diff options
Diffstat (limited to 'id/ConfigWebTool/src')
7 files changed, 409 insertions, 248 deletions
| diff --git a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/Constants.java b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/Constants.java index c5ea0acd1..7f3a2129a 100644 --- a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/Constants.java +++ b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/Constants.java @@ -23,6 +23,7 @@ public class Constants {  	public static final String SESSION_PVP2REQUESTID = "pvp2requestid";  	public static final String SESSION_RETURNAREA = "returnarea";  	public static final String SESSION_BKUFORMPREVIEW = "bkuformpreview"; +	public static final String SESSION_OAUTH20SECRET = "oauth20secret";  	public static enum STRUTS_RETURNAREA_VALUES {adminRequestsInit, main, usermanagementInit};  diff --git a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/data/oa/OAOAuth20Config.java b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/data/oa/OAOAuth20Config.java new file mode 100644 index 000000000..3d2e35ec5 --- /dev/null +++ b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/data/oa/OAOAuth20Config.java @@ -0,0 +1,82 @@ +package at.gv.egovernment.moa.id.configuration.data.oa; + +import java.util.ArrayList; +import java.util.List; +import java.util.UUID; + +import org.apache.commons.lang.StringUtils; +import org.apache.log4j.Logger; + +import at.gv.egovernment.moa.id.commons.db.dao.config.AuthComponentOA; +import at.gv.egovernment.moa.id.commons.db.dao.config.OAOAUTH20; +import at.gv.egovernment.moa.id.commons.db.dao.config.OnlineApplication; +import at.gv.egovernment.moa.id.configuration.helper.LanguageHelper; +import at.gv.egovernment.moa.id.protocols.oauth20.OAuth20Util; + +public class OAOAuth20Config { +	 +	private final Logger log = Logger.getLogger(OAOAuth20Config.class); +	 +	private String clientId = null; +	private String clientSecret = null; +	private String redirectUri = null; +	 +	public OAOAuth20Config() { +	} +	 +	public List<String> parse(OnlineApplication dbOAConfig) { +		List<String> errors = new ArrayList<String>(); +		 +		AuthComponentOA authdata = dbOAConfig.getAuthComponentOA(); +		if (authdata != null) { +			OAOAUTH20 config = authdata.getOAOAUTH20(); +			// set client id to public url prefix +			this.clientId = dbOAConfig.getPublicURLPrefix(); +			 +			// validate secret +			if (config != null && StringUtils.isNotEmpty(config.getOAuthClientSecret())) { +				this.clientSecret = config.getOAuthClientSecret(); +			} else { +				this.generateClientSecret(); +			} +			 +			// validate redirectUri +			if (config != null && StringUtils.isNotEmpty(config.getOAuthRedirectUri()) && OAuth20Util.isUrl(config.getOAuthRedirectUri())) { +				this.redirectUri = config.getOAuthRedirectUri(); +			} else { +				errors.add(LanguageHelper.getErrorString("error.oa.oauth.redirecturi")); +			} +		} +		 +		return errors; +	} +	 +	public String getClientId() { +		return clientId; +	} +	 +	public void setClientId(String clientId) { +		this.clientId = clientId; +	} +	 +	public String getClientSecret() { +		return clientSecret; +	} +	 +	public void setClientSecret(String clientSecret) { +		this.clientSecret = clientSecret; +	} +	 +	public String getRedirectUri() { +		return redirectUri; +	} +	 +	public void setRedirectUri(String redirectUri) { +		this.redirectUri = redirectUri; +	} +	 +	public void generateClientSecret() { +		this.clientSecret = UUID.randomUUID().toString(); +	} +	 +} diff --git a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/struts/action/EditOAAction.java b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/struts/action/EditOAAction.java index 5bde5dd66..f6f742c5c 100644 --- a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/struts/action/EditOAAction.java +++ b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/struts/action/EditOAAction.java @@ -19,7 +19,6 @@ import javax.servlet.http.HttpServletRequest;  import javax.servlet.http.HttpServletResponse;  import javax.servlet.http.HttpSession; -import org.apache.commons.lang.StringUtils;  import org.apache.log4j.Logger;  import org.apache.struts2.interceptor.ServletRequestAware;  import org.apache.struts2.interceptor.ServletResponseAware; @@ -35,6 +34,7 @@ import at.gv.egovernment.moa.id.commons.db.dao.config.IdentificationNumber;  import at.gv.egovernment.moa.id.commons.db.dao.config.MOAIDConfiguration;  import at.gv.egovernment.moa.id.commons.db.dao.config.MOAKeyBoxSelector;  import at.gv.egovernment.moa.id.commons.db.dao.config.Mandates; +import at.gv.egovernment.moa.id.commons.db.dao.config.OAOAUTH20;  import at.gv.egovernment.moa.id.commons.db.dao.config.OAPVP2;  import at.gv.egovernment.moa.id.commons.db.dao.config.OASAML1;  import at.gv.egovernment.moa.id.commons.db.dao.config.OASSO; @@ -46,12 +46,12 @@ import at.gv.egovernment.moa.id.commons.db.dao.config.TemplatesType;  import at.gv.egovernment.moa.id.commons.db.dao.config.TransformsInfoType;  import at.gv.egovernment.moa.id.commons.db.dao.config.UserDatabase;  import at.gv.egovernment.moa.id.commons.db.ex.MOADatabaseException; -import at.gv.egovernment.moa.id.config.auth.OAAuthParameter;  import at.gv.egovernment.moa.id.configuration.Constants;  import at.gv.egovernment.moa.id.configuration.auth.AuthenticatedUser;  import at.gv.egovernment.moa.id.configuration.config.ConfigurationProvider;  import at.gv.egovernment.moa.id.configuration.data.FormularCustomization;  import at.gv.egovernment.moa.id.configuration.data.oa.OAGeneralConfig; +import at.gv.egovernment.moa.id.configuration.data.oa.OAOAuth20Config;  import at.gv.egovernment.moa.id.configuration.data.oa.OAPVP2Config;  import at.gv.egovernment.moa.id.configuration.data.oa.OASAML1Config;  import at.gv.egovernment.moa.id.configuration.data.oa.OASSOConfig; @@ -63,28 +63,27 @@ import at.gv.egovernment.moa.id.configuration.validation.FormularCustomizationVa  import at.gv.egovernment.moa.id.configuration.validation.TargetValidator;  import at.gv.egovernment.moa.id.configuration.validation.ValidationHelper;  import at.gv.egovernment.moa.id.configuration.validation.oa.OAGeneralConfigValidation; +import at.gv.egovernment.moa.id.configuration.validation.oa.OAOAUTH20ConfigValidation;  import at.gv.egovernment.moa.id.configuration.validation.oa.OAPVP2ConfigValidation;  import at.gv.egovernment.moa.id.configuration.validation.oa.OASAML1ConfigValidation;  import at.gv.egovernment.moa.id.configuration.validation.oa.OASSOConfigValidation;  import at.gv.egovernment.moa.id.configuration.validation.oa.OASTORKConfigValidation;  import at.gv.egovernment.moa.id.util.FormBuildUtils; -import at.gv.egovernment.moa.id.util.HTTPUtils;  import at.gv.egovernment.moa.id.util.Random;  import at.gv.egovernment.moa.util.MiscUtil;  import com.opensymphony.xwork2.ActionSupport; -public class EditOAAction extends ActionSupport implements ServletRequestAware, -ServletResponseAware { - +public class EditOAAction extends ActionSupport implements ServletRequestAware, ServletResponseAware { +	  	private final Logger log = Logger.getLogger(EditOAAction.class);  	private static final long serialVersionUID = 1L; - +	  	private HttpServletRequest request;  	private HttpServletResponse response; -	private AuthenticatedUser authUser;  +	private AuthenticatedUser authUser;  	private String oaidobj;  	private boolean newOA; @@ -96,17 +95,18 @@ ServletResponseAware {  	private boolean isMetaDataRefreshRequired = false;  	private String nextPage; - +	  	private OAGeneralConfig generalOA = new OAGeneralConfig();  	private OAPVP2Config pvp2OA = new OAPVP2Config();  	private OASAML1Config saml1OA = new OASAML1Config();  	private OASSOConfig ssoOA = new OASSOConfig(); +	private OAOAuth20Config oauth20OA = new OAOAuth20Config();  	private OASTORKConfig storkOA;  	private FormularCustomization formOA = new FormularCustomization();  	private InputStream stream; -	//STRUTS actions +	// STRUTS actions  	public String inital() {  		HttpSession session = request.getSession();  		if (session == null) { @@ -127,40 +127,39 @@ ServletResponseAware {  		oaid = Long.valueOf(oaidobj);  		UserDatabase userdb = null; -		OnlineApplication onlineapplication = null;; +		OnlineApplication onlineapplication = null;  		if (authUser.isAdmin())  			onlineapplication = ConfigurationDBRead.getOnlineApplication(oaid);  		else {  			userdb = ConfigurationDBRead.getUserWithID(authUser.getUserID()); - -			if (!authUser.isAdmin() && userdb.isIsMailAddressVerified() != null -					&& !userdb.isIsMailAddressVerified()) { +			 +			if (!authUser.isAdmin() && userdb.isIsMailAddressVerified() != null && !userdb.isIsMailAddressVerified()) {  				log.info("Online-Applikation managemant disabled. Mail address is not verified.");  				addActionError(LanguageHelper.getErrorString("error.editoa.mailverification"));  				return Constants.STRUTS_SUCCESS;  			} -			 -			//TODO: change to direct Database operation +			// TODO: change to direct Database operation  			List<OnlineApplication> oas = userdb.getOnlineApplication();  			for (OnlineApplication oa : oas) {  				if (oa.getHjid() == oaid) {  					onlineapplication = oa;  					break;  				} -			}	 +			}  			if (onlineapplication == null) {  				addActionError(LanguageHelper.getErrorString("errors.edit.oa.oaid", request));  				return Constants.STRUTS_ERROR;  			}  		} -			 +		  		generalOA.parse(onlineapplication);  		ssoOA.parse(onlineapplication);  		saml1OA.parse(onlineapplication); -		 +		oauth20OA.parse(onlineapplication); +		session.setAttribute(Constants.SESSION_OAUTH20SECRET, this.oauth20OA.getClientSecret());  		Map<String, String> map = new HashMap<String, String>();  		map.putAll(FormBuildUtils.getDefaultMap()); @@ -172,14 +171,13 @@ ServletResponseAware {  		if (errors.size() > 0) {  			for (String el : errors) -				addActionError(el);	 +				addActionError(el);  		}  		subTargetSet = MiscUtil.isNotEmpty(generalOA.getTarget_subsector()); -		//set UserSpezific OA Parameters -		if (!authUser.isAdmin()) -			generateUserSpecificConfigurationOptions(userdb); +		// set UserSpezific OA Parameters +		if (!authUser.isAdmin()) generateUserSpecificConfigurationOptions(userdb);  		ConfigurationDBUtils.closeSession();  		session.setAttribute(Constants.SESSION_OAID, oaid); @@ -194,24 +192,23 @@ ServletResponseAware {  	public String newOA() {  		log.debug("insert new Online-Application"); -	 +		  		HttpSession session = request.getSession();  		if (session == null) {  			log.info("No http Session found.");  			return Constants.STRUTS_ERROR;  		} -	 +		  		session.setAttribute(Constants.SESSION_OAID, null);  		nextPage = Constants.STRUTS_RETURNAREA_VALUES.main.name();  		Object authUserObj = session.getAttribute(Constants.SESSION_AUTH);  		authUser = (AuthenticatedUser) authUserObj; -	 +		  		UserDatabase userdb = ConfigurationDBRead.getUserWithID(authUser.getUserID()); -		if (!authUser.isAdmin() && userdb.isIsMailAddressVerified() != null  -				&& !userdb.isIsMailAddressVerified()) { +		if (!authUser.isAdmin() && userdb.isIsMailAddressVerified() != null && !userdb.isIsMailAddressVerified()) {  			log.info("Online-Applikation managemant disabled. Mail address is not verified.");  			addActionError(LanguageHelper.getErrorString("error.editoa.mailverification"));  			return Constants.STRUTS_SUCCESS; @@ -227,10 +224,8 @@ ServletResponseAware {  			}  		} -		//set UserSpezific OA Parameters -		if (!authUser.isAdmin()) -			generateUserSpecificConfigurationOptions(userdb); -	 +		// set UserSpezific OA Parameters +		if (!authUser.isAdmin()) generateUserSpecificConfigurationOptions(userdb);  		ConfigurationDBUtils.closeSession(); @@ -240,6 +235,9 @@ ServletResponseAware {  		session.setAttribute(Constants.SESSION_BKUFORMPREVIEW, null); +		this.oauth20OA.generateClientSecret(); +		session.setAttribute(Constants.SESSION_OAUTH20SECRET, this.oauth20OA.getClientSecret()); +		  		return Constants.STRUTS_OA_EDIT;  	} @@ -252,25 +250,24 @@ ServletResponseAware {  		Object authUserObj = session.getAttribute(Constants.SESSION_AUTH);  		authUser = (AuthenticatedUser) authUserObj; - +		  		Object formidobj = session.getAttribute(Constants.SESSION_FORMID);  		if (formidobj != null && formidobj instanceof String) {  			String formid = (String) formidobj;  			if (!formid.equals(formID)) { -				log.warn("FormIDs does not match. Some suspect Form is received from user " -						+ authUser.getFamilyName() + authUser.getGivenName() + authUser.getUserID()); +				log.warn("FormIDs does not match. Some suspect Form is received from user " + authUser.getFamilyName() +						+ authUser.getGivenName() + authUser.getUserID());  				return Constants.STRUTS_ERROR; -			}			 +			}  		} else { -			log.warn("FormIDs does not match. Some suspect Form is received from user " -					+ authUser.getFamilyName() + authUser.getGivenName() + authUser.getUserID()); +			log.warn("FormIDs does not match. Some suspect Form is received from user " + authUser.getFamilyName() +					+ authUser.getGivenName() + authUser.getUserID());  			return Constants.STRUTS_ERROR;  		}  		session.setAttribute(Constants.SESSION_FORMID, null);  		UserDatabase userdb = ConfigurationDBRead.getUserWithID(authUser.getUserID()); -		if (!authUser.isAdmin() &&  -				userdb.isIsMailAddressVerified() != null && !userdb.isIsMailAddressVerified()) { +		if (!authUser.isAdmin() && userdb.isIsMailAddressVerified() != null && !userdb.isIsMailAddressVerified()) {  			log.info("Online-Applikation managemant disabled. Mail address is not verified.");  			addActionError(LanguageHelper.getErrorString("error.editoa.mailverification"));  			return Constants.STRUTS_SUCCESS; @@ -282,21 +279,22 @@ ServletResponseAware {  		Object oadbid = request.getSession().getAttribute(Constants.SESSION_OAID);  		Long oaid = (long) -1; -		if (oadbid != null ) { +		if (oadbid != null) {  			try { -				oaid = (Long) oadbid;	 +				oaid = (Long) oadbid;  				if (oaid < 0 || oaid > Long.MAX_VALUE) {  					addActionError(LanguageHelper.getErrorString("errors.edit.oa.oaid", request)); -					return Constants.STRUTS_ERROR;				 +					return Constants.STRUTS_ERROR;  				} -			} catch (Throwable t) { +			} +			catch (Throwable t) {  				addActionError(LanguageHelper.getErrorString("errors.edit.oa.oaid", request)); -				return Constants.STRUTS_ERROR;	 +				return Constants.STRUTS_ERROR;  			}  		} -		//valid DBID and check entry +		// valid DBID and check entry  		String oaidentifier = generalOA.getIdentifier();  		if (MiscUtil.isEmpty(oaidentifier)) {  			log.info("Empty OA identifier"); @@ -306,14 +304,14 @@ ServletResponseAware {  			if (!ValidationHelper.validateURL(oaidentifier)) {  				log.warn("OnlineapplikationIdentifier is not a valid URL: " + oaidentifier); -				errors.add(LanguageHelper.getErrorString("validation.general.oaidentifier.valid",  -						new Object[] {ValidationHelper.getNotValidOAIdentifierCharacters()} )); +				errors.add(LanguageHelper.getErrorString("validation.general.oaidentifier.valid", +						new Object[] { ValidationHelper.getNotValidOAIdentifierCharacters() }));  			} else { -			 +				  				if (oaid == -1) {  					onlineapplication = ConfigurationDBRead.getOnlineApplication(oaidentifier);  					newOA = true; -					if (onlineapplication != null)  { +					if (onlineapplication != null) {  						log.info("The OAIdentifier is not unique");  						errors.add(LanguageHelper.getErrorString("validation.general.oaidentifier.notunique"));  					} @@ -322,7 +320,7 @@ ServletResponseAware {  					onlineapplication = ConfigurationDBRead.getOnlineApplication(oaid);  					if (!oaidentifier.equals(onlineapplication.getPublicURLPrefix())) { -						if (ConfigurationDBRead.getOnlineApplication(oaidentifier) != null)  { +						if (ConfigurationDBRead.getOnlineApplication(oaidentifier) != null) {  							log.info("The OAIdentifier is not unique");  							errors.add(LanguageHelper.getErrorString("validation.general.oaidentifier.notunique"));  						} @@ -331,113 +329,104 @@ ServletResponseAware {  			}  		} -		//set UserSpezific OA Parameters -		if (!authUser.isAdmin()) -			generateUserSpecificConfigurationOptions(userdb); +		// set UserSpezific OA Parameters +		if (!authUser.isAdmin()) generateUserSpecificConfigurationOptions(userdb); -		//check form +		// check form  		OAGeneralConfigValidation validatior_general = new OAGeneralConfigValidation();  		OAPVP2ConfigValidation validatior_pvp2 = new OAPVP2ConfigValidation();  		OASAML1ConfigValidation validatior_saml1 = new OASAML1ConfigValidation();  		OASSOConfigValidation validatior_sso = new OASSOConfigValidation();  		OASTORKConfigValidation validator_stork = new OASTORKConfigValidation();  		FormularCustomizationValitator validator_form = new FormularCustomizationValitator(); +		OAOAUTH20ConfigValidation validatior_oauth20 = new OAOAUTH20ConfigValidation(); -		errors.addAll(validatior_general.validate(generalOA, authUser.isAdmin()));		 +		errors.addAll(validatior_general.validate(generalOA, authUser.isAdmin()));  		errors.addAll(validatior_pvp2.validate(pvp2OA));  		errors.addAll(validatior_saml1.validate(saml1OA, generalOA));  		errors.addAll(validatior_sso.validate(ssoOA, authUser.isAdmin())); -		errors.addAll(validator_stork.validate(storkOA));  +		errors.addAll(validator_stork.validate(storkOA));  		errors.addAll(validator_form.validate(formOA)); +		errors.addAll(validatior_oauth20.validate(oauth20OA)); -		//Do not allow SSO in combination with special BKUSelection features -		if (ssoOA.isUseSSO() &&  -				( formOA.isOnlyMandateAllowed() || !formOA.isShowMandateLoginButton()) ) { +		// Do not allow SSO in combination with special BKUSelection features +		if (ssoOA.isUseSSO() && (formOA.isOnlyMandateAllowed() || !formOA.isShowMandateLoginButton())) {  			log.warn("Special BKUSelection features can not be used in combination with SSO"); -			errors.add(LanguageHelper.getErrorString("validation.general.bkuselection.specialfeatures.valid"));			 +			errors.add(LanguageHelper.getErrorString("validation.general.bkuselection.specialfeatures.valid"));  		}  		if (errors.size() > 0) {  			log.info("OAConfiguration with ID " + generalOA.getIdentifier() + " has some errors.");  			for (String el : errors) -				addActionError(el);	 +				addActionError(el);  			formID = Random.nextRandom();  			session.setAttribute(Constants.SESSION_FORMID, formID);  			return Constants.STRUTS_ERROR_VALIDATION;  		} else { -						 +			  			boolean newentry = false;  			if (onlineapplication == null) {  				onlineapplication = new OnlineApplication();  				newentry = true;  				onlineapplication.setIsActive(false); -								 +				  				if (!authUser.isAdmin()) {  					onlineapplication.setIsAdminRequired(true);  				} else  					isMetaDataRefreshRequired = true; -					  			} else { -				if (!authUser.isAdmin() &&  -						!onlineapplication.getPublicURLPrefix(). -						equals(generalOA.getIdentifier())) { +				if (!authUser.isAdmin() && !onlineapplication.getPublicURLPrefix().equals(generalOA.getIdentifier())) {  					onlineapplication.setIsAdminRequired(true);  					onlineapplication.setIsActive(false); -					log.info("User with ID " + authUser.getUserID()  -							+ " change OA-PublicURLPrefix. Reaktivation is required."); +					log.info("User with ID " + authUser.getUserID() + " change OA-PublicURLPrefix. Reaktivation is required.");  				}  			} -			if ( (onlineapplication.isIsAdminRequired() == null) ||  -					(authUser.isAdmin() && generalOA.isActive()  -										&& onlineapplication.isIsAdminRequired()) ) { +			if ((onlineapplication.isIsAdminRequired() == null) +					|| (authUser.isAdmin() && generalOA.isActive() && onlineapplication.isIsAdminRequired())) {  				onlineapplication.setIsAdminRequired(false);  				isMetaDataRefreshRequired = true; -				if (onlineapplication.getHjid() != null) -					userdb = ConfigurationDBRead.getUsersWithOADBID(onlineapplication.getHjid()); +				if (onlineapplication.getHjid() != null) userdb = ConfigurationDBRead.getUsersWithOADBID(onlineapplication.getHjid()); -				if (userdb != null && !userdb.isIsAdmin() ) { +				if (userdb != null && !userdb.isIsAdmin()) {  					try { -						MailHelper.sendUserOnlineApplicationActivationMail( -								userdb.getGivenname(),  -								userdb.getFamilyname(),  -								userdb.getInstitut(),  -								onlineapplication.getPublicURLPrefix(),  -								userdb.getMail()); -					} catch (ConfigurationException e) { +						MailHelper.sendUserOnlineApplicationActivationMail(userdb.getGivenname(), userdb.getFamilyname(), +								userdb.getInstitut(), onlineapplication.getPublicURLPrefix(), userdb.getMail()); +					} +					catch (ConfigurationException e) {  						log.warn("Sending Mail to User " + userdb.getMail() + " failed", e);  					} -				}	 +				}  			}  			if (pvp2OA.getMetaDataURL() != null) {  				try { -					if (isMetaDataRefreshRequired || !pvp2OA.getMetaDataURL(). -							equals(onlineapplication.getAuthComponentOA().getOAPVP2().getMetadataURL())) { -					 +					if (isMetaDataRefreshRequired +							|| !pvp2OA.getMetaDataURL().equals(onlineapplication.getAuthComponentOA().getOAPVP2().getMetadataURL())) { +						  						log.debug("Set PVP2 Metadata refresh flag.");  						MOAIDConfiguration moaconfig = ConfigurationDBRead.getMOAIDConfiguration();  						moaconfig.setPvp2RefreshItem(new Date());  						ConfigurationDBUtils.saveOrUpdate(moaconfig); -					 +						  					} -				} catch (Throwable e) { +				} +				catch (Throwable e) {  					log.info("Found no MetadataURL in OA-Databaseconfig!", e);  				}  			} -			  			String error = saveOAConfigToDatabase(onlineapplication, newentry);  			if (MiscUtil.isNotEmpty(error)) {  				log.warn("OA configuration can not be stored!"); @@ -449,7 +438,7 @@ ServletResponseAware {  			}  		} -		Object nextPageAttr = session.getAttribute(Constants.SESSION_RETURNAREA);	 +		Object nextPageAttr = session.getAttribute(Constants.SESSION_RETURNAREA);  		if (nextPageAttr != null && nextPageAttr instanceof String) {  			nextPage = (String) nextPageAttr;  			session.setAttribute(Constants.SESSION_RETURNAREA, null); @@ -458,33 +447,29 @@ ServletResponseAware {  			nextPage = Constants.STRUTS_RETURNAREA_VALUES.main.name();  		} -		  		if (onlineapplication.isIsAdminRequired()) {  			int numoas = 0;  			int numusers = 0;  			List<OnlineApplication> openOAs = ConfigurationDBRead.getAllNewOnlineApplications(); -			if (openOAs != null) -				numoas = openOAs.size(); +			if (openOAs != null) numoas = openOAs.size();  			List<UserDatabase> openUsers = ConfigurationDBRead.getAllNewUsers(); -			if (openUsers != null) -				numusers = openUsers.size();					 +			if (openUsers != null) numusers = openUsers.size();  			try {  				addActionMessage(LanguageHelper.getGUIString("webpages.oaconfig.success.admin", generalOA.getIdentifier(), request)); -				if (numusers > 0 || numoas > 0) -					MailHelper.sendAdminMail(numoas, numusers); +				if (numusers > 0 || numoas > 0) MailHelper.sendAdminMail(numoas, numusers); -			} catch (ConfigurationException e) { +			} +			catch (ConfigurationException e) {  				log.warn("Sending Mail to Admin failed.", e);  			}  		} else -			addActionMessage(LanguageHelper.getGUIString("webpages.oaconfig.success", generalOA.getIdentifier(), request));	 +			addActionMessage(LanguageHelper.getGUIString("webpages.oaconfig.success", generalOA.getIdentifier(), request)); -	  		request.getSession().setAttribute(Constants.SESSION_OAID, null);  		ConfigurationDBUtils.closeSession(); @@ -498,8 +483,8 @@ ServletResponseAware {  			log.info("No http Session found.");  			return Constants.STRUTS_ERROR;  		} - -		Object nextPageAttr = session.getAttribute(Constants.SESSION_RETURNAREA);	 +		 +		Object nextPageAttr = session.getAttribute(Constants.SESSION_RETURNAREA);  		if (nextPageAttr != null && nextPageAttr instanceof String) {  			nextPage = (String) nextPageAttr;  			session.setAttribute(Constants.SESSION_RETURNAREA, null); @@ -531,28 +516,27 @@ ServletResponseAware {  		if (formidobj != null && formidobj instanceof String) {  			String formid = (String) formidobj;  			if (!formid.equals(formID)) { -				log.warn("FormIDs does not match. Some suspect Form is received from user " -						+ authUser.getFamilyName() + authUser.getGivenName() + authUser.getUserID()); +				log.warn("FormIDs does not match. Some suspect Form is received from user " + authUser.getFamilyName() +						+ authUser.getGivenName() + authUser.getUserID());  				return Constants.STRUTS_ERROR; -			}			 +			}  		} else { -			log.warn("FormIDs does not match. Some suspect Form is received from user " -					+ authUser.getFamilyName() + authUser.getGivenName() + authUser.getUserID()); +			log.warn("FormIDs does not match. Some suspect Form is received from user " + authUser.getFamilyName() +					+ authUser.getGivenName() + authUser.getUserID());  			return Constants.STRUTS_ERROR;  		}  		session.setAttribute(Constants.SESSION_FORMID, null); -		Object nextPageAttr = session.getAttribute(Constants.SESSION_RETURNAREA);	 +		Object nextPageAttr = session.getAttribute(Constants.SESSION_RETURNAREA);  		if (nextPageAttr != null && nextPageAttr instanceof String) {  			nextPage = (String) nextPageAttr;  		} else {  			nextPage = Constants.STRUTS_RETURNAREA_VALUES.main.name();  		} -				 +		  		UserDatabase userdb = ConfigurationDBRead.getUserWithID(authUser.getUserID()); -		if (!authUser.isAdmin() && userdb.isIsMailAddressVerified() != null &&  -				!userdb.isIsMailAddressVerified()) { +		if (!authUser.isAdmin() && userdb.isIsMailAddressVerified() != null && !userdb.isIsMailAddressVerified()) {  			log.info("Online-Applikation managemant disabled. Mail address is not verified.");  			addActionError(LanguageHelper.getErrorString("error.editoa.mailverification"));  			return Constants.STRUTS_SUCCESS; @@ -570,32 +554,31 @@ ServletResponseAware {  		} else {  			if (ValidationHelper.isValidOAIdentifier(oaidentifier)) {  				log.warn("IdentificationNumber contains potentail XSS characters: " + oaidentifier); -				addActionError(LanguageHelper.getErrorString("validation.general.oaidentifier.valid",  -						new Object[] {ValidationHelper.getNotValidOAIdentifierCharacters()} )); +				addActionError(LanguageHelper.getErrorString("validation.general.oaidentifier.valid", +						new Object[] { ValidationHelper.getNotValidOAIdentifierCharacters() }));  				formID = Random.nextRandom();  				session.setAttribute(Constants.SESSION_FORMID, formID);  				return Constants.STRUTS_ERROR_VALIDATION;  			}  		} -			 +		  		OnlineApplication onlineapplication = ConfigurationDBRead.getOnlineApplication(oaidentifier);  		request.getSession().setAttribute(Constants.SESSION_OAID, null); -		  		try {  			if (MiscUtil.isNotEmpty(onlineapplication.getAuthComponentOA().getOAPVP2().getMetadataURL())) { -			 +				  				MOAIDConfiguration moaconfig = ConfigurationDBRead.getMOAIDConfiguration();  				moaconfig.setPvp2RefreshItem(new Date());  				ConfigurationDBUtils.saveOrUpdate(moaconfig); -			 +				  			} -		} catch (Throwable e) { +		} +		catch (Throwable e) {  			log.info("Found no MetadataURL in OA-Databaseconfig!", e);  		} -		  		if (ConfigurationDBUtils.delete(onlineapplication)) {  			if (!authUser.isAdmin()) { @@ -611,7 +594,8 @@ ServletResponseAware {  				try {  					ConfigurationDBUtils.saveOrUpdate(user); -				} catch (MOADatabaseException e) { +				} +				catch (MOADatabaseException e) {  					log.warn("User information can not be updated in database", e);  					addActionError(LanguageHelper.getGUIString("error.db.oa.store", request));  					return Constants.STRUTS_ERROR; @@ -627,15 +611,13 @@ ServletResponseAware {  		} else {  			ConfigurationDBUtils.closeSession();  			addActionError(LanguageHelper.getGUIString("webpages.oaconfig.delete.error", generalOA.getIdentifier(), request)); -			return Constants.STRUTS_SUCCESS;			 +			return Constants.STRUTS_SUCCESS;  		} -		 -  	}  	public String bkuFramePreview() { - +		  		String preview = null;  		HttpSession session = request.getSession(); @@ -651,12 +633,11 @@ ServletResponseAware {  				if (mapobj != null && mapobj instanceof Map<?, ?>) {  					ConfigurationProvider config = ConfigurationProvider.getInstance(); -					String templateURL = config.getConfigRootDir() +  -							ConfigurationProvider.HTMLTEMPLATE_DIR +  -							ConfigurationProvider.HTMLTEMPLATE_FILE; +					String templateURL = config.getConfigRootDir() + ConfigurationProvider.HTMLTEMPLATE_DIR +							+ ConfigurationProvider.HTMLTEMPLATE_FILE;  					File file = new File(templateURL); -					input = new  FileInputStream(file); +					input = new FileInputStream(file);  					String contextpath = config.getMOAIDInstanceURL();  					if (MiscUtil.isEmpty(contextpath)) { @@ -667,7 +648,6 @@ ServletResponseAware {  					preview = LoginFormBuilder.getTemplate(input);  					preview = preview.replace(LoginFormBuilder.CONTEXTPATH, contextpath); -					  					Map<String, String> map = (Map<String, String>) mapobj;  					request.setCharacterEncoding("UTF-8"); @@ -679,22 +659,20 @@ ServletResponseAware {  						String[] query = URLDecoder.decode(request.getQueryString()).split("&");  						value = query[1].substring("value=".length());  					} - +					  					synchronized (map) { -											 +						  						if (MiscUtil.isNotEmpty(module)) { -							if (map.containsKey("#"+module+"#")) { +							if (map.containsKey("#" + module + "#")) {  								if (MiscUtil.isNotEmpty(value)) { -									if (FormBuildUtils.FONTFAMILY.contains(module) || -											FormBuildUtils.HEADER_TEXT.contains(module) || -											value.startsWith("#")) -											map.put("#"+module+"#", value); +									if (FormBuildUtils.FONTFAMILY.contains(module) || FormBuildUtils.HEADER_TEXT.contains(module) +											|| value.startsWith("#")) +										map.put("#" + module + "#", value);  									else -										map.put("#"+module+"#", "#"+value); -				 +										map.put("#" + module + "#", "#" + value); +									  								} else { -									map.put("#"+module+"#",  -											FormBuildUtils.getDefaultMap().get("#"+module+"#")); +									map.put("#" + module + "#", FormBuildUtils.getDefaultMap().get("#" + module + "#"));  								}  							}  						} @@ -705,12 +683,13 @@ ServletResponseAware {  					preview = LanguageHelper.getErrorString("error.bkuformpreview.notpossible");  				} -							 -			} catch (Exception e) { +				 +			} +			catch (Exception e) {  				log.warn("BKUSelection Preview can not be generated.", e);  				preview = LanguageHelper.getErrorString("error.bkuformpreview.notpossible"); -			}  +			}  		}  		stream = new ByteArrayInputStream(preview.getBytes()); @@ -719,15 +698,14 @@ ServletResponseAware {  	}  	private String saveOAConfigToDatabase(OnlineApplication dboa, boolean newentry) { -						 +		  		AuthComponentOA authoa = dboa.getAuthComponentOA(); -		if (authoa == null) {  +		if (authoa == null) {  			authoa = new AuthComponentOA();  			dboa.setAuthComponentOA(authoa);  		} - -		if (authUser.isAdmin()) -			dboa.setIsActive(generalOA.isActive()); +		 +		if (authUser.isAdmin()) dboa.setIsActive(generalOA.isActive());  		dboa.setFriendlyName(generalOA.getFriendlyName());  		dboa.setCalculateHPI(generalOA.isCalculateHPI()); @@ -736,8 +714,7 @@ ServletResponseAware {  		if (authUser.isAdmin())  			dboa.setKeyBoxIdentifier(MOAKeyBoxSelector.fromValue(generalOA.getKeyBoxIdentifier()));  		else { -			if (newentry) -				dboa.setKeyBoxIdentifier(MOAKeyBoxSelector.SECURE_SIGNATURE_KEYPAIR); +			if (newentry) dboa.setKeyBoxIdentifier(MOAKeyBoxSelector.SECURE_SIGNATURE_KEYPAIR);  		}  		dboa.setPublicURLPrefix(generalOA.getIdentifier()); @@ -753,7 +730,7 @@ ServletResponseAware {  				num = at.gv.egovernment.moa.util.StringUtils.deleteLeadingZeros(num); -				//num = StringUtils.leftPad(num, 7, '0'); +				// num = StringUtils.leftPad(num, 7, '0');  				type = Constants.IDENIFICATIONTYPE_FN_TYPE;  			} @@ -777,28 +754,25 @@ ServletResponseAware {  			authoa.setIdentificationNumber(idnumber); -		}  -		else { +		} else {  			dboa.setType(null);  			if (authUser.isAdmin()) { -				if (MiscUtil.isNotEmpty(generalOA.getTarget_admin()) && -						generalOA.isAdminTarget() ) { +				if (MiscUtil.isNotEmpty(generalOA.getTarget_admin()) && generalOA.isAdminTarget()) {  					dboa.setTarget(generalOA.getTarget_admin());  					dboa.setTargetFriendlyName(generalOA.getTargetFriendlyName());  				} else {  					String target = generalOA.getTarget(); - +					  					if (MiscUtil.isNotEmpty(generalOA.getTarget_subsector()) && subTargetSet)  						dboa.setTarget(target + "-" + generalOA.getTarget_subsector());  					else  						dboa.setTarget(target);  					String targetname = TargetValidator.getTargetFriendlyName(target); -					if (MiscUtil.isNotEmpty(targetname)) -						dboa.setTargetFriendlyName(targetname); +					if (MiscUtil.isNotEmpty(targetname)) dboa.setTargetFriendlyName(targetname);  				} @@ -807,7 +781,7 @@ ServletResponseAware {  				if (MiscUtil.isNotEmpty(generalOA.getTarget())) {  					String target = generalOA.getTarget(); -										 +					  					if (MiscUtil.isNotEmpty(generalOA.getTarget_subsector()) && subTargetSet)  						dboa.setTarget(target + "-" + generalOA.getTarget_subsector()); @@ -815,11 +789,10 @@ ServletResponseAware {  						dboa.setTarget(target);  					String targetname = TargetValidator.getTargetFriendlyName(target); -					if (MiscUtil.isNotEmpty(targetname)) -						dboa.setTargetFriendlyName(targetname); +					if (MiscUtil.isNotEmpty(targetname)) dboa.setTargetFriendlyName(targetname);  				} -			}			 +			}  		}  		BKUURLS bkuruls = new BKUURLS(); @@ -829,7 +802,7 @@ ServletResponseAware {  			bkuruls.setLocalBKU(generalOA.getBkuLocalURL());  			bkuruls.setOnlineBKU(generalOA.getBkuOnlineURL());  		} -						 +		  		TemplatesType templates = authoa.getTemplates();  		if (templates == null) {  			templates = new TemplatesType(); @@ -856,15 +829,15 @@ ServletResponseAware {  		if (authUser.isAdmin()) {  			templates.setAditionalAuthBlockText(generalOA.getAditionalAuthBlockText()); -		 +			  			List<TemplateType> template = templates.getTemplate();  			if (generalOA.isLegacy()) { -			 +				  				if (template == null)  					template = new ArrayList<TemplateType>();  				else  					template.clear(); -			 +				  				if (MiscUtil.isNotEmpty(generalOA.getSLTemplateURL1())) {  					TemplateType el = new TemplateType();  					el.setURL(generalOA.getSLTemplateURL1()); @@ -882,10 +855,9 @@ ServletResponseAware {  				}  			} else { -				if (template != null && template.size() > 0) -					template.clear(); +				if (template != null && template.size() > 0) template.clear();  			} -									 +			  			bkuselectioncustom.setBackGroundColor(parseColor(formOA.getBackGroundColor()));  			bkuselectioncustom.setFrontColor(parseColor(formOA.getFrontColor())); @@ -896,19 +868,19 @@ ServletResponseAware {  			bkuselectioncustom.setButtonBackGroundColor(parseColor(formOA.getButton_BackGroundColor()));  			bkuselectioncustom.setButtonBackGroundColorFocus(parseColor(formOA.getButton_BackGroundColorFocus()));  			bkuselectioncustom.setButtonFontColor(parseColor(formOA.getButton_FrontColor())); - +			  			if (MiscUtil.isNotEmpty(formOA.getAppletRedirectTarget()))  				bkuselectioncustom.setAppletRedirectTarget(formOA.getAppletRedirectTarget()); -			bkuselectioncustom.setFontType(formOA.getFontType());	 -				 +			bkuselectioncustom.setFontType(formOA.getFontType()); +			  		} -				 -		//set default transformation if it is empty +		 +		// set default transformation if it is empty  		List<TransformsInfoType> transformsInfo = authoa.getTransformsInfo();  		if (transformsInfo == null) { -			//TODO: set OA specific transformation if it is required -	 +			// TODO: set OA specific transformation if it is required +			  		}  		OAPVP2 pvp2 = authoa.getOAPVP2(); @@ -920,17 +892,18 @@ ServletResponseAware {  		pvp2.setMetadataURL(pvp2OA.getMetaDataURL());  		try { -			if (pvp2OA.getFileUpload() != null) -				pvp2.setCertificate(pvp2OA.getCertificate()); +			if (pvp2OA.getFileUpload() != null) pvp2.setCertificate(pvp2OA.getCertificate()); -		} catch (CertificateException e) { +		} +		catch (CertificateException e) {  			log.info("Uploaded Certificate can not be found", e);  			return LanguageHelper.getErrorString("validation.pvp2.certificate.notfound"); -		} catch (IOException e) { +		} +		catch (IOException e) {  			log.info("Uploaded Certificate can not be parsed", e);  			return LanguageHelper.getErrorString("validation.pvp2.certificate.format");  		} -				 +		  		OASAML1 saml1 = authoa.getOASAML1();  		if (saml1 == null) {  			saml1 = new OASAML1(); @@ -941,7 +914,7 @@ ServletResponseAware {  		if (authUser.isAdmin()) {  			saml1.setIsActive(saml1OA.isActive());  		} - +		  		if (saml1.isIsActive() != null && saml1.isIsActive()) {  			saml1.setProvideAUTHBlock(saml1OA.isProvideAuthBlock());  			saml1.setProvideCertificate(saml1OA.isProvideCertificate()); @@ -950,8 +923,8 @@ ServletResponseAware {  			saml1.setProvideStammzahl(saml1OA.isProvideStammZahl());  			saml1.setUseCondition(saml1OA.isUseCondition());  			saml1.setConditionLength(BigInteger.valueOf(saml1OA.getConditionLength())); -			//TODO: set sourceID -			//saml1.setSourceID(""); +			// TODO: set sourceID +			// saml1.setSourceID("");  		}  		OASSO sso = authoa.getOASSO(); @@ -962,42 +935,60 @@ ServletResponseAware {  		}  		sso.setUseSSO(ssoOA.isUseSSO()); -		if (authUser.isAdmin()) -			sso.setAuthDataFrame(ssoOA.isShowAuthDataFrame()); +		if (authUser.isAdmin()) sso.setAuthDataFrame(ssoOA.isShowAuthDataFrame());  		sso.setSingleLogOutURL(ssoOA.getSingleLogOutURL()); -		  		STORK stork = authoa.getSTORK();  		if (stork == null) { -			//TODO: make stork configurable +			// TODO: make stork configurable  		} - +		 +		if (oauth20OA != null) { +			log.debug("Saving OAuth 2.0 configuration:"); +			OAOAUTH20 oaOAuth20 = authoa.getOAOAUTH20(); +			if (oaOAuth20 == null) { +				oaOAuth20 = new OAOAUTH20(); +				authoa.setOAOAUTH20(oaOAuth20); +			} +			 +			oaOAuth20.setOAuthClientId(generalOA.getIdentifier()); +			// oaOAuth20.setOAuthClientSecret(oauth20OA.getClientSecret()); +			oaOAuth20.setOAuthRedirectUri(oauth20OA.getRedirectUri()); +			log.debug("client id: " + oauth20OA.getClientId()); +			log.debug("client secret: " + oauth20OA.getClientSecret()); +			log.debug("redirect uri:" + oauth20OA.getRedirectUri()); +			 +			oaOAuth20.setOAuthClientSecret((String) request.getSession().getAttribute(Constants.SESSION_OAUTH20SECRET)); +			request.getSession().setAttribute(Constants.SESSION_OAUTH20SECRET, null); +			 +		} +		  		try {  			if (newentry) {  				ConfigurationDBUtils.save(dboa); -			 +				  				if (!authUser.isAdmin()) {  					UserDatabase user = ConfigurationDBRead.getUserWithID(authUser.getUserID()); - +					  					List<OnlineApplication> useroas = user.getOnlineApplication(); -					if (useroas == null) -						useroas = new ArrayList<OnlineApplication>(); +					if (useroas == null) useroas = new ArrayList<OnlineApplication>();  					useroas.add(dboa); -					ConfigurationDBUtils.saveOrUpdate(user);					 +					ConfigurationDBUtils.saveOrUpdate(user);  				}  			}  			else  				ConfigurationDBUtils.saveOrUpdate(dboa); -		} catch (MOADatabaseException e) { +		} +		catch (MOADatabaseException e) {  			log.warn("Online-Application can not be stored.", e);  			return LanguageHelper.getErrorString("error.db.oa.store");  		} - +		  		return null;  	} @@ -1016,9 +1007,8 @@ ServletResponseAware {  	private void generateUserSpecificConfigurationOptions(UserDatabase userdb) {  		if (userdb.isIsMandateUser() != null && userdb.isIsMandateUser()) { -			String bpk = userdb.getBpk();   -			if (bpk.startsWith(Constants.IDENIFICATIONTYPE_BASEID_FN) || -					bpk.startsWith(Constants.IDENIFICATIONTYPE_BASEID_ZVR)) { +			String bpk = userdb.getBpk(); +			if (bpk.startsWith(Constants.IDENIFICATIONTYPE_BASEID_FN) || bpk.startsWith(Constants.IDENIFICATIONTYPE_BASEID_ZVR)) {  				onlyBusinessService = true;  				generalOA.setBusinessService(true); @@ -1030,15 +1020,12 @@ ServletResponseAware {  			generalOA.setIdentificationType(split[1].substring(1));  			if (bpk.startsWith(Constants.IDENIFICATIONTYPE_BASEID_FN)) -				generalOA.setIdentificationNumber( -						at.gv.egovernment.moa.util.StringUtils.deleteLeadingZeros(split[2])); +				generalOA.setIdentificationNumber(at.gv.egovernment.moa.util.StringUtils.deleteLeadingZeros(split[2]));  			else  				generalOA.setIdentificationNumber(split[2]);  		} -		 -				  	}  	public String setGeneralOAConfig() { @@ -1066,179 +1053,185 @@ ServletResponseAware {  		return Constants.STRUTS_SUCCESS;  	} -	 -	//Getter and Setter +	// Getter and Setter  	public void setServletResponse(HttpServletResponse arg0) {  		this.response = arg0;  	} - +	  	public void setServletRequest(HttpServletRequest arg0) {  		this.request = arg0;  	} - +	  	public HttpServletRequest getRequest() {  		return request;  	} - +	  	public void setRequest(HttpServletRequest request) {  		this.request = request;  	} - +	  	public HttpServletResponse getResponse() {  		return response;  	} - +	  	public void setResponse(HttpServletResponse response) {  		this.response = response;  	} - +	  	public OAGeneralConfig getGeneralOA() {  		return generalOA;  	} - +	  	public void setGeneralOA(OAGeneralConfig generalOA) {  		this.generalOA = generalOA;  	} - +	  	public OAPVP2Config getPvp2OA() {  		return pvp2OA;  	} - +	  	public void setPvp2OA(OAPVP2Config pvp2oa) {  		pvp2OA = pvp2oa;  	} - +	  	public OASAML1Config getSaml1OA() {  		return saml1OA;  	} - +	  	public void setSaml1OA(OASAML1Config saml1oa) {  		saml1OA = saml1oa;  	} - +	  	public OASSOConfig getSsoOA() {  		return ssoOA;  	} - +	  	public void setSsoOA(OASSOConfig ssoOA) {  		this.ssoOA = ssoOA;  	} - +	  	public OASTORKConfig getStorkOA() {  		return storkOA;  	} - +	  	public void setStorkOA(OASTORKConfig storkOA) {  		this.storkOA = storkOA;  	} - +	  	/** -	 * @param oaidobj the oaidobj to set +	 * @param oaidobj +	 *            the oaidobj to set  	 */  	public void setOaidobj(String oaidobj) {  		this.oaidobj = oaidobj;  	} - +	  	/**  	 * @return the authUser  	 */  	public AuthenticatedUser getAuthUser() {  		return authUser;  	} - +	  	/**  	 * @return the newOA  	 */  	public boolean isNewOA() {  		return newOA;  	} - +	  	/** -	 * @param newOA the newOA to set +	 * @param newOA +	 *            the newOA to set  	 */  	public void setNewOA(boolean newOA) {  		this.newOA = newOA;  	} - +	  	/**  	 * @return the nextPage  	 */  	public String getNextPage() {  		return nextPage;  	} - +	  	/**  	 * @return the formID  	 */  	public String getFormID() {  		return formID;  	} - +	  	/** -	 * @param formID the formID to set +	 * @param formID +	 *            the formID to set  	 */  	public void setFormID(String formID) {  		this.formID = formID;  	} - +	  	/**  	 * @return the onlyBusinessService  	 */  	public boolean isOnlyBusinessService() {  		return onlyBusinessService;  	} - +	  	/** -	 * @param onlyBusinessService the onlyBusinessService to set +	 * @param onlyBusinessService +	 *            the onlyBusinessService to set  	 */  	public void setOnlyBusinessService(boolean onlyBusinessService) {  		this.onlyBusinessService = onlyBusinessService;  	} - +	  	/**  	 * @return the subTargetSet  	 */  	public boolean isSubTargetSet() {  		return subTargetSet;  	} - +	  	/** -	 * @param subTargetSet the subTargetSet to set +	 * @param subTargetSet +	 *            the subTargetSet to set  	 */  	public void setSubTargetSet(boolean subTargetSet) {  		this.subTargetSet = subTargetSet;  	} - +	  	/**  	 * @return the deaktivededBusinessService  	 */  	public boolean isDeaktivededBusinessService() {  		return deaktivededBusinessService;  	} - +	  	/** -	 * @param deaktivededBusinessService the deaktivededBusinessService to set +	 * @param deaktivededBusinessService +	 *            the deaktivededBusinessService to set  	 */  	public void setDeaktivededBusinessService(boolean deaktivededBusinessService) {  		this.deaktivededBusinessService = deaktivededBusinessService;  	} - +	  	/**  	 * @return the formOA  	 */  	public FormularCustomization getFormOA() {  		return formOA;  	} - +	  	/** -	 * @param formOA the formOA to set +	 * @param formOA +	 *            the formOA to set  	 */  	public void setFormOA(FormularCustomization formOA) {  		this.formOA = formOA;  	} - +	  	/**  	 * @return the stream  	 */ @@ -1246,5 +1239,12 @@ ServletResponseAware {  		return stream;  	} +	public OAOAuth20Config getOauth20OA() { +		return oauth20OA; +	} +	 +	public void setOauth20OA(OAOAuth20Config oauth20OA) { +		this.oauth20OA = oauth20OA; +	}  } diff --git a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/validation/oa/OAOAUTH20ConfigValidation.java b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/validation/oa/OAOAUTH20ConfigValidation.java new file mode 100644 index 000000000..867abafc3 --- /dev/null +++ b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/validation/oa/OAOAUTH20ConfigValidation.java @@ -0,0 +1,33 @@ +package at.gv.egovernment.moa.id.configuration.validation.oa; + +import java.util.ArrayList; +import java.util.List; + +import org.apache.commons.lang.StringUtils; +import org.apache.log4j.Logger; + +import at.gv.egovernment.moa.id.configuration.data.oa.OAOAuth20Config; +import at.gv.egovernment.moa.id.configuration.helper.LanguageHelper; +import at.gv.egovernment.moa.id.protocols.oauth20.OAuth20Util; + +public class OAOAUTH20ConfigValidation { +	 +	private static final Logger log = Logger.getLogger(OAOAUTH20ConfigValidation.class); +	 +	public List<String> validate(OAOAuth20Config form) { +		 +		List<String> errors = new ArrayList<String>(); +		 +		// validate secret +//		if (StringUtils.isEmpty(form.getClientSecret())) { +//			errors.add(LanguageHelper.getErrorString("error.oa.oauth.clientSecret")); +//		} +		 +		// validate redirectUri +		if (StringUtils.isNotEmpty(form.getRedirectUri()) && !OAuth20Util.isUrl(form.getRedirectUri())) { +			errors.add(LanguageHelper.getErrorString("error.oa.oauth.redirecturi")); +		} +		 +		return errors; +	} +} diff --git a/id/ConfigWebTool/src/main/resources/applicationResources.properties b/id/ConfigWebTool/src/main/resources/applicationResources.properties index cad135b95..456c37ff1 100644 --- a/id/ConfigWebTool/src/main/resources/applicationResources.properties +++ b/id/ConfigWebTool/src/main/resources/applicationResources.properties @@ -27,6 +27,10 @@ error.mail.send=An die angegebene Mailadresse konnte keine Nachticht versendet w  error.mail.verification=Der Verifikationsvorgang wurde durch einen internen Fehler unterbrochen. Bitte Versuchen sie es noch einmal.   error.editoa.mailverification=Die Verwaltung von Online-Applikationen ist vor\u00FCbergehend deaktiviert, da die Mailadresse des Benutzeraccounts noch nicht verifiziert wurde.  error.bkuformpreview.notpossible="Die Vorschau konnte nicht generiert werden da ein interner Fehler auftreten ist." +error.oa.oauth.redirecturi=Redirect URL ist keine richtige URL +error.oa.oauth.clientSecret=Client-Secret darf nicht leer sein +error.oa.oauth.keyname=Key-Name darf nicht leer sein +error.oa.oauth.keystore=Keystore darf nicht leer sein und muss eine richtige URL sein.  mail.userrequest.subject=Accountanforderung MOA-ID 2.x Konfigurationstool @@ -189,6 +193,9 @@ webpages.oaconfig.menu.saml1.show=SAML1 Konfiguration einblenden  webpages.oaconfig.menu.saml1.hidden=SAML1 Konfiguration ausblenden  webpages.oaconfig.menu.pvp2.show=PVP2 Konfiguration einblenden  webpages.oaconfig.menu.pvp2.hidden=PVP2 Konfiguration ausblenden +webpages.oaconfig.menu.oauth20.show=OAuth 2.0 Konfiguration einblenden +webpages.oaconfig.menu.oauth20.hidden=OAuth 2.0 Konfiguration ausblenden +  webpages.oaconfig.menu.stork=STORK Konfiguration @@ -230,6 +237,12 @@ webpages.oaconfig.pvp2.metaDataURL=URL zu den Metadaten  webpages.oaconfig.pvp2.certifcate=Zertifikat hochladen  webpages.oaconfig.pvp2.certifcate.info=Infos zum Zertifikat +webpages.oaconfig.protocols.oauth20.header=OAuth 2.0 Konfiguration +webpages.oaconfig.oauth20.clientId=Client ID +webpages.oaconfig.oauth20.clientSecret=Client Passwort +webpages.oaconfig.oauth20.redirectUri=Redirect Uri  + +		  message.title=Meldung:  webpages.oaconfig.success=Die Online-Applikation {0} konnte erfolgreich gespeichert werden.  webpages.oaconfig.success.admin=Die Online-Applikation {0} konnte erfolgreich gespeichert werden. Es ist jedoch eine Aktivierung durch den Administrator erforderlich.  diff --git a/id/ConfigWebTool/src/main/webapp/js/common.js b/id/ConfigWebTool/src/main/webapp/js/common.js index b94fd9ec2..ff9509895 100644 --- a/id/ConfigWebTool/src/main/webapp/js/common.js +++ b/id/ConfigWebTool/src/main/webapp/js/common.js @@ -44,6 +44,17 @@ function oaPVP2(){  		$('#button_pvp2_hidden').css('display', "block");  	}  } +function oaOAuth20(){ +	if ($('#oa_oauth20_area').css('display') == "block") { +		$('#oa_oauth20_area').css('display', "none"); +		$('#button_oauth20_show').css('display', "block"); +		$('#button_oauth20_hidden').css('display', "none"); +	} else { +		$('#oa_oauth20_area').css('display', "block"); +		$('#button_oauth20_show').css('display', "none"); +		$('#button_oauth20_hidden').css('display', "block"); +	} +}  function oaFormCustom() {  	if ($('#formcustom_area').css('display') == "block") {  		$('#formcustom_area').css('display', "none"); @@ -141,6 +152,7 @@ function updateBKUFormPreview(module) {  	$("#formCustomPreview>iframe").attr("src", "./bkuFramePreview.action?module="+module+"&value="+encodeURIComponent(value.replace("#","")));  } +  function userOnLoad() {  	UseUserNamePassword();  	return true; diff --git a/id/ConfigWebTool/src/main/webapp/jsp/editOAGeneral.jsp b/id/ConfigWebTool/src/main/webapp/jsp/editOAGeneral.jsp index e8bb346a6..0341fc49b 100644 --- a/id/ConfigWebTool/src/main/webapp/jsp/editOAGeneral.jsp +++ b/id/ConfigWebTool/src/main/webapp/jsp/editOAGeneral.jsp @@ -1,7 +1,7 @@  <%@ page contentType="text/html;charset=UTF-8" %>  <%@page import="at.gv.egovernment.moa.id.configuration.helper.LanguageHelper"%>  <%@ taglib prefix="s" uri="/struts-tags" %> - +   <!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">  <html>  	<head> @@ -13,7 +13,6 @@  		<script type="text/javascript" src="../js/common.js"></script>  		<script src="../js/jquery.js"></script>  		<script type="text/javascript" src="../js/colorpicker.js"></script> -		  	</head>  	<body onload="oaOnLoad()"> @@ -272,7 +271,7 @@  					</div>  					<div class="oa_config_block"> -						<h3><%=LanguageHelper.getGUIString("webpages.oaconfig.sso.header", request) %></h3> +						<p><strong><%=LanguageHelper.getGUIString("webpages.oaconfig.sso.header", request) %></strong></p>  						<s:checkbox name="ssoOA.useSSO"   							value="%{ssoOA.useSSO}" @@ -321,6 +320,13 @@  							<button type="button" class="oa_buttons" onclick="oaPVP2();" id="button_pvp2_hidden">  								<%=LanguageHelper.getGUIString("webpages.oaconfig.menu.pvp2.hidden", request) %>  						  </button> +						   +						  <button type="button" class="oa_buttons" onclick="oaOAuth20();" id="button_oauth20_show"> +								<%=LanguageHelper.getGUIString("webpages.oaconfig.menu.oauth20.show", request) %> +						  </button> +							<button type="button" style="display:none" class="oa_buttons" onclick="oaOAuth20();" id="button_oauth20_hidden"> +								<%=LanguageHelper.getGUIString("webpages.oaconfig.menu.oauth20.hidden", request) %> +						  </button>  						<div id="oa_saml1_area" class="oa_protocol_area">  							<h4><%=LanguageHelper.getGUIString("webpages.oaconfig.protocols.saml1.header", request) %></h4> @@ -398,6 +404,20 @@  								<s:file name="pvp2OA.fileUpload" key="webpages.oaconfig.pvp2.certifcate" cssClass="textfield_long"></s:file>  							</div>  						</div> +						 +						<div id="oa_oauth20_area" class="oa_protocol_area"> +							<h4><%=LanguageHelper.getGUIString("webpages.oaconfig.protocols.oauth20.header", request) %></h4> +						 +							<s:label key="webpages.oaconfig.oauth20.clientId" value="%{oauth20OA.clientId}"/> +							 +							<s:label key="webpages.oaconfig.oauth20.clientSecret" value="%{oauth20OA.clientSecret}"/> +														 +							<s:textfield name="oauth20OA.redirectUri"  +								value="%{oauth20OA.redirectUri}"  +								labelposition="left" +								key="webpages.oaconfig.oauth20.redirectUri"> +							</s:textfield> +						</div>  					</div> @@ -480,7 +500,7 @@  										id="HEADER_TEXT">  									</s:textfield> -	<%-- 								<s:textfield name="formOA.button_BackGroundColor"  +	<%-- 							<s:textfield name="formOA.button_BackGroundColor"   										value="%{formOA.button_BackGroundColor}"   										labelposition="left"  										key="webpages.oaconfig.general.BKUSelection.header.button.background" | 
