diff options
Diffstat (limited to 'id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/builder/GetIdentityLinkFormBuilder.java')
-rw-r--r-- | id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/builder/GetIdentityLinkFormBuilder.java | 235 |
1 files changed, 187 insertions, 48 deletions
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/builder/GetIdentityLinkFormBuilder.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/builder/GetIdentityLinkFormBuilder.java index 9bab8643f..dcaed084a 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/builder/GetIdentityLinkFormBuilder.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/builder/GetIdentityLinkFormBuilder.java @@ -15,11 +15,19 @@ */ package at.gv.egovernment.moa.id.auth.builder; +import java.io.BufferedReader; import java.io.IOException; import java.io.StringReader; import java.io.StringWriter; +import at.gv.egovernment.moa.id.AuthenticationException; import at.gv.egovernment.moa.id.BuildException; +import at.gv.egovernment.moa.id.config.ConfigurationException; +import at.gv.egovernment.moa.id.config.OnlineMandatesTemplates; +import at.gv.egovernment.moa.id.config.auth.AuthConfigurationProvider; +import at.gv.egovernment.moa.id.config.auth.OAAuthParameter; +import at.gv.egovernment.moa.logging.Logger; +import at.gv.egovernment.moa.util.FileUtils; /** * Builder for HTML form requesting the security layer implementation @@ -43,6 +51,8 @@ public class GetIdentityLinkFormBuilder extends Builder { private static final String CERTINFO_DATAURL_TAG = "<CertInfoDataURL>"; /** special tag in the HTML template to be substituted for the infoboxes to be pushed from the BKU */ private static final String PUSHINFOBOX_TAG = "<PushInfobox>"; + /** special tag in the HTML template to be substituted for the BKU URL */ + private static final String MANDATE_TAG = "<Mandate>"; /** private static int all contains the representation to replace all tags*/ private static final int ALL = -1; @@ -83,48 +93,101 @@ public class GetIdentityLinkFormBuilder extends Builder { "</body>" + nl + "</html>"; - /** default HTML template */ - private static final String DEFAULT_HTML_TEMPLATE_FOR_MANDATES = + /** default HTML template for mandates */ + private static final String DEFAULT_HTML_TEMPLATE_FOR_MANDATES_OLD = "<html>" + nl + "<head>" + nl + - "<meta http-equiv=\"content-type\" content=\"text/html; charset=UTF-8\">" + nl + + "<meta http-equiv=\"content-type\" content=\"text/html; charset=UTF-8\">" + nl + "<title>Vollmachten-Anmeldung</title>" + nl + - "<script type=\"text/javascript\">" + nl + - "window.onload=function() {" + nl + - "document.VollmachtenForm.submit();" + nl + - "document.VollmachtenForm.Senden.disabled=true;" + nl + - "return;" + nl + - "}" + nl + - "</script>" + nl + - "</head>" + nl + - "<body>" + nl + - "<form name=\"VollmachtenForm\"" + nl + - " action=\"" + BKU_TAG + "\"" + nl + - " method=\"post\">" + nl + - " <input type=\"hidden\" " + nl + - " name=\"XMLRequest\"" + nl + - " value=\"" + XMLREQUEST_TAG + "\"/>" + nl + - " <input type=\"hidden\" " + nl + - " name=\"DataURL\"" + nl + - " value=\"" + DATAURL_TAG + "\"/>" + nl + - " <input type=\"hidden\" " + nl + - " name=\"PushInfobox\"" + nl + - " value=\"" + PUSHINFOBOX_TAG + "\"/>" + nl + - " <input type=\"submit\" value=\"Starte Signatur\" name=\"Senden\"/>" + nl + - "</form>" + nl + - "<form name=\"CertificateInfoForm\"" + nl + - " action=\"" + BKU_TAG + "\"" + nl + - " method=\"post\">" + nl + - " <input type=\"hidden\" " + nl + - " name=\"XMLRequest\"" + nl + - " value=\"" + CERTINFO_XMLREQUEST_TAG + "\"/>" + nl + - " <input type=\"hidden\" " + nl + - " name=\"DataURL\"" + nl + - " value=\"" + CERTINFO_DATAURL_TAG + "\"/>" + nl + -// " <input type=\"submit\" value=\"Information zu Wurzelzertifikaten\"/>" + nl + - " <input type=\"hidden\" value=\"Information zu Wurzelzertifikaten\"/>" + nl + - "</form>" + nl + - "</body>" + nl + + "<script language=\"javascript\">" + nl + + " function fillFrame() {" + nl + + " var f = top.frames['mandate'];" + nl + + " with (f.document) {" + nl + + " open();" + nl + + " <Mandate>" + nl + + " close();" + nl + + " }" + nl + + " }" + nl + + "</script>" + nl + + "</head>" + nl + + "<body onLoad=\"fillFrame(); return false;\">" + nl + + "<h2>Vollmachten-Anmeldung</h2>" + nl + + "<iframe name=\"mandate\" src=\"\" frameborder=\"0\" width=\"250\" height=\"400\"></iframe>" + nl + + "</body>" + nl + + "</html>"; + + + /** default HTML template - iFrame */ + private static final String DEFAULT_HTML_TEMPLATE_IFRAME_FOR_MANDATES_OLD = + "<html>" + + "<head>" + + //"<base target=\"_parent\">" + + "<meta http-equiv=\"content-type\" content=\"text/html; charset=UTF-8\">" + + "<title>Vollmachten-Anmeldung</title>" + + "</head>" + + "<body onLoad=\"document.VollmachtenForm.submit();\">" + + "<form name=\"VollmachtenForm\"" + + " action=\"" + BKU_TAG + "\"" + + " method=\"post\">" + + " <input type=\"hidden\" " + + " name=\"XMLRequest\"" + + " value=\"" + XMLREQUEST_TAG + "\"/>" + + " <input type=\"hidden\" " + + " name=\"DataURL\"" + + " value=\"" + DATAURL_TAG + "\"/>" + + " <input type=\"hidden\" " + + " name=\"PushInfobox\"" + + " value=\"" + PUSHINFOBOX_TAG + "\"/>" + + " <input type=\"submit\" value=\"Starte Signatur\" name=\"Senden\"/>" + + "</form>" + + "<form name=\"CertificateInfoForm\"" + + " action=\"" + BKU_TAG + "\"" + + " method=\"post\">" + + " <input type=\"hidden\" " + + " name=\"XMLRequest\"" + + " value=\"" + CERTINFO_XMLREQUEST_TAG + "\"/>" + + " <input type=\"hidden\" " + + " name=\"DataURL\"" + + " value=\"" + CERTINFO_DATAURL_TAG + "\"/>" + + " <input type=\"hidden\" value=\"Information zu Wurzelzertifikaten\"/>" + + "</form>" + + "</body>" + + "</html>"; + + /** default HTML template for Online mandates */ + private static final String DEFAULT_HTML_TEMPLATE_IFRAME_FOR_MANDATES = + "<html>" + + "<head>" + + "<meta http-equiv=\"content-type\" content=\"text/html; charset=UTF-8\">" + + "<title>Vollmachten-Anmeldung</title>" + + "</head>" + + "<body onLoad=\"document.VollmachtenForm.submit();\">" + + "<form name=\"VollmachtenForm\"" + + " action=\"" + BKU_TAG + "\"" + + " method=\"post\">" + + " <input type=\"hidden\" " + + " name=\"XMLRequest\"" + + " value=\"" + XMLREQUEST_TAG + "\"/>" + + " <input type=\"hidden\" " + + " name=\"DataURL\"" + + " value=\"" + DATAURL_TAG + "\"/>" + + " <input type=\"hidden\" " + + " name=\"PushInfobox\"" + + " value=\"" + PUSHINFOBOX_TAG + "\"/>" + + " <input type=\"submit\" value=\"Starte Signatur\" name=\"Senden\"/>" + + "</form>" + + "<form name=\"CertificateInfoForm\"" + + " action=\"" + BKU_TAG + "\"" + + " method=\"post\">" + + " <input type=\"hidden\" " + + " name=\"XMLRequest\"" + + " value=\"" + CERTINFO_XMLREQUEST_TAG + "\"/>" + + " <input type=\"hidden\" " + + " name=\"DataURL\"" + + " value=\"" + CERTINFO_DATAURL_TAG + "\"/>" + + " <input type=\"hidden\" value=\"Information zu Wurzelzertifikaten\"/>" + + "</form>" + + "</body>" + "</html>"; /** @@ -167,25 +230,101 @@ public class GetIdentityLinkFormBuilder extends Builder { /** * Builds the HTML form, including XML Request and data URL as parameters. * - * @param htmlTemplate template to be used for the HTML form; - * may be <code>null</code>, in this case a default layout will be produced * @param xmlRequest XML Request to be sent as a parameter in the form * @param bkuURL URL of the "Bürgerkartenumgebung" the form will be submitted to; * may be <code>null</code>, in this case the default URL will be used * @param dataURL DataURL to be sent as a parameter in the form */ public String buildCreateSignature( - String bkuURL, + String bkuURL, String xmlRequest, - String dataURL) + String dataURL, + String oaUrl) throws BuildException { - String htmlForm = DEFAULT_HTML_TEMPLATE_FOR_MANDATES; - htmlForm = replaceTag(htmlForm, BKU_TAG, bkuURL, true, ALL); - htmlForm = replaceTag(htmlForm, XMLREQUEST_TAG, encodeParameter(xmlRequest), true, ALL); - htmlForm = replaceTag(htmlForm, DATAURL_TAG, dataURL, true, ALL); - return htmlForm; + String htmlForm = ""; + OAAuthParameter oaParam; + try { + oaParam = AuthConfigurationProvider.getInstance().getOnlineApplicationParameter(oaUrl); + } catch (ConfigurationException e) { + Logger.error("Error on building HTMl form for online mandates: " + e.getMessage()); + throw new BuildException("builder.03", null); + } + + OnlineMandatesTemplates[] templatesOnlineMandates = oaParam.getTemplateOnlineMandates(); + if (templatesOnlineMandates == null) { + // no templates given + htmlForm = DEFAULT_HTML_TEMPLATE_IFRAME_FOR_MANDATES; + htmlForm = replaceTag(htmlForm, BKU_TAG, bkuURL, true, ALL); + htmlForm = replaceTag(htmlForm, XMLREQUEST_TAG, encodeParameter(xmlRequest), true, ALL); + htmlForm = replaceTag(htmlForm, DATAURL_TAG, dataURL, true, ALL); + } else { + String moaidTemplateUrl = null; + String mandateTemplateUrl = null; + // check for configured bku URL + for (int i = 0; i < templatesOnlineMandates.length; i++) { + if (templatesOnlineMandates[i].getBkuURL().compareToIgnoreCase(bkuURL) == 0) { + moaidTemplateUrl = templatesOnlineMandates[i].getMoaIdTemplateURL(); + mandateTemplateUrl = templatesOnlineMandates[i].getMandatesTemplateURL(); + } + } + if (moaidTemplateUrl == null || mandateTemplateUrl == null) { + Logger.debug("Configured and used BKU URL are not equal. So standard template is used."); + htmlForm = DEFAULT_HTML_TEMPLATE_IFRAME_FOR_MANDATES; + htmlForm = replaceTag(htmlForm, BKU_TAG, bkuURL, true, ALL); + htmlForm = replaceTag(htmlForm, XMLREQUEST_TAG, encodeParameter(xmlRequest), true, ALL); + htmlForm = replaceTag(htmlForm, DATAURL_TAG, dataURL, true, ALL); + } else { + // use configured templates + String moaidTemplate; + String mandateTemplate; + try { + moaidTemplate = new String(FileUtils.readURL(moaidTemplateUrl)); + } catch (IOException ex) { + throw new BuildException("auth.03", new Object[] { moaidTemplateUrl, ex.toString()},ex); + } + try { + mandateTemplate = new String(FileUtils.readURL(mandateTemplateUrl)); + } catch (IOException ex) { + throw new BuildException("auth.03", new Object[] { mandateTemplateUrl, ex.toString()},ex); + } + + + // Mandatem template with iFrame + htmlForm = mandateTemplate; + + + // HTML form with XML signature request, which is filled into the iFrame + String htmlFormiFrame = moaidTemplate; + htmlFormiFrame = replaceTag(htmlFormiFrame, BKU_TAG, bkuURL, true, ALL); + htmlFormiFrame = replaceTag(htmlFormiFrame, XMLREQUEST_TAG, encodeParameter(xmlRequest), true, ALL); + htmlFormiFrame = replaceTag(htmlFormiFrame, DATAURL_TAG, dataURL, true, ALL); + htmlFormiFrame = htmlFormiFrame.replaceAll("\"", "\\\""); + htmlFormiFrame = htmlFormiFrame.replaceAll("'", "\\\\'"); + + // add writeln('[data]') for each line in the iframe + BufferedReader reader = new BufferedReader(new StringReader(htmlFormiFrame)); + String str; + String htmlFormiFrameWriteLn = ""; + try { + while ((str = reader.readLine()) != null) { + if (str.length() > 0) + htmlFormiFrameWriteLn += "writeln('" + str + "');"; + } + } catch(IOException e) { + throw new BuildException("builder.03", null); + } + + htmlForm = replaceTag(htmlForm, MANDATE_TAG, htmlFormiFrameWriteLn, true, ALL); + + } + + } + + return htmlForm; + } + /** * Encodes a string for inclusion as a parameter in the form. * Double quotes are substituted by <code>"&quot;"</code>. |