1 files changed, 202 insertions, 0 deletions

diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/AuthServlet.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/AuthServlet.java
new file mode 100644
index 000000000..96e8e6dd6
--- /dev/null
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/AuthServlet.java
@@ -0,0 +1,202 @@
+package at.gv.egovernment.moa.id.auth.servlet;
+
+import java.io.ByteArrayOutputStream;
+import java.io.IOException;
+import java.io.InputStream;
+import java.util.Enumeration;
+import java.util.HashMap;
+import java.util.List;
+import java.util.Map;
+
+import javax.servlet.RequestDispatcher;
+import javax.servlet.ServletConfig;
+import javax.servlet.ServletContext;
+import javax.servlet.ServletException;
+import javax.servlet.http.HttpServlet;
+import javax.servlet.http.HttpServletRequest;
+import javax.servlet.http.HttpServletResponse;
+
+import org.apache.commons.fileupload.FileItem;
+import org.apache.commons.fileupload.FileItemFactory;
+import org.apache.commons.fileupload.FileUploadException;
+import org.apache.commons.fileupload.disk.DiskFileItemFactory;
+import org.apache.commons.fileupload.servlet.ServletFileUpload;
+
+import at.gv.egovernment.moa.id.auth.MOAIDAuthConstants;
+import at.gv.egovernment.moa.id.auth.WrongParametersException;
+import at.gv.egovernment.moa.logging.Logger;
+import at.gv.egovernment.moa.util.URLDecoder;
+
+/**
+ * Base class for MOA-ID Auth Servlets, providing standard error handling
+ * and constant names.
+ * 
+ * @author Paul Ivancsics
+ * @version $Id$
+ */
+public class AuthServlet extends HttpServlet implements MOAIDAuthConstants {
+
+
+  /**
+   * Handles an error. <br>
+   * <ul>
+   * <li>Logs the error</li>
+   * <li>Places error message and exception thrown into the request 
+   * 		 as request attributes (to be used by <code>"/errorpage-auth.jsp"</code>)</li>
+   * <li>Sets HTTP status 500 (internal server error)</li>
+   * </ul>
+   * 
+   * @param errorMessage error message
+   * @param exceptionThrown exception thrown
+   * @param req servlet request
+   * @param resp servlet response
+   */
+	protected void handleError(
+		String errorMessage, Throwable exceptionThrown, HttpServletRequest req, HttpServletResponse resp) {
+
+		
+		if(null != errorMessage) {
+			Logger.error(errorMessage);
+			req.setAttribute("ErrorMessage", errorMessage	);	
+		}
+		
+		if (null != exceptionThrown) {
+			if(null == errorMessage) errorMessage = exceptionThrown.getMessage();
+			Logger.error(errorMessage, exceptionThrown);
+			req.setAttribute("ExceptionThrown", exceptionThrown);
+		}
+				
+		//forward this to errorpage-auth.jsp where the HTML error page is generated
+		ServletContext context = getServletContext();
+		RequestDispatcher dispatcher = context.getRequestDispatcher("/errorpage-auth.jsp");
+		try {
+      dispatcher.forward(req, resp);
+    } catch (ServletException e) {
+      Logger.error(e);
+    } catch (IOException e) {
+			Logger.error(e);
+    }
+		
+	}
+  /**
+   * Handles a <code>WrongParametersException</code>.
+   * @param req servlet request
+   * @param resp servlet response
+   */
+  protected void handleWrongParameters(WrongParametersException ex, HttpServletRequest req, HttpServletResponse resp) {
+    Logger.error(ex.toString());
+    req.setAttribute("WrongParameters", ex.getMessage());
+
+    //	forward this to errorpage-auth.jsp where the HTML error page is generated 
+    ServletContext context = getServletContext();
+    RequestDispatcher dispatcher = context.getRequestDispatcher("/errorpage-auth.jsp");
+    try {
+      dispatcher.forward(req, resp);
+    } catch (ServletException e) {
+      Logger.error(e);
+    } catch (IOException e) {
+      Logger.error(e);
+    }
+  }
+  
+  /**
+   * Logs all servlet parameters for debugging purposes.
+   */
+  protected void logParameters(HttpServletRequest req) {
+    for (Enumeration params = req.getParameterNames(); params.hasMoreElements(); ) {
+      String parname = (String)params.nextElement();
+      Logger.debug("Parameter " + parname + req.getParameter(parname));    
+    }
+  }
+  
+  /**
+     * Parses the request input stream for parameters, assuming parameters are encoded UTF-8
+     * (no standard exists how browsers should encode them).
+     * 
+     * @param req servlet request
+     * 
+     * @return mapping parameter name -> value
+     * 
+     * @throws IOException if parsing request parameters fails.
+     * 
+     * @throws FileUploadException if parsing request parameters fails.
+     */
+  protected Map getParameters(HttpServletRequest req) 
+    throws IOException, FileUploadException {
+    
+    Map parameters = new HashMap();
+
+ 
+    if (ServletFileUpload.isMultipartContent(req))
+    {
+      // request is encoded as mulitpart/form-data
+      FileItemFactory factory = new DiskFileItemFactory();
+      ServletFileUpload upload = null;
+      upload = new ServletFileUpload(factory);
+      List items = null;
+      items = upload.parseRequest(req);
+      for (int i = 0; i < items.size(); i++)
+      {
+        FileItem item = (FileItem) items.get(i);
+        if (item.isFormField())
+        {
+          // Process only form fields - no file upload items
+          parameters.put(item.getFieldName(), item.getString("UTF-8"));
+          Logger.debug("Processed multipart/form-data request parameter: \nName: " +
+              item.getFieldName() + "\nValue: " + 
+              item.getString("UTF-8"));
+        }
+      }
+    }
+    
+    else
+    {
+      // request is encoded as application/x-www-urlencoded
+      InputStream in = req.getInputStream();
+
+      String paramName;
+      String paramValueURLEncoded;
+      do {
+        paramName = new String(readBytesUpTo(in, '='));
+        if (paramName.length() > 0) {
+          paramValueURLEncoded = readBytesUpTo(in, '&');
+          String paramValue = URLDecoder.decode(paramValueURLEncoded, "UTF-8");
+          parameters.put(paramName, paramValue);
+        }
+      }
+      while (paramName.length() > 0);
+      in.close();
+    }
+
+    return parameters;
+  }
+  
+  /**
+     * Reads bytes up to a delimiter, consuming the delimiter.
+     * @param in input stream
+     * @param delimiter delimiter character
+     * @return String constructed from the read bytes
+     * @throws IOException
+     */
+  protected String readBytesUpTo(InputStream in, char delimiter) throws IOException {
+    ByteArrayOutputStream bout = new ByteArrayOutputStream();
+    boolean done = false;
+    int b;
+    while (! done && (b = in.read()) >= 0) {
+      if (b == delimiter)
+        done = true;
+      else
+        bout.write(b);
+    }
+    return bout.toString();
+  }
+	
+	/**
+	 * Calls the web application initializer.
+	 * 
+	 * @see javax.servlet.Servlet#init(ServletConfig)
+	 */
+	public void init(ServletConfig servletConfig) throws ServletException {
+		super.init(servletConfig);
+	}
+}