diff options
Diffstat (limited to 'id/ConfigWebTool/src/main')
23 files changed, 332 insertions, 110 deletions
diff --git a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/data/GeneralMOAIDConfig.java b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/data/GeneralMOAIDConfig.java index 08ea9f233..4c3486b46 100644 --- a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/data/GeneralMOAIDConfig.java +++ b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/data/GeneralMOAIDConfig.java @@ -55,6 +55,7 @@ import at.gv.egovernment.moa.id.commons.db.dao.config.TransformsInfoType; import at.gv.egovernment.moa.id.commons.db.dao.config.TrustAnchor; import at.gv.egovernment.moa.id.commons.db.dao.config.VerifyAuthBlock; import at.gv.egovernment.moa.id.commons.db.dao.config.VerifyIdentityLink; +import at.gv.egovernment.moa.id.config.legacy.ConfigurationBuilder; import at.gv.egovernment.moa.id.configuration.Constants; import at.gv.egovernment.moa.id.configuration.data.pvp2.ContactForm; import at.gv.egovernment.moa.util.MiscUtil; @@ -186,8 +187,12 @@ public class GeneralMOAIDConfig { moaspssAuthTrustProfile = authblock.getTrustProfileID(); List<String> list = authblock.getVerifyTransformsInfoProfileID(); - for (String el : list) - moaspssAuthTransformations += el + LINE_DELIMITER + "\n"; + if (list.size() == 1) + moaspssAuthTransformations += list.get(0); + else { + for (String el : list) + moaspssAuthTransformations += el + LINE_DELIMITER + "\n"; + } } VerifyIdentityLink idl = moaspss.getVerifyIdentityLink(); @@ -302,6 +307,7 @@ public class GeneralMOAIDConfig { if (modes != null) { ChainingModeType defaultmode = modes.getSystemDefaultMode(); if (defaultmode != null) { + defaultchainigmode = defaultmode.value(); } diff --git a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/data/GeneralStorkConfig.java b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/data/GeneralStorkConfig.java index 8b78c62a3..3354fd708 100644 --- a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/data/GeneralStorkConfig.java +++ b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/data/GeneralStorkConfig.java @@ -52,22 +52,23 @@ public class GeneralStorkConfig { if (foreign != null) { STORK stork = foreign.getSTORK(); + cpepslist = new ArrayList<CPEPS>(); + attributes = new ArrayList<StorkAttribute>(); + if (stork != null) { // deep clone all the things // to foreclose lazyloading session timeouts - cpepslist = new ArrayList<CPEPS>(); + for(CPEPS current : stork.getCPEPS()) { cpepslist.add(current); } - + List<StorkAttribute> tmp = stork.getAttributes(); if(null != tmp) { - attributes = new ArrayList<StorkAttribute>(); + for(StorkAttribute current : tmp) attributes.add(current); } - if(attributes.isEmpty()) - attributes.add(new StorkAttribute()); try { qaa = stork.getQualityAuthenticationAssuranceLevel(); @@ -75,6 +76,12 @@ public class GeneralStorkConfig { qaa = 4; } } + + if (cpepslist.isEmpty()) + cpepslist.add(new CPEPS()); + + if(attributes.isEmpty()) + attributes.add(new StorkAttribute()); } } } diff --git a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/data/oa/OAGeneralConfig.java b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/data/oa/OAGeneralConfig.java index c9f5fdde9..7510b8932 100644 --- a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/data/oa/OAGeneralConfig.java +++ b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/data/oa/OAGeneralConfig.java @@ -37,6 +37,7 @@ import at.gv.egovernment.moa.id.commons.db.dao.config.IdentificationNumber; import at.gv.egovernment.moa.id.commons.db.dao.config.MOAIDConfiguration; import at.gv.egovernment.moa.id.commons.db.dao.config.MOAKeyBoxSelector; import at.gv.egovernment.moa.id.commons.db.dao.config.Mandates; +import at.gv.egovernment.moa.id.commons.db.dao.config.MandatesProfileNameItem; import at.gv.egovernment.moa.id.commons.db.dao.config.OnlineApplication; import at.gv.egovernment.moa.id.commons.db.dao.config.TemplateType; import at.gv.egovernment.moa.id.commons.db.dao.config.TemplatesType; @@ -227,15 +228,32 @@ public class OAGeneralConfig { Mandates mandates = oaauth.getMandates(); if (mandates != null) { - if (MiscUtil.isNotEmpty(mandates.getProfiles())) { - mandateProfiles = mandates.getProfiles(); - useMandates = true; + mandateProfiles = null; + + List<MandatesProfileNameItem> profileList = mandates.getProfileNameItems(); + for (MandatesProfileNameItem el : profileList) { + if (mandateProfiles == null) + mandateProfiles = el.getItem(); - } else { - mandateProfiles = new String(); - useMandates = false; + else + mandateProfiles += "," + el.getItem(); } + //TODO: only for RC1 + if (MiscUtil.isNotEmpty(mandates.getProfiles())) { + if (mandateProfiles == null) + mandateProfiles = mandates.getProfiles(); + + else + mandateProfiles += "," + mandates.getProfiles(); + + } + + if (mandateProfiles != null) + useMandates = true; + + else + useMandates = false; } diff --git a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/data/oa/OASAML1Config.java b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/data/oa/OASAML1Config.java index cdfb20294..bb5baf53e 100644 --- a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/data/oa/OASAML1Config.java +++ b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/data/oa/OASAML1Config.java @@ -28,13 +28,13 @@ import at.gv.egovernment.moa.id.commons.db.dao.config.OnlineApplication; public class OASAML1Config { - private boolean isActive = false; - private boolean provideStammZahl = false; - private boolean provideAuthBlock = false; - private boolean provideIdentityLink = false; - private boolean provideCertificate = false; - private boolean provideFullMandateData = false; - private boolean useCondition = false; + private Boolean isActive = false; + private Boolean provideStammZahl = false; + private Boolean provideAuthBlock = false; + private Boolean provideIdentityLink = false; + private Boolean provideCertificate = false; + private Boolean provideFullMandateData = false; + private Boolean useCondition = false; private int conditionLength = -1; diff --git a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/data/oa/OASTORKConfig.java b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/data/oa/OASTORKConfig.java index d9f2a4d85..9eca86976 100644 --- a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/data/oa/OASTORKConfig.java +++ b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/data/oa/OASTORKConfig.java @@ -28,6 +28,7 @@ import java.util.List; import at.gv.egovernment.moa.id.commons.db.ConfigurationDBRead; import at.gv.egovernment.moa.id.commons.db.dao.config.AttributeProviderPlugin; import at.gv.egovernment.moa.id.commons.db.dao.config.AuthComponentOA; +import at.gv.egovernment.moa.id.commons.db.dao.config.CPEPS; import at.gv.egovernment.moa.id.commons.db.dao.config.OASTORK; import at.gv.egovernment.moa.id.commons.db.dao.config.OAStorkAttribute; import at.gv.egovernment.moa.id.commons.db.dao.config.OnlineApplication; @@ -40,10 +41,19 @@ public class OASTORKConfig { private boolean isStorkLogonEnabled = false; private int qaa; - private List<AttributeHelper> attributes; + private List<AttributeHelper> attributes = null; + /* + * VIDP settings below + */ + private boolean vidpEnabled = false; + private List<AttributeProviderPlugin> attributeProviderPlugins = new ArrayList<AttributeProviderPlugin>(); + private boolean requireConsent = false; + private List<String> citizenCountries; + private List<String> enabledCitizenCountries; + public OASTORKConfig() { - + } /** @@ -65,6 +75,15 @@ public class OASTORKConfig { // if there is no configuration available for the OA, get the default qaa level setQaa(ConfigurationDBRead.getMOAIDConfiguration().getAuthComponentGeneral().getForeignIdentities().getSTORK().getQualityAuthenticationAssuranceLevel()); } + + // fetch available citizen countries + citizenCountries = new ArrayList<String>(); + for(CPEPS current : ConfigurationDBRead.getMOAIDConfiguration().getAuthComponentGeneral().getForeignIdentities().getSTORK().getCPEPS()) { + citizenCountries.add(current.getCountryCode()); + } + enabledCitizenCountries = new ArrayList<String>(); + for(CPEPS current : config.getCPEPS()) + enabledCitizenCountries.add(current.getCountryCode()); // prepare attribute helper list attributes = new ArrayList<AttributeHelper>(); @@ -146,13 +165,27 @@ public class OASTORKConfig { this.attributes = attributes; } - /* - * VIDP settings below - */ - private boolean vidpEnabled = false; - private List<AttributeProviderPlugin> attributeProviderPlugins = new ArrayList<AttributeProviderPlugin>(); - private boolean requireConsent; - + public List<String> getAvailableCitizenCountries() { + return citizenCountries; + } + + public List<String> getEnabledCitizenCountries() { + return enabledCitizenCountries; + } + + public void setEnabledCitizenCountries(List<String> update) { + enabledCitizenCountries = update; + } + + public List<CPEPS> getEnabledCPEPS() { + List<CPEPS> result = new ArrayList<CPEPS>(); + for(CPEPS current : ConfigurationDBRead.getMOAIDConfiguration().getAuthComponentGeneral().getForeignIdentities().getSTORK().getCPEPS()) { + if(enabledCitizenCountries.contains(current.getCountryCode())) + result.add(current); + } + return result; + } + public List<String> getAvailableAttributeProviderPlugins() { return AttributeProviderFactory.getAvailablePlugins(); } diff --git a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/data/pvp2/ContactForm.java b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/data/pvp2/ContactForm.java index a2d6d8775..01615a056 100644 --- a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/data/pvp2/ContactForm.java +++ b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/data/pvp2/ContactForm.java @@ -43,8 +43,17 @@ public class ContactForm { public ContactForm(Contact dbcont) { this.surname = dbcont.getSurName(); this.givenname = dbcont.getGivenName(); - this.mail =dbcont.getMail(); - this.phone = dbcont.getPhone(); + + if (dbcont.getMail() != null) { + this.mail = new ArrayList<String>(); + this.mail.addAll(dbcont.getMail()); + } + + if (dbcont.getPhone() != null) { + this.phone = new ArrayList<String>(); + this.phone.addAll(dbcont.getPhone()); + } + this.company = dbcont.getCompany(); this.type = dbcont.getType(); } diff --git a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/helper/MailHelper.java b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/helper/MailHelper.java index 6f1112e2e..0aeed8cb5 100644 --- a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/helper/MailHelper.java +++ b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/helper/MailHelper.java @@ -69,7 +69,7 @@ public class MailHelper { String template = readTemplateFromURL(templateurl); - if (userdb.isIsMandateUser()) { + if (userdb.isIsMandateUser() != null && userdb.isIsMandateUser()) { template = template.replace(PATTERN_GIVENNAME, userdb.getInstitut()); template = template.replace(PATTERN_FAMILYNAME, ""); @@ -174,7 +174,7 @@ public class MailHelper { String template = readTemplateFromURL(templateurl); - if (userdb.isIsMandateUser()) { + if (userdb.isIsMandateUser() != null && userdb.isIsMandateUser()) { template = template.replace(PATTERN_GIVENNAME, userdb.getInstitut()); template = template.replace(PATTERN_FAMILYNAME, ""); diff --git a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/helper/StringHelper.java b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/helper/StringHelper.java index 43fc78821..53afa59a0 100644 --- a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/helper/StringHelper.java +++ b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/helper/StringHelper.java @@ -22,6 +22,8 @@ *******************************************************************************/ package at.gv.egovernment.moa.id.configuration.helper; +import java.io.UnsupportedEncodingException; + public class StringHelper { public static String formatText(String strGivenText) @@ -47,4 +49,14 @@ public class StringHelper { } return sbFormattedText.toString(); } + + public static String getUTF8String(String input) { + try { + return new String(input.getBytes(), "UTF-8"); + + } catch (UnsupportedEncodingException e) { + e.printStackTrace(); + return input; + } + } } diff --git a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/struts/action/EditGeneralConfigAction.java b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/struts/action/EditGeneralConfigAction.java index 989641f36..b77b47d15 100644 --- a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/struts/action/EditGeneralConfigAction.java +++ b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/struts/action/EditGeneralConfigAction.java @@ -36,6 +36,7 @@ import org.apache.struts2.interceptor.ServletResponseAware; import at.gv.egovernment.moa.id.commons.db.ConfigurationDBRead; import at.gv.egovernment.moa.id.commons.db.ConfigurationDBUtils; import at.gv.egovernment.moa.id.commons.db.dao.config.AuthComponentGeneral; +import at.gv.egovernment.moa.id.commons.db.dao.config.CPEPS; import at.gv.egovernment.moa.id.commons.db.dao.config.ChainingModeType; import at.gv.egovernment.moa.id.commons.db.dao.config.ChainingModes; import at.gv.egovernment.moa.id.commons.db.dao.config.ConnectionParameterClientAuthType; @@ -57,6 +58,7 @@ import at.gv.egovernment.moa.id.commons.db.dao.config.SLRequestTemplates; import at.gv.egovernment.moa.id.commons.db.dao.config.SSO; import at.gv.egovernment.moa.id.commons.db.dao.config.STORK; import at.gv.egovernment.moa.id.commons.db.dao.config.SecurityLayer; +import at.gv.egovernment.moa.id.commons.db.dao.config.StorkAttribute; import at.gv.egovernment.moa.id.commons.db.dao.config.TimeOuts; import at.gv.egovernment.moa.id.commons.db.dao.config.TransformsInfoType; import at.gv.egovernment.moa.id.commons.db.dao.config.TrustAnchor; @@ -68,6 +70,7 @@ import at.gv.egovernment.moa.id.configuration.auth.AuthenticatedUser; import at.gv.egovernment.moa.id.configuration.data.GeneralMOAIDConfig; import at.gv.egovernment.moa.id.configuration.data.GeneralStorkConfig; import at.gv.egovernment.moa.id.configuration.helper.LanguageHelper; +import at.gv.egovernment.moa.id.configuration.helper.StringHelper; import at.gv.egovernment.moa.id.configuration.validation.ValidationHelper; import at.gv.egovernment.moa.id.configuration.validation.moaconfig.MOAConfigValidator; import at.gv.egovernment.moa.id.configuration.validation.moaconfig.StorkConfigValidator; @@ -352,9 +355,10 @@ public class EditGeneralConfigAction extends ActionSupport pvp2.setOrganization(pvp2org); } if (MiscUtil.isNotEmpty(moaconfig.getPvp2OrgDisplayName())) - pvp2org.setDisplayName(moaconfig.getPvp2OrgDisplayName()); + pvp2org.setDisplayName(StringHelper.getUTF8String( + moaconfig.getPvp2OrgDisplayName())); if (MiscUtil.isNotEmpty(moaconfig.getPvp2OrgName())) - pvp2org.setName(moaconfig.getPvp2OrgName()); + pvp2org.setName(StringHelper.getUTF8String(moaconfig.getPvp2OrgName())); if (MiscUtil.isNotEmpty(moaconfig.getPvp2OrgURL())) pvp2org.setURL(moaconfig.getPvp2OrgURL()); @@ -363,22 +367,30 @@ public class EditGeneralConfigAction extends ActionSupport pvp2cont = new ArrayList<Contact>(); pvp2.setContact(pvp2cont); } - Contact cont = new Contact(); - pvp2cont.add(cont); + + if (pvp2cont.size() == 0) { + Contact cont = new Contact(); + pvp2cont.add(cont); + } + + Contact cont = pvp2cont.get(0); if (MiscUtil.isNotEmpty(moaconfig.getPvp2Contact().getCompany())) - cont.setCompany(moaconfig.getPvp2Contact().getCompany()); + cont.setCompany(StringHelper.getUTF8String( + moaconfig.getPvp2Contact().getCompany())); if (MiscUtil.isNotEmpty(moaconfig.getPvp2Contact().getGivenname())) - cont.setGivenName(moaconfig.getPvp2Contact().getGivenname()); + cont.setGivenName(StringHelper.getUTF8String( + moaconfig.getPvp2Contact().getGivenname())); //TODO: change to list if required if (MiscUtil.isNotEmpty(moaconfig.getPvp2Contact().getMail())) cont.setMail(Arrays.asList(moaconfig.getPvp2Contact().getMail())); if (MiscUtil.isNotEmpty(moaconfig.getPvp2Contact().getPhone())) cont.setPhone(Arrays.asList(moaconfig.getPvp2Contact().getPhone())); - + if (MiscUtil.isNotEmpty(moaconfig.getPvp2Contact().getSurname())) - cont.setSurName(moaconfig.getPvp2Contact().getSurname()); + cont.setSurName(StringHelper.getUTF8String( + moaconfig.getPvp2Contact().getSurname())); if (MiscUtil.isNotEmpty(moaconfig.getPvp2Contact().getType())) cont.setType(moaconfig.getPvp2Contact().getType()); @@ -389,9 +401,11 @@ public class EditGeneralConfigAction extends ActionSupport } if (MiscUtil.isNotEmpty(moaconfig.getSsoFriendlyName())) - dbsso.setFriendlyName(moaconfig.getSsoFriendlyName()); + dbsso.setFriendlyName(StringHelper.getUTF8String( + moaconfig.getSsoFriendlyName())); if (MiscUtil.isNotEmpty(moaconfig.getSsoSpecialText())) - dbsso.setSpecialText(moaconfig.getSsoSpecialText()); + dbsso.setSpecialText(StringHelper.getUTF8String( + moaconfig.getSsoSpecialText())); // if (MiscUtil.isNotEmpty(moaconfig.getSsoPublicUrl())) // dbsso.setPublicURL(moaconfig.getSsoPublicUrl()); @@ -501,14 +515,25 @@ public class EditGeneralConfigAction extends ActionSupport ForeignIdentities oldforeign = oldauth.getForeignIdentities(); if (oldforeign != null) { STORK oldstork = oldforeign.getSTORK(); - if (oldstork == null) - oldstork = new STORK(); + if (oldstork == null) + oldstork = new STORK(); try { log.error("QAAAA " + storkconfig.getDefaultQaa()); oldstork.setQualityAuthenticationAssuranceLevel(storkconfig.getDefaultQaa()); - oldstork.setAttributes(storkconfig.getAttributes()); - oldstork.setCPEPS(storkconfig.getCpepslist()); + + if (storkconfig.getAttributes() != null) + oldstork.setAttributes(storkconfig.getAttributes()); + + else + oldstork.setAttributes((List<StorkAttribute>) (new ArrayList<StorkAttribute>())); + + if (storkconfig.getCpepslist() != null) + oldstork.setCPEPS(storkconfig.getCpepslist()); + + else + oldstork.setCPEPS((List<CPEPS>) (new ArrayList<CPEPS>())); + dbforeign.setSTORK(oldstork); } catch (Exception e) { e.printStackTrace(); diff --git a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/struts/action/EditOAAction.java b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/struts/action/EditOAAction.java index f8a12e58b..0ff60a656 100644 --- a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/struts/action/EditOAAction.java +++ b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/struts/action/EditOAAction.java @@ -35,6 +35,7 @@ import at.gv.egovernment.moa.id.configuration.data.oa.*; import at.gv.egovernment.moa.id.configuration.exception.ConfigurationException; import at.gv.egovernment.moa.id.configuration.helper.LanguageHelper; import at.gv.egovernment.moa.id.configuration.helper.MailHelper; +import at.gv.egovernment.moa.id.configuration.helper.StringHelper; import at.gv.egovernment.moa.id.configuration.validation.FormularCustomizationValitator; import at.gv.egovernment.moa.id.configuration.validation.TargetValidator; import at.gv.egovernment.moa.id.configuration.validation.ValidationHelper; @@ -218,6 +219,10 @@ public class EditOAAction extends ActionSupport implements ServletRequestAware, ConfigurationDBUtils.closeSession(); + //VIDP attribute provider configuration + storkOA = new OASTORKConfig(); + storkOA.getAttributeProviderPlugins().add(new AttributeProviderPlugin()); + newOA = true; formID = Random.nextRandom(); session.setAttribute(Constants.SESSION_FORMID, formID); @@ -1038,6 +1043,7 @@ public class EditOAAction extends ActionSupport implements ServletRequestAware, stork.setVidpEnabled(storkOA.isVidpEnabled()); stork.setRequireConsent(storkOA.isRequireConsent()); stork.setAttributeProviders(storkOA.getAttributeProviderPlugins()); + stork.setCPEPS(storkOA.getEnabledCPEPS()); try { if (newentry) { diff --git a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/struts/action/ImportExportAction.java b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/struts/action/ImportExportAction.java index 3bc2d4ac5..655ce7a59 100644 --- a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/struts/action/ImportExportAction.java +++ b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/struts/action/ImportExportAction.java @@ -198,6 +198,10 @@ implements ServletRequestAware, ServletResponseAware { ConfigurationDBUtils.closeSession(); } + //set new formID + formID = Random.nextRandom(); + session.setAttribute(Constants.SESSION_FORMID, formID); + log.info("Legacy Configuration load is completed."); addActionMessage(LanguageHelper.getGUIString("webpages.inportexport.success")); return Constants.STRUTS_SUCCESS; @@ -285,6 +289,11 @@ implements ServletRequestAware, ServletResponseAware { ConfigurationDBUtils.closeSession(); } + + //set new formID + formID = Random.nextRandom(); + session.setAttribute(Constants.SESSION_FORMID, formID); + return Constants.STRUTS_SUCCESS; } else { log.info("No access to Import/Export for User with ID" + authUser.getUserID()); @@ -317,15 +326,20 @@ implements ServletRequestAware, ServletResponseAware { + authUser.getFamilyName() + authUser.getGivenName() + authUser.getUserID()); return Constants.STRUTS_ERROR; } + session.setAttribute(Constants.SESSION_FORMID, null); if (authUser.isAdmin()) { if (fileUpload == null) { addActionError(LanguageHelper.getErrorString("errors.importexport.nofile")); + + formID = Random.nextRandom(); + session.setAttribute(Constants.SESSION_FORMID, formID); + return Constants.STRUTS_ERROR_VALIDATION; } - + log.info("Load configuration from MOA-ID 2.x XML configuration"); try { @@ -367,6 +381,10 @@ implements ServletRequestAware, ServletResponseAware { ConfigurationDBUtils.closeSession(); } + //set new formID + formID = Random.nextRandom(); + session.setAttribute(Constants.SESSION_FORMID, formID); + log.info("XML Configuration load is completed."); addActionMessage(LanguageHelper.getGUIString("webpages.inportexport.success")); return Constants.STRUTS_SUCCESS; diff --git a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/struts/action/IndexAction.java b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/struts/action/IndexAction.java index ee9b38f74..8004ab520 100644 --- a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/struts/action/IndexAction.java +++ b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/struts/action/IndexAction.java @@ -127,7 +127,14 @@ public class IndexAction extends ActionSupport implements ServletRequestAware, try { ConfigurationProvider config = ConfigurationProvider.getInstance(); pvp2LoginActiv = config.isPVP2LoginActive(); - return Constants.STRUTS_SUCCESS; + + if (config.isLoginDeaktivated()) { + return "loginWithOutAuth"; + + } else { + return Constants.STRUTS_SUCCESS; + + } } catch (ConfigurationException e) { log.warn("An internal error occurs.", e); @@ -271,6 +278,18 @@ public class IndexAction extends ActionSupport implements ServletRequestAware, Response samlResponse = (Response) messageContext.getInboundMessage(); + //ckeck InResponseTo matchs requestID + if (MiscUtil.isEmpty(authID)) { + log.info("NO AuthRequestID"); + return Constants.STRUTS_ERROR; + } + + if (!authID.equals(samlResponse.getInResponseTo())) { + log.warn("PVPRequestID does not match PVP2 Assertion ID!"); + return Constants.STRUTS_ERROR; + + } + Signature sign = samlResponse.getSignature(); if (sign == null) { log.info("Only http POST Requests can be used"); @@ -345,29 +364,9 @@ public class IndexAction extends ActionSupport implements ServletRequestAware, saml2assertions = samlResponse.getAssertions(); } - - - if (MiscUtil.isEmpty(authID)) { - log.info("NO AuthRequestID"); - return Constants.STRUTS_ERROR; - } - + for (org.opensaml.saml2.core.Assertion saml2assertion : saml2assertions) { - - Subject subject = saml2assertion.getSubject(); - List<SubjectConfirmation> subjectconformlist = subject.getSubjectConfirmations(); - for (SubjectConfirmation el : subjectconformlist) { - if (el.getMethod().equals(SubjectConfirmation.METHOD_BEARER)) { - SubjectConfirmationData date = el.getSubjectConfirmationData(); - - if (!authID.equals(date.getInResponseTo())) { - log.warn("PVPRequestID does not match PVP2 Assertion ID!"); - return Constants.STRUTS_ERROR; - - } - } - } - + Conditions conditions = saml2assertion.getConditions(); DateTime notbefore = conditions.getNotBefore(); DateTime notafter = conditions.getNotOnOrAfter(); @@ -376,6 +375,13 @@ public class IndexAction extends ActionSupport implements ServletRequestAware, return Constants.STRUTS_ERROR; } + + Subject subject = saml2assertion.getSubject(); + if (subject == null) { + log.warn("Assertion has no Subject element"); + return Constants.STRUTS_ERROR; + + } NameID nameID = subject.getNameID(); if (nameID == null) { @@ -624,8 +630,8 @@ public class IndexAction extends ActionSupport implements ServletRequestAware, check = user.getPhone(); if (MiscUtil.isNotEmpty(check)) { - if (ValidationHelper.containsPotentialCSSCharacter(check, false)) { - log.warn("Phonenumber contains potentail XSS characters: " + check); + if (!ValidationHelper.validatePhoneNumber(check)) { + log.warn("No valid Phone Number: " + check); addActionError(LanguageHelper.getErrorString("validation.edituser.phone.valid", new Object[] {ValidationHelper.getPotentialCSSCharacter(false)} )); } diff --git a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/validation/ValidationHelper.java b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/validation/ValidationHelper.java index a95d967bb..c1feddfb8 100644 --- a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/validation/ValidationHelper.java +++ b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/validation/ValidationHelper.java @@ -167,6 +167,34 @@ public class ValidationHelper { } + public static boolean validatePhoneNumber(String value) { + log.debug ("Validate PhoneNumber " + value); + + /* ************************************************************************************************ + * Legende: + * ======== AA = post/pre-Text + * BB = (+49) + * CC = Vorwahl + * DD = Durchwahl + * EE = Nebenstelle + * Pattern p = Pattern.compile("^ [a-zA-Z .,;:/\\-]* [ ]* [(]{0,1}[ ]*[+]{0,1}[ ]*[0-9]{0,2}[ ]*[)]{0,1} [ ]* [0-9]*[ ]* [0-9][ ]* [0-9]* [ ]* [a-zA-Z .,;:\\/-]* $"); + * ------- AA ------- --------------------- BB --------------------- --------- CC -------- - DD - - EE - ------- AA ------- + * ************************************************************************************************ */ + Pattern pattern = Pattern.compile("^[a-zA-Z .,;:/\\-]*[ ]*[(]{0,1}[ ]*[+]{0,1}[ ]*[0-9]{0,2}[ ]*[)]{0,1}[ ]*[0-9]*[ ]*[0-9]*[ ]*[0-9]*[ ]*[a-zA-Z .,;:\\/-]*$"); + Matcher matcher = pattern.matcher(value); + boolean b = matcher.matches(); + if (b) { + log.debug("Parameter PhoneNumber erfolgreich ueberprueft"); + return true; + } + else { + log.error("Fehler Ueberpruefung Parameter PhoneNumber. PhoneNumber entspricht nicht den Kriterien ^ [a-zA-Z .,;:/\\-]* [ ]* [(]{0,1}[ ]*[+]{0,1}[ ]*[0-9]{0,2}[ ]*[)]{0,1} [ ]* [0-9]*[ ]*[/\\-]{0,1} [ ]*[ ]* [0-9]* [ ]* [a-zA-Z .,;:\\/-]* $"); + return false; + } + + + } + public static boolean validateURL(String urlString) { log.debug("Validate URL " + urlString); diff --git a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/validation/moaconfig/MOAConfigValidator.java b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/validation/moaconfig/MOAConfigValidator.java index fcf74a534..3723a09e9 100644 --- a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/validation/moaconfig/MOAConfigValidator.java +++ b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/validation/moaconfig/MOAConfigValidator.java @@ -160,21 +160,24 @@ public class MOAConfigValidator { log.info("Empty MoaspssAuthTransformation"); errors.add(LanguageHelper.getErrorString("validation.general.moasp.auth.transformation.empty")); } else { - check = StringHelper.formatText(check); - String[] list = check.split(GeneralMOAIDConfig.LINE_DELIMITER); - int i=1; - for(String el : list) { - if (ValidationHelper.containsPotentialCSSCharacter(el, false)) { - log.info("IdentityLinkSigners is not valid: " + el); - errors.add(LanguageHelper.getErrorString("validation.general.moasp.auth.transformation.valid", - new Object[] {i, ValidationHelper.getPotentialCSSCharacter(false)} )); - - } else { - if (MiscUtil.isNotEmpty(el.trim())) - authtranslist.add(el.trim()); - } - i++; - } + + //is only required if more then one transformation is in use +// check = StringHelper.formatText(check); +// String[] list = check.split(GeneralMOAIDConfig.LINE_DELIMITER); +// int i=1; +// for(String el : list) { +// if (ValidationHelper.containsPotentialCSSCharacter(el, false)) { +// log.info("IdentityLinkSigners is not valid: " + el); +// errors.add(LanguageHelper.getErrorString("validation.general.moasp.auth.transformation.valid", +// new Object[] {i, ValidationHelper.getPotentialCSSCharacter(false)} )); +// +// } else { +// if (MiscUtil.isNotEmpty(el.trim())) +// authtranslist.add(el.trim()); +// } +// i++; +// } + authtranslist.add(check.trim()); } form.setAuthTransformList(authtranslist); diff --git a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/validation/moaconfig/PVP2ContactValidator.java b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/validation/moaconfig/PVP2ContactValidator.java index f8ccebc09..5286725df 100644 --- a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/validation/moaconfig/PVP2ContactValidator.java +++ b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/validation/moaconfig/PVP2ContactValidator.java @@ -91,7 +91,7 @@ public class PVP2ContactValidator { check = contact.getPhone(); if (MiscUtil.isNotEmpty(check)) { - if (!ValidationHelper.containsPotentialCSSCharacter(check, false)) { + if (!ValidationHelper.validatePhoneNumber(check)) { errors.add(LanguageHelper.getErrorString("validation.general.protocol.pvp2.contact.phone.valid")); } } diff --git a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/validation/oa/OASTORKConfigValidation.java b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/validation/oa/OASTORKConfigValidation.java index 067e85aa6..554aa9ff0 100644 --- a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/validation/oa/OASTORKConfigValidation.java +++ b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/validation/oa/OASTORKConfigValidation.java @@ -49,19 +49,31 @@ public class OASTORKConfigValidation { new Object[] {qaa} )); } - for(AttributeProviderPlugin current : oageneral.getAttributeProviderPlugins()) { - if (MiscUtil.isEmpty(current.getUrl()) || !ValidationHelper.validateURL(current.getUrl())) { - log.info("AttributeProviderPlugin URL has no valid form."); - errors.add(LanguageHelper.getErrorString("validation.stork.ap.url.valid")); - } - if (MiscUtil.isEmpty(current.getName())) { - log.info("AttributeProviderPlugin Name is empty."); - errors.add(LanguageHelper.getErrorString("validation.stork.ap.name.valid")); - } - if (MiscUtil.isEmpty(current.getAttributes()) || !current.getAttributes().matches("[a-zA-Z]+(, ?[a-zA-Z]+)*")) { - log.info("AttributeProviderPlugin attributes are empty or do not match csv format."); - errors.add(LanguageHelper.getErrorString("validation.stork.ap.attributes.valid")); + if (oageneral.isVidpEnabled()) { + for(AttributeProviderPlugin current : oageneral.getAttributeProviderPlugins()) { + if (MiscUtil.isEmpty(current.getUrl()) || !ValidationHelper.validateURL(current.getUrl())) { + log.info("AttributeProviderPlugin URL has no valid form."); + errors.add(LanguageHelper.getErrorString("validation.stork.ap.url.valid")); + } + if (MiscUtil.isEmpty(current.getName())) { + log.info("AttributeProviderPlugin Name is empty."); + errors.add(LanguageHelper.getErrorString("validation.stork.ap.name.empty")); + + } else { + if (!oageneral.getAvailableAttributeProviderPlugins().contains(current.getName())) { + log.info("AttributeProviderPlugin Name is not supported."); + errors.add(LanguageHelper.getErrorString("validation.stork.ap.name.valid")); + } + } + + if (MiscUtil.isEmpty(current.getAttributes()) || !current.getAttributes().matches("[a-zA-Z]+(, ?[a-zA-Z]+)*")) { + log.info("AttributeProviderPlugin attributes are empty or do not match csv format."); + errors.add(LanguageHelper.getErrorString("validation.stork.ap.attributes.valid")); + } } + + } else { + oageneral.setAttributeProviderPlugins(null); } return errors; diff --git a/id/ConfigWebTool/src/main/resources/applicationResources.properties b/id/ConfigWebTool/src/main/resources/applicationResources.properties index 1560db2f0..34d2bc81f 100644 --- a/id/ConfigWebTool/src/main/resources/applicationResources.properties +++ b/id/ConfigWebTool/src/main/resources/applicationResources.properties @@ -108,7 +108,7 @@ webpages.moaconfig.certificates.trustmanagerrev=TrustManagerRevocationChecking webpages.moaconfig.certificates.trustCACerts=TrustedCACertificates webpages.moaconfig.certificates.chainingmode=ChainingMode webpages.moaconfig.timeout.header=Session TimeOuts -webpages.moaconfig.timeout.assertion=Assertion [sec] +webpages.moaconfig.timeout.assertion=Anmeldedaten [sec] webpages.moaconfig.timeout.MOASessionCreated=SSO Session authentifiziert [sec] webpages.moaconfig.timeout.MOASessionUpdated=SSO Session letzter Zugriff [sec] webpages.moaconfig.moasp.header=MOA-SP Konfiguration @@ -244,6 +244,11 @@ webpages.oaconfig.sso.useauthdataframe=Zus\u00E4tzliche Userabfrage webpages.oaconfig.sso.usesso=Single Sign-On verwenden webpages.oaconfig.stork.header=Secure idenTity acrOss boRders linKed +webpages.oaconfig.stork.enabledcpeps=aktivierte Zielländer +webpages.oaconfig.stork.attributes.header=angeforderte Attribute +webpages.oaconfig.stork.attributes.used=anfordern? +webpages.oaconfig.stork.attributes.name=Attributname +webpages.oaconfig.stork.attributes.mandatory=obligatorisch? webpages.oaconfig.stork.usestork=STORK Logon aktivieren webpages.moaconfig.stork.pepslist=C-PEPS Konfiguration webpages.moaconfig.stork.newpeps=Neuen PEPS konfigurieren @@ -423,6 +428,7 @@ validation.stork.requestedattributes=STORK Attribute sind fehlerhaft. Bsp.: attr validation.stork.qaa.outofrange=G\u00FCltige QAA Werte sind 1, 2, 3, und 4 validation.stork.attributes.empty=Es muss mindestens ein Attribut definiert sein validation.stork.ap.url.valid=Ung\u00FCltige AttributProvider Url +validation.stork.ap.name.empty=Ung\u00FCltiger AttributProvider Name validation.stork.ap.name.valid=Ung\u00FCltiger AttributProvider Name validation.stork.ap.attributes.valid=Ung\u00FCltige Attributconfiguration f\u00FCr ein Attribut Provider Plugin. Feld darf nicht leer sein und ist als csv anzugeben. diff --git a/id/ConfigWebTool/src/main/resources/applicationResources_en.properties b/id/ConfigWebTool/src/main/resources/applicationResources_en.properties index ab945b0a0..c66572969 100644 --- a/id/ConfigWebTool/src/main/resources/applicationResources_en.properties +++ b/id/ConfigWebTool/src/main/resources/applicationResources_en.properties @@ -245,6 +245,11 @@ webpages.oaconfig.sso.usesso=Single Sign-On verwenden webpages.oaconfig.stork.header=Secure idenTity acrOss boRders linKed webpages.oaconfig.stork.usestork=STORK Logon aktivieren +webpages.oaconfig.stork.attributes.header=angeforderte Attribute +webpages.oaconfig.stork.attributes.used=anfordern? +webpages.oaconfig.stork.attributes.name=Attributname +webpages.oaconfig.stork.attributes.mandatory=obligatorisch? +webpages.oaconfig.stork.enabledcpeps=aktivierte Zielländer webpages.moaconfig.stork.pepslist=C-PEPS Konfiguration webpages.moaconfig.stork.newpeps=Neuen PEPS konfigurieren webpages.moaconfig.stork.removepeps=l\u00F6schen diff --git a/id/ConfigWebTool/src/main/resources/struts.xml b/id/ConfigWebTool/src/main/resources/struts.xml index ee5baf8d6..9a098da5a 100644 --- a/id/ConfigWebTool/src/main/resources/struts.xml +++ b/id/ConfigWebTool/src/main/resources/struts.xml @@ -13,6 +13,10 @@ <action name="index" method="start" class="at.gv.egovernment.moa.id.configuration.struts.action.IndexAction"> <result name="success">/index.jsp</result> + <result name="loginWithOutAuth" type="redirectAction"> + <param name="actionName">main</param> + <param name="namespace">/secure</param> + </result> <interceptor-ref name="defaultStack"/> </action> diff --git a/id/ConfigWebTool/src/main/webapp/css/index.css b/id/ConfigWebTool/src/main/webapp/css/index.css index e3d2763c2..4f497faaa 100644 --- a/id/ConfigWebTool/src/main/webapp/css/index.css +++ b/id/ConfigWebTool/src/main/webapp/css/index.css @@ -183,6 +183,11 @@ body { margin-left: 10px; } +.oa_protocol_area >h5 { + clear: both; + margin-left: 10px; + padding-top: 10px; +} .oa_config_block { padding-left: 15px; @@ -218,6 +223,12 @@ body { padding-top: 25px; } +.oa_config_block h4 { + clear: both; + padding-top: 20px; + margin-bottom: 10px; +} + #loadOA_webpages_oaconfig_pvp2_certifcate_info{ width: 100%; } diff --git a/id/ConfigWebTool/src/main/webapp/js/common.js b/id/ConfigWebTool/src/main/webapp/js/common.js index a14a287db..d31a65d87 100644 --- a/id/ConfigWebTool/src/main/webapp/js/common.js +++ b/id/ConfigWebTool/src/main/webapp/js/common.js @@ -68,7 +68,7 @@ function oaStork() { } } function oaVIDP() { - if ($('#oa_vidp_area').css('display') == "none" || $('#OAuseVidp').is(':checked')) { + if ($('#oa_vidp_area').css('display') == "none") { $('#oa_vidp_area').css('display', "block"); $('#button_vidp_show').css('display', "none"); $('#button_vidp_hidden').css('display', "block"); @@ -214,8 +214,8 @@ function userOnLoad() { return true; } function oaOnLoad() { - oaBusinessService(); oaStorkService(); + oaBusinessService(); oaSSOService(); oaLegacyService(); oaStork(); diff --git a/id/ConfigWebTool/src/main/webapp/jsp/editMOAConfig.jsp b/id/ConfigWebTool/src/main/webapp/jsp/editMOAConfig.jsp index bdafdd40a..945d4b0b5 100644 --- a/id/ConfigWebTool/src/main/webapp/jsp/editMOAConfig.jsp +++ b/id/ConfigWebTool/src/main/webapp/jsp/editMOAConfig.jsp @@ -174,12 +174,18 @@ cssClass="textfield_long"> </s:textfield> - <s:textarea name="moaconfig.moaspssAuthTransformations" +<%-- <s:textarea name="moaconfig.moaspssAuthTransformations" value="%{moaconfig.moaspssAuthTransformations}" labelposition="left" key="webpages.moaconfig.moasp.authblocktransform" cssClass="textfield_large"> - </s:textarea> + </s:textarea> --%> + <s:textfield name="moaconfig.moaspssAuthTransformations" + value="%{moaconfig.moaspssAuthTransformations}" + labelposition="left" + key="webpages.moaconfig.moasp.authblocktransform" + cssClass="textfield_long"> + </s:textfield> <s:textfield name="moaconfig.moaspssURL" value="%{moaconfig.moaspssURL}" diff --git a/id/ConfigWebTool/src/main/webapp/jsp/editOAGeneral.jsp b/id/ConfigWebTool/src/main/webapp/jsp/editOAGeneral.jsp index 6749b5131..ebdacc7a7 100644 --- a/id/ConfigWebTool/src/main/webapp/jsp/editOAGeneral.jsp +++ b/id/ConfigWebTool/src/main/webapp/jsp/editOAGeneral.jsp @@ -70,7 +70,7 @@ > </s:checkbox> - + <s:if test="authUser.isAdmin()"> <s:checkbox name="generalOA.storkService" value="%{generalOA.storkService}" labelposition="left" @@ -80,6 +80,7 @@ id="OAisstorkservice" disabled="%{isOnlyStorkService()}"> </s:checkbox> + </s:if> </div> @@ -102,6 +103,7 @@ </s:textfield> </div> + <s:if test="authUser.isAdmin()"> <div id="oa_config_storkservice" class="oa_config_block"> <h3><%=LanguageHelper.getGUIString("webpages.oaconfig.general.stork.header", request) %></h3> <s:textfield name="generalOA.storkSPTargetCountry" @@ -112,6 +114,7 @@ disabled="%{isDeactivatedStorkService()}"> </s:textfield> </div> + </s:if> <s:if test="!isOnlyBusinessService()"> <div id="oa_config_publicservice" class="oa_config_block"> @@ -385,9 +388,13 @@ name="storkOA.qaa" key="webpages.moaconfig.stork.qaa" labelposition="left" /> - <h4>Attributes</h4> + <h4><%=LanguageHelper.getGUIString("webpages.oaconfig.stork.enabledcpeps", request) %></h4> + <s:checkboxlist name="storkOA.enabledCitizenCountries" list="storkOA.availableCitizenCountries" value="storkOA.enabledCitizenCountries" /> + <h4><%=LanguageHelper.getGUIString("webpages.oaconfig.stork.attributes.header", request) %></h4> <table> - <tr><th>verwendet</th><th>Attributname</th><th>mandatory</th></tr> + <tr><th><%=LanguageHelper.getGUIString("webpages.oaconfig.stork.attributes.used", request) %></th> + <th><%=LanguageHelper.getGUIString("webpages.oaconfig.stork.attributes.name", request) %></th> + <th><%=LanguageHelper.getGUIString("webpages.oaconfig.stork.attributes.mandatory", request) %></th></tr> <s:iterator value="storkOA.helperAttributes" status="stat"> <tr><td><s:checkbox name="storkOA.helperAttributes[%{#stat.index}].used" value="%{used}" disabled="%{readOnly}" /></td> <td><s:property value="%{name}" /><s:hidden name="storkOA.helperAttributes[%{#stat.index}].name" value="%{name}" /></td> @@ -742,4 +749,4 @@ <jsp:include page="snippets/footer.jsp"></jsp:include> </body> -</html>
\ No newline at end of file +</html> |