aboutsummaryrefslogtreecommitdiff
path: root/id/ConfigWebTool/src/main/java/at
diff options
context:
space:
mode:
Diffstat (limited to 'id/ConfigWebTool/src/main/java/at')
-rw-r--r--id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/Constants.java4
-rw-r--r--id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/auth/AuthenticatedUser.java172
-rw-r--r--id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/config/ConfigurationProvider.java50
-rw-r--r--id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/data/FormularCustomization.java421
-rw-r--r--id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/data/OAListElement.java17
-rw-r--r--id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/data/oa/IOnlineApplicationData.java64
-rw-r--r--id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/data/oa/OAAuthenticationData.java542
-rw-r--r--id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/data/oa/OAGeneralConfig.java767
-rw-r--r--id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/data/oa/OAMOAIDPInterfederationConfig.java186
-rw-r--r--id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/data/oa/OAOAuth20Config.java72
-rw-r--r--id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/data/oa/OAPVP2Config.java73
-rw-r--r--id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/data/oa/OASAML1Config.java77
-rw-r--r--id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/data/oa/OASSOConfig.java58
-rw-r--r--id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/data/oa/OASTORKConfig.java78
-rw-r--r--id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/data/oa/OATargetConfiguration.java368
-rw-r--r--id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/exception/BasicOAActionException.java61
-rw-r--r--id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/filter/AuthenticationFilter.java2
-rw-r--r--id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/helper/FormDataHelper.java56
-rw-r--r--id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/struts/action/BasicAction.java14
-rw-r--r--id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/struts/action/BasicOAAction.java452
-rw-r--r--id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/struts/action/EditGeneralConfigAction.java2
-rw-r--r--id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/struts/action/EditOAAction.java1070
-rw-r--r--id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/struts/action/IndexAction.java46
-rw-r--r--id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/struts/action/InterfederationIDPAction.java441
-rw-r--r--id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/struts/action/ListOAsAction.java13
-rw-r--r--id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/struts/action/MOAIDPAction.java59
-rw-r--r--id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/struts/action/OpenAdminRequestsAction.java2
-rw-r--r--id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/struts/action/UserManagementAction.java2
-rw-r--r--id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/struts/action/VIDPAction.java75
-rw-r--r--id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/validation/FormularCustomizationValitator.java1
-rw-r--r--id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/validation/TargetValidator.java104
-rw-r--r--id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/validation/UserDatabaseFormValidator.java1
-rw-r--r--id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/validation/ValidationHelper.java384
-rw-r--r--id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/validation/moaconfig/MOAConfigValidator.java2
-rw-r--r--id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/validation/moaconfig/PVP2ContactValidator.java2
-rw-r--r--id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/validation/moaconfig/StorkConfigValidator.java2
-rw-r--r--id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/validation/oa/OAAuthenticationDataValidation.java (renamed from id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/validation/oa/OAGeneralConfigValidation.java)142
-rw-r--r--id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/validation/oa/OAFileUploadValidation.java2
-rw-r--r--id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/validation/oa/OAPVP2ConfigValidation.java135
-rw-r--r--id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/validation/oa/OASSOConfigValidation.java2
-rw-r--r--id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/validation/oa/OASTORKConfigValidation.java7
-rw-r--r--id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/validation/oa/OATargetConfigValidation.java154
42 files changed, 3718 insertions, 2464 deletions
diff --git a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/Constants.java b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/Constants.java
index 70241fafb..df1faa7c0 100644
--- a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/Constants.java
+++ b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/Constants.java
@@ -82,9 +82,7 @@ public class Constants {
public static final String DEFAULT_LOCALBKU_URL = "https://127.0.0.1:3496/https-security-layer-request";
public static final String DEFAULT_HANDYBKU_URL = "https://www.handy-signatur.at/mobile/https-security-layer-request/default.aspx";
-
- public static final String PUBLICSERVICE_URL_POSTFIX = ".gv.at";
-
+
public static final String IDENIFICATIONTYPE_FN = "FN";
public static final String IDENIFICATIONTYPE_ERSB = "ERSB";
public static final String IDENIFICATIONTYPE_ZVR = "ZVR";
diff --git a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/auth/AuthenticatedUser.java b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/auth/AuthenticatedUser.java
index b7da86db7..330ed7036 100644
--- a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/auth/AuthenticatedUser.java
+++ b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/auth/AuthenticatedUser.java
@@ -24,6 +24,9 @@ package at.gv.egovernment.moa.id.configuration.auth;
import java.util.Date;
+import at.gv.egovernment.moa.id.commons.db.dao.config.UserDatabase;
+import at.gv.egovernment.moa.id.configuration.Constants;
+import at.gv.egovernment.moa.id.configuration.data.UserDatabaseFrom;
import at.gv.egovernment.moa.id.configuration.helper.DateTimeHelper;
public class AuthenticatedUser {
@@ -39,27 +42,89 @@ public class AuthenticatedUser {
private String institute;
private String userName;
private Date lastLogin;
-
- public AuthenticatedUser() {
+
+ private boolean onlyBusinessService = false;
+ private String businessServiceType;
+ private String businessServiceNumber;
+
+ private AuthenticatedUser() {
}
- public AuthenticatedUser(long userID, String givenName, String familyName, String institute,
- String userName, boolean isAuthenticated, boolean isAdmin, boolean isMandateUser,
+ public static AuthenticatedUser generateDefaultUser() {
+
+ AuthenticatedUser user = new AuthenticatedUser();
+ user.familyName = "TestUser";
+ user.givenName = "Max";
+ user.userName = "maxtestuser";
+ user.userID = 0;
+ user.institute = new String();
+ user.isAdmin = true;
+ user.isAuthenticated = true;
+ user.isMandateUser = false;
+ user.isPVP2Login = false;
+ user.lastLogin = new Date();
+
+ return user;
+ }
+
+ public static AuthenticatedUser generateUserRequestUser(UserDatabaseFrom form) {
+
+ AuthenticatedUser user = new AuthenticatedUser();
+ user.familyName = form.getFamilyName();
+ user.givenName = form.getGivenName();
+ user.userName = form.getUsername();
+ user.userID = 0;
+ user.institute = form.getInstitut();
+ user.isAdmin = false;
+ user.isAuthenticated = false;
+ user.isMandateUser = form.isIsmandateuser();
+ user.isPVP2Login = form.isPVPGenerated();
+ user.lastLogin = new Date();
+
+ return user;
+ }
+
+ public AuthenticatedUser(UserDatabase userdb, boolean isAuthenticated, boolean isMandateUser,
boolean isPVP2Login) {
- this.familyName = familyName;
- this.givenName = givenName;
- this.userName = userName;
- this.userID = userID;
- this.institute = institute;
- this.isAdmin = isAdmin;
+ this.familyName = userdb.getFamilyname();
+ this.givenName = userdb.getGivenname();
+ this.userName = userdb.getUsername();
+ this.userID = userdb.getHjid();
+ this.institute = userdb.getInstitut();
+ this.isAdmin = userdb.isIsAdmin();
this.isAuthenticated = isAuthenticated;
this.isMandateUser = isMandateUser;
this.isPVP2Login = isPVP2Login;
this.lastLogin = new Date();
+
+ if (!this.isAdmin) generateUserSpecificConfigurationOptions(userdb);
}
+
+ private void generateUserSpecificConfigurationOptions(UserDatabase userdb) {
+
+ if (userdb.isIsMandateUser() != null && userdb.isIsMandateUser()) {
+ String bpk = userdb.getBpk();
+ if (bpk.startsWith(Constants.IDENIFICATIONTYPE_BASEID_FN) || bpk.startsWith(Constants.IDENIFICATIONTYPE_BASEID_ZVR) || bpk.startsWith(Constants.IDENIFICATIONTYPE_STORK)) {
+ onlyBusinessService = true;
+
+ String[] split = bpk.split("\\+");
+ this.businessServiceType = split[1].substring(1);
+
+ if (bpk.startsWith(Constants.IDENIFICATIONTYPE_BASEID_FN))
+ this.businessServiceNumber = at.gv.egovernment.moa.util.StringUtils.deleteLeadingZeros(split[2]);
+ else
+ this.businessServiceNumber = split[2];
+
+ } else
+ onlyBusinessService = false;
+
+ }
+
+ }
+
public String getFormatedLastLogin() {
return DateTimeHelper.getDateTime(lastLogin);
}
@@ -72,13 +137,6 @@ public class AuthenticatedUser {
}
/**
- * @param isAuthenticated the isAuthenticated to set
- */
- public void setAuthenticated(boolean isAuthenticated) {
- this.isAuthenticated = isAuthenticated;
- }
-
- /**
* @return the isAdmin
*/
public boolean isAdmin() {
@@ -86,13 +144,6 @@ public class AuthenticatedUser {
}
/**
- * @param isAdmin the isAdmin to set
- */
- public void setAdmin(boolean isAdmin) {
- this.isAdmin = isAdmin;
- }
-
- /**
* @return the userID
*/
public long getUserID() {
@@ -100,13 +151,6 @@ public class AuthenticatedUser {
}
/**
- * @param userID the userID to set
- */
- public void setUserID(long userID) {
- this.userID = userID;
- }
-
- /**
* @return the givenName
*/
public String getGivenName() {
@@ -114,13 +158,6 @@ public class AuthenticatedUser {
}
/**
- * @param givenName the givenName to set
- */
- public void setGivenName(String givenName) {
- this.givenName = givenName;
- }
-
- /**
* @return the familyName
*/
public String getFamilyName() {
@@ -128,25 +165,11 @@ public class AuthenticatedUser {
}
/**
- * @param familyName the familyName to set
- */
- public void setFamilyName(String familyName) {
- this.familyName = familyName;
- }
-
- /**
* @return the lastLogin
*/
public Date getLastLogin() {
return lastLogin;
}
-
- /**
- * @param lastLogin the lastLogin to set
- */
- public void setLastLogin(Date lastLogin) {
- this.lastLogin = lastLogin;
- }
/**
* @return the userName
@@ -156,54 +179,57 @@ public class AuthenticatedUser {
}
/**
- * @param userName the userName to set
+ * @return the institute
*/
- public void setUserName(String userName) {
- this.userName = userName;
+ public String getInstitute() {
+ return institute;
}
/**
- * @return the institute
+ * @return the isPVP2Login
*/
- public String getInstitute() {
- return institute;
+ public boolean isPVP2Login() {
+ return isPVP2Login;
}
/**
- * @param institute the institute to set
+ * @return the isMandateUser
*/
- public void setInstitute(String institute) {
- this.institute = institute;
+ public boolean isMandateUser() {
+ return isMandateUser;
}
/**
- * @return the isPVP2Login
+ * @return the onlyBusinessService
*/
- public boolean isPVP2Login() {
- return isPVP2Login;
+ public boolean isOnlyBusinessService() {
+ return onlyBusinessService;
}
/**
- * @param isPVP2Login the isPVP2Login to set
+ * @return the businessServiceType
*/
- public void setPVP2Login(boolean isPVP2Login) {
- this.isPVP2Login = isPVP2Login;
+ public String getBusinessServiceType() {
+ return businessServiceType;
}
/**
- * @return the isMandateUser
+ * @return the businessServiceNumber
*/
- public boolean isMandateUser() {
- return isMandateUser;
+ public String getBusinessServiceNumber() {
+ return businessServiceNumber;
}
/**
- * @param isMandateUser the isMandateUser to set
+ * @param lastLogin the lastLogin to set
*/
- public void setMandateUser(boolean isMandateUser) {
- this.isMandateUser = isMandateUser;
+ public void setLastLogin(Date lastLogin) {
+ this.lastLogin = lastLogin;
}
+
+
+
}
diff --git a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/config/ConfigurationProvider.java b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/config/ConfigurationProvider.java
index bcc9a87ab..84af0d225 100644
--- a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/config/ConfigurationProvider.java
+++ b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/config/ConfigurationProvider.java
@@ -41,7 +41,7 @@ import java.util.jar.Manifest;
import javax.servlet.http.HttpServletRequest;
-import org.apache.commons.httpclient.HttpClient;
+import org.apache.commons.httpclient.MOAHttpClient;
import org.apache.log4j.Logger;
import org.opensaml.DefaultBootstrap;
import org.opensaml.saml2.metadata.provider.HTTPMetadataProvider;
@@ -49,7 +49,11 @@ import org.opensaml.xml.parse.BasicParserPool;
import org.opensaml.xml.security.x509.BasicX509Credential;
import at.gv.egovernment.moa.id.commons.db.ConfigurationDBUtils;
+import at.gv.egovernment.moa.id.commons.db.dao.config.ChainingModeType;
import at.gv.egovernment.moa.id.commons.db.ex.MOADatabaseException;
+import at.gv.egovernment.moa.id.commons.ex.MOAHttpProtocolSocketFactoryException;
+import at.gv.egovernment.moa.id.commons.utils.MOAHttpProtocolSocketFactory;
+import at.gv.egovernment.moa.id.config.auth.AuthConfigurationProvider;
import at.gv.egovernment.moa.id.configuration.Constants;
import at.gv.egovernment.moa.id.configuration.auth.pvp2.MetaDataVerificationFilter;
import at.gv.egovernment.moa.id.configuration.exception.ConfigurationException;
@@ -436,6 +440,26 @@ public class ConfigurationProvider {
return parseVersionFromManifest();
}
+ public String getCertStoreDirectory() throws CertificateException {
+ String dir = props.getProperty("general.ssl.certstore");
+ if (MiscUtil.isNotEmpty(dir))
+ return FileUtils.makeAbsoluteURL(dir, configRootDir);
+
+ else
+ throw new CertificateException("No SSLCertStore configured use default JAVA TrustStore.");
+
+ }
+
+ public String getTrustStoreDirectory() throws CertificateException {
+ String dir = props.getProperty("general.ssl.truststore");
+ if (MiscUtil.isNotEmpty(dir))
+ return FileUtils.makeAbsoluteURL(dir, configRootDir);
+
+ else
+ throw new CertificateException("No SSLTrustStore configured use default JAVA TrustStore.");
+
+ }
+
private void initalPVP2Login() throws ConfigurationException {
try {
@@ -458,8 +482,28 @@ public class ConfigurationProvider {
log.info("NO IDP Metadata URL.");
throw new ConfigurationException("NO IDP Metadata URL.");
}
-
- idpMetadataProvider = new HTTPMetadataProvider(new Timer(), new HttpClient(), metadataurl);
+
+ MOAHttpClient httpClient = new MOAHttpClient();
+
+ if (metadataurl.startsWith("https:")) {
+ try {
+ MOAHttpProtocolSocketFactory protoSocketFactory = new MOAHttpProtocolSocketFactory(
+ "MOAMetaDataProvider",
+ AuthConfigurationProvider.getInstance().getCertstoreDirectory(),
+ AuthConfigurationProvider.getInstance().getTrustedCACertificates(),
+ null,
+ ChainingModeType.fromValue(AuthConfigurationProvider.getInstance().getDefaultChainingMode()),
+ AuthConfigurationProvider.getInstance().isTrustmanagerrevoationchecking());
+
+ httpClient.setCustomSSLTrustStore(metadataurl, protoSocketFactory);
+
+ } catch (MOAHttpProtocolSocketFactoryException e) {
+ log.warn("MOA SSL-TrustStore can not initialized. Use default Java TrustStore.");
+
+ }
+ }
+
+ idpMetadataProvider = new HTTPMetadataProvider(new Timer(), httpClient, metadataurl);
idpMetadataProvider.setRequireValidMetadata(true);
idpMetadataProvider.setParserPool(new BasicParserPool());
idpMetadataProvider.setMetadataFilter(new MetaDataVerificationFilter(idpCredential));
diff --git a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/data/FormularCustomization.java b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/data/FormularCustomization.java
index 687925c18..25f20372a 100644
--- a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/data/FormularCustomization.java
+++ b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/data/FormularCustomization.java
@@ -22,20 +22,40 @@
*******************************************************************************/
package at.gv.egovernment.moa.id.configuration.data;
+import java.io.File;
+import java.util.ArrayList;
import java.util.Arrays;
import java.util.Collections;
+import java.util.HashMap;
+import java.util.Iterator;
import java.util.List;
import java.util.Map;
+import javax.servlet.http.HttpServletRequest;
+import javax.servlet.http.HttpSession;
+
+import org.apache.log4j.Logger;
+
import at.gv.egovernment.moa.id.commons.db.dao.config.AuthComponentOA;
import at.gv.egovernment.moa.id.commons.db.dao.config.BKUSelectionCustomizationType;
import at.gv.egovernment.moa.id.commons.db.dao.config.OnlineApplication;
import at.gv.egovernment.moa.id.commons.db.dao.config.TemplatesType;
+import at.gv.egovernment.moa.id.commons.db.dao.config.TransformsInfoType;
+import at.gv.egovernment.moa.id.commons.validation.ValidationHelper;
+import at.gv.egovernment.moa.id.configuration.Constants;
+import at.gv.egovernment.moa.id.configuration.auth.AuthenticatedUser;
+import at.gv.egovernment.moa.id.configuration.data.oa.IOnlineApplicationData;
+import at.gv.egovernment.moa.id.configuration.data.oa.OAGeneralConfig;
+import at.gv.egovernment.moa.id.configuration.helper.LanguageHelper;
+import at.gv.egovernment.moa.id.configuration.validation.FormularCustomizationValitator;
+import at.gv.egovernment.moa.id.configuration.validation.oa.OAFileUploadValidation;
import at.gv.egovernment.moa.id.util.FormBuildUtils;
import at.gv.egovernment.moa.util.MiscUtil;
-public class FormularCustomization {
+public class FormularCustomization implements IOnlineApplicationData {
+ private static final Logger log = Logger.getLogger(FormularCustomization.class);
+
private boolean showMandateLoginButton = true;
private boolean onlyMandateAllowed = false;
@@ -52,25 +72,79 @@ public class FormularCustomization {
private String applet_height = null;
private String applet_width = null;
+ private Map<String, String> map = null;
private String appletRedirectTarget = null;
public static List<String> appletRedirectTargetList = null;
-
+
public static List<String> fontTypeList = null;
public String fontTypeListValue = null;
+ private Map<String, byte[]> sendAssertionForm = new HashMap<String, byte[]>();
+ private Map<String, byte[]> bkuSelectionForm = new HashMap<String, byte[]>();
+
+ private List<File> bkuSelectionFileUpload = null;
+ private List<String> bkuSelectionFileUploadContentType = null;
+ private List<String> bkuSelectionFileUploadFileName = new ArrayList<String>();
+ private boolean deleteBKUTemplate = false;
+
+ private List<File> sendAssertionFileUpload = null;
+ private List<String> sendAssertionFileUploadContentType = null;
+ private List<String> sendAssertionFileUploadFileName = new ArrayList<String>();;
+ private boolean deleteSendAssertionTemplate = false;
+
+ private String aditionalAuthBlockText = null;
+ private boolean isHideBPKAuthBlock = false;
+
public FormularCustomization() {
+ new FormularCustomization(null);
+ }
+
+ public FormularCustomization(Map<String, String> map) {
appletRedirectTargetList = Arrays.asList("","_blank","_self","_parent","_top");
fontTypeList = Arrays.asList("","Verdana","Geneva","Arial","Helvetica","sans-serif","Times New Roman");
Collections.sort(fontTypeList);
+
+ if (map == null)
+ this.map = new HashMap<String, String>();
+ else
+ this.map = map;
+ }
+
+ /* (non-Javadoc)
+ * @see at.gv.egovernment.moa.id.configuration.data.oa.IOnlineApplicationData#getName()
+ */
+ @Override
+ public String getName() {
+ return "OAFormularCustomization";
}
+
+ /* (non-Javadoc)
+ * @see at.gv.egovernment.moa.id.configuration.data.oa.IOnlineApplicationData#parse(at.gv.egovernment.moa.id.commons.db.dao.config.OnlineApplication, javax.servlet.http.HttpServletRequest)
+ */
+ @Override
+ public List<String> parse(OnlineApplication dbOA, AuthenticatedUser authUser, HttpServletRequest request) {
+ AuthComponentOA auth = dbOA.getAuthComponentOA();
+
+ if (dbOA.getAuthComponentOA() != null)
+ isHideBPKAuthBlock = dbOA.isRemoveBPKFromAuthBlock();
- public void parse(OnlineApplication dbOAConfig, Map<String, String> map) {
- AuthComponentOA auth = dbOAConfig.getAuthComponentOA();
-
if (auth != null) {
TemplatesType templates = auth.getTemplates();
- if (templates != null) {
+
+ if (templates != null) {
+ aditionalAuthBlockText = templates.getAditionalAuthBlockText();
+
+ TransformsInfoType bkuSelectTemplate = templates.getBKUSelectionTemplate();
+ if (bkuSelectTemplate != null && MiscUtil.isNotEmpty(bkuSelectTemplate.getFilename())) {
+ bkuSelectionFileUploadFileName.add(bkuSelectTemplate.getFilename());
+ }
+
+ TransformsInfoType sendAssertionTemplate = templates.getSendAssertionTemplate();
+ if (sendAssertionTemplate != null && MiscUtil.isNotEmpty(sendAssertionTemplate.getFilename())) {
+ sendAssertionFileUploadFileName.add(sendAssertionTemplate.getFilename());
+ }
+
BKUSelectionCustomizationType formcustom = templates.getBKUSelectionCustomization();
if (formcustom != null) {
@@ -140,8 +214,179 @@ public class FormularCustomization {
}
}
}
+
+ request.getSession().setAttribute(Constants.SESSION_BKUFORMPREVIEW, map);
+
+ return null;
+ }
+
+ /* (non-Javadoc)
+ * @see at.gv.egovernment.moa.id.configuration.data.oa.IOnlineApplicationData#store(at.gv.egovernment.moa.id.commons.db.dao.config.OnlineApplication, at.gv.egovernment.moa.id.configuration.auth.AuthenticatedUser, javax.servlet.http.HttpServletRequest)
+ */
+ @Override
+ public String store(OnlineApplication dbOA, AuthenticatedUser authUser,
+ HttpServletRequest request) {
+
+ AuthComponentOA authoa = dbOA.getAuthComponentOA();
+ if (authoa == null) {
+ authoa = new AuthComponentOA();
+ dbOA.setAuthComponentOA(authoa);
+ }
+
+ dbOA.setRemoveBPKFromAuthBlock(isHideBPKAuthBlock());
+
+ TemplatesType templates = authoa.getTemplates();
+ if (templates == null) {
+ templates = new TemplatesType();
+ authoa.setTemplates(templates);
+ }
+
+ templates.setAditionalAuthBlockText(getAditionalAuthBlockText());
+
+ //store BKU-selection and send-assertion templates
+ if (authUser.isAdmin()) {
+
+ if (isDeleteBKUTemplate())
+ templates.setBKUSelectionTemplate(null);
+
+ if (isDeleteSendAssertionTemplate())
+ templates.setSendAssertionTemplate(null);
+
+
+ if (bkuSelectionForm != null && bkuSelectionForm.size() > 0) {
+ TransformsInfoType template = new TransformsInfoType();
+
+ Iterator<String> interator = bkuSelectionForm.keySet().iterator();
+ template.setFilename(interator.next());
+ template.setTransformation(bkuSelectionForm.get(
+ template.getFilename()));
+
+ templates.setBKUSelectionTemplate(template);
+ }
+
+ if (sendAssertionForm != null && sendAssertionForm.size() > 0) {
+ TransformsInfoType template = new TransformsInfoType();
+
+ Iterator<String> interator = sendAssertionForm.keySet().iterator();
+ template.setFilename(interator.next());
+ template.setTransformation(sendAssertionForm.get(
+ template.getFilename()));
+
+ templates.setSendAssertionTemplate(template);
+ }
+ }
+
+ BKUSelectionCustomizationType bkuselectioncustom = templates.getBKUSelectionCustomization();
+ if (bkuselectioncustom == null) {
+ bkuselectioncustom = new BKUSelectionCustomizationType();
+ templates.setBKUSelectionCustomization(bkuselectioncustom);
+ }
+
+ if (authoa.getMandates() != null &&
+ (authoa.getMandates().getProfileName() != null
+ && authoa.getMandates().getProfileName().size() > 0)
+ || MiscUtil.isNotEmpty(authoa.getMandates().getProfiles()))
+
+ bkuselectioncustom.setMandateLoginButton(true);
+ else
+ bkuselectioncustom.setMandateLoginButton(false);
+
+ bkuselectioncustom.setOnlyMandateLoginAllowed(isOnlyMandateAllowed());
+
+ bkuselectioncustom.setBackGroundColor(parseColor(getBackGroundColor()));
+ bkuselectioncustom.setFrontColor(parseColor(getFrontColor()));
+
+ bkuselectioncustom.setHeaderBackGroundColor(parseColor(getHeader_BackGroundColor()));
+ bkuselectioncustom.setHeaderFrontColor(parseColor(getHeader_FrontColor()));
+ bkuselectioncustom.setHeaderText(getHeader_text());
+
+ bkuselectioncustom.setButtonBackGroundColor(parseColor(getButton_BackGroundColor()));
+ bkuselectioncustom.setButtonBackGroundColorFocus(parseColor(getButton_BackGroundColorFocus()));
+ bkuselectioncustom.setButtonFontColor(parseColor(getButton_FrontColor()));
+
+ if (MiscUtil.isNotEmpty(getAppletRedirectTarget()))
+ bkuselectioncustom.setAppletRedirectTarget(getAppletRedirectTarget());
+
+ bkuselectioncustom.setFontType(getFontType());
+
+ bkuselectioncustom.setAppletHeight(getApplet_height());
+ bkuselectioncustom.setAppletWidth(getApplet_width());
+
+
+ return null;
+ }
+
+ /* (non-Javadoc)
+ * @see at.gv.egovernment.moa.id.configuration.data.oa.IOnlineApplicationData#validate(at.gv.egovernment.moa.id.configuration.data.oa.OAGeneralConfig, at.gv.egovernment.moa.id.configuration.auth.AuthenticatedUser, javax.servlet.http.HttpServletRequest)
+ */
+ @Override
+ public List<String> validate(OAGeneralConfig general,
+ AuthenticatedUser authUser, HttpServletRequest request) {
+
+ HttpSession session = request.getSession();
+ List<String> errors = new ArrayList<String>();
+
+ String check = null;
+ if (authUser.isAdmin()) {
+ //validate aditionalAuthBlockText
+ check = getAditionalAuthBlockText();
+ if (MiscUtil.isNotEmpty(check)) {
+ if (ValidationHelper.containsPotentialCSSCharacter(check, false)) {
+ log.warn("AditionalAuthBlockText contains potentail XSS characters: " + check);
+ errors.add(LanguageHelper.getErrorString("validation.general.aditionalauthblocktext",
+ new Object[] {ValidationHelper.getPotentialCSSCharacter(false)}, request ));
+ }
+ }
+ }
+
+ OAFileUploadValidation valiator_fileUpload = new OAFileUploadValidation();
+ //validate BKU-selection template
+ List<String> templateError = valiator_fileUpload.validate(getBkuSelectionFileUploadFileName()
+ , getBkuSelectionFileUpload(), "validation.general.bkuselection", bkuSelectionForm, request);
+ if (templateError != null && templateError.size() == 0) {
+ if (bkuSelectionForm != null && bkuSelectionForm.size() > 0)
+ session.setAttribute(Constants.SESSION_BKUSELECTIONTEMPLATE, bkuSelectionForm);
+
+ else
+ bkuSelectionForm = (Map<String, byte[]>) session.getAttribute(Constants.SESSION_BKUSELECTIONTEMPLATE);
+
+ } else {
+ errors.addAll(templateError);
+
+ }
+
+ //validate send-assertion template
+ templateError = valiator_fileUpload.validate(getSendAssertionFileUploadFileName()
+ , getSendAssertionFileUpload(), "validation.general.sendassertion", sendAssertionForm, request);
+ if (templateError != null && templateError.size() == 0) {
+ if (sendAssertionForm != null && sendAssertionForm.size() > 0)
+ session.setAttribute(Constants.SESSION_SENDASSERTIONTEMPLATE, sendAssertionForm);
+
+ else
+ sendAssertionForm = (Map<String, byte[]>) session.getAttribute(Constants.SESSION_SENDASSERTIONTEMPLATE);
+
+ } else {
+ errors.addAll(templateError);
+
+ }
+
+ //validate BKUFormCustomization
+ errors.addAll(new FormularCustomizationValitator().validate(this, request));
+
+ return errors;
}
+ private String parseColor(String color) {
+ String value = "";
+
+ if (MiscUtil.isNotEmpty(color)) {
+ if (!color.startsWith("#"))
+ value = "#" + color;
+ else
+ value = color;
+ }
+ return value;
+ }
/**
* @return the showMandateLoginButton
@@ -389,9 +634,165 @@ public class FormularCustomization {
public void setApplet_width(String applet_width) {
this.applet_width = applet_width;
}
-
-
-
-
+
+
+ /**
+ * @return the bkuSelectionFileUpload
+ */
+ public List<File> getBkuSelectionFileUpload() {
+ return bkuSelectionFileUpload;
+ }
+
+
+ /**
+ * @param bkuSelectionFileUpload the bkuSelectionFileUpload to set
+ */
+ public void setBkuSelectionFileUpload(List<File> bkuSelectionFileUpload) {
+ this.bkuSelectionFileUpload = bkuSelectionFileUpload;
+ }
+
+
+ /**
+ * @return the bkuSelectionFileUploadContentType
+ */
+ public List<String> getBkuSelectionFileUploadContentType() {
+ return bkuSelectionFileUploadContentType;
+ }
+
+
+ /**
+ * @param bkuSelectionFileUploadContentType the bkuSelectionFileUploadContentType to set
+ */
+ public void setBkuSelectionFileUploadContentType(
+ List<String> bkuSelectionFileUploadContentType) {
+ this.bkuSelectionFileUploadContentType = bkuSelectionFileUploadContentType;
+ }
+
+
+ /**
+ * @return the bkuSelectionFileUploadFileName
+ */
+ public List<String> getBkuSelectionFileUploadFileName() {
+ return bkuSelectionFileUploadFileName;
+ }
+
+
+ /**
+ * @param bkuSelectionFileUploadFileName the bkuSelectionFileUploadFileName to set
+ */
+ public void setBkuSelectionFileUploadFileName(
+ List<String> bkuSelectionFileUploadFileName) {
+ this.bkuSelectionFileUploadFileName = bkuSelectionFileUploadFileName;
+ }
+
+
+ /**
+ * @return the sendAssertionFileUpload
+ */
+ public List<File> getSendAssertionFileUpload() {
+ return sendAssertionFileUpload;
+ }
+
+
+ /**
+ * @param sendAssertionFileUpload the sendAssertionFileUpload to set
+ */
+ public void setSendAssertionFileUpload(List<File> sendAssertionFileUpload) {
+ this.sendAssertionFileUpload = sendAssertionFileUpload;
+ }
+
+
+ /**
+ * @return the sendAssertionFileUploadContentType
+ */
+ public List<String> getSendAssertionFileUploadContentType() {
+ return sendAssertionFileUploadContentType;
+ }
+
+
+ /**
+ * @param sendAssertionFileUploadContentType the sendAssertionFileUploadContentType to set
+ */
+ public void setSendAssertionFileUploadContentType(
+ List<String> sendAssertionFileUploadContentType) {
+ this.sendAssertionFileUploadContentType = sendAssertionFileUploadContentType;
+ }
+
+
+ /**
+ * @return the sendAssertionFileUploadFileName
+ */
+ public List<String> getSendAssertionFileUploadFileName() {
+ return sendAssertionFileUploadFileName;
+ }
+
+
+ /**
+ * @param sendAssertionFileUploadFileName the sendAssertionFileUploadFileName to set
+ */
+ public void setSendAssertionFileUploadFileName(
+ List<String> sendAssertionFileUploadFileName) {
+ this.sendAssertionFileUploadFileName = sendAssertionFileUploadFileName;
+ }
+
+
+ /**
+ * @return the deleteBKUTemplate
+ */
+ public boolean isDeleteBKUTemplate() {
+ return deleteBKUTemplate;
+ }
+
+
+ /**
+ * @param deleteBKUTemplate the deleteBKUTemplate to set
+ */
+ public void setDeleteBKUTemplate(boolean deleteBKUTemplate) {
+ this.deleteBKUTemplate = deleteBKUTemplate;
+ }
+
+
+ /**
+ * @return the deleteSendAssertionTemplate
+ */
+ public boolean isDeleteSendAssertionTemplate() {
+ return deleteSendAssertionTemplate;
+ }
+
+
+ /**
+ * @param deleteSendAssertionTemplate the deleteSendAssertionTemplate to set
+ */
+ public void setDeleteSendAssertionTemplate(boolean deleteSendAssertionTemplate) {
+ this.deleteSendAssertionTemplate = deleteSendAssertionTemplate;
+ }
+
+ /**
+ * @return the aditionalAuthBlockText
+ */
+ public String getAditionalAuthBlockText() {
+ return aditionalAuthBlockText;
+ }
+
+ /**
+ * @param aditionalAuthBlockText the aditionalAuthBlockText to set
+ */
+ public void setAditionalAuthBlockText(String aditionalAuthBlockText) {
+ this.aditionalAuthBlockText = aditionalAuthBlockText;
+ }
+
+ /**
+ * @return the isHideBPKAuthBlock
+ */
+ public boolean isHideBPKAuthBlock() {
+ return isHideBPKAuthBlock;
+ }
+
+ /**
+ * @param isHideBPKAuthBlock the isHideBPKAuthBlock to set
+ */
+ public void setHideBPKAuthBlock(boolean isHideBPKAuthBlock) {
+ this.isHideBPKAuthBlock = isHideBPKAuthBlock;
+ }
}
diff --git a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/data/OAListElement.java b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/data/OAListElement.java
index 69bf5dc0c..c4a825589 100644
--- a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/data/OAListElement.java
+++ b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/data/OAListElement.java
@@ -24,11 +24,21 @@ package at.gv.egovernment.moa.id.configuration.data;
public class OAListElement {
+ public enum ServiceType {OA, VIDP, IDP}
+
private long dataBaseID;
private String oaIdentifier;
private String oaFriendlyName;
private String oaType;
private boolean isActive;
+ private ServiceType serviceType;
+
+ /**
+ *
+ */
+ public OAListElement(ServiceType type) {
+ this.serviceType = type;
+ }
/**
@@ -95,5 +105,10 @@ public class OAListElement {
public String getIsActive(){
return String.valueOf(isActive);
}
-
+ /**
+ * @return the serviceType
+ */
+ public String getServiceType() {
+ return serviceType.name();
+ }
}
diff --git a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/data/oa/IOnlineApplicationData.java b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/data/oa/IOnlineApplicationData.java
new file mode 100644
index 000000000..37f8fbc07
--- /dev/null
+++ b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/data/oa/IOnlineApplicationData.java
@@ -0,0 +1,64 @@
+/*
+ * Copyright 2014 Federal Chancellery Austria
+ * MOA-ID has been developed in a cooperation between BRZ, the Federal
+ * Chancellery Austria - ICT staff unit, and Graz University of Technology.
+ *
+ * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by
+ * the European Commission - subsequent versions of the EUPL (the "Licence");
+ * You may not use this work except in compliance with the Licence.
+ * You may obtain a copy of the Licence at:
+ * http://www.osor.eu/eupl/
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the Licence is distributed on an "AS IS" basis,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the Licence for the specific language governing permissions and
+ * limitations under the Licence.
+ *
+ * This product combines work with different licenses. See the "NOTICE" text
+ * file for details on the various modules and licenses.
+ * The "NOTICE" text file is part of the distribution. Any derivative works
+ * that you distribute must include a readable copy of the "NOTICE" text file.
+ */
+package at.gv.egovernment.moa.id.configuration.data.oa;
+
+import java.util.List;
+
+import javax.servlet.http.HttpServletRequest;
+
+import at.gv.egovernment.moa.id.commons.db.dao.config.OnlineApplication;
+import at.gv.egovernment.moa.id.configuration.auth.AuthenticatedUser;
+
+/**
+ * @author tlenz
+ *
+ */
+public interface IOnlineApplicationData {
+
+ public String getName();
+
+ /**
+ * Parse OnlineApplication database object to formData
+ * @param dbOAConfig
+ * @return List of Errors
+ */
+ public List<String> parse(OnlineApplication dbOA, AuthenticatedUser authUser, HttpServletRequest request);
+
+ /**
+ * Store formData to OnlineApplication database object
+ * @param dboa: Database data object
+ * @param authUser
+ * @param request:
+ * @return Error description
+ */
+ public String store(OnlineApplication dbOA, AuthenticatedUser authUser, HttpServletRequest request);
+
+ /**
+ * Validate formData
+ * @param general
+ * @param request
+ * @return
+ */
+ public List<String> validate(OAGeneralConfig general, AuthenticatedUser authUser, HttpServletRequest request);
+
+}
diff --git a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/data/oa/OAAuthenticationData.java b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/data/oa/OAAuthenticationData.java
new file mode 100644
index 000000000..cb60a21a0
--- /dev/null
+++ b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/data/oa/OAAuthenticationData.java
@@ -0,0 +1,542 @@
+/*
+ * Copyright 2014 Federal Chancellery Austria
+ * MOA-ID has been developed in a cooperation between BRZ, the Federal
+ * Chancellery Austria - ICT staff unit, and Graz University of Technology.
+ *
+ * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by
+ * the European Commission - subsequent versions of the EUPL (the "Licence");
+ * You may not use this work except in compliance with the Licence.
+ * You may obtain a copy of the Licence at:
+ * http://www.osor.eu/eupl/
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the Licence is distributed on an "AS IS" basis,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the Licence for the specific language governing permissions and
+ * limitations under the Licence.
+ *
+ * This product combines work with different licenses. See the "NOTICE" text
+ * file for details on the various modules and licenses.
+ * The "NOTICE" text file is part of the distribution. Any derivative works
+ * that you distribute must include a readable copy of the "NOTICE" text file.
+ */
+package at.gv.egovernment.moa.id.configuration.data.oa;
+
+import java.util.ArrayList;
+import java.util.HashMap;
+import java.util.List;
+import java.util.Map;
+
+import javax.servlet.http.HttpServletRequest;
+
+import at.gv.egovernment.moa.id.commons.db.ConfigurationDBRead;
+import at.gv.egovernment.moa.id.commons.db.ConfigurationDBUtils;
+import at.gv.egovernment.moa.id.commons.db.dao.config.AuthComponentOA;
+import at.gv.egovernment.moa.id.commons.db.dao.config.BKUURLS;
+import at.gv.egovernment.moa.id.commons.db.dao.config.DefaultBKUs;
+import at.gv.egovernment.moa.id.commons.db.dao.config.MOAIDConfiguration;
+import at.gv.egovernment.moa.id.commons.db.dao.config.MOAKeyBoxSelector;
+import at.gv.egovernment.moa.id.commons.db.dao.config.Mandates;
+import at.gv.egovernment.moa.id.commons.db.dao.config.MandatesProfileNameItem;
+import at.gv.egovernment.moa.id.commons.db.dao.config.OnlineApplication;
+import at.gv.egovernment.moa.id.commons.db.dao.config.TemplateType;
+import at.gv.egovernment.moa.id.commons.db.dao.config.TemplatesType;
+import at.gv.egovernment.moa.id.commons.db.dao.config.TransformsInfoType;
+import at.gv.egovernment.moa.id.configuration.Constants;
+import at.gv.egovernment.moa.id.configuration.auth.AuthenticatedUser;
+import at.gv.egovernment.moa.id.configuration.validation.oa.OAAuthenticationDataValidation;
+import at.gv.egovernment.moa.util.MiscUtil;
+
+/**
+ * @author tlenz
+ *
+ */
+public class OAAuthenticationData implements IOnlineApplicationData {
+
+ private String bkuOnlineURL = null;
+ private String bkuHandyURL = null;
+ private String bkuLocalURL = null;
+
+ private String mandateProfiles = null;
+ private boolean useMandates = false;
+
+ private boolean calculateHPI = false;
+
+ private String keyBoxIdentifier = null;
+ private static Map<String, String> keyBoxIdentifierList;
+
+ private boolean legacy = false;
+ List<String> SLTemplates = null;
+
+ private Map<String, byte[]> transformations;
+
+ /**
+ *
+ */
+ public OAAuthenticationData() {
+ keyBoxIdentifierList = new HashMap<String, String>();
+ MOAKeyBoxSelector[] values = MOAKeyBoxSelector.values();
+ for (int i=0; i<values.length; i++) {
+ keyBoxIdentifierList.put(values[i].value(), values[i].value());
+ }
+
+ keyBoxIdentifier = MOAKeyBoxSelector.SECURE_SIGNATURE_KEYPAIR.value();
+
+ bkuLocalURL = Constants.DEFAULT_LOCALBKU_URL;
+ bkuHandyURL = Constants.DEFAULT_HANDYBKU_URL;
+
+ MOAIDConfiguration moaidconfig = ConfigurationDBRead.getMOAIDConfiguration();
+ if (moaidconfig != null) {
+ DefaultBKUs defaultbkus = moaidconfig.getDefaultBKUs();
+ if (defaultbkus != null) {
+ setBkuHandyURL(defaultbkus.getHandyBKU());
+ setBkuLocalURL(defaultbkus.getLocalBKU());
+ setBkuOnlineURL(defaultbkus.getOnlineBKU());
+ }
+ }
+ }
+
+ /* (non-Javadoc)
+ * @see at.gv.egovernment.moa.id.configuration.data.oa.IOnlineApplicationData#getName()
+ */
+ @Override
+ public String getName() {
+ return "OAAuthenticationData";
+ }
+
+ /* (non-Javadoc)
+ * @see at.gv.egovernment.moa.id.configuration.data.oa.IOnlineApplicationData#parse(at.gv.egovernment.moa.id.commons.db.dao.config.OnlineApplication, javax.servlet.http.HttpServletRequest)
+ */
+ @Override
+ public List<String> parse(OnlineApplication dbOA, AuthenticatedUser authUser, HttpServletRequest request) {
+ keyBoxIdentifier = dbOA.getKeyBoxIdentifier().value();
+
+ AuthComponentOA oaauth = dbOA.getAuthComponentOA();
+ if (oaauth != null) {
+ BKUURLS bkuurls = oaauth.getBKUURLS();
+
+ String defaulthandy = "";
+ String defaultlocal = "";
+ String defaultonline = "";
+
+ MOAIDConfiguration dbconfig = ConfigurationDBRead.getMOAIDConfiguration();
+ if (dbconfig != null) {
+ DefaultBKUs defaultbkus = dbconfig.getDefaultBKUs();
+ if (defaultbkus != null) {
+ defaulthandy = defaultbkus.getHandyBKU();
+ defaultlocal = defaultbkus.getLocalBKU();
+ defaultonline = defaultbkus.getOnlineBKU();
+ }
+ }
+
+ if (bkuurls != null) {
+
+ if (MiscUtil.isEmpty(bkuurls.getHandyBKU()))
+ bkuHandyURL = defaulthandy;
+ else
+ bkuHandyURL = bkuurls.getHandyBKU();
+
+ if (MiscUtil.isEmpty(bkuurls.getLocalBKU()))
+ bkuLocalURL = defaultlocal;
+ else
+ bkuLocalURL = bkuurls.getLocalBKU();
+
+ if (MiscUtil.isEmpty(bkuurls.getOnlineBKU()))
+ bkuOnlineURL = defaultonline;
+ else
+ bkuOnlineURL = bkuurls.getOnlineBKU();
+ }
+
+ Mandates mandates = oaauth.getMandates();
+ if (mandates != null) {
+
+ mandateProfiles = null;
+
+ List<String> profileList = mandates.getProfileName();
+ for (String el : profileList) {
+ if (mandateProfiles == null)
+ mandateProfiles = el;
+
+ else
+ mandateProfiles += "," + el;
+ }
+
+ //TODO: only for RC1
+ if (MiscUtil.isNotEmpty(mandates.getProfiles())) {
+ if (mandateProfiles == null)
+ mandateProfiles = mandates.getProfiles();
+
+ else
+ mandateProfiles += "," + mandates.getProfiles();
+
+ }
+
+ if (mandateProfiles != null)
+ useMandates = true;
+
+ else
+ useMandates = false;
+
+ }
+
+ TemplatesType templates = oaauth.getTemplates();
+ if (templates != null) {
+ List<TemplateType> templatetype = templates.getTemplate();
+
+ if (templatetype != null) {
+ if (SLTemplates == null) {
+ SLTemplates = new ArrayList<String>();
+ }
+
+ for (TemplateType el : templatetype) {
+ SLTemplates.add(el.getURL());
+ }
+ }
+ }
+
+ if (SLTemplates != null && SLTemplates.size() > 0)
+ legacy = true;
+
+ List<TransformsInfoType> transforminfos = oaauth.getTransformsInfo();
+ transformations = new HashMap<String, byte[]>();
+ for (TransformsInfoType el : transforminfos) {
+ transformations.put(el.getFilename(), el.getTransformation());
+ }
+ }
+
+ return null;
+
+ }
+
+ /* (non-Javadoc)
+ * @see at.gv.egovernment.moa.id.configuration.data.oa.IOnlineApplicationData#store(at.gv.egovernment.moa.id.commons.db.dao.config.OnlineApplication, at.gv.egovernment.moa.id.configuration.auth.AuthenticatedUser, javax.servlet.http.HttpServletRequest)
+ */
+ @Override
+ public String store(OnlineApplication dbOA, AuthenticatedUser authUser,
+ HttpServletRequest request) {
+ AuthComponentOA authoa = dbOA.getAuthComponentOA();
+ if (authoa == null) {
+ authoa = new AuthComponentOA();
+ dbOA.setAuthComponentOA(authoa);
+ }
+
+ dbOA.setCalculateHPI(isCalculateHPI());
+
+ if (authUser.isAdmin()) {
+
+ //store BKU-URLs
+ BKUURLS bkuruls = new BKUURLS();
+ authoa.setBKUURLS(bkuruls);
+ bkuruls.setHandyBKU(getBkuHandyURL());
+ bkuruls.setLocalBKU(getBkuLocalURL());
+ bkuruls.setOnlineBKU(getBkuOnlineURL());
+
+ //store SecurtiyLayerTemplates
+ TemplatesType templates = authoa.getTemplates();
+ if (templates == null) {
+ templates = new TemplatesType();
+ authoa.setTemplates(templates);
+ }
+ List<TemplateType> template = templates.getTemplate();
+ if (isLegacy()) {
+
+ if (template == null)
+ template = new ArrayList<TemplateType>();
+ else
+ template.clear();
+
+ if (MiscUtil.isNotEmpty(getSLTemplateURL1())) {
+ TemplateType el = new TemplateType();
+ el.setURL(getSLTemplateURL1());
+ template.add(el);
+ } else
+ template.add(new TemplateType());
+ if (MiscUtil.isNotEmpty(getSLTemplateURL2())) {
+ TemplateType el = new TemplateType();
+ el.setURL(getSLTemplateURL2());
+ template.add(el);
+ } else
+ template.add(new TemplateType());
+ if (MiscUtil.isNotEmpty(getSLTemplateURL3())) {
+ TemplateType el = new TemplateType();
+ el.setURL(getSLTemplateURL3());
+ template.add(el);
+ } else
+ template.add(new TemplateType());
+
+ } else {
+ if (template != null && template.size() > 0) template.clear();
+ }
+
+
+ //store keyBox Identifier
+ dbOA.setKeyBoxIdentifier(MOAKeyBoxSelector.fromValue(getKeyBoxIdentifier()));
+ } else {
+ if (dbOA.isIsNew()) dbOA.setKeyBoxIdentifier(MOAKeyBoxSelector.SECURE_SIGNATURE_KEYPAIR);
+ }
+
+ Mandates mandates = new Mandates();
+ if (isUseMandates()) {
+
+ String[] profileList = getMandateProfiles().split(",");
+
+ List<String> dbProfiles = mandates.getProfileName();
+ if (dbProfiles == null) {
+ dbProfiles = new ArrayList<String>();
+ mandates.setProfileName(dbProfiles);
+
+ }
+
+ for (String el: profileList)
+ dbProfiles.add(el.trim());
+
+ mandates.setProfiles(null);
+
+ } else {
+ mandates.setProfiles(null);
+ mandates.getProfileName().clear();
+ }
+ authoa.setMandates(mandates);
+
+ // set default transformation if it is empty
+ List<TransformsInfoType> transformsInfo = authoa.getTransformsInfo();
+ if (transformsInfo == null) {
+ // TODO: set OA specific transformation if it is required
+
+ }
+
+ return null;
+ }
+
+ /* (non-Javadoc)
+ * @see at.gv.egovernment.moa.id.configuration.data.oa.IOnlineApplicationData#validate(at.gv.egovernment.moa.id.configuration.data.oa.OAGeneralConfig, at.gv.egovernment.moa.id.configuration.auth.AuthenticatedUser, javax.servlet.http.HttpServletRequest)
+ */
+ @Override
+ public List<String> validate(OAGeneralConfig general,
+ AuthenticatedUser authUser, HttpServletRequest request) {
+ return new OAAuthenticationDataValidation().validate(this, authUser.isAdmin(), request);
+ }
+
+
+ /**
+ * @return the bkuOnlineURL
+ */
+ public String getBkuOnlineURL() {
+ return bkuOnlineURL;
+ }
+
+
+ /**
+ * @param bkuOnlineURL the bkuOnlineURL to set
+ */
+ public void setBkuOnlineURL(String bkuOnlineURL) {
+ this.bkuOnlineURL = bkuOnlineURL;
+ }
+
+
+ /**
+ * @return the bkuHandyURL
+ */
+ public String getBkuHandyURL() {
+ return bkuHandyURL;
+ }
+
+
+ /**
+ * @param bkuHandyURL the bkuHandyURL to set
+ */
+ public void setBkuHandyURL(String bkuHandyURL) {
+ this.bkuHandyURL = bkuHandyURL;
+ }
+
+
+ /**
+ * @return the bkuLocalURL
+ */
+ public String getBkuLocalURL() {
+ return bkuLocalURL;
+ }
+
+
+ /**
+ * @param bkuLocalURL the bkuLocalURL to set
+ */
+ public void setBkuLocalURL(String bkuLocalURL) {
+ this.bkuLocalURL = bkuLocalURL;
+ }
+
+
+ /**
+ * @return the mandateProfiles
+ */
+ public String getMandateProfiles() {
+ return mandateProfiles;
+ }
+
+
+ /**
+ * @param mandateProfiles the mandateProfiles to set
+ */
+ public void setMandateProfiles(String mandateProfiles) {
+ this.mandateProfiles = mandateProfiles;
+ }
+
+
+ /**
+ * @return the useMandates
+ */
+ public boolean isUseMandates() {
+ return useMandates;
+ }
+
+
+ /**
+ * @param useMandates the useMandates to set
+ */
+ public void setUseMandates(boolean useMandates) {
+ this.useMandates = useMandates;
+ }
+
+
+ /**
+ * @return the calculateHPI
+ */
+ public boolean isCalculateHPI() {
+ return calculateHPI;
+ }
+
+
+ /**
+ * @param calculateHPI the calculateHPI to set
+ */
+ public void setCalculateHPI(boolean calculateHPI) {
+ this.calculateHPI = calculateHPI;
+ }
+
+
+ /**
+ * @return the keyBoxIdentifier
+ */
+ public String getKeyBoxIdentifier() {
+ return keyBoxIdentifier;
+ }
+
+
+ /**
+ * @param keyBoxIdentifier the keyBoxIdentifier to set
+ */
+ public void setKeyBoxIdentifier(String keyBoxIdentifier) {
+ this.keyBoxIdentifier = keyBoxIdentifier;
+ }
+
+
+ /**
+ * @return the keyBoxIdentifierList
+ */
+ public Map<String, String> getKeyBoxIdentifierList() {
+ return keyBoxIdentifierList;
+ }
+
+
+ /**
+ * @return the legacy
+ */
+ public boolean isLegacy() {
+ return legacy;
+ }
+
+
+ /**
+ * @param legacy the legacy to set
+ */
+ public void setLegacy(boolean legacy) {
+ this.legacy = legacy;
+ }
+
+
+ /**
+ * @return the transformations
+ */
+ public Map<String, byte[]> getTransformations() {
+ return transformations;
+ }
+
+
+ /**
+ * @param transformations the transformations to set
+ */
+ public void setTransformations(Map<String, byte[]> transformations) {
+ this.transformations = transformations;
+ }
+
+
+ /**
+ * @return the sLTemplates
+ */
+ public List<String> getSLTemplates() {
+ return SLTemplates;
+ }
+
+ /**
+ * @return the sLTemplateURL1
+ */
+ public String getSLTemplateURL1() {
+ if (SLTemplates != null && SLTemplates.size() > 0)
+ return SLTemplates.get(0);
+ else
+ return null;
+ }
+
+
+ /**
+ * @param sLTemplateURL1 the sLTemplateURL1 to set
+ */
+ public void setSLTemplateURL1(String sLTemplateURL1) {
+ if (SLTemplates == null)
+ SLTemplates = new ArrayList<String>();
+ SLTemplates.add(sLTemplateURL1);
+ }
+
+
+ /**
+ * @return the sLTemplateURL2
+ */
+ public String getSLTemplateURL2() {
+ if (SLTemplates != null && SLTemplates.size() > 1)
+ return SLTemplates.get(1);
+ else
+ return null;
+ }
+
+
+ /**
+ * @param sLTemplateURL2 the sLTemplateURL2 to set
+ */
+ public void setSLTemplateURL2(String sLTemplateURL2) {
+ if (SLTemplates == null)
+ SLTemplates = new ArrayList<String>();
+ SLTemplates.add(sLTemplateURL2);
+ }
+
+
+ /**
+ * @return the sLTemplateURL3
+ */
+ public String getSLTemplateURL3() {
+ if (SLTemplates != null && SLTemplates.size() > 2)
+ return SLTemplates.get(2);
+ else
+ return null;
+ }
+
+
+ /**
+ * @param sLTemplateURL3 the sLTemplateURL3 to set
+ */
+ public void setSLTemplateURL3(String sLTemplateURL3) {
+ if (SLTemplates == null)
+ SLTemplates = new ArrayList<String>();
+ SLTemplates.add(sLTemplateURL3);
+ }
+
+}
diff --git a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/data/oa/OAGeneralConfig.java b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/data/oa/OAGeneralConfig.java
index d43c97aed..05e163c23 100644
--- a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/data/oa/OAGeneralConfig.java
+++ b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/data/oa/OAGeneralConfig.java
@@ -22,273 +22,125 @@
*******************************************************************************/
package at.gv.egovernment.moa.id.configuration.data.oa;
-import java.io.File;
import java.util.ArrayList;
-import java.util.Arrays;
-import java.util.HashMap;
import java.util.List;
-import java.util.Map;
-import at.gv.egovernment.moa.id.commons.db.ConfigurationDBRead;
+import javax.servlet.http.HttpServletRequest;
+
+import org.apache.log4j.Logger;
+
import at.gv.egovernment.moa.id.commons.db.dao.config.AuthComponentOA;
-import at.gv.egovernment.moa.id.commons.db.dao.config.BKUURLS;
-import at.gv.egovernment.moa.id.commons.db.dao.config.DefaultBKUs;
-import at.gv.egovernment.moa.id.commons.db.dao.config.IdentificationNumber;
-import at.gv.egovernment.moa.id.commons.db.dao.config.MOAIDConfiguration;
-import at.gv.egovernment.moa.id.commons.db.dao.config.MOAKeyBoxSelector;
-import at.gv.egovernment.moa.id.commons.db.dao.config.Mandates;
-import at.gv.egovernment.moa.id.commons.db.dao.config.MandatesProfileNameItem;
import at.gv.egovernment.moa.id.commons.db.dao.config.OnlineApplication;
-import at.gv.egovernment.moa.id.commons.db.dao.config.TemplateType;
-import at.gv.egovernment.moa.id.commons.db.dao.config.TemplatesType;
-import at.gv.egovernment.moa.id.commons.db.dao.config.TransformsInfoType;
+import at.gv.egovernment.moa.id.commons.validation.ValidationHelper;
import at.gv.egovernment.moa.id.configuration.Constants;
-import at.gv.egovernment.moa.id.configuration.validation.TargetValidator;
+import at.gv.egovernment.moa.id.configuration.auth.AuthenticatedUser;
+import at.gv.egovernment.moa.id.configuration.helper.LanguageHelper;
import at.gv.egovernment.moa.util.MiscUtil;
-public class OAGeneralConfig {
-
+public class OAGeneralConfig implements IOnlineApplicationData{
+ private static final Logger log = Logger.getLogger(OAGeneralConfig.class);
+
+ private boolean isActive = false;
+
private String dbID = null;
- private String bkuOnlineURL = null;
- private String bkuHandyURL = null;
- private String bkuLocalURL = null;
-
private String identifier = null;
private String friendlyName = null;
+ private boolean businessService = false;
- private boolean businessService = false;
-
- private String target = null;
- private String target_subsector = null;
- private String target_admin = null;
- private static List<String> targetList = null;
- private String targetFriendlyName = null;
- private boolean isAdminTarget = false;
-
- private String identificationNumber = null;
- private String identificationType = null;
- private static List<String> identificationTypeList = null;
-
- private String aditionalAuthBlockText = null;
-
- private String mandateProfiles = null;
- private boolean useMandates = false;
-
- private boolean isActive = false;
- private boolean calculateHPI = false;
-
- private String keyBoxIdentifier = null;
- private static Map<String, String> keyBoxIdentifierList;
-
- private boolean legacy = false;
- List<String> SLTemplates = null;
-
- private boolean isHideBPKAuthBlock = false;
-
- private Map<String, byte[]> transformations;
-
- private List<File> bkuSelectionFileUpload = null;
- private List<String> bkuSelectionFileUploadContentType = null;
- private List<String> bkuSelectionFileUploadFileName = new ArrayList<String>();
-
- private List<File> sendAssertionFileUpload = null;
- private List<String> sendAssertionFileUploadContentType = null;
- private List<String> sendAssertionFileUploadFileName = new ArrayList<String>();;
-
- private boolean deleteBKUTemplate = false;
- private boolean deleteSendAssertionTemplate = false;
-
- public OAGeneralConfig() {
- keyBoxIdentifierList = new HashMap<String, String>();
- MOAKeyBoxSelector[] values = MOAKeyBoxSelector.values();
- for (int i=0; i<values.length; i++) {
- keyBoxIdentifierList.put(values[i].value(), values[i].value());
- }
-
- keyBoxIdentifier = MOAKeyBoxSelector.SECURE_SIGNATURE_KEYPAIR.value();
-
- bkuLocalURL = Constants.DEFAULT_LOCALBKU_URL;
- bkuHandyURL = Constants.DEFAULT_HANDYBKU_URL;
-
- targetList = TargetValidator.getListOfTargets();
- target = "";
-
- identificationTypeList = Arrays.asList(
- Constants.IDENIFICATIONTYPE_FN,
- Constants.IDENIFICATIONTYPE_ZVR,
- Constants.IDENIFICATIONTYPE_ERSB,
- Constants.IDENIFICATIONTYPE_STORK);
+ /* (non-Javadoc)
+ * @see at.gv.egovernment.moa.id.configuration.data.oa.IOnlineApplicationData#getName()
+ */
+ @Override
+ public String getName() {
+ return "OAGeneralInformation";
}
-
- public void parse(OnlineApplication dbOAConfig) {
-
+ /* (non-Javadoc)
+ * @see at.gv.egovernment.moa.id.configuration.data.oa.IOnlineApplicationData#parse(at.gv.egovernment.moa.id.commons.db.dao.config.OnlineApplication, javax.servlet.http.HttpServletRequest)
+ */
+ @Override
+ public List<String> parse(OnlineApplication dbOAConfig, AuthenticatedUser authUser, HttpServletRequest request) {
isActive = dbOAConfig.isIsActive();
- friendlyName = dbOAConfig.getFriendlyName();
-
- keyBoxIdentifier = dbOAConfig.getKeyBoxIdentifier().value();
-
+ friendlyName = dbOAConfig.getFriendlyName();
identifier = dbOAConfig.getPublicURLPrefix();
- String target_full = dbOAConfig.getTarget();
- if (MiscUtil.isNotEmpty(target_full)) {
- if (TargetValidator.isValidTarget(target_full)) {
- target = target_full;
-
- } else {
- String[] target_split = target_full.split("-");
-
- if (TargetValidator.isValidTarget(target_split[0])) {
- target = target_split[0];
- if (target_split.length > 1)
- target_subsector = target_split[1];
-
- } else {
- target = "";
- target_subsector = null;
- target_admin = target_full;
- isAdminTarget = true;
- }
- }
- targetFriendlyName = dbOAConfig.getTargetFriendlyName();
- }
-
if (dbOAConfig.getType().equals(Constants.MOA_CONFIG_BUSINESSSERVICE))
businessService = true;
else
businessService = false;
+
+ return null;
+ }
+
+
+ /* (non-Javadoc)
+ * @see at.gv.egovernment.moa.id.configuration.data.oa.IOnlineApplicationData#store(at.gv.egovernment.moa.id.commons.db.dao.config.OnlineApplication, at.gv.egovernment.moa.id.configuration.auth.AuthenticatedUser, javax.servlet.http.HttpServletRequest)
+ */
+ @Override
+ public String store(OnlineApplication dbOA, AuthenticatedUser authUser,
+ HttpServletRequest request) {
+ AuthComponentOA authoa = dbOA.getAuthComponentOA();
+ if (authoa == null) {
+ authoa = new AuthComponentOA();
+ dbOA.setAuthComponentOA(authoa);
+ }
+
+ if (authUser.isAdmin()) dbOA.setIsActive(isActive());
+
+ dbOA.setPublicURLPrefix(getIdentifier());
+ dbOA.setFriendlyName(getFriendlyName());
+
+ if (isBusinessService() || authUser.isOnlyBusinessService()) {
+ dbOA.setType(Constants.MOA_CONFIG_BUSINESSSERVICE);
+
+ } else {
+ dbOA.setType(null);
+ }
+
+ return null;
+
+ }
- AuthComponentOA oaauth = dbOAConfig.getAuthComponentOA();
- if (oaauth != null) {
- BKUURLS bkuurls = oaauth.getBKUURLS();
-
- String defaulthandy = "";
- String defaultlocal = "";
- String defaultonline = "";
-
- MOAIDConfiguration dbconfig = ConfigurationDBRead.getMOAIDConfiguration();
- if (dbconfig != null) {
- DefaultBKUs defaultbkus = dbconfig.getDefaultBKUs();
- if (defaultbkus != null) {
- defaulthandy = defaultbkus.getHandyBKU();
- defaultlocal = defaultbkus.getLocalBKU();
- defaultonline = defaultbkus.getOnlineBKU();
- }
- }
-
- if (bkuurls != null) {
-
- if (MiscUtil.isEmpty(bkuurls.getHandyBKU()))
- bkuHandyURL = defaulthandy;
- else
- bkuHandyURL = bkuurls.getHandyBKU();
-
- if (MiscUtil.isEmpty(bkuurls.getLocalBKU()))
- bkuLocalURL = defaultlocal;
- else
- bkuLocalURL = bkuurls.getLocalBKU();
-
- if (MiscUtil.isEmpty(bkuurls.getOnlineBKU()))
- bkuOnlineURL = defaultonline;
- else
- bkuOnlineURL = bkuurls.getOnlineBKU();
- }
-
- IdentificationNumber idnumber = oaauth.getIdentificationNumber();
- if (idnumber != null) {
- String number = idnumber.getValue();
- if (MiscUtil.isNotEmpty(number)) {
- String[] split = number.split("\\+");
-
- if (Constants.PREFIX_WPBK.startsWith(split[0]) && split.length >= 2) {
- identificationType = split[1];
- identificationNumber = split[2];
- } else if (Constants.PREFIX_STORK.startsWith(split[0]) && split.length >= 2) {
- //identificationType = split[1]; // setting at as iden category ?
- identificationType = Constants.IDENIFICATIONTYPE_STORK;
- identificationNumber = split[2]; // setting sp country as ident type -> sp ident
- }
- }
- }
-
- Mandates mandates = oaauth.getMandates();
- if (mandates != null) {
-
- mandateProfiles = null;
-
- List<MandatesProfileNameItem> profileList = mandates.getProfileNameItems();
- for (MandatesProfileNameItem el : profileList) {
- if (mandateProfiles == null)
- mandateProfiles = el.getItem();
-
- else
- mandateProfiles += "," + el.getItem();
- }
-
- //TODO: only for RC1
- if (MiscUtil.isNotEmpty(mandates.getProfiles())) {
- if (mandateProfiles == null)
- mandateProfiles = mandates.getProfiles();
-
- else
- mandateProfiles += "," + mandates.getProfiles();
-
- }
-
- if (mandateProfiles != null)
- useMandates = true;
-
- else
- useMandates = false;
-
- }
-
- TemplatesType templates = oaauth.getTemplates();
- if (templates != null) {
- aditionalAuthBlockText = templates.getAditionalAuthBlockText();
- List<TemplateType> templatetype = templates.getTemplate();
-
- if (templatetype != null) {
- if (SLTemplates == null) {
- SLTemplates = new ArrayList<String>();
- }
-
- for (TemplateType el : templatetype) {
- SLTemplates.add(el.getURL());
- }
- }
-
- TransformsInfoType bkuSelectTemplate = templates.getBKUSelectionTemplate();
- if (bkuSelectTemplate != null && MiscUtil.isNotEmpty(bkuSelectTemplate.getFilename())) {
- bkuSelectionFileUploadFileName.add(bkuSelectTemplate.getFilename());
- }
-
- TransformsInfoType sendAssertionTemplate = templates.getSendAssertionTemplate();
- if (sendAssertionTemplate != null && MiscUtil.isNotEmpty(sendAssertionTemplate.getFilename())) {
- sendAssertionFileUploadFileName.add(sendAssertionTemplate.getFilename());
- }
- }
+ /* (non-Javadoc)
+ * @see at.gv.egovernment.moa.id.configuration.data.oa.IOnlineApplicationData#validate(at.gv.egovernment.moa.id.configuration.data.oa.OAGeneralConfig, at.gv.egovernment.moa.id.configuration.auth.AuthenticatedUser, javax.servlet.http.HttpServletRequest)
+ */
+ @Override
+ public List<String> validate(OAGeneralConfig general,
+ AuthenticatedUser authUser, HttpServletRequest request) {
- if (SLTemplates != null && SLTemplates.size() > 0)
- legacy = true;
+ List<String> errors = new ArrayList<String>();
+ String check;
- List<TransformsInfoType> transforminfos = oaauth.getTransformsInfo();
- transformations = new HashMap<String, byte[]>();
- for (TransformsInfoType el : transforminfos) {
- transformations.put(el.getFilename(), el.getTransformation());
+ //check OA FriendlyName
+ check = getFriendlyName();
+ if (MiscUtil.isNotEmpty(check)) {
+ if (ValidationHelper.containsPotentialCSSCharacter(check, false)) {
+ log.warn("OAFriendlyName contains potentail XSS characters: " + check);
+ errors.add(LanguageHelper.getErrorString("validation.general.oafriendlyname.valid",
+ new Object[] {ValidationHelper.getPotentialCSSCharacter(false)}, request ));
}
-
+ } else {
+ log.info("OA friendlyName is empty");
+ errors.add(LanguageHelper.getErrorString("validation.general.oafriendlyname.empty", request));
}
- isHideBPKAuthBlock = dbOAConfig.isRemoveBPKFromAuthBlock();
+ return errors;
}
+ public boolean isBusinessService() {
+ return businessService;
+ }
+
+ public void setBusinessService(boolean businessService) {
+ this.businessService = businessService;
+ }
+
public String getIdentifier() {
return identifier;
}
@@ -305,54 +157,6 @@ public class OAGeneralConfig {
this.friendlyName = friendlyName;
}
- public String getTarget() {
- return target;
- }
-
- public void setTarget(String target) {
- this.target = target;
- }
-
- public String getTargetFriendlyName() {
- return targetFriendlyName;
- }
-
- public void setTargetFriendlyName(String targetFriendlyName) {
- this.targetFriendlyName = targetFriendlyName;
- }
-
- public String getIdentificationNumber() {
- return identificationNumber;
- }
-
- public void setIdentificationNumber(String identificationNumber) {
- this.identificationNumber = identificationNumber;
- }
-
- public String getIdentificationType() {
- return identificationType;
- }
-
- public void setIdentificationType(String identificationType) {
- this.identificationType = identificationType;
- }
-
- public String getAditionalAuthBlockText() {
- return aditionalAuthBlockText;
- }
-
- public void setAditionalAuthBlockText(String aditionalAuthBlockText) {
- this.aditionalAuthBlockText = aditionalAuthBlockText;
- }
-
- public String getMandateProfiles() {
- return mandateProfiles;
- }
-
- public void setMandateProfiles(String mandateProfiles) {
- this.mandateProfiles = mandateProfiles;
- }
-
public boolean isActive() {
return isActive;
}
@@ -361,67 +165,6 @@ public class OAGeneralConfig {
this.isActive = isActive;
}
- public boolean isBusinessService() {
- return businessService;
- }
-
- public void setBusinessService(boolean businessService) {
- this.businessService = businessService;
- }
-
- public String getBkuOnlineURL() {
- return bkuOnlineURL;
- }
-
- public void setBkuOnlineURL(String bkuOnlineURL) {
- this.bkuOnlineURL = bkuOnlineURL;
- }
-
- public String getBkuHandyURL() {
- return bkuHandyURL;
- }
-
- public void setBkuHandyURL(String bkuHandyURL) {
- this.bkuHandyURL = bkuHandyURL;
- }
-
- public String getBkuLocalURL() {
- return bkuLocalURL;
- }
-
- public void setBkuLocalURL(String bkuLocalURL) {
- this.bkuLocalURL = bkuLocalURL;
- }
-
- /**
- * @return the keyBoxIdentifier
- */
- public String getKeyBoxIdentifier() {
- return keyBoxIdentifier;
- }
-
- /**
- * @param keyBoxIdentifier the keyBoxIdentifier to set
- */
- public void setKeyBoxIdentifier(String keyBoxIdentifier) {
- this.keyBoxIdentifier = keyBoxIdentifier;
- }
-
- /**
- * @return the transformations
- */
- public Map<String, byte[]> getTransformations() {
- return transformations;
- }
-
- /**
- * @param transformations the transformations to set
- */
- public void setTransformations(Map<String, byte[]> transformations) {
- this.transformations = transformations;
- }
-
-
/**
* @return the dbID
*/
@@ -443,346 +186,4 @@ public class OAGeneralConfig {
public void setDbID(String dbID) {
this.dbID = dbID;
}
-
-
- /**
- * @return the calculateHPI
- */
- public boolean isCalculateHPI() {
- return calculateHPI;
- }
-
-
- /**
- * @param calculateHPI the calculateHPI to set
- */
- public void setCalculateHPI(boolean calculateHPI) {
- this.calculateHPI = calculateHPI;
- }
-
-
- /**
- * @return the keyBoxIdentifierList
- */
- public Map<String, String> getKeyBoxIdentifierList() {
- return keyBoxIdentifierList;
- }
-
-
- /**
- * @param keyBoxIdentifierList the keyBoxIdentifierList to set
- */
- public void setKeyBoxIdentifierList(Map<String, String> list) {
- keyBoxIdentifierList = list;
- }
-
-
- /**
- * @return the legacy
- */
- public boolean isLegacy() {
- return legacy;
- }
-
-
- /**
- * @param legacy the legacy to set
- */
- public void setLegacy(boolean legacy) {
- this.legacy = legacy;
- }
-
-
- /**
- * @return the sLTemplateURL1
- */
- public String getSLTemplateURL1() {
- if (SLTemplates != null && SLTemplates.size() > 0)
- return SLTemplates.get(0);
- else
- return null;
- }
-
-
- /**
- * @param sLTemplateURL1 the sLTemplateURL1 to set
- */
- public void setSLTemplateURL1(String sLTemplateURL1) {
- if (SLTemplates == null)
- SLTemplates = new ArrayList<String>();
- SLTemplates.add(sLTemplateURL1);
- }
-
-
- /**
- * @return the sLTemplateURL2
- */
- public String getSLTemplateURL2() {
- if (SLTemplates != null && SLTemplates.size() > 1)
- return SLTemplates.get(1);
- else
- return null;
- }
-
-
- /**
- * @param sLTemplateURL2 the sLTemplateURL2 to set
- */
- public void setSLTemplateURL2(String sLTemplateURL2) {
- if (SLTemplates == null)
- SLTemplates = new ArrayList<String>();
- SLTemplates.add(sLTemplateURL2);
- }
-
-
- /**
- * @return the sLTemplateURL3
- */
- public String getSLTemplateURL3() {
- if (SLTemplates != null && SLTemplates.size() > 2)
- return SLTemplates.get(2);
- else
- return null;
- }
-
-
- /**
- * @param sLTemplateURL3 the sLTemplateURL3 to set
- */
- public void setSLTemplateURL3(String sLTemplateURL3) {
- if (SLTemplates == null)
- SLTemplates = new ArrayList<String>();
- SLTemplates.add(sLTemplateURL3);
- }
-
-
- /**
- * @return the target_subsector
- */
- public String getTarget_subsector() {
- return target_subsector;
- }
-
-
- /**
- * @param target_subsector the target_subsector to set
- */
- public void setTarget_subsector(String target_subsector) {
- this.target_subsector = target_subsector;
- }
-
-
- /**
- * @return the target_admin
- */
- public String getTarget_admin() {
- return target_admin;
- }
-
-
- /**
- * @param target_admin the target_admin to set
- */
- public void setTarget_admin(String target_admin) {
- this.target_admin = target_admin;
- }
-
-
- /**
- * @return the targetList
- */
- public List<String> getTargetList() {
- return targetList;
- }
-
-
- /**
- * @return the identificationTypeList
- */
- public List<String> getIdentificationTypeList() {
- return identificationTypeList;
- }
-
-
- /**
- * @return the isAdminTarget
- */
- public boolean isAdminTarget() {
- return isAdminTarget;
- }
-
-
- /**
- * @param isAdminTarget the isAdminTarget to set
- */
- public void setAdminTarget(boolean isAdminTarget) {
- this.isAdminTarget = isAdminTarget;
- }
-
-
- /**
- * @return the isHideBPKAuthBlock
- */
- public boolean isHideBPKAuthBlock() {
- return isHideBPKAuthBlock;
- }
-
-
- /**
- * @param isHideBPKAuthBlock the isHideBPKAuthBlock to set
- */
- public void setHideBPKAuthBlock(boolean isHideBPKAuthBlock) {
- this.isHideBPKAuthBlock = isHideBPKAuthBlock;
- }
-
-
- /**
- * @return the useMandates
- */
- public boolean isUseMandates() {
- return useMandates;
- }
-
-
- /**
- * @param useMandates the useMandates to set
- */
- public void setUseMandates(boolean useMandates) {
- this.useMandates = useMandates;
- }
-
-
- /**
- * @return the bkuSelectionFileUpload
- */
- public List<File> getBkuSelectionFileUpload() {
- return bkuSelectionFileUpload;
- }
-
-
- /**
- * @param bkuSelectionFileUpload the bkuSelectionFileUpload to set
- */
- public void setBkuSelectionFileUpload(List<File> bkuSelectionFileUpload) {
- this.bkuSelectionFileUpload = bkuSelectionFileUpload;
- }
-
-
- /**
- * @return the bkuSelectionFileUploadContentType
- */
- public List<String> getBkuSelectionFileUploadContentType() {
- return bkuSelectionFileUploadContentType;
- }
-
-
- /**
- * @param bkuSelectionFileUploadContentType the bkuSelectionFileUploadContentType to set
- */
- public void setBkuSelectionFileUploadContentType(
- List<String> bkuSelectionFileUploadContentType) {
- this.bkuSelectionFileUploadContentType = bkuSelectionFileUploadContentType;
- }
-
-
- /**
- * @return the bkuSelectionFileUploadFileName
- */
- public List<String> getBkuSelectionFileUploadFileName() {
- return bkuSelectionFileUploadFileName;
- }
-
-
- /**
- * @param bkuSelectionFileUploadFileName the bkuSelectionFileUploadFileName to set
- */
- public void setBkuSelectionFileUploadFileName(
- List<String> bkuSelectionFileUploadFileName) {
- this.bkuSelectionFileUploadFileName = bkuSelectionFileUploadFileName;
- }
-
-
- /**
- * @return the sendAssertionFileUpload
- */
- public List<File> getSendAssertionFileUpload() {
- return sendAssertionFileUpload;
- }
-
-
- /**
- * @param sendAssertionFileUpload the sendAssertionFileUpload to set
- */
- public void setSendAssertionFileUpload(List<File> sendAssertionFileUpload) {
- this.sendAssertionFileUpload = sendAssertionFileUpload;
- }
-
-
- /**
- * @return the sendAssertionFileUploadContentType
- */
- public List<String> getSendAssertionFileUploadContentType() {
- return sendAssertionFileUploadContentType;
- }
-
-
- /**
- * @param sendAssertionFileUploadContentType the sendAssertionFileUploadContentType to set
- */
- public void setSendAssertionFileUploadContentType(
- List<String> sendAssertionFileUploadContentType) {
- this.sendAssertionFileUploadContentType = sendAssertionFileUploadContentType;
- }
-
-
- /**
- * @return the sendAssertionFileUploadFileName
- */
- public List<String> getSendAssertionFileUploadFileName() {
- return sendAssertionFileUploadFileName;
- }
-
-
- /**
- * @param sendAssertionFileUploadFileName the sendAssertionFileUploadFileName to set
- */
- public void setSendAssertionFileUploadFileName(
- List<String> sendAssertionFileUploadFileName) {
- this.sendAssertionFileUploadFileName = sendAssertionFileUploadFileName;
- }
-
-
- /**
- * @return the deleteBKUTemplate
- */
- public boolean isDeleteBKUTemplate() {
- return deleteBKUTemplate;
- }
-
-
- /**
- * @param deleteBKUTemplate the deleteBKUTemplate to set
- */
- public void setDeleteBKUTemplate(boolean deleteBKUTemplate) {
- this.deleteBKUTemplate = deleteBKUTemplate;
- }
-
-
- /**
- * @return the deleteSendAssertionTemplate
- */
- public boolean isDeleteSendAssertionTemplate() {
- return deleteSendAssertionTemplate;
- }
-
-
- /**
- * @param deleteSendAssertionTemplate the deleteSendAssertionTemplate to set
- */
- public void setDeleteSendAssertionTemplate(boolean deleteSendAssertionTemplate) {
- this.deleteSendAssertionTemplate = deleteSendAssertionTemplate;
- }
-
-
-
}
diff --git a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/data/oa/OAMOAIDPInterfederationConfig.java b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/data/oa/OAMOAIDPInterfederationConfig.java
new file mode 100644
index 000000000..5db9029bd
--- /dev/null
+++ b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/data/oa/OAMOAIDPInterfederationConfig.java
@@ -0,0 +1,186 @@
+/*
+ * Copyright 2014 Federal Chancellery Austria
+ * MOA-ID has been developed in a cooperation between BRZ, the Federal
+ * Chancellery Austria - ICT staff unit, and Graz University of Technology.
+ *
+ * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by
+ * the European Commission - subsequent versions of the EUPL (the "Licence");
+ * You may not use this work except in compliance with the Licence.
+ * You may obtain a copy of the Licence at:
+ * http://www.osor.eu/eupl/
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the Licence is distributed on an "AS IS" basis,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the Licence for the specific language governing permissions and
+ * limitations under the Licence.
+ *
+ * This product combines work with different licenses. See the "NOTICE" text
+ * file for details on the various modules and licenses.
+ * The "NOTICE" text file is part of the distribution. Any derivative works
+ * that you distribute must include a readable copy of the "NOTICE" text file.
+ */
+package at.gv.egovernment.moa.id.configuration.data.oa;
+
+import java.util.ArrayList;
+import java.util.List;
+
+import javax.servlet.http.HttpServletRequest;
+
+import org.apache.log4j.Logger;
+
+import at.gv.egovernment.moa.id.commons.db.dao.config.InterfederationIDPType;
+import at.gv.egovernment.moa.id.commons.db.dao.config.OnlineApplication;
+import at.gv.egovernment.moa.id.commons.validation.ValidationHelper;
+import at.gv.egovernment.moa.id.configuration.auth.AuthenticatedUser;
+import at.gv.egovernment.moa.id.configuration.helper.LanguageHelper;
+import at.gv.egovernment.moa.util.MiscUtil;
+
+/**
+ * @author tlenz
+ *
+ */
+public class OAMOAIDPInterfederationConfig implements IOnlineApplicationData {
+
+ private static final Logger log = Logger.getLogger(OAMOAIDPInterfederationConfig.class);
+
+ private String queryURL;
+ private boolean inboundSSO = true;
+ private boolean outboundSSO = true;
+ private boolean storeSSOSession = true;
+
+ /* (non-Javadoc)
+ * @see at.gv.egovernment.moa.id.configuration.data.oa.IOnlineApplicationData#getName()
+ */
+ @Override
+ public String getName() {
+ return "MOAIDPInterfederation";
+ }
+
+ /* (non-Javadoc)
+ * @see at.gv.egovernment.moa.id.configuration.data.oa.IOnlineApplicationData#parse(at.gv.egovernment.moa.id.commons.db.dao.config.OnlineApplication, at.gv.egovernment.moa.id.configuration.auth.AuthenticatedUser, javax.servlet.http.HttpServletRequest)
+ */
+ @Override
+ public List<String> parse(OnlineApplication dbOA,
+ AuthenticatedUser authUser, HttpServletRequest request) {
+
+ InterfederationIDPType moaIDP = dbOA.getInterfederationIDP();
+ if (moaIDP != null) {
+ this.queryURL = moaIDP.getAttributeQueryURL();
+ this.inboundSSO = moaIDP.isInboundSSO();
+ this.outboundSSO = moaIDP.isOutboundSSO();
+ this.storeSSOSession = moaIDP.isStoreSSOSession();
+ }
+
+ return null;
+ }
+
+ /* (non-Javadoc)
+ * @see at.gv.egovernment.moa.id.configuration.data.oa.IOnlineApplicationData#store(at.gv.egovernment.moa.id.commons.db.dao.config.OnlineApplication, at.gv.egovernment.moa.id.configuration.auth.AuthenticatedUser, javax.servlet.http.HttpServletRequest)
+ */
+ @Override
+ public String store(OnlineApplication dbOA, AuthenticatedUser authUser,
+ HttpServletRequest request) {
+
+ if (authUser.isAdmin()) {
+ dbOA.setIsInterfederationIDP(true);
+
+ InterfederationIDPType moaIDP = dbOA.getInterfederationIDP();
+ if (moaIDP == null) {
+ moaIDP = new InterfederationIDPType();
+ dbOA.setInterfederationIDP(moaIDP);
+ }
+
+ moaIDP.setAttributeQueryURL(queryURL);
+ moaIDP.setInboundSSO(inboundSSO);
+ moaIDP.setOutboundSSO(outboundSSO);
+ moaIDP.setStoreSSOSession(storeSSOSession);
+ }
+
+ return null;
+ }
+
+ /* (non-Javadoc)
+ * @see at.gv.egovernment.moa.id.configuration.data.oa.IOnlineApplicationData#validate(at.gv.egovernment.moa.id.configuration.data.oa.OAGeneralConfig, at.gv.egovernment.moa.id.configuration.auth.AuthenticatedUser, javax.servlet.http.HttpServletRequest)
+ */
+ @Override
+ public List<String> validate(OAGeneralConfig general,
+ AuthenticatedUser authUser, HttpServletRequest request) {
+
+ List<String> errors = new ArrayList<String>();
+
+ if (MiscUtil.isNotEmpty(queryURL)) {
+ if (!ValidationHelper.validateURL(queryURL)) {
+ log.info("AttributeQuery URL is not valid");
+ errors.add(LanguageHelper.getErrorString("validation.interfederation.moaidp.queryurl.valid", request));
+
+ }
+ }
+
+ if (inboundSSO && MiscUtil.isEmpty(queryURL)) {
+ log.info("Inbound Single Sign-On requires AttributQueryURL configuration.");
+ errors.add(LanguageHelper.getErrorString("validation.interfederation.moaidp.queryurl.empty", request));
+ }
+
+ return errors;
+ }
+
+ /**
+ * @return the queryURL
+ */
+ public String getQueryURL() {
+ return queryURL;
+ }
+
+ /**
+ * @param queryURL the queryURL to set
+ */
+ public void setQueryURL(String queryURL) {
+ this.queryURL = queryURL;
+ }
+
+ /**
+ * @return the inboundSSO
+ */
+ public boolean isInboundSSO() {
+ return inboundSSO;
+ }
+
+ /**
+ * @param inboundSSO the inboundSSO to set
+ */
+ public void setInboundSSO(boolean inboundSSO) {
+ this.inboundSSO = inboundSSO;
+ }
+
+ /**
+ * @return the outboundSSO
+ */
+ public boolean isOutboundSSO() {
+ return outboundSSO;
+ }
+
+ /**
+ * @param outboundSSO the outboundSSO to set
+ */
+ public void setOutboundSSO(boolean outboundSSO) {
+ this.outboundSSO = outboundSSO;
+ }
+
+ /**
+ * @return the storeSSOSession
+ */
+ public boolean isStoreSSOSession() {
+ return storeSSOSession;
+ }
+
+ /**
+ * @param storeSSOSession the storeSSOSession to set
+ */
+ public void setStoreSSOSession(boolean storeSSOSession) {
+ this.storeSSOSession = storeSSOSession;
+ }
+
+
+
+}
diff --git a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/data/oa/OAOAuth20Config.java b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/data/oa/OAOAuth20Config.java
index 3617c192e..b95090a55 100644
--- a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/data/oa/OAOAuth20Config.java
+++ b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/data/oa/OAOAuth20Config.java
@@ -27,6 +27,7 @@ import java.util.List;
import java.util.UUID;
import javax.servlet.http.HttpServletRequest;
+import javax.servlet.http.HttpSession;
import org.apache.commons.lang.StringUtils;
import org.apache.log4j.Logger;
@@ -34,10 +35,13 @@ import org.apache.log4j.Logger;
import at.gv.egovernment.moa.id.commons.db.dao.config.AuthComponentOA;
import at.gv.egovernment.moa.id.commons.db.dao.config.OAOAUTH20;
import at.gv.egovernment.moa.id.commons.db.dao.config.OnlineApplication;
+import at.gv.egovernment.moa.id.configuration.Constants;
+import at.gv.egovernment.moa.id.configuration.auth.AuthenticatedUser;
import at.gv.egovernment.moa.id.configuration.helper.LanguageHelper;
+import at.gv.egovernment.moa.id.configuration.validation.oa.OAOAUTH20ConfigValidation;
import at.gv.egovernment.moa.id.protocols.oauth20.OAuth20Util;
-public class OAOAuth20Config {
+public class OAOAuth20Config implements IOnlineApplicationData{
private final Logger log = Logger.getLogger(OAOAuth20Config.class);
@@ -45,12 +49,24 @@ public class OAOAuth20Config {
private String clientSecret = null;
private String redirectUri = null;
- public OAOAuth20Config() {
+ public OAOAuth20Config() {
+ this.generateClientSecret();
+
}
- public List<String> parse(OnlineApplication dbOAConfig, HttpServletRequest request) {
+ /* (non-Javadoc)
+ * @see at.gv.egovernment.moa.id.configuration.data.oa.IOnlineApplicationData#getName()
+ */
+ @Override
+ public String getName() {
+ return "OAOpenIDConnect";
+ }
+
+ public List<String> parse(OnlineApplication dbOAConfig, AuthenticatedUser authUser, HttpServletRequest request) {
List<String> errors = new ArrayList<String>();
+ HttpSession session = request.getSession();
+
AuthComponentOA authdata = dbOAConfig.getAuthComponentOA();
if (authdata != null) {
// set client id to public url prefix
@@ -77,7 +93,52 @@ public class OAOAuth20Config {
}
}
- return errors;
+ session.setAttribute(Constants.SESSION_OAUTH20SECRET, this.getClientSecret());
+
+ return null;
+ }
+
+
+ /* (non-Javadoc)
+ * @see at.gv.egovernment.moa.id.configuration.data.oa.IOnlineApplicationData#validate(at.gv.egovernment.moa.id.configuration.data.oa.OAGeneralConfig, at.gv.egovernment.moa.id.configuration.auth.AuthenticatedUser, javax.servlet.http.HttpServletRequest)
+ */
+ @Override
+ public List<String> validate(OAGeneralConfig general,
+ AuthenticatedUser authUser, HttpServletRequest request) {
+ return new OAOAUTH20ConfigValidation().validate(this, request);
+
+ }
+
+ /* (non-Javadoc)
+ * @see at.gv.egovernment.moa.id.configuration.data.oa.IOnlineApplicationData#store(at.gv.egovernment.moa.id.commons.db.dao.config.OnlineApplication, at.gv.egovernment.moa.id.configuration.auth.AuthenticatedUser, javax.servlet.http.HttpServletRequest)
+ */
+ @Override
+ public String store(OnlineApplication dbOA, AuthenticatedUser authUser,
+ HttpServletRequest request) {
+ AuthComponentOA authoa = dbOA.getAuthComponentOA();
+ if (authoa == null) {
+ authoa = new AuthComponentOA();
+ dbOA.setAuthComponentOA(authoa);
+ }
+
+ log.debug("Saving OAuth 2.0 configuration:");
+ OAOAUTH20 oaOAuth20 = authoa.getOAOAUTH20();
+ if (oaOAuth20 == null) {
+ oaOAuth20 = new OAOAUTH20();
+ authoa.setOAOAUTH20(oaOAuth20);
+ }
+
+ oaOAuth20.setOAuthClientId(dbOA.getPublicURLPrefix());
+ // oaOAuth20.setOAuthClientSecret(oauth20OA.getClientSecret());
+ oaOAuth20.setOAuthRedirectUri(getRedirectUri());
+ log.debug("client id: " + getClientId());
+ log.debug("client secret: " + getClientSecret());
+ log.debug("redirect uri:" + getRedirectUri());
+
+ oaOAuth20.setOAuthClientSecret((String) request.getSession().getAttribute(Constants.SESSION_OAUTH20SECRET));
+ request.getSession().setAttribute(Constants.SESSION_OAUTH20SECRET, null);
+
+ return null;
}
public String getClientId() {
@@ -106,6 +167,5 @@ public class OAOAuth20Config {
public void generateClientSecret() {
this.clientSecret = UUID.randomUUID().toString();
- }
-
+ }
}
diff --git a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/data/oa/OAPVP2Config.java b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/data/oa/OAPVP2Config.java
index a61e1ea96..bcac63a5f 100644
--- a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/data/oa/OAPVP2Config.java
+++ b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/data/oa/OAPVP2Config.java
@@ -27,6 +27,7 @@ import java.io.FileInputStream;
import java.io.IOException;
import java.security.cert.CertificateException;
import java.util.ArrayList;
+import java.util.Date;
import java.util.List;
import javax.servlet.http.HttpServletRequest;
@@ -37,10 +38,12 @@ import iaik.x509.X509Certificate;
import at.gv.egovernment.moa.id.commons.db.dao.config.AuthComponentOA;
import at.gv.egovernment.moa.id.commons.db.dao.config.OAPVP2;
import at.gv.egovernment.moa.id.commons.db.dao.config.OnlineApplication;
+import at.gv.egovernment.moa.id.configuration.auth.AuthenticatedUser;
import at.gv.egovernment.moa.id.configuration.helper.LanguageHelper;
+import at.gv.egovernment.moa.id.configuration.validation.oa.OAPVP2ConfigValidation;
import at.gv.egovernment.moa.util.MiscUtil;
-public class OAPVP2Config {
+public class OAPVP2Config implements IOnlineApplicationData{
private final Logger log = Logger.getLogger(OAPVP2Config.class);
@@ -56,7 +59,72 @@ public class OAPVP2Config {
public OAPVP2Config() {
}
- public List<String> parse(OnlineApplication dbOAConfig, HttpServletRequest request) {
+ /* (non-Javadoc)
+ * @see at.gv.egovernment.moa.id.configuration.data.oa.IOnlineApplicationData#getName()
+ */
+ @Override
+ public String getName() {
+ return "OAPVP2";
+ }
+
+ /* (non-Javadoc)
+ * @see at.gv.egovernment.moa.id.configuration.data.oa.IOnlineApplicationData#store(at.gv.egovernment.moa.id.commons.db.dao.config.OnlineApplication, at.gv.egovernment.moa.id.configuration.auth.AuthenticatedUser)
+ */
+ @Override
+ public String store(OnlineApplication dboa, AuthenticatedUser authUser, HttpServletRequest request) {
+ AuthComponentOA authoa = dboa.getAuthComponentOA();
+ if (authoa == null) {
+ authoa = new AuthComponentOA();
+ dboa.setAuthComponentOA(authoa);
+ }
+ OAPVP2 pvp2 = authoa.getOAPVP2();
+ if (pvp2 == null) {
+ pvp2 = new OAPVP2();
+ authoa.setOAPVP2(pvp2);
+ }
+
+ try {
+
+ if (getFileUpload() != null) {
+ pvp2.setCertificate(getCertificate());
+ setReLoad(true);
+ }
+
+ } catch (CertificateException e) {
+ log.info("Uploaded Certificate can not be found", e);
+ return LanguageHelper.getErrorString("validation.pvp2.certificate.notfound", request);
+ } catch (IOException e) {
+ log.info("Uploaded Certificate can not be parsed", e);
+ return LanguageHelper.getErrorString("validation.pvp2.certificate.format", request);
+ }
+
+ if (getMetaDataURL() != null &&
+ !getMetaDataURL().equals(pvp2.getMetadataURL()))
+ setReLoad(true);
+ pvp2.setMetadataURL(getMetaDataURL());
+
+ if (isReLoad())
+ pvp2.setUpdateRequiredItem(new Date());
+
+ return null;
+
+ }
+
+
+ /* (non-Javadoc)
+ * @see at.gv.egovernment.moa.id.configuration.data.oa.IOnlineApplicationData#validate(at.gv.egovernment.moa.id.configuration.data.oa.OAGeneralConfig, at.gv.egovernment.moa.id.configuration.auth.AuthenticatedUser, javax.servlet.http.HttpServletRequest)
+ */
+ @Override
+ public List<String> validate(OAGeneralConfig general,
+ AuthenticatedUser authUser, HttpServletRequest request) {
+ return new OAPVP2ConfigValidation().validate(this, general.getIdentifier(), request);
+ }
+
+ /* (non-Javadoc)
+ * @see at.gv.egovernment.moa.id.configuration.data.oa.IOnlineApplicationData#parse(at.gv.egovernment.moa.id.commons.db.dao.config.OnlineApplication)
+ */
+ @Override
+ public List<String> parse(OnlineApplication dbOAConfig, AuthenticatedUser authUser, HttpServletRequest request) {
List<String> errors = new ArrayList<String>();
AuthComponentOA authdata = dbOAConfig.getAuthComponentOA();
@@ -158,7 +226,6 @@ public class OAPVP2Config {
this.reLoad = reLoad;
}
-
}
diff --git a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/data/oa/OASAML1Config.java b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/data/oa/OASAML1Config.java
index bb5baf53e..8d7d02048 100644
--- a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/data/oa/OASAML1Config.java
+++ b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/data/oa/OASAML1Config.java
@@ -22,11 +22,18 @@
*******************************************************************************/
package at.gv.egovernment.moa.id.configuration.data.oa;
+import java.math.BigInteger;
+import java.util.List;
+
+import javax.servlet.http.HttpServletRequest;
+
import at.gv.egovernment.moa.id.commons.db.dao.config.AuthComponentOA;
import at.gv.egovernment.moa.id.commons.db.dao.config.OASAML1;
import at.gv.egovernment.moa.id.commons.db.dao.config.OnlineApplication;
+import at.gv.egovernment.moa.id.configuration.auth.AuthenticatedUser;
+import at.gv.egovernment.moa.id.configuration.validation.oa.OASAML1ConfigValidation;
-public class OASAML1Config {
+public class OASAML1Config implements IOnlineApplicationData{
private Boolean isActive = false;
private Boolean provideStammZahl = false;
@@ -41,8 +48,20 @@ public class OASAML1Config {
public OASAML1Config() {
}
- public void parse(OnlineApplication dbOAConfig) {
- AuthComponentOA authdata = dbOAConfig.getAuthComponentOA();
+ /* (non-Javadoc)
+ * @see at.gv.egovernment.moa.id.configuration.data.oa.IOnlineApplicationData#getName()
+ */
+ @Override
+ public String getName() {
+ return "OASAML1";
+ }
+
+ /* (non-Javadoc)
+ * @see at.gv.egovernment.moa.id.configuration.data.oa.IOnlineApplicationData#parse(at.gv.egovernment.moa.id.commons.db.dao.config.OnlineApplication, javax.servlet.http.HttpServletRequest)
+ */
+ @Override
+ public List<String> parse(OnlineApplication dbOA, AuthenticatedUser authUser, HttpServletRequest request) {
+ AuthComponentOA authdata = dbOA.getAuthComponentOA();
if (authdata != null) {
OASAML1 saml1 = authdata.getOASAML1();
if (saml1 != null) {
@@ -62,8 +81,55 @@ public class OASAML1Config {
isActive = saml1.isIsActive();
}
}
+ return null;
+ }
+
+ /* (non-Javadoc)
+ * @see at.gv.egovernment.moa.id.configuration.data.oa.IOnlineApplicationData#validate(at.gv.egovernment.moa.id.configuration.data.oa.OAGeneralConfig, at.gv.egovernment.moa.id.configuration.auth.AuthenticatedUser, javax.servlet.http.HttpServletRequest)
+ */
+ @Override
+ public List<String> validate(OAGeneralConfig general,
+ AuthenticatedUser authUser, HttpServletRequest request) {
+ return new OASAML1ConfigValidation().validate(this, general, request);
}
+ /* (non-Javadoc)
+ * @see at.gv.egovernment.moa.id.configuration.data.oa.IOnlineApplicationData#store(at.gv.egovernment.moa.id.commons.db.dao.config.OnlineApplication, at.gv.egovernment.moa.id.configuration.auth.AuthenticatedUser, javax.servlet.http.HttpServletRequest)
+ */
+ @Override
+ public String store(OnlineApplication dbOA, AuthenticatedUser authUser, HttpServletRequest request) {
+ AuthComponentOA authoa = dbOA.getAuthComponentOA();
+ if (authoa == null) {
+ authoa = new AuthComponentOA();
+ dbOA.setAuthComponentOA(authoa);
+ }
+
+ OASAML1 saml1 = authoa.getOASAML1();
+ if (saml1 == null) {
+ saml1 = new OASAML1();
+ authoa.setOASAML1(saml1);
+ saml1.setIsActive(false);
+ }
+
+ if (authUser.isAdmin()) {
+ saml1.setIsActive(isActive());
+ }
+
+ if (saml1.isIsActive() != null && saml1.isIsActive()) {
+ saml1.setProvideAUTHBlock(isProvideAuthBlock());
+ saml1.setProvideCertificate(isProvideCertificate());
+ saml1.setProvideFullMandatorData(isProvideFullMandateData());
+ saml1.setProvideIdentityLink(isProvideIdentityLink());
+ saml1.setProvideStammzahl(isProvideStammZahl());
+ saml1.setUseCondition(isUseCondition());
+ saml1.setConditionLength(BigInteger.valueOf(getConditionLength()));
+ // TODO: set sourceID
+ // saml1.setSourceID("");
+ }
+
+ return null;
+ }
+
public boolean isProvideStammZahl() {
return provideStammZahl;
}
@@ -119,8 +185,5 @@ public class OASAML1Config {
*/
public void setActive(boolean isActive) {
this.isActive = isActive;
- }
-
-
-
+ }
}
diff --git a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/data/oa/OASSOConfig.java b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/data/oa/OASSOConfig.java
index 593c2291f..28144666b 100644
--- a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/data/oa/OASSOConfig.java
+++ b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/data/oa/OASSOConfig.java
@@ -22,11 +22,17 @@
*******************************************************************************/
package at.gv.egovernment.moa.id.configuration.data.oa;
+import java.util.List;
+
+import javax.servlet.http.HttpServletRequest;
+
import at.gv.egovernment.moa.id.commons.db.dao.config.AuthComponentOA;
import at.gv.egovernment.moa.id.commons.db.dao.config.OASSO;
import at.gv.egovernment.moa.id.commons.db.dao.config.OnlineApplication;
+import at.gv.egovernment.moa.id.configuration.auth.AuthenticatedUser;
+import at.gv.egovernment.moa.id.configuration.validation.oa.OASSOConfigValidation;
-public class OASSOConfig {
+public class OASSOConfig implements IOnlineApplicationData{
private boolean useSSO = false;
private boolean showAuthDataFrame = true;
@@ -36,7 +42,15 @@ public class OASSOConfig {
}
- public void parse(OnlineApplication dbOAConfig) {
+ /* (non-Javadoc)
+ * @see at.gv.egovernment.moa.id.configuration.data.oa.IOnlineApplicationData#getName()
+ */
+ @Override
+ public String getName() {
+ return "OASingleSignOn";
+ }
+
+ public List<String> parse(OnlineApplication dbOAConfig, AuthenticatedUser authUser, HttpServletRequest request) {
AuthComponentOA authdata = dbOAConfig.getAuthComponentOA();
if (authdata != null) {
OASSO ssoconfig = authdata.getOASSO();
@@ -46,6 +60,42 @@ public class OASSOConfig {
singleLogOutURL = ssoconfig.getSingleLogOutURL();
}
}
+
+ return null;
+ }
+
+
+ /* (non-Javadoc)
+ * @see at.gv.egovernment.moa.id.configuration.data.oa.IOnlineApplicationData#validate(at.gv.egovernment.moa.id.configuration.data.oa.OAGeneralConfig, javax.servlet.http.HttpServletRequest)
+ */
+ @Override
+ public List<String> validate(OAGeneralConfig general, AuthenticatedUser authUser,
+ HttpServletRequest request) {
+ return new OASSOConfigValidation().validate(this, authUser.isAdmin(), request);
+ }
+
+ public String store(OnlineApplication dboa, AuthenticatedUser authUser, HttpServletRequest request) {
+
+ AuthComponentOA authoa = dboa.getAuthComponentOA();
+ if (authoa == null) {
+ authoa = new AuthComponentOA();
+ dboa.setAuthComponentOA(authoa);
+ }
+
+ OASSO sso = authoa.getOASSO();
+ if (sso == null) {
+ sso = new OASSO();
+ authoa.setOASSO(sso);
+ sso.setAuthDataFrame(true);
+ }
+ sso.setUseSSO(this.useSSO);
+
+ if (authUser.isAdmin())
+ sso.setAuthDataFrame(this.showAuthDataFrame);
+
+ sso.setSingleLogOutURL(this.singleLogOutURL);
+
+ return null;
}
public boolean isUseSSO() {
@@ -65,7 +115,5 @@ public class OASSOConfig {
}
public void setSingleLogOutURL(String singleLogOutURL) {
this.singleLogOutURL = singleLogOutURL;
- }
-
-
+ }
}
diff --git a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/data/oa/OASTORKConfig.java b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/data/oa/OASTORKConfig.java
index b43e76d53..f5c92fec9 100644
--- a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/data/oa/OASTORKConfig.java
+++ b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/data/oa/OASTORKConfig.java
@@ -25,6 +25,8 @@ package at.gv.egovernment.moa.id.configuration.data.oa;
import java.util.ArrayList;
import java.util.List;
+import javax.servlet.http.HttpServletRequest;
+
import org.apache.log4j.Logger;
import at.gv.egovernment.moa.id.commons.db.ConfigurationDBRead;
@@ -35,10 +37,11 @@ import at.gv.egovernment.moa.id.commons.db.dao.config.OASTORK;
import at.gv.egovernment.moa.id.commons.db.dao.config.OAStorkAttribute;
import at.gv.egovernment.moa.id.commons.db.dao.config.OnlineApplication;
import at.gv.egovernment.moa.id.commons.db.dao.config.StorkAttribute;
-import at.gv.egovernment.moa.id.configuration.helper.MailHelper;
+import at.gv.egovernment.moa.id.configuration.auth.AuthenticatedUser;
+import at.gv.egovernment.moa.id.configuration.validation.oa.OASTORKConfigValidation;
import at.gv.egovernment.moa.id.protocols.stork2.AttributeProviderFactory;
-public class OASTORKConfig {
+public class OASTORKConfig implements IOnlineApplicationData{
private static final Logger log = Logger.getLogger(OASTORKConfig.class);
@@ -62,15 +65,24 @@ public class OASTORKConfig {
for(CPEPS current : ConfigurationDBRead.getMOAIDConfiguration().getAuthComponentGeneral().getForeignIdentities().getSTORK().getCPEPS()) {
citizenCountries.add(current.getCountryCode());
}
+
}
+ /* (non-Javadoc)
+ * @see at.gv.egovernment.moa.id.configuration.data.oa.IOnlineApplicationData#getName()
+ */
+ @Override
+ public String getName() {
+ return "OASTORK2";
+ }
+
/**
* Parses the OA config for stork entities.
*
* @param dbOAConfig
* the db oa config
*/
- public void parse(OnlineApplication dbOAConfig) {
+ public List<String> parse(OnlineApplication dbOAConfig, AuthenticatedUser authUser, HttpServletRequest request) {
AuthComponentOA authdata = dbOAConfig.getAuthComponentOA();
if (authdata != null) {
OASTORK config = authdata.getOASTORK();
@@ -128,8 +140,53 @@ public class OASTORKConfig {
}
}
}
+
+ return null;
}
+
+ /* (non-Javadoc)
+ * @see at.gv.egovernment.moa.id.configuration.data.oa.IOnlineApplicationData#validate(at.gv.egovernment.moa.id.configuration.data.oa.OAGeneralConfig, javax.servlet.http.HttpServletRequest)
+ */
+ @Override
+ public List<String> validate(OAGeneralConfig general, AuthenticatedUser authUser,
+ HttpServletRequest request) {
+ return new OASTORKConfigValidation().validate(this, request);
+ }
+
+ /* (non-Javadoc)
+ * @see at.gv.egovernment.moa.id.configuration.data.oa.IOnlineApplicationData#store(at.gv.egovernment.moa.id.commons.db.dao.config.OnlineApplication, at.gv.egovernment.moa.id.configuration.auth.AuthenticatedUser, javax.servlet.http.HttpServletRequest)
+ */
+ @Override
+ public String store(OnlineApplication dbOA, AuthenticatedUser authUser,
+ HttpServletRequest request) {
+ AuthComponentOA authoa = dbOA.getAuthComponentOA();
+ if (authoa == null) {
+ authoa = new AuthComponentOA();
+ dbOA.setAuthComponentOA(authoa);
+ }
+
+ // fetch stork configuration from database model
+ OASTORK stork = authoa.getOASTORK();
+ if (stork == null) {
+ // if there is none, create a new one with default values.
+ stork = new OASTORK();
+ authoa.setOASTORK(stork);
+ stork.setStorkLogonEnabled(false);
+ }
+ // transfer the incoming data to the database model
+ stork.setStorkLogonEnabled(isStorkLogonEnabled());
+ stork.setQaa(getQaa());
+ stork.setOAAttributes(getAttributes());
+ stork.setVidpEnabled(isVidpEnabled());
+ stork.setRequireConsent(isRequireConsent());
+ stork.setAttributeProviders(getAttributeProviderPlugins());
+ stork.setCPEPS(getEnabledCPEPS());
+
+ return null;
+
+ }
+
public boolean isStorkLogonEnabled() {
return isStorkLogonEnabled;
}
@@ -189,12 +246,17 @@ public class OASTORKConfig {
}
public List<CPEPS> getEnabledCPEPS() {
- List<CPEPS> result = new ArrayList<CPEPS>();
- for(CPEPS current : ConfigurationDBRead.getMOAIDConfiguration().getAuthComponentGeneral().getForeignIdentities().getSTORK().getCPEPS()) {
- if(enabledCitizenCountries.contains(current.getCountryCode()))
- result.add(current);
+ if (enabledCitizenCountries != null) {
+ List<CPEPS> result = new ArrayList<CPEPS>();
+ for(CPEPS current : ConfigurationDBRead.getMOAIDConfiguration().getAuthComponentGeneral().getForeignIdentities().getSTORK().getCPEPS()) {
+ if(enabledCitizenCountries.contains(current.getCountryCode()))
+ result.add(current);
+ }
+ return result;
}
- return result;
+
+ return null;
+
}
public List<String> getAvailableAttributeProviderPlugins() {
diff --git a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/data/oa/OATargetConfiguration.java b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/data/oa/OATargetConfiguration.java
new file mode 100644
index 000000000..4036bc25f
--- /dev/null
+++ b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/data/oa/OATargetConfiguration.java
@@ -0,0 +1,368 @@
+/*
+ * Copyright 2014 Federal Chancellery Austria
+ * MOA-ID has been developed in a cooperation between BRZ, the Federal
+ * Chancellery Austria - ICT staff unit, and Graz University of Technology.
+ *
+ * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by
+ * the European Commission - subsequent versions of the EUPL (the "Licence");
+ * You may not use this work except in compliance with the Licence.
+ * You may obtain a copy of the Licence at:
+ * http://www.osor.eu/eupl/
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the Licence is distributed on an "AS IS" basis,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the Licence for the specific language governing permissions and
+ * limitations under the Licence.
+ *
+ * This product combines work with different licenses. See the "NOTICE" text
+ * file for details on the various modules and licenses.
+ * The "NOTICE" text file is part of the distribution. Any derivative works
+ * that you distribute must include a readable copy of the "NOTICE" text file.
+ */
+package at.gv.egovernment.moa.id.configuration.data.oa;
+
+import java.util.Arrays;
+import java.util.List;
+
+import javax.servlet.http.HttpServletRequest;
+
+import at.gv.egovernment.moa.id.commons.db.dao.config.AuthComponentOA;
+import at.gv.egovernment.moa.id.commons.db.dao.config.IdentificationNumber;
+import at.gv.egovernment.moa.id.commons.db.dao.config.OnlineApplication;
+import at.gv.egovernment.moa.id.commons.validation.TargetValidator;
+import at.gv.egovernment.moa.id.configuration.Constants;
+import at.gv.egovernment.moa.id.configuration.auth.AuthenticatedUser;
+import at.gv.egovernment.moa.id.configuration.validation.oa.OATargetConfigValidation;
+import at.gv.egovernment.moa.util.MiscUtil;
+
+/**
+ * @author tlenz
+ *
+ */
+public class OATargetConfiguration implements IOnlineApplicationData {
+
+ private boolean deaktivededBusinessService = false;
+
+ private boolean subTargetSet = false;
+
+ private String target = null;
+ private String target_subsector = null;
+ private String target_admin = null;
+ private static List<String> targetList = null;
+ private String targetFriendlyName = null;
+ private boolean isAdminTarget = false;
+
+ private String identificationNumber = null;
+ private String identificationType = null;
+ private static List<String> identificationTypeList = null;
+
+ public OATargetConfiguration() {
+ targetList = TargetValidator.getListOfTargets();
+ target = "";
+
+ identificationTypeList = Arrays.asList(
+ Constants.IDENIFICATIONTYPE_FN,
+ Constants.IDENIFICATIONTYPE_ZVR,
+ Constants.IDENIFICATIONTYPE_ERSB,
+ Constants.IDENIFICATIONTYPE_STORK);
+ }
+
+
+ /* (non-Javadoc)
+ * @see at.gv.egovernment.moa.id.configuration.data.oa.IOnlineApplicationData#getName()
+ */
+ @Override
+ public String getName() {
+ return "OATargetConfig";
+ }
+
+ /* (non-Javadoc)
+ * @see at.gv.egovernment.moa.id.configuration.data.oa.IOnlineApplicationData#parse(at.gv.egovernment.moa.id.commons.db.dao.config.OnlineApplication, at.gv.egovernment.moa.id.configuration.auth.AuthenticatedUser, javax.servlet.http.HttpServletRequest)
+ */
+ @Override
+ public List<String> parse(OnlineApplication dbOA,
+ AuthenticatedUser authUser, HttpServletRequest request) {
+ subTargetSet = MiscUtil.isNotEmpty(getTarget_subsector());
+
+ String target_full = dbOA.getTarget();
+ if (MiscUtil.isNotEmpty(target_full)) {
+ if (TargetValidator.isValidTarget(target_full)) {
+ target = target_full;
+
+ } else {
+ String[] target_split = target_full.split("-");
+
+ if (TargetValidator.isValidTarget(target_split[0])) {
+ target = target_split[0];
+ if (target_split.length > 1)
+ target_subsector = target_split[1];
+
+ } else {
+ target = "";
+ target_subsector = null;
+ target_admin = target_full;
+ isAdminTarget = true;
+ }
+ }
+ targetFriendlyName = dbOA.getTargetFriendlyName();
+ }
+
+ AuthComponentOA oaauth = dbOA.getAuthComponentOA();
+ if (oaauth != null) {
+
+ IdentificationNumber idnumber = oaauth.getIdentificationNumber();
+ if (idnumber != null) {
+ String number = idnumber.getValue();
+ if (MiscUtil.isNotEmpty(number)) {
+ String[] split = number.split("\\+");
+
+ if (Constants.PREFIX_WPBK.startsWith(split[0]) && split.length >= 2) {
+ identificationType = split[1];
+ identificationNumber = split[2];
+ } else if (Constants.PREFIX_STORK.startsWith(split[0]) && split.length >= 2) {
+ //identificationType = split[1]; // setting at as iden category ?
+ identificationType = Constants.IDENIFICATIONTYPE_STORK;
+ identificationNumber = split[2]; // setting sp country as ident type -> sp ident
+ }
+ }
+
+ if (authUser.isOnlyBusinessService()) {
+ deaktivededBusinessService = authUser.isOnlyBusinessService();
+
+ identificationType = authUser.getBusinessServiceType();
+ identificationNumber = authUser.getBusinessServiceNumber();
+
+ }
+
+ }
+ }
+
+ return null;
+ }
+
+ /* (non-Javadoc)
+ * @see at.gv.egovernment.moa.id.configuration.data.oa.IOnlineApplicationData#store(at.gv.egovernment.moa.id.commons.db.dao.config.OnlineApplication, at.gv.egovernment.moa.id.configuration.auth.AuthenticatedUser, javax.servlet.http.HttpServletRequest)
+ */
+ @Override
+ public String store(OnlineApplication dbOA, AuthenticatedUser authUser,
+ HttpServletRequest request) {
+
+ AuthComponentOA authoa = dbOA.getAuthComponentOA();
+ if (authoa == null) {
+ authoa = new AuthComponentOA();
+ dbOA.setAuthComponentOA(authoa);
+ }
+
+ if (isBusinessService(dbOA) || authUser.isOnlyBusinessService()) {
+
+ dbOA.setType(Constants.MOA_CONFIG_BUSINESSSERVICE);
+
+ String num = null;
+ if (authUser.isOnlyBusinessService()) {
+ deaktivededBusinessService = authUser.isOnlyBusinessService();
+ num = authUser.getBusinessServiceType() + authUser.getBusinessServiceNumber();
+
+ } else {
+
+ num = getIdentificationNumber().replaceAll(" ", "");
+ if (num.startsWith(Constants.IDENIFICATIONTYPE_FN)) {
+ num = num.substring(Constants.IDENIFICATIONTYPE_FN.length());
+
+ num = at.gv.egovernment.moa.util.StringUtils.deleteLeadingZeros(num);
+
+ // num = StringUtils.leftPad(num, 7, '0');
+ }
+
+ if (num.startsWith(Constants.IDENIFICATIONTYPE_ZVR))
+ num = num.substring(Constants.IDENIFICATIONTYPE_ZVR.length());
+
+ if (num.startsWith(Constants.IDENIFICATIONTYPE_ERSB))
+ num = num.substring(Constants.IDENIFICATIONTYPE_ERSB.length());
+ }
+
+ IdentificationNumber idnumber = new IdentificationNumber();
+
+ if (getIdentificationType().equals(Constants.IDENIFICATIONTYPE_STORK)) {
+ idnumber.setValue(Constants.PREFIX_STORK + "AT" + "+" + num);
+ idnumber.setType(Constants.BUSINESSSERVICENAMES.get(getIdentificationType()));
+ } else {
+ idnumber.setValue(Constants.PREFIX_WPBK + getIdentificationType() + "+" + num);
+ idnumber.setType(Constants.BUSINESSSERVICENAMES.get(getIdentificationType()));
+ }
+
+ authoa.setIdentificationNumber(idnumber);
+
+ } else {
+ dbOA.setType(null);
+
+ if (authUser.isAdmin()) {
+ if (MiscUtil.isNotEmpty(getTarget_admin()) && isAdminTarget()) {
+ dbOA.setTarget(getTarget_admin());
+ dbOA.setTargetFriendlyName(getTargetFriendlyName());
+
+ } else {
+
+ String target = getTarget();
+
+ if (MiscUtil.isNotEmpty(getTarget_subsector()) && subTargetSet)
+ dbOA.setTarget(target + "-" + getTarget_subsector());
+ else
+ dbOA.setTarget(target);
+
+ String targetname = TargetValidator.getTargetFriendlyName(target);
+ if (MiscUtil.isNotEmpty(targetname)) dbOA.setTargetFriendlyName(targetname);
+
+ }
+
+ } else {
+
+ if (MiscUtil.isNotEmpty(getTarget())) {
+
+ String target = getTarget();
+
+ if (MiscUtil.isNotEmpty(getTarget_subsector()) && subTargetSet)
+ dbOA.setTarget(target + "-" + getTarget_subsector());
+
+ else
+ dbOA.setTarget(target);
+
+ String targetname = TargetValidator.getTargetFriendlyName(target);
+ if (MiscUtil.isNotEmpty(targetname)) dbOA.setTargetFriendlyName(targetname);
+
+ }
+ }
+ }
+ return null;
+ }
+
+ /**
+ * @return
+ */
+ private boolean isBusinessService(OnlineApplication dbOA) {
+ if (dbOA.getType().equals(Constants.MOA_CONFIG_BUSINESSSERVICE))
+ return true;
+ else
+ return false;
+ }
+
+
+ /* (non-Javadoc)
+ * @see at.gv.egovernment.moa.id.configuration.data.oa.IOnlineApplicationData#validate(at.gv.egovernment.moa.id.configuration.data.oa.OAGeneralConfig, at.gv.egovernment.moa.id.configuration.auth.AuthenticatedUser, javax.servlet.http.HttpServletRequest)
+ */
+ @Override
+ public List<String> validate(OAGeneralConfig general,
+ AuthenticatedUser authUser, HttpServletRequest request) {
+ return new OATargetConfigValidation().validate(this, authUser.isAdmin(), general, request);
+ }
+
+ public String getTarget() {
+ return target;
+ }
+
+ public void setTarget(String target) {
+ this.target = target;
+ }
+
+ public String getTargetFriendlyName() {
+ return targetFriendlyName;
+ }
+
+ public void setTargetFriendlyName(String targetFriendlyName) {
+ this.targetFriendlyName = targetFriendlyName;
+ }
+
+ public String getIdentificationNumber() {
+ return identificationNumber;
+ }
+
+ public void setIdentificationNumber(String identificationNumber) {
+ this.identificationNumber = identificationNumber;
+ }
+
+ public String getIdentificationType() {
+ return identificationType;
+ }
+
+ public void setIdentificationType(String identificationType) {
+ this.identificationType = identificationType;
+ }
+
+ /**
+ * @return the target_subsector
+ */
+ public String getTarget_subsector() {
+ return target_subsector;
+ }
+
+
+ /**
+ * @param target_subsector the target_subsector to set
+ */
+ public void setTarget_subsector(String target_subsector) {
+ this.target_subsector = target_subsector;
+ }
+
+
+ /**
+ * @return the target_admin
+ */
+ public String getTarget_admin() {
+ return target_admin;
+ }
+
+
+ /**
+ * @param target_admin the target_admin to set
+ */
+ public void setTarget_admin(String target_admin) {
+ this.target_admin = target_admin;
+ }
+
+
+ /**
+ * @return the targetList
+ */
+ public List<String> getTargetList() {
+ return targetList;
+ }
+
+
+ /**
+ * @return the identificationTypeList
+ */
+ public List<String> getIdentificationTypeList() {
+ return identificationTypeList;
+ }
+
+
+ /**
+ * @return the isAdminTarget
+ */
+ public boolean isAdminTarget() {
+ return isAdminTarget;
+ }
+
+
+ /**
+ * @param isAdminTarget the isAdminTarget to set
+ */
+ public void setAdminTarget(boolean isAdminTarget) {
+ this.isAdminTarget = isAdminTarget;
+ }
+
+ /**
+ * @return the deaktivededBusinessService
+ */
+ public boolean isDeaktivededBusinessService() {
+ return deaktivededBusinessService;
+ }
+
+
+ /**
+ * @param deaktivededBusinessService the deaktivededBusinessService to set
+ */
+ public void setDeaktivededBusinessService(boolean deaktivededBusinessService) {
+ this.deaktivededBusinessService = deaktivededBusinessService;
+ }
+}
diff --git a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/exception/BasicOAActionException.java b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/exception/BasicOAActionException.java
new file mode 100644
index 000000000..0bca3be0d
--- /dev/null
+++ b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/exception/BasicOAActionException.java
@@ -0,0 +1,61 @@
+/*
+ * Copyright 2014 Federal Chancellery Austria
+ * MOA-ID has been developed in a cooperation between BRZ, the Federal
+ * Chancellery Austria - ICT staff unit, and Graz University of Technology.
+ *
+ * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by
+ * the European Commission - subsequent versions of the EUPL (the "Licence");
+ * You may not use this work except in compliance with the Licence.
+ * You may obtain a copy of the Licence at:
+ * http://www.osor.eu/eupl/
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the Licence is distributed on an "AS IS" basis,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the Licence for the specific language governing permissions and
+ * limitations under the Licence.
+ *
+ * This product combines work with different licenses. See the "NOTICE" text
+ * file for details on the various modules and licenses.
+ * The "NOTICE" text file is part of the distribution. Any derivative works
+ * that you distribute must include a readable copy of the "NOTICE" text file.
+ */
+package at.gv.egovernment.moa.id.configuration.exception;
+
+/**
+ * @author tlenz
+ *
+ */
+public class BasicOAActionException extends Exception {
+
+ private String strutsError;
+ private String strutsReturnValue;
+
+ private static final long serialVersionUID = -7989218660771842780L;
+
+ /**
+ *
+ */
+ public BasicOAActionException(String strutsError, String strutsReturnValue) {
+ this.strutsError = strutsError;
+ this.strutsReturnValue = strutsReturnValue;
+ }
+
+ /**
+ * @return the strutsError
+ */
+ public String getStrutsError() {
+ return strutsError;
+ }
+
+ /**
+ * @return the strutsReturnValue
+ */
+ public String getStrutsReturnValue() {
+ return strutsReturnValue;
+ }
+
+
+
+
+}
diff --git a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/filter/AuthenticationFilter.java b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/filter/AuthenticationFilter.java
index 0d52234bc..190773bf0 100644
--- a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/filter/AuthenticationFilter.java
+++ b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/filter/AuthenticationFilter.java
@@ -150,7 +150,7 @@ public class AuthenticationFilter implements Filter{
if (authuser == null) {
- authuser = new AuthenticatedUser(0, "Max", "TestUser", null, "maxtestuser", true, true, false, false);
+ authuser = AuthenticatedUser.generateDefaultUser();
//authuser = new AuthenticatedUser(1, "Max", "TestUser", true, false);
httpServletRequest.getSession().setAttribute(Constants.SESSION_AUTH, authuser);
}
diff --git a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/helper/FormDataHelper.java b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/helper/FormDataHelper.java
index d3a9ffcd4..24ee653f3 100644
--- a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/helper/FormDataHelper.java
+++ b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/helper/FormDataHelper.java
@@ -29,26 +29,53 @@ import at.gv.egovernment.moa.id.commons.db.dao.config.OnlineApplication;
import at.gv.egovernment.moa.id.commons.db.dao.config.UserDatabase;
import at.gv.egovernment.moa.id.configuration.auth.AuthenticatedUser;
import at.gv.egovernment.moa.id.configuration.data.OAListElement;
+import at.gv.egovernment.moa.id.configuration.data.OAListElement.ServiceType;
public class FormDataHelper {
- public static ArrayList<OAListElement> addFormOAs(List<OnlineApplication> dbOAs) {
+ public static ArrayList<OAListElement> populateFormWithInderfederationIDPs(List<OnlineApplication> dbOAs) {
ArrayList<OAListElement> formOAs = new ArrayList<OAListElement>();
for (OnlineApplication dboa : dbOAs) {
- OAListElement listoa = new OAListElement();
- listoa.setActive(dboa.isIsActive());
- listoa.setDataBaseID(dboa.getHjid());
- listoa.setOaFriendlyName(dboa.getFriendlyName());
- listoa.setOaIdentifier(dboa.getPublicURLPrefix());
- listoa.setOaType(dboa.getType());
- formOAs.add(listoa);
- }
+
+ if (dboa.isIsInterfederationIDP()!= null && dboa.isIsInterfederationIDP())
+ formOAs.add(addOAFormListElement(dboa, ServiceType.IDP));
+
+ else if (dboa.getAuthComponentOA().getOASTORK() != null
+ && dboa.getAuthComponentOA().getOASTORK().isVidpEnabled() != null
+ && dboa.getAuthComponentOA().getOASTORK().isVidpEnabled())
+ formOAs.add(addOAFormListElement(dboa, ServiceType.VIDP));
+ }
+ return formOAs;
+ }
+
+ public static ArrayList<OAListElement> populateFormWithOAs(List<OnlineApplication> dbOAs) {
+ ArrayList<OAListElement> formOAs = new ArrayList<OAListElement>();
+
+ for (OnlineApplication dboa : dbOAs) {
+
+ if ( !((dboa.isIsInterfederationIDP() != null && dboa.isIsInterfederationIDP()) ||
+ (dboa.getAuthComponentOA().getOASTORK() != null
+ && dboa.getAuthComponentOA().getOASTORK().isVidpEnabled() != null
+ && dboa.getAuthComponentOA().getOASTORK().isVidpEnabled()))) {
+ formOAs.add(addOAFormListElement(dboa, ServiceType.OA));
+ }
+ }
return formOAs;
}
+ private static OAListElement addOAFormListElement(OnlineApplication dboa, ServiceType type) {
+ OAListElement listoa = new OAListElement(type);
+ listoa.setActive(dboa.isIsActive());
+ listoa.setDataBaseID(dboa.getHjid());
+ listoa.setOaFriendlyName(dboa.getFriendlyName());
+ listoa.setOaIdentifier(dboa.getPublicURLPrefix());
+ listoa.setOaType(dboa.getType());
+ return listoa;
+ }
+
public static ArrayList<AuthenticatedUser> addFormUsers(List<UserDatabase> dbuserlist) {
ArrayList<AuthenticatedUser> userlist = new ArrayList<AuthenticatedUser>();
@@ -57,16 +84,9 @@ public class FormDataHelper {
boolean ismandate = false;
if (dbuser.isIsMandateUser() != null)
ismandate = dbuser.isIsMandateUser();
-
-
- userlist.add(new AuthenticatedUser(
- dbuser.getHjid(),
- dbuser.getGivenname(),
- dbuser.getFamilyname(),
- dbuser.getInstitut(),
- dbuser.getUsername(),
+
+ userlist.add(new AuthenticatedUser(dbuser,
dbuser.isIsActive(),
- dbuser.isIsAdmin(),
ismandate,
false));
}
diff --git a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/struts/action/BasicAction.java b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/struts/action/BasicAction.java
index 67bd13dd2..9630bc232 100644
--- a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/struts/action/BasicAction.java
+++ b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/struts/action/BasicAction.java
@@ -54,6 +54,7 @@ public class BasicAction extends ActionSupport implements ServletRequestAware,
protected ConfigurationProvider configuration = null;
protected AuthenticatedUser authUser = null;
protected HttpSession session = null;
+ protected String formID;
protected void populateBasicInformations() throws BasicActionException {
try {
@@ -101,6 +102,19 @@ public class BasicAction extends ActionSupport implements ServletRequestAware,
}
+ /**
+ * @return the formID
+ */
+ public String getFormID() {
+ return formID;
+ }
+
+ /**
+ * @param formID the formID to set
+ */
+ public void setFormID(String formID) {
+ this.formID = formID;
+ }
}
diff --git a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/struts/action/BasicOAAction.java b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/struts/action/BasicOAAction.java
new file mode 100644
index 000000000..43954828c
--- /dev/null
+++ b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/struts/action/BasicOAAction.java
@@ -0,0 +1,452 @@
+/*
+ * Copyright 2014 Federal Chancellery Austria
+ * MOA-ID has been developed in a cooperation between BRZ, the Federal
+ * Chancellery Austria - ICT staff unit, and Graz University of Technology.
+ *
+ * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by
+ * the European Commission - subsequent versions of the EUPL (the "Licence");
+ * You may not use this work except in compliance with the Licence.
+ * You may obtain a copy of the Licence at:
+ * http://www.osor.eu/eupl/
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the Licence is distributed on an "AS IS" basis,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the Licence for the specific language governing permissions and
+ * limitations under the Licence.
+ *
+ * This product combines work with different licenses. See the "NOTICE" text
+ * file for details on the various modules and licenses.
+ * The "NOTICE" text file is part of the distribution. Any derivative works
+ * that you distribute must include a readable copy of the "NOTICE" text file.
+ */
+package at.gv.egovernment.moa.id.configuration.struts.action;
+
+import java.util.ArrayList;
+import java.util.Date;
+import java.util.LinkedHashMap;
+import java.util.List;
+
+import org.apache.log4j.Logger;
+
+import at.gv.egovernment.moa.id.commons.db.ConfigurationDBRead;
+import at.gv.egovernment.moa.id.commons.db.ConfigurationDBUtils;
+import at.gv.egovernment.moa.id.commons.db.dao.config.MOAIDConfiguration;
+import at.gv.egovernment.moa.id.commons.db.dao.config.OnlineApplication;
+import at.gv.egovernment.moa.id.commons.db.dao.config.UserDatabase;
+import at.gv.egovernment.moa.id.commons.db.ex.MOADatabaseException;
+import at.gv.egovernment.moa.id.commons.validation.ValidationHelper;
+import at.gv.egovernment.moa.id.configuration.Constants;
+import at.gv.egovernment.moa.id.configuration.data.oa.IOnlineApplicationData;
+import at.gv.egovernment.moa.id.configuration.data.oa.OAGeneralConfig;
+import at.gv.egovernment.moa.id.configuration.data.oa.OAPVP2Config;
+import at.gv.egovernment.moa.id.configuration.exception.BasicOAActionException;
+import at.gv.egovernment.moa.id.configuration.exception.ConfigurationException;
+import at.gv.egovernment.moa.id.configuration.helper.LanguageHelper;
+import at.gv.egovernment.moa.id.configuration.helper.MailHelper;
+import at.gv.egovernment.moa.id.util.Random;
+import at.gv.egovernment.moa.util.MiscUtil;
+
+/**
+ * @author tlenz
+ *
+ */
+public class BasicOAAction extends BasicAction {
+
+ private static final long serialVersionUID = 5676123696807646246L;
+ private final Logger log = Logger.getLogger(BasicOAAction.class);
+
+ protected LinkedHashMap<String, IOnlineApplicationData> formList;
+ protected long oaid = -1;
+
+ private String oaidobj;
+ private boolean newOA;
+ private boolean isMetaDataRefreshRequired = false;
+
+ /**
+ *
+ */
+ public BasicOAAction() {
+ formList = new LinkedHashMap<String, IOnlineApplicationData>();
+
+ OAGeneralConfig generalOA = new OAGeneralConfig();
+ formList.put(generalOA.getName(), generalOA);
+
+ }
+
+ protected OnlineApplication populateOnlineApplicationFromRequest() throws BasicOAActionException{
+ if (!ValidationHelper.validateOAID(oaidobj)) {
+ throw new BasicOAActionException(
+ LanguageHelper.getErrorString("errors.edit.oa.oaid", request),
+ Constants.STRUTS_ERROR);
+
+ }
+ oaid = Long.valueOf(oaidobj);
+
+ UserDatabase userdb = null;
+ OnlineApplication onlineapplication = null;
+
+ if (authUser.isAdmin())
+ onlineapplication = ConfigurationDBRead.getOnlineApplication(oaid);
+
+ else {
+ userdb = ConfigurationDBRead.getUserWithID(authUser.getUserID());
+
+ if (!authUser.isAdmin() && userdb.isIsMailAddressVerified() != null && !userdb.isIsMailAddressVerified()) {
+ log.info("Online-Applikation managemant disabled. Mail address is not verified.");
+ throw new BasicOAActionException(
+ LanguageHelper.getErrorString("error.editoa.mailverification", request),
+ Constants.STRUTS_SUCCESS);
+
+ }
+
+ // TODO: change to direct Database operation
+ List<OnlineApplication> oas = userdb.getOnlineApplication();
+ for (OnlineApplication oa : oas) {
+ if (oa.getHjid() == oaid) {
+ onlineapplication = oa;
+ break;
+ }
+ }
+ if (onlineapplication == null) {
+ throw new BasicOAActionException(
+ LanguageHelper.getErrorString("errors.edit.oa.oaid", request),
+ Constants.STRUTS_ERROR);
+ }
+ }
+
+ return onlineapplication;
+
+ }
+
+ protected void populateBasicNewOnlineApplicationInformation() {
+ session.setAttribute(Constants.SESSION_OAID, null);
+
+ setNewOA(true);
+
+ formID = Random.nextRandom();
+ session.setAttribute(Constants.SESSION_FORMID, formID);
+ session.setAttribute(Constants.SESSION_BKUFORMPREVIEW, null);
+ }
+
+ protected OnlineApplication postProcessSaveOnlineApplication(OnlineApplication onlineapplication ) throws BasicOAActionException {
+ if (onlineapplication == null) {
+ onlineapplication = new OnlineApplication();
+ onlineapplication.setIsNew(true);
+ onlineapplication.setIsActive(false);
+
+ if (!authUser.isAdmin()) {
+ onlineapplication.setIsAdminRequired(true);
+
+ } else
+ isMetaDataRefreshRequired = true;
+
+ } else {
+ onlineapplication.setIsNew(false);
+ if (!authUser.isAdmin() && !onlineapplication.getPublicURLPrefix().equals(getGeneralOA().getIdentifier())) {
+
+ onlineapplication.setIsAdminRequired(true);
+ onlineapplication.setIsActive(false);
+ log.info("User with ID " + authUser.getUserID() + " change OA-PublicURLPrefix. Reaktivation is required.");
+ }
+
+ }
+
+ if ((onlineapplication.isIsAdminRequired() == null)
+ || (authUser.isAdmin() && getGeneralOA().isActive() && onlineapplication.isIsAdminRequired())) {
+
+ onlineapplication.setIsAdminRequired(false);
+ isMetaDataRefreshRequired = true;
+
+ UserDatabase userdb = null;
+ if (onlineapplication.getHjid() != null)
+ userdb = ConfigurationDBRead.getUsersWithOADBID(onlineapplication.getHjid());
+
+ if (userdb != null && !userdb.isIsAdmin()) {
+ try {
+ MailHelper.sendUserOnlineApplicationActivationMail(userdb.getGivenname(), userdb.getFamilyname(),
+ userdb.getInstitut(), onlineapplication.getPublicURLPrefix(), userdb.getMail());
+ } catch (ConfigurationException e) {
+ log.warn("Sending Mail to User " + userdb.getMail() + " failed", e);
+ }
+ }
+ }
+
+ //save OA configuration
+ String error = saveOAConfigToDatabase(onlineapplication);
+ if (MiscUtil.isNotEmpty(error)) {
+ log.warn("OA configuration can not be stored!");
+ addActionError(error);
+
+ formID = Random.nextRandom();
+ session.setAttribute(Constants.SESSION_FORMID, formID);
+
+ throw new BasicOAActionException(error, Constants.STRUTS_ERROR_VALIDATION);
+ }
+
+ //set metadata reload flag if reload is required
+
+ if (getPvp2OA() != null && getPvp2OA().getMetaDataURL() != null) {
+
+ try {
+ if (isMetaDataRefreshRequired
+ || !getPvp2OA().getMetaDataURL().equals(onlineapplication.getAuthComponentOA().getOAPVP2().getMetadataURL())
+ || getPvp2OA().getFileUpload() != null
+ || getPvp2OA().isReLoad()) {
+
+ log.debug("Set PVP2 Metadata refresh flag.");
+ MOAIDConfiguration moaconfig = ConfigurationDBRead.getMOAIDConfiguration();
+ moaconfig.setPvp2RefreshItem(new Date());
+ ConfigurationDBUtils.saveOrUpdate(moaconfig);
+
+ }
+ } catch (Throwable e) {
+ log.info("Found no MetadataURL in OA-Databaseconfig!", e);
+ }
+
+ }
+
+ return onlineapplication;
+ }
+
+ protected OnlineApplication preProcessSaveOnlineApplication() throws BasicOAActionException {
+ try {
+ Object formidobj = session.getAttribute(Constants.SESSION_FORMID);
+ if (formidobj != null && formidobj instanceof String) {
+ String formid = (String) formidobj;
+ if (!formid.equals(formID)) {
+ throw new BasicOAActionException(
+ "FormIDs does not match. Some suspect Form is received from user " + authUser.getFamilyName()
+ + authUser.getGivenName() + authUser.getUserID(),
+ Constants.STRUTS_ERROR);
+ }
+ } else {
+ throw new BasicOAActionException(
+ "FormIDs does not match. Some suspect Form is received from user " + authUser.getFamilyName()
+ + authUser.getGivenName() + authUser.getUserID(),
+ Constants.STRUTS_ERROR);
+
+ }
+ session.setAttribute(Constants.SESSION_FORMID, null);
+
+ UserDatabase userdb = ConfigurationDBRead.getUserWithID(authUser.getUserID());
+ if (!authUser.isAdmin() && userdb.isIsMailAddressVerified() != null && !userdb.isIsMailAddressVerified()) {
+ log.info("Online-Applikation managemant disabled. Mail address is not verified.");
+ throw new BasicOAActionException(
+ LanguageHelper.getErrorString("error.editoa.mailverification", request),
+ Constants.STRUTS_SUCCESS);
+ }
+
+ OnlineApplication onlineapplication = null;
+
+ Object oadbid = request.getSession().getAttribute(Constants.SESSION_OAID);
+ Long oaid = (long) -1;
+
+ if (oadbid != null) {
+ try {
+ oaid = (Long) oadbid;
+ if (oaid < 0 || oaid > Long.MAX_VALUE) {
+ throw new BasicOAActionException(
+ LanguageHelper.getErrorString("errors.edit.oa.oaid", request),
+ Constants.STRUTS_ERROR);
+ }
+
+ } catch (Throwable t) {
+ throw new BasicOAActionException(
+ LanguageHelper.getErrorString("errors.edit.oa.oaid", request),
+ Constants.STRUTS_ERROR);
+ }
+ }
+
+ // valid DBID and check entry
+ OAGeneralConfig oaGeneralForm = ((OAGeneralConfig)formList.get(new OAGeneralConfig().getName()));
+ String oaidentifier = oaGeneralForm.getIdentifier();
+ if (MiscUtil.isEmpty(oaidentifier)) {
+ log.info("Empty OA identifier");
+ throw new BasicOAActionException(
+ LanguageHelper.getErrorString("validation.general.oaidentifier.empty", request),
+ Constants.STRUTS_ERROR_VALIDATION);
+
+ } else {
+
+ if (!ValidationHelper.validateURL(oaidentifier)) {
+ log.warn("OnlineapplikationIdentifier is not a valid URL: " + oaidentifier);
+ throw new BasicOAActionException(
+ LanguageHelper.getErrorString("validation.general.oaidentifier.valid",
+ new Object[]{ValidationHelper.getNotValidOAIdentifierCharacters()}, request),
+ Constants.STRUTS_ERROR_VALIDATION);
+
+ } else {
+
+ if (oaid == -1) {
+ onlineapplication = ConfigurationDBRead.getOnlineApplication(oaidentifier);
+ setNewOA(true);
+ if (onlineapplication != null) {
+ log.info("The OAIdentifier is not unique");
+ throw new BasicOAActionException(
+ LanguageHelper.getErrorString("validation.general.oaidentifier.notunique", request),
+ Constants.STRUTS_ERROR_VALIDATION);
+
+ }
+
+ } else {
+ onlineapplication = ConfigurationDBRead.getOnlineApplication(oaid);
+ if (!oaidentifier.equals(onlineapplication.getPublicURLPrefix())) {
+
+ if (ConfigurationDBRead.getOnlineApplication(oaidentifier) != null) {
+ log.info("The OAIdentifier is not unique");
+ throw new BasicOAActionException(
+ LanguageHelper.getErrorString("validation.general.oaidentifier.notunique", request),
+ Constants.STRUTS_ERROR_VALIDATION);
+
+ }
+ }
+ }
+ }
+ }
+
+ return onlineapplication;
+
+ } catch (BasicOAActionException e) {
+ formID = Random.nextRandom();
+ session.setAttribute(Constants.SESSION_FORMID, formID);
+
+ throw e;
+ }
+
+ }
+
+ protected String preProcessDeleteOnlineApplication() throws BasicOAActionException {
+ try {
+ Object formidobj = session.getAttribute(Constants.SESSION_FORMID);
+ if (formidobj != null && formidobj instanceof String) {
+ String formid = (String) formidobj;
+ if (!formid.equals(formID)) {
+ log.warn("FormIDs does not match. Some suspect Form is received from user " + authUser.getFamilyName()
+ + authUser.getGivenName() + authUser.getUserID());
+ throw new BasicOAActionException(
+ "FormIDs does not match. Some suspect Form is received from user " + authUser.getFamilyName()
+ + authUser.getGivenName() + authUser.getUserID(),
+ Constants.STRUTS_ERROR);
+
+ }
+ } else {
+ log.warn("FormIDs does not match. Some suspect Form is received from user " + authUser.getFamilyName()
+ + authUser.getGivenName() + authUser.getUserID());
+ throw new BasicOAActionException(
+ "FormIDs does not match. Some suspect Form is received from user " + authUser.getFamilyName()
+ + authUser.getGivenName() + authUser.getUserID(),
+ Constants.STRUTS_ERROR);
+ }
+ session.setAttribute(Constants.SESSION_FORMID, null);
+
+ UserDatabase userdb = ConfigurationDBRead.getUserWithID(authUser.getUserID());
+ if (!authUser.isAdmin() && userdb.isIsMailAddressVerified() != null && !userdb.isIsMailAddressVerified()) {
+ log.info("Online-Applikation managemant disabled. Mail address is not verified.");
+ throw new BasicOAActionException(
+ LanguageHelper.getErrorString("error.editoa.mailverification", request),
+ Constants.STRUTS_SUCCESS);
+
+ }
+
+ String oaidentifier = getGeneralOA().getIdentifier();
+ if (MiscUtil.isEmpty(oaidentifier)) {
+ log.info("Empty OA identifier");
+ formID = Random.nextRandom();
+ session.setAttribute(Constants.SESSION_FORMID, formID);
+
+ throw new BasicOAActionException(
+ LanguageHelper.getErrorString("validation.general.oaidentifier.empty", request),
+ Constants.STRUTS_ERROR_VALIDATION);
+
+ } else {
+ if (ValidationHelper.isValidOAIdentifier(oaidentifier)) {
+ log.warn("IdentificationNumber contains potentail XSS characters: " + oaidentifier);
+ formID = Random.nextRandom();
+ session.setAttribute(Constants.SESSION_FORMID, formID);
+
+ throw new BasicOAActionException(
+ LanguageHelper.getErrorString("validation.general.oaidentifier.valid",
+ new Object[]{ValidationHelper.getNotValidOAIdentifierCharacters()}, request),
+ Constants.STRUTS_ERROR_VALIDATION);
+ }
+ }
+
+ return oaidentifier;
+
+ } catch (BasicOAActionException e) {
+ formID = Random.nextRandom();
+ session.setAttribute(Constants.SESSION_FORMID, formID);
+
+ throw e;
+ }
+ }
+
+ private String saveOAConfigToDatabase(OnlineApplication dboa) {
+
+ for (IOnlineApplicationData form : formList.values())
+ form.store(dboa, authUser, request);
+
+ try {
+ if (dboa.isIsNew()) {
+ ConfigurationDBUtils.save(dboa);
+
+ if (!authUser.isAdmin()) {
+ UserDatabase user = ConfigurationDBRead.getUserWithID(authUser.getUserID());
+
+ List<OnlineApplication> useroas = user.getOnlineApplication();
+ if (useroas == null) useroas = new ArrayList<OnlineApplication>();
+
+ useroas.add(dboa);
+ ConfigurationDBUtils.saveOrUpdate(user);
+ }
+ } else
+ ConfigurationDBUtils.saveOrUpdate(dboa);
+
+ } catch (MOADatabaseException e) {
+ log.warn("Online-Application can not be stored.", e);
+ return LanguageHelper.getErrorString("error.db.oa.store", request);
+ }
+
+ return null;
+ }
+
+ /**
+ * @param oaidobj the oaidobj to set
+ */
+ public void setOaidobj(String oaidobj) {
+ this.oaidobj = oaidobj;
+ }
+
+ /**
+ * @return the newOA
+ */
+ public boolean isNewOA() {
+ return newOA;
+ }
+
+ /**
+ * @param newOA the newOA to set
+ */
+ public void setNewOA(boolean newOA) {
+ this.newOA = newOA;
+ }
+
+ public OAGeneralConfig getGeneralOA() {
+ return (OAGeneralConfig) formList.get(new OAGeneralConfig().getName());
+ }
+
+ public void setGeneralOA(OAGeneralConfig generalOA) {
+ formList.put(generalOA.getName(), generalOA);
+ }
+
+
+ public OAPVP2Config getPvp2OA() {
+ return (OAPVP2Config) formList.get(new OAPVP2Config().getName());
+ }
+
+ public void setPvp2OA(OAPVP2Config pvp2oa) {
+ formList.put(pvp2oa.getName(), pvp2oa);
+ }
+
+}
diff --git a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/struts/action/EditGeneralConfigAction.java b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/struts/action/EditGeneralConfigAction.java
index a54d6c74a..0a308a354 100644
--- a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/struts/action/EditGeneralConfigAction.java
+++ b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/struts/action/EditGeneralConfigAction.java
@@ -65,6 +65,7 @@ import at.gv.egovernment.moa.id.commons.db.dao.config.TrustAnchor;
import at.gv.egovernment.moa.id.commons.db.dao.config.VerifyAuthBlock;
import at.gv.egovernment.moa.id.commons.db.dao.config.VerifyIdentityLink;
import at.gv.egovernment.moa.id.commons.db.ex.MOADatabaseException;
+import at.gv.egovernment.moa.id.commons.validation.ValidationHelper;
import at.gv.egovernment.moa.id.configuration.Constants;
import at.gv.egovernment.moa.id.configuration.auth.AuthenticatedUser;
import at.gv.egovernment.moa.id.configuration.data.GeneralMOAIDConfig;
@@ -72,7 +73,6 @@ import at.gv.egovernment.moa.id.configuration.data.GeneralStorkConfig;
import at.gv.egovernment.moa.id.configuration.exception.BasicActionException;
import at.gv.egovernment.moa.id.configuration.helper.LanguageHelper;
import at.gv.egovernment.moa.id.configuration.helper.StringHelper;
-import at.gv.egovernment.moa.id.configuration.validation.ValidationHelper;
import at.gv.egovernment.moa.id.configuration.validation.moaconfig.MOAConfigValidator;
import at.gv.egovernment.moa.id.configuration.validation.moaconfig.StorkConfigValidator;
import at.gv.egovernment.moa.id.util.Random;
diff --git a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/struts/action/EditOAAction.java b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/struts/action/EditOAAction.java
index d2a2cfdf7..6d735a85b 100644
--- a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/struts/action/EditOAAction.java
+++ b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/struts/action/EditOAAction.java
@@ -28,147 +28,98 @@ import at.gv.egovernment.moa.id.commons.db.ConfigurationDBUtils;
import at.gv.egovernment.moa.id.commons.db.dao.config.*;
import at.gv.egovernment.moa.id.commons.db.ex.MOADatabaseException;
import at.gv.egovernment.moa.id.configuration.Constants;
-import at.gv.egovernment.moa.id.configuration.auth.AuthenticatedUser;
import at.gv.egovernment.moa.id.configuration.config.ConfigurationProvider;
import at.gv.egovernment.moa.id.configuration.data.FormularCustomization;
import at.gv.egovernment.moa.id.configuration.data.oa.*;
import at.gv.egovernment.moa.id.configuration.exception.BasicActionException;
+import at.gv.egovernment.moa.id.configuration.exception.BasicOAActionException;
import at.gv.egovernment.moa.id.configuration.exception.ConfigurationException;
import at.gv.egovernment.moa.id.configuration.helper.LanguageHelper;
import at.gv.egovernment.moa.id.configuration.helper.MailHelper;
-import at.gv.egovernment.moa.id.configuration.helper.StringHelper;
-import at.gv.egovernment.moa.id.configuration.validation.FormularCustomizationValitator;
-import at.gv.egovernment.moa.id.configuration.validation.TargetValidator;
-import at.gv.egovernment.moa.id.configuration.validation.ValidationHelper;
-import at.gv.egovernment.moa.id.configuration.validation.oa.*;
import at.gv.egovernment.moa.id.util.FormBuildUtils;
import at.gv.egovernment.moa.id.util.Random;
import at.gv.egovernment.moa.util.MiscUtil;
-import com.opensymphony.xwork2.ActionSupport;
import iaik.utils.URLDecoder;
import org.apache.log4j.Logger;
-import org.apache.struts2.interceptor.ServletRequestAware;
-import org.apache.struts2.interceptor.ServletResponseAware;
-import javax.servlet.http.HttpServletRequest;
-import javax.servlet.http.HttpServletResponse;
-import javax.servlet.http.HttpSession;
import java.io.*;
-import java.math.BigInteger;
-import java.security.cert.CertificateException;
import java.util.*;
-public class EditOAAction extends BasicAction {
+public class EditOAAction extends BasicOAAction {
private final Logger log = Logger.getLogger(EditOAAction.class);
private static final long serialVersionUID = 1L;
-
- private String oaidobj;
- private boolean newOA;
- private String formID;
-
- private boolean onlyBusinessService = false;
- private boolean subTargetSet = false;
- private boolean deaktivededBusinessService = false;
- private boolean isMetaDataRefreshRequired = false;
-
+
private String nextPage;
-
- private OAGeneralConfig generalOA = new OAGeneralConfig();
- private OAPVP2Config pvp2OA = new OAPVP2Config();
- private OASAML1Config saml1OA = new OASAML1Config();
- private OASSOConfig ssoOA = new OASSOConfig();
- private OAOAuth20Config oauth20OA = new OAOAuth20Config();
- private OASTORKConfig storkOA = new OASTORKConfig();
- private FormularCustomization formOA = new FormularCustomization();
-
private InputStream stream;
-
- private Map<String, byte[]> sendAssertionForm = new HashMap<String, byte[]>();
- private Map<String, byte[]> bkuSelectionForm = new HashMap<String, byte[]>();
+
+ public EditOAAction() {
+ super();
+
+ OATargetConfiguration oaTarget = new OATargetConfiguration();
+ formList.put(oaTarget.getName(), oaTarget);
+
+ OAAuthenticationData authOA = new OAAuthenticationData();
+ formList.put(authOA.getName(), authOA);
+
+ OASSOConfig ssoOA = new OASSOConfig();
+ formList.put(ssoOA.getName(), ssoOA);
+
+ OASAML1Config saml1OA = new OASAML1Config();
+ formList.put(saml1OA.getName(), saml1OA);
+
+ OAPVP2Config pvp2OA = new OAPVP2Config();
+ formList.put(pvp2OA.getName(), pvp2OA);
+
+ OAOAuth20Config oauth20OA = new OAOAuth20Config();
+ formList.put(oauth20OA.getName(), oauth20OA);
+
+ OASTORKConfig storkOA = new OASTORKConfig();
+ formList.put(storkOA.getName(), storkOA);
+
+ Map<String, String> map = new HashMap<String, String>();
+ map.putAll(FormBuildUtils.getDefaultMap());
+ FormularCustomization formOA = new FormularCustomization(map);
+ formList.put(formOA.getName(), formOA);
+
+ }
+
// STRUTS actions
public String inital() {
try {
populateBasicInformations();
+
+ OnlineApplication onlineapplication = populateOnlineApplicationFromRequest();
+ List<String> errors = new ArrayList<String>();
+ for (IOnlineApplicationData form : formList.values()) {
+ List<String> error = form.parse(onlineapplication, authUser, request);
+ if (error != null)
+ errors.addAll(error);
+ }
+ if (errors.size() > 0) {
+ for (String el : errors)
+ addActionError(el);
+ }
+
+ setNewOA(false);
+
+ ConfigurationDBUtils.closeSession();
+
+ formID = Random.nextRandom();
+ session.setAttribute(Constants.SESSION_FORMID, formID);
+ session.setAttribute(Constants.SESSION_OAID, oaid);
+
+ return Constants.STRUTS_OA_EDIT;
+
} catch (BasicActionException e) {
return Constants.STRUTS_ERROR;
+ } catch (BasicOAActionException e) {
+ addActionError(e.getStrutsError());
+ return e.getStrutsReturnValue();
}
-
- long oaid = -1;
-
- if (!ValidationHelper.validateOAID(oaidobj)) {
- addActionError(LanguageHelper.getErrorString("errors.edit.oa.oaid", request));
- return Constants.STRUTS_ERROR;
- }
- oaid = Long.valueOf(oaidobj);
-
- UserDatabase userdb = null;
- OnlineApplication onlineapplication = null;
-
- if (authUser.isAdmin())
- onlineapplication = ConfigurationDBRead.getOnlineApplication(oaid);
-
- else {
- userdb = ConfigurationDBRead.getUserWithID(authUser.getUserID());
-
- if (!authUser.isAdmin() && userdb.isIsMailAddressVerified() != null && !userdb.isIsMailAddressVerified()) {
- log.info("Online-Applikation managemant disabled. Mail address is not verified.");
- addActionError(LanguageHelper.getErrorString("error.editoa.mailverification", request));
- return Constants.STRUTS_SUCCESS;
- }
-
- // TODO: change to direct Database operation
- List<OnlineApplication> oas = userdb.getOnlineApplication();
- for (OnlineApplication oa : oas) {
- if (oa.getHjid() == oaid) {
- onlineapplication = oa;
- break;
- }
- }
- if (onlineapplication == null) {
- addActionError(LanguageHelper.getErrorString("errors.edit.oa.oaid", request));
- return Constants.STRUTS_ERROR;
- }
- }
-
- generalOA.parse(onlineapplication);
- ssoOA.parse(onlineapplication);
- saml1OA.parse(onlineapplication);
- oauth20OA.parse(onlineapplication, request);
- session.setAttribute(Constants.SESSION_OAUTH20SECRET, this.oauth20OA.getClientSecret());
-
- storkOA.parse(onlineapplication);
-
- Map<String, String> map = new HashMap<String, String>();
- map.putAll(FormBuildUtils.getDefaultMap());
- formOA.parse(onlineapplication, map);
-
- session.setAttribute(Constants.SESSION_BKUFORMPREVIEW, map);
-
- List<String> errors = pvp2OA.parse(onlineapplication, request);
-
- if (errors.size() > 0) {
- for (String el : errors)
- addActionError(el);
- }
-
- subTargetSet = MiscUtil.isNotEmpty(generalOA.getTarget_subsector());
-
- // set UserSpezific OA Parameters
- if (!authUser.isAdmin()) generateUserSpecificConfigurationOptions(userdb);
-
- ConfigurationDBUtils.closeSession();
- session.setAttribute(Constants.SESSION_OAID, oaid);
-
- formID = Random.nextRandom();
- session.setAttribute(Constants.SESSION_FORMID, formID);
-
- newOA = false;
-
- return Constants.STRUTS_OA_EDIT;
}
public String newOA() {
@@ -177,14 +128,19 @@ public class EditOAAction extends BasicAction {
try {
populateBasicInformations();
+ populateBasicNewOnlineApplicationInformation();
+
+ // prepare attribute helper list
+ ArrayList<AttributeHelper> attributes = new ArrayList<AttributeHelper>();
+ for(StorkAttribute current : ConfigurationDBRead.getMOAIDConfiguration().getAuthComponentGeneral().getForeignIdentities().getSTORK().getAttributes())
+ attributes.add(new AttributeHelper(current));
+ getStorkOA().setHelperAttributes(attributes);
+
} catch (BasicActionException e) {
return Constants.STRUTS_ERROR;
}
-
- session.setAttribute(Constants.SESSION_OAID, null);
- nextPage = Constants.STRUTS_RETURNAREA_VALUES.main.name();
-
+
UserDatabase userdb = ConfigurationDBRead.getUserWithID(authUser.getUserID());
if (!authUser.isAdmin() && userdb.isIsMailAddressVerified() != null && !userdb.isIsMailAddressVerified()) {
@@ -193,183 +149,45 @@ public class EditOAAction extends BasicAction {
return Constants.STRUTS_SUCCESS;
}
- MOAIDConfiguration moaidconfig = ConfigurationDBRead.getMOAIDConfiguration();
- if (moaidconfig != null) {
- DefaultBKUs defaultbkus = moaidconfig.getDefaultBKUs();
- if (defaultbkus != null) {
- generalOA.setBkuHandyURL(defaultbkus.getHandyBKU());
- generalOA.setBkuLocalURL(defaultbkus.getLocalBKU());
- generalOA.setBkuOnlineURL(defaultbkus.getOnlineBKU());
- }
- }
-
- // set UserSpezific OA Parameters
- if (!authUser.isAdmin()) generateUserSpecificConfigurationOptions(userdb);
-
ConfigurationDBUtils.closeSession();
-
- //VIDP attribute provider configuration
- storkOA = new OASTORKConfig();
- storkOA.getAttributeProviderPlugins().add(new AttributeProviderPlugin());
+ session.setAttribute(Constants.SESSION_OAUTH20SECRET, ((OAOAuth20Config)formList.get(new OAOAuth20Config().getName())).getClientSecret());
+ nextPage = Constants.STRUTS_RETURNAREA_VALUES.main.name();
- newOA = true;
- formID = Random.nextRandom();
- session.setAttribute(Constants.SESSION_FORMID, formID);
-
- session.setAttribute(Constants.SESSION_BKUFORMPREVIEW, null);
-
- this.oauth20OA.generateClientSecret();
- session.setAttribute(Constants.SESSION_OAUTH20SECRET, this.oauth20OA.getClientSecret());
-
return Constants.STRUTS_OA_EDIT;
}
public String saveOA() {
+
+ OnlineApplication onlineapplication= null;
+
try {
populateBasicInformations();
+ onlineapplication = preProcessSaveOnlineApplication();
+
} catch (BasicActionException e) {
return Constants.STRUTS_ERROR;
+ } catch (BasicOAActionException e) {
+ addActionError(e.getStrutsError());
+ return e.getStrutsReturnValue();
+
}
- Object formidobj = session.getAttribute(Constants.SESSION_FORMID);
- if (formidobj != null && formidobj instanceof String) {
- String formid = (String) formidobj;
- if (!formid.equals(formID)) {
- log.warn("FormIDs does not match. Some suspect Form is received from user " + authUser.getFamilyName()
- + authUser.getGivenName() + authUser.getUserID());
- return Constants.STRUTS_ERROR;
- }
- } else {
- log.warn("FormIDs does not match. Some suspect Form is received from user " + authUser.getFamilyName()
- + authUser.getGivenName() + authUser.getUserID());
- return Constants.STRUTS_ERROR;
- }
- session.setAttribute(Constants.SESSION_FORMID, null);
-
- UserDatabase userdb = ConfigurationDBRead.getUserWithID(authUser.getUserID());
- if (!authUser.isAdmin() && userdb.isIsMailAddressVerified() != null && !userdb.isIsMailAddressVerified()) {
- log.info("Online-Applikation managemant disabled. Mail address is not verified.");
- addActionError(LanguageHelper.getErrorString("error.editoa.mailverification", request));
- return Constants.STRUTS_SUCCESS;
- }
-
- OnlineApplication onlineapplication = null;
List<String> errors = new ArrayList<String>();
-
- Object oadbid = request.getSession().getAttribute(Constants.SESSION_OAID);
- Long oaid = (long) -1;
-
- if (oadbid != null) {
- try {
- oaid = (Long) oadbid;
- if (oaid < 0 || oaid > Long.MAX_VALUE) {
- addActionError(LanguageHelper.getErrorString("errors.edit.oa.oaid", request));
- return Constants.STRUTS_ERROR;
- }
-
- } catch (Throwable t) {
- addActionError(LanguageHelper.getErrorString("errors.edit.oa.oaid", request));
- return Constants.STRUTS_ERROR;
- }
- }
-
- // valid DBID and check entry
- String oaidentifier = generalOA.getIdentifier();
- if (MiscUtil.isEmpty(oaidentifier)) {
- log.info("Empty OA identifier");
- errors.add(LanguageHelper.getErrorString("validation.general.oaidentifier.empty", request));
-
- } else {
-
- if (!ValidationHelper.validateURL(oaidentifier)) {
- log.warn("OnlineapplikationIdentifier is not a valid URL: " + oaidentifier);
- errors.add(LanguageHelper.getErrorString("validation.general.oaidentifier.valid",
- new Object[]{ValidationHelper.getNotValidOAIdentifierCharacters()}, request));
- } else {
-
- if (oaid == -1) {
- onlineapplication = ConfigurationDBRead.getOnlineApplication(oaidentifier);
- newOA = true;
- if (onlineapplication != null) {
- log.info("The OAIdentifier is not unique");
- errors.add(LanguageHelper.getErrorString("validation.general.oaidentifier.notunique", request));
- }
-
- } else {
- onlineapplication = ConfigurationDBRead.getOnlineApplication(oaid);
- if (!oaidentifier.equals(onlineapplication.getPublicURLPrefix())) {
-
- if (ConfigurationDBRead.getOnlineApplication(oaidentifier) != null) {
- log.info("The OAIdentifier is not unique");
- errors.add(LanguageHelper.getErrorString("validation.general.oaidentifier.notunique", request));
- }
- }
- }
- }
- }
-
- // set UserSpezific OA Parameters
- if (!authUser.isAdmin()) generateUserSpecificConfigurationOptions(userdb);
-
- // check form
- OAGeneralConfigValidation validatior_general = new OAGeneralConfigValidation();
- OAPVP2ConfigValidation validatior_pvp2 = new OAPVP2ConfigValidation();
- OASAML1ConfigValidation validatior_saml1 = new OASAML1ConfigValidation();
- OASSOConfigValidation validatior_sso = new OASSOConfigValidation();
- OASTORKConfigValidation validator_stork = new OASTORKConfigValidation();
- FormularCustomizationValitator validator_form = new FormularCustomizationValitator();
- OAOAUTH20ConfigValidation validatior_oauth20 = new OAOAUTH20ConfigValidation();
- OAFileUploadValidation valiator_fileUpload = new OAFileUploadValidation();
-
- errors.addAll(validatior_general.validate(generalOA, authUser.isAdmin(), request));
- errors.addAll(validatior_pvp2.validate(pvp2OA, request));
- errors.addAll(validatior_saml1.validate(saml1OA, generalOA, request));
- errors.addAll(validatior_sso.validate(ssoOA, authUser.isAdmin(), request));
- errors.addAll(validator_stork.validate(storkOA, request));
- errors.addAll(validator_form.validate(formOA, request));
- errors.addAll(validatior_oauth20.validate(oauth20OA, request));
-
- //validate BKU-selection template
- List<String> templateError = valiator_fileUpload.validate(generalOA.getBkuSelectionFileUploadFileName()
- , generalOA.getBkuSelectionFileUpload(), "validation.general.bkuselection", bkuSelectionForm, request);
- if (templateError != null && templateError.size() == 0) {
- if (bkuSelectionForm != null && bkuSelectionForm.size() > 0)
- session.setAttribute(Constants.SESSION_BKUSELECTIONTEMPLATE, bkuSelectionForm);
-
- else
- bkuSelectionForm = (Map<String, byte[]>) session.getAttribute(Constants.SESSION_BKUSELECTIONTEMPLATE);
-
- } else {
- errors.addAll(templateError);
-
- }
-
- //validate send-assertion template
- templateError = valiator_fileUpload.validate(generalOA.getSendAssertionFileUploadFileName()
- , generalOA.getSendAssertionFileUpload(), "validation.general.sendassertion", sendAssertionForm, request);
- if (templateError != null && templateError.size() == 0) {
- if (sendAssertionForm != null && sendAssertionForm.size() > 0)
- session.setAttribute(Constants.SESSION_SENDASSERTIONTEMPLATE, sendAssertionForm);
-
- else
- sendAssertionForm = (Map<String, byte[]>) session.getAttribute(Constants.SESSION_SENDASSERTIONTEMPLATE);
-
- } else {
- errors.addAll(templateError);
-
- }
-
+
+ //validate forms
+ for (IOnlineApplicationData form : formList.values())
+ errors.addAll(form.validate(getGeneralOA(), authUser, request));
// Do not allow SSO in combination with special BKUSelection features
- if (ssoOA.isUseSSO() && (formOA.isOnlyMandateAllowed() || !formOA.isShowMandateLoginButton())) {
+ if (getSsoOA().isUseSSO() && (getFormOA().isOnlyMandateAllowed() || !getFormOA().isShowMandateLoginButton())) {
log.warn("Special BKUSelection features can not be used in combination with SSO");
errors.add(LanguageHelper.getErrorString("validation.general.bkuselection.specialfeatures.valid", request));
}
if (errors.size() > 0) {
- log.info("OAConfiguration with ID " + generalOA.getIdentifier() + " has some errors.");
+ log.info("OAConfiguration with ID " + getGeneralOA().getIdentifier() + " has some errors.");
for (String el : errors)
addActionError(el);
@@ -378,80 +196,14 @@ public class EditOAAction extends BasicAction {
return Constants.STRUTS_ERROR_VALIDATION;
} else {
-
- boolean newentry = false;
-
- if (onlineapplication == null) {
- onlineapplication = new OnlineApplication();
- newentry = true;
- onlineapplication.setIsActive(false);
-
- if (!authUser.isAdmin()) {
- onlineapplication.setIsAdminRequired(true);
-
- } else
- isMetaDataRefreshRequired = true;
-
- } else {
- if (!authUser.isAdmin() && !onlineapplication.getPublicURLPrefix().equals(generalOA.getIdentifier())) {
-
- onlineapplication.setIsAdminRequired(true);
- onlineapplication.setIsActive(false);
- log.info("User with ID " + authUser.getUserID() + " change OA-PublicURLPrefix. Reaktivation is required.");
- }
-
- }
-
- if ((onlineapplication.isIsAdminRequired() == null)
- || (authUser.isAdmin() && generalOA.isActive() && onlineapplication.isIsAdminRequired())) {
-
- onlineapplication.setIsAdminRequired(false);
- isMetaDataRefreshRequired = true;
-
- if (onlineapplication.getHjid() != null)
- userdb = ConfigurationDBRead.getUsersWithOADBID(onlineapplication.getHjid());
-
- if (userdb != null && !userdb.isIsAdmin()) {
- try {
- MailHelper.sendUserOnlineApplicationActivationMail(userdb.getGivenname(), userdb.getFamilyname(),
- userdb.getInstitut(), onlineapplication.getPublicURLPrefix(), userdb.getMail());
- } catch (ConfigurationException e) {
- log.warn("Sending Mail to User " + userdb.getMail() + " failed", e);
- }
- }
- }
-
- //save OA configuration
- String error = saveOAConfigToDatabase(onlineapplication, newentry);
- if (MiscUtil.isNotEmpty(error)) {
- log.warn("OA configuration can not be stored!");
- addActionError(error);
-
- formID = Random.nextRandom();
- session.setAttribute(Constants.SESSION_FORMID, formID);
- return Constants.STRUTS_ERROR_VALIDATION;
- }
-
- //set metadata reload flag if reload is required
- if (pvp2OA.getMetaDataURL() != null) {
-
- try {
- if (isMetaDataRefreshRequired
- || !pvp2OA.getMetaDataURL().equals(onlineapplication.getAuthComponentOA().getOAPVP2().getMetadataURL())
- || pvp2OA.getFileUpload() != null
- || pvp2OA.isReLoad()) {
-
- log.debug("Set PVP2 Metadata refresh flag.");
- MOAIDConfiguration moaconfig = ConfigurationDBRead.getMOAIDConfiguration();
- moaconfig.setPvp2RefreshItem(new Date());
- ConfigurationDBUtils.saveOrUpdate(moaconfig);
-
- }
- } catch (Throwable e) {
- log.info("Found no MetadataURL in OA-Databaseconfig!", e);
- }
-
- }
+ try {
+ onlineapplication = postProcessSaveOnlineApplication(onlineapplication);
+
+ } catch (BasicOAActionException e) {
+ addActionError(e.getStrutsError());
+ return e.getStrutsReturnValue();
+ }
+
}
Object nextPageAttr = session.getAttribute(Constants.SESSION_RETURNAREA);
@@ -474,7 +226,7 @@ public class EditOAAction extends BasicAction {
if (openUsers != null) numusers = openUsers.size();
try {
- addActionMessage(LanguageHelper.getGUIString("webpages.oaconfig.success.admin", generalOA.getIdentifier(), request));
+ addActionMessage(LanguageHelper.getGUIString("webpages.oaconfig.success.admin", getGeneralOA().getIdentifier(), request));
if (numusers > 0 || numoas > 0) MailHelper.sendAdminMail(numoas, numusers);
@@ -483,7 +235,7 @@ public class EditOAAction extends BasicAction {
}
} else
- addActionMessage(LanguageHelper.getGUIString("webpages.oaconfig.success", generalOA.getIdentifier(), request));
+ addActionMessage(LanguageHelper.getGUIString("webpages.oaconfig.success", getGeneralOA().getIdentifier(), request));
//remove session attributes
session.setAttribute(Constants.SESSION_OAID, null);
@@ -514,7 +266,7 @@ public class EditOAAction extends BasicAction {
session.setAttribute(Constants.SESSION_OAID, null);
- addActionMessage(LanguageHelper.getGUIString("webpages.oaconfig.cancle", generalOA.getIdentifier(), request));
+ addActionMessage(LanguageHelper.getGUIString("webpages.oaconfig.cancle", getGeneralOA().getIdentifier(), request));
ConfigurationDBUtils.closeSession();
@@ -522,65 +274,30 @@ public class EditOAAction extends BasicAction {
}
public String deleteOA() {
+ String oaidentifier = null;
try {
populateBasicInformations();
+
+ Object nextPageAttr = session.getAttribute(Constants.SESSION_RETURNAREA);
+ if (nextPageAttr != null && nextPageAttr instanceof String) {
+ nextPage = (String) nextPageAttr;
+
+ } else {
+ nextPage = Constants.STRUTS_RETURNAREA_VALUES.main.name();
+ }
+
+ oaidentifier = preProcessDeleteOnlineApplication();
+
} catch (BasicActionException e) {
return Constants.STRUTS_ERROR;
+ } catch (BasicOAActionException e) {
+ addActionError(e.getStrutsError());
+ return e.getStrutsReturnValue();
+
}
- Object formidobj = session.getAttribute(Constants.SESSION_FORMID);
- if (formidobj != null && formidobj instanceof String) {
- String formid = (String) formidobj;
- if (!formid.equals(formID)) {
- log.warn("FormIDs does not match. Some suspect Form is received from user " + authUser.getFamilyName()
- + authUser.getGivenName() + authUser.getUserID());
- return Constants.STRUTS_ERROR;
- }
- } else {
- log.warn("FormIDs does not match. Some suspect Form is received from user " + authUser.getFamilyName()
- + authUser.getGivenName() + authUser.getUserID());
- return Constants.STRUTS_ERROR;
- }
- session.setAttribute(Constants.SESSION_FORMID, null);
-
- Object nextPageAttr = session.getAttribute(Constants.SESSION_RETURNAREA);
- if (nextPageAttr != null && nextPageAttr instanceof String) {
- nextPage = (String) nextPageAttr;
-
- } else {
- nextPage = Constants.STRUTS_RETURNAREA_VALUES.main.name();
- }
-
- UserDatabase userdb = ConfigurationDBRead.getUserWithID(authUser.getUserID());
- if (!authUser.isAdmin() && userdb.isIsMailAddressVerified() != null && !userdb.isIsMailAddressVerified()) {
- log.info("Online-Applikation managemant disabled. Mail address is not verified.");
- addActionError(LanguageHelper.getErrorString("error.editoa.mailverification", request));
- return Constants.STRUTS_SUCCESS;
- }
-
- String oaidentifier = generalOA.getIdentifier();
- if (MiscUtil.isEmpty(oaidentifier)) {
- log.info("Empty OA identifier");
- addActionError(LanguageHelper.getErrorString("validation.general.oaidentifier.empty", request));
-
- formID = Random.nextRandom();
- session.setAttribute(Constants.SESSION_FORMID, formID);
- return Constants.STRUTS_ERROR_VALIDATION;
-
- } else {
- if (ValidationHelper.isValidOAIdentifier(oaidentifier)) {
- log.warn("IdentificationNumber contains potentail XSS characters: " + oaidentifier);
- addActionError(LanguageHelper.getErrorString("validation.general.oaidentifier.valid",
- new Object[]{ValidationHelper.getNotValidOAIdentifierCharacters()}, request));
-
- formID = Random.nextRandom();
- session.setAttribute(Constants.SESSION_FORMID, formID);
- return Constants.STRUTS_ERROR_VALIDATION;
- }
- }
-
OnlineApplication onlineapplication = ConfigurationDBRead.getOnlineApplication(oaidentifier);
request.getSession().setAttribute(Constants.SESSION_OAID, null);
@@ -620,13 +337,13 @@ public class EditOAAction extends BasicAction {
ConfigurationDBUtils.closeSession();
- addActionMessage(LanguageHelper.getGUIString("webpages.oaconfig.delete.message", generalOA.getIdentifier(), request));
+ addActionMessage(LanguageHelper.getGUIString("webpages.oaconfig.delete.message", oaidentifier, request));
return Constants.STRUTS_SUCCESS;
} else {
ConfigurationDBUtils.closeSession();
- addActionError(LanguageHelper.getGUIString("webpages.oaconfig.delete.error", generalOA.getIdentifier(), request));
+ addActionError(LanguageHelper.getGUIString("webpages.oaconfig.delete.error", oaidentifier, request));
return Constants.STRUTS_SUCCESS;
}
@@ -711,490 +428,37 @@ public class EditOAAction extends BasicAction {
return Constants.STRUTS_SUCCESS;
}
-
- private String saveOAConfigToDatabase(OnlineApplication dboa, boolean newentry) {
-
- AuthComponentOA authoa = dboa.getAuthComponentOA();
- if (authoa == null) {
- authoa = new AuthComponentOA();
- dboa.setAuthComponentOA(authoa);
- }
-
- if (authUser.isAdmin()) dboa.setIsActive(generalOA.isActive());
-
- dboa.setFriendlyName(generalOA.getFriendlyName());
- dboa.setCalculateHPI(generalOA.isCalculateHPI());
- dboa.setRemoveBPKFromAuthBlock(generalOA.isHideBPKAuthBlock());
-
- if (authUser.isAdmin())
- dboa.setKeyBoxIdentifier(MOAKeyBoxSelector.fromValue(generalOA.getKeyBoxIdentifier()));
- else {
- if (newentry) dboa.setKeyBoxIdentifier(MOAKeyBoxSelector.SECURE_SIGNATURE_KEYPAIR);
- }
-
- dboa.setPublicURLPrefix(generalOA.getIdentifier());
-
- if (generalOA.isBusinessService() || onlyBusinessService) {
-
- dboa.setType(Constants.MOA_CONFIG_BUSINESSSERVICE);
-
- String num = generalOA.getIdentificationNumber().replaceAll(" ", "");
- if (num.startsWith(Constants.IDENIFICATIONTYPE_FN)) {
- num = num.substring(Constants.IDENIFICATIONTYPE_FN.length());
-
- num = at.gv.egovernment.moa.util.StringUtils.deleteLeadingZeros(num);
-
- // num = StringUtils.leftPad(num, 7, '0');
- }
-
- if (num.startsWith(Constants.IDENIFICATIONTYPE_ZVR))
- num = num.substring(Constants.IDENIFICATIONTYPE_ZVR.length());
-
- if (num.startsWith(Constants.IDENIFICATIONTYPE_ERSB))
- num = num.substring(Constants.IDENIFICATIONTYPE_ERSB.length());
-
- IdentificationNumber idnumber = new IdentificationNumber();
-
- if (generalOA.getIdentificationType().equals(Constants.IDENIFICATIONTYPE_STORK)) {
- idnumber.setValue(Constants.PREFIX_STORK + "AT" + "+" + num);
- idnumber.setType(Constants.BUSINESSSERVICENAMES.get(generalOA.getIdentificationType()));
- } else {
- idnumber.setValue(Constants.PREFIX_WPBK + generalOA.getIdentificationType() + "+" + num);
- idnumber.setType(Constants.BUSINESSSERVICENAMES.get(generalOA.getIdentificationType()));
- }
-
-
- authoa.setIdentificationNumber(idnumber);
-
- } else {
- dboa.setType(null);
-
- if (authUser.isAdmin()) {
- if (MiscUtil.isNotEmpty(generalOA.getTarget_admin()) && generalOA.isAdminTarget()) {
- dboa.setTarget(generalOA.getTarget_admin());
- dboa.setTargetFriendlyName(generalOA.getTargetFriendlyName());
-
- } else {
-
- String target = generalOA.getTarget();
-
- if (MiscUtil.isNotEmpty(generalOA.getTarget_subsector()) && subTargetSet)
- dboa.setTarget(target + "-" + generalOA.getTarget_subsector());
- else
- dboa.setTarget(target);
-
- String targetname = TargetValidator.getTargetFriendlyName(target);
- if (MiscUtil.isNotEmpty(targetname)) dboa.setTargetFriendlyName(targetname);
-
- }
-
- } else {
-
- if (MiscUtil.isNotEmpty(generalOA.getTarget())) {
-
- String target = generalOA.getTarget();
-
- if (MiscUtil.isNotEmpty(generalOA.getTarget_subsector()) && subTargetSet)
- dboa.setTarget(target + "-" + generalOA.getTarget_subsector());
-
- else
- dboa.setTarget(target);
-
- String targetname = TargetValidator.getTargetFriendlyName(target);
- if (MiscUtil.isNotEmpty(targetname)) dboa.setTargetFriendlyName(targetname);
-
- }
- }
- }
-
- //store BKU-URLs
- BKUURLS bkuruls = new BKUURLS();
- authoa.setBKUURLS(bkuruls);
- if (authUser.isAdmin()) {
- bkuruls.setHandyBKU(generalOA.getBkuHandyURL());
- bkuruls.setLocalBKU(generalOA.getBkuLocalURL());
- bkuruls.setOnlineBKU(generalOA.getBkuOnlineURL());
- }
-
- TemplatesType templates = authoa.getTemplates();
- if (templates == null) {
- templates = new TemplatesType();
- authoa.setTemplates(templates);
- }
-
- //store BKU-selection and send-assertion templates
- if (authUser.isAdmin()) {
-
- if (generalOA.isDeleteBKUTemplate())
- templates.setBKUSelectionTemplate(null);
-
- if (generalOA.isDeleteSendAssertionTemplate())
- templates.setSendAssertionTemplate(null);
-
-
- if (bkuSelectionForm != null && bkuSelectionForm.size() > 0) {
- TransformsInfoType template = new TransformsInfoType();
-
- Iterator<String> interator = bkuSelectionForm.keySet().iterator();
- template.setFilename(interator.next());
- template.setTransformation(bkuSelectionForm.get(
- template.getFilename()));
-
- templates.setBKUSelectionTemplate(template);
- }
-
- if (sendAssertionForm != null && sendAssertionForm.size() > 0) {
- TransformsInfoType template = new TransformsInfoType();
-
- Iterator<String> interator = sendAssertionForm.keySet().iterator();
- template.setFilename(interator.next());
- template.setTransformation(sendAssertionForm.get(
- template.getFilename()));
-
- templates.setSendAssertionTemplate(template);
- }
- }
-
-
- //store BKU-selection customization
- BKUSelectionCustomizationType bkuselectioncustom = templates.getBKUSelectionCustomization();
- if (bkuselectioncustom == null) {
- bkuselectioncustom = new BKUSelectionCustomizationType();
- templates.setBKUSelectionCustomization(bkuselectioncustom);
- }
-
- Mandates mandates = new Mandates();
- if (generalOA.isUseMandates()) {
- if (MiscUtil.isNotEmpty(generalOA.getMandateProfiles())) {
- List<MandatesProfileNameItem> profileList = new ArrayList<MandatesProfileNameItem>();
- String[] inputList = generalOA.getMandateProfiles().split(",");
- for (int i=0; i<inputList.length; i++) {
-
- MandatesProfileNameItem item = new MandatesProfileNameItem();
- item.setItem(inputList[i]);
- profileList.add(item);
- }
- mandates.setProfileNameItems(profileList );
- mandates.setProfiles(null);
- }
-
-
- } else {
- mandates.setProfiles(null);
- mandates.setProfileNameItems(null);
- }
-
- authoa.setMandates(mandates);
- bkuselectioncustom.setMandateLoginButton(MiscUtil.isNotEmpty(generalOA.getMandateProfiles()));
- bkuselectioncustom.setOnlyMandateLoginAllowed(formOA.isOnlyMandateAllowed());
-
- if (authUser.isAdmin()) {
- templates.setAditionalAuthBlockText(generalOA.getAditionalAuthBlockText());
-
- List<TemplateType> template = templates.getTemplate();
- if (generalOA.isLegacy()) {
-
- if (template == null)
- template = new ArrayList<TemplateType>();
- else
- template.clear();
-
- if (MiscUtil.isNotEmpty(generalOA.getSLTemplateURL1())) {
- TemplateType el = new TemplateType();
- el.setURL(generalOA.getSLTemplateURL1());
- template.add(el);
- } else
- template.add(new TemplateType());
- if (MiscUtil.isNotEmpty(generalOA.getSLTemplateURL2())) {
- TemplateType el = new TemplateType();
- el.setURL(generalOA.getSLTemplateURL2());
- template.add(el);
- } else
- template.add(new TemplateType());
- if (MiscUtil.isNotEmpty(generalOA.getSLTemplateURL3())) {
- TemplateType el = new TemplateType();
- el.setURL(generalOA.getSLTemplateURL3());
- template.add(el);
- } else
- template.add(new TemplateType());
-
- } else {
- if (template != null && template.size() > 0) template.clear();
- }
-
- bkuselectioncustom.setBackGroundColor(parseColor(formOA.getBackGroundColor()));
- bkuselectioncustom.setFrontColor(parseColor(formOA.getFrontColor()));
-
- bkuselectioncustom.setHeaderBackGroundColor(parseColor(formOA.getHeader_BackGroundColor()));
- bkuselectioncustom.setHeaderFrontColor(parseColor(formOA.getHeader_FrontColor()));
- bkuselectioncustom.setHeaderText(formOA.getHeader_text());
-
- bkuselectioncustom.setButtonBackGroundColor(parseColor(formOA.getButton_BackGroundColor()));
- bkuselectioncustom.setButtonBackGroundColorFocus(parseColor(formOA.getButton_BackGroundColorFocus()));
- bkuselectioncustom.setButtonFontColor(parseColor(formOA.getButton_FrontColor()));
-
- if (MiscUtil.isNotEmpty(formOA.getAppletRedirectTarget()))
- bkuselectioncustom.setAppletRedirectTarget(formOA.getAppletRedirectTarget());
-
- bkuselectioncustom.setFontType(formOA.getFontType());
-
- bkuselectioncustom.setAppletHeight(formOA.getApplet_height());
- bkuselectioncustom.setAppletWidth(formOA.getApplet_width());
-
- }
-
- // set default transformation if it is empty
- List<TransformsInfoType> transformsInfo = authoa.getTransformsInfo();
- if (transformsInfo == null) {
- // TODO: set OA specific transformation if it is required
-
- }
-
- OAPVP2 pvp2 = authoa.getOAPVP2();
- if (pvp2 == null) {
- pvp2 = new OAPVP2();
- authoa.setOAPVP2(pvp2);
- }
-
- try {
-
- if (pvp2OA.getFileUpload() != null) {
- pvp2.setCertificate(pvp2OA.getCertificate());
- pvp2OA.setReLoad(true);
- }
-
- } catch (CertificateException e) {
- log.info("Uploaded Certificate can not be found", e);
- return LanguageHelper.getErrorString("validation.pvp2.certificate.notfound", request);
- } catch (IOException e) {
- log.info("Uploaded Certificate can not be parsed", e);
- return LanguageHelper.getErrorString("validation.pvp2.certificate.format", request);
- }
-
- if (pvp2OA.getMetaDataURL() != null &&
- !pvp2OA.getMetaDataURL().equals(pvp2.getMetadataURL()))
- pvp2OA.setReLoad(true);
- pvp2.setMetadataURL(pvp2OA.getMetaDataURL());
-
- if (pvp2OA.isReLoad())
- pvp2.setUpdateRequiredItem(new Date());
-
- OASAML1 saml1 = authoa.getOASAML1();
- if (saml1 == null) {
- saml1 = new OASAML1();
- authoa.setOASAML1(saml1);
- saml1.setIsActive(false);
- }
-
- if (authUser.isAdmin()) {
- saml1.setIsActive(saml1OA.isActive());
- }
-
- if (saml1.isIsActive() != null && saml1.isIsActive()) {
- saml1.setProvideAUTHBlock(saml1OA.isProvideAuthBlock());
- saml1.setProvideCertificate(saml1OA.isProvideCertificate());
- saml1.setProvideFullMandatorData(saml1OA.isProvideFullMandateData());
- saml1.setProvideIdentityLink(saml1OA.isProvideIdentityLink());
- saml1.setProvideStammzahl(saml1OA.isProvideStammZahl());
- saml1.setUseCondition(saml1OA.isUseCondition());
- saml1.setConditionLength(BigInteger.valueOf(saml1OA.getConditionLength()));
- // TODO: set sourceID
- // saml1.setSourceID("");
- }
-
- OASSO sso = authoa.getOASSO();
- if (sso == null) {
- sso = new OASSO();
- authoa.setOASSO(sso);
- sso.setAuthDataFrame(true);
- }
- sso.setUseSSO(ssoOA.isUseSSO());
-
- if (authUser.isAdmin()) sso.setAuthDataFrame(ssoOA.isShowAuthDataFrame());
-
- sso.setSingleLogOutURL(ssoOA.getSingleLogOutURL());
-
- if (oauth20OA != null) {
- log.debug("Saving OAuth 2.0 configuration:");
- OAOAUTH20 oaOAuth20 = authoa.getOAOAUTH20();
- if (oaOAuth20 == null) {
- oaOAuth20 = new OAOAUTH20();
- authoa.setOAOAUTH20(oaOAuth20);
- }
-
- oaOAuth20.setOAuthClientId(generalOA.getIdentifier());
- // oaOAuth20.setOAuthClientSecret(oauth20OA.getClientSecret());
- oaOAuth20.setOAuthRedirectUri(oauth20OA.getRedirectUri());
- log.debug("client id: " + oauth20OA.getClientId());
- log.debug("client secret: " + oauth20OA.getClientSecret());
- log.debug("redirect uri:" + oauth20OA.getRedirectUri());
-
- oaOAuth20.setOAuthClientSecret((String) request.getSession().getAttribute(Constants.SESSION_OAUTH20SECRET));
- request.getSession().setAttribute(Constants.SESSION_OAUTH20SECRET, null);
-
- }
-
-
- // fetch stork configuration from database model
- OASTORK stork = authoa.getOASTORK();
- if (stork == null) {
- // if there is none, create a new one with default values.
- stork = new OASTORK();
- authoa.setOASTORK(stork);
- stork.setStorkLogonEnabled(false);
- }
- // transfer the incoming data to the database model
- stork.setStorkLogonEnabled(storkOA.isStorkLogonEnabled());
- stork.setQaa(storkOA.getQaa());
- stork.setOAAttributes(storkOA.getAttributes());
- stork.setVidpEnabled(storkOA.isVidpEnabled());
- stork.setRequireConsent(storkOA.isRequireConsent());
- stork.setAttributeProviders(storkOA.getAttributeProviderPlugins());
- stork.setCPEPS(storkOA.getEnabledCPEPS());
-
- try {
- if (newentry) {
- ConfigurationDBUtils.save(dboa);
-
- if (!authUser.isAdmin()) {
- UserDatabase user = ConfigurationDBRead.getUserWithID(authUser.getUserID());
-
- List<OnlineApplication> useroas = user.getOnlineApplication();
- if (useroas == null) useroas = new ArrayList<OnlineApplication>();
-
- useroas.add(dboa);
- ConfigurationDBUtils.saveOrUpdate(user);
- }
- } else
- ConfigurationDBUtils.saveOrUpdate(dboa);
-
- } catch (MOADatabaseException e) {
- log.warn("Online-Application can not be stored.", e);
- return LanguageHelper.getErrorString("error.db.oa.store", request);
- }
-
- return null;
+
+ public OAAuthenticationData getAuthOA() {
+ return (OAAuthenticationData) formList.get(new OAAuthenticationData().getName());
}
- private String parseColor(String color) {
- String value = "";
-
- if (MiscUtil.isNotEmpty(color)) {
- if (!color.startsWith("#"))
- value = "#" + color;
- else
- value = color;
- }
- return value;
- }
-
- private void generateUserSpecificConfigurationOptions(UserDatabase userdb) {
-
- if (userdb.isIsMandateUser() != null && userdb.isIsMandateUser()) {
- String bpk = userdb.getBpk();
- if (bpk.startsWith(Constants.IDENIFICATIONTYPE_BASEID_FN) || bpk.startsWith(Constants.IDENIFICATIONTYPE_BASEID_ZVR) || bpk.startsWith(Constants.IDENIFICATIONTYPE_STORK)) {
- onlyBusinessService = true;
- generalOA.setBusinessService(true);
- }
-
- deaktivededBusinessService = true;
-
- String[] split = bpk.split("\\+");
- generalOA.setIdentificationType(split[1].substring(1));
-
- if (bpk.startsWith(Constants.IDENIFICATIONTYPE_BASEID_FN))
- generalOA.setIdentificationNumber(at.gv.egovernment.moa.util.StringUtils.deleteLeadingZeros(split[2]));
- else
- generalOA.setIdentificationNumber(split[2]);
-
- }
-
- }
-
- public String setGeneralOAConfig() {
-
- return Constants.STRUTS_SUCCESS;
- }
-
- public String setSAML1OAConfig() {
-
- return Constants.STRUTS_SUCCESS;
- }
-
- public String setPVP2OAConfig() {
-
- return Constants.STRUTS_SUCCESS;
- }
-
- public String setSSOOAConfig() {
-
- return Constants.STRUTS_SUCCESS;
- }
-
- public String setSTORKOAConfig() {
-
- return Constants.STRUTS_SUCCESS;
- }
-
- public OAGeneralConfig getGeneralOA() {
- return generalOA;
- }
-
- public void setGeneralOA(OAGeneralConfig generalOA) {
- this.generalOA = generalOA;
- }
-
- public OAPVP2Config getPvp2OA() {
- return pvp2OA;
- }
-
- public void setPvp2OA(OAPVP2Config pvp2oa) {
- pvp2OA = pvp2oa;
+ public void setAuthOA(OAAuthenticationData generalOA) {
+ formList.put(generalOA.getName(), generalOA);
}
public OASAML1Config getSaml1OA() {
- return saml1OA;
+ return (OASAML1Config) formList.get(new OASAML1Config().getName());
}
public void setSaml1OA(OASAML1Config saml1oa) {
- saml1OA = saml1oa;
+ formList.put(saml1oa.getName(), saml1oa);
}
public OASSOConfig getSsoOA() {
- return ssoOA;
+ return (OASSOConfig) formList.get(new OASSOConfig().getName());
}
public void setSsoOA(OASSOConfig ssoOA) {
- this.ssoOA = ssoOA;
+ formList.put(ssoOA.getName(), ssoOA);
}
public OASTORKConfig getStorkOA() {
- return storkOA;
+ return (OASTORKConfig) formList.get(new OASTORKConfig().getName());
}
public void setStorkOA(OASTORKConfig storkOA) {
- this.storkOA = storkOA;
- }
-
- /**
- * @param oaidobj the oaidobj to set
- */
- public void setOaidobj(String oaidobj) {
- this.oaidobj = oaidobj;
- }
-
- /**
- * @return the newOA
- */
- public boolean isNewOA() {
- return newOA;
- }
-
- /**
- * @param newOA the newOA to set
- */
- public void setNewOA(boolean newOA) {
- this.newOA = newOA;
+ formList.put(storkOA.getName(), storkOA);
}
/**
@@ -1205,75 +469,17 @@ public class EditOAAction extends BasicAction {
}
/**
- * @return the formID
- */
- public String getFormID() {
- return formID;
- }
-
- /**
- * @param formID the formID to set
- */
- public void setFormID(String formID) {
- this.formID = formID;
- }
-
- /**
- * @return the onlyBusinessService
- */
- public boolean isOnlyBusinessService() {
- return onlyBusinessService;
- }
-
- /**
- * @param onlyBusinessService the onlyBusinessService to set
- */
- public void setOnlyBusinessService(boolean onlyBusinessService) {
- this.onlyBusinessService = onlyBusinessService;
- }
-
-
- /**
- * @return the subTargetSet
- */
- public boolean isSubTargetSet() {
- return subTargetSet;
- }
-
- /**
- * @param subTargetSet the subTargetSet to set
- */
- public void setSubTargetSet(boolean subTargetSet) {
- this.subTargetSet = subTargetSet;
- }
-
- /**
- * @return the deaktivededBusinessService
- */
- public boolean isDeaktivededBusinessService() {
- return deaktivededBusinessService;
- }
-
-
- /**
- * @param deaktivededBusinessService the deaktivededBusinessService to set
- */
- public void setDeaktivededBusinessService(boolean deaktivededBusinessService) {
- this.deaktivededBusinessService = deaktivededBusinessService;
- }
-
- /**
* @return the formOA
*/
public FormularCustomization getFormOA() {
- return formOA;
+ return (FormularCustomization) formList.get(new FormularCustomization(null).getName());
}
/**
* @param formOA the formOA to set
*/
public void setFormOA(FormularCustomization formOA) {
- this.formOA = formOA;
+ formList.put(formOA.getName(), formOA);
}
/**
@@ -1284,11 +490,25 @@ public class EditOAAction extends BasicAction {
}
public OAOAuth20Config getOauth20OA() {
- return oauth20OA;
+ return (OAOAuth20Config) formList.get(new OAOAuth20Config().getName());
}
public void setOauth20OA(OAOAuth20Config oauth20OA) {
- this.oauth20OA = oauth20OA;
+ formList.put(oauth20OA.getName(), oauth20OA);
+ }
+
+ /**
+ * @return the formOA
+ */
+ public OATargetConfiguration getTargetConfig() {
+ return (OATargetConfiguration) formList.get(new OATargetConfiguration().getName());
+ }
+
+ /**
+ * @param formOA the formOA to set
+ */
+ public void setTargetConfig(OATargetConfiguration formOA) {
+ formList.put(formOA.getName(), formOA);
}
}
diff --git a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/struts/action/IndexAction.java b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/struts/action/IndexAction.java
index d04592aa3..e019b70bb 100644
--- a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/struts/action/IndexAction.java
+++ b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/struts/action/IndexAction.java
@@ -77,13 +77,12 @@ import org.opensaml.xml.security.x509.X509Credential;
import org.opensaml.xml.signature.Signature;
import org.opensaml.xml.signature.impl.ExplicitKeySignatureTrustEngine;
-import com.opensymphony.xwork2.ActionSupport;
-
import at.gv.egovernment.moa.id.commons.db.ConfigurationDBRead;
import at.gv.egovernment.moa.id.commons.db.ConfigurationDBUtils;
import at.gv.egovernment.moa.id.commons.db.dao.config.OnlineApplication;
import at.gv.egovernment.moa.id.commons.db.dao.config.UserDatabase;
import at.gv.egovernment.moa.id.commons.db.ex.MOADatabaseException;
+import at.gv.egovernment.moa.id.commons.validation.ValidationHelper;
import at.gv.egovernment.moa.id.configuration.Constants;
import at.gv.egovernment.moa.id.configuration.auth.AuthenticatedUser;
import at.gv.egovernment.moa.id.configuration.config.ConfigurationProvider;
@@ -94,7 +93,6 @@ import at.gv.egovernment.moa.id.configuration.helper.AuthenticationHelper;
import at.gv.egovernment.moa.id.configuration.helper.DateTimeHelper;
import at.gv.egovernment.moa.id.configuration.helper.LanguageHelper;
import at.gv.egovernment.moa.id.configuration.helper.MailHelper;
-import at.gv.egovernment.moa.id.configuration.validation.ValidationHelper;
import at.gv.egovernment.moa.id.protocols.pvp2x.PVPConstants;
import at.gv.egovernment.moa.id.util.Random;
import at.gv.egovernment.moa.util.MiscUtil;
@@ -215,14 +213,8 @@ public class IndexAction extends BasicAction {
if (dbuser.isIsMandateUser() != null)
ismandateuser = dbuser.isIsMandateUser();
- AuthenticatedUser authuser = new AuthenticatedUser(
- dbuser.getHjid(),
- dbuser.getGivenname(),
- dbuser.getFamilyname(),
- dbuser.getInstitut(),
- dbuser.getUsername(),
+ AuthenticatedUser authuser = new AuthenticatedUser(dbuser,
true,
- dbuser.isIsAdmin(),
ismandateuser,
false);
@@ -424,16 +416,7 @@ public class IndexAction extends BasicAction {
user.setIsusernamepasswordallowed(false);
user.setIsmandateuser(false);
user.setPVPGenerated(true);
-
- authUser = new AuthenticatedUser();
- authUser.setAdmin(false);
- authUser.setAuthenticated(false);
- authUser.setLastLogin(null);
- authUser.setUserID(-1);
- authUser.setUserName(null);
- authUser.setPVP2Login(true);
- authUser.setMandateUser(false);
-
+
//loop through the nodes to get what we want
List<AttributeStatement> attributeStatements = saml2assertion.getAttributeStatements();
for (int i = 0; i < attributeStatements.size(); i++)
@@ -445,26 +428,24 @@ public class IndexAction extends BasicAction {
if (strAttributeName.equals(PVPConstants.PRINCIPAL_NAME_NAME)) {
user.setFamilyName(attributes.get(x).getAttributeValues().get(0).getDOM().getTextContent());
- authUser.setFamilyName(user.getFamilyName());
}
if (strAttributeName.equals(PVPConstants.GIVEN_NAME_NAME)) {
user.setGivenName(attributes.get(x).getAttributeValues().get(0).getDOM().getTextContent());
- authUser.setGivenName(user.getGivenName());
}
if (strAttributeName.equals(PVPConstants.MANDATE_TYPE_NAME)) {
- authUser.setMandateUser(true);
user.setIsmandateuser(true);
}
if (strAttributeName.equals(PVPConstants.MANDATE_LEG_PER_FULL_NAME_NAME)) {
user.setInstitut(attributes.get(x).getAttributeValues().get(0).getDOM().getTextContent());
- authUser.setInstitute(user.getInstitut());
}
}
}
+ authUser = AuthenticatedUser.generateUserRequestUser(user);
+
//set Random value
formID = Random.nextRandom();
session.setAttribute(Constants.SESSION_FORMID, formID);
@@ -484,14 +465,8 @@ public class IndexAction extends BasicAction {
session.setAttribute(Constants.SESSION_FORMID, formID);
user = new UserDatabaseFrom(dbuser);
- authUser = new AuthenticatedUser(
- dbuser.getHjid(),
- dbuser.getGivenname(),
- dbuser.getFamilyname(),
- dbuser.getInstitut(),
- dbuser.getUsername(),
+ authUser = new AuthenticatedUser(dbuser,
false,
- false,
dbuser.isIsMandateUser(),
true);
session.setAttribute(Constants.SESSION_FORM, user);
@@ -511,14 +486,7 @@ public class IndexAction extends BasicAction {
if (dbuser.isIsMandateUser() != null)
ismandateuser = dbuser.isIsMandateUser();
- authUser = new AuthenticatedUser(
- dbuser.getHjid(),
- dbuser.getGivenname(),
- dbuser.getFamilyname(),
- dbuser.getInstitut(),
- dbuser.getUsername(),
- true,
- dbuser.isIsAdmin(),
+ authUser = new AuthenticatedUser(dbuser, true,
ismandateuser,
true);
diff --git a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/struts/action/InterfederationIDPAction.java b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/struts/action/InterfederationIDPAction.java
new file mode 100644
index 000000000..7a05d6497
--- /dev/null
+++ b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/struts/action/InterfederationIDPAction.java
@@ -0,0 +1,441 @@
+/*
+ * Copyright 2014 Federal Chancellery Austria
+ * MOA-ID has been developed in a cooperation between BRZ, the Federal
+ * Chancellery Austria - ICT staff unit, and Graz University of Technology.
+ *
+ * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by
+ * the European Commission - subsequent versions of the EUPL (the "Licence");
+ * You may not use this work except in compliance with the Licence.
+ * You may obtain a copy of the Licence at:
+ * http://www.osor.eu/eupl/
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the Licence is distributed on an "AS IS" basis,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the Licence for the specific language governing permissions and
+ * limitations under the Licence.
+ *
+ * This product combines work with different licenses. See the "NOTICE" text
+ * file for details on the various modules and licenses.
+ * The "NOTICE" text file is part of the distribution. Any derivative works
+ * that you distribute must include a readable copy of the "NOTICE" text file.
+ */
+package at.gv.egovernment.moa.id.configuration.struts.action;
+
+import java.util.ArrayList;
+import java.util.Date;
+import java.util.List;
+
+import org.apache.log4j.Logger;
+
+import at.gv.egovernment.moa.id.commons.db.ConfigurationDBRead;
+import at.gv.egovernment.moa.id.commons.db.ConfigurationDBUtils;
+import at.gv.egovernment.moa.id.commons.db.dao.config.AttributeProviderPlugin;
+import at.gv.egovernment.moa.id.commons.db.dao.config.MOAIDConfiguration;
+import at.gv.egovernment.moa.id.commons.db.dao.config.OnlineApplication;
+import at.gv.egovernment.moa.id.commons.db.dao.config.UserDatabase;
+import at.gv.egovernment.moa.id.commons.validation.ValidationHelper;
+import at.gv.egovernment.moa.id.configuration.Constants;
+import at.gv.egovernment.moa.id.configuration.data.FormularCustomization;
+import at.gv.egovernment.moa.id.configuration.data.OAListElement;
+import at.gv.egovernment.moa.id.configuration.data.oa.IOnlineApplicationData;
+import at.gv.egovernment.moa.id.configuration.data.oa.OAAuthenticationData;
+import at.gv.egovernment.moa.id.configuration.data.oa.OAMOAIDPInterfederationConfig;
+import at.gv.egovernment.moa.id.configuration.data.oa.OAOAuth20Config;
+import at.gv.egovernment.moa.id.configuration.data.oa.OASTORKConfig;
+import at.gv.egovernment.moa.id.configuration.data.oa.OATargetConfiguration;
+import at.gv.egovernment.moa.id.configuration.exception.BasicActionException;
+import at.gv.egovernment.moa.id.configuration.exception.BasicOAActionException;
+import at.gv.egovernment.moa.id.configuration.helper.FormDataHelper;
+import at.gv.egovernment.moa.id.configuration.helper.LanguageHelper;
+import at.gv.egovernment.moa.id.util.Random;
+import at.gv.egovernment.moa.util.MiscUtil;
+
+/**
+ * @author tlenz
+ *
+ */
+public class InterfederationIDPAction extends BasicOAAction {
+ private static final Logger log = Logger.getLogger(InterfederationIDPAction.class);
+ private static final long serialVersionUID = 2879192135387083131L;
+
+ public static final String STRUTS_IDP_VIDP = "-VIDP";
+ public static final String STRUTS_IDP_MOA = "-MOAIDP";
+
+ private List<OAListElement> formOAs;
+
+ private String interfederationType;
+
+ public InterfederationIDPAction() {
+ super();
+
+ }
+
+ public String listAllIDPs() {
+ try {
+ populateBasicInformations();
+
+ if (authUser.isAdmin()) {
+ List<OnlineApplication> dbOAs = ConfigurationDBRead.getAllOnlineApplications();
+
+ if (dbOAs == null || dbOAs.size() == 0) {
+ addActionError(LanguageHelper.getErrorString("errors.listOAs.noOA", request));
+
+ } else {
+ formOAs = FormDataHelper.populateFormWithInderfederationIDPs(dbOAs);
+ }
+
+ session.setAttribute(Constants.SESSION_RETURNAREA,
+ Constants.STRUTS_RETURNAREA_VALUES.main.name());
+
+ ConfigurationDBUtils.closeSession();
+
+ return Constants.STRUTS_SUCCESS;
+
+ } else {
+ log.warn("User with ID " + authUser.getUserID() + " not allowed to manage interfederation IDPs.");
+ addActionError(LanguageHelper.getErrorString("errors.notallowed", request));
+ return Constants.STRUTS_NOTALLOWED;
+ }
+
+ } catch (BasicActionException e) {
+ return Constants.STRUTS_ERROR;
+
+ }
+ }
+
+ public String newIDP() {
+ log.debug("insert new interfederation IDP");
+
+ try {
+ populateBasicInformations();
+
+ if (!authUser.isAdmin()) {
+ log.warn("User with ID " + authUser.getUserID() + " not allowed to manage interfederation IDPs.");
+ addActionError(LanguageHelper.getErrorString("errors.notallowed", request));
+ return Constants.STRUTS_NOTALLOWED;
+ }
+
+ if (STRUTS_IDP_MOA.equals(interfederationType)) {
+ formList.putAll(MOAIDPAction.buildMOAIDPFormList());
+
+ } else if (STRUTS_IDP_VIDP.equals(interfederationType)) {
+ formList.putAll(VIDPAction.buildVIDPFormList());
+ getStorkOA().setVidpEnabled(true);
+ getStorkOA().getAttributeProviderPlugins().add(new AttributeProviderPlugin());
+
+ } else {
+ log.warn("Unkown interfederation IDP type");
+ addActionError("Unkown interfederation IDP type");
+ return Constants.STRUTS_ERROR;
+ }
+
+ populateBasicNewOnlineApplicationInformation();
+
+ } catch (BasicActionException e) {
+ return Constants.STRUTS_ERROR;
+
+ }
+
+ return Constants.STRUTS_OA_EDIT + interfederationType;
+
+ }
+
+ public String loadIDPInformation() {
+ try {
+ populateBasicInformations();
+
+ if (!authUser.isAdmin()) {
+ log.warn("User with ID " + authUser.getUserID() + " not allowed to manage interfederation IDPs.");
+ addActionError(LanguageHelper.getErrorString("errors.notallowed", request));
+ return Constants.STRUTS_NOTALLOWED;
+ }
+
+ OnlineApplication oa = populateOnlineApplicationFromRequest();
+
+ if (oa.isIsInterfederationIDP() != null
+ && oa.isIsInterfederationIDP()) {
+
+ formList.putAll(MOAIDPAction.buildMOAIDPFormList());
+ interfederationType = STRUTS_IDP_MOA;
+
+ } else if (oa.getAuthComponentOA().getOASTORK() != null
+ && oa.getAuthComponentOA().getOASTORK().isVidpEnabled() != null
+ && oa.getAuthComponentOA().getOASTORK().isVidpEnabled()) {
+
+ formList.putAll(VIDPAction.buildVIDPFormList());
+ if (getStorkOA().getAttributeProviderPlugins() == null ||
+ getStorkOA().getAttributeProviderPlugins().size() == 0)
+ getStorkOA().getAttributeProviderPlugins().add(new AttributeProviderPlugin());
+ interfederationType = STRUTS_IDP_VIDP;
+
+ } else {
+ log.warn("Requested application is not an interfederation IDP.");
+ return Constants.STRUTS_NOTALLOWED;
+ }
+
+ parseOAToForm(oa);
+ return Constants.STRUTS_SUCCESS + interfederationType;
+
+
+ } catch (BasicActionException e) {
+ return Constants.STRUTS_ERROR;
+
+ } catch (BasicOAActionException e) {
+ addActionError(e.getStrutsError());
+ return e.getStrutsReturnValue();
+
+ }
+ }
+
+ public String saveIDP() {
+
+ OnlineApplication onlineapplication= null;
+
+ try {
+ populateBasicInformations();
+
+ if (!authUser.isAdmin()) {
+ log.warn("User with ID " + authUser.getUserID() + " not allowed to manage interfederation IDPs.");
+ addActionError(LanguageHelper.getErrorString("errors.notallowed", request));
+ return Constants.STRUTS_NOTALLOWED;
+ }
+
+ onlineapplication = preProcessSaveOnlineApplication();
+
+ if ( onlineapplication != null &&
+ !((onlineapplication.isIsInterfederationIDP() != null && onlineapplication.isIsInterfederationIDP()) ||
+ (onlineapplication.getAuthComponentOA().getOASTORK() != null
+ && onlineapplication.getAuthComponentOA().getOASTORK().isVidpEnabled() != null
+ && onlineapplication.getAuthComponentOA().getOASTORK().isVidpEnabled()))) {
+ log.warn("IDP which should be stored is not of type interfederation IDP.");
+ addActionError("IDP which should be stored is not of type MOA-ID interfederation IDP.");
+ return Constants.STRUTS_ERROR;
+
+ }
+
+ List<String> errors = new ArrayList<String>();
+
+ //validate forms
+ for (IOnlineApplicationData form : formList.values())
+ errors.addAll(form.validate(getGeneralOA(), authUser, request));
+
+
+ boolean publicServiceAllowed = ValidationHelper.isPublicServiceAllowed(getPvp2OA().getMetaDataURL());
+ if (!publicServiceAllowed && !getGeneralOA().isBusinessService()) {
+ log.info("Metadata URL " + getPvp2OA().getMetaDataURL() + " does not allow PublicService.");
+ errors.add(LanguageHelper.getErrorString("validation.interfederation.moaidp.metadataurl.publicservice",
+ new Object[] {getPvp2OA().getMetaDataURL()}, request ));
+ getGeneralOA().setBusinessService(true);
+
+ }
+
+
+ if (errors.size() > 0) {
+ log.info("IDP-Configuration with ID " + getGeneralOA().getIdentifier() + " has some errors.");
+ for (String el : errors)
+ addActionError(el);
+
+ formID = Random.nextRandom();
+ session.setAttribute(Constants.SESSION_FORMID, formID);
+ return Constants.STRUTS_ERROR_VALIDATION;
+
+ } else {
+ postProcessSaveOnlineApplication(onlineapplication);
+
+ }
+
+ //remove session attributes
+ session.setAttribute(Constants.SESSION_OAID, null);
+ ConfigurationDBUtils.closeSession();
+
+ addActionMessage(LanguageHelper.getGUIString("webpages.idp.success", getGeneralOA().getIdentifier(), request));
+ return Constants.STRUTS_SUCCESS;
+
+
+ } catch (BasicActionException e) {
+ return Constants.STRUTS_ERROR;
+
+ } catch (BasicOAActionException e) {
+ addActionError(e.getStrutsError());
+ return e.getStrutsReturnValue();
+
+ }
+ }
+
+ public String cancleAndBackIDP() {
+ try {
+ populateBasicInformations();
+
+ if (!authUser.isAdmin()) {
+ log.warn("User with ID " + authUser.getUserID() + " not allowed to manage interfederation IDPs.");
+ addActionError(LanguageHelper.getErrorString("errors.notallowed", request));
+ return Constants.STRUTS_NOTALLOWED;
+ }
+
+ } catch (BasicActionException e) {
+ return Constants.STRUTS_ERROR;
+
+ }
+
+ session.setAttribute(Constants.SESSION_OAID, null);
+ addActionMessage(LanguageHelper.getGUIString("webpages.idp.cancle", getGeneralOA().getIdentifier(), request));
+ ConfigurationDBUtils.closeSession();
+
+ return Constants.STRUTS_SUCCESS;
+ }
+
+ public String deleteIDP() {
+ String oaidentifier = null;
+ try {
+ populateBasicInformations();
+
+ if (!authUser.isAdmin()) {
+ log.warn("User with ID " + authUser.getUserID() + " not allowed to manage interfederation IDPs.");
+ addActionError(LanguageHelper.getErrorString("errors.notallowed", request));
+ return Constants.STRUTS_NOTALLOWED;
+ }
+
+ oaidentifier = preProcessDeleteOnlineApplication();
+
+
+ } catch (BasicActionException e) {
+ return Constants.STRUTS_ERROR;
+
+ } catch (BasicOAActionException e) {
+ addActionError(e.getStrutsError());
+ return e.getStrutsReturnValue();
+
+ }
+
+ session.setAttribute(Constants.SESSION_OAID, null);
+ OnlineApplication onlineapplication = ConfigurationDBRead.getOnlineApplication(oaidentifier);
+
+ try {
+ if (MiscUtil.isNotEmpty(onlineapplication.getAuthComponentOA().getOAPVP2().getMetadataURL())) {
+
+ MOAIDConfiguration moaconfig = ConfigurationDBRead.getMOAIDConfiguration();
+ moaconfig.setPvp2RefreshItem(new Date());
+ ConfigurationDBUtils.saveOrUpdate(moaconfig);
+
+ }
+ } catch (Throwable e) {
+ log.info("Found no MetadataURL in OA-Databaseconfig!", e);
+ }
+
+ if (ConfigurationDBUtils.delete(onlineapplication)) {
+
+ ConfigurationDBUtils.closeSession();
+ addActionMessage(LanguageHelper.getGUIString("webpages.oaconfig.delete.message", oaidentifier, request));
+ return Constants.STRUTS_SUCCESS;
+
+ } else {
+ ConfigurationDBUtils.closeSession();
+ addActionError(LanguageHelper.getGUIString("webpages.oaconfig.delete.error", oaidentifier, request));
+ return Constants.STRUTS_SUCCESS;
+ }
+
+ }
+
+ /**
+ * @param oa
+ */
+ private void parseOAToForm(OnlineApplication oa) {
+ List<String> errors = new ArrayList<String>();
+ for (IOnlineApplicationData form : formList.values()) {
+ List<String> error = form.parse(oa, authUser, request);
+ if (error != null)
+ errors.addAll(error);
+ }
+ if (errors.size() > 0) {
+ for (String el : errors)
+ addActionError(el);
+ }
+
+ setNewOA(false);
+
+ ConfigurationDBUtils.closeSession();
+
+ formID = Random.nextRandom();
+ session.setAttribute(Constants.SESSION_FORMID, formID);
+ session.setAttribute(Constants.SESSION_OAID, oaid);
+ }
+
+ /**
+ * @return the formOAs
+ */
+ public List<OAListElement> getFormOAs() {
+ return formOAs;
+ }
+
+ public OAMOAIDPInterfederationConfig getMoaIDP() {
+ return (OAMOAIDPInterfederationConfig) formList.get(new OAMOAIDPInterfederationConfig().getName());
+ }
+
+ public void setMoaIDP(OAMOAIDPInterfederationConfig pvp2oa) {
+ formList.put(pvp2oa.getName(), pvp2oa);
+ }
+
+ /**
+ * @return the formOA
+ */
+ public OATargetConfiguration getTargetConfig() {
+ return (OATargetConfiguration) formList.get(new OATargetConfiguration().getName());
+ }
+
+ /**
+ * @param formOA the formOA to set
+ */
+ public void setTargetConfig(OATargetConfiguration formOA) {
+ formList.put(formOA.getName(), formOA);
+ }
+
+ /**
+ * @return the formOA
+ */
+ public FormularCustomization getFormOA() {
+ return (FormularCustomization) formList.get(new FormularCustomization(null).getName());
+ }
+
+ /**
+ * @param formOA the formOA to set
+ */
+ public void setFormOA(FormularCustomization formOA) {
+ formList.put(formOA.getName(), formOA);
+ }
+
+ public OASTORKConfig getStorkOA() {
+ return (OASTORKConfig) formList.get(new OASTORKConfig().getName());
+ }
+
+ public void setStorkOA(OASTORKConfig storkOA) {
+ formList.put(storkOA.getName(), storkOA);
+ }
+
+
+ public OAAuthenticationData getAuthOA() {
+ return (OAAuthenticationData) formList.get(new OAAuthenticationData().getName());
+ }
+
+ public void setAuthOA(OAAuthenticationData generalOA) {
+ formList.put(generalOA.getName(), generalOA);
+ }
+
+
+ /**
+ * @return the interfederationType
+ */
+ public String getInterfederationType() {
+ return interfederationType;
+ }
+
+ /**
+ * @param interfederationType the interfederationType to set
+ */
+ public void setInterfederationType(String interfederationType) {
+ this.interfederationType = interfederationType;
+ }
+
+
+
+}
diff --git a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/struts/action/ListOAsAction.java b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/struts/action/ListOAsAction.java
index e51ee7ca6..7f7f083c9 100644
--- a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/struts/action/ListOAsAction.java
+++ b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/struts/action/ListOAsAction.java
@@ -39,6 +39,7 @@ import at.gv.egovernment.moa.id.commons.db.ConfigurationDBRead;
import at.gv.egovernment.moa.id.commons.db.ConfigurationDBUtils;
import at.gv.egovernment.moa.id.commons.db.dao.config.OnlineApplication;
import at.gv.egovernment.moa.id.commons.db.dao.config.UserDatabase;
+import at.gv.egovernment.moa.id.commons.validation.ValidationHelper;
import at.gv.egovernment.moa.id.configuration.Constants;
import at.gv.egovernment.moa.id.configuration.auth.AuthenticatedUser;
import at.gv.egovernment.moa.id.configuration.data.OAListElement;
@@ -46,7 +47,6 @@ import at.gv.egovernment.moa.id.configuration.exception.BasicActionException;
import at.gv.egovernment.moa.id.configuration.exception.ConfigurationException;
import at.gv.egovernment.moa.id.configuration.helper.FormDataHelper;
import at.gv.egovernment.moa.id.configuration.helper.LanguageHelper;
-import at.gv.egovernment.moa.id.configuration.validation.ValidationHelper;
import at.gv.egovernment.moa.util.MiscUtil;
public class ListOAsAction extends BasicAction {
@@ -88,7 +88,7 @@ public class ListOAsAction extends BasicAction {
addActionError(LanguageHelper.getErrorString("errors.listOAs.noOA", request));
} else {
- formOAs = FormDataHelper.addFormOAs(dbOAs);
+ formOAs = FormDataHelper.populateFormWithOAs(dbOAs);
}
session.setAttribute(Constants.SESSION_RETURNAREA,
@@ -160,14 +160,11 @@ public class ListOAsAction extends BasicAction {
}
if (dbOAs == null || dbOAs.size() == 0) {
- log.debug("No OAs found with Identifier " + friendlyname);
+ log.debug("No IDPs found with Identifier " + friendlyname);
addActionError(LanguageHelper.getErrorString("errors.listOAs.noOA", request));
- } else {
-
- formOAs = FormDataHelper.addFormOAs(dbOAs);
- session.setAttribute(Constants.SESSION_RETURNAREA,
- Constants.STRUTS_RETURNAREA_VALUES.main.name());
+ } else {
+ formOAs = FormDataHelper.populateFormWithOAs(dbOAs);
}
diff --git a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/struts/action/MOAIDPAction.java b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/struts/action/MOAIDPAction.java
new file mode 100644
index 000000000..8c04a382a
--- /dev/null
+++ b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/struts/action/MOAIDPAction.java
@@ -0,0 +1,59 @@
+/*
+ * Copyright 2014 Federal Chancellery Austria
+ * MOA-ID has been developed in a cooperation between BRZ, the Federal
+ * Chancellery Austria - ICT staff unit, and Graz University of Technology.
+ *
+ * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by
+ * the European Commission - subsequent versions of the EUPL (the "Licence");
+ * You may not use this work except in compliance with the Licence.
+ * You may obtain a copy of the Licence at:
+ * http://www.osor.eu/eupl/
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the Licence is distributed on an "AS IS" basis,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the Licence for the specific language governing permissions and
+ * limitations under the Licence.
+ *
+ * This product combines work with different licenses. See the "NOTICE" text
+ * file for details on the various modules and licenses.
+ * The "NOTICE" text file is part of the distribution. Any derivative works
+ * that you distribute must include a readable copy of the "NOTICE" text file.
+ */
+package at.gv.egovernment.moa.id.configuration.struts.action;
+
+import java.util.LinkedHashMap;
+
+import at.gv.egovernment.moa.id.configuration.data.oa.IOnlineApplicationData;
+import at.gv.egovernment.moa.id.configuration.data.oa.OAMOAIDPInterfederationConfig;
+import at.gv.egovernment.moa.id.configuration.data.oa.OAPVP2Config;
+
+/**
+ * @author tlenz
+ *
+ */
+public class MOAIDPAction extends InterfederationIDPAction {
+
+ private static final long serialVersionUID = -2047128481980413334L;
+
+ public MOAIDPAction() {
+ super();
+ formList.putAll(buildMOAIDPFormList());
+ }
+
+ public static LinkedHashMap<String, IOnlineApplicationData> buildMOAIDPFormList() {
+
+ LinkedHashMap<String, IOnlineApplicationData> forms =
+ new LinkedHashMap<String, IOnlineApplicationData>();
+
+
+ OAPVP2Config pvp2OA = new OAPVP2Config();
+ forms.put(pvp2OA.getName(), pvp2OA);
+
+ OAMOAIDPInterfederationConfig moaidp = new OAMOAIDPInterfederationConfig();
+ forms.put(moaidp.getName(), moaidp);
+
+ return forms;
+ }
+
+}
diff --git a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/struts/action/OpenAdminRequestsAction.java b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/struts/action/OpenAdminRequestsAction.java
index a4c768eda..283b3604a 100644
--- a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/struts/action/OpenAdminRequestsAction.java
+++ b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/struts/action/OpenAdminRequestsAction.java
@@ -67,7 +67,7 @@ public class OpenAdminRequestsAction extends BasicAction {
List<OnlineApplication> dbOAs = ConfigurationDBRead.getAllNewOnlineApplications();
if (dbOAs != null) {
- formOAs = FormDataHelper.addFormOAs(dbOAs);
+ formOAs = FormDataHelper.populateFormWithOAs(dbOAs);
}
List<UserDatabase> dbUsers = ConfigurationDBRead.getAllNewUsers();
diff --git a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/struts/action/UserManagementAction.java b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/struts/action/UserManagementAction.java
index 382dc6372..5799c88b2 100644
--- a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/struts/action/UserManagementAction.java
+++ b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/struts/action/UserManagementAction.java
@@ -38,6 +38,7 @@ import at.gv.egovernment.moa.id.commons.db.ConfigurationDBRead;
import at.gv.egovernment.moa.id.commons.db.ConfigurationDBUtils;
import at.gv.egovernment.moa.id.commons.db.dao.config.UserDatabase;
import at.gv.egovernment.moa.id.commons.db.ex.MOADatabaseException;
+import at.gv.egovernment.moa.id.commons.validation.ValidationHelper;
import at.gv.egovernment.moa.id.configuration.Constants;
import at.gv.egovernment.moa.id.configuration.auth.AuthenticatedUser;
import at.gv.egovernment.moa.id.configuration.data.UserDatabaseFrom;
@@ -48,7 +49,6 @@ import at.gv.egovernment.moa.id.configuration.helper.FormDataHelper;
import at.gv.egovernment.moa.id.configuration.helper.LanguageHelper;
import at.gv.egovernment.moa.id.configuration.helper.MailHelper;
import at.gv.egovernment.moa.id.configuration.validation.UserDatabaseFormValidator;
-import at.gv.egovernment.moa.id.configuration.validation.ValidationHelper;
import at.gv.egovernment.moa.id.util.Random;
import at.gv.egovernment.moa.util.MiscUtil;
diff --git a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/struts/action/VIDPAction.java b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/struts/action/VIDPAction.java
new file mode 100644
index 000000000..8588dd286
--- /dev/null
+++ b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/struts/action/VIDPAction.java
@@ -0,0 +1,75 @@
+/*
+ * Copyright 2014 Federal Chancellery Austria
+ * MOA-ID has been developed in a cooperation between BRZ, the Federal
+ * Chancellery Austria - ICT staff unit, and Graz University of Technology.
+ *
+ * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by
+ * the European Commission - subsequent versions of the EUPL (the "Licence");
+ * You may not use this work except in compliance with the Licence.
+ * You may obtain a copy of the Licence at:
+ * http://www.osor.eu/eupl/
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the Licence is distributed on an "AS IS" basis,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the Licence for the specific language governing permissions and
+ * limitations under the Licence.
+ *
+ * This product combines work with different licenses. See the "NOTICE" text
+ * file for details on the various modules and licenses.
+ * The "NOTICE" text file is part of the distribution. Any derivative works
+ * that you distribute must include a readable copy of the "NOTICE" text file.
+ */
+package at.gv.egovernment.moa.id.configuration.struts.action;
+
+import java.util.HashMap;
+import java.util.LinkedHashMap;
+import java.util.Map;
+
+import at.gv.egovernment.moa.id.configuration.data.FormularCustomization;
+import at.gv.egovernment.moa.id.configuration.data.oa.IOnlineApplicationData;
+import at.gv.egovernment.moa.id.configuration.data.oa.OAAuthenticationData;
+import at.gv.egovernment.moa.id.configuration.data.oa.OASTORKConfig;
+import at.gv.egovernment.moa.id.configuration.data.oa.OATargetConfiguration;
+import at.gv.egovernment.moa.id.util.FormBuildUtils;
+
+/**
+ * @author tlenz
+ *
+ */
+public class VIDPAction extends InterfederationIDPAction {
+
+ private static final long serialVersionUID = 1981465294474566533L;
+
+
+ public VIDPAction() {
+ super();
+ formList.putAll(buildVIDPFormList());
+ }
+
+ /**
+ * @return
+ *
+ */
+ public static LinkedHashMap<String, IOnlineApplicationData> buildVIDPFormList() {
+ LinkedHashMap<String, IOnlineApplicationData> forms =
+ new LinkedHashMap<String, IOnlineApplicationData>();
+
+ OATargetConfiguration oaTarget = new OATargetConfiguration();
+ forms.put(oaTarget.getName(), oaTarget);
+
+ OAAuthenticationData authOA = new OAAuthenticationData();
+ forms.put(authOA.getName(), authOA);
+
+ OASTORKConfig storkOA = new OASTORKConfig();
+ forms.put(storkOA.getName(), storkOA);
+
+ Map<String, String> map = new HashMap<String, String>();
+ map.putAll(FormBuildUtils.getDefaultMap());
+ FormularCustomization formOA = new FormularCustomization(map);
+ forms.put(formOA.getName(), formOA);
+
+ return forms;
+ }
+
+}
diff --git a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/validation/FormularCustomizationValitator.java b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/validation/FormularCustomizationValitator.java
index ae7ee3c8e..c9a174813 100644
--- a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/validation/FormularCustomizationValitator.java
+++ b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/validation/FormularCustomizationValitator.java
@@ -29,6 +29,7 @@ import javax.servlet.http.HttpServletRequest;
import org.apache.log4j.Logger;
+import at.gv.egovernment.moa.id.commons.validation.ValidationHelper;
import at.gv.egovernment.moa.id.configuration.data.FormularCustomization;
import at.gv.egovernment.moa.id.configuration.helper.LanguageHelper;
import at.gv.egovernment.moa.util.MiscUtil;
diff --git a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/validation/TargetValidator.java b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/validation/TargetValidator.java
deleted file mode 100644
index 6d7032f9d..000000000
--- a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/validation/TargetValidator.java
+++ /dev/null
@@ -1,104 +0,0 @@
-/*******************************************************************************
- * Copyright 2014 Federal Chancellery Austria
- * MOA-ID has been developed in a cooperation between BRZ, the Federal
- * Chancellery Austria - ICT staff unit, and Graz University of Technology.
- *
- * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by
- * the European Commission - subsequent versions of the EUPL (the "Licence");
- * You may not use this work except in compliance with the Licence.
- * You may obtain a copy of the Licence at:
- * http://www.osor.eu/eupl/
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the Licence is distributed on an "AS IS" basis,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the Licence for the specific language governing permissions and
- * limitations under the Licence.
- *
- * This product combines work with different licenses. See the "NOTICE" text
- * file for details on the various modules and licenses.
- * The "NOTICE" text file is part of the distribution. Any derivative works
- * that you distribute must include a readable copy of the "NOTICE" text file.
- *******************************************************************************/
-package at.gv.egovernment.moa.id.configuration.validation;
-
-import java.util.ArrayList;
-import java.util.Collections;
-import java.util.HashMap;
-import java.util.List;
-import java.util.Map;
-
-import at.gv.egovernment.moa.util.MiscUtil;
-
-
-public class TargetValidator {
-
- private static Map<String, String> targetList = null;
-
- static {
- targetList = new HashMap<String, String>();
- targetList.put("AR", "Arbeit");
- targetList.put("AS", "Amtliche Statistik");
- targetList.put("BF", "Bildung und Forschung");
- targetList.put("BW", "Bauen und Wohnen");
- targetList.put("EA", "EU und Auswärtige Angelegenheiten");
- targetList.put("EF", "Ein- und Ausfuhr");
- targetList.put("GH", "Gesundheit");
- targetList.put("GS", "Gesellschaft und Soziales");
-// targetList.put("GS-RE", "Restitution");
- targetList.put("JR", "Justiz/Zivilrechtswesen");
- targetList.put("KL", "Kultus");
- targetList.put("KU", "Kunst und Kultur");
- targetList.put("LF", "Land- und Forstwirtschaft");
- targetList.put("LV", "Landesverteidigung");
- targetList.put("RT", "Rundfunk und sonstige Medien sowie Telekommunikation");
- targetList.put("SA", "Steuern und Abgaben");
- targetList.put("SA", "Sport und Freizeit");
- targetList.put("SO", "Sicherheit und Ordnung");
-// targetList.put("SO-VR", "Vereinsregister");
-// targetList.put("SR-RG", "Strafregister");
- targetList.put("SV", "Sozialversicherung");
- targetList.put("UW", "Umwelt");
- targetList.put("VT", "Verkehr und Technik");
- targetList.put("VV", "Vermögensverwaltung");
- targetList.put("WT", "Wirtschaft");
- targetList.put("ZP", "Personenidentität und Bürgerrechte(zur Person)");
- targetList.put("BR", "Bereichsübergreifender Rechtsschutz");
- targetList.put("HR", "Zentrales Rechnungswesen");
- targetList.put("KI", "Auftraggeberinterne allgemeine Kanzleiindizes");
- targetList.put("OI", "Öffentlichkeitsarbeit");
- targetList.put("PV", "Personalverwaltung");
- targetList.put("RD", "Zentraler Rechtsdienst");
- targetList.put("VS", "Zentrale Durchführung von Verwaltungsstrafverfahren");
-// targetList.put("VS-RG", "Zentrales Verwaltungsstrafregister");
- targetList.put("ZU", "Zustellungen");
- }
-
- public static List<String> getListOfTargets() {
- Map<String, String> list = new HashMap<String, String>();
- list.put("", "");
- list.putAll(targetList);
-
- List<String> sortedList = new ArrayList<String>();
- sortedList.addAll(list.keySet());
- Collections.sort(sortedList);
-
- return sortedList;
-
- }
-
- public static String getTargetFriendlyName(String target) {
- String name = targetList.get(target);
-
- if (MiscUtil.isNotEmpty(name))
- return name;
- else
- return null;
- }
-
- public static boolean isValidTarget(String target) {
- return targetList.containsKey(target);
- }
-
-
-}
diff --git a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/validation/UserDatabaseFormValidator.java b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/validation/UserDatabaseFormValidator.java
index 3ed0157da..662694ce7 100644
--- a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/validation/UserDatabaseFormValidator.java
+++ b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/validation/UserDatabaseFormValidator.java
@@ -31,6 +31,7 @@ import org.apache.log4j.Logger;
import at.gv.egovernment.moa.id.commons.db.ConfigurationDBRead;
import at.gv.egovernment.moa.id.commons.db.dao.config.UserDatabase;
+import at.gv.egovernment.moa.id.commons.validation.ValidationHelper;
import at.gv.egovernment.moa.id.configuration.data.UserDatabaseFrom;
import at.gv.egovernment.moa.id.configuration.helper.AuthenticationHelper;
import at.gv.egovernment.moa.id.configuration.helper.LanguageHelper;
diff --git a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/validation/ValidationHelper.java b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/validation/ValidationHelper.java
deleted file mode 100644
index 3749975df..000000000
--- a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/validation/ValidationHelper.java
+++ /dev/null
@@ -1,384 +0,0 @@
-/*******************************************************************************
- * Copyright 2014 Federal Chancellery Austria
- * MOA-ID has been developed in a cooperation between BRZ, the Federal
- * Chancellery Austria - ICT staff unit, and Graz University of Technology.
- *
- * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by
- * the European Commission - subsequent versions of the EUPL (the "Licence");
- * You may not use this work except in compliance with the Licence.
- * You may obtain a copy of the Licence at:
- * http://www.osor.eu/eupl/
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the Licence is distributed on an "AS IS" basis,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the Licence for the specific language governing permissions and
- * limitations under the Licence.
- *
- * This product combines work with different licenses. See the "NOTICE" text
- * file for details on the various modules and licenses.
- * The "NOTICE" text file is part of the distribution. Any derivative works
- * that you distribute must include a readable copy of the "NOTICE" text file.
- *******************************************************************************/
-package at.gv.egovernment.moa.id.configuration.validation;
-
-import iaik.asn1.ObjectID;
-import iaik.utils.Util;
-import iaik.x509.X509Certificate;
-import iaik.x509.X509ExtensionInitException;
-
-import java.io.IOException;
-import java.net.MalformedURLException;
-import java.net.URL;
-import java.net.UnknownHostException;
-import java.security.cert.Certificate;
-import java.security.cert.CertificateEncodingException;
-import java.security.cert.CertificateException;
-import java.text.ParseException;
-import java.text.SimpleDateFormat;
-import java.util.regex.Matcher;
-import java.util.regex.Pattern;
-
-import javax.net.ssl.HttpsURLConnection;
-import javax.net.ssl.SSLSession;
-import javax.net.ssl.SSLSocket;
-import javax.net.ssl.SSLSocketFactory;
-
-import org.apache.log4j.Logger;
-
-public class ValidationHelper {
-
- private static final Logger log = Logger.getLogger(ValidationHelper.class);
-
- private static final String TEMPLATE_DATEFORMAT = "dd.MM.yyyy";
-
-
- public static boolean isPublicServiceAllowed(String identifier) {
-
- SSLSocket socket = null;
-
- try {
- URL url = new URL(identifier);
- String host = url.getHost();
-
- if (host.endsWith("/"))
- host = host.substring(0, host.length()-1);
-
- if (url.getHost().endsWith(at.gv.egovernment.moa.id.configuration.Constants.PUBLICSERVICE_URL_POSTFIX)) {
- log.debug("PublicURLPrefix with .gv.at Domain found.");
- return true;
-
- } else {
- SSLSocketFactory factory = HttpsURLConnection.getDefaultSSLSocketFactory();
- socket = (SSLSocket) factory.createSocket(url.getHost(), url.getPort());
- socket.startHandshake();
-
- SSLSession session = socket.getSession();
- Certificate[] servercerts = session.getPeerCertificates();
- X509Certificate[] iaikChain = new X509Certificate[servercerts.length];
- for (int i=0; i<servercerts.length; i++) {
- iaikChain[i] = new X509Certificate(servercerts[i].getEncoded());
- }
-
-
- X509Certificate cert = Util.arrangeCertificateChain(iaikChain, false)[0];
-
- if (cert != null) {
- ObjectID vwOID = new ObjectID("1.2.40.0.10.1.1.1"); // Verwaltungseigenschaft
- ObjectID dOID = new ObjectID("1.2.40.0.10.1.1.2"); // Dienstleistereigenschaft
-
-
- if ((cert.getExtension(vwOID) == null) && (cert.getExtension(dOID) == null)) {
- return false;
-
- } else {
- log.info("Found correct X509 Extension in server certificate. PublicService is allowed");
- return true;
- }
- }
-
- return false;
- }
-
- } catch (MalformedURLException e) {
- log.warn("PublicURLPrefix can not parsed to URL", e);
- return false;
-
- } catch (UnknownHostException e) {
- log.warn("Can not connect to PublicURLPrefix Server", e);
- return false;
-
- } catch (IOException e) {
- log.warn("Can not connect to PublicURLPrefix Server", e);
- return false;
-
- } catch (CertificateEncodingException e) {
- log.warn("Can not parse X509 server certificate", e);
- return false;
-
- } catch (CertificateException e) {
- log.warn("Can not read X509 server certificate", e);
- return false;
-
- } catch (X509ExtensionInitException e) {
- log.warn("Can not read X509 server certificate extension", e);
- return false;
- }
-
- finally {
- if (socket != null)
- try {
- socket.close();
- } catch (IOException e) {
- log.warn("SSL Socket can not be closed.", e);
- }
- }
- }
-
- public static boolean validateOAID(String oaIDObj) {
- if (oaIDObj != null) {
- try {
-
- long oaID = Long.valueOf(oaIDObj);
-
- if (oaID > 0 && oaID < Long.MAX_VALUE)
- return true;
-
- } catch (Throwable t) {
- log.warn("No valid DataBase OAID received! " + oaIDObj);
- }
- }
- return false;
- }
-
- public static boolean validateNumber(String value) {
-
- log.debug("Validate Number " + value);
-
- try {
- Float.valueOf(value);
-
- return true;
-
- } catch (NumberFormatException e) {
- return false;
- }
-
-
- }
-
- public static boolean validatePhoneNumber(String value) {
- log.debug ("Validate PhoneNumber " + value);
-
- /* ************************************************************************************************
- * Legende:
- * ======== AA = post/pre-Text
- * BB = (+49)
- * CC = Vorwahl
- * DD = Durchwahl
- * EE = Nebenstelle
- * Pattern p = Pattern.compile("^ [a-zA-Z .,;:/\\-]* [ ]* [(]{0,1}[ ]*[+]{0,1}[ ]*[0-9]{0,2}[ ]*[)]{0,1} [ ]* [0-9]*[ ]* [0-9][ ]* [0-9]* [ ]* [a-zA-Z .,;:\\/-]* $");
- * ------- AA ------- --------------------- BB --------------------- --------- CC -------- - DD - - EE - ------- AA -------
- * ************************************************************************************************ */
- Pattern pattern = Pattern.compile("^[a-zA-Z .,;:/\\-]*[ ]*[(]{0,1}[ ]*[+]{0,1}[ ]*[0-9]{0,2}[ ]*[)]{0,1}[ ]*[0-9]*[ ]*[0-9]*[ ]*[0-9]*[ ]*[a-zA-Z .,;:\\/-]*$");
- Matcher matcher = pattern.matcher(value);
- boolean b = matcher.matches();
- if (b) {
- log.debug("Parameter PhoneNumber erfolgreich ueberprueft");
- return true;
- }
- else {
- log.error("Fehler Ueberpruefung Parameter PhoneNumber. PhoneNumber entspricht nicht den Kriterien ^ [a-zA-Z .,;:/\\-]* [ ]* [(]{0,1}[ ]*[+]{0,1}[ ]*[0-9]{0,2}[ ]*[)]{0,1} [ ]* [0-9]*[ ]*[/\\-]{0,1} [ ]*[ ]* [0-9]* [ ]* [a-zA-Z .,;:\\/-]* $");
- return false;
- }
-
-
- }
-
- public static boolean validateURL(String urlString) {
-
- log.debug("Validate URL " + urlString);
-
- if (urlString.startsWith("http") || urlString.startsWith("https")) {
- try {
- new URL(urlString);
- return true;
-
- } catch (MalformedURLException e) {
- }
- }
-
- return false;
- }
-
-// public static boolean validateGeneralURL(String urlString) {
-//
-// log.debug("Validate URL " + urlString);
-//
-// try {
-// new URL(urlString);
-// return true;
-//
-// } catch (MalformedURLException e) {
-//
-// }
-//
-// return false;
-// }
-
- public static boolean isValidAdminTarget(String target) {
-
- log.debug("Ueberpruefe Parameter Target");
-
- Pattern pattern = Pattern.compile("[a-zA-Z-]{1,5}");
- Matcher matcher = pattern.matcher(target);
- boolean b = matcher.matches();
- if (b) {
- log.debug("Parameter SSO-Target erfolgreich ueberprueft. SSO Target is PublicService.");
- return true;
- }
- else {
- log.info("Parameter SSO-Target entspricht nicht den Kriterien " +
- "(nur Zeichen a-z, A-Z und -, sowie 1-5 Zeichen lang) fuer den oeffentlichen Bereich. " +
- "Valiere SSO-Target fuer privatwirtschaftliche Bereiche.");
- return false;
- }
- }
-
- public static boolean isValidTarget(String target) {
-
- log.debug("Ueberpruefe Parameter Target");
-
- if (TargetValidator.isValidTarget(target)) {
- log.debug("Parameter Target erfolgreich ueberprueft");
- return true;
- }
- else {
- log.error("Fehler Ueberpruefung Parameter Target. Target entspricht nicht den Kriterien (nur Zeichen a-z, A-Z und -, sowie 1-5 Zeichen lang)");
- return false;
- }
-
- }
-
- public static boolean isValidSourceID(String sourceID) {
-
- log.debug("Ueberpruefe Parameter sourceID");
-
- Pattern pattern = Pattern.compile("[\\w-_]{1,20}");
- Matcher matcher = pattern.matcher(sourceID);
- boolean b = matcher.matches();
- if (b) {
- log.debug("Parameter sourceID erfolgreich ueberprueft");
- return true;
- }
- else {
- log.error("Fehler Ueberpruefung Parameter sourceID. SourceID entspricht nicht den Kriterien (nur Zeichen a-z, A-Z, - und _, sowie 1-20 Zeichen lang)");
- return false;
- }
- }
-
- public static boolean isDateFormat(String dateString) {
- if (dateString.length() > TEMPLATE_DATEFORMAT.length())
- return false;
-
- SimpleDateFormat sdf = new SimpleDateFormat(TEMPLATE_DATEFORMAT);
- try {
- sdf.parse(dateString);
- return true;
-
- } catch (ParseException e) {
- return false;
- }
- }
-
- public static boolean isEmailAddressFormat(String address) {
- if (address == null) {
- return false;
- }
- return Pattern.compile("^[a-zA-Z0-9._%+-]+@[a-zA-Z0-9.-]+\\.[a-zA-Z]{2,6}$").matcher(address).matches();
- }
-
- public static boolean isValidOAIdentifier(String param) {
- if (param == null) {
- return false;
- }
- return param.indexOf(";") != -1 ||
- param.indexOf("%") != -1 ||
- param.indexOf("\"") != -1 ||
- param.indexOf("'") != -1 ||
- param.indexOf("?") != -1 ||
- param.indexOf("`") != -1 ||
- param.indexOf(",") != -1 ||
- param.indexOf("<") != -1 ||
- param.indexOf(">") != -1 ||
- param.indexOf("\\") != -1;
-
- }
-
- public static String getNotValidOAIdentifierCharacters() {
-
- return "; % \" ' ` , < > \\";
- }
-
- public static boolean containsPotentialCSSCharacter(String param, boolean commaallowed) {
-
- if (param == null) {
- return false;
- }
- return param.indexOf(";") != -1 ||
- param.indexOf("%") != -1 ||
- param.indexOf("\"") != -1 ||
- param.indexOf("'") != -1 ||
- param.indexOf("?") != -1 ||
- param.indexOf("`") != -1 ||
- ( param.indexOf(",") != -1 && !commaallowed ) ||
- param.indexOf("<") != -1 ||
- param.indexOf(">") != -1 ||
- param.indexOf("\\") != -1 ||
- param.indexOf("/") != -1;
- }
-
- public static String getPotentialCSSCharacter(boolean commaallowed) {
-
- if (commaallowed)
- return "; % \" ' ` < > \\ /";
- else
- return "; % \" ' ` , < > \\ /";
- }
-
- public static boolean isNotValidIdentityLinkSigner(String param) {
- if (param == null) {
- return false;
- }
- return param.indexOf(";") != -1 ||
- param.indexOf("%") != -1 ||
- param.indexOf("\"") != -1 ||
- param.indexOf("'") != -1 ||
- param.indexOf("?") != -1 ||
- param.indexOf("`") != -1 ||
- param.indexOf("<") != -1 ||
- param.indexOf(">") != -1;
-
- }
-
- public static String getNotValidIdentityLinkSignerCharacters() {
-
- return "; % \" ' ` < >";
- }
-
- public static boolean isValidHexValue(String param) {
-
- try {
- if (param.startsWith("#") && param.length() <= 7) {
- Long.decode(param);
- return true;
- }
-
- } catch (Exception e) {
-
- }
- return false;
-
- }
-
-}
diff --git a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/validation/moaconfig/MOAConfigValidator.java b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/validation/moaconfig/MOAConfigValidator.java
index cfa00f0e1..c64ae35d3 100644
--- a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/validation/moaconfig/MOAConfigValidator.java
+++ b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/validation/moaconfig/MOAConfigValidator.java
@@ -34,13 +34,13 @@ import javax.servlet.http.HttpServletRequest;
import org.apache.log4j.Logger;
+import at.gv.egovernment.moa.id.commons.validation.ValidationHelper;
import at.gv.egovernment.moa.id.configuration.Constants;
import at.gv.egovernment.moa.id.configuration.data.GeneralMOAIDConfig;
import at.gv.egovernment.moa.id.configuration.data.pvp2.ContactForm;
import at.gv.egovernment.moa.id.configuration.helper.LanguageHelper;
import at.gv.egovernment.moa.id.configuration.helper.StringHelper;
import at.gv.egovernment.moa.id.configuration.validation.CompanyNumberValidator;
-import at.gv.egovernment.moa.id.configuration.validation.ValidationHelper;
import at.gv.egovernment.moa.util.Base64Utils;
import at.gv.egovernment.moa.util.MiscUtil;
diff --git a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/validation/moaconfig/PVP2ContactValidator.java b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/validation/moaconfig/PVP2ContactValidator.java
index f7adc1a67..e4a091c7e 100644
--- a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/validation/moaconfig/PVP2ContactValidator.java
+++ b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/validation/moaconfig/PVP2ContactValidator.java
@@ -30,9 +30,9 @@ import javax.servlet.http.HttpServletRequest;
import org.apache.log4j.Logger;
+import at.gv.egovernment.moa.id.commons.validation.ValidationHelper;
import at.gv.egovernment.moa.id.configuration.data.pvp2.ContactForm;
import at.gv.egovernment.moa.id.configuration.helper.LanguageHelper;
-import at.gv.egovernment.moa.id.configuration.validation.ValidationHelper;
import at.gv.egovernment.moa.util.MiscUtil;
diff --git a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/validation/moaconfig/StorkConfigValidator.java b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/validation/moaconfig/StorkConfigValidator.java
index a63b3a7b1..8bc916e5a 100644
--- a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/validation/moaconfig/StorkConfigValidator.java
+++ b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/validation/moaconfig/StorkConfigValidator.java
@@ -9,9 +9,9 @@ import org.apache.log4j.Logger;
import at.gv.egovernment.moa.id.commons.db.dao.config.CPEPS;
import at.gv.egovernment.moa.id.commons.db.dao.config.StorkAttribute;
+import at.gv.egovernment.moa.id.commons.validation.ValidationHelper;
import at.gv.egovernment.moa.id.configuration.data.GeneralStorkConfig;
import at.gv.egovernment.moa.id.configuration.helper.LanguageHelper;
-import at.gv.egovernment.moa.id.configuration.validation.ValidationHelper;
import at.gv.egovernment.moa.util.MiscUtil;
public class StorkConfigValidator {
diff --git a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/validation/oa/OAGeneralConfigValidation.java b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/validation/oa/OAAuthenticationDataValidation.java
index 7b68f04d8..0bbf2116d 100644
--- a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/validation/oa/OAGeneralConfigValidation.java
+++ b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/validation/oa/OAAuthenticationDataValidation.java
@@ -30,33 +30,21 @@ import javax.servlet.http.HttpServletRequest;
import org.apache.log4j.Logger;
-import at.gv.egovernment.moa.id.configuration.Constants;
-import at.gv.egovernment.moa.id.configuration.data.oa.OAGeneralConfig;
+import at.gv.egovernment.moa.id.commons.validation.ValidationHelper;
+import at.gv.egovernment.moa.id.configuration.data.oa.OAAuthenticationData;
import at.gv.egovernment.moa.id.configuration.helper.LanguageHelper;
-import at.gv.egovernment.moa.id.configuration.validation.CompanyNumberValidator;
-import at.gv.egovernment.moa.id.configuration.validation.ValidationHelper;
import at.gv.egovernment.moa.util.MiscUtil;
-public class OAGeneralConfigValidation {
+public class OAAuthenticationDataValidation {
private static final Logger log = Logger.getLogger(OASSOConfigValidation.class);
- public List<String> validate(OAGeneralConfig form, boolean isAdmin, HttpServletRequest request) {
+ public List<String> validate(OAAuthenticationData form, boolean isAdmin, HttpServletRequest request) {
List<String> errors = new ArrayList<String>();
String check;
- if (isAdmin) {
- //validate aditionalAuthBlockText
- check = form.getAditionalAuthBlockText();
- if (MiscUtil.isNotEmpty(check)) {
- if (ValidationHelper.containsPotentialCSSCharacter(check, false)) {
- log.warn("AditionalAuthBlockText contains potentail XSS characters: " + check);
- errors.add(LanguageHelper.getErrorString("validation.general.aditionalauthblocktext",
- new Object[] {ValidationHelper.getPotentialCSSCharacter(false)}, request ));
- }
- }
- }
+
//Check BKU URLs
if (isAdmin) {
@@ -97,19 +85,6 @@ public class OAGeneralConfigValidation {
}
}
- //check OA FriendlyName
- check = form.getFriendlyName();
- if (MiscUtil.isNotEmpty(check)) {
- if (ValidationHelper.containsPotentialCSSCharacter(check, false)) {
- log.warn("OAFriendlyName contains potentail XSS characters: " + check);
- errors.add(LanguageHelper.getErrorString("validation.general.oafriendlyname.valid",
- new Object[] {ValidationHelper.getPotentialCSSCharacter(false)}, request ));
- }
- } else {
- log.info("OA friendlyName is empty");
- errors.add(LanguageHelper.getErrorString("validation.general.oafriendlyname.empty", request));
- }
-
if (isAdmin) {
//check KeyBoxIdentifier
check = form.getKeyBoxIdentifier();
@@ -170,114 +145,7 @@ public class OAGeneralConfigValidation {
new Object[] {ValidationHelper.getPotentialCSSCharacter(true)}, request ));
}
}
-
-
-
- boolean businessservice = form.isBusinessService();
-
- if (businessservice) {
-
- //check identification type
- check = form.getIdentificationType();
- if (!form.getIdentificationTypeList().contains(check)) {
- log.info("IdentificationType is not known.");
- errors.add(LanguageHelper.getErrorString("validation.general.stork.sptarget", request));
- }
-
- //check identification number
- check = form.getIdentificationNumber();
- if (MiscUtil.isEmpty(check)) {
- log.info("Empty IdentificationNumber");
- errors.add(LanguageHelper.getErrorString("validation.general.identificationnumber.empty", request));
-
- } else {
- if (ValidationHelper.containsPotentialCSSCharacter(check, false)) {
- log.warn("IdentificationNumber contains potentail XSS characters: " + check);
- errors.add(LanguageHelper.getErrorString("validation.general.identificationnumber.valid",
- new Object[] {ValidationHelper.getPotentialCSSCharacter(false)}, request ));
- }
-
- if (form.getIdentificationType().equals(Constants.IDENIFICATIONTYPE_FN)) {
- CompanyNumberValidator val = new CompanyNumberValidator();
- if (!val.validate(check)) {
- log.info("Not valid CompanyNumber");
- errors.add(LanguageHelper.getErrorString("validation.general.identificationnumber.fn.valid", request));
- }
- }
- }
-
- } else {
-
- check = form.getTarget_subsector();
- if (MiscUtil.isNotEmpty(check)) {
- if (!ValidationHelper.isValidAdminTarget(check)) {
- log.info("Not valid Target-Subsector");
- errors.add(LanguageHelper.getErrorString("validation.general.target.subsector.valid", request));
- }
- }
-
-
- if (!isAdmin) {
- //check PublicURL Prefix allows PublicService
- if (!ValidationHelper.isPublicServiceAllowed(form.getIdentifier())) {
- log.warn("PublicURLPrefix does not allow PublicService: " + form.getIdentifier());
- errors.add(LanguageHelper.getErrorString("validation.general.target.publicserviceurl",
- new Object[] {form.getIdentifier()}, request ));
- form.setBusinessService(true);
- return errors;
-
- }
-
- //check Target
- check = form.getTarget();
- if (MiscUtil.isEmpty(check)) {
- log.info("Empty Target");
- errors.add(LanguageHelper.getErrorString("validation.general.target.empty", request));
-
- } else {
- if (!ValidationHelper.isValidTarget(check)) {
- log.info("Not valid Target");
- errors.add(LanguageHelper.getErrorString("validation.general.target.valid", request));
- }
- }
-
- } else {
- //check targetFrindlyName();
- check = form.getTargetFriendlyName();
- if (MiscUtil.isNotEmpty(check)) {
- if (ValidationHelper.containsPotentialCSSCharacter(check, false)) {
- log.warn("TargetFriendlyName contains potentail XSS characters: " + check);
- errors.add(LanguageHelper.getErrorString("validation.general.targetfriendlyname",
- new Object[] {ValidationHelper.getPotentialCSSCharacter(false)}, request ));
- }
- }
-
- if (MiscUtil.isEmpty(form.getTarget()) && MiscUtil.isEmpty(form.getTarget_admin())) {
- log.info("Empty Target");
- errors.add(LanguageHelper.getErrorString("validation.general.target.empty", request));
- }
-
- //check Target
- check = form.getTarget();
- if (MiscUtil.isNotEmpty(check)) {
- if (!ValidationHelper.isValidTarget(check)) {
- log.info("Not valid Target");
- errors.add(LanguageHelper.getErrorString("validation.general.target.valid", request));
- }
- }
-
- //check Admin Target
- check = form.getTarget_admin();
- if (MiscUtil.isNotEmpty(check)) {
- if (!ValidationHelper.isValidAdminTarget(check)) {
- log.info("Not valid Target");
- errors.add(LanguageHelper.getErrorString("validation.general.target.admin.valid", request));
- }
- }
- }
- }
-
return errors;
}
}
diff --git a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/validation/oa/OAFileUploadValidation.java b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/validation/oa/OAFileUploadValidation.java
index bee2ba06c..de32d31c7 100644
--- a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/validation/oa/OAFileUploadValidation.java
+++ b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/validation/oa/OAFileUploadValidation.java
@@ -36,9 +36,9 @@ import javax.servlet.http.HttpServletRequest;
import org.apache.commons.io.IOUtils;
import org.apache.log4j.Logger;
+import at.gv.egovernment.moa.id.commons.validation.ValidationHelper;
import at.gv.egovernment.moa.id.configuration.data.oa.OAGeneralConfig;
import at.gv.egovernment.moa.id.configuration.helper.LanguageHelper;
-import at.gv.egovernment.moa.id.configuration.validation.ValidationHelper;
import at.gv.egovernment.moa.util.Base64Utils;
import at.gv.egovernment.moa.util.MiscUtil;
diff --git a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/validation/oa/OAPVP2ConfigValidation.java b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/validation/oa/OAPVP2ConfigValidation.java
index b26f2d9d5..62fc83ab9 100644
--- a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/validation/oa/OAPVP2ConfigValidation.java
+++ b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/validation/oa/OAPVP2ConfigValidation.java
@@ -22,31 +22,68 @@
*******************************************************************************/
package at.gv.egovernment.moa.id.configuration.validation.oa;
+import iaik.x509.X509Certificate;
+
import java.io.IOException;
import java.security.cert.CertificateException;
import java.util.ArrayList;
import java.util.List;
+import java.util.Timer;
+import javax.net.ssl.SSLHandshakeException;
import javax.servlet.http.HttpServletRequest;
+import org.apache.commons.httpclient.MOAHttpClient;
import org.apache.log4j.Logger;
+import org.opensaml.saml2.metadata.provider.HTTPMetadataProvider;
+import org.opensaml.saml2.metadata.provider.MetadataFilter;
+import org.opensaml.saml2.metadata.provider.MetadataProviderException;
+import org.opensaml.xml.parse.BasicParserPool;
+import org.opensaml.xml.security.x509.BasicX509Credential;
+import at.gv.egovernment.moa.id.commons.db.ConfigurationDBRead;
+import at.gv.egovernment.moa.id.commons.db.ConfigurationDBUtils;
+import at.gv.egovernment.moa.id.commons.db.dao.config.ChainingModeType;
+import at.gv.egovernment.moa.id.commons.db.dao.config.OnlineApplication;
+import at.gv.egovernment.moa.id.commons.ex.MOAHttpProtocolSocketFactoryException;
+import at.gv.egovernment.moa.id.commons.utils.MOAHttpProtocolSocketFactory;
+import at.gv.egovernment.moa.id.commons.validation.ValidationHelper;
+import at.gv.egovernment.moa.id.configuration.auth.pvp2.MetaDataVerificationFilter;
+import at.gv.egovernment.moa.id.configuration.config.ConfigurationProvider;
import at.gv.egovernment.moa.id.configuration.data.oa.OAPVP2Config;
+import at.gv.egovernment.moa.id.configuration.exception.ConfigurationException;
import at.gv.egovernment.moa.id.configuration.helper.LanguageHelper;
-import at.gv.egovernment.moa.id.configuration.validation.ValidationHelper;
-import at.gv.egovernment.moa.util.FileUtils;
import at.gv.egovernment.moa.util.MiscUtil;
public class OAPVP2ConfigValidation {
private static final Logger log = Logger.getLogger(OAPVP2ConfigValidation.class);
- public List<String> validate(OAPVP2Config form, HttpServletRequest request) {
+ public List<String> validate(OAPVP2Config form, String oaID, HttpServletRequest request) {
+
+ Timer timer = null;
+ MOAHttpClient httpClient = null;
+ HTTPMetadataProvider httpProvider = null;
List<String> errors = new ArrayList<String>();
try {
- byte[] metadata = null;
-// byte[] cert = null;
+ byte[] certSerialized = null;
+ if (form.getFileUpload() != null)
+ certSerialized = form.getCertificate();
+ else {
+ OnlineApplication oa = ConfigurationDBRead.getOnlineApplication(oaID);
+ if (oa != null &&
+ oa.getAuthComponentOA() != null &&
+ oa.getAuthComponentOA().getOAPVP2() != null) {
+ certSerialized = oa.getAuthComponentOA().getOAPVP2().getCertificate();
+ }
+ }
+
+ if (certSerialized == null) {
+ log.info("No certificate for metadata validation");
+ errors.add(LanguageHelper.getErrorString("validation.pvp2.certificate.notfound", request));
+ }
+
String check = form.getMetaDataURL();
if (MiscUtil.isNotEmpty(check)) {
@@ -55,37 +92,48 @@ public class OAPVP2ConfigValidation {
errors.add(LanguageHelper.getErrorString("validation.pvp2.metadataurl.valid", request));
} else {
- metadata = FileUtils.readURL(check);
- if (MiscUtil.isEmpty(metadata)) {
- log.info("Filecontent can not be read form MetaDataURL.");
- errors.add(LanguageHelper.getErrorString("validation.pvp2.metadataurl.read", request));
+
+ if (certSerialized != null) {
+ X509Certificate cert = new X509Certificate(certSerialized);
+ BasicX509Credential credential = new BasicX509Credential();
+ credential.setEntityCertificate(cert);
+
+ timer = new Timer();
+ httpClient = new MOAHttpClient();
+
+ if (form.getMetaDataURL().startsWith("https:"))
+ try {
+ MOAHttpProtocolSocketFactory protoSocketFactory = new MOAHttpProtocolSocketFactory(
+ "MOAMetaDataProvider",
+ ConfigurationProvider.getInstance().getCertStoreDirectory(),
+ ConfigurationProvider.getInstance().getTrustStoreDirectory(),
+ null,
+ ChainingModeType.PKIX,
+ true);
+
+ httpClient.setCustomSSLTrustStore(
+ form.getMetaDataURL(),
+ protoSocketFactory);
+
+ } catch (MOAHttpProtocolSocketFactoryException e) {
+ log.warn("MOA SSL-TrustStore can not initialized. Use default Java TrustStore.");
+
+ } catch (ConfigurationException e) {
+ log.info("No MOA specific SSL-TrustStore configured. Use default Java TrustStore.");
+
+ }
+
+ httpProvider =
+ new HTTPMetadataProvider(timer, httpClient, form.getMetaDataURL());
+ httpProvider.setParserPool(new BasicParserPool());
+ httpProvider.setRequireValidMetadata(true);
+ MetadataFilter filter = new MetaDataVerificationFilter(credential);
+ httpProvider.setMetadataFilter(filter);
+ httpProvider.initialize();
}
}
}
-
- if (form.getFileUpload() != null)
- form.getCertificate();
-
-// else {
-// if (metadata != null) {
-// log.info("No certificate to verify the Metadata defined.");
-// errors.add(LanguageHelper.getErrorString("validation.pvp2.certificate.notfound"));
-// }
-// }
-
-// if (cert != null && metadata != null) {
-// HTTPMetadataProvider httpProvider = new HTTPMetadataProvider(
-// check, 20000);
-// httpProvider.setParserPool(new BasicParserPool());
-// httpProvider.setRequireValidMetadata(true);
-// MetadataFilter filter = new MetadataSignatureFilter(
-// check, cert);
-// httpProvider.setMetadataFilter(filter);
-// httpProvider.initialize();
-//
-// }
-
-
+
} catch (CertificateException e) {
log.info("Uploaded Certificate can not be found", e);
errors.add(LanguageHelper.getErrorString("validation.pvp2.certificate.notfound", request));
@@ -94,9 +142,24 @@ public class OAPVP2ConfigValidation {
log.info("Metadata can not be loaded from URL", e);
errors.add(LanguageHelper.getErrorString("validation.pvp2.metadataurl.read", request));
-// } catch (MetadataProviderException e) {
-// log.info("MetaDate verification failed");
-// errors.add(LanguageHelper.getErrorString("validation.pvp2.metadata.verify"));
+ } catch (MetadataProviderException e) {
+
+ if (e.getCause() != null && e.getCause().getCause() instanceof SSLHandshakeException) {
+ log.info("SSL Server certificate not trusted.", e);
+ errors.add(LanguageHelper.getErrorString("validation.pvp2.metadata.ssl", request));
+
+ } else {
+ log.info("MetaDate verification failed", e);
+ errors.add(LanguageHelper.getErrorString("validation.pvp2.metadata.verify", request));
+ }
+
+ } finally {
+ if (httpProvider != null)
+ httpProvider.destroy();
+
+ if (timer != null)
+ timer.cancel();
+
}
return errors;
diff --git a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/validation/oa/OASSOConfigValidation.java b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/validation/oa/OASSOConfigValidation.java
index 6de966b8d..971e11cc4 100644
--- a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/validation/oa/OASSOConfigValidation.java
+++ b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/validation/oa/OASSOConfigValidation.java
@@ -29,9 +29,9 @@ import javax.servlet.http.HttpServletRequest;
import org.apache.log4j.Logger;
+import at.gv.egovernment.moa.id.commons.validation.ValidationHelper;
import at.gv.egovernment.moa.id.configuration.data.oa.OASSOConfig;
import at.gv.egovernment.moa.id.configuration.helper.LanguageHelper;
-import at.gv.egovernment.moa.id.configuration.validation.ValidationHelper;
import at.gv.egovernment.moa.util.MiscUtil;
public class OASSOConfigValidation {
diff --git a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/validation/oa/OASTORKConfigValidation.java b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/validation/oa/OASTORKConfigValidation.java
index 7bdcb65cf..60209542b 100644
--- a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/validation/oa/OASTORKConfigValidation.java
+++ b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/validation/oa/OASTORKConfigValidation.java
@@ -23,6 +23,7 @@
package at.gv.egovernment.moa.id.configuration.validation.oa;
import java.util.ArrayList;
+import java.util.Iterator;
import java.util.List;
import javax.servlet.http.HttpServletRequest;
@@ -30,9 +31,9 @@ import javax.servlet.http.HttpServletRequest;
import org.apache.log4j.Logger;
import at.gv.egovernment.moa.id.commons.db.dao.config.AttributeProviderPlugin;
+import at.gv.egovernment.moa.id.commons.validation.ValidationHelper;
import at.gv.egovernment.moa.id.configuration.data.oa.OASTORKConfig;
import at.gv.egovernment.moa.id.configuration.helper.LanguageHelper;
-import at.gv.egovernment.moa.id.configuration.validation.ValidationHelper;
import at.gv.egovernment.moa.util.MiscUtil;
public class OASTORKConfigValidation {
@@ -52,7 +53,9 @@ public class OASTORKConfigValidation {
}
if (oageneral.isVidpEnabled()) {
- for(AttributeProviderPlugin current : oageneral.getAttributeProviderPlugins()) {
+ Iterator<AttributeProviderPlugin> interator = oageneral.getAttributeProviderPlugins().iterator();
+ while (interator.hasNext()) {
+ AttributeProviderPlugin current = interator.next();
if (MiscUtil.isEmpty(current.getUrl()) || !ValidationHelper.validateURL(current.getUrl())) {
log.info("AttributeProviderPlugin URL has no valid form.");
errors.add(LanguageHelper.getErrorString("validation.stork.ap.url.valid", request));
diff --git a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/validation/oa/OATargetConfigValidation.java b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/validation/oa/OATargetConfigValidation.java
new file mode 100644
index 000000000..650553ab3
--- /dev/null
+++ b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/validation/oa/OATargetConfigValidation.java
@@ -0,0 +1,154 @@
+/*******************************************************************************
+ * Copyright 2014 Federal Chancellery Austria
+ * MOA-ID has been developed in a cooperation between BRZ, the Federal
+ * Chancellery Austria - ICT staff unit, and Graz University of Technology.
+ *
+ * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by
+ * the European Commission - subsequent versions of the EUPL (the "Licence");
+ * You may not use this work except in compliance with the Licence.
+ * You may obtain a copy of the Licence at:
+ * http://www.osor.eu/eupl/
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the Licence is distributed on an "AS IS" basis,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the Licence for the specific language governing permissions and
+ * limitations under the Licence.
+ *
+ * This product combines work with different licenses. See the "NOTICE" text
+ * file for details on the various modules and licenses.
+ * The "NOTICE" text file is part of the distribution. Any derivative works
+ * that you distribute must include a readable copy of the "NOTICE" text file.
+ *******************************************************************************/
+package at.gv.egovernment.moa.id.configuration.validation.oa;
+
+import java.util.ArrayList;
+import java.util.List;
+
+import javax.servlet.http.HttpServletRequest;
+
+import org.apache.log4j.Logger;
+
+import at.gv.egovernment.moa.id.commons.validation.ValidationHelper;
+import at.gv.egovernment.moa.id.configuration.Constants;
+import at.gv.egovernment.moa.id.configuration.data.oa.OAGeneralConfig;
+import at.gv.egovernment.moa.id.configuration.data.oa.OATargetConfiguration;
+import at.gv.egovernment.moa.id.configuration.helper.LanguageHelper;
+import at.gv.egovernment.moa.id.configuration.validation.CompanyNumberValidator;
+import at.gv.egovernment.moa.util.MiscUtil;
+
+public class OATargetConfigValidation {
+
+ private static final Logger log = Logger.getLogger(OATargetConfigValidation.class);
+
+ public List<String> validate(OATargetConfiguration form, boolean isAdmin, OAGeneralConfig general, HttpServletRequest request) {
+
+ List<String> errors = new ArrayList<String>();
+ String check;
+
+ if (general.isBusinessService()) {
+
+ //check identification type
+ check = form.getIdentificationType();
+ if (!form.getIdentificationTypeList().contains(check)) {
+ log.info("IdentificationType is not known.");
+ errors.add(LanguageHelper.getErrorString("validation.general.stork.sptarget", request));
+ }
+
+ //check identification number
+ check = form.getIdentificationNumber();
+ if (MiscUtil.isEmpty(check)) {
+ log.info("Empty IdentificationNumber");
+ errors.add(LanguageHelper.getErrorString("validation.general.identificationnumber.empty", request));
+
+ } else {
+ if (ValidationHelper.containsPotentialCSSCharacter(check, false)) {
+ log.warn("IdentificationNumber contains potentail XSS characters: " + check);
+ errors.add(LanguageHelper.getErrorString("validation.general.identificationnumber.valid",
+ new Object[] {ValidationHelper.getPotentialCSSCharacter(false)}, request ));
+ }
+
+ if (form.getIdentificationType().equals(Constants.IDENIFICATIONTYPE_FN)) {
+ CompanyNumberValidator val = new CompanyNumberValidator();
+ if (!val.validate(check)) {
+ log.info("Not valid CompanyNumber");
+ errors.add(LanguageHelper.getErrorString("validation.general.identificationnumber.fn.valid", request));
+ }
+ }
+ }
+
+ } else {
+
+ check = form.getTarget_subsector();
+ if (MiscUtil.isNotEmpty(check)) {
+ if (!ValidationHelper.isValidAdminTarget(check)) {
+ log.info("Not valid Target-Subsector");
+ errors.add(LanguageHelper.getErrorString("validation.general.target.subsector.valid", request));
+ }
+ }
+
+
+ if (!isAdmin) {
+ //check PublicURL Prefix allows PublicService
+ if (!ValidationHelper.isPublicServiceAllowed(general.getIdentifier())) {
+ log.warn("PublicURLPrefix does not allow PublicService: " + general.getIdentifier());
+ errors.add(LanguageHelper.getErrorString("validation.general.target.publicserviceurl",
+ new Object[] {general.getIdentifier()}, request ));
+ general.setBusinessService(true);
+ return errors;
+
+ }
+
+ //check Target
+ check = form.getTarget();
+ if (MiscUtil.isEmpty(check)) {
+ log.info("Empty Target");
+ errors.add(LanguageHelper.getErrorString("validation.general.target.empty", request));
+
+ } else {
+ if (!ValidationHelper.isValidTarget(check)) {
+ log.info("Not valid Target");
+ errors.add(LanguageHelper.getErrorString("validation.general.target.valid", request));
+ }
+ }
+
+ } else {
+
+ //check targetFrindlyName();
+ check = form.getTargetFriendlyName();
+ if (MiscUtil.isNotEmpty(check)) {
+ if (ValidationHelper.containsPotentialCSSCharacter(check, false)) {
+ log.warn("TargetFriendlyName contains potentail XSS characters: " + check);
+ errors.add(LanguageHelper.getErrorString("validation.general.targetfriendlyname",
+ new Object[] {ValidationHelper.getPotentialCSSCharacter(false)}, request ));
+ }
+ }
+
+ if (MiscUtil.isEmpty(form.getTarget()) && MiscUtil.isEmpty(form.getTarget_admin())) {
+ log.info("Empty Target");
+ errors.add(LanguageHelper.getErrorString("validation.general.target.empty", request));
+ }
+
+ //check Target
+ check = form.getTarget();
+ if (MiscUtil.isNotEmpty(check)) {
+ if (!ValidationHelper.isValidTarget(check)) {
+ log.info("Not valid Target");
+ errors.add(LanguageHelper.getErrorString("validation.general.target.valid", request));
+ }
+ }
+
+ //check Admin Target
+ check = form.getTarget_admin();
+ if (MiscUtil.isNotEmpty(check)) {
+ if (!ValidationHelper.isValidAdminTarget(check)) {
+ log.info("Not valid Target");
+ errors.add(LanguageHelper.getErrorString("validation.general.target.admin.valid", request));
+ }
+ }
+ }
+ }
+
+ return errors;
+ }
+}