1 files changed, 181 insertions, 0 deletions

diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/modules/internal/tasks/GetMISSessionIDTask.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/modules/internal/tasks/GetMISSessionIDTask.java
new file mode 100644
index 000000000..f08f96782
--- /dev/null
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/modules/internal/tasks/GetMISSessionIDTask.java
@@ -0,0 +1,181 @@
+package at.gv.egovernment.moa.id.auth.modules.internal.tasks;

+

+import static at.gv.egovernment.moa.id.auth.MOAIDAuthConstants.*;

+import iaik.pki.PKIException;

+

+import java.security.GeneralSecurityException;

+import java.util.List;

+

+import javax.net.ssl.SSLSocketFactory;

+import javax.servlet.http.HttpServletRequest;

+import javax.servlet.http.HttpServletResponse;

+import javax.xml.parsers.ParserConfigurationException;

+

+import org.apache.commons.lang.StringEscapeUtils;

+import org.xml.sax.SAXException;

+

+import at.gv.egovernment.moa.id.auth.AuthenticationServer;

+import at.gv.egovernment.moa.id.auth.builder.DataURLBuilder;

+import at.gv.egovernment.moa.id.auth.data.AuthenticationSession;

+import at.gv.egovernment.moa.id.auth.exception.AuthenticationException;

+import at.gv.egovernment.moa.id.auth.exception.MOAIDException;

+import at.gv.egovernment.moa.id.auth.exception.WrongParametersException;

+import at.gv.egovernment.moa.id.auth.modules.AbstractAuthServletTask;

+import at.gv.egovernment.moa.id.commons.db.ConfigurationDBUtils;

+import at.gv.egovernment.moa.id.config.ConnectionParameter;

+import at.gv.egovernment.moa.id.config.auth.AuthConfigurationProvider;

+import at.gv.egovernment.moa.id.moduls.ModulUtils;

+import at.gv.egovernment.moa.id.process.api.ExecutionContext;

+import at.gv.egovernment.moa.id.protocols.pvp2x.PVPConstants;

+import at.gv.egovernment.moa.id.storage.AuthenticationSessionStoreage;

+import at.gv.egovernment.moa.id.util.ParamValidatorUtils;

+import at.gv.egovernment.moa.id.util.SSLUtils;

+import at.gv.egovernment.moa.id.util.client.mis.simple.MISMandate;

+import at.gv.egovernment.moa.id.util.client.mis.simple.MISSimpleClient;

+import at.gv.egovernment.moa.logging.Logger;

+import at.gv.egovernment.moa.util.DOMUtils;

+

+/**

+ * Retrieves a mandate from the online mandate issuing service.<p/>

+ * In detail:

+ * <ul>

+ * <li>Renames the moa session id.</li>

+ * <li>Retrieves the mandate referenced within the moa session from the online (external) mandate issuing service.</li>

+ * <li>Verifies the mandate.</li>

+ * <li>Puts mandate into moa session.</li>

+ * <li>Redirects back to {@code /dispatcher} in order to finalize the authentication.</li>

+ * </ul>

+ * Expects:

+ * <ul>

+ * <li>HttpServletRequest parameter {@linkplain at.gv.egovernment.moa.id.auth.MOAIDAuthConstants#PARAM_SESSIONID PARAM_SESSIONID}</li>

+ * </ul>

+ * Result:

+ * <ul>

+ * <li>Mandate put into moa session.</li>

+ * <li>Redirect to {@code /dispatcher}.</li>

+ * </ul>

+ * Code taken from {@link at.gv.egovernment.moa.id.auth.servlet.GetMISSessionIDServlet}.

+ * @see #execute(ExecutionContext, HttpServletRequest, HttpServletResponse)

+ *

+ */

+public class GetMISSessionIDTask extends AbstractAuthServletTask {

+

+	@Override

+	public void execute(ExecutionContext executionContext, HttpServletRequest req, HttpServletResponse resp)

+			throws Exception {

+		

+		Logger.debug("POST GetMISSessionIDServlet");

+

+		String sessionID = req.getParameter(PARAM_SESSIONID);

+

+		// escape parameter strings

+		sessionID = StringEscapeUtils.escapeHtml(sessionID);

+

+		AuthenticationSession session = null;

+		String pendingRequestID = null;

+		try {

+			// check parameter

+			if (!ParamValidatorUtils.isValidSessionID(sessionID))

+				throw new WrongParametersException("VerifyCertificate",

+						PARAM_SESSIONID, "auth.12");

+

+			pendingRequestID = AuthenticationSessionStoreage.getPendingRequestID(sessionID);

+			

+			session = AuthenticationServer.getSession(sessionID);

+

+			//change MOASessionID

+		    sessionID = AuthenticationSessionStoreage.changeSessionID(session);

+			

+			String misSessionID = session.getMISSessionID();

+

+			AuthConfigurationProvider authConf = AuthConfigurationProvider

+					.getInstance();

+			ConnectionParameter connectionParameters = authConf

+					.getOnlineMandatesConnectionParameter();

+			SSLSocketFactory sslFactory = SSLUtils.getSSLSocketFactory(

+					AuthConfigurationProvider.getInstance(),

+					connectionParameters);

+

+			List<MISMandate> list = MISSimpleClient.sendGetMandatesRequest(

+					connectionParameters.getUrl(), misSessionID, sslFactory);

+

+			if (list == null || list.size() == 0) {

+				Logger.error("Keine Vollmacht gefunden.");

+				throw new AuthenticationException("auth.15", null);

+			}

+

+			// for now: list contains only one element

+			MISMandate mandate = (MISMandate) list.get(0);

+

+			// TODO[tlenz]: UTF-8 ?

+			String sMandate = new String(mandate.getMandate());

+			if (sMandate == null || sMandate.compareToIgnoreCase("") == 0) {

+				Logger.error("Mandate is empty.");

+				throw new AuthenticationException("auth.15",

+						new Object[] { GET_MIS_SESSIONID });

+			}

+						

+			//check if it is a parsable XML

+			byte[] byteMandate = mandate.getMandate();

+			// TODO[tlenz]: UTF-8 ?

+			String stringMandate = new String(byteMandate);

+			DOMUtils.parseDocument(stringMandate, false,

+					null, null).getDocumentElement();

+			

+			// extract RepresentationType

+			AuthenticationServer.getInstance().verifyMandate(session, mandate);

+			

+			session.setMISMandate(mandate);

+			session.setAuthenticatedUsed(false);

+			session.setAuthenticated(true);

+			

+	    	//set QAA Level four in case of card authentifcation

+	    	session.setQAALevel(PVPConstants.STORK_QAA_1_4);

+			

+			String oldsessionID = session.getSessionID();

+			

+			//Session is implicite stored in changeSessionID!!!

+			String newMOASessionID = AuthenticationSessionStoreage.changeSessionID(session);

+			

+			Logger.info("Changed MOASession " + oldsessionID + " to Session " + newMOASessionID);

+			Logger.info("Daten angelegt zu MOASession " + newMOASessionID);

+						

+			String redirectURL = new DataURLBuilder().buildDataURL(

+					session.getAuthURL(),

+					ModulUtils.buildAuthURL(session.getModul(),

+							session.getAction(), pendingRequestID), newMOASessionID);

+			redirectURL = resp.encodeRedirectURL(redirectURL);

+			

+			// TODO[branch]: Final step back to /dispatcher

+			

+			resp.setContentType("text/html");

+			resp.setStatus(302);

+			resp.addHeader("Location", redirectURL);

+			Logger.debug("REDIRECT TO: " + redirectURL);

+

+		} catch (MOAIDException ex) {

+			handleError(null, ex, req, resp, pendingRequestID);

+			

+		} catch (GeneralSecurityException ex) {

+			handleError(null, ex, req, resp, pendingRequestID);

+			

+		} catch (PKIException e) {

+			handleError(null, e, req, resp, pendingRequestID);

+			

+		} catch (SAXException e) {

+			handleError(null, e, req, resp, pendingRequestID);

+			

+		} catch (ParserConfigurationException e) {

+			handleError(null, e, req, resp, pendingRequestID);

+			

+	    } catch (Exception e) {

+	    	Logger.error("MISMandateValidation has an interal Error.", e);

+	       

+	    }

+	    finally {

+	    	ConfigurationDBUtils.closeSession();

+	    }

+		

+	}

+

+}