diff options
Diffstat (limited to 'id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/GUILayoutBuilderServlet.java')
-rw-r--r-- | id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/GUILayoutBuilderServlet.java | 126 |
1 files changed, 126 insertions, 0 deletions
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/GUILayoutBuilderServlet.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/GUILayoutBuilderServlet.java new file mode 100644 index 000000000..1d9a57b48 --- /dev/null +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/GUILayoutBuilderServlet.java @@ -0,0 +1,126 @@ +/* + * Copyright 2014 Federal Chancellery Austria + * MOA-ID has been developed in a cooperation between BRZ, the Federal + * Chancellery Austria - ICT staff unit, and Graz University of Technology. + * + * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by + * the European Commission - subsequent versions of the EUPL (the "Licence"); + * You may not use this work except in compliance with the Licence. + * You may obtain a copy of the Licence at: + * http://www.osor.eu/eupl/ + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the Licence is distributed on an "AS IS" basis, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the Licence for the specific language governing permissions and + * limitations under the Licence. + * + * This product combines work with different licenses. See the "NOTICE" text + * file for details on the various modules and licenses. + * The "NOTICE" text file is part of the distribution. Any derivative works + * that you distribute must include a readable copy of the "NOTICE" text file. + */ +package at.gv.egovernment.moa.id.auth.servlet; + +import java.io.IOException; +import java.io.PrintWriter; + +import javax.servlet.http.HttpServletRequest; +import javax.servlet.http.HttpServletResponse; + +import org.apache.commons.lang.StringEscapeUtils; +import org.springframework.beans.factory.annotation.Autowired; +import org.springframework.stereotype.Controller; +import org.springframework.web.bind.annotation.RequestMapping; +import org.springframework.web.bind.annotation.RequestMethod; + +import at.gv.egovernment.moa.id.auth.MOAIDAuthConstants; +import at.gv.egovernment.moa.id.auth.builder.GUILayoutBuilder; +import at.gv.egovernment.moa.id.config.auth.AuthConfiguration; +import at.gv.egovernment.moa.id.moduls.IRequest; +import at.gv.egovernment.moa.id.moduls.IRequestStorage; +import at.gv.egovernment.moa.id.util.HTTPUtils; +import at.gv.egovernment.moa.logging.Logger; +import at.gv.egovernment.moa.util.MiscUtil; + +/** + * @author tlenz + * + */ +@Controller +public class GUILayoutBuilderServlet extends AbstractController { + + public static final String ENDPOINT_CSS = "/css/buildCSS"; + public static final String ENDPOINT_JS = "/js/buildJS"; + + @Autowired AuthConfiguration authConfig; + @Autowired IRequestStorage requestStoreage; + + public GUILayoutBuilderServlet() { + super(); + Logger.debug("Registering servlet " + getClass().getName() + + " with mappings '" + ENDPOINT_CSS + + "' and '" + ENDPOINT_JS + "'."); + + } + + @RequestMapping(value = "/css/buildCSS", method = {RequestMethod.GET}) + public void buildCSS(HttpServletRequest req, HttpServletResponse resp) throws IOException { + IRequest pendingReq = extractPendingRequest(req); + + //build Service-Provider specific CSS + String css = GUILayoutBuilder.buildCSS(pendingReq, HTTPUtils.extractAuthURLFromRequest(req)); + + resp.setContentType("text/css;charset=UTF-8"); + writeResponse(resp, css, "CSS"); + + } + + @RequestMapping(value = "/js/buildJS", method = {RequestMethod.GET}) + public void buildJavaScript(HttpServletRequest req, HttpServletResponse resp) throws IOException { + IRequest pendingReq = extractPendingRequest(req); + + //build Service-Provider specific CSS + String js = GUILayoutBuilder.buildJS(pendingReq, HTTPUtils.extractAuthURLFromRequest(req)); + + resp.setContentType("text/javascript;charset=UTF-8"); + writeResponse(resp, js, "JavaScript"); + + } + + private void writeResponse(HttpServletResponse resp, String value, String ressourceID) throws IOException { + if (MiscUtil.isNotEmpty(value)) { + PrintWriter out = new PrintWriter(resp.getOutputStream()); + out.print(value); + out.flush(); + + } else { + Logger.warn("GUI ressource: " + ressourceID + " generation FAILED."); + resp.sendError(HttpServletResponse.SC_INTERNAL_SERVER_ERROR, "Created resource failed"); + + } + + } + + private IRequest extractPendingRequest(HttpServletRequest req) { + try { + String authURL = HTTPUtils.extractAuthURLFromRequest(req); + String pendingReqID = StringEscapeUtils.escapeHtml( + req.getParameter(MOAIDAuthConstants.PARAM_TARGET_PENDINGREQUESTID)); + + if (MiscUtil.isNotEmpty(pendingReqID) && authConfig.getPublicURLPrefix().contains(authURL)) { + IRequest pendingReq = requestStorage.getPendingRequest(pendingReqID); + if (pendingReq != null) + return pendingReq; + + } + + Logger.info("Prohibit GUI-Layout builder-request. No pending-request or wrong auth-URL."); + + } catch (Exception e) { + Logger.warn("GUI-Layout builder-servlet has an error during request-preprocessing.", e); + } + + return null; + } +} |