aboutsummaryrefslogtreecommitdiff
path: root/id/ConfigWebTool/src/main/java/at
diff options
context:
space:
mode:
Diffstat (limited to 'id/ConfigWebTool/src/main/java/at')
-rw-r--r--id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/auth/pvp2/MetaDataVerificationFilter.java2
-rw-r--r--id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/data/FormularCustomization.java20
-rw-r--r--id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/data/GeneralMOAIDConfig.java2
-rw-r--r--id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/data/GeneralStorkConfig.java38
-rw-r--r--id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/data/oa/OABPKEncryption.java2
-rw-r--r--id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/data/oa/OAGeneralConfig.java30
-rw-r--r--id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/data/oa/OASTORKConfig.java46
-rw-r--r--id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/struts/action/BasicOAAction.java143
-rw-r--r--id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/struts/action/EditGeneralConfigAction.java93
-rw-r--r--id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/struts/action/EditOAAction.java59
-rw-r--r--id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/struts/action/VIDPAction.java2
-rw-r--r--id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/validation/moaconfig/MOAConfigValidator.java2
-rw-r--r--id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/validation/moaconfig/StorkConfigValidator.java55
-rw-r--r--id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/validation/oa/OAAuthenticationDataValidation.java2
14 files changed, 305 insertions, 191 deletions
diff --git a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/auth/pvp2/MetaDataVerificationFilter.java b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/auth/pvp2/MetaDataVerificationFilter.java
index 12016a2bf..e3de84b0b 100644
--- a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/auth/pvp2/MetaDataVerificationFilter.java
+++ b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/auth/pvp2/MetaDataVerificationFilter.java
@@ -30,7 +30,7 @@ import org.opensaml.saml2.metadata.provider.MetadataFilter;
import org.opensaml.xml.XMLObject;
import org.opensaml.xml.security.x509.BasicX509Credential;
-import at.gv.egovernment.moa.id.auth.exception.MOAIDException;
+import at.gv.egovernment.moa.id.commons.api.exceptions.MOAIDException;
import at.gv.egovernment.moa.id.protocols.pvp2x.exceptions.filter.SignatureValidationException;
import at.gv.egovernment.moa.id.protocols.pvp2x.verification.EntityVerifier;
diff --git a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/data/FormularCustomization.java b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/data/FormularCustomization.java
index ecf0d19d7..80800543b 100644
--- a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/data/FormularCustomization.java
+++ b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/data/FormularCustomization.java
@@ -36,6 +36,7 @@ import javax.servlet.http.HttpSession;
import org.apache.log4j.Logger;
+import at.gv.egovernment.moa.id.auth.frontend.utils.FormBuildUtils;
import at.gv.egovernment.moa.id.commons.config.MOAIDConfigurationConstants;
import at.gv.egovernment.moa.id.commons.db.dao.config.deprecated.AuthComponentOA;
import at.gv.egovernment.moa.id.commons.db.dao.config.deprecated.BKUSelectionCustomizationType;
@@ -50,7 +51,6 @@ import at.gv.egovernment.moa.id.configuration.data.oa.OAGeneralConfig;
import at.gv.egovernment.moa.id.configuration.helper.LanguageHelper;
import at.gv.egovernment.moa.id.configuration.validation.FormularCustomizationValitator;
import at.gv.egovernment.moa.id.configuration.validation.oa.OAFileUploadValidation;
-import at.gv.egovernment.moa.id.util.FormBuildUtils;
import at.gv.egovernment.moa.util.MiscUtil;
public class FormularCustomization implements IOnlineApplicationData {
@@ -177,47 +177,47 @@ public class FormularCustomization implements IOnlineApplicationData {
if (MiscUtil.isNotEmpty(formcustom.getBackGroundColor())) {
backGroundColor = formcustom.getBackGroundColor();
- map.put(FormBuildUtils.MAIN_BACKGROUNDCOLOR, formcustom.getBackGroundColor());
+ map.put(FormBuildUtils.PARAM_MAIN_BACKGROUNDCOLOR, formcustom.getBackGroundColor());
}
if (MiscUtil.isNotEmpty(formcustom.getButtonBackGroundColor())) {
button_BackGroundColor = formcustom.getButtonBackGroundColor();
- map.put(FormBuildUtils.BUTTON_BACKGROUNDCOLOR, formcustom.getButtonBackGroundColor());
+ map.put(FormBuildUtils.PARAM_BUTTON_BACKGROUNDCOLOR, formcustom.getButtonBackGroundColor());
}
if (MiscUtil.isNotEmpty(formcustom.getButtonBackGroundColorFocus())) {
button_BackGroundColorFocus = formcustom.getButtonBackGroundColorFocus();
- map.put(FormBuildUtils.BUTTON_BACKGROUNDCOLOR_FOCUS, formcustom.getButtonBackGroundColorFocus());
+ map.put(FormBuildUtils.PARAM_BUTTON_BACKGROUNDCOLOR_FOCUS, formcustom.getButtonBackGroundColorFocus());
}
if (MiscUtil.isNotEmpty(formcustom.getButtonFontColor())) {
button_FrontColor = formcustom.getButtonFontColor();
- map.put(FormBuildUtils.BUTTON_COLOR, formcustom.getButtonFontColor());
+ map.put(FormBuildUtils.PARAM_BUTTON_COLOR, formcustom.getButtonFontColor());
}
if (MiscUtil.isNotEmpty(formcustom.getFontType())) {
fontType = formcustom.getFontType();
- map.put(FormBuildUtils.FONTFAMILY, formcustom.getFontType());
+ map.put(FormBuildUtils.PARAM_FONTFAMILY, formcustom.getFontType());
}
if (MiscUtil.isNotEmpty(formcustom.getFrontColor())) {
frontColor = formcustom.getFrontColor();
- map.put(FormBuildUtils.MAIN_COLOR, formcustom.getFrontColor());
+ map.put(FormBuildUtils.PARAM_MAIN_COLOR, formcustom.getFrontColor());
}
if (MiscUtil.isNotEmpty(formcustom.getHeaderBackGroundColor())) {
header_BackGroundColor = formcustom.getHeaderBackGroundColor();
- map.put(FormBuildUtils.HEADER_BACKGROUNDCOLOR, formcustom.getHeaderBackGroundColor());
+ map.put(FormBuildUtils.PARAM_HEADER_BACKGROUNDCOLOR, formcustom.getHeaderBackGroundColor());
}
if (MiscUtil.isNotEmpty(formcustom.getHeaderFrontColor())) {
header_FrontColor = formcustom.getHeaderFrontColor();
- map.put(FormBuildUtils.HEADER_COLOR, formcustom.getHeaderFrontColor());
+ map.put(FormBuildUtils.PARAM_HEADER_COLOR, formcustom.getHeaderFrontColor());
}
if (MiscUtil.isNotEmpty(formcustom.getHeaderText())) {
header_text = formcustom.getHeaderText();
- map.put(FormBuildUtils.HEADER_TEXT, formcustom.getHeaderText());
+ map.put(FormBuildUtils.PARAM_HEADER_TEXT, formcustom.getHeaderText());
}
}
}
diff --git a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/data/GeneralMOAIDConfig.java b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/data/GeneralMOAIDConfig.java
index 95af93af3..ebd2d6283 100644
--- a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/data/GeneralMOAIDConfig.java
+++ b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/data/GeneralMOAIDConfig.java
@@ -281,7 +281,7 @@ public class GeneralMOAIDConfig {
OAuth oauth = protocols.getOAuth();
if (oauth != null) {
- protocolActiveOAuth = saml1.isIsActive();
+ protocolActiveOAuth = oauth.isIsActive();
}
diff --git a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/data/GeneralStorkConfig.java b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/data/GeneralStorkConfig.java
index d8bb0179c..e71bad299 100644
--- a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/data/GeneralStorkConfig.java
+++ b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/data/GeneralStorkConfig.java
@@ -25,6 +25,8 @@ package at.gv.egovernment.moa.id.configuration.data;
import java.util.ArrayList;
import java.util.List;
+import org.apache.log4j.Logger;
+
import at.gv.egovernment.moa.id.commons.db.dao.config.deprecated.AuthComponentGeneral;
import at.gv.egovernment.moa.id.commons.db.dao.config.deprecated.CPEPS;
import at.gv.egovernment.moa.id.commons.db.dao.config.deprecated.ForeignIdentities;
@@ -34,8 +36,6 @@ import at.gv.egovernment.moa.id.commons.db.dao.config.deprecated.StorkAttribute;
import at.gv.egovernment.moa.id.config.webgui.exception.ConfigurationException;
import at.gv.egovernment.moa.id.configuration.config.ConfigurationProvider;
-import org.apache.log4j.Logger;
-
public class GeneralStorkConfig {
private List<CPEPS> cpepslist;
@@ -61,7 +61,9 @@ public class GeneralStorkConfig {
public void parse(MOAIDConfiguration config) {
log.info("Initializing general Stork config");
-
+
+ cpepslist = new ArrayList<CPEPS>();
+ attributes = new ArrayList<StorkAttribute>();
if (config != null) {
AuthComponentGeneral auth = config.getAuthComponentGeneral();
@@ -71,15 +73,14 @@ public class GeneralStorkConfig {
if (foreign != null) {
STORK stork = foreign.getSTORK();
- cpepslist = new ArrayList<CPEPS>();
- attributes = new ArrayList<StorkAttribute>();
-
+
if (stork != null) {
// deep clone all the things
- // to foreclose lazyloading session timeouts
-
- for(CPEPS current : stork.getCPEPS()) {
- cpepslist.add(current);
+ // to foreclose lazyloading session timeouts
+ if (stork.getCPEPS() != null) {
+ for(CPEPS current : stork.getCPEPS()) {
+ cpepslist.add(current);
+ }
}
List<StorkAttribute> tmp = stork.getAttributes();
@@ -91,19 +92,26 @@ public class GeneralStorkConfig {
try {
qaa = stork.getQualityAuthenticationAssuranceLevel();
+
} catch(NullPointerException e) {
qaa = 4;
}
}
- if (cpepslist.isEmpty())
- cpepslist = null;
-
- if(attributes.isEmpty())
- attributes.add(new StorkAttribute());
}
}
}
+
+ if (cpepslist.isEmpty()) {
+ CPEPS defaultCPEPS = new CPEPS();
+ defaultCPEPS.setCountryCode("CC");
+ defaultCPEPS.setURL("http://");
+ defaultCPEPS.setSupportsXMLSignature(true);
+ cpepslist.add(defaultCPEPS );
+
+ }
+ if(attributes.isEmpty())
+ attributes.add(new StorkAttribute());
}
public List<CPEPS> getRawCPEPSList() {
diff --git a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/data/oa/OABPKEncryption.java b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/data/oa/OABPKEncryption.java
index 58b0b9d17..b2cd18c26 100644
--- a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/data/oa/OABPKEncryption.java
+++ b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/data/oa/OABPKEncryption.java
@@ -36,12 +36,12 @@ import org.apache.commons.lang.SerializationUtils;
import org.apache.log4j.Logger;
import at.gv.egovernment.moa.id.auth.exception.BuildException;
+import at.gv.egovernment.moa.id.commons.api.data.BPKDecryptionParameters;
import at.gv.egovernment.moa.id.commons.db.dao.config.deprecated.AuthComponentOA;
import at.gv.egovernment.moa.id.commons.db.dao.config.deprecated.BPKDecryption;
import at.gv.egovernment.moa.id.commons.db.dao.config.deprecated.EncBPKInformation;
import at.gv.egovernment.moa.id.commons.db.dao.config.deprecated.OnlineApplication;
import at.gv.egovernment.moa.id.commons.validation.ValidationHelper;
-import at.gv.egovernment.moa.id.config.auth.data.BPKDecryptionParameters;
import at.gv.egovernment.moa.id.configuration.Constants;
import at.gv.egovernment.moa.id.configuration.auth.AuthenticatedUser;
import at.gv.egovernment.moa.id.configuration.helper.LanguageHelper;
diff --git a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/data/oa/OAGeneralConfig.java b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/data/oa/OAGeneralConfig.java
index 22a978014..4cb7eba2d 100644
--- a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/data/oa/OAGeneralConfig.java
+++ b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/data/oa/OAGeneralConfig.java
@@ -42,9 +42,7 @@ public class OAGeneralConfig implements IOnlineApplicationData{
private static final Logger log = Logger.getLogger(OAGeneralConfig.class);
private boolean isActive = false;
-
- private String dbID = null;
-
+
private String identifier = null;
private String friendlyName = null;
private boolean businessService = false;
@@ -67,7 +65,7 @@ public class OAGeneralConfig implements IOnlineApplicationData{
friendlyName = dbOAConfig.getFriendlyName();
identifier = dbOAConfig.getPublicURLPrefix();
-
+
if (dbOAConfig.getType().equals(Constants.MOA_CONFIG_BUSINESSSERVICE))
businessService = true;
else
@@ -163,27 +161,5 @@ public class OAGeneralConfig implements IOnlineApplicationData{
public void setActive(boolean isActive) {
this.isActive = isActive;
- }
-
- /**
- * @return the dbID
- */
- public String getDbID() {
- return dbID;
- }
-
-
- /**
- * @param dbID the dbID to set
- */
- public void setDbID(long dbID) {
- this.dbID = String.valueOf(dbID);
- }
-
- /**
- * @param dbID the dbID to set
- */
- public void setDbID(String dbID) {
- this.dbID = dbID;
- }
+ }
}
diff --git a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/data/oa/OASTORKConfig.java b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/data/oa/OASTORKConfig.java
index 3fad65fe5..c0e1eaaf7 100644
--- a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/data/oa/OASTORKConfig.java
+++ b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/data/oa/OASTORKConfig.java
@@ -41,6 +41,7 @@ import at.gv.egovernment.moa.id.config.webgui.exception.ConfigurationException;
import at.gv.egovernment.moa.id.configuration.auth.AuthenticatedUser;
import at.gv.egovernment.moa.id.configuration.config.ConfigurationProvider;
import at.gv.egovernment.moa.id.configuration.validation.oa.OASTORKConfigValidation;
+import at.gv.egovernment.moa.util.MiscUtil;
//import at.gv.egovernment.moa.id.protocols.stork2.AttributeProviderFactory;
public class OASTORKConfig implements IOnlineApplicationData{
@@ -120,8 +121,10 @@ public class OASTORKConfig implements IOnlineApplicationData{
enabledCitizenCountries = new ArrayList<String>();
- for(CPEPS current : config.getCPEPS())
- enabledCitizenCountries.add(current.getCountryCode());
+ if (config.getCPEPS() != null) {
+ for(CPEPS current : config.getCPEPS())
+ enabledCitizenCountries.add(current.getCountryCode());
+ }
// prepare attribute helper list
attributes = new ArrayList<AttributeHelper>();
@@ -130,9 +133,11 @@ public class OASTORKConfig implements IOnlineApplicationData{
for(StorkAttribute current : dbconfig.getAuthComponentGeneral().getForeignIdentities().getSTORK().getAttributes()) {
AttributeHelper tmp = null;
- for(OAStorkAttribute sepp : config.getOAAttributes())
- if(sepp.getName().equals(current.getName()))
- tmp = new AttributeHelper(sepp);
+ if (config.getOAAttributes() != null) {
+ for(OAStorkAttribute sepp : config.getOAAttributes())
+ if(sepp.getName() != null && sepp.getName().equals(current.getName()))
+ tmp = new AttributeHelper(sepp);
+ }
if(null == tmp)
tmp = new AttributeHelper(current);
@@ -237,16 +242,29 @@ public class OASTORKConfig implements IOnlineApplicationData{
return result;
for(AttributeHelper current : getHelperAttributes()) {
- for(StorkAttribute currentAttribute : dbconfig.getAuthComponentGeneral().getForeignIdentities().getSTORK().getAttributes())
- if(currentAttribute.getName().equals(current.getName())) {
- if(current.isUsed() || currentAttribute.isMandatory()) {
- OAStorkAttribute tmp = new OAStorkAttribute();
- tmp.setName(current.getName());
- tmp.setMandatory(current.isMandatory());
- result.add(tmp);
+ List<StorkAttribute> generalConfStorkAttr = null;
+ try {
+ generalConfStorkAttr = dbconfig.getAuthComponentGeneral().getForeignIdentities().getSTORK().getAttributes();
+
+ } catch (NullPointerException e) {
+ log.trace("No STORK attributes in 'General Configuration'");
+
+ }
+
+ if (generalConfStorkAttr != null) {
+ for(StorkAttribute currentAttribute : generalConfStorkAttr)
+ if(MiscUtil.isNotEmpty(currentAttribute.getName()) &&
+ currentAttribute.getName().equals(current.getName())) {
+ if(current.isUsed() || currentAttribute.isMandatory()) {
+ OAStorkAttribute tmp = new OAStorkAttribute();
+ tmp.setName(current.getName());
+ tmp.setMandatory(current.isMandatory());
+ result.add(tmp);
+
+ }
+ break;
}
- break;
- }
+ }
}
return result;
diff --git a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/struts/action/BasicOAAction.java b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/struts/action/BasicOAAction.java
index 9ddb41d83..5bc17f1ee 100644
--- a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/struts/action/BasicOAAction.java
+++ b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/struts/action/BasicOAAction.java
@@ -22,22 +22,31 @@
*/
package at.gv.egovernment.moa.id.configuration.struts.action;
-import iaik.utils.URLDecoder;
-
+import java.io.BufferedReader;
import java.io.ByteArrayInputStream;
import java.io.File;
import java.io.FileInputStream;
import java.io.InputStream;
+import java.io.InputStreamReader;
+import java.io.StringWriter;
+import java.io.UnsupportedEncodingException;
+import java.net.URI;
import java.util.ArrayList;
import java.util.Arrays;
+import java.util.Iterator;
import java.util.LinkedHashMap;
import java.util.List;
import java.util.Map;
+import java.util.Map.Entry;
import org.apache.log4j.Logger;
+import org.apache.velocity.VelocityContext;
+import org.apache.velocity.app.VelocityEngine;
import at.gv.egiz.components.configuration.meta.api.ConfigurationStorageException;
-import at.gv.egovernment.moa.id.auth.builder.LoginFormBuilder;
+import at.gv.egovernment.moa.id.auth.frontend.builder.ServiceProviderSpecificGUIFormBuilderConfiguration;
+import at.gv.egovernment.moa.id.auth.frontend.utils.FormBuildUtils;
+import at.gv.egovernment.moa.id.auth.frontend.velocity.VelocityProvider;
import at.gv.egovernment.moa.id.commons.config.ConfigurationMigrationUtils;
import at.gv.egovernment.moa.id.commons.config.MOAIDConfigurationConstants;
import at.gv.egovernment.moa.id.commons.db.dao.config.UserDatabase;
@@ -57,9 +66,9 @@ import at.gv.egovernment.moa.id.configuration.exception.BasicActionException;
import at.gv.egovernment.moa.id.configuration.exception.BasicOAActionException;
import at.gv.egovernment.moa.id.configuration.helper.LanguageHelper;
import at.gv.egovernment.moa.id.configuration.helper.MailHelper;
-import at.gv.egovernment.moa.id.util.FormBuildUtils;
import at.gv.egovernment.moa.id.util.Random;
import at.gv.egovernment.moa.util.MiscUtil;
+import iaik.utils.URLDecoder;
/**
* @author tlenz
@@ -77,7 +86,7 @@ public class BasicOAAction extends BasicAction {
private boolean newOA;
private boolean isMetaDataRefreshRequired = false;
- private InputStream stream;
+ private InputStream stream = null;
/**
*
@@ -255,25 +264,8 @@ public class BasicOAAction extends BasicAction {
OnlineApplication onlineapplication = null;
- Object oadbid = request.getSession().getAttribute(Constants.SESSION_OAID);
- Long oaid = (long) -1;
-
- if (oadbid != null) {
- try {
- oaid = (Long) oadbid;
- if (oaid < 0 || oaid > Long.MAX_VALUE) {
- throw new BasicOAActionException(
- LanguageHelper.getErrorString("errors.edit.oa.oaid", request),
- Constants.STRUTS_ERROR);
- }
-
- } catch (Throwable t) {
- throw new BasicOAActionException(
- LanguageHelper.getErrorString("errors.edit.oa.oaid", request),
- Constants.STRUTS_ERROR);
- }
- }
-
+ Long oaid = getOAIDFromSession();
+
// valid DBID and check entry
OAGeneralConfig oaGeneralForm = ((OAGeneralConfig)formList.get(new OAGeneralConfig().getName()));
String oaidentifier = oaGeneralForm.getIdentifier();
@@ -309,14 +301,15 @@ public class BasicOAAction extends BasicAction {
onlineapplication = configuration.getDbRead().getOnlineApplication(oaidentifier);
}
- setNewOA(true);
+
if (onlineapplication != null) {
log.info("The OAIdentifier is not unique");
throw new BasicOAActionException(
LanguageHelper.getErrorString("validation.general.oaidentifier.notunique", request),
Constants.STRUTS_ERROR_VALIDATION);
- }
+ } else
+ setNewOA(true);
} else {
onlineapplication = configuration.getDbRead().getOnlineApplication(oaid);
@@ -355,6 +348,29 @@ public class BasicOAAction extends BasicAction {
}
+ protected Long getOAIDFromSession() throws BasicOAActionException {
+ Object oadbid = request.getSession().getAttribute(Constants.SESSION_OAID);
+ Long oaid = (long) -1;
+
+ if (oadbid != null) {
+ try {
+ oaid = (Long) oadbid;
+ if (oaid < 0 || oaid > Long.MAX_VALUE) {
+ throw new BasicOAActionException(
+ LanguageHelper.getErrorString("errors.edit.oa.oaid", request),
+ Constants.STRUTS_ERROR);
+ }
+
+ } catch (Throwable t) {
+ throw new BasicOAActionException(
+ LanguageHelper.getErrorString("errors.edit.oa.oaid", request),
+ Constants.STRUTS_ERROR);
+ }
+ }
+
+ return oaid;
+ }
+
protected String preProcessDeleteOnlineApplication() throws BasicOAActionException {
try {
Object formidobj = session.getAttribute(Constants.SESSION_FORMID);
@@ -573,8 +589,8 @@ public class BasicOAAction extends BasicAction {
ConfigurationProvider config = ConfigurationProvider.getInstance();
String templateURL = config.getConfigRootDir() + ConfigurationProvider.HTMLTEMPLATE_DIR
+ ConfigurationProvider.HTMLTEMPLATE_FILE;
-
- File file = new File(templateURL);
+
+ File file = new File(new URI(templateURL));
input = new FileInputStream(file);
String contextpath = config.getMOAIDInstanceURL();
@@ -582,15 +598,16 @@ public class BasicOAAction extends BasicAction {
log.info("NO MOA-ID instance URL configurated.");
input.close();
throw new ConfigurationException("No MOA-ID instance configurated");
+
}
-
- preview = LoginFormBuilder.getTemplate(input);
- preview = preview.replace(LoginFormBuilder.CONTEXTPATH, contextpath);
-
- Map<String, String> map = (Map<String, String>) mapobj;
-
+
+ //set parameters
+ Map<String, Object> params = (Map<String, Object>) mapobj;
+ params.put(
+ ServiceProviderSpecificGUIFormBuilderConfiguration.PARAM_AUTHCONTEXT,
+ contextpath);
+
request.setCharacterEncoding("UTF-8");
-
String module = request.getParameter(Constants.REQUEST_FORMCUSTOM_MODULE);
String value = request.getParameter(Constants.REQUEST_FORMCUSTOM_VALUE);
@@ -599,24 +616,36 @@ public class BasicOAAction extends BasicAction {
value = query[1].substring("value=".length());
}
- synchronized (map) {
-
+ synchronized (params) {
if (MiscUtil.isNotEmpty(module)) {
- if (map.containsKey("#" + module + "#")) {
+ if (params.containsKey(module)) {
if (MiscUtil.isNotEmpty(value)) {
- if (FormBuildUtils.FONTFAMILY.contains(module) || FormBuildUtils.HEADER_TEXT.contains(module)
+ if (FormBuildUtils.PARAM_FONTFAMILY.contains(module) || FormBuildUtils.PARAM_HEADER_TEXT.contains(module)
|| value.startsWith("#"))
- map.put("#" + module + "#", value);
+ params.put(module, value);
else
- map.put("#" + module + "#", "#" + value);
+ params.put(module, "#" + value);
} else {
- map.put("#" + module + "#", FormBuildUtils.getDefaultMap().get("#" + module + "#"));
+ params.put(module, FormBuildUtils.getDefaultMap().get(module));
}
}
}
- preview = FormBuildUtils.customiceLayoutBKUSelection(preview, true, false, map, true);
}
+
+ //write preview
+ VelocityEngine engine = VelocityProvider.getClassPathVelocityEngine();
+ VelocityContext context = new VelocityContext();
+ Iterator<Entry<String, Object>> interator = params.entrySet().iterator();
+ while (interator.hasNext()) {
+ Entry<String, Object> el = interator.next();
+ context.put(el.getKey(), el.getValue());
+
+ }
+ StringWriter writer = new StringWriter();
+ engine.evaluate(context, writer, "BKUSelection_preview",
+ new BufferedReader(new InputStreamReader(input)));
+ stream = new ByteArrayInputStream(writer.toString().getBytes("UTF-8"));
} else {
preview = LanguageHelper.getErrorString("error.bkuformpreview.notpossible", request);
@@ -629,7 +658,16 @@ public class BasicOAAction extends BasicAction {
}
- stream = new ByteArrayInputStream(preview.getBytes());
+ if (stream == null && MiscUtil.isNotEmpty(preview)) {
+ try {
+ stream = new ByteArrayInputStream(preview.getBytes("UTF-8"));
+
+ } catch (UnsupportedEncodingException e) {
+ e.printStackTrace();
+
+ }
+ }
+
return Constants.STRUTS_SUCCESS;
}
@@ -672,12 +710,13 @@ public class BasicOAAction extends BasicAction {
public void setPvp2OA(OAPVP2Config pvp2oa) {
formList.put(pvp2oa.getName(), pvp2oa);
}
-
- /**
- * @return the stream
- */
- public InputStream getStream() {
- return stream;
- }
-
+
+ /**
+ * @return the stream
+ */
+ public InputStream getStream() {
+ return stream;
+ }
+
+
}
diff --git a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/struts/action/EditGeneralConfigAction.java b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/struts/action/EditGeneralConfigAction.java
index 504b598c0..40e9b1a90 100644
--- a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/struts/action/EditGeneralConfigAction.java
+++ b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/struts/action/EditGeneralConfigAction.java
@@ -542,42 +542,71 @@ public class EditGeneralConfigAction extends BasicAction {
forcon.setURL(moaconfig.getSzrgwURL());
}
- ForeignIdentities foreign = dbauth.getForeignIdentities();
- if (foreign != null) {
- STORK stork = foreign.getSTORK();
- if (stork == null) {
- stork = new STORK();
- foreign.setSTORK(stork);
-
- }
-
- try {
- log.error("QAAAA " + storkconfig.getDefaultQaa());
- stork.setQualityAuthenticationAssuranceLevel(storkconfig.getDefaultQaa());
+ ForeignIdentities foreign = dbauth.getForeignIdentities();
+ if (foreign != null) {
+ STORK stork = foreign.getSTORK();
+ if (stork == null) {
+ stork = new STORK();
+ foreign.setSTORK(stork);
- if (storkconfig.getAttributes() != null)
- stork.setAttributes(storkconfig.getAttributes());
-
- else
+ }
+
+ try {
+ log.error("QAAAA " + storkconfig.getDefaultQaa());
+ stork.setQualityAuthenticationAssuranceLevel(storkconfig.getDefaultQaa());
+
+ if (storkconfig.getAttributes() != null) {
+ List<StorkAttribute> dbStorkAttr = new ArrayList<StorkAttribute>();
+ stork.setAttributes(dbStorkAttr);
+
+
+ for (StorkAttribute attr : storkconfig.getAttributes()) {
+ if (attr != null && MiscUtil.isNotEmpty(attr.getName()))
+ dbStorkAttr.add(attr);
+
+ else
+ log.info("Remove null or empty STORK attribute");
+ }
+
+ } else
stork.setAttributes((List<StorkAttribute>) (new ArrayList<StorkAttribute>()));
- if (storkconfig.getCpepslist() != null)
-
- stork.setCPEPS(storkconfig.getCpepslist());
- else
- stork.setCPEPS((List<CPEPS>) (new ArrayList<CPEPS>()));
+ if (storkconfig.getCpepslist() != null) {
+ List<CPEPS> dbStorkCPEPS = new ArrayList<CPEPS>();
+ stork.setCPEPS(dbStorkCPEPS);
+
+ for (CPEPS cpeps : storkconfig.getCpepslist()) {
+ if (cpeps != null && MiscUtil.isNotEmpty(cpeps.getURL()) &&
+ MiscUtil.isNotEmpty(cpeps.getCountryCode())) {
+
+ if (cpeps.getCountryCode().equals("CC") &&
+ cpeps.getURL().equals("http://"))
+ log.info("Remove dummy STORK CPEPS entry.");
+
+ else
+ dbStorkCPEPS.add(cpeps);
+
+ } else
+ log.info("Remove null or emtpy STORK CPEPS configuration");
+ }
- } catch (Exception e) {
- e.printStackTrace();
- }
-
- try{
- log.info("CPEPS LIST: " + storkconfig.getCpepslist().size() );
- log.trace("CPEPS 1:" + storkconfig.getCpepslist().get(0).getCountryCode() +storkconfig.getCpepslist().get(0).getURL());
- } catch (Exception ex) {
- log.info("CPEPS LIST is null");
- }
- }
+ } else
+ stork.setCPEPS((List<CPEPS>) (new ArrayList<CPEPS>()));
+
+ } catch (Exception e) {
+ e.printStackTrace();
+
+ }
+
+ try{
+ log.info("CPEPS LIST: " + storkconfig.getCpepslist().size() );
+ log.trace("CPEPS 1:" + storkconfig.getCpepslist().get(0).getCountryCode() +storkconfig.getCpepslist().get(0).getURL());
+
+ } catch (Exception ex) {
+ log.info("CPEPS LIST is null");
+
+ }
+ }
if (MiscUtil.isNotEmpty(moaconfig.getMandateURL())) {
OnlineMandates dbmandate = dbauth.getOnlineMandates();
diff --git a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/struts/action/EditOAAction.java b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/struts/action/EditOAAction.java
index 1079932b9..85b8a8ea0 100644
--- a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/struts/action/EditOAAction.java
+++ b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/struts/action/EditOAAction.java
@@ -22,6 +22,14 @@
*******************************************************************************/
package at.gv.egovernment.moa.id.configuration.struts.action;
+import java.util.ArrayList;
+import java.util.HashMap;
+import java.util.List;
+import java.util.Map;
+
+import org.apache.log4j.Logger;
+
+import at.gv.egovernment.moa.id.auth.frontend.utils.FormBuildUtils;
import at.gv.egovernment.moa.id.commons.db.dao.config.UserDatabase;
import at.gv.egovernment.moa.id.commons.db.dao.config.deprecated.OnlineApplication;
import at.gv.egovernment.moa.id.commons.db.dao.config.deprecated.StorkAttribute;
@@ -29,17 +37,22 @@ import at.gv.egovernment.moa.id.commons.db.ex.MOADatabaseException;
import at.gv.egovernment.moa.id.config.webgui.exception.ConfigurationException;
import at.gv.egovernment.moa.id.configuration.Constants;
import at.gv.egovernment.moa.id.configuration.data.FormularCustomization;
-import at.gv.egovernment.moa.id.configuration.data.oa.*;
+import at.gv.egovernment.moa.id.configuration.data.oa.AttributeHelper;
+import at.gv.egovernment.moa.id.configuration.data.oa.IOnlineApplicationData;
+import at.gv.egovernment.moa.id.configuration.data.oa.OAAuthenticationData;
+import at.gv.egovernment.moa.id.configuration.data.oa.OABPKEncryption;
+import at.gv.egovernment.moa.id.configuration.data.oa.OAOAuth20Config;
+import at.gv.egovernment.moa.id.configuration.data.oa.OAPVP2Config;
+import at.gv.egovernment.moa.id.configuration.data.oa.OARevisionsLogData;
+import at.gv.egovernment.moa.id.configuration.data.oa.OASAML1Config;
+import at.gv.egovernment.moa.id.configuration.data.oa.OASSOConfig;
+import at.gv.egovernment.moa.id.configuration.data.oa.OASTORKConfig;
+import at.gv.egovernment.moa.id.configuration.data.oa.OATargetConfiguration;
import at.gv.egovernment.moa.id.configuration.exception.BasicActionException;
import at.gv.egovernment.moa.id.configuration.exception.BasicOAActionException;
import at.gv.egovernment.moa.id.configuration.helper.LanguageHelper;
import at.gv.egovernment.moa.id.configuration.helper.MailHelper;
-import at.gv.egovernment.moa.id.util.FormBuildUtils;
import at.gv.egovernment.moa.id.util.Random;
-import at.gv.egovernment.moa.util.MiscUtil;
-import org.apache.log4j.Logger;
-
-import java.util.*;
public class EditOAAction extends BasicOAAction {
@@ -74,7 +87,7 @@ public class EditOAAction extends BasicOAAction {
OASTORKConfig storkOA = new OASTORKConfig();
formList.put(storkOA.getName(), storkOA);
-
+
Map<String, String> map = new HashMap<String, String>();
map.putAll(FormBuildUtils.getDefaultMap());
FormularCustomization formOA = new FormularCustomization(map);
@@ -331,9 +344,35 @@ public class EditOAAction extends BasicOAAction {
}
oaidentifier = preProcessDeleteOnlineApplication();
- OnlineApplication onlineapplication = configuration.getDbRead()
- .getOnlineApplication(oaidentifier);
-
+ List<OnlineApplication> onlineapplications = configuration.getDbRead()
+ .getOnlineApplications(oaidentifier);
+
+ Long oaid = getOAIDFromSession();
+
+ OnlineApplication onlineapplication = null;
+
+ if (onlineapplications != null && onlineapplications.size() > 1) {
+ log.info("Found more then one OA with PublicURLPrefix in configuration. "
+ + "Select OA with DB Id ...");
+
+ for (OnlineApplication oa : onlineapplications) {
+ if (oa.getHjid().equals(oaid)) {
+ if (onlineapplication == null)
+ onlineapplication = oa;
+
+ else {
+ log.error("Found more then one OA with same PublicURLPrefix and same DBID.");
+ new BasicOAActionException(
+ "Found more then one OA with same PublicURLPrefix and same DBID.",
+ Constants.STRUTS_SUCCESS);
+
+ }
+ }
+ }
+
+ } else if (onlineapplications != null && onlineapplications.size() == 1)
+ onlineapplication = onlineapplications.get(0);
+
request.getSession().setAttribute(Constants.SESSION_OAID, null);
// try {
diff --git a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/struts/action/VIDPAction.java b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/struts/action/VIDPAction.java
index 8588dd286..c00eb46a5 100644
--- a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/struts/action/VIDPAction.java
+++ b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/struts/action/VIDPAction.java
@@ -26,12 +26,12 @@ import java.util.HashMap;
import java.util.LinkedHashMap;
import java.util.Map;
+import at.gv.egovernment.moa.id.auth.frontend.utils.FormBuildUtils;
import at.gv.egovernment.moa.id.configuration.data.FormularCustomization;
import at.gv.egovernment.moa.id.configuration.data.oa.IOnlineApplicationData;
import at.gv.egovernment.moa.id.configuration.data.oa.OAAuthenticationData;
import at.gv.egovernment.moa.id.configuration.data.oa.OASTORKConfig;
import at.gv.egovernment.moa.id.configuration.data.oa.OATargetConfiguration;
-import at.gv.egovernment.moa.id.util.FormBuildUtils;
/**
* @author tlenz
diff --git a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/validation/moaconfig/MOAConfigValidator.java b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/validation/moaconfig/MOAConfigValidator.java
index d4e8e957d..617e9cf51 100644
--- a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/validation/moaconfig/MOAConfigValidator.java
+++ b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/validation/moaconfig/MOAConfigValidator.java
@@ -367,7 +367,7 @@ public class MOAConfigValidator {
check = form.getSsoTarget();
if (MiscUtil.isEmpty(check)) {
log.info("Empty SSO Target");
- errors.add(LanguageHelper.getErrorString("validation.general.sso.target.empty", request));
+ //errors.add(LanguageHelper.getErrorString("validation.general.sso.target.empty", request));
} else {
if (!ValidationHelper.isValidAdminTarget(check)) {
diff --git a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/validation/moaconfig/StorkConfigValidator.java b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/validation/moaconfig/StorkConfigValidator.java
index b73859d81..6b5c51e3f 100644
--- a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/validation/moaconfig/StorkConfigValidator.java
+++ b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/validation/moaconfig/StorkConfigValidator.java
@@ -47,31 +47,33 @@ public class StorkConfigValidator {
errors.add(LanguageHelper.getErrorString("validation.stork.cpeps.cc",
new Object[] {check}, request ));
}
+
+ // check url
+ check = current.getURL();
+ if (MiscUtil.isNotEmpty(check)) {
+ if (!ValidationHelper.validateURL(check)) {
+ log.info("CPEPS config URL is invalid : " + check);
+ errors.add(LanguageHelper.getErrorString("validation.stork.cpeps.url", request));
+ }
+ } else {
+ log.warn("CPEPS config url is empty : " + check);
+ errors.add(LanguageHelper.getErrorString("validation.stork.cpeps.empty",
+ new Object[] {check}, request ));
+ }
+
} else {
log.warn("CPEPS config countrycode is empty : " + check);
- errors.add(LanguageHelper.getErrorString("validation.stork.cpeps.empty",
- new Object[] {check}, request ));
+// errors.add(LanguageHelper.getErrorString("validation.stork.cpeps.empty",
+// new Object[] {check}, request ));
}
- // check url
- check = current.getURL();
- if (MiscUtil.isNotEmpty(check)) {
- if (!ValidationHelper.validateURL(check)) {
- log.info("CPEPS config URL is invalid : " + check);
- errors.add(LanguageHelper.getErrorString("validation.stork.cpeps.url", request));
- }
- } else {
- log.warn("CPEPS config url is empty : " + check);
- errors.add(LanguageHelper.getErrorString("validation.stork.cpeps.empty",
- new Object[] {check}, request ));
- }
}
if (form.getCpepslist() != null) {
// ensure uniqueness of country code
for (CPEPS one : form.getCpepslist())
for (CPEPS another : form.getCpepslist())
- if (null != one && null != another)
+ if (null != one && null != another && one.getCountryCode() != null)
if (!one.equals(another) && one.getCountryCode().equals(another.getCountryCode())) {
errors.add(LanguageHelper.getErrorString("validation.stork.cpeps.duplicate", request));
break;
@@ -90,17 +92,20 @@ public class StorkConfigValidator {
// check attributes
if (MiscUtil.isNotEmpty(form.getAttributes())) {
for(StorkAttribute check : form.getAttributes()) {
- String tmp = check.getName().replace("eidas/attributes/", ""); // since eIDaS attributes come with a "/", we need to exclude them from validation. TODO Or should we require the admin to escape them in the UI?
- if (ValidationHelper.containsPotentialCSSCharacter(tmp, true)) {
- log.warn("default attributes contains potentail XSS characters: " + check);
- errors.add(LanguageHelper.getErrorString("validation.stork.requestedattributes",
- new Object[] {ValidationHelper.getPotentialCSSCharacter(true)}, request ));
- }
- if(!tmp.toLowerCase().matches("^[A-Za-z]*$")) {
- log.warn("default attributes do not match the requested format : " + check);
+ if (check != null && MiscUtil.isNotEmpty(check.getName())) {
+ String tmp = check.getName().replace("eidas/attributes/", ""); // since eIDaS attributes come with a "/", we need to exclude them from validation. TODO Or should we require the admin to escape them in the UI?
+ if (ValidationHelper.containsPotentialCSSCharacter(tmp, true)) {
+ log.warn("default attributes contains potentail XSS characters: " + check);
errors.add(LanguageHelper.getErrorString("validation.stork.requestedattributes",
- new Object[] {check}, request ));
- }
+ new Object[] {ValidationHelper.getPotentialCSSCharacter(true)}, request ));
+ }
+ if(!tmp.toLowerCase().matches("^[A-Za-z]*$")) {
+ log.warn("default attributes do not match the requested format : " + check);
+ errors.add(LanguageHelper.getErrorString("validation.stork.requestedattributes",
+ new Object[] {check}, request ));
+ }
+
+ }
}
//TODO: STORK attributes check if no attribute is set
diff --git a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/validation/oa/OAAuthenticationDataValidation.java b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/validation/oa/OAAuthenticationDataValidation.java
index fd4226c5b..47c8f23b4 100644
--- a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/validation/oa/OAAuthenticationDataValidation.java
+++ b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/validation/oa/OAAuthenticationDataValidation.java
@@ -30,7 +30,7 @@ import javax.servlet.http.HttpServletRequest;
import org.apache.log4j.Logger;
-import at.gv.egovernment.moa.id.auth.MOAIDAuthConstants;
+import at.gv.egovernment.moa.id.commons.MOAIDAuthConstants;
import at.gv.egovernment.moa.id.commons.validation.ValidationHelper;
import at.gv.egovernment.moa.id.configuration.data.oa.OAAuthenticationData;
import at.gv.egovernment.moa.id.configuration.helper.LanguageHelper;