelist = chainigmodelist; + } + + /** + * @return the secLayerTransformation + */ + public Map<String, byte[]> getSecLayerTransformation() { + return secLayerTransformation; + } + + /** + * @param secLayerTransformation the secLayerTransformation to set + */ + public void setSecLayerTransformation(Map<String, byte[]> secLayerTransformation) { + this.secLayerTransformation = secLayerTransformation; + } + + /** + * @return the authTransformList + */ + public List<String> getAuthTransformList() { + return authTransformList; + } + + /** + * @param authTransformList the authTransformList to set + */ + public void setAuthTransformList(List<String> authTransformList) { + this.authTransformList = authTransformList; + } + + + + + public void setFileUpload(File fileUpload) { + if (this.fileUpload == null) + this.fileUpload = new ArrayList<File>(); + this.fileUpload.add(fileUpload); + } + + public void setFileUploadContentType(String fileUploadContentType) { + if (this.fileUploadContentType == null) + this.fileUploadContentType = new ArrayList<String>(); + this.fileUploadContentType.add(fileUploadContentType); + } + + public void setFileUploadFileName(String fileUploadFileName) { + if (this.fileUploadFileName == null) + this.fileUploadFileName = new ArrayList<String>(); + this.fileUploadFileName.add(fileUploadFileName); + } + + +} diff --git a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/data/OAListElement.java b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/data/OAListElement.java new file mode 100644 index 000000000..0ea21617e --- /dev/null +++ b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/data/OAListElement.java @@ -0,0 +1,77 @@ +package at.gv.egovernment.moa.id.configuration.data; + +public class OAListElement { + + private long dataBaseID; + private String oaIdentifier; + private String oaFriendlyName; + private String oaType; + private boolean isActive; + + + /** + * @return the dataBaseID + */ + public long getDataBaseID() { + return dataBaseID; + } + /** + * @param dataBaseID the dataBaseID to set + */ + public void setDataBaseID(long dataBaseID) { + this.dataBaseID = dataBaseID; + } + /** + * @return the oaIdentifier + */ + public String getOaIdentifier() { + return oaIdentifier; + } + /** + * @param oaIdentifier the oaIdentifier to set + */ + public void setOaIdentifier(String oaIdentifier) { + this.oaIdentifier = oaIdentifier; + } + /** + * @return the oaFriendlyName + */ + public String getOaFriendlyName() { + return oaFriendlyName; + } + /** + * @param oaFriendlyName the oaFriendlyName to set + */ + public void setOaFriendlyName(String oaFriendlyName) { + this.oaFriendlyName = oaFriendlyName; + } + /** + * @return the oaType + */ + public String getOaType() { + return oaType; + } + /** + * @param oaType the oaType to set + */ + public void setOaType(String oaType) { + this.oaType = oaType; + } + /** + * @return the isActive + */ + public boolean isActive() { + return isActive; + } + /** + * @param isActive the isActive to set + */ + public void setActive(boolean isActive) { + this.isActive = isActive; + } + + public String getIsActive(){ + return String.valueOf(isActive); + } + +} diff --git a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/data/UserDatabaseFrom.java b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/data/UserDatabaseFrom.java new file mode 100644 index 000000000..881cdf277 --- /dev/null +++ b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/data/UserDatabaseFrom.java @@ -0,0 +1,253 @@ +package at.gv.egovernment.moa.id.configuration.data; + +import at.gv.egovernment.moa.id.commons.db.dao.config.UserDatabase; +import at.gv.egovernment.moa.util.MiscUtil; +import at.gv.util.data.BPK; + +public class UserDatabaseFrom { + + private String bpk; + private String familyName; + private String givenName; + private String institut; + private String mail; + private String phone; + private String username; + private String password; + private String password_second; + private boolean active = false; + private boolean admin = false; + private boolean passwordActive; + private String userID = null; + + public UserDatabaseFrom() { + + } + + public UserDatabaseFrom(UserDatabase db) { + bpk = db.getBpk(); + familyName = db.getFamilyname(); + givenName = db.getGivenname(); + institut = db.getInstitut(); + mail = db.getMail(); + phone = db.getPhone(); + username = db.getUsername(); + + if (MiscUtil.isNotEmpty(db.getPassword())) + passwordActive = true; + else + passwordActive = false; + + active = db.isIsActive(); + admin = db.isIsAdmin(); + + userID = String.valueOf(db.getHjid()); + } + + + /** + * @return the bpk + */ + public String getBpk() { + return bpk; + } + + + /** + * @param bpk the bpk to set + */ + public void setBpk(String bpk) { + this.bpk = bpk; + } + + + /** + * @return the familyName + */ + public String getFamilyName() { + return familyName; + } + + + /** + * @param familyName the familyName to set + */ + public void setFamilyName(String familyName) { + this.familyName = familyName; + } + + + /** + * @return the givenName + */ + public String getGivenName() { + return givenName; + } + + + /** + * @param givenName the givenName to set + */ + public void setGivenName(String givenName) { + this.givenName = givenName; + } + + + /** + * @return the institut + */ + public String getInstitut() { + return institut; + } + + + /** + * @param institut the institut to set + */ + public void setInstitut(String institut) { + this.institut = institut; + } + + + /** + * @return the mail + */ + public String getMail() { + return mail; + } + + + /** + * @param mail the mail to set + */ + public void setMail(String mail) { + this.mail = mail; + } + + + /** + * @return the phone + */ + public String getPhone() { + return phone; + } + + + /** + * @param phone the phone to set + */ + public void setPhone(String phone) { + this.phone = phone; + } + + + /** + * @return the username + */ + public String getUsername() { + return username; + } + + + /** + * @param username the username to set + */ + public void setUsername(String username) { + this.username = username; + } + + + /** + * @return the password + */ + public String getPassword() { + return password; + } + + + /** + * @param password the password to set + */ + public void setPassword(String password) { + this.password = password; + } + + + /** + * @return the active + */ + public boolean isActive() { + return active; + } + + + /** + * @param active the active to set + */ + public void setActive(boolean active) { + this.active = active; + } + + + /** + * @return the admin + */ + public boolean isAdmin() { + return admin; + } + + + /** + * @param admin the admin to set + */ + public void setAdmin(boolean admin) { + this.admin = admin; + } + + + /** + * @return the passwordActive + */ + public boolean isPasswordActive() { + return passwordActive; + } + + + /** + * @param passwordActive the passwordActive to set + */ + public void setPasswordActive(boolean passwordActive) { + this.passwordActive = passwordActive; + } + + /** + * @return the userID + */ + public String getUserID() { + return userID; + } + + /** + * @param userID the userID to set + */ + public void setUserID(String userID) { + this.userID = userID; + } + + /** + * @return the password_second + */ + public String getPassword_second() { + return password_second; + } + + /** + * @param password_second the password_second to set + */ + public void setPassword_second(String password_second) { + this.password_second = password_second; + } + + + +} diff --git a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/data/oa/OAGeneralConfig.java b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/data/oa/OAGeneralConfig.java new file mode 100644 index 000000000..57ae4863a --- /dev/null +++ b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/data/oa/OAGeneralConfig.java @@ -0,0 +1,466 @@ +package at.gv.egovernment.moa.id.configuration.data.oa; + +import java.util.ArrayList; +import java.util.HashMap; +import java.util.List; +import java.util.Map; + +import at.gv.egovernment.moa.id.commons.db.ConfigurationDBRead; +import at.gv.egovernment.moa.id.commons.db.dao.config.AuthComponentOA; +import at.gv.egovernment.moa.id.commons.db.dao.config.BKUURLS; +import at.gv.egovernment.moa.id.commons.db.dao.config.DefaultBKUs; +import at.gv.egovernment.moa.id.commons.db.dao.config.IdentificationNumber; +import at.gv.egovernment.moa.id.commons.db.dao.config.MOAIDConfiguration; +import at.gv.egovernment.moa.id.commons.db.dao.config.MOAKeyBoxSelector; +import at.gv.egovernment.moa.id.commons.db.dao.config.Mandates; +import at.gv.egovernment.moa.id.commons.db.dao.config.OnlineApplication; +import at.gv.egovernment.moa.id.commons.db.dao.config.TemplateType; +import at.gv.egovernment.moa.id.commons.db.dao.config.TemplatesType; +import at.gv.egovernment.moa.id.commons.db.dao.config.TransformsInfoType; +import at.gv.egovernment.moa.id.configuration.Constants; +import at.gv.egovernment.moa.util.MiscUtil; + + +public class OAGeneralConfig { + + private String dbID = null; + + private String bkuOnlineURL = null; + private String bkuHandyURL = null; + private String bkuLocalURL = null; + + private String identifier = null; + private String friendlyName = null; + + private boolean businessService = false; + + private String target = null; + private String targetFriendlyName = null; + + private String identificationNumber = null; + private String identificationType = null; + + private String aditionalAuthBlockText = null; + + private String mandateProfiles = null; + + private boolean isActive = false; + private String slVersion = null; + private boolean useIFrame = false; + private boolean useUTC = false; + private boolean calculateHPI = false; + + private String keyBoxIdentifier = null; + private static Map<String, String> keyBoxIdentifierList; + + private boolean legacy = false; + List<String> SLTemplates = null; + + private Map<String, byte[]> transformations; + + + + public OAGeneralConfig() { + keyBoxIdentifierList = new HashMap<String, String>(); + MOAKeyBoxSelector[] values = MOAKeyBoxSelector.values(); + for (int i=0; i<values.length; i++) { + keyBoxIdentifierList.put(values[i].value(), values[i].value()); + } + + bkuLocalURL = Constants.DEFAULT_LOCALBKU_URL; + bkuHandyURL = Constants.DEFAULT_HANDYBKU_URL; + } + + + public void parse(OnlineApplication dbOAConfig) { + + isActive = dbOAConfig.isIsActive(); + + friendlyName = dbOAConfig.getFriendlyName(); + + keyBoxIdentifier = dbOAConfig.getKeyBoxIdentifier().value(); + + identifier = dbOAConfig.getPublicURLPrefix(); + target = dbOAConfig.getTarget(); + targetFriendlyName = dbOAConfig.getTargetFriendlyName(); + + if (dbOAConfig.getType().equals(Constants.MOA_CONFIG_BUSINESSSERVICE)) + businessService = true; + else + businessService = false; + + AuthComponentOA oaauth = dbOAConfig.getAuthComponentOA(); + if (oaauth != null) { + BKUURLS bkuurls = oaauth.getBKUURLS(); + + String defaulthandy = ""; + String defaultlocal = ""; + String defaultonline = ""; + + MOAIDConfiguration dbconfig = ConfigurationDBRead.getMOAIDConfiguration(); + if (dbconfig != null) { + DefaultBKUs defaultbkus = dbconfig.getDefaultBKUs(); + if (defaultbkus != null) { + defaulthandy = defaultbkus.getHandyBKU(); + defaultlocal = defaultbkus.getLocalBKU(); + defaultonline = defaultbkus.getOnlineBKU(); + } + } + + if (bkuurls != null) { + + if (MiscUtil.isEmpty(bkuurls.getHandyBKU())) + bkuHandyURL = defaulthandy; + else + bkuHandyURL = bkuurls.getHandyBKU(); + + if (MiscUtil.isEmpty(bkuurls.getLocalBKU())) + bkuLocalURL = defaultlocal; + else + bkuLocalURL = bkuurls.getLocalBKU(); + + if (MiscUtil.isEmpty(bkuurls.getOnlineBKU())) + bkuOnlineURL = defaultonline; + else + bkuOnlineURL = bkuurls.getOnlineBKU(); + } + + IdentificationNumber idnumber = oaauth.getIdentificationNumber(); + if (idnumber != null) { + identificationNumber = idnumber.getValue(); + } + + Mandates mandates = oaauth.getMandates(); + if (mandates != null) { + mandateProfiles = mandates.getProfiles(); + } + + slVersion = oaauth.getSlVersion(); + + TemplatesType templates = oaauth.getTemplates(); + if (templates != null) { + aditionalAuthBlockText = templates.getAditionalAuthBlockText(); + List<TemplateType> templatetype = templates.getTemplate(); + + if (templatetype != null) { + if (SLTemplates == null) { + SLTemplates = new ArrayList<String>(); + } + + for (TemplateType el : templatetype) { + SLTemplates.add(el.getURL()); + } + } + } + + if (SLTemplates != null && SLTemplates.size() > 0) + legacy = true; + + List<TransformsInfoType> transforminfos = oaauth.getTransformsInfo(); + transformations = new HashMap<String, byte[]>(); + for (TransformsInfoType el : transforminfos) { + transformations.put(el.getFilename(), el.getTransformation()); + } + + useIFrame = oaauth.isUseIFrame(); + useUTC = oaauth.isUseUTC(); + } + + + + + } + + public String getIdentifier() { + return identifier; + } + + public void setIdentifier(String identifier) { + this.identifier = identifier; + } + + public String getFriendlyName() { + return friendlyName; + } + + public void setFriendlyName(String friendlyName) { + this.friendlyName = friendlyName; + } + + public String getTarget() { + return target; + } + + public void setTarget(String target) { + this.target = target; + } + + public String getTargetFriendlyName() { + return targetFriendlyName; + } + + public void setTargetFriendlyName(String targetFriendlyName) { + this.targetFriendlyName = targetFriendlyName; + } + + public String getIdentificationNumber() { + return identificationNumber; + } + + public void setIdentificationNumber(String identificationNumber) { + this.identificationNumber = identificationNumber; + } + + public String getIdentificationType() { + return identificationType; + } + + public void setIdentificationType(String identificationType) { + this.identificationType = identificationType; + } + + public String getAditionalAuthBlockText() { + return aditionalAuthBlockText; + } + + public void setAditionalAuthBlockText(String aditionalAuthBlockText) { + this.aditionalAuthBlockText = aditionalAuthBlockText; + } + + public String getMandateProfiles() { + return mandateProfiles; + } + + public void setMandateProfiles(String mandateProfiles) { + this.mandateProfiles = mandateProfiles; + } + + public boolean isActive() { + return isActive; + } + + public void setActive(boolean isActive) { + this.isActive = isActive; + } + + public String getSlVersion() { + return slVersion; + } + + public void setSlVersion(String slVersion) { + this.slVersion = slVersion; + } + + public boolean isUseIFrame() { + return useIFrame; + } + + public void setUseIFrame(boolean useIFrame) { + this.useIFrame = useIFrame; + } + + public boolean isUseUTC() { + return useUTC; + } + + public void setUseUTC(boolean useUTC) { + this.useUTC = useUTC; + } + + public boolean isBusinessService() { + return businessService; + } + + public void setBusinessService(boolean businessService) { + this.businessService = businessService; + } + + public String getBkuOnlineURL() { + return bkuOnlineURL; + } + + public void setBkuOnlineURL(String bkuOnlineURL) { + this.bkuOnlineURL = bkuOnlineURL; + } + + public String getBkuHandyURL() { + return bkuHandyURL; + } + + public void setBkuHandyURL(String bkuHandyURL) { + this.bkuHandyURL = bkuHandyURL; + } + + public String getBkuLocalURL() { + return bkuLocalURL; + } + + public void setBkuLocalURL(String bkuLocalURL) { + this.bkuLocalURL = bkuLocalURL; + } + + /** + * @return the keyBoxIdentifier + */ + public String getKeyBoxIdentifier() { + return keyBoxIdentifier; + } + + /** + * @param keyBoxIdentifier the keyBoxIdentifier to set + */ + public void setKeyBoxIdentifier(String keyBoxIdentifier) { + this.keyBoxIdentifier = keyBoxIdentifier; + } + + /** + * @return the transformations + */ + public Map<String, byte[]> getTransformations() { + return transformations; + } + + /** + * @param transformations the transformations to set + */ + public void setTransformations(Map<String, byte[]> transformations) { + this.transformations = transformations; + } + + + /** + * @return the dbID + */ + public String getDbID() { + return dbID; + } + + + /** + * @param dbID the dbID to set + */ + public void setDbID(long dbID) { + this.dbID = String.valueOf(dbID); + } + + /** + * @param dbID the dbID to set + */ + public void setDbID(String dbID) { + this.dbID = dbID; + } + + + /** + * @return the calculateHPI + */ + public boolean isCalculateHPI() { + return calculateHPI; + } + + + /** + * @param calculateHPI the calculateHPI to set + */ + public void setCalculateHPI(boolean calculateHPI) { + this.calculateHPI = calculateHPI; + } + + + /** + * @return the keyBoxIdentifierList + */ + public Map<String, String> getKeyBoxIdentifierList() { + return keyBoxIdentifierList; + } + + + /** + * @param keyBoxIdentifierList the keyBoxIdentifierList to set + */ + public void setKeyBoxIdentifierList(Map<String, String> list) { + keyBoxIdentifierList = list; + } + + + /** + * @return the legacy + */ + public boolean isLegacy() { + return legacy; + } + + + /** + * @param legacy the legacy to set + */ + public void setLegacy(boolean legacy) { + this.legacy = legacy; + } + + + /** + * @return the sLTemplateURL1 + */ + public String getSLTemplateURL1() { + if (SLTemplates != null && SLTemplates.size() > 0) + return SLTemplates.get(0); + else + return null; + } + + + /** + * @param sLTemplateURL1 the sLTemplateURL1 to set + */ + public void setSLTemplateURL1(String sLTemplateURL1) { + if (SLTemplates == null) + SLTemplates = new ArrayList<String>(); + SLTemplates.add(sLTemplateURL1); + } + + + /** + * @return the sLTemplateURL2 + */ + public String getSLTemplateURL2() { + if (SLTemplates != null && SLTemplates.size() > 1) + return SLTemplates.get(1); + else + return null; + } + + + /** + * @param sLTemplateURL2 the sLTemplateURL2 to set + */ + public void setSLTemplateURL2(String sLTemplateURL2) { + if (SLTemplates == null) + SLTemplates = new ArrayList<String>(); + SLTemplates.add(sLTemplateURL2); + } + + + /** + * @return the sLTemplateURL3 + */ + public String getSLTemplateURL3() { + if (SLTemplates != null && SLTemplates.size() > 2) + return SLTemplates.get(2); + else + return null; + } + + + /** + * @param sLTemplateURL3 the sLTemplateURL3 to set + */ + public void setSLTemplateURL3(String sLTemplateURL3) { + if (SLTemplates == null) + SLTemplates = new ArrayList<String>(); + SLTemplates.add(sLTemplateURL3); + } + + + +} diff --git a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/data/oa/OAPVP2Config.java b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/data/oa/OAPVP2Config.java new file mode 100644 index 000000000..fdce518a7 --- /dev/null +++ b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/data/oa/OAPVP2Config.java @@ -0,0 +1,126 @@ +package at.gv.egovernment.moa.id.configuration.data.oa; + +import java.io.File; +import java.io.FileInputStream; +import java.io.FileNotFoundException; +import java.io.IOException; +import java.security.cert.CertificateException; +import java.util.ArrayList; +import java.util.List; + +import org.apache.log4j.Logger; + +import iaik.x509.X509Certificate; +import at.gv.egovernment.moa.id.commons.db.dao.config.AuthComponentOA; +import at.gv.egovernment.moa.id.commons.db.dao.config.OAPVP2; +import at.gv.egovernment.moa.id.commons.db.dao.config.OnlineApplication; +import at.gv.egovernment.moa.id.configuration.helper.LanguageHelper; +import at.gv.egovernment.moa.id.configuration.struts.action.EditOAAction; +import at.gv.egovernment.moa.util.MiscUtil; + +public class OAPVP2Config { + + private final Logger log = Logger.getLogger(OAPVP2Config.class); + + private String metaDataURL = null; + private String certificateDN = null; + + private File fileUpload = null; + private String fileUploadContentType; + private String fileUploadFileName; + + public OAPVP2Config() { + } + + public List<String> parse(OnlineApplication dbOAConfig) { + List<String> errors = new ArrayList<String>(); + + AuthComponentOA authdata = dbOAConfig.getAuthComponentOA(); + if (authdata != null) { + OAPVP2 pvp2 = authdata.getOAPVP2(); + if (pvp2 != null) { + metaDataURL = pvp2.getMetadataURL(); + + try { + byte[] cert = pvp2.getCertificate(); + + if (MiscUtil.isNotEmpty(cert)) { + X509Certificate x509 = new X509Certificate(cert); + certificateDN = x509.getSubjectDN().getName(); + } + } catch (CertificateException e) { + log.warn("PVP2 certificate can not be loaded from Online-Applikation with ID " + dbOAConfig.getPublicURLPrefix()); + errors.add(LanguageHelper.getErrorString("error.oa.pvp2.certificate")); + } + } + } + return errors; + } + + public byte[] getCertificate() throws CertificateException, IOException { + + FileInputStream filestream = new FileInputStream(fileUpload); + X509Certificate x509 = new X509Certificate(filestream); + return x509.getEncoded(); + } + + public String getMetaDataURL() { + return metaDataURL; + } + public void setMetaDataURL(String metaDataURL) { + this.metaDataURL = metaDataURL; + } + + /** + * @return the certificateDN + */ + public String getCertificateDN() { + return certificateDN; + } + + /** + * @return the fileUpLoad + */ + public File getFileUpload() { + return fileUpload; + } + + /** + * @param fileUpLoad the fileUpLoad to set + */ + public void setFileUpload(File fileUpload) { + this.fileUpload = fileUpload; + } + + /** + * @return the fileUploadContentType + */ + public String getFileUploadContentType() { + return fileUploadContentType; + } + + /** + * @param fileUploadContentType the fileUploadContentType to set + */ + public void setFileUploadContentType(String fileUploadContentType) { + this.fileUploadContentType = fileUploadContentType; + } + + /** + * @return the fileUploadFileName + */ + public String getFileUploadFileName() { + return fileUploadFileName; + } + + /** + * @param fileUploadFileName the fileUploadFileName to set + */ + public void setFileUploadFileName(String fileUploadFileName) { + this.fileUploadFileName = fileUploadFileName; + } + + +} + + diff --git a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/data/oa/OASAML1Config.java b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/data/oa/OASAML1Config.java new file mode 100644 index 000000000..687a06b9e --- /dev/null +++ b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/data/oa/OASAML1Config.java @@ -0,0 +1,81 @@ +package at.gv.egovernment.moa.id.configuration.data.oa; + +import at.gv.egovernment.moa.id.commons.db.dao.config.AuthComponentOA; +import at.gv.egovernment.moa.id.commons.db.dao.config.OASAML1; +import at.gv.egovernment.moa.id.commons.db.dao.config.OnlineApplication; + +public class OASAML1Config { + + private boolean provideStammZahl = false; + private boolean provideAuthBlock = false; + private boolean provideIdentityLink = false; + private boolean provideCertificate = false; + private boolean provideFullMandateData = false; + private boolean useCondition = false; + private int conditionLength = -1; + + + public OASAML1Config() { + } + + public void parse(OnlineApplication dbOAConfig) { + AuthComponentOA authdata = dbOAConfig.getAuthComponentOA(); + if (authdata != null) { + OASAML1 saml1 = authdata.getOASAML1(); + if (saml1 != null) { + provideAuthBlock = saml1.isProvideAUTHBlock(); + provideCertificate = saml1.isProvideCertificate(); + provideFullMandateData = saml1.isProvideFullMandatorData(); + provideIdentityLink = saml1.isProvideIdentityLink(); + provideStammZahl = saml1.isProvideStammzahl(); + useCondition = saml1.isUseCondition(); + conditionLength = saml1.getConditionLength().intValue(); + } + } + } + + public boolean isProvideStammZahl() { + return provideStammZahl; + } + public void setProvideStammZahl(boolean provideStammZahl) { + this.provideStammZahl = provideStammZahl; + } + public boolean isProvideAuthBlock() { + return provideAuthBlock; + } + public void setProvideAuthBlock(boolean provideAuthBlock) { + this.provideAuthBlock = provideAuthBlock; + } + public boolean isProvideIdentityLink() { + return provideIdentityLink; + } + public void setProvideIdentityLink(boolean provideIdentityLink) { + this.provideIdentityLink = provideIdentityLink; + } + public boolean isProvideCertificate() { + return provideCertificate; + } + public void setProvideCertificate(boolean provideCertificate) { + this.provideCertificate = provideCertificate; + } + public boolean isProvideFullMandateData() { + return provideFullMandateData; + } + public void setProvideFullMandateData(boolean provideFullMandateData) { + this.provideFullMandateData = provideFullMandateData; + } + public boolean isUseCondition() { + return useCondition; + } + public void setUseCondition(boolean useCondition) { + this.useCondition = useCondition; + } + public int getConditionLength() { + return conditionLength; + } + public void setConditionLength(int conditionLength) { + this.conditionLength = conditionLength; + } + + +} diff --git a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/data/oa/OASSOConfig.java b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/data/oa/OASSOConfig.java new file mode 100644 index 000000000..0241b6a04 --- /dev/null +++ b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/data/oa/OASSOConfig.java @@ -0,0 +1,49 @@ +package at.gv.egovernment.moa.id.configuration.data.oa; + +import at.gv.egovernment.moa.id.commons.db.dao.config.AuthComponentOA; +import at.gv.egovernment.moa.id.commons.db.dao.config.OASSO; +import at.gv.egovernment.moa.id.commons.db.dao.config.OnlineApplication; + +public class OASSOConfig { + + private boolean useSSO = false; + private boolean showAuthDataFrame = true; + private String singleLogOutURL = null; + + public OASSOConfig() { + + } + + public void parse(OnlineApplication dbOAConfig) { + AuthComponentOA authdata = dbOAConfig.getAuthComponentOA(); + if (authdata != null) { + OASSO ssoconfig = authdata.getOASSO(); + if(ssoconfig != null) { + useSSO = ssoconfig.isUseSSO(); + showAuthDataFrame = ssoconfig.isAuthDataFrame(); + singleLogOutURL = ssoconfig.getSingleLogOutURL(); + } + } + } + + public boolean isUseSSO() { + return useSSO; + } + public void setUseSSO(boolean useSSO) { + this.useSSO = useSSO; + } + public boolean isShowAuthDataFrame() { + return showAuthDataFrame; + } + public void setShowAuthDataFrame(boolean showAuthDataFrame) { + this.showAuthDataFrame = showAuthDataFrame; + } + public String getSingleLogOutURL() { + return singleLogOutURL; + } + public void setSingleLogOutURL(String singleLogOutURL) { + this.singleLogOutURL = singleLogOutURL; + } + + +} diff --git a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/data/oa/OASTORKConfig.java b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/data/oa/OASTORKConfig.java new file mode 100644 index 000000000..74edde653 --- /dev/null +++ b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/data/oa/OASTORKConfig.java @@ -0,0 +1,5 @@ +package at.gv.egovernment.moa.id.configuration.data.oa; + +public class OASTORKConfig { + +} diff --git a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/data/pvp2/ContactForm.java b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/data/pvp2/ContactForm.java new file mode 100644 index 000000000..fe685e6d0 --- /dev/null +++ b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/data/pvp2/ContactForm.java @@ -0,0 +1,114 @@ +package at.gv.egovernment.moa.id.configuration.data.pvp2; + +import java.util.ArrayList; +import java.util.List; + +import at.gv.egovernment.moa.id.commons.db.dao.config.Contact; + +public class ContactForm { + + private String surname; + private String givenname; + private List<String> mail; + private String type; + private String company; + private List<String> phone; + + public ContactForm() { + + } + + public ContactForm(Contact dbcont) { + this.surname = dbcont.getSurName(); + this.givenname = dbcont.getGivenName(); + this.mail =dbcont.getMail(); + this.phone = dbcont.getPhone(); + this.company = dbcont.getCompany(); + this.type = dbcont.getType(); + } + + /** + * @return the surname + */ + public String getSurname() { + return surname; + } + /** + * @param surname the surname to set + */ + public void setSurname(String surname) { + this.surname = surname; + } + /** + * @return the givenname + */ + public String getGivenname() { + return givenname; + } + /** + * @param givenname the givenname to set + */ + public void setGivenname(String givenname) { + this.givenname = givenname; + } + /** + * @return the mail + */ + public String getMail() { + if (mail.size() > 0) + return mail.get(0); + else + return null; + } + /** + * @param mail the mail to set + */ + public void setMail(String mail) { + if (this.mail == null) + this.mail = new ArrayList<String>(); + this.mail.add(mail); + } + /** + * @return the type + */ + public String getType() { + return type; + } + /** + * @param type the type to set + */ + public void setType(String type) { + this.type = type; + } + /** + * @return the company + */ + public String getCompany() { + return company; + } + /** + * @param company the company to set + */ + public void setCompany(String company) { + this.company = company; + } + /** + * @return the phone + */ + public String getPhone() { + if (phone.size() > 0) + return phone.get(0); + else + return null; + } + /** + * @param phone the phone to set + */ + public void setPhone(String phone) { + if (this.phone == null) + this.phone = new ArrayList<String>(); + this.phone.add(phone); + } + + +} diff --git a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/exception/ConfigurationException.java b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/exception/ConfigurationException.java new file mode 100644 index 000000000..e83bf6997 --- /dev/null +++ b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/exception/ConfigurationException.java @@ -0,0 +1,17 @@ +package at.gv.egovernment.moa.id.configuration.exception; + +import at.gv.egovernment.moa.id.configuration.helper.LanguageHelper; + +public class ConfigurationException extends Exception { + + private static final long serialVersionUID = 1L; + + public ConfigurationException(String errorname) { + super(LanguageHelper.getErrorString(errorname)); + } + + public ConfigurationException(String errorname, Throwable e) { + super(LanguageHelper.getErrorString(errorname), e); + } + +} diff --git a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/filter/AuthenticationFilter.java b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/filter/AuthenticationFilter.java new file mode 100644 index 000000000..7dac458ca --- /dev/null +++ b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/filter/AuthenticationFilter.java @@ -0,0 +1,257 @@ +package at.gv.egovernment.moa.id.configuration.filter; + +import java.io.IOException; +import java.io.PrintWriter; +import java.util.ArrayList; +import java.util.StringTokenizer; +import java.util.regex.Pattern; + +import org.apache.commons.lang.StringUtils; +import org.apache.log4j.Logger; + +import javax.servlet.Filter; +import javax.servlet.FilterChain; +import javax.servlet.FilterConfig; +import javax.servlet.RequestDispatcher; +import javax.servlet.ServletException; +import javax.servlet.ServletRequest; +import javax.servlet.ServletResponse; +import javax.servlet.http.HttpServletRequest; +import javax.servlet.http.HttpServletResponse; +import javax.servlet.http.HttpSession; + +import at.gv.egovernment.moa.id.configuration.Constants; +import at.gv.egovernment.moa.id.configuration.auth.AuthenticatedUser; +import at.gv.egovernment.moa.id.configuration.config.ConfigurationProvider; +import at.gv.egovernment.moa.id.configuration.exception.ConfigurationException; +import at.gv.egovernment.moa.util.MiscUtil; +import at.gv.util.ToStringUtil; +import at.gv.util.WebAppUtil; + +public class AuthenticationFilter implements Filter{ + + private final Logger log = Logger.getLogger(AuthenticationFilter.class); + + private static ConfigurationProvider config; + + public static final String STORED_REQUEST_URL_ID = String.class.getName() + ":" + "storedRequestURL"; + public static final String WEB_XML_INIT_PARAM_LOGIN_PAGE = "loginPage"; + public static final String WEB_XML_INIT_PARAM_ERROR_PAGE = "errorPage"; + public static final String WEB_XML_INIT_PARAM_AUTHENTICATED_PAGE = "authenticatedPage"; // optional + public static final String WEB_XML_INIT_PARAM_SESSION_LOST_PAGE = "sessionLostPage"; // optional + public static final String WEB_XML_INIT_PARAM_ALLOWED_LIST = "allowedList"; + public static final String WEB_XML_INIT_PARAM_ALLOWED_REGEX = "allowed"; + + private static final String WEB_XML_INIT_PARAM_EXCLUDED_PAGES_DELIMITER = ","; + + private static String loginPage = null; + private boolean loginPageForward = true; + private static String errorPage = null; + private static String authenticatedPage = null; + private static String sessionLostPage = null; + + private static String[] excludedPages = null; + private static Pattern excludedRegEx = null; + + + + public AuthenticationFilter() throws ServletException { + try { + config = ConfigurationProvider.getInstance(); + + } catch (ConfigurationException e) { + throw new ServletException(AuthenticationFilter.class + ": Configuration can not be loaded!", e); + } + } + + public static String getErrorPage() { + return errorPage; + } + + public static String getAuthenticatedPage() { + return authenticatedPage; + } + + public static String getLoginPage() { + return loginPage; + } + + public static String getSessionLostPage() { + return sessionLostPage; + } + + private boolean isExcluded(String url) { + boolean excluded = false; + if (MiscUtil.isNotEmpty(excludedPages)) { + for (String candidate : excludedPages) { + if (StringUtils.upperCase(url).endsWith(StringUtils.upperCase(candidate))) { + excluded = true; + break; + } + } + } + if (excludedRegEx != null && !excluded) { + // log.debug("Trying to match regex \"{}\" with \"{}\".", + // excludedRegEx.toString(), url); + if (excludedRegEx.matcher(url).matches()) { + excluded = true; + } + } + log.debug("URL \"" + url + "\" is " + (excluded ? "" : "NOT ") + "excluded from filter."); + return excluded; + } + + + public void destroy() { + log.trace("Shutting down" + this.getClass().getName() + "..."); + + } + + public void doFilter(ServletRequest req, ServletResponse resp, + FilterChain filterchain) throws IOException, ServletException { + + HttpServletRequest httpServletRequest = (HttpServletRequest) req; + HttpServletResponse httpServletResponse = (HttpServletResponse) resp; + + HttpSession session = httpServletRequest.getSession(); + + Object authuser = session.getAttribute(Constants.SESSION_AUTH); + + String requestURL = WebAppUtil.getRequestURLWithParameters(httpServletRequest, true); + + log.trace("Request URL: " + requestURL); + + if (authuser == null && !this.isExcluded(requestURL)) { + + if (config.isLoginDeaktivated()) { + //add dummy Daten + log.warn("Authentication is deaktivated. Dummy authentication-information are used!"); + + if (authuser == null) { + + authuser = new AuthenticatedUser(0, "Max", "TestUser", "maxtestuser", true, true); + //authuser = new AuthenticatedUser(1, "Max", "TestUser", true, false); + httpServletRequest.getSession().setAttribute(Constants.SESSION_AUTH, authuser); + } + + if (MiscUtil.isNotEmpty(getAuthenticatedPage())) { + if (loginPageForward) { + log.debug("Authenticated page is set. Forwarding to \"" + getAuthenticatedPage() + "\"."); + RequestDispatcher dispatcher = req.getRequestDispatcher(getAuthenticatedPage()); + dispatcher.forward(httpServletRequest, httpServletResponse); + } else { + log.debug("Authenticated page is set. Redirecting to \"" + getAuthenticatedPage() + "\"."); + httpServletResponse.sendRedirect(httpServletResponse.encodeRedirectURL(getAuthenticatedPage())); + } + return; + } + + } else { + //check login Daten + + //loginPageForward = true; + + + if (MiscUtil.isNotEmpty(getAuthenticatedPage())) { + log.debug("Unable to find authentication data. Authenticated page is given so there is no need to save original request url. " + (loginPageForward ? "Forwarding" : "Redirecting") + " to login page \"" + loginPage + "\"."); + + + + } + else { + log.debug("Unable to find authentication data. Storing request url and " + (loginPageForward ? "forwarding" : "redirecting") + " to login page \"" + loginPage + "\"."); + // TODO: save HttpServletRequest + // log.debug("new CustomHttpServletRequest(request).toString() = + // {}", new + // CustomHttpServletRequest(httpServletRequest).toString()); + session.setAttribute(STORED_REQUEST_URL_ID, requestURL); + } + + if (loginPageForward) { + RequestDispatcher dispatcher = req.getRequestDispatcher(loginPage); + dispatcher.forward(httpServletRequest, httpServletResponse); + return; + + } else { + httpServletResponse.sendRedirect(httpServletResponse.encodeRedirectURL(loginPage)); + return; + + } + + } + } + try { + filterchain.doFilter(req, resp); + + } catch (Exception e) { + +// String redirectURL = "./index.action"; +// HttpServletResponse httpResp = (HttpServletResponse) resp; +// redirectURL = httpResp.encodeRedirectURL(redirectURL); +// resp.setContentType("text/html"); +// ((HttpServletResponse) resp).setStatus(302); +// httpResp.addHeader("Location", redirectURL); +// log.warn("A Filter Error occurs -> Redirect to Login-Form"); + } + + } + + public void init(FilterConfig filterConfig) throws ServletException { + log.debug("Starting init of " + this.getClass().getName() + "."); + + // login page + loginPage = StringUtils.trim(filterConfig.getInitParameter(WEB_XML_INIT_PARAM_LOGIN_PAGE)); + if (MiscUtil.isEmpty(loginPage)) { + throw new ServletException("ServletInitParameter \"" + WEB_XML_INIT_PARAM_LOGIN_PAGE + "\" must not be empty."); + } + loginPageForward = false; //!WebAppUtil.isFullQualifiedURL(loginPage); + + // error page + errorPage = StringUtils.trim(filterConfig.getInitParameter(WEB_XML_INIT_PARAM_ERROR_PAGE)); + if (MiscUtil.isEmpty(errorPage)) { + throw new ServletException("ServletInitParameter \"" + WEB_XML_INIT_PARAM_ERROR_PAGE + "\" must not be empty."); + } + + // session lost page + sessionLostPage = StringUtils.trim(filterConfig.getInitParameter(WEB_XML_INIT_PARAM_SESSION_LOST_PAGE)); + if (MiscUtil.isEmpty(sessionLostPage)) { + log.warn("ServletInitParameter \"" + WEB_XML_INIT_PARAM_SESSION_LOST_PAGE + + "\" is empty. This parameter defines a failsafe url the browser is redirected to if the original url has been lost due to session timeout."); + } + + // authenticated page + authenticatedPage = StringUtils.trim(filterConfig.getInitParameter(WEB_XML_INIT_PARAM_AUTHENTICATED_PAGE)); + if (MiscUtil.isEmpty(authenticatedPage)) { + log.debug("ServletInitParameter \"" + WEB_XML_INIT_PARAM_AUTHENTICATED_PAGE + + "\" is empty. This parameter defines the url the user is redirected to (instead of the original url) on successful authentication."); + } + String excluded = filterConfig.getInitParameter(WEB_XML_INIT_PARAM_ALLOWED_LIST); + ArrayList<String> excludedList = new ArrayList<String>(); + if (MiscUtil.isNotEmpty(excluded)) { + StringTokenizer tokenizer = new StringTokenizer(excluded, WEB_XML_INIT_PARAM_EXCLUDED_PAGES_DELIMITER); + while (tokenizer.hasMoreTokens()) { + String ex = StringUtils.trim(tokenizer.nextToken()); + if (MiscUtil.isNotEmpty(ex)) { + excludedList.add(ex); + } + } + } + excludedList.add(loginPage); + excludedList.add(errorPage); + excludedPages = new String[excludedList.size()]; + excludedPages = excludedList.toArray(excludedPages); + + String excludedRegExString = StringUtils.trim(filterConfig.getInitParameter(WEB_XML_INIT_PARAM_ALLOWED_REGEX)); + if (MiscUtil.isNotEmpty(excludedRegExString)) { + excludedRegEx = Pattern.compile(excludedRegExString); + } + + log.debug(WEB_XML_INIT_PARAM_LOGIN_PAGE + " [" + (loginPageForward ? "forward" : "redirect") + "] = \"" + loginPage + "\""); + log.debug(WEB_XML_INIT_PARAM_AUTHENTICATED_PAGE + " = \"" + (MiscUtil.isNotEmpty(authenticatedPage) ? authenticatedPage : "<n/a>") + "\""); + log.debug(WEB_XML_INIT_PARAM_ERROR_PAGE + " = \"" + errorPage + "\""); + log.debug(WEB_XML_INIT_PARAM_SESSION_LOST_PAGE + " = \"" + (MiscUtil.isNotEmpty(sessionLostPage) ? sessionLostPage : "<n/a>") + "\""); + log.debug(WEB_XML_INIT_PARAM_ALLOWED_LIST + " = " + ToStringUtil.toString(excludedPages, ", ", "\"")); + log.debug(WEB_XML_INIT_PARAM_ALLOWED_REGEX + " = \"" + (excludedRegEx != null ? excludedRegEx.pattern() : "<n/a>") + "\""); + } + +} diff --git a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/helper/AuthenticationHelper.java b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/helper/AuthenticationHelper.java new file mode 100644 index 000000000..b2f1b106f --- /dev/null +++ b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/helper/AuthenticationHelper.java @@ -0,0 +1,35 @@ +package at.gv.egovernment.moa.id.configuration.helper; + +import java.security.spec.KeySpec; + +import javax.crypto.SecretKey; +import javax.crypto.SecretKeyFactory; +import javax.crypto.spec.PBEKeySpec; +import javax.crypto.spec.SecretKeySpec; + +import org.apache.log4j.Logger; + +import at.gv.egovernment.moa.util.Base64Utils; + +public class AuthenticationHelper { + + private static final Logger log = Logger.getLogger(AuthenticationHelper.class); + + public static String generateKeyFormPassword(String password) { + SecretKeyFactory factory; + + try { + factory = SecretKeyFactory.getInstance("PBKDF2WithHmacSHA1"); + KeySpec spec = new PBEKeySpec(password.toCharArray(), "TestSALT".getBytes(), 1024, 128); + SecretKey tmp = factory.generateSecret(spec); + SecretKeySpec secret = new SecretKeySpec(tmp.getEncoded(), "AES"); + return Base64Utils.encode(secret.getEncoded()); + + } catch (Exception e) { + log.info("Key generation form password failed."); + return null; + } + + } + +} diff --git a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/helper/LanguageHelper.java b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/helper/LanguageHelper.java new file mode 100644 index 000000000..08f200c50 --- /dev/null +++ b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/helper/LanguageHelper.java @@ -0,0 +1,47 @@ +package at.gv.egovernment.moa.id.configuration.helper; + + +import java.text.MessageFormat; +import java.util.Locale; +import java.util.ResourceBundle; + +import javax.servlet.http.HttpServletRequest; + + +public class LanguageHelper { + + private static ResourceBundle errorRes_DE = ResourceBundle.getBundle("applicationResources", Locale.GERMAN); + private static ResourceBundle guiRes_DE = ResourceBundle.getBundle("applicationResources", Locale.GERMAN); + + public static String getGUIString(String code, HttpServletRequest request) { + return guiRes_DE.getString(code); + } + + public static String getGUIString(String code) { + return guiRes_DE.getString(code); + } + + public static String getErrorString(String code, HttpServletRequest request) { + return errorRes_DE.getString(code); + } + + public static String getErrorString(String code) { + return errorRes_DE.getString(code); + } + + public static String getGUIString(String code, String parameter, HttpServletRequest request) { + + return MessageFormat.format(getGUIString(code, request), parameter); + } + + public static String getErrorString(String code, Object[] parameter, HttpServletRequest request) { + + return MessageFormat.format(getGUIString(code, request), parameter); + } + + public static String getErrorString(String code, Object[] parameter) { + + return MessageFormat.format(getGUIString(code), parameter); + } +} + diff --git a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/helper/StringHelper.java b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/helper/StringHelper.java new file mode 100644 index 000000000..8abb0be86 --- /dev/null +++ b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/helper/StringHelper.java @@ -0,0 +1,28 @@ +package at.gv.egovernment.moa.id.configuration.helper; + +public class StringHelper { + + public static String formatText(String strGivenText) + { + StringBuffer sbFormattedText = new StringBuffer(strGivenText); + + for(int i=0; i<sbFormattedText.length(); i++) + { + if(sbFormattedText.charAt(i) == '\n') { + sbFormattedText.deleteCharAt(i); + i--; + } + + if(sbFormattedText.charAt(i) == '\r') { + sbFormattedText.deleteCharAt(i); + i--; + } + + if(sbFormattedText.charAt(i) == '\t') { + sbFormattedText.deleteCharAt(i); + i--; + } + } + return sbFormattedText.toString(); + } +} diff --git a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/struts/action/EditGeneralConfigAction.java b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/struts/action/EditGeneralConfigAction.java new file mode 100644 index 000000000..da87a197f --- /dev/null +++ b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/struts/action/EditGeneralConfigAction.java @@ -0,0 +1,509 @@ +package at.gv.egovernment.moa.id.configuration.struts.action; + +import java.math.BigInteger; +import java.util.ArrayList; +import java.util.Arrays; +import java.util.List; +import java.util.Map; +import java.util.Set; + +import javax.servlet.http.HttpServletRequest; +import javax.servlet.http.HttpServletResponse; + +import org.apache.log4j.Logger; +import org.apache.struts2.interceptor.ServletRequestAware; +import org.apache.struts2.interceptor.ServletResponseAware; + +import at.gv.egovernment.moa.id.commons.db.ConfigurationDBRead; +import at.gv.egovernment.moa.id.commons.db.ConfigurationDBUtils; +import at.gv.egovernment.moa.id.commons.db.dao.config.AuthComponentGeneral; +import at.gv.egovernment.moa.id.commons.db.dao.config.ChainingModeType; +import at.gv.egovernment.moa.id.commons.db.dao.config.ChainingModes; +import at.gv.egovernment.moa.id.commons.db.dao.config.ConnectionParameterClientAuthType; +import at.gv.egovernment.moa.id.commons.db.dao.config.Contact; +import at.gv.egovernment.moa.id.commons.db.dao.config.DefaultBKUs; +import at.gv.egovernment.moa.id.commons.db.dao.config.ForeignIdentities; +import at.gv.egovernment.moa.id.commons.db.dao.config.GeneralConfiguration; +import at.gv.egovernment.moa.id.commons.db.dao.config.IdentificationNumber; +import at.gv.egovernment.moa.id.commons.db.dao.config.IdentityLinkSigners; +import at.gv.egovernment.moa.id.commons.db.dao.config.IdentityLinkSignersX509SubjectNameItem; +import at.gv.egovernment.moa.id.commons.db.dao.config.LegacyAllowed; +import at.gv.egovernment.moa.id.commons.db.dao.config.LegacyAllowedProtocolNameItem; +import at.gv.egovernment.moa.id.commons.db.dao.config.MOAIDConfiguration; +import at.gv.egovernment.moa.id.commons.db.dao.config.MOASP; +import at.gv.egovernment.moa.id.commons.db.dao.config.OnlineMandates; +import at.gv.egovernment.moa.id.commons.db.dao.config.Organization; +import at.gv.egovernment.moa.id.commons.db.dao.config.PVP2; +import at.gv.egovernment.moa.id.commons.db.dao.config.Protocols; +import at.gv.egovernment.moa.id.commons.db.dao.config.SLRequestTemplates; +import at.gv.egovernment.moa.id.commons.db.dao.config.SSO; +import at.gv.egovernment.moa.id.commons.db.dao.config.STORK; +import at.gv.egovernment.moa.id.commons.db.dao.config.SecurityLayer; +import at.gv.egovernment.moa.id.commons.db.dao.config.TimeOuts; +import at.gv.egovernment.moa.id.commons.db.dao.config.TransformsInfoType; +import at.gv.egovernment.moa.id.commons.db.dao.config.TrustAnchor; +import at.gv.egovernment.moa.id.commons.db.dao.config.VerifyAuthBlock; +import at.gv.egovernment.moa.id.commons.db.dao.config.VerifyAuthBlockVerifyTransformsInfoProfileIDItem; +import at.gv.egovernment.moa.id.commons.db.dao.config.VerifyIdentityLink; +import at.gv.egovernment.moa.id.commons.db.ex.MOADatabaseException; +import at.gv.egovernment.moa.id.configuration.Constants; +import at.gv.egovernment.moa.id.configuration.auth.AuthenticatedUser; +import at.gv.egovernment.moa.id.configuration.data.GeneralMOAIDConfig; +import at.gv.egovernment.moa.id.configuration.helper.LanguageHelper; +import at.gv.egovernment.moa.id.configuration.validation.moaconfig.MOAConfigValidator; +import at.gv.egovernment.moa.id.configuration.validation.moaconfig.PVP2ContactValidator; +import at.gv.egovernment.moa.util.MiscUtil; + +import com.opensymphony.xwork2.ActionSupport; + +public class EditGeneralConfigAction extends ActionSupport + implements ServletRequestAware, ServletResponseAware { + + private static final Logger log = Logger.getLogger(EditGeneralConfigAction.class); + + private static final long serialVersionUID = 1L; + private HttpServletRequest request; + private HttpServletResponse response; + + private AuthenticatedUser authUser; + + private GeneralMOAIDConfig moaconfig; + + public String loadConfig() { + + Object authUserObj = request.getSession().getAttribute(Constants.SESSION_AUTH); + authUser = (AuthenticatedUser) authUserObj; + + if (authUser.isAdmin()) { + + MOAIDConfiguration dbconfig = ConfigurationDBRead.getMOAIDConfiguration(); + + moaconfig = new GeneralMOAIDConfig(); + moaconfig.parse(dbconfig); + + ConfigurationDBUtils.closeSession(); + + return Constants.STRUTS_SUCCESS; + + } else { + addActionError(LanguageHelper.getErrorString("errors.notallowed", request)); + return Constants.STRUTS_NOTALLOWED; + } + } + + public String saveConfig() { + + Object authUserObj = request.getSession().getAttribute(Constants.SESSION_AUTH); + + authUser = (AuthenticatedUser) authUserObj; + + if (authUser.isAdmin()) { + + MOAConfigValidator validator = new MOAConfigValidator(); + + List<String> errors = validator.validate(moaconfig); + + if (errors.size() > 0) { + log.info("General MOA-ID configuration has some erros."); + for (String el : errors) + addActionError(el); + + return Constants.STRUTS_ERROR_VALIDATION; + } + + String error = saveFormToDatabase(); + + if (error != null) { + log.warn("General MOA-ID config can not be stored in Database"); + addActionError(error); + return Constants.STRUTS_SUCCESS; + } + + } else { + addActionError(LanguageHelper.getErrorString("errors.notallowed", request)); + return Constants.STRUTS_NOTALLOWED; + } + + + addActionMessage(LanguageHelper.getGUIString("webpages.moaconfig.save.success")); + return Constants.STRUTS_SUCCESS; + } + + public String back() { + + Object authUserObj = request.getSession().getAttribute(Constants.SESSION_AUTH); + + authUser = (AuthenticatedUser) authUserObj; + + return Constants.STRUTS_SUCCESS; + } + + private String saveFormToDatabase() { + + MOAIDConfiguration oldconfig = ConfigurationDBRead.getMOAIDConfiguration(); + AuthComponentGeneral oldauth = null; + if (oldconfig != null) { + oldauth = oldconfig.getAuthComponentGeneral(); + } + +// MOAIDConfiguration dbconfig = ConfigurationDBRead.getMOAIDConfiguration(); +// if (dbconfig == null) { +// dbconfig = new MOAIDConfiguration(); +// isnewconfig = true; +// } + + MOAIDConfiguration dbconfig = new MOAIDConfiguration(); + + AuthComponentGeneral dbauth = dbconfig.getAuthComponentGeneral(); + if (dbauth == null) { + dbauth = new AuthComponentGeneral(); + dbconfig.setAuthComponentGeneral(dbauth); + } + + GeneralConfiguration dbauthgeneral = dbauth.getGeneralConfiguration(); + if (dbauthgeneral == null) { + dbauthgeneral = new GeneralConfiguration(); + dbauth.setGeneralConfiguration(dbauthgeneral); + } + + GeneralConfiguration oldauthgeneral = null; + if (oldauth != null) + oldauthgeneral = oldauth.getGeneralConfiguration(); + + if (MiscUtil.isNotEmpty(moaconfig.getAlternativeSourceID())) + dbauthgeneral.setAlternativeSourceID(moaconfig.getAlternativeSourceID()); + else { + if (oldauthgeneral != null) + dbauthgeneral.setAlternativeSourceID(oldauthgeneral.getAlternativeSourceID()); + } + + if (MiscUtil.isNotEmpty(moaconfig.getCertStoreDirectory())) + dbauthgeneral.setCertStoreDirectory(moaconfig.getCertStoreDirectory()); + + TimeOuts dbtimeouts = dbauthgeneral.getTimeOuts(); + if (dbtimeouts == null) { + dbtimeouts = new TimeOuts(); + dbauthgeneral.setTimeOuts(dbtimeouts); + } + if (MiscUtil.isEmpty(moaconfig.getTimeoutAssertion())) + dbtimeouts.setAssertion(BigInteger.valueOf(GeneralMOAIDConfig.DEFAULTTIMEOUTASSERTION)); + else + dbtimeouts.setAssertion(new BigInteger(moaconfig.getTimeoutAssertion())); + + if (MiscUtil.isEmpty(moaconfig.getTimeoutMOASessionCreated())) + dbtimeouts.setMOASessionCreated(BigInteger.valueOf(GeneralMOAIDConfig.DEFAULTTIMEOUTMOASESSIONCREATED)); + else + dbtimeouts.setMOASessionCreated(new BigInteger(moaconfig.getTimeoutMOASessionCreated())); + + if (MiscUtil.isEmpty(moaconfig.getTimeoutMOASessionUpdated())) + dbtimeouts.setMOASessionUpdated(BigInteger.valueOf(GeneralMOAIDConfig.DEFAULTTIMEOUTMOASESSIONUPDATED)); + else + dbtimeouts.setMOASessionUpdated(new BigInteger(moaconfig.getTimeoutMOASessionUpdated())); + + dbauthgeneral.setTrustManagerRevocationChecking(moaconfig.isTrustmanagerrevocationcheck()); + + + Protocols dbprotocols = dbauth.getProtocols(); + if (dbprotocols == null) { + dbprotocols = new Protocols(); + dbauth.setProtocols(dbprotocols); + } + LegacyAllowed legprot = dbprotocols.getLegacyAllowed(); + if (legprot == null) { + legprot = new LegacyAllowed(); + dbprotocols.setLegacyAllowed(legprot); + } + + List<String> el = new ArrayList<String>(); + if (moaconfig.isLegacy_pvp2()) + el.add(Constants.MOA_CONFIG_PROTOCOL_PVP2); + if (moaconfig.isLegacy_saml1()) + el.add(Constants.MOA_CONFIG_PROTOCOL_SAML1); + legprot.setProtocolName(el); + + PVP2 pvp2 = dbprotocols.getPVP2(); + if (pvp2 == null) { + pvp2 = new PVP2(); + dbprotocols.setPVP2(pvp2); + } + if (MiscUtil.isNotEmpty(moaconfig.getPvp2IssuerName())) + pvp2.setIssuerName(moaconfig.getPvp2IssuerName()); + if (MiscUtil.isNotEmpty(moaconfig.getPvp2PublicUrlPrefix())) + pvp2.setPublicURLPrefix(moaconfig.getPvp2PublicUrlPrefix()); + + Organization pvp2org = pvp2.getOrganization(); + if (pvp2org == null) { + pvp2org = new Organization(); + pvp2.setOrganization(pvp2org); + } + if (MiscUtil.isNotEmpty(moaconfig.getPvp2OrgDisplayName())) + pvp2org.setDisplayName(moaconfig.getPvp2OrgDisplayName()); + if (MiscUtil.isNotEmpty(moaconfig.getPvp2OrgName())) + pvp2org.setName(moaconfig.getPvp2OrgName()); + if (MiscUtil.isNotEmpty(moaconfig.getPvp2OrgURL())) + pvp2org.setURL(moaconfig.getPvp2OrgURL()); + + List<Contact> pvp2cont = pvp2.getContact(); + if (pvp2cont == null) { + pvp2cont = new ArrayList<Contact>(); + pvp2.setContact(pvp2cont); + } + Contact cont = new Contact(); + pvp2cont.add(cont); + if (MiscUtil.isNotEmpty(moaconfig.getPvp2Contact().getCompany())) + cont.setCompany(moaconfig.getPvp2Contact().getCompany()); + + if (MiscUtil.isNotEmpty(moaconfig.getPvp2Contact().getGivenname())) + cont.setGivenName(moaconfig.getPvp2Contact().getGivenname()); + + //TODO: change to list if required + if (MiscUtil.isNotEmpty(moaconfig.getPvp2Contact().getMail())) + cont.setMail(Arrays.asList(moaconfig.getPvp2Contact().getMail())); + if (MiscUtil.isNotEmpty(moaconfig.getPvp2Contact().getPhone())) + cont.setPhone(Arrays.asList(moaconfig.getPvp2Contact().getPhone())); + + if (MiscUtil.isNotEmpty(moaconfig.getPvp2Contact().getSurname())) + cont.setSurName(moaconfig.getPvp2Contact().getSurname()); + if (MiscUtil.isNotEmpty(moaconfig.getPvp2Contact().getType())) + cont.setType(moaconfig.getPvp2Contact().getType()); + + SSO dbsso = dbauth.getSSO(); + if (dbsso == null) { + dbsso = new SSO(); + dbauth.setSSO(dbsso); + } + + if (MiscUtil.isNotEmpty(moaconfig.getSsoFriendlyName())) + dbsso.setFriendlyName(moaconfig.getSsoFriendlyName()); + if (MiscUtil.isNotEmpty(moaconfig.getSsoSpecialText())) + dbsso.setSpecialText(moaconfig.getSsoSpecialText()); + if (MiscUtil.isNotEmpty(moaconfig.getSsoPublicUrl())) + dbsso.setPublicURL(moaconfig.getSsoPublicUrl()); + + if (MiscUtil.isNotEmpty(moaconfig.getSsoTarget())) + dbsso.setTarget(moaconfig.getSsoTarget()); + + if (MiscUtil.isNotEmpty(moaconfig.getSsoIdentificationNumber())) { + IdentificationNumber ssoid = dbsso.getIdentificationNumber(); + if (ssoid == null) { + ssoid = new IdentificationNumber(); + dbsso.setIdentificationNumber(ssoid); + } + ssoid.setValue(moaconfig.getSsoIdentificationNumber()); + } + + DefaultBKUs dbbkus = dbconfig.getDefaultBKUs(); + if (dbbkus == null) { + dbbkus = new DefaultBKUs(); + dbconfig.setDefaultBKUs(dbbkus); + } + + if (MiscUtil.isNotEmpty(moaconfig.getDefaultBKUHandy())) + dbbkus.setHandyBKU(moaconfig.getDefaultBKUHandy()); + + if (MiscUtil.isNotEmpty(moaconfig.getDefaultBKUOnline())) + dbbkus.setOnlineBKU(moaconfig.getDefaultBKUOnline()); + + if (MiscUtil.isNotEmpty(moaconfig.getDefaultBKULocal())) + dbbkus.setLocalBKU(moaconfig.getDefaultBKULocal()); + + ChainingModes dbchainingmodes = dbconfig.getChainingModes(); + if (dbchainingmodes == null) { + dbchainingmodes = new ChainingModes(); + dbconfig.setChainingModes(dbchainingmodes); + } + + dbchainingmodes.setSystemDefaultMode( + ChainingModeType.fromValue(moaconfig.getDefaultchainigmode())); + if (oldconfig != null) { + ChainingModes oldchainigmodes = oldconfig.getChainingModes(); + if (oldchainigmodes != null) { + List<TrustAnchor> oldtrustanchor = oldchainigmodes.getTrustAnchor(); + if (oldtrustanchor != null) { + List<TrustAnchor> trustanchor = new ArrayList<TrustAnchor>(); + for (TrustAnchor oldel : oldtrustanchor) { + TrustAnchor TAel = new TrustAnchor(); + TAel.setX509IssuerName(oldel.getX509IssuerName()); + TAel.setX509SerialNumber(oldel.getX509SerialNumber()); + TAel.setMode(oldel.getMode()); + trustanchor.add(TAel); + } + dbchainingmodes.setTrustAnchor(trustanchor); + } + } + } + + IdentityLinkSigners idlsigners = dbauth.getIdentityLinkSigners(); + if (idlsigners == null) { + idlsigners = new IdentityLinkSigners(); + dbauth.setIdentityLinkSigners(idlsigners); + } + + ForeignIdentities dbforeign = dbauth.getForeignIdentities(); + if (dbforeign == null) { + dbforeign = new ForeignIdentities(); + dbauth.setForeignIdentities(dbforeign); + } + + if (MiscUtil.isNotEmpty(moaconfig.getSzrgwURL())) { + ConnectionParameterClientAuthType forcon = dbforeign.getConnectionParameter(); + if (forcon == null) { + forcon = new ConnectionParameterClientAuthType(); + dbforeign.setConnectionParameter(forcon); + } + forcon.setURL(moaconfig.getSzrgwURL()); + } + + //TODO: Set STORK Config!!! + if (oldauth != null) { + ForeignIdentities oldforeign = oldauth.getForeignIdentities(); + if (oldforeign != null) { + STORK oldstork = oldforeign.getSTORK(); + if (oldstork != null) + dbforeign.setSTORK(oldstork); + } + } + + if (MiscUtil.isNotEmpty(moaconfig.getMandateURL())) { + OnlineMandates dbmandate = dbauth.getOnlineMandates(); + if (dbmandate == null) { + dbmandate = new OnlineMandates(); + dbauth.setOnlineMandates(dbmandate); + } + ConnectionParameterClientAuthType dbmandateconnection = dbmandate.getConnectionParameter(); + + if (dbmandateconnection == null) { + dbmandateconnection = new ConnectionParameterClientAuthType(); + dbmandate.setConnectionParameter(dbmandateconnection); + } + dbmandateconnection.setURL(moaconfig.getMandateURL()); + } + + MOASP dbmoasp = dbauth.getMOASP(); + if (dbmoasp == null) { + dbmoasp = new MOASP(); + dbauth.setMOASP(dbmoasp); + } + if (MiscUtil.isNotEmpty(moaconfig.getMoaspssURL())) { + ConnectionParameterClientAuthType moaspcon = dbmoasp.getConnectionParameter(); + if (moaspcon == null) { + moaspcon = new ConnectionParameterClientAuthType(); + dbmoasp.setConnectionParameter(moaspcon); + } + moaspcon.setURL(moaconfig.getMoaspssURL()); + } + VerifyIdentityLink moaidl = dbmoasp.getVerifyIdentityLink(); + if (moaidl == null) { + moaidl = new VerifyIdentityLink(); + dbmoasp.setVerifyIdentityLink(moaidl); + } + moaidl.setTrustProfileID(moaconfig.getMoaspssIdlTrustProfile()); + VerifyAuthBlock moaauth = dbmoasp.getVerifyAuthBlock(); + if (moaauth == null) { + moaauth = new VerifyAuthBlock(); + dbmoasp.setVerifyAuthBlock(moaauth); + } + moaauth.setTrustProfileID(moaconfig.getMoaspssAuthTrustProfile()); + + moaauth.setVerifyTransformsInfoProfileID(moaconfig.getAuthTransformList()); + + SecurityLayer seclayertrans = dbauth.getSecurityLayer(); + if (seclayertrans == null) { + seclayertrans = new SecurityLayer(); + dbauth.setSecurityLayer(seclayertrans); + } + List<TransformsInfoType> trans = new ArrayList<TransformsInfoType>(); + Map<String, byte[]> moatrans = moaconfig.getSecLayerTransformation(); + if (moatrans != null) { + Set<String> keys = moatrans.keySet(); + for (String key : keys) { + TransformsInfoType elem = new TransformsInfoType(); + elem.setFilename(key); + elem.setTransformation(moatrans.get(key)); + trans.add(elem); + } + } else { + if (oldauth != null) { + SecurityLayer oldsectrans = oldauth.getSecurityLayer(); + if (oldsectrans != null) { + List<TransformsInfoType> oldtranslist = oldsectrans.getTransformsInfo(); + for (TransformsInfoType oldel : oldtranslist) { + TransformsInfoType elem = new TransformsInfoType(); + elem.setFilename(oldel.getFilename()); + elem.setTransformation(oldel.getTransformation()); + trans.add(elem); + } + } + } + } + if (trans.size() > 0) + seclayertrans.setTransformsInfo(trans); + + + SLRequestTemplates slrequesttempl = dbconfig.getSLRequestTemplates(); + if (slrequesttempl == null) { + slrequesttempl = new SLRequestTemplates(); + dbconfig.setSLRequestTemplates(slrequesttempl); + } + if (MiscUtil.isNotEmpty(moaconfig.getSLRequestTemplateHandy())) + slrequesttempl.setHandyBKU(moaconfig.getSLRequestTemplateHandy()); + if (MiscUtil.isNotEmpty(moaconfig.getSLRequestTemplateLocal())) + slrequesttempl.setLocalBKU(moaconfig.getSLRequestTemplateLocal()); + if (MiscUtil.isNotEmpty(moaconfig.getSLRequestTemplateOnline())) + slrequesttempl.setOnlineBKU(moaconfig.getSLRequestTemplateOnline()); + + if (MiscUtil.isNotEmpty(moaconfig.getTrustedCACerts())) + dbconfig.setTrustedCACertificates(moaconfig.getTrustedCACerts()); + + //save config + try { + ConfigurationDBUtils.save(dbconfig); + + if (oldconfig != null) + ConfigurationDBUtils.delete(oldconfig); + + } catch (MOADatabaseException e) { + log.warn("MOAID Configuration can not be stored in Database", e); + return LanguageHelper.getErrorString("error.db.oa.store"); + } + + ConfigurationDBUtils.closeSession(); + + return null; + } + + public void setServletResponse(HttpServletResponse response) { + this.response = response; + + } + + public void setServletRequest(HttpServletRequest request) { + this.request = request; + + } + + /** + * @return the authUser + */ + public AuthenticatedUser getAuthUser() { + return authUser; + } + + /** + * @return the moaconfig + */ + public GeneralMOAIDConfig getMoaconfig() { + return moaconfig; + } + + /** + * @param moaconfig the moaconfig to set + */ + public void setMoaconfig(GeneralMOAIDConfig moaconfig) { + this.moaconfig = moaconfig; + } + + + + +} diff --git a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/struts/action/EditOAAction.java b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/struts/action/EditOAAction.java new file mode 100644 index 000000000..297d80726 --- /dev/null +++ b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/struts/action/EditOAAction.java @@ -0,0 +1,612 @@ +package at.gv.egovernment.moa.id.configuration.struts.action; + +import java.io.IOException; +import java.math.BigInteger; +import java.security.cert.CertificateException; +import java.util.ArrayList; +import java.util.List; + +import javax.servlet.http.HttpServletRequest; +import javax.servlet.http.HttpServletResponse; + +import org.apache.log4j.Logger; +import org.apache.struts2.interceptor.ServletRequestAware; +import org.apache.struts2.interceptor.ServletResponseAware; + +import at.gv.egovernment.moa.id.commons.db.ConfigurationDBRead; +import at.gv.egovernment.moa.id.commons.db.ConfigurationDBUtils; +import at.gv.egovernment.moa.id.commons.db.dao.config.AuthComponentOA; +import at.gv.egovernment.moa.id.commons.db.dao.config.BKUURLS; +import at.gv.egovernment.moa.id.commons.db.dao.config.IdentificationNumber; +import at.gv.egovernment.moa.id.commons.db.dao.config.MOAKeyBoxSelector; +import at.gv.egovernment.moa.id.commons.db.dao.config.Mandates; +import at.gv.egovernment.moa.id.commons.db.dao.config.OAPVP2; +import at.gv.egovernment.moa.id.commons.db.dao.config.OASAML1; +import at.gv.egovernment.moa.id.commons.db.dao.config.OASSO; +import at.gv.egovernment.moa.id.commons.db.dao.config.OnlineApplication; +import at.gv.egovernment.moa.id.commons.db.dao.config.OnlineApplicationType; +import at.gv.egovernment.moa.id.commons.db.dao.config.STORK; +import at.gv.egovernment.moa.id.commons.db.dao.config.TemplateType; +import at.gv.egovernment.moa.id.commons.db.dao.config.TemplatesType; +import at.gv.egovernment.moa.id.commons.db.dao.config.TransformsInfoType; +import at.gv.egovernment.moa.id.commons.db.dao.config.UserDatabase; +import at.gv.egovernment.moa.id.commons.db.ex.MOADatabaseException; +import at.gv.egovernment.moa.id.configuration.Constants; +import at.gv.egovernment.moa.id.configuration.auth.AuthenticatedUser; +import at.gv.egovernment.moa.id.configuration.data.oa.OAGeneralConfig; +import at.gv.egovernment.moa.id.configuration.data.oa.OAPVP2Config; +import at.gv.egovernment.moa.id.configuration.data.oa.OASAML1Config; +import at.gv.egovernment.moa.id.configuration.data.oa.OASSOConfig; +import at.gv.egovernment.moa.id.configuration.data.oa.OASTORKConfig; +import at.gv.egovernment.moa.id.configuration.helper.LanguageHelper; +import at.gv.egovernment.moa.id.configuration.validation.ValidationHelper; +import at.gv.egovernment.moa.id.configuration.validation.oa.OAGeneralConfigValidation; +import at.gv.egovernment.moa.id.configuration.validation.oa.OAPVP2ConfigValidation; +import at.gv.egovernment.moa.id.configuration.validation.oa.OASAML1ConfigValidation; +import at.gv.egovernment.moa.id.configuration.validation.oa.OASSOConfigValidation; +import at.gv.egovernment.moa.id.configuration.validation.oa.OASTORKConfigValidation; +import at.gv.egovernment.moa.util.MiscUtil; + +import com.opensymphony.xwork2.ActionSupport; + +public class EditOAAction extends ActionSupport implements ServletRequestAware, +ServletResponseAware { + + private final Logger log = Logger.getLogger(EditOAAction.class); + + private static final long serialVersionUID = 1L; + + private HttpServletRequest request; + private HttpServletResponse response; + + private AuthenticatedUser authUser; + + private String oaidobj; + private boolean newOA; + + private OAGeneralConfig generalOA = new OAGeneralConfig(); + private OAPVP2Config pvp2OA = new OAPVP2Config(); + private OASAML1Config saml1OA = new OASAML1Config(); + private OASSOConfig ssoOA = new OASSOConfig(); + private OASTORKConfig storkOA; + + //STRUTS actions + public String inital() { + + Object authUserObj = request.getSession().getAttribute(Constants.SESSION_AUTH); + + authUser = (AuthenticatedUser) authUserObj; + + long oaid = -1; + + if (!ValidationHelper.validateOAID(oaidobj)) { + addActionError(LanguageHelper.getErrorString("errors.edit.oa.oaid", request)); + return Constants.STRUTS_ERROR; + } + oaid = Long.valueOf(oaidobj); + + OnlineApplication onlineapplication = null;; + if (authUser.isAdmin()) + onlineapplication = ConfigurationDBRead.getOnlineApplication(oaid); + else { + UserDatabase userdb = ConfigurationDBRead.getUserWithID(authUser.getUserID()); + List<OnlineApplication> oas = userdb.getOnlineApplication(); + for (OnlineApplication oa : oas) { + if (oa.getHjid() == oaid) { + onlineapplication = oa; + break; + } + } + if (onlineapplication == null) { + addActionError(LanguageHelper.getErrorString("errors.edit.oa.oaid", request)); + return Constants.STRUTS_ERROR; + } + } + + generalOA.parse(onlineapplication); + ssoOA.parse(onlineapplication); + saml1OA.parse(onlineapplication); + List<String> errors = pvp2OA.parse(onlineapplication); + + if (errors.size() > 0) { + for (String el : errors) + addActionError(el); + } + + ConfigurationDBUtils.closeSession(); + + request.getSession().setAttribute(Constants.SESSION_OAID, oaid); + + newOA = false; + + return Constants.STRUTS_OA_EDIT; + } + + public String newOA() { + log.debug("insert new Online-Application"); + + request.getSession().setAttribute(Constants.SESSION_OAID, null); + + Object authUserObj = request.getSession().getAttribute(Constants.SESSION_AUTH); + + authUser = (AuthenticatedUser) authUserObj; + + newOA = true; + + return Constants.STRUTS_OA_EDIT; + } + + public String saveOA() { + + Object authUserObj = request.getSession().getAttribute(Constants.SESSION_AUTH); + + authUser = (AuthenticatedUser) authUserObj; + + OnlineApplication onlineapplication = null; + List<String> errors = new ArrayList<String>(); + + Object oadbid = request.getSession().getAttribute(Constants.SESSION_OAID); + Long oaid = (long) -1; + + if (oadbid != null ) { + try { + oaid = (Long) oadbid; + if (oaid < 0 || oaid > Long.MAX_VALUE) { + addActionError(LanguageHelper.getErrorString("errors.edit.oa.oaid", request)); + return Constants.STRUTS_ERROR; + } + + } catch (Throwable t) { + addActionError(LanguageHelper.getErrorString("errors.edit.oa.oaid", request)); + return Constants.STRUTS_ERROR; + } + } + + //valid DBID and check entry + String oaidentifier = generalOA.getIdentifier(); + if (MiscUtil.isEmpty(oaidentifier)) { + log.info("Empty OA identifier"); + errors.add(LanguageHelper.getErrorString("validation.general.oaidentifier.empty")); + + } else { + + //TODO: oaidentifier has to be a URL according to PVP2.1 specification + if (ValidationHelper.isValidOAIdentifier(oaidentifier)) { + log.warn("IdentificationNumber contains potentail XSS characters: " + oaidentifier); + errors.add(LanguageHelper.getErrorString("validation.general.oaidentifier.valid", + new Object[] {ValidationHelper.getNotValidOAIdentifierCharacters()} )); + } else { + + if (oaid == -1) { + onlineapplication = ConfigurationDBRead.getOnlineApplication(oaidentifier); + if (onlineapplication != null) { + log.info("The OAIdentifier is not unique"); + errors.add(LanguageHelper.getErrorString("validation.general.oaidentifier.notunique")); + } + + } else { + onlineapplication = ConfigurationDBRead.getOnlineApplication(oaid); + if (!oaidentifier.equals(onlineapplication.getPublicURLPrefix())) { + + if (ConfigurationDBRead.getOnlineApplication(oaidentifier) != null) { + log.info("The OAIdentifier is not unique"); + errors.add(LanguageHelper.getErrorString("validation.general.oaidentifier.notunique")); + } + } + } + } + } + + //check form + OAGeneralConfigValidation validatior_general = new OAGeneralConfigValidation(); + OAPVP2ConfigValidation validatior_pvp2 = new OAPVP2ConfigValidation(); + OASAML1ConfigValidation validatior_saml1 = new OASAML1ConfigValidation(); + OASSOConfigValidation validatior_sso = new OASSOConfigValidation(); + OASTORKConfigValidation validator_stork = new OASTORKConfigValidation(); + + errors.addAll(validatior_general.validate(generalOA, authUser.isAdmin())); + errors.addAll(validatior_pvp2.validate(pvp2OA)); + errors.addAll(validatior_saml1.validate(saml1OA, generalOA)); + errors.addAll(validatior_sso.validate(ssoOA, authUser.isAdmin())); + errors.addAll(validator_stork.validate(storkOA)); + + if (errors.size() > 0) { + log.info("OAConfiguration with ID " + generalOA.getIdentifier() + " has some errors."); + for (String el : errors) + addActionError(el); + + return Constants.STRUTS_ERROR_VALIDATION; + + } else { + + String error = saveOAConfigToDatabase(onlineapplication); + if (MiscUtil.isNotEmpty(error)) { + log.warn("OA configuration can not be stored!"); + addActionError(error); + return Constants.STRUTS_ERROR_VALIDATION; + } + } + + + + request.getSession().setAttribute(Constants.SESSION_OAID, null); + addActionMessage(LanguageHelper.getGUIString("webpages.oaconfig.success", generalOA.getIdentifier(), request)); + + ConfigurationDBUtils.closeSession(); + + return Constants.STRUTS_SUCCESS; + } + + public String cancleAndBackOA() { + + request.getSession().setAttribute(Constants.SESSION_OAID, null); + + addActionMessage(LanguageHelper.getGUIString("webpages.oaconfig.cancle", generalOA.getIdentifier(), request)); + + ConfigurationDBUtils.closeSession(); + + return Constants.STRUTS_SUCCESS; + } + + public String deleteOA() { + + Object authUserObj = request.getSession().getAttribute(Constants.SESSION_AUTH); + + authUser = (AuthenticatedUser) authUserObj; + + String oaidentifier = generalOA.getIdentifier(); + if (MiscUtil.isEmpty(oaidentifier)) { + log.info("Empty OA identifier"); + addActionError(LanguageHelper.getErrorString("validation.general.oaidentifier.empty")); + return Constants.STRUTS_ERROR_VALIDATION; + + } else { + if (ValidationHelper.isValidOAIdentifier(oaidentifier)) { + log.warn("IdentificationNumber contains potentail XSS characters: " + oaidentifier); + addActionError(LanguageHelper.getErrorString("validation.general.oaidentifier.valid", + new Object[] {ValidationHelper.getNotValidOAIdentifierCharacters()} )); + return Constants.STRUTS_ERROR_VALIDATION; + } + } + + OnlineApplication onlineapplication = ConfigurationDBRead.getOnlineApplication(oaidentifier); + + request.getSession().setAttribute(Constants.SESSION_OAID, null); + if (ConfigurationDBUtils.delete(onlineapplication)) { + + if (!authUser.isAdmin()) { + UserDatabase user = ConfigurationDBRead.getUserWithID(authUser.getUserID()); + List<OnlineApplication> useroas = user.getOnlineApplication(); + + for (OnlineApplicationType oa : useroas) { + if (oa.getHjid().equals(onlineapplication.getHjid())) { + useroas.remove(oa); + } + } + + try { + ConfigurationDBUtils.saveOrUpdate(user); + + } catch (MOADatabaseException e) { + log.warn("User information can not be updated in database", e); + addActionError(LanguageHelper.getGUIString("error.db.oa.store", request)); + return Constants.STRUTS_ERROR; + } + } + + ConfigurationDBUtils.closeSession(); + + addActionMessage(LanguageHelper.getGUIString("webpages.oaconfig.delete.message", generalOA.getIdentifier(), request)); + + return Constants.STRUTS_SUCCESS; + + } else { + ConfigurationDBUtils.closeSession(); + addActionError(LanguageHelper.getGUIString("webpages.oaconfig.delete.error", generalOA.getIdentifier(), request)); + return Constants.STRUTS_SUCCESS; + } + + + + } + + private String saveOAConfigToDatabase(OnlineApplication dboa) { + + boolean newentry = false; + + if (dboa == null) { + dboa = new OnlineApplication(); + newentry = true; + dboa.setIsActive(false); + } + + AuthComponentOA authoa = dboa.getAuthComponentOA(); + if (authoa == null) { + authoa = new AuthComponentOA(); + dboa.setAuthComponentOA(authoa); + } + + if (authUser.isAdmin()) + dboa.setIsActive(generalOA.isActive()); + + dboa.setFriendlyName(generalOA.getFriendlyName()); + dboa.setCalculateHPI(generalOA.isCalculateHPI()); + dboa.setKeyBoxIdentifier(MOAKeyBoxSelector.fromValue(generalOA.getKeyBoxIdentifier())); + dboa.setPublicURLPrefix(generalOA.getIdentifier()); + + if (generalOA.isBusinessService()) { + dboa.setType(Constants.MOA_CONFIG_BUSINESSSERVICE); + + IdentificationNumber idnumber = new IdentificationNumber(); + idnumber.setValue(generalOA.getIdentificationNumber()); + authoa.setIdentificationNumber(idnumber); + + } + else { + dboa.setType(null); + dboa.setTarget(generalOA.getTarget()); + dboa.setTargetFriendlyName(generalOA.getTargetFriendlyName()); + + } + + BKUURLS bkuruls = new BKUURLS(); + authoa.setBKUURLS(bkuruls); + bkuruls.setHandyBKU(generalOA.getBkuHandyURL()); + bkuruls.setLocalBKU(generalOA.getBkuLocalURL()); + bkuruls.setOnlineBKU(generalOA.getBkuOnlineURL()); + + Mandates mandates = new Mandates(); + mandates.setProfiles(generalOA.getMandateProfiles()); + authoa.setMandates(mandates); + + authoa.setSlVersion(generalOA.getSlVersion()); + authoa.setUseIFrame(generalOA.isUseIFrame()); + authoa.setUseUTC(generalOA.isUseUTC()); + + TemplatesType templates = authoa.getTemplates(); + if (templates == null) { + templates = new TemplatesType(); + authoa.setTemplates(templates); + } + templates.setAditionalAuthBlockText(generalOA.getAditionalAuthBlockText()); + + List<TemplateType> template = templates.getTemplate(); + if (generalOA.isLegacy()) { + + if (template == null) + template = new ArrayList<TemplateType>(); + else + template.clear(); + + if (MiscUtil.isNotEmpty(generalOA.getSLTemplateURL1())) { + TemplateType el = new TemplateType(); + el.setURL(generalOA.getSLTemplateURL1()); + template.add(el); + } + if (MiscUtil.isNotEmpty(generalOA.getSLTemplateURL2())) { + TemplateType el = new TemplateType(); + el.setURL(generalOA.getSLTemplateURL2()); + template.add(el); + } + if (MiscUtil.isNotEmpty(generalOA.getSLTemplateURL3())) { + TemplateType el = new TemplateType(); + el.setURL(generalOA.getSLTemplateURL3()); + template.add(el); + } + + } else { + if (template != null && template.size() > 0) + template.clear(); + } + + //set default transformation if it is empty + List<TransformsInfoType> transformsInfo = authoa.getTransformsInfo(); + if (transformsInfo == null) { + //TODO: set OA specific transformation if it is required + + } + + OAPVP2 pvp2 = authoa.getOAPVP2(); + if (pvp2 == null) { + pvp2 = new OAPVP2(); + authoa.setOAPVP2(pvp2); + } + + pvp2.setMetadataURL(pvp2OA.getMetaDataURL()); + try { + + if (pvp2OA.getFileUpload() != null) + pvp2.setCertificate(pvp2OA.getCertificate()); + + } catch (CertificateException e) { + log.info("Uploaded Certificate can not be found", e); + return LanguageHelper.getErrorString("validation.pvp2.certificate.notfound"); + } catch (IOException e) { + log.info("Uploaded Certificate can not be parsed", e); + return LanguageHelper.getErrorString("validation.pvp2.certificate.format"); + } + + OASAML1 saml1 = authoa.getOASAML1(); + if (saml1 == null) { + saml1 = new OASAML1(); + authoa.setOASAML1(saml1); + } + saml1.setProvideAUTHBlock(saml1OA.isProvideAuthBlock()); + saml1.setProvideCertificate(saml1OA.isProvideCertificate()); + saml1.setProvideFullMandatorData(saml1OA.isProvideFullMandateData()); + saml1.setProvideIdentityLink(saml1OA.isProvideIdentityLink()); + saml1.setProvideStammzahl(saml1OA.isProvideStammZahl()); + saml1.setUseCondition(saml1OA.isUseCondition()); + saml1.setConditionLength(BigInteger.valueOf(saml1OA.getConditionLength())); + //TODO: set sourceID + //saml1.setSourceID(""); + + OASSO sso = authoa.getOASSO(); + if (sso == null) { + sso = new OASSO(); + authoa.setOASSO(sso); + sso.setAuthDataFrame(true); + } + sso.setUseSSO(ssoOA.isUseSSO()); + + if (authUser.isAdmin()) + sso.setAuthDataFrame(ssoOA.isShowAuthDataFrame()); + + sso.setSingleLogOutURL(ssoOA.getSingleLogOutURL()); + + + STORK stork = authoa.getSTORK(); + if (stork == null) { + //TODO: make stork configurable + + } + + try { + if (newentry) { + ConfigurationDBUtils.save(dboa); + + if (!authUser.isAdmin()) { + UserDatabase user = ConfigurationDBRead.getUserWithID(authUser.getUserID()); + + List<OnlineApplication> useroas = user.getOnlineApplication(); + if (useroas == null) + useroas = new ArrayList<OnlineApplication>(); + + useroas.add(dboa); + ConfigurationDBUtils.saveOrUpdate(user); + } + } + + else + ConfigurationDBUtils.saveOrUpdate(dboa); + + } catch (MOADatabaseException e) { + log.warn("Online-Application can not be stored.", e); + return LanguageHelper.getErrorString("error.db.oa.store"); + } + + return null; + } + + public String setGeneralOAConfig() { + + return Constants.STRUTS_SUCCESS; + } + + public String setSAML1OAConfig() { + + return Constants.STRUTS_SUCCESS; + } + + public String setPVP2OAConfig() { + + return Constants.STRUTS_SUCCESS; + } + + public String setSSOOAConfig() { + + return Constants.STRUTS_SUCCESS; + } + + public String setSTORKOAConfig() { + + return Constants.STRUTS_SUCCESS; + } + + + //Getter and Setter + public void setServletResponse(HttpServletResponse arg0) { + this.response = arg0; + + } + + public void setServletRequest(HttpServletRequest arg0) { + this.request = arg0; + + } + + public HttpServletRequest getRequest() { + return request; + } + + public void setRequest(HttpServletRequest request) { + this.request = request; + } + + public HttpServletResponse getResponse() { + return response; + } + + public void setResponse(HttpServletResponse response) { + this.response = response; + } + + public OAGeneralConfig getGeneralOA() { + return generalOA; + } + + public void setGeneralOA(OAGeneralConfig generalOA) { + this.generalOA = generalOA; + } + + public OAPVP2Config getPvp2OA() { + return pvp2OA; + } + + public void setPvp2OA(OAPVP2Config pvp2oa) { + pvp2OA = pvp2oa; + } + + public OASAML1Config getSaml1OA() { + return saml1OA; + } + + public void setSaml1OA(OASAML1Config saml1oa) { + saml1OA = saml1oa; + } + + public OASSOConfig getSsoOA() { + return ssoOA; + } + + public void setSsoOA(OASSOConfig ssoOA) { + this.ssoOA = ssoOA; + } + + public OASTORKConfig getStorkOA() { + return storkOA; + } + + public void setStorkOA(OASTORKConfig storkOA) { + this.storkOA = storkOA; + } + + /** + * @param oaidobj the oaidobj to set + */ + public void setOaidobj(String oaidobj) { + this.oaidobj = oaidobj; + } + + /** + * @return the authUser + */ + public AuthenticatedUser getAuthUser() { + return authUser; + } + + /** + * @return the newOA + */ + public boolean isNewOA() { + return newOA; + } + + /** + * @param newOA the newOA to set + */ + public void setNewOA(boolean newOA) { + this.newOA = newOA; + } + +} diff --git a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/struts/action/ImportExportAction.java b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/struts/action/ImportExportAction.java new file mode 100644 index 000000000..1cb4fa802 --- /dev/null +++ b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/struts/action/ImportExportAction.java @@ -0,0 +1,363 @@ +package at.gv.egovernment.moa.id.configuration.struts.action; + +import java.io.File; +import java.io.IOException; +import java.io.InputStream; +import java.io.OutputStream; +import java.io.StringReader; +import java.io.StringWriter; +import java.net.MalformedURLException; +import java.util.List; + +import javax.servlet.http.HttpServletRequest; +import javax.servlet.http.HttpServletResponse; +import javax.xml.bind.JAXBContext; +import javax.xml.bind.JAXBException; +import javax.xml.bind.Marshaller; +import javax.xml.bind.Unmarshaller; +import javax.xml.transform.Result; + +import org.apache.commons.io.IOUtils; +import org.apache.log4j.Logger; +import org.apache.struts2.interceptor.ServletRequestAware; +import org.apache.struts2.interceptor.ServletResponseAware; +import org.hibernate.lob.ReaderInputStream; +import org.w3c.dom.Node; + +import at.gv.egovernment.moa.id.commons.db.ConfigurationDBRead; +import at.gv.egovernment.moa.id.commons.db.ConfigurationDBUtils; +import at.gv.egovernment.moa.id.commons.db.dao.config.MOAIDConfiguration; +import at.gv.egovernment.moa.id.commons.db.dao.config.OnlineApplication; +import at.gv.egovernment.moa.id.commons.db.ex.MOADatabaseException; +import at.gv.egovernment.moa.id.config.ConfigurationException; +import at.gv.egovernment.moa.id.config.legacy.BuildFromLegacyConfig; +import at.gv.egovernment.moa.id.configuration.Constants; +import at.gv.egovernment.moa.id.configuration.auth.AuthenticatedUser; +import at.gv.egovernment.moa.id.configuration.config.ConfigurationProvider; +import at.gv.egovernment.moa.id.configuration.helper.LanguageHelper; +import at.iaik.commons.util.IOUtil; + +import com.opensymphony.xwork2.ActionSupport; + +import eu.stork.vidp.messages.common.STORKBootstrap; + +public class ImportExportAction extends ActionSupport +implements ServletRequestAware, ServletResponseAware { + + private static final Logger log = Logger.getLogger(ImportExportAction.class); + + private static final long serialVersionUID = 1L; + private HttpServletRequest request; + private HttpServletResponse response; + + private AuthenticatedUser authUser; + + private File fileUpload = null; + private String fileUploadContentType = null; + private String fileUploadFileName = null; + + private InputStream fileInputStream; + + public String init() { + + Object authUserObj = request.getSession().getAttribute(Constants.SESSION_AUTH); + + authUser = (AuthenticatedUser) authUserObj; + + if (authUser.isAdmin()) { + + return Constants.STRUTS_SUCCESS; + + } else { + log.info("No access to Import/Export for User with ID" + authUser.getUserID()); + addActionError(LanguageHelper.getErrorString("errors.notallowed")); + return Constants.STRUTS_NOTALLOWED; + } + } + + public String importLegacyConfig() { + Object authUserObj = request.getSession().getAttribute(Constants.SESSION_AUTH); + + authUser = (AuthenticatedUser) authUserObj; + + if (authUser.isAdmin()) { + + //load legacy config if it is configured + + if (fileUpload == null) { + addActionError(LanguageHelper.getErrorString("errors.importexport.nofile")); + return Constants.STRUTS_ERROR_VALIDATION; + } + + //Initialize OpenSAML for STORK + log.info("Starting initialization of OpenSAML..."); + try { + STORKBootstrap.bootstrap(); + + } catch (org.opensaml.xml.ConfigurationException e1) { + log.info("Legacy configuration has an Import Error", e1); + addActionError(LanguageHelper.getErrorString("errors.importexport.legacyimport", new Object[] {e1.getMessage()})); + return Constants.STRUTS_ERROR_VALIDATION; + } + log.debug("OpenSAML successfully initialized"); + try { + + MOAIDConfiguration moaidconfig = ConfigurationDBRead.getMOAIDConfiguration(); + + MOAIDConfiguration moaconfig; + try { + log.warn("WARNING! The legacy import deletes the hole old config"); + + String rootConfigFileDir = new File(ConfigurationProvider.getInstance().getConfigFile()).getParent(); + + try { + rootConfigFileDir = new File(rootConfigFileDir).toURL().toString(); + + } catch (MalformedURLException t) { + log.warn("RootConfiguration Directory is not found"); + rootConfigFileDir = ""; + } + + moaconfig = BuildFromLegacyConfig.build(fileUpload, rootConfigFileDir, moaidconfig); + + } catch (ConfigurationException e) { + log.info("Legacy configuration has an Import Error", e); + addActionError(LanguageHelper.getErrorString("errors.importexport.legacyimport", new Object[] {e.getMessage()})); + ConfigurationDBUtils.closeSession(); + return Constants.STRUTS_ERROR_VALIDATION; + + } catch (at.gv.egovernment.moa.id.configuration.exception.ConfigurationException e) { + ConfigurationDBUtils.closeSession(); + return Constants.STRUTS_ERROR_VALIDATION; + } + + //check if XML config should be use + log.warn("WARNING! MOA-ID 2.0 is started with XML configuration. This setup overstrike the actual configuration in the Database!"); + + + if (moaidconfig != null) + ConfigurationDBUtils.delete(moaidconfig); + + List<OnlineApplication> oas = ConfigurationDBRead.getAllOnlineApplications(); + if (oas != null && oas.size() > 0) { + for (OnlineApplication oa : oas) + ConfigurationDBUtils.delete(oa); + } + + + oas = moaconfig.getOnlineApplication(); + for (OnlineApplication oa : oas) + ConfigurationDBUtils.save(oa); + + moaconfig.setOnlineApplication(null); + ConfigurationDBUtils.save(moaconfig); + + } catch (MOADatabaseException e) { + log.warn("General MOA-ID config can not be stored in Database"); + addActionError(e.getMessage()); + return Constants.STRUTS_ERROR_VALIDATION; + } + + finally { + ConfigurationDBUtils.closeSession(); + } + + log.info("Legacy Configuration load is completed."); + addActionMessage(LanguageHelper.getGUIString("webpages.inportexport.success")); + return Constants.STRUTS_SUCCESS; + + } else { + log.info("No access to Import/Export for User with ID" + authUser.getUserID()); + addActionError(LanguageHelper.getErrorString("errors.notallowed")); + return Constants.STRUTS_NOTALLOWED; + } + } + + public String downloadXMLConfig() { + Object authUserObj = request.getSession().getAttribute(Constants.SESSION_AUTH); + + authUser = (AuthenticatedUser) authUserObj; + + if (authUser.isAdmin()) { + + log.info("Write MOA-ID 2.x xml config"); + JAXBContext jc; + try { + jc = JAXBContext.newInstance("at.gv.egovernment.moa.id.commons.db.dao.config"); + + Marshaller m = jc.createMarshaller(); + m.setProperty(Marshaller.JAXB_FORMATTED_OUTPUT, true); +// File test = new File(xmlconfigout); +// m.marshal(moaidconfig, test); + MOAIDConfiguration moaidconfig = ConfigurationDBRead.getMOAIDConfiguration(); + + if (moaidconfig == null) { + log.info("No MOA-ID 2.x configruation available"); + addActionError(LanguageHelper.getErrorString("errors.importexport.export.noconfig")); + return Constants.STRUTS_ERROR_VALIDATION; + } + + List<OnlineApplication> oaconfigs = ConfigurationDBRead.getAllOnlineApplications(); + moaidconfig.setOnlineApplication(oaconfigs); + + StringWriter writer = new StringWriter(); + m.marshal(moaidconfig, writer); + fileInputStream = IOUtils.toInputStream(writer.toString(), "UTF-8"); + + } catch (JAXBException e) { + log.info("MOA-ID 2.x configruation could not be exported into a XML file.", e); + addActionError(LanguageHelper.getErrorString("errors.importexport.export", + new Object[]{e.getMessage()})); + return Constants.STRUTS_ERROR_VALIDATION; + } catch (IOException e) { + log.info("MOA-ID 2.x configruation could not be exported into a XML file.", e); + addActionError(LanguageHelper.getErrorString("errors.importexport.export", + new Object[]{e.getMessage()})); + return Constants.STRUTS_ERROR_VALIDATION; + } + + finally { + ConfigurationDBUtils.closeSession(); + } + + return Constants.STRUTS_SUCCESS; + } else { + log.info("No access to Import/Export for User with ID" + authUser.getUserID()); + addActionError(LanguageHelper.getErrorString("errors.notallowed")); + return Constants.STRUTS_NOTALLOWED; + } + } + + + public String importXMLConfig() { + Object authUserObj = request.getSession().getAttribute(Constants.SESSION_AUTH); + + authUser = (AuthenticatedUser) authUserObj; + + if (authUser.isAdmin()) { + + if (fileUpload == null) { + addActionError(LanguageHelper.getErrorString("errors.importexport.nofile")); + return Constants.STRUTS_ERROR_VALIDATION; + } + + log.info("Load configuration from MOA-ID 2.x XML configuration"); + + try { + JAXBContext jc = JAXBContext.newInstance("at.gv.egovernment.moa.id.commons.db.dao.config"); + Unmarshaller m = jc.createUnmarshaller(); + MOAIDConfiguration moaconfig = (MOAIDConfiguration) m.unmarshal(fileUpload); + + + log.warn("WARNING! The XML import deletes the hole old config"); + List<OnlineApplication> oas = ConfigurationDBRead.getAllOnlineApplications(); + if (oas != null && oas.size() > 0) { + for (OnlineApplication oa : oas) + ConfigurationDBUtils.delete(oa); + } + MOAIDConfiguration moaidconfig = ConfigurationDBRead.getMOAIDConfiguration(); + if (moaidconfig != null) + ConfigurationDBUtils.delete(moaidconfig); + + List<OnlineApplication> importoas = moaconfig.getOnlineApplication(); + for (OnlineApplication importoa : importoas) { + ConfigurationDBUtils.saveOrUpdate(importoa); + } + + moaconfig.setOnlineApplication(null); + ConfigurationDBUtils.saveOrUpdate(moaconfig); + + } catch (Exception e) { + log.warn("MOA-ID XML configuration can not be loaded from File.", e); + addActionError(LanguageHelper.getErrorString("errors.importexport.import", + new Object[]{e.getMessage()})); + return Constants.STRUTS_ERROR_VALIDATION; + + } + + finally { + ConfigurationDBUtils.closeSession(); + } + + log.info("XML Configuration load is completed."); + addActionMessage(LanguageHelper.getGUIString("webpages.inportexport.success")); + return Constants.STRUTS_SUCCESS; + + } else { + log.info("No access to Import/Export for User with ID" + authUser.getUserID()); + addActionError(LanguageHelper.getErrorString("errors.notallowed")); + return Constants.STRUTS_NOTALLOWED; + } + + } + + /** + * @return the fileUpload + */ + public File getFileUpload() { + return fileUpload; + } + + + + /** + * @param fileUpload the fileUpload to set + */ + public void setFileUpload(File fileUpload) { + this.fileUpload = fileUpload; + } + + + + /** + * @return the fileUploadContentType + */ + public String getFileUploadContentType() { + return fileUploadContentType; + } + + + + /** + * @param fileUploadContentType the fileUploadContentType to set + */ + public void setFileUploadContentType(String fileUploadContentType) { + this.fileUploadContentType = fileUploadContentType; + } + + + + /** + * @return the fileUploadFileName + */ + public String getFileUploadFileName() { + return fileUploadFileName; + } + + + + /** + * @param fileUploadFileName the fileUploadFileName to set + */ + public void setFileUploadFileName(String fileUploadFileName) { + this.fileUploadFileName = fileUploadFileName; + } + + /** + * @return the authUser + */ + public AuthenticatedUser getAuthUser() { + return authUser; + } + + public void setServletResponse(HttpServletResponse response) { + this.response = response; + } + public void setServletRequest(HttpServletRequest request) { + this.request = request; + } + + public InputStream getFileInputStream() { + return fileInputStream; + } +} diff --git a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/struts/action/IndexAction.java b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/struts/action/IndexAction.java new file mode 100644 index 000000000..6078caa87 --- /dev/null +++ b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/struts/action/IndexAction.java @@ -0,0 +1,170 @@ +package at.gv.egovernment.moa.id.configuration.struts.action; + +import java.util.Date; + +import javax.servlet.http.HttpServletRequest; +import javax.servlet.http.HttpServletResponse; +import javax.servlet.http.HttpSession; + +import org.apache.log4j.Logger; +import org.apache.struts2.interceptor.ServletRequestAware; +import org.apache.struts2.interceptor.ServletResponseAware; + +import com.opensymphony.xwork2.ActionSupport; + +import at.gv.egovernment.moa.id.commons.db.ConfigurationDBRead; +import at.gv.egovernment.moa.id.commons.db.ConfigurationDBUtils; +import at.gv.egovernment.moa.id.commons.db.dao.config.UserDatabase; +import at.gv.egovernment.moa.id.commons.db.ex.MOADatabaseException; +import at.gv.egovernment.moa.id.configuration.Constants; +import at.gv.egovernment.moa.id.configuration.auth.AuthenticatedUser; +import at.gv.egovernment.moa.id.configuration.config.ConfigurationProvider; +import at.gv.egovernment.moa.id.configuration.exception.ConfigurationException; +import at.gv.egovernment.moa.id.configuration.helper.AuthenticationHelper; +import at.gv.egovernment.moa.id.configuration.helper.LanguageHelper; +import at.gv.egovernment.moa.id.configuration.validation.UserDatabaseFormValidator; +import at.gv.egovernment.moa.id.configuration.validation.ValidationHelper; +import at.gv.egovernment.moa.util.MiscUtil; + +public class IndexAction extends ActionSupport implements ServletRequestAware, + ServletResponseAware { + + private static final Logger log = Logger.getLogger(IndexAction.class); + + private HttpServletRequest request; + private HttpServletResponse response; + + private String password; + private String username; + + public String start() { + + return Constants.STRUTS_SUCCESS; + } + + public String authenticate() { + + String key = null; + + if (MiscUtil.isNotEmpty(username)) { + if (ValidationHelper.containsPotentialCSSCharacter(username, false)) { + log.warn("Username contains potentail XSS characters: " + username); + addActionError(LanguageHelper.getErrorString("validation.edituser.username.valid", + new Object[] {ValidationHelper.getPotentialCSSCharacter(false)} )); + return Constants.STRUTS_ERROR; + } + } else { + log.warn("Username is empty"); + addActionError(LanguageHelper.getErrorString("validation.edituser.username.empty")); + return Constants.STRUTS_ERROR; + } + + if (MiscUtil.isEmpty(password)) { + log.warn("Password is empty"); + addActionError(LanguageHelper.getErrorString("validation.edituser.password.empty")); + return Constants.STRUTS_ERROR; + + } else { + key = AuthenticationHelper.generateKeyFormPassword(password); + if (key == null) { + addActionError(LanguageHelper.getErrorString("validation.edituser.password.valid")); + return Constants.STRUTS_ERROR; + } + } + + + UserDatabase dbuser = ConfigurationDBRead.getUserWithUserName(username); + if (dbuser == null) { + log.warn("Unknown Username"); + addActionError(LanguageHelper.getErrorString("webpages.index.login.notallowed")); + return Constants.STRUTS_ERROR; + + } else { + if (!dbuser.isIsActive()) { + log.warn("Username " + dbuser.getUsername() + " is not active"); + addActionError(LanguageHelper.getErrorString("webpages.index.login.notallowed")); + return Constants.STRUTS_ERROR; + } + + if (!dbuser.getPassword().equals(key)) { + log.warn("Username " + dbuser.getUsername() + " use a false password"); + addActionError(LanguageHelper.getErrorString("webpages.index.login.notallowed")); + return Constants.STRUTS_ERROR; + } + + AuthenticatedUser authuser = new AuthenticatedUser( + dbuser.getHjid(), + dbuser.getGivenname(), + dbuser.getFamilyname(), + dbuser.getUsername(), + true, + dbuser.isIsAdmin()); + + authuser.setLastLogin(dbuser.getLastLoginItem()); + + dbuser.setLastLoginItem(new Date()); + + try { + ConfigurationDBUtils.saveOrUpdate(dbuser); + + } catch (MOADatabaseException e) { + log.warn("UserDatabase communicaton error", e); + addActionError(LanguageHelper.getErrorString("error.login")); + return Constants.STRUTS_ERROR; + } + finally { + ConfigurationDBUtils.closeSession(); + } + request.getSession().setAttribute(Constants.SESSION_AUTH, authuser); + return Constants.STRUTS_SUCCESS; + } + } + + public String logout() { + + HttpSession session = request.getSession(); + + if (session != null) + session.invalidate(); + + return Constants.STRUTS_SUCCESS; + } + + public void setServletResponse(HttpServletResponse arg0) { + this.response = arg0; + } + public void setServletRequest(HttpServletRequest arg0) { + this.request = arg0; + } + + /** + * @return the password + */ + public String getPassword() { + return password; + } + + /** + * @param password the password to set + */ + public void setPassword(String password) { + this.password = password; + } + + /** + * @return the username + */ + public String getUsername() { + return username; + } + + /** + * @param username the username to set + */ + public void setUsername(String username) { + this.username = username; + } + + + +} diff --git a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/struts/action/ListOAsAction.java b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/struts/action/ListOAsAction.java new file mode 100644 index 000000000..f5f265ea6 --- /dev/null +++ b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/struts/action/ListOAsAction.java @@ -0,0 +1,195 @@ +package at.gv.egovernment.moa.id.configuration.struts.action; + +import java.util.ArrayList; +import java.util.List; + +import javax.servlet.http.HttpServletRequest; +import javax.servlet.http.HttpServletResponse; + +import org.apache.log4j.Logger; +import org.apache.struts2.interceptor.ServletRequestAware; +import org.apache.struts2.interceptor.ServletResponseAware; + +import com.opensymphony.xwork2.ActionSupport; + +import at.gv.egovernment.moa.id.commons.db.ConfigurationDBRead; +import at.gv.egovernment.moa.id.commons.db.ConfigurationDBUtils; +import at.gv.egovernment.moa.id.commons.db.dao.config.OnlineApplication; +import at.gv.egovernment.moa.id.commons.db.dao.config.OnlineApplicationType; +import at.gv.egovernment.moa.id.commons.db.dao.config.UserDatabase; +import at.gv.egovernment.moa.id.configuration.Constants; +import at.gv.egovernment.moa.id.configuration.auth.AuthenticatedUser; +import at.gv.egovernment.moa.id.configuration.config.ConfigurationProvider; +import at.gv.egovernment.moa.id.configuration.data.OAListElement; +import at.gv.egovernment.moa.id.configuration.exception.ConfigurationException; +import at.gv.egovernment.moa.id.configuration.helper.LanguageHelper; +import at.gv.egovernment.moa.id.configuration.validation.ValidationHelper; +import at.gv.egovernment.moa.util.MiscUtil; + +public class ListOAsAction extends ActionSupport implements ServletRequestAware, + ServletResponseAware { + + private final Logger log = Logger.getLogger(ListOAsAction.class); + + private static final long serialVersionUID = 1L; + + private HttpServletRequest request; + private HttpServletResponse response; + + private ConfigurationProvider configuration; + + private List<OAListElement> formOAs; + private AuthenticatedUser authUser; + private String friendlyname; + + public ListOAsAction() throws ConfigurationException { + configuration = ConfigurationProvider.getInstance(); + } + + + public String listAllOnlineAppliactions() { + + Object authUserObj = request.getSession().getAttribute(Constants.SESSION_AUTH); + + authUser = (AuthenticatedUser) authUserObj; + + List<OnlineApplication> dbOAs = null; + + if (authUser.isAdmin()) { + dbOAs = ConfigurationDBRead.getAllOnlineApplications(); + + } else { + UserDatabase authUserDB = ConfigurationDBRead.getUserWithID(authUser.getUserID()); + + if (authUserDB != null) + dbOAs = authUserDB.getOnlineApplication(); + } + + addFormOAs(dbOAs); + + ConfigurationDBUtils.closeSession(); + + return Constants.STRUTS_SUCCESS; + } + + public String searchOAInit() { + + Object authUserObj = request.getSession().getAttribute(Constants.SESSION_AUTH); + + authUser = (AuthenticatedUser) authUserObj; + + formOAs = null; + friendlyname = ""; + + return Constants.STRUTS_SUCCESS; + + } + + public String searchOA() { + + Object authUserObj = request.getSession().getAttribute(Constants.SESSION_AUTH); + + authUser = (AuthenticatedUser) authUserObj; + + if (MiscUtil.isEmpty(friendlyname)) { + log.info("SearchOA textfield is empty"); + addActionError(LanguageHelper.getErrorString("validation.general.oafriendlyname.empty", request)); + return Constants.STRUTS_SUCCESS; + + } else { + if (ValidationHelper.containsPotentialCSSCharacter(friendlyname, false)) { + log.warn("SearchOA textfield contains potential XSS characters"); + addActionError(LanguageHelper.getErrorString("validation.general.oafriendlyname", + new Object[] {ValidationHelper.getPotentialCSSCharacter(false)}, request)); + return Constants.STRUTS_SUCCESS; + } + } + + List<OnlineApplication> dbOAs = null; + + if (authUser.isAdmin()) { + dbOAs = ConfigurationDBRead.searchOnlineApplications(friendlyname); + + } else { + UserDatabase authUserDB = ConfigurationDBRead.getUserWithID(authUser.getUserID()); + if (authUserDB != null) { + List<OnlineApplication> alldbOAs = authUserDB.getOnlineApplication(); + + dbOAs = new ArrayList<OnlineApplication>(); + + for (OnlineApplication el : alldbOAs) { + if (el.getPublicURLPrefix() + .toLowerCase().indexOf(friendlyname.toLowerCase()) > -1) + dbOAs.add(el); + } + } + } + + addFormOAs(dbOAs); + + ConfigurationDBUtils.closeSession(); + + return Constants.STRUTS_SUCCESS; + } + + private void addFormOAs(List<OnlineApplication> dbOAs) { + + formOAs = new ArrayList<OAListElement>(); + if (dbOAs == null || dbOAs.size() == 0) { + addActionError(LanguageHelper.getErrorString("errors.listOAs.noOA", request)); + + } else { + for (OnlineApplication dboa : dbOAs) { + OAListElement listoa = new OAListElement(); + listoa.setActive(dboa.isIsActive()); + listoa.setDataBaseID(dboa.getHjid()); + listoa.setOaFriendlyName(dboa.getFriendlyName()); + listoa.setOaIdentifier(dboa.getPublicURLPrefix()); + listoa.setOaType(dboa.getType()); + formOAs.add(listoa); + } + } + } + + public void setServletResponse(HttpServletResponse arg0) { + this.response = arg0; + } + public void setServletRequest(HttpServletRequest arg0) { + this.request = arg0; + } + + + /** + * @return the authUser + */ + public AuthenticatedUser getAuthUser() { + return authUser; + } + + + /** + * @return the formOAs + */ + public List<OAListElement> getFormOAs() { + return formOAs; + } + + + /** + * @return the friendlyname + */ + public String getFriendlyname() { + return friendlyname; + } + + + /** + * @param friendlyname the friendlyname to set + */ + public void setFriendlyname(String friendlyname) { + this.friendlyname = friendlyname; + } + + + +} diff --git a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/struts/action/MainAction.java b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/struts/action/MainAction.java new file mode 100644 index 000000000..aeafe9548 --- /dev/null +++ b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/struts/action/MainAction.java @@ -0,0 +1,56 @@ +package at.gv.egovernment.moa.id.configuration.struts.action; + +import javax.servlet.http.HttpServletRequest; +import javax.servlet.http.HttpServletResponse; + +import org.apache.struts2.interceptor.ServletRequestAware; +import org.apache.struts2.interceptor.ServletResponseAware; + +import at.gv.egovernment.moa.id.configuration.Constants; +import at.gv.egovernment.moa.id.configuration.auth.AuthenticatedUser; +import at.gv.egovernment.moa.id.configuration.config.ConfigurationProvider; +import at.gv.egovernment.moa.id.configuration.exception.ConfigurationException; + +public class MainAction implements ServletRequestAware, + ServletResponseAware { + + private HttpServletRequest request; + private HttpServletResponse response; + + private ConfigurationProvider configuration; + + + private AuthenticatedUser authUser; + + + public MainAction() throws ConfigurationException { + configuration = ConfigurationProvider.getInstance(); + } + + + public String generateMainFrame() { + + Object authUserObj = request.getSession().getAttribute(Constants.SESSION_AUTH); + authUser = (AuthenticatedUser) authUserObj; + return Constants.STRUTS_SUCCESS; + } + + + public void setServletResponse(HttpServletResponse arg0) { + this.response = arg0; + } + public void setServletRequest(HttpServletRequest arg0) { + this.request = arg0; + } + + + /** + * @return the authUser + */ + public AuthenticatedUser getAuthUser() { + return authUser; + } + + + +} diff --git a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/struts/action/UserManagementAction.java b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/struts/action/UserManagementAction.java new file mode 100644 index 000000000..2a9ec038f --- /dev/null +++ b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/struts/action/UserManagementAction.java @@ -0,0 +1,376 @@ +package at.gv.egovernment.moa.id.configuration.struts.action; + +import java.util.ArrayList; +import java.util.Date; +import java.util.List; + +import javax.servlet.http.HttpServletRequest; +import javax.servlet.http.HttpServletResponse; + +import org.apache.log4j.Logger; +import org.apache.struts2.interceptor.ServletRequestAware; +import org.apache.struts2.interceptor.ServletResponseAware; + +import at.gv.egovernment.moa.id.commons.db.ConfigurationDBRead; +import at.gv.egovernment.moa.id.commons.db.ConfigurationDBUtils; +import at.gv.egovernment.moa.id.commons.db.dao.config.UserDatabase; +import at.gv.egovernment.moa.id.commons.db.ex.MOADatabaseException; +import at.gv.egovernment.moa.id.configuration.Constants; +import at.gv.egovernment.moa.id.configuration.auth.AuthenticatedUser; +import at.gv.egovernment.moa.id.configuration.data.UserDatabaseFrom; +import at.gv.egovernment.moa.id.configuration.helper.AuthenticationHelper; +import at.gv.egovernment.moa.id.configuration.helper.LanguageHelper; +import at.gv.egovernment.moa.id.configuration.validation.UserDatabaseFormValidator; +import at.gv.egovernment.moa.id.configuration.validation.ValidationHelper; +import at.gv.egovernment.moa.util.MiscUtil; + +import com.opensymphony.xwork2.ActionSupport; + +public class UserManagementAction extends ActionSupport + implements ServletRequestAware, ServletResponseAware { + + private static final Logger log = Logger.getLogger(UserManagementAction.class); + + private static final long serialVersionUID = 1L; + + private HttpServletRequest request; + private HttpServletResponse response; + + private AuthenticatedUser authUser = null; + + private List<AuthenticatedUser> userlist = null; + private UserDatabaseFrom user = null; + + private String useridobj = null; + private static boolean newUser = false; + + public String init() { + Object authUserObj = request.getSession().getAttribute(Constants.SESSION_AUTH); + + authUser = (AuthenticatedUser) authUserObj; + + if (authUser.isAdmin()) { + + log.info("Show UserList"); + + List<UserDatabase> dbuserlist = ConfigurationDBRead.getAllUsers(); + if (dbuserlist != null) { + userlist = new ArrayList<AuthenticatedUser>(); + + for (UserDatabase dbuser : dbuserlist) { + userlist.add(new AuthenticatedUser( + dbuser.getHjid(), + dbuser.getGivenname(), + dbuser.getFamilyname(), + dbuser.getUsername(), + dbuser.isIsActive(), + dbuser.isIsAdmin())); + } + } + + ConfigurationDBUtils.closeSession(); + return Constants.STRUTS_SUCCESS; + + } else { + log.info("User with ID " + authUser.getUserID() + " is not admin. Show only EditUser Frame"); + UserDatabase dbuser = ConfigurationDBRead.getUserWithID(authUser.getUserID()); + if (dbuser == null) { + return Constants.STRUTS_REAUTHENTICATE; + } + user = new UserDatabaseFrom(dbuser); + ConfigurationDBUtils.closeSession(); + return Constants.STRUTS_NOTALLOWED; + } + } + + public String createuser() { + Object authUserObj = request.getSession().getAttribute(Constants.SESSION_AUTH); + + authUser = (AuthenticatedUser) authUserObj; + + if (authUser.isAdmin()) { + + user = new UserDatabaseFrom(); + + newUser = true; + return Constants.STRUTS_SUCCESS; + + } else { + return Constants.STRUTS_NOTALLOWED; + } + } + + public String edituser() { + Object authUserObj = request.getSession().getAttribute(Constants.SESSION_AUTH); + + authUser = (AuthenticatedUser) authUserObj; + + if (authUser.isAdmin()) { + long userid = -1; + + if (!ValidationHelper.validateOAID(useridobj)) { + addActionError(LanguageHelper.getErrorString("errors.edit.user.userid", request)); + return Constants.STRUTS_ERROR; + } + userid = Long.valueOf(useridobj); + + UserDatabase dbuser = ConfigurationDBRead.getUserWithID(userid); + if (dbuser == null) { + log.info("No User with ID " + userid + " in Database");; + addActionError(LanguageHelper.getErrorString("errors.edit.user.userid", request)); + return Constants.STRUTS_ERROR; + } + user = new UserDatabaseFrom(dbuser); + + newUser = false; + + ConfigurationDBUtils.closeSession(); + + return Constants.STRUTS_SUCCESS; + + } else { + log.info("User with ID " + authUser.getUserID() + " is not admin. Show his own EditUser Frame"); + UserDatabase dbuser = ConfigurationDBRead.getUserWithID(authUser.getUserID()); + user = new UserDatabaseFrom(dbuser); + return Constants.STRUTS_SUCCESS; + } + } + + public String saveuser() { + Object authUserObj = request.getSession().getAttribute(Constants.SESSION_AUTH); + + authUser = (AuthenticatedUser) authUserObj; + + String useridobj = user.getUserID(); + long userID = -1; + if (MiscUtil.isEmpty(useridobj)) { + userID = -1; + + } else { + if (!ValidationHelper.validateOAID(useridobj)){ + log.warn("User with ID " + authUser.getUserID() + + " would access UserDatabase ID " + useridobj); + addActionError(LanguageHelper.getErrorString("errors.edit.user.notallowed", request)); + return Constants.STRUTS_ERROR; + } + userID = Long.valueOf(useridobj); + } + + List<String> errors; + UserDatabaseFormValidator validator = new UserDatabaseFormValidator(); + errors = validator.validate(user, userID); + + if (errors.size() > 0) { + log.info("UserDataForm has some erros."); + for (String el : errors) + addActionError(el); + user.setPassword(""); + + if (MiscUtil.isEmpty(user.getUsername())) + newUser = true; + + return Constants.STRUTS_ERROR_VALIDATION; + } + + if (!authUser.isAdmin()) { + if (authUser.getUserID() != userID) { + log.warn("User with ID " + authUser.getUserID() + + " would access UserDatabase Entry " + user.getUsername()); + addActionError(LanguageHelper.getErrorString("errors.edit.user.notallowed", request)); + return Constants.STRUTS_ERROR; + } + + } + + String error = saveFormToDB(); + if (error != null) { + log.warn("UserData can not be stored in Database"); + addActionError(error); + return Constants.STRUTS_SUCCESS; + } + + ConfigurationDBUtils.closeSession(); + return Constants.STRUTS_SUCCESS; + } + + public String deleteuser() { + Object authUserObj = request.getSession().getAttribute(Constants.SESSION_AUTH); + + authUser = (AuthenticatedUser) authUserObj; + + String useridobj = user.getUserID(); + long userID = -1; + if (MiscUtil.isEmpty(useridobj)) { + userID = -1; + + } else { + if (!ValidationHelper.validateOAID(useridobj)){ + log.warn("User with ID " + authUser.getUserID() + + " would access UserDatabase ID " + useridobj); + addActionError(LanguageHelper.getErrorString("errors.edit.user.notallowed", request)); + return Constants.STRUTS_ERROR; + } + userID = Long.valueOf(useridobj); + } + + if (!authUser.isAdmin()) { + if (authUser.getUserID() != userID) { + log.warn("User with ID " + authUser.getUserID() + + " would access UserDatabase Entry " + user.getUsername()); + addActionError(LanguageHelper.getErrorString("errors.edit.user.notallowed", request)); + return Constants.STRUTS_ERROR; + } + } + + UserDatabase dbuser = ConfigurationDBRead.getUserWithID(userID); + if (dbuser != null) { + dbuser.setOnlineApplication(null); + + try { + ConfigurationDBUtils.saveOrUpdate(dbuser); + ConfigurationDBUtils.delete(dbuser); + + } catch (MOADatabaseException e) { + log.warn("UserData can not be deleted from Database"); + addActionError(e.getMessage()); + return Constants.STRUTS_SUCCESS; + } + + finally { + ConfigurationDBUtils.closeSession(); + } + } + + ConfigurationDBUtils.closeSession(); + return Constants.STRUTS_SUCCESS; + } + + private String saveFormToDB() { + + UserDatabase dbuser = ConfigurationDBRead.getUserWithUserName(user.getUsername()); + + if( dbuser == null) { + dbuser = new UserDatabase(); + } + + dbuser.setBpk(user.getBpk()); + dbuser.setFamilyname(user.getFamilyName()); + dbuser.setGivenname(user.getGivenName()); + dbuser.setInstitut(user.getInstitut()); + dbuser.setMail(user.getMail()); + dbuser.setPhone(user.getPhone()); + dbuser.setUsername(user.getUsername()); + + if (authUser.isAdmin()) { + dbuser.setIsActive(user.isActive()); + dbuser.setIsAdmin(user.isAdmin()); + } + + if (MiscUtil.isNotEmpty(user.getPassword())) { + String key = AuthenticationHelper.generateKeyFormPassword(user.getPassword()); + if (key == null) { + return LanguageHelper.getErrorString("errors.edit.user.save"); + } + dbuser.setPassword(key); + } + + + try { + ConfigurationDBUtils.saveOrUpdate(dbuser); + } catch (MOADatabaseException e) { + log.warn("User information can not be stored in Database.", e); + return LanguageHelper.getErrorString("errors.edit.user.save"); + } + + return null; + } + +// public String createTestUser() throws MOADatabaseException { +// +// UserDatabase user = new UserDatabase(); +// user.setBpk(""); +// user.setFamilyname("Max"); +// user.setGivenname("Mustermann"); +// user.setIsActive(true); +// user.setIsAdmin(false); +// user.setInstitut("EGIZ"); +// user.setLastLoginItem(new Date()); +// user.setMail("masdf@amfasdf.com"); +// user.setPhone("00660011542"); +// user.setUsername("testuser"); +// +// ConfigurationDBUtils.save(user); +// +// return Constants.STRUTS_SUCCESS; +// } + + + public void setServletResponse(HttpServletResponse response) { + this.response = response; + + } + + public void setServletRequest(HttpServletRequest request) { + this.request = request; + + } + + /** + * @return the userlist + */ + public List<AuthenticatedUser> getUserlist() { + return userlist; + } + + /** + * @param userlist the userlist to set + */ + public void setUserlist(List<AuthenticatedUser> userlist) { + this.userlist = userlist; + } + + /** + * @return the user + */ + public UserDatabaseFrom getUser() { + return user; + } + + /** + * @param user the user to set + */ + public void setUser(UserDatabaseFrom user) { + this.user = user; + } + + /** + * @return the useridobj + */ + public String getUseridobj() { + return useridobj; + } + + /** + * @param useridobj the useridobj to set + */ + public void setUseridobj(String useridobj) { + this.useridobj = useridobj; + } + + /** + * @return the authUser + */ + public AuthenticatedUser getAuthUser() { + return authUser; + } + + /** + * @return the newUser + */ + public boolean isNewUser() { + return newUser; + } + + + +} diff --git a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/validation/CompanyNumberValidator.java b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/validation/CompanyNumberValidator.java new file mode 100644 index 000000000..820aa7c57 --- /dev/null +++ b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/validation/CompanyNumberValidator.java @@ -0,0 +1,56 @@ +package at.gv.egovernment.moa.id.configuration.validation; + +import org.apache.commons.lang.StringUtils; + +public class CompanyNumberValidator implements IdentificationNumberValidator { + + public boolean validate(String commercialRegisterNumber) { + + String normalizedNumber = commercialRegisterNumber.replaceAll(" ", ""); + if(normalizedNumber.startsWith("FN")) { + normalizedNumber = normalizedNumber.substring(2); + return checkCommercialRegisterNumber(normalizedNumber); + + } else + return true; + } + + private boolean checkCommercialRegisterNumber(String commercialRegisterNumber) { + if (commercialRegisterNumber == null) { + return false; + } + commercialRegisterNumber = StringUtils.leftPad(commercialRegisterNumber, 7, + '0'); + if (!commercialRegisterNumber.matches("\\d{6}[abdfghikmpstvwxzy]")) { + return false; + } + String digits = commercialRegisterNumber.substring(0, + commercialRegisterNumber.length() - 1); + char checkDigit = commercialRegisterNumber.charAt(commercialRegisterNumber + .length() - 1); + boolean result = calcCheckDigitFromCommercialRegisterNumber(digits) == checkDigit; + return result; + } + + public static char calcCheckDigitFromCommercialRegisterNumber( + String commercialRegisterDigits) { + final int[] WEIGHT = { 6, 4, 14, 15, 10, 1 }; + final char[] CHECKDIGIT = { 'a', 'b', 'd', 'f', 'g', 'h', 'i', 'k', 'm', + 'p', 's', 't', 'v', 'w', 'x', 'y', 'z' }; + if (commercialRegisterDigits == null) { + throw new NullPointerException("Commercial register number missing."); + } + commercialRegisterDigits = StringUtils.leftPad(commercialRegisterDigits, 6, + '0'); + if (!commercialRegisterDigits.matches("\\d{6}")) { + throw new IllegalArgumentException( + "Invalid commercial register number provided."); + } + int sum = 0; + for (int i = 0; i < commercialRegisterDigits.length(); i++) { + int value = commercialRegisterDigits.charAt(i) - '0'; + sum += WEIGHT[i] * value; + } + return CHECKDIGIT[sum % 17]; + } +} diff --git a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/validation/IdentificationNumberValidator.java b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/validation/IdentificationNumberValidator.java new file mode 100644 index 000000000..19a5bb805 --- /dev/null +++ b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/validation/IdentificationNumberValidator.java @@ -0,0 +1,7 @@ +package at.gv.egovernment.moa.id.configuration.validation; + +public interface IdentificationNumberValidator { + + boolean validate(String idNumber); + +} diff --git a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/validation/UserDatabaseFormValidator.java b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/validation/UserDatabaseFormValidator.java new file mode 100644 index 000000000..276b0b4c8 --- /dev/null +++ b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/validation/UserDatabaseFormValidator.java @@ -0,0 +1,156 @@ +package at.gv.egovernment.moa.id.configuration.validation; + +import java.util.ArrayList; +import java.util.List; + +import org.apache.log4j.Logger; + +import at.gv.egovernment.moa.id.commons.db.ConfigurationDBRead; +import at.gv.egovernment.moa.id.commons.db.dao.config.UserDatabase; +import at.gv.egovernment.moa.id.configuration.data.UserDatabaseFrom; +import at.gv.egovernment.moa.id.configuration.helper.AuthenticationHelper; +import at.gv.egovernment.moa.id.configuration.helper.LanguageHelper; +import at.gv.egovernment.moa.util.MiscUtil; + +public class UserDatabaseFormValidator { + + private static final Logger log = Logger.getLogger(UserDatabaseFormValidator.class); + + public List<String> validate(UserDatabaseFrom form, long userID) { + List<String> errors = new ArrayList<String>(); + + String check = form.getGivenName(); + if (MiscUtil.isNotEmpty(check)) { + if (ValidationHelper.containsPotentialCSSCharacter(check, false)) { + log.warn("GivenName contains potentail XSS characters: " + check); + errors.add(LanguageHelper.getErrorString("validation.edituser.givenname.valid", + new Object[] {ValidationHelper.getPotentialCSSCharacter(false)} )); + } + } else { + log.warn("GivenName is empty"); + errors.add(LanguageHelper.getErrorString("validation.edituser.givenname.empty")); + } + + + check = form.getFamilyName(); + if (MiscUtil.isNotEmpty(check)) { + if (ValidationHelper.containsPotentialCSSCharacter(check, false)) { + log.warn("FamilyName contains potentail XSS characters: " + check); + errors.add(LanguageHelper.getErrorString("validation.edituser.familyname.valid", + new Object[] {ValidationHelper.getPotentialCSSCharacter(false)} )); + } + } else { + log.warn("FamilyName is empty"); + errors.add(LanguageHelper.getErrorString("validation.edituser.familyname.empty")); + } + + check = form.getInstitut(); + if (MiscUtil.isNotEmpty(check)) { + if (ValidationHelper.containsPotentialCSSCharacter(check, false)) { + log.warn("Organisation contains potentail XSS characters: " + check); + errors.add(LanguageHelper.getErrorString("validation.edituser.institut.valid", + new Object[] {ValidationHelper.getPotentialCSSCharacter(false)} )); + } + } else { + log.warn("Organisation is empty"); + errors.add(LanguageHelper.getErrorString("validation.edituser.institut.empty")); + } + + check = form.getMail(); + if (MiscUtil.isNotEmpty(check)) { + if (!ValidationHelper.isEmailAddressFormat(check)) { + log.warn("Mailaddress is not valid: " + check); + errors.add(LanguageHelper.getErrorString("validation.edituser.mail.valid", + new Object[] {ValidationHelper.getPotentialCSSCharacter(false)} )); + } + } else { + log.warn("Mailaddress is empty"); + errors.add(LanguageHelper.getErrorString("validation.edituser.mail.empty")); + } + + check = form.getPhone(); + if (MiscUtil.isNotEmpty(check)) { + if (ValidationHelper.containsPotentialCSSCharacter(check, false)) { + log.warn("Phonenumber contains potentail XSS characters: " + check); + errors.add(LanguageHelper.getErrorString("validation.edituser.phone.valid", + new Object[] {ValidationHelper.getPotentialCSSCharacter(false)} )); + } + } else { + log.warn("Phonenumber is empty"); + errors.add(LanguageHelper.getErrorString("validation.edituser.phone.empty")); + } + + check = form.getUsername(); + if (MiscUtil.isNotEmpty(check)) { + if (ValidationHelper.containsPotentialCSSCharacter(check, false)) { + log.warn("Username contains potentail XSS characters: " + check); + errors.add(LanguageHelper.getErrorString("validation.edituser.username.valid", + new Object[] {ValidationHelper.getPotentialCSSCharacter(false)} )); + + } else { + UserDatabase dbuser = ConfigurationDBRead.getUserWithUserName(check); + if (dbuser != null && userID != dbuser.getHjid()) { + log.warn("Username " + check + " exists in UserDatabase"); + errors.add(LanguageHelper.getErrorString("validation.edituser.username.duplicate")); + form.setUsername(""); + } + } + } else { + if (userID == -1) { + log.warn("Username is empty"); + errors.add(LanguageHelper.getErrorString("validation.edituser.username.empty")); + } else { + UserDatabase dbuser = ConfigurationDBRead.getUserWithID(userID); + if (dbuser == null) { + log.warn("Username is empty"); + errors.add(LanguageHelper.getErrorString("validation.edituser.username.empty")); + } else { + form.setUsername(dbuser.getUsername()); + } + } + } + + check = form.getPassword(); + + if (MiscUtil.isEmpty(check)) { + if (userID == -1) { + log.warn("Password is empty"); + errors.add(LanguageHelper.getErrorString("validation.edituser.password.empty")); + } else { + UserDatabase dbuser = ConfigurationDBRead.getUserWithID(userID); + if (dbuser == null || MiscUtil.isEmpty(dbuser.getPassword())) { + log.warn("Password is empty"); + errors.add(LanguageHelper.getErrorString("validation.edituser.password.empty")); + } + } + + } else { + + if (check.equals(form.getPassword_second())) { + + String key = AuthenticationHelper.generateKeyFormPassword(check); + if (key == null) { + errors.add(LanguageHelper.getErrorString("validation.edituser.password.valid")); + } + + } + else { + errors.add(LanguageHelper.getErrorString("validation.edituser.password.equal")); + } + } + + + + check = form.getBpk(); + if (MiscUtil.isNotEmpty(check)) { + if (ValidationHelper.containsPotentialCSSCharacter(check, false)) { + log.warn("BPK contains potentail XSS characters: " + check); + errors.add(LanguageHelper.getErrorString("validation.edituser.bpk.valid", + new Object[] {ValidationHelper.getPotentialCSSCharacter(false)} )); + } + } + + return errors; + + } +} diff --git a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/validation/ValidationHelper.java b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/validation/ValidationHelper.java new file mode 100644 index 000000000..aeac75e44 --- /dev/null +++ b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/validation/ValidationHelper.java @@ -0,0 +1,185 @@ +package at.gv.egovernment.moa.id.configuration.validation; + +import java.net.MalformedURLException; +import java.net.URL; +import java.text.ParseException; +import java.text.SimpleDateFormat; +import java.util.regex.Matcher; +import java.util.regex.Pattern; + +import org.apache.log4j.Logger; + +public class ValidationHelper { + + private static final Logger log = Logger.getLogger(ValidationHelper.class); + + public static boolean validateOAID(String oaIDObj) { + if (oaIDObj != null) { + try { + + long oaID = Long.valueOf(oaIDObj); + + if (oaID > 0 && oaID < Long.MAX_VALUE) + return true; + + } catch (Throwable t) { + log.warn("No valid DataBase OAID received! " + oaIDObj); + } + } + return false; + } + + public static boolean validateNumber(String value) { + + log.debug("Validate Number " + value); + + try { + float num = Float.valueOf(value); + + return true; + + } catch (NumberFormatException e) { + return false; + } + + + } + + + public static boolean validateURL(String urlString) { + + log.debug("Validate URL " + urlString); + + if (urlString.startsWith("http") || urlString.startsWith("https")) { + try { + URL url =new URL(urlString); + return true; + + } catch (MalformedURLException e) { + } + } + + return false; + } + + public static boolean isValidTarget(String target) { + + log.debug("Ueberpruefe Parameter Target"); + + Pattern pattern = Pattern.compile("[a-zA-Z-]{1,5}"); + Matcher matcher = pattern.matcher(target); + boolean b = matcher.matches(); + if (b) { + log.debug("Parameter Target erfolgreich ueberprueft"); + return true; + } + else { + log.error("Fehler Ueberpruefung Parameter Target. Target entspricht nicht den Kriterien (nur Zeichen a-z, A-Z und -, sowie 1-5 Zeichen lang)"); + return false; + } + + } + + public static boolean isValidSourceID(String sourceID) { + + log.debug("Ueberpruefe Parameter sourceID"); + + Pattern pattern = Pattern.compile("[\\w-_]{1,20}"); + Matcher matcher = pattern.matcher(sourceID); + boolean b = matcher.matches(); + if (b) { + log.debug("Parameter sourceID erfolgreich ueberprueft"); + return true; + } + else { + log.error("Fehler Ueberpruefung Parameter sourceID. SourceID entspricht nicht den Kriterien (nur Zeichen a-z, A-Z, - und _, sowie 1-20 Zeichen lang)"); + return false; + } + } + + public static boolean isDateFormat(String dateString) { + SimpleDateFormat sdf = new SimpleDateFormat("dd.MM.yyyy"); + try { + sdf.parse(dateString); + return true; + + } catch (ParseException e) { + return false; + } + } + + public static boolean isEmailAddressFormat(String address) { + if (address == null) { + return false; + } + return Pattern.compile("^[a-zA-Z0-9._%+-]+@[a-zA-Z0-9.-]+\\.[a-zA-Z]{2,6}$").matcher(address).matches(); + } + + public static boolean isValidOAIdentifier(String param) { + if (param == null) { + return false; + } + return param.indexOf(";") != -1 || + param.indexOf("%") != -1 || + param.indexOf("\"") != -1 || + param.indexOf("'") != -1 || + param.indexOf("?") != -1 || + param.indexOf("`") != -1 || + param.indexOf(",") != -1 || + param.indexOf("<") != -1 || + param.indexOf(">") != -1 || + param.indexOf("\\") != -1; + + } + + public static String getNotValidOAIdentifierCharacters() { + + return "; % \" ' ` , < > \\"; + } + + public static boolean containsPotentialCSSCharacter(String param, boolean commaallowed) { + + if (param == null) { + return false; + } + return param.indexOf(";") != -1 || + param.indexOf("%") != -1 || + param.indexOf("\"") != -1 || + param.indexOf("'") != -1 || + param.indexOf("?") != -1 || + param.indexOf("`") != -1 || + ( param.indexOf(",") != -1 && !commaallowed ) || + param.indexOf("<") != -1 || + param.indexOf(">") != -1 || + param.indexOf("\\") != -1 || + param.indexOf("/") != -1; + } + + public static String getPotentialCSSCharacter(boolean commaallowed) { + + if (commaallowed) + return "; % \" ' ` < > \\ /"; + else + return "; % \" ' ` , < > \\ /"; + } + + public static boolean isNotValidIdentityLinkSigner(String param) { + if (param == null) { + return false; + } + return param.indexOf(";") != -1 || + param.indexOf("%") != -1 || + param.indexOf("\"") != -1 || + param.indexOf("'") != -1 || + param.indexOf("?") != -1 || + param.indexOf("`") != -1 || + param.indexOf("<") != -1 || + param.indexOf(">") != -1; + + } + + public static String getNotValidIdentityLinkSignerCharacters() { + + return "; % \" ' ` < >"; + } +} diff --git a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/validation/moaconfig/MOAConfigValidator.java b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/validation/moaconfig/MOAConfigValidator.java new file mode 100644 index 000000000..f51095cac --- /dev/null +++ b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/validation/moaconfig/MOAConfigValidator.java @@ -0,0 +1,361 @@ +package at.gv.egovernment.moa.id.configuration.validation.moaconfig; + +import java.io.File; +import java.io.FileInputStream; +import java.io.IOException; +import java.util.ArrayList; +import java.util.HashMap; +import java.util.List; +import java.util.Map; + +import org.apache.log4j.Logger; + +import at.gv.egovernment.moa.id.configuration.data.GeneralMOAIDConfig; +import at.gv.egovernment.moa.id.configuration.data.pvp2.ContactForm; +import at.gv.egovernment.moa.id.configuration.helper.LanguageHelper; +import at.gv.egovernment.moa.id.configuration.helper.StringHelper; +import at.gv.egovernment.moa.id.configuration.validation.ValidationHelper; +import at.gv.egovernment.moa.util.Base64Utils; +import at.gv.egovernment.moa.util.MiscUtil; + +public class MOAConfigValidator { + + private static final Logger log = Logger.getLogger(MOAConfigValidator.class); + + public List<String> validate(GeneralMOAIDConfig form) { + + List<String> errors = new ArrayList<String>(); + + log.debug("Validate general MOA configuration"); + + + String check = form.getAlternativeSourceID(); + if (MiscUtil.isNotEmpty(check)) { + if (ValidationHelper.containsPotentialCSSCharacter(check, false)) { + log.warn("AlternativeSourceID contains potentail XSS characters: " + check); + errors.add(LanguageHelper.getErrorString("validation.general.AlternativeSourceID", + new Object[] {ValidationHelper.getPotentialCSSCharacter(false)} )); + } + } + + check = form.getTimeoutAssertion(); + if (MiscUtil.isNotEmpty(check)) { + if (!ValidationHelper.validateNumber(check)) { + log.warn("Assertion Timeout is no number " + check); + errors.add(LanguageHelper.getErrorString("validation.general.timeouts.assertion.valid", + new Object[] {ValidationHelper.getNotValidOAIdentifierCharacters()} )); + } + } + check = form.getTimeoutMOASessionCreated(); + if (MiscUtil.isNotEmpty(check)) { + if (!ValidationHelper.validateNumber(check)) { + log.warn("MOASessionCreated Timeout is no number " + check); + errors.add(LanguageHelper.getErrorString("validation.general.timeouts.moasessioncreated.valid", + new Object[] {ValidationHelper.getNotValidOAIdentifierCharacters()} )); + } + } + check = form.getTimeoutMOASessionUpdated(); + if (MiscUtil.isNotEmpty(check)) { + if (!ValidationHelper.validateNumber(check)) { + log.warn("MOASessionUpdated Timeout is no number " + check); + errors.add(LanguageHelper.getErrorString("validation.general.timeouts.moasessionupdated.valid", + new Object[] {ValidationHelper.getNotValidOAIdentifierCharacters()} )); + } + } + + check = form.getCertStoreDirectory(); + if (MiscUtil.isNotEmpty(check)) { + if (ValidationHelper.isValidOAIdentifier(check)) { + log.warn("CertStoreDirectory contains potentail XSS characters: " + check); + errors.add(LanguageHelper.getErrorString("validation.general.certStoreDirectory.valid", + new Object[] {ValidationHelper.getNotValidOAIdentifierCharacters()} )); + } + } else { + log.info("CertStoreDirectory is empty."); + errors.add(LanguageHelper.getErrorString("validation.general.certStoreDirectory.empty")); + } + + check = form.getDefaultBKUHandy(); + if (MiscUtil.isNotEmpty(check)) { + if (!ValidationHelper.validateURL(check)) { + log.info("Not valid Handy-BKU URL"); + errors.add(LanguageHelper.getErrorString("validation.general.bku.handy.valid")); + } + } + + check = form.getDefaultBKULocal(); + if (MiscUtil.isNotEmpty(check)) { + if (!ValidationHelper.validateURL(check)) { + log.info("Not valid Online-BKU URL"); + errors.add(LanguageHelper.getErrorString("validation.general.bku.local.valid")); + } + } + + check = form.getDefaultBKUOnline(); + if (MiscUtil.isNotEmpty(check)) { + if (!ValidationHelper.validateURL(check)) { + log.info("Not valid Online-BKU URL"); + errors.add(LanguageHelper.getErrorString("validation.general.bku.online.valid")); + } + } + + check = form.getDefaultchainigmode(); + if (MiscUtil.isEmpty(check)) { + log.info("Empty Defaultchainigmode"); + errors.add(LanguageHelper.getErrorString("validation.general.Defaultchainigmode.empty")); + } else { + Map<String, String> list = form.getChainigmodelist(); + if (!list.containsKey(check)) { + log.info("Not valid Defaultchainigmode " + check); + errors.add(LanguageHelper.getErrorString("validation.general.Defaultchainigmode.valid")); + } + } + + check = form.getMandateURL(); + if (MiscUtil.isNotEmpty(check)) { + if (!ValidationHelper.validateURL(check)) { + log.info("Not valid Online-Mandate Service URL"); + errors.add(LanguageHelper.getErrorString("validation.general.mandateservice.valid")); + } + } + + check = form.getMoaspssAuthTransformations(); + List<String> authtranslist = new ArrayList<String>(); + if (MiscUtil.isEmpty(check)) { + log.info("Empty MoaspssAuthTransformation"); + errors.add(LanguageHelper.getErrorString("validation.general.moasp.auth.transformation.empty")); + } else { + check = StringHelper.formatText(check); + String[] list = check.split(GeneralMOAIDConfig.LINE_DELIMITER); + int i=1; + for(String el : list) { + if (ValidationHelper.containsPotentialCSSCharacter(el, false)) { + log.info("IdentityLinkSigners is not valid: " + el); + errors.add(LanguageHelper.getErrorString("validation.general.moasp.auth.transformation.valid", + new Object[] {i, ValidationHelper.getPotentialCSSCharacter(false)} )); + + } else { + if (MiscUtil.isNotEmpty(el.trim())) + authtranslist.add(el.trim()); + } + i++; + } + } + form.setAuthTransformList(authtranslist); + + check = form.getMoaspssAuthTrustProfile(); + if (MiscUtil.isEmpty(check)) { + log.info("Empty MOA-SP/SS Authblock TrustProfile"); + errors.add(LanguageHelper.getErrorString("validation.general.moasp.auth.trustprofile.empty")); + } else { + if (ValidationHelper.containsPotentialCSSCharacter(check, false)) { + log.info("Authblock TrustProfile is not valid: " +check); + errors.add(LanguageHelper.getErrorString("validation.general.moasp.auth.trustprofile.valid", + new Object[] {ValidationHelper.getPotentialCSSCharacter(false)} )); + } + } + + check = form.getMoaspssIdlTrustProfile(); + if (MiscUtil.isEmpty(check)) { + log.info("Empty MOA-SP/SS IdentityLink TrustProfile"); + errors.add(LanguageHelper.getErrorString("validation.general.moasp.idl.trustprofile.empty")); + } else { + if (ValidationHelper.containsPotentialCSSCharacter(check, false)) { + log.info("IdentityLink TrustProfile is not valid: " +check); + errors.add(LanguageHelper.getErrorString("validation.general.moasp.idl.trustprofile.valid", + new Object[] {ValidationHelper.getPotentialCSSCharacter(false)} )); + } + } + + check = form.getMoaspssURL(); + if (MiscUtil.isNotEmpty(check)) { + if (!ValidationHelper.validateURL(check)) { + log.info("Not valid MOA-SP/SS Service URL"); + errors.add(LanguageHelper.getErrorString("validation.general.moaspss.url.valid")); + } + } + + check = form.getPvp2IssuerName(); + if (MiscUtil.isNotEmpty(check)) { + if (ValidationHelper.containsPotentialCSSCharacter(check, false)) { + log.info("PVP2 IssuerName is not valid: " + check); + errors.add(LanguageHelper.getErrorString("validation.general.protocol.pvp2.issuername.valid", + new Object[] {ValidationHelper.getPotentialCSSCharacter(false)} )); + } + } + + check = form.getPvp2OrgDisplayName(); + if (MiscUtil.isNotEmpty(check)) { + if (ValidationHelper.containsPotentialCSSCharacter(check, false)) { + log.info("PVP2 organisation display name is not valid: " + check); + errors.add(LanguageHelper.getErrorString("validation.general.protocol.pvp2.org.displayname.valid", + new Object[] {ValidationHelper.getPotentialCSSCharacter(false)} )); + } + } + + check = form.getPvp2OrgName(); + if (MiscUtil.isNotEmpty(check)) { + if (ValidationHelper.containsPotentialCSSCharacter(check, false)) { + log.info("PVP2 organisation name is not valid: " + check); + errors.add(LanguageHelper.getErrorString("validation.general.protocol.pvp2.org.name.valid", + new Object[] {ValidationHelper.getPotentialCSSCharacter(false)} )); + } + } + + check = form.getPvp2OrgURL(); + if (MiscUtil.isNotEmpty(check)) { + if (!ValidationHelper.validateURL(check)) { + log.info("PVP2 organisation URL is not valid"); + errors.add(LanguageHelper.getErrorString("validation.general.protocol.pvp2.org.url.valid")); + } + } + + check = form.getPvp2PublicUrlPrefix(); + if (MiscUtil.isNotEmpty(check)) { + if (!ValidationHelper.validateURL(check)) { + log.info("PVP2 Service URL is not valid"); + errors.add(LanguageHelper.getErrorString("validation.general.protocol.pvp2.serviceurl.valid")); + } + } + + check = form.getSLRequestTemplateHandy(); + if (MiscUtil.isEmpty(check)) { + log.info("Empty SLRequestTemplate Handy-BKU"); + errors.add(LanguageHelper.getErrorString("validation.general.slrequest.handy.empty")); + } else { + if (!ValidationHelper.validateURL(check)) { + log.info("SLRequestTemplate Handy-BKU is not valid"); + errors.add(LanguageHelper.getErrorString("validation.general.slrequest.handy.valid")); + } + } + + check = form.getSLRequestTemplateLocal(); + if (MiscUtil.isEmpty(check)) { + log.info("Empty SLRequestTemplate local BKU"); + errors.add(LanguageHelper.getErrorString("validation.general.slrequest.local.empty")); + } else { + if (!ValidationHelper.validateURL(check)) { + log.info("SLRequestTemplate local BKU is not valid"); + errors.add(LanguageHelper.getErrorString("validation.general.slrequest.local.valid")); + } + } + + check = form.getSLRequestTemplateOnline(); + if (MiscUtil.isEmpty(check)) { + log.info("Empty SLRequestTemplate Online-BKU"); + errors.add(LanguageHelper.getErrorString("validation.general.slrequest.online.empty")); + } else { + if (!ValidationHelper.validateURL(check)) { + log.info("SLRequestTemplate Online-BKU is not valid"); + errors.add(LanguageHelper.getErrorString("validation.general.slrequest.online.valid")); + } + } + + check = form.getSsoFriendlyName(); + if (MiscUtil.isNotEmpty(check)) { + if (ValidationHelper.containsPotentialCSSCharacter(check, false)) { + log.info("SSO friendlyname is not valid: " + check); + errors.add(LanguageHelper.getErrorString("validation.general.sso.friendlyname.valid", + new Object[] {ValidationHelper.getPotentialCSSCharacter(false)} )); + } + } + + check = form.getSsoIdentificationNumber(); + if (MiscUtil.isNotEmpty(check)) { + if (ValidationHelper.containsPotentialCSSCharacter(check, false)) { + log.info("SSO IdentificationNumber is not valid: " + check); + errors.add(LanguageHelper.getErrorString("validation.general.sso.identificationnumber.valid", + new Object[] {ValidationHelper.getPotentialCSSCharacter(false)} )); + } + } + + check = form.getSsoPublicUrl(); + if (MiscUtil.isNotEmpty(check)) { + if (!ValidationHelper.validateURL(check)) { + log.info("SSO Public URL is not valid"); + errors.add(LanguageHelper.getErrorString("validation.general.sso.publicurl.valid")); + } + } + + check = form.getSsoSpecialText(); + if (MiscUtil.isNotEmpty(check)) { + if (ValidationHelper.containsPotentialCSSCharacter(check, true)) { + log.info("SSO SpecialText is not valid: " + check); + errors.add(LanguageHelper.getErrorString("validation.general.sso.specialauthtext.valid", + new Object[] {ValidationHelper.getPotentialCSSCharacter(true)} )); + } + } + + check = form.getSsoTarget(); + if (MiscUtil.isEmpty(check)) { + log.info("Empty SSO Target"); + errors.add(LanguageHelper.getErrorString("validation.general.sso.target.empty")); + + } else { + if (!ValidationHelper.isValidTarget(check)) { + log.info("Not valid SSO Target"); + errors.add(LanguageHelper.getErrorString("validation.general.sso.target.valid")); + } + } + + check = form.getSzrgwURL(); + if (MiscUtil.isNotEmpty(check)) { + if (!ValidationHelper.validateURL(check)) { + log.info("SZRGW URL is not valid"); + errors.add(LanguageHelper.getErrorString("validation.general.szrgw.url.valid")); + } + } + + check = form.getTrustedCACerts(); + if (MiscUtil.isEmpty(check)) { + log.info("Empty TrustCACerts Directory"); + errors.add(LanguageHelper.getErrorString("validation.general.trustedcacerts.empty")); + + } else { + if (ValidationHelper.isNotValidIdentityLinkSigner(check)) { + log.info("Not valid TrustCACerts Directory"); + errors.add(LanguageHelper.getErrorString("validation.general.trustedcacerts.valid", + new Object[] {ValidationHelper.getNotValidOAIdentifierCharacters()} )); + } + } + + + + if (form.getFileUploadFileName() != null) { + HashMap<String, byte[]> map = new HashMap<String, byte[]>(); + for (int i=0; i<form.getFileUploadFileName().size(); i++) { + String filename = form.getFileUploadFileName().get(i); + + if (MiscUtil.isNotEmpty(filename)) { + if (ValidationHelper.containsPotentialCSSCharacter(filename, false)) { + log.info("SL Transformation Filename is not valid"); + errors.add(LanguageHelper.getErrorString("validation.general.slrequest.filename.valid")); + + } else { + try { + File file = form.getFileUpload().get(i); + FileInputStream stream = new FileInputStream(file); + map.put(filename, Base64Utils.encode(stream).getBytes("UTF-8")); + + } catch (IOException e) { + log.info("SecurtiyLayerTransformation with FileName " + + filename +" can not be loaded." , e); + errors.add(LanguageHelper.getErrorString("validation.general.slrequest.file.valid", + new Object[] {filename} )); + } + } + } + } + form.setSecLayerTransformation(map); + } + + + ContactForm contact = form.getPvp2Contact(); + if (contact != null) { + PVP2ContactValidator pvp2validator = new PVP2ContactValidator(); + errors.addAll(pvp2validator.validate(contact)); + } + + return errors; + } +} diff --git a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/validation/moaconfig/PVP2ContactValidator.java b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/validation/moaconfig/PVP2ContactValidator.java new file mode 100644 index 000000000..6ab4f5292 --- /dev/null +++ b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/validation/moaconfig/PVP2ContactValidator.java @@ -0,0 +1,80 @@ +package at.gv.egovernment.moa.id.configuration.validation.moaconfig; + +import java.util.ArrayList; +import java.util.Arrays; +import java.util.List; + +import org.apache.log4j.Logger; + +import at.gv.egovernment.moa.id.commons.db.dao.config.Contact; +import at.gv.egovernment.moa.id.configuration.data.pvp2.ContactForm; +import at.gv.egovernment.moa.id.configuration.helper.LanguageHelper; +import at.gv.egovernment.moa.id.configuration.validation.ValidationHelper; +import at.gv.egovernment.moa.util.MiscUtil; + + +public class PVP2ContactValidator { + + public static final List<String> AllowedTypes= Arrays.asList( + "technical", + "support", + "administrative", + "billing", + "other"); + + private static final Logger log = Logger.getLogger(PVP2ContactValidator.class); + + public List<String >validate(ContactForm contact) { + List<String> errors = new ArrayList<String>(); + + String check = contact.getCompany(); + if (MiscUtil.isNotEmpty(check)) { + if (ValidationHelper.containsPotentialCSSCharacter(check, false)) { + log.info("PVP2 Contact: Company is not valid: " + check); + errors.add(LanguageHelper.getErrorString("validation.general.protocol.pvp2.contact.company.valid", + new Object[] {ValidationHelper.getPotentialCSSCharacter(false)} )); + } + } + + check = contact.getGivenname(); + if (MiscUtil.isNotEmpty(check)) { + if (ValidationHelper.containsPotentialCSSCharacter(check, false)) { + log.info("PVP2 Contact: GivenName is not valid: " + check); + errors.add(LanguageHelper.getErrorString("validation.general.protocol.pvp2.contact.givenname.valid", + new Object[] {ValidationHelper.getPotentialCSSCharacter(false)} )); + } + } + + check = contact.getSurname(); + if (MiscUtil.isNotEmpty(check)) { + if (ValidationHelper.containsPotentialCSSCharacter(check, false)) { + log.info("PVP2 Contact: SureName is not valid: " + check); + errors.add(LanguageHelper.getErrorString("validation.general.protocol.pvp2.contact.surename.valid", + new Object[] {ValidationHelper.getPotentialCSSCharacter(false)} )); + } + } + + check = contact.getType(); + if (MiscUtil.isNotEmpty(check)) { + if (!AllowedTypes.contains(check)) { + errors.add(LanguageHelper.getErrorString("validation.general.protocol.pvp2.contact.type.valid")); + } + } + + check = contact.getMail(); + if (MiscUtil.isNotEmpty(check)) { + if (!ValidationHelper.isEmailAddressFormat(check)) { + errors.add(LanguageHelper.getErrorString("validation.general.protocol.pvp2.contact.mail.valid")); + } + } + + check = contact.getPhone(); + if (MiscUtil.isNotEmpty(check)) { + if (!ValidationHelper.containsPotentialCSSCharacter(check, false)) { + errors.add(LanguageHelper.getErrorString("validation.general.protocol.pvp2.contact.phone.valid")); + } + } + + return errors; + } +} diff --git a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/validation/oa/OAGeneralConfigValidation.java b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/validation/oa/OAGeneralConfigValidation.java new file mode 100644 index 000000000..fa992674e --- /dev/null +++ b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/validation/oa/OAGeneralConfigValidation.java @@ -0,0 +1,210 @@ +package at.gv.egovernment.moa.id.configuration.validation.oa; + +import java.util.ArrayList; +import java.util.List; +import java.util.Map; + +import org.apache.log4j.Logger; + +import at.gv.egovernment.moa.id.commons.db.dao.config.MOAKeyBoxSelector; +import at.gv.egovernment.moa.id.configuration.data.oa.OAGeneralConfig; +import at.gv.egovernment.moa.id.configuration.helper.LanguageHelper; +import at.gv.egovernment.moa.id.configuration.validation.CompanyNumberValidator; +import at.gv.egovernment.moa.id.configuration.validation.ValidationHelper; +import at.gv.egovernment.moa.util.MiscUtil; + +public class OAGeneralConfigValidation { + + private static final Logger log = Logger.getLogger(OASSOConfigValidation.class); + + public List<String> validate(OAGeneralConfig form, boolean isAdmin) { + + List<String> errors = new ArrayList<String>(); + + //validate aditionalAuthBlockText + String check = form.getAditionalAuthBlockText(); + if (MiscUtil.isNotEmpty(check)) { + if (ValidationHelper.containsPotentialCSSCharacter(check, false)) { + log.warn("AditionalAuthBlockText contains potentail XSS characters: " + check); + errors.add(LanguageHelper.getErrorString("validation.general.aditionalauthblocktext", + new Object[] {ValidationHelper.getPotentialCSSCharacter(false)} )); + } + } + + //Check BKU URLs + check =form.getBkuHandyURL(); + if (MiscUtil.isEmpty(check)) { + log.info("Empty Handy-BKU URL"); + errors.add(LanguageHelper.getErrorString("validation.general.bku.handy.empty")); + + } else { + if (!ValidationHelper.validateURL(check)) { + log.info("Not valid Handy-BKU URL"); + errors.add(LanguageHelper.getErrorString("validation.general.bku.handy.valid")); + } + } + + check =form.getBkuLocalURL(); + if (MiscUtil.isEmpty(check)) { + log.info("Empty Local-BKU URL"); + errors.add(LanguageHelper.getErrorString("validation.general.bku.local.empty")); + + } else { + if (!ValidationHelper.validateURL(check)) { + log.info("Not valid Online-BKU URL"); + errors.add(LanguageHelper.getErrorString("validation.general.bku.local.valid")); + } + } + + check =form.getBkuOnlineURL(); + if (MiscUtil.isEmpty(check)) { + log.info("Empty Online-BKU URL"); + errors.add(LanguageHelper.getErrorString("validation.general.bku.online.empty")); + + } else { + if (!ValidationHelper.validateURL(check)) { + log.info("Not valid Online-BKU URL"); + errors.add(LanguageHelper.getErrorString("validation.general.bku.online.valid")); + } + } + + //check OA FriendlyName + check = form.getFriendlyName(); + if (MiscUtil.isNotEmpty(check)) { + if (ValidationHelper.containsPotentialCSSCharacter(check, false)) { + log.warn("OAFriendlyName contains potentail XSS characters: " + check); + errors.add(LanguageHelper.getErrorString("validation.general.oafriendlyname", + new Object[] {ValidationHelper.getPotentialCSSCharacter(false)} )); + } + } + + //check KeyBoxIdentifier + check = form.getKeyBoxIdentifier(); + if (MiscUtil.isEmpty(check)) { + log.info("Empty KeyBoxIdentifier"); + errors.add(LanguageHelper.getErrorString("validation.general.keyboxidentifier.empty")); + } else { + Map<String, String> list = form.getKeyBoxIdentifierList(); + if (!list.containsKey(check)) { + log.info("Not valid KeyBoxIdentifier " + check); + errors.add(LanguageHelper.getErrorString("validation.general.keyboxidentifier.valid")); + } + } + + //check LegacyMode SLTemplates + if (form.isLegacy()) { + if (MiscUtil.isEmpty(form.getSLTemplateURL1()) && + MiscUtil.isEmpty(form.getSLTemplateURL2()) && + MiscUtil.isEmpty(form.getSLTemplateURL3()) ) { + log.info("Empty OA-specific SecurityLayer Templates"); + errors.add(LanguageHelper.getErrorString("validation.general.sltemplates.empty")); + + } else { + check = form.getSLTemplateURL1(); + if (MiscUtil.isNotEmpty(check) && + !ValidationHelper.validateURL(check) ) { + log.info("First OA-specific SecurityLayer Templates is not valid"); + errors.add(LanguageHelper.getErrorString("validation.general.sltemplate1.valid")); + } + check = form.getSLTemplateURL2(); + if (MiscUtil.isNotEmpty(check) && + !ValidationHelper.validateURL(check) ) { + log.info("Second OA-specific SecurityLayer Templates is not valid"); + errors.add(LanguageHelper.getErrorString("validation.general.sltemplate2.valid")); + } + check = form.getSLTemplateURL3(); + if (MiscUtil.isNotEmpty(check) && + !ValidationHelper.validateURL(check) ) { + log.info("Third OA-specific SecurityLayer Templates is not valid"); + errors.add(LanguageHelper.getErrorString("validation.general.sltemplate3.valid")); + } + } + } + + //check Mandate Profiles + check = form.getMandateProfiles(); + if (MiscUtil.isNotEmpty(check)) { + if (ValidationHelper.containsPotentialCSSCharacter(check, true)) { + log.warn("MandateProfiles contains potentail XSS characters: " + check); + errors.add(LanguageHelper.getErrorString("validation.general.mandate.profiles", + new Object[] {ValidationHelper.getPotentialCSSCharacter(true)} )); + } + } + + //check SL Version + check = form.getSlVersion(); + if (MiscUtil.isEmpty(check)) { + log.info("Empty SLVersion. Set SLVersion to 1.2"); + form.setSlVersion("1.2"); + + } else { + if (!ValidationHelper.validateNumber(check)) { + log.info("Not valid SLVersion"); + errors.add(LanguageHelper.getErrorString("validation.general.slversion")); + } + } + + boolean businessservice = form.isBusinessService(); + + if (businessservice) { + //check identification number + check = form.getIdentificationNumber(); + if (MiscUtil.isEmpty(check)) { + log.info("Empty IdentificationNumber"); + errors.add(LanguageHelper.getErrorString("validation.general.identificationnumber.empty")); + + } else { + if (ValidationHelper.containsPotentialCSSCharacter(check, false)) { + log.warn("IdentificationNumber contains potentail XSS characters: " + check); + errors.add(LanguageHelper.getErrorString("validation.general.identificationnumber.valid", + new Object[] {ValidationHelper.getPotentialCSSCharacter(false)} )); + } + + if (check.startsWith("FN")) { + CompanyNumberValidator val = new CompanyNumberValidator(); + if (val.validate(check)) { + log.info("Not valid CompanyNumber"); + errors.add(LanguageHelper.getErrorString("validation.general.identificationnumber.fn.valid")); + } + } + } + + try { + float slversion = Float.valueOf(form.getSlVersion()); + if (slversion < 1.2) { + log.info("BusinessService Applications requires SLVersion >= 1.2"); + errors.add(LanguageHelper.getErrorString("validation.general.slversion.business")); + form.setSlVersion("1.2"); + } + + } catch (NumberFormatException e) { + } + + } else { + //check targetFrindlyName(); + check = form.getTargetFriendlyName(); + if (MiscUtil.isNotEmpty(check)) { + if (ValidationHelper.containsPotentialCSSCharacter(check, false)) { + log.warn("TargetFriendlyName contains potentail XSS characters: " + check); + errors.add(LanguageHelper.getErrorString("validation.general.targetfriendlyname", + new Object[] {ValidationHelper.getPotentialCSSCharacter(false)} )); + } + } + + //check Target + check = form.getTarget(); + if (MiscUtil.isEmpty(check)) { + log.info("Empty Target"); + errors.add(LanguageHelper.getErrorString("validation.general.target.empty")); + + } else { + if (!ValidationHelper.isValidTarget(check)) { + log.info("Not valid Target"); + errors.add(LanguageHelper.getErrorString("validation.general.target.valid")); + } + } + } + + return errors; + } +} diff --git a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/validation/oa/OAPVP2ConfigValidation.java b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/validation/oa/OAPVP2ConfigValidation.java new file mode 100644 index 000000000..4a1ef9261 --- /dev/null +++ b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/validation/oa/OAPVP2ConfigValidation.java @@ -0,0 +1,44 @@ +package at.gv.egovernment.moa.id.configuration.validation.oa; + +import java.io.IOException; +import java.security.cert.CertificateException; +import java.util.ArrayList; +import java.util.List; + +import org.apache.log4j.Logger; + +import at.gv.egovernment.moa.id.configuration.data.oa.OAPVP2Config; +import at.gv.egovernment.moa.id.configuration.helper.LanguageHelper; +import at.gv.egovernment.moa.id.configuration.validation.ValidationHelper; +import at.gv.egovernment.moa.util.MiscUtil; + +public class OAPVP2ConfigValidation { + + private static final Logger log = Logger.getLogger(OAPVP2ConfigValidation.class); + + public List<String> validate(OAPVP2Config form) { + + List<String> errors = new ArrayList<String>(); + + String url = form.getMetaDataURL(); + if (MiscUtil.isNotEmpty(url) && !ValidationHelper.validateURL(url)) { + log.info("MetaDataURL has no valid form."); + errors.add(LanguageHelper.getErrorString("validation.pvp2.metadataurl.valid")); + } + + try { + if (form.getFileUpload() != null) + form.getCertificate(); + + } catch (CertificateException e) { + log.info("Uploaded Certificate can not be found", e); + errors.add(LanguageHelper.getErrorString("validation.pvp2.certificate.notfound")); + + } catch (IOException e) { + log.info("Uploaded Certificate can not be parsed", e); + errors.add(LanguageHelper.getErrorString("validation.pvp2.certificate.format")); + } + + return errors; + } +} diff --git a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/validation/oa/OASAML1ConfigValidation.java b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/validation/oa/OASAML1ConfigValidation.java new file mode 100644 index 000000000..147ea45e9 --- /dev/null +++ b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/validation/oa/OASAML1ConfigValidation.java @@ -0,0 +1,27 @@ +package at.gv.egovernment.moa.id.configuration.validation.oa; + +import java.util.ArrayList; +import java.util.List; + +import org.apache.log4j.Logger; + +import at.gv.egovernment.moa.id.configuration.data.oa.OAGeneralConfig; +import at.gv.egovernment.moa.id.configuration.data.oa.OASAML1Config; +import at.gv.egovernment.moa.id.configuration.helper.LanguageHelper; + +public class OASAML1ConfigValidation { + + private static final Logger log = Logger.getLogger(OASAML1ConfigValidation.class); + + public List<String> validate(OASAML1Config form, OAGeneralConfig general) { + + List<String> errors = new ArrayList<String>(); + + if (general.isBusinessService() && form.isProvideStammZahl()) { + log.info("ProvideStammZahl can not be used with BusinessService applications"); + errors.add(LanguageHelper.getErrorString("validation.saml1.providestammzahl")); + } + + return errors; + } +} diff --git a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/validation/oa/OASSOConfigValidation.java b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/validation/oa/OASSOConfigValidation.java new file mode 100644 index 000000000..22e2406f2 --- /dev/null +++ b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/validation/oa/OASSOConfigValidation.java @@ -0,0 +1,35 @@ +package at.gv.egovernment.moa.id.configuration.validation.oa; + +import java.util.ArrayList; +import java.util.List; + +import org.apache.log4j.Logger; + +import at.gv.egovernment.moa.id.configuration.data.oa.OASSOConfig; +import at.gv.egovernment.moa.id.configuration.helper.LanguageHelper; +import at.gv.egovernment.moa.id.configuration.validation.ValidationHelper; +import at.gv.egovernment.moa.util.MiscUtil; + +public class OASSOConfigValidation { + + private static final Logger log = Logger.getLogger(OASSOConfigValidation.class); + + public List<String> validate(OASSOConfig form, boolean isAdmin) { + + List<String> errors = new ArrayList<String>(); + + String urlString = form.getSingleLogOutURL(); + if (MiscUtil.isEmpty(urlString)) { + log.info("No Single Log-Out URL"); + //TODO: set error if it is implemented + //errors.add(LanguageHelper.getErrorString("validation.sso.logouturl.empty")); + } else { + if (!ValidationHelper.validateURL(urlString) && form.isUseSSO()) { + log.info("Single Log-Out url validation error"); + errors.add(LanguageHelper.getErrorString("validation.sso.logouturl.valid")); + } + } + + return errors; + } +} diff --git a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/validation/oa/OASTORKConfigValidation.java b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/validation/oa/OASTORKConfigValidation.java new file mode 100644 index 000000000..76183caad --- /dev/null +++ b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/validation/oa/OASTORKConfigValidation.java @@ -0,0 +1,16 @@ +package at.gv.egovernment.moa.id.configuration.validation.oa; + +import java.util.ArrayList; +import java.util.List; + +import at.gv.egovernment.moa.id.configuration.data.oa.OASTORKConfig; + +public class OASTORKConfigValidation { + public List<String> validate(OASTORKConfig oageneral) { + + List<String> errors = new ArrayList<String>(); + + + return errors; + } +} |