aboutsummaryrefslogtreecommitdiff
path: root/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/builder/GetIdentityLinkFormBuilder.java
diff options
context:
space:
mode:
Diffstat (limited to 'id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/builder/GetIdentityLinkFormBuilder.java')
-rw-r--r--id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/builder/GetIdentityLinkFormBuilder.java235
1 files changed, 187 insertions, 48 deletions
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/builder/GetIdentityLinkFormBuilder.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/builder/GetIdentityLinkFormBuilder.java
index 9bab8643f..dcaed084a 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/builder/GetIdentityLinkFormBuilder.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/builder/GetIdentityLinkFormBuilder.java
@@ -15,11 +15,19 @@
*/
package at.gv.egovernment.moa.id.auth.builder;
+import java.io.BufferedReader;
import java.io.IOException;
import java.io.StringReader;
import java.io.StringWriter;
+import at.gv.egovernment.moa.id.AuthenticationException;
import at.gv.egovernment.moa.id.BuildException;
+import at.gv.egovernment.moa.id.config.ConfigurationException;
+import at.gv.egovernment.moa.id.config.OnlineMandatesTemplates;
+import at.gv.egovernment.moa.id.config.auth.AuthConfigurationProvider;
+import at.gv.egovernment.moa.id.config.auth.OAAuthParameter;
+import at.gv.egovernment.moa.logging.Logger;
+import at.gv.egovernment.moa.util.FileUtils;
/**
* Builder for HTML form requesting the security layer implementation
@@ -43,6 +51,8 @@ public class GetIdentityLinkFormBuilder extends Builder {
private static final String CERTINFO_DATAURL_TAG = "<CertInfoDataURL>";
/** special tag in the HTML template to be substituted for the infoboxes to be pushed from the BKU */
private static final String PUSHINFOBOX_TAG = "<PushInfobox>";
+ /** special tag in the HTML template to be substituted for the BKU URL */
+ private static final String MANDATE_TAG = "<Mandate>";
/** private static int all contains the representation to replace all tags*/
private static final int ALL = -1;
@@ -83,48 +93,101 @@ public class GetIdentityLinkFormBuilder extends Builder {
"</body>" + nl +
"</html>";
- /** default HTML template */
- private static final String DEFAULT_HTML_TEMPLATE_FOR_MANDATES =
+ /** default HTML template for mandates */
+ private static final String DEFAULT_HTML_TEMPLATE_FOR_MANDATES_OLD =
"<html>" + nl +
"<head>" + nl +
- "<meta http-equiv=\"content-type\" content=\"text/html; charset=UTF-8\">" + nl +
+ "<meta http-equiv=\"content-type\" content=\"text/html; charset=UTF-8\">" + nl +
"<title>Vollmachten-Anmeldung</title>" + nl +
- "<script type=\"text/javascript\">" + nl +
- "window.onload=function() {" + nl +
- "document.VollmachtenForm.submit();" + nl +
- "document.VollmachtenForm.Senden.disabled=true;" + nl +
- "return;" + nl +
- "}" + nl +
- "</script>" + nl +
- "</head>" + nl +
- "<body>" + nl +
- "<form name=\"VollmachtenForm\"" + nl +
- " action=\"" + BKU_TAG + "\"" + nl +
- " method=\"post\">" + nl +
- " <input type=\"hidden\" " + nl +
- " name=\"XMLRequest\"" + nl +
- " value=\"" + XMLREQUEST_TAG + "\"/>" + nl +
- " <input type=\"hidden\" " + nl +
- " name=\"DataURL\"" + nl +
- " value=\"" + DATAURL_TAG + "\"/>" + nl +
- " <input type=\"hidden\" " + nl +
- " name=\"PushInfobox\"" + nl +
- " value=\"" + PUSHINFOBOX_TAG + "\"/>" + nl +
- " <input type=\"submit\" value=\"Starte Signatur\" name=\"Senden\"/>" + nl +
- "</form>" + nl +
- "<form name=\"CertificateInfoForm\"" + nl +
- " action=\"" + BKU_TAG + "\"" + nl +
- " method=\"post\">" + nl +
- " <input type=\"hidden\" " + nl +
- " name=\"XMLRequest\"" + nl +
- " value=\"" + CERTINFO_XMLREQUEST_TAG + "\"/>" + nl +
- " <input type=\"hidden\" " + nl +
- " name=\"DataURL\"" + nl +
- " value=\"" + CERTINFO_DATAURL_TAG + "\"/>" + nl +
-// " <input type=\"submit\" value=\"Information zu Wurzelzertifikaten\"/>" + nl +
- " <input type=\"hidden\" value=\"Information zu Wurzelzertifikaten\"/>" + nl +
- "</form>" + nl +
- "</body>" + nl +
+ "<script language=\"javascript\">" + nl +
+ " function fillFrame() {" + nl +
+ " var f = top.frames['mandate'];" + nl +
+ " with (f.document) {" + nl +
+ " open();" + nl +
+ " <Mandate>" + nl +
+ " close();" + nl +
+ " }" + nl +
+ " }" + nl +
+ "</script>" + nl +
+ "</head>" + nl +
+ "<body onLoad=\"fillFrame(); return false;\">" + nl +
+ "<h2>Vollmachten-Anmeldung</h2>" + nl +
+ "<iframe name=\"mandate\" src=\"\" frameborder=\"0\" width=\"250\" height=\"400\"></iframe>" + nl +
+ "</body>" + nl +
+ "</html>";
+
+
+ /** default HTML template - iFrame */
+ private static final String DEFAULT_HTML_TEMPLATE_IFRAME_FOR_MANDATES_OLD =
+ "<html>" +
+ "<head>" +
+ //"<base target=\"_parent\">" +
+ "<meta http-equiv=\"content-type\" content=\"text/html; charset=UTF-8\">" +
+ "<title>Vollmachten-Anmeldung</title>" +
+ "</head>" +
+ "<body onLoad=\"document.VollmachtenForm.submit();\">" +
+ "<form name=\"VollmachtenForm\"" +
+ " action=\"" + BKU_TAG + "\"" +
+ " method=\"post\">" +
+ " <input type=\"hidden\" " +
+ " name=\"XMLRequest\"" +
+ " value=\"" + XMLREQUEST_TAG + "\"/>" +
+ " <input type=\"hidden\" " +
+ " name=\"DataURL\"" +
+ " value=\"" + DATAURL_TAG + "\"/>" +
+ " <input type=\"hidden\" " +
+ " name=\"PushInfobox\"" +
+ " value=\"" + PUSHINFOBOX_TAG + "\"/>" +
+ " <input type=\"submit\" value=\"Starte Signatur\" name=\"Senden\"/>" +
+ "</form>" +
+ "<form name=\"CertificateInfoForm\"" +
+ " action=\"" + BKU_TAG + "\"" +
+ " method=\"post\">" +
+ " <input type=\"hidden\" " +
+ " name=\"XMLRequest\"" +
+ " value=\"" + CERTINFO_XMLREQUEST_TAG + "\"/>" +
+ " <input type=\"hidden\" " +
+ " name=\"DataURL\"" +
+ " value=\"" + CERTINFO_DATAURL_TAG + "\"/>" +
+ " <input type=\"hidden\" value=\"Information zu Wurzelzertifikaten\"/>" +
+ "</form>" +
+ "</body>" +
+ "</html>";
+
+ /** default HTML template for Online mandates */
+ private static final String DEFAULT_HTML_TEMPLATE_IFRAME_FOR_MANDATES =
+ "<html>" +
+ "<head>" +
+ "<meta http-equiv=\"content-type\" content=\"text/html; charset=UTF-8\">" +
+ "<title>Vollmachten-Anmeldung</title>" +
+ "</head>" +
+ "<body onLoad=\"document.VollmachtenForm.submit();\">" +
+ "<form name=\"VollmachtenForm\"" +
+ " action=\"" + BKU_TAG + "\"" +
+ " method=\"post\">" +
+ " <input type=\"hidden\" " +
+ " name=\"XMLRequest\"" +
+ " value=\"" + XMLREQUEST_TAG + "\"/>" +
+ " <input type=\"hidden\" " +
+ " name=\"DataURL\"" +
+ " value=\"" + DATAURL_TAG + "\"/>" +
+ " <input type=\"hidden\" " +
+ " name=\"PushInfobox\"" +
+ " value=\"" + PUSHINFOBOX_TAG + "\"/>" +
+ " <input type=\"submit\" value=\"Starte Signatur\" name=\"Senden\"/>" +
+ "</form>" +
+ "<form name=\"CertificateInfoForm\"" +
+ " action=\"" + BKU_TAG + "\"" +
+ " method=\"post\">" +
+ " <input type=\"hidden\" " +
+ " name=\"XMLRequest\"" +
+ " value=\"" + CERTINFO_XMLREQUEST_TAG + "\"/>" +
+ " <input type=\"hidden\" " +
+ " name=\"DataURL\"" +
+ " value=\"" + CERTINFO_DATAURL_TAG + "\"/>" +
+ " <input type=\"hidden\" value=\"Information zu Wurzelzertifikaten\"/>" +
+ "</form>" +
+ "</body>" +
"</html>";
/**
@@ -167,25 +230,101 @@ public class GetIdentityLinkFormBuilder extends Builder {
/**
* Builds the HTML form, including XML Request and data URL as parameters.
*
- * @param htmlTemplate template to be used for the HTML form;
- * may be <code>null</code>, in this case a default layout will be produced
* @param xmlRequest XML Request to be sent as a parameter in the form
* @param bkuURL URL of the "B&uuml;rgerkartenumgebung" the form will be submitted to;
* may be <code>null</code>, in this case the default URL will be used
* @param dataURL DataURL to be sent as a parameter in the form
*/
public String buildCreateSignature(
- String bkuURL,
+ String bkuURL,
String xmlRequest,
- String dataURL)
+ String dataURL,
+ String oaUrl)
throws BuildException
{
- String htmlForm = DEFAULT_HTML_TEMPLATE_FOR_MANDATES;
- htmlForm = replaceTag(htmlForm, BKU_TAG, bkuURL, true, ALL);
- htmlForm = replaceTag(htmlForm, XMLREQUEST_TAG, encodeParameter(xmlRequest), true, ALL);
- htmlForm = replaceTag(htmlForm, DATAURL_TAG, dataURL, true, ALL);
- return htmlForm;
+ String htmlForm = "";
+ OAAuthParameter oaParam;
+ try {
+ oaParam = AuthConfigurationProvider.getInstance().getOnlineApplicationParameter(oaUrl);
+ } catch (ConfigurationException e) {
+ Logger.error("Error on building HTMl form for online mandates: " + e.getMessage());
+ throw new BuildException("builder.03", null);
+ }
+
+ OnlineMandatesTemplates[] templatesOnlineMandates = oaParam.getTemplateOnlineMandates();
+ if (templatesOnlineMandates == null) {
+ // no templates given
+ htmlForm = DEFAULT_HTML_TEMPLATE_IFRAME_FOR_MANDATES;
+ htmlForm = replaceTag(htmlForm, BKU_TAG, bkuURL, true, ALL);
+ htmlForm = replaceTag(htmlForm, XMLREQUEST_TAG, encodeParameter(xmlRequest), true, ALL);
+ htmlForm = replaceTag(htmlForm, DATAURL_TAG, dataURL, true, ALL);
+ } else {
+ String moaidTemplateUrl = null;
+ String mandateTemplateUrl = null;
+ // check for configured bku URL
+ for (int i = 0; i < templatesOnlineMandates.length; i++) {
+ if (templatesOnlineMandates[i].getBkuURL().compareToIgnoreCase(bkuURL) == 0) {
+ moaidTemplateUrl = templatesOnlineMandates[i].getMoaIdTemplateURL();
+ mandateTemplateUrl = templatesOnlineMandates[i].getMandatesTemplateURL();
+ }
+ }
+ if (moaidTemplateUrl == null || mandateTemplateUrl == null) {
+ Logger.debug("Configured and used BKU URL are not equal. So standard template is used.");
+ htmlForm = DEFAULT_HTML_TEMPLATE_IFRAME_FOR_MANDATES;
+ htmlForm = replaceTag(htmlForm, BKU_TAG, bkuURL, true, ALL);
+ htmlForm = replaceTag(htmlForm, XMLREQUEST_TAG, encodeParameter(xmlRequest), true, ALL);
+ htmlForm = replaceTag(htmlForm, DATAURL_TAG, dataURL, true, ALL);
+ } else {
+ // use configured templates
+ String moaidTemplate;
+ String mandateTemplate;
+ try {
+ moaidTemplate = new String(FileUtils.readURL(moaidTemplateUrl));
+ } catch (IOException ex) {
+ throw new BuildException("auth.03", new Object[] { moaidTemplateUrl, ex.toString()},ex);
+ }
+ try {
+ mandateTemplate = new String(FileUtils.readURL(mandateTemplateUrl));
+ } catch (IOException ex) {
+ throw new BuildException("auth.03", new Object[] { mandateTemplateUrl, ex.toString()},ex);
+ }
+
+
+ // Mandatem template with iFrame
+ htmlForm = mandateTemplate;
+
+
+ // HTML form with XML signature request, which is filled into the iFrame
+ String htmlFormiFrame = moaidTemplate;
+ htmlFormiFrame = replaceTag(htmlFormiFrame, BKU_TAG, bkuURL, true, ALL);
+ htmlFormiFrame = replaceTag(htmlFormiFrame, XMLREQUEST_TAG, encodeParameter(xmlRequest), true, ALL);
+ htmlFormiFrame = replaceTag(htmlFormiFrame, DATAURL_TAG, dataURL, true, ALL);
+ htmlFormiFrame = htmlFormiFrame.replaceAll("\"", "\\\"");
+ htmlFormiFrame = htmlFormiFrame.replaceAll("'", "\\\\'");
+
+ // add writeln('[data]') for each line in the iframe
+ BufferedReader reader = new BufferedReader(new StringReader(htmlFormiFrame));
+ String str;
+ String htmlFormiFrameWriteLn = "";
+ try {
+ while ((str = reader.readLine()) != null) {
+ if (str.length() > 0)
+ htmlFormiFrameWriteLn += "writeln('" + str + "');";
+ }
+ } catch(IOException e) {
+ throw new BuildException("builder.03", null);
+ }
+
+ htmlForm = replaceTag(htmlForm, MANDATE_TAG, htmlFormiFrameWriteLn, true, ALL);
+
+ }
+
+ }
+
+ return htmlForm;
+
}
+
/**
* Encodes a string for inclusion as a parameter in the form.
* Double quotes are substituted by <code>"&amp;quot;"</code>.
generated by cgit v1.2.3 (git 2.25.1) at 2024-07-10 05:28:09 +0000