1 files changed, 125 insertions, 103 deletions

diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/GetForeignIDServlet.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/GetForeignIDServlet.java
index bc8693b55..2c8b3fb33 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/GetForeignIDServlet.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/GetForeignIDServlet.java
@@ -1,60 +1,82 @@
-/*
- * Copyright 2003 Federal Chancellery Austria
- * MOA-ID has been developed in a cooperation between BRZ, the Federal
- * Chancellery Austria - ICT staff unit, and Graz University of Technology.
- *
- * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by
- * the European Commission - subsequent versions of the EUPL (the "Licence");
- * You may not use this work except in compliance with the Licence.
- * You may obtain a copy of the Licence at:
- * http://www.osor.eu/eupl/
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the Licence is distributed on an "AS IS" basis,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the Licence for the specific language governing permissions and
- * limitations under the Licence.
- *
- * This product combines work with different licenses. See the "NOTICE" text
- * file for details on the various modules and licenses.
- * The "NOTICE" text file is part of the distribution. Any derivative works
- * that you distribute must include a readable copy of the "NOTICE" text file.
- */
-
-
+/*******************************************************************************

+ * Copyright 2014 Federal Chancellery Austria

+ * MOA-ID has been developed in a cooperation between BRZ, the Federal

+ * Chancellery Austria - ICT staff unit, and Graz University of Technology.

+ * 

+ * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by

+ * the European Commission - subsequent versions of the EUPL (the "Licence");

+ * You may not use this work except in compliance with the Licence.

+ * You may obtain a copy of the Licence at:

+ * http://www.osor.eu/eupl/

+ * 

+ * Unless required by applicable law or agreed to in writing, software

+ * distributed under the Licence is distributed on an "AS IS" basis,

+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.

+ * See the Licence for the specific language governing permissions and

+ * limitations under the Licence.

+ * 

+ * This product combines work with different licenses. See the "NOTICE" text

+ * file for details on the various modules and licenses.

+ * The "NOTICE" text file is part of the distribution. Any derivative works

+ * that you distribute must include a readable copy of the "NOTICE" text file.

+ ******************************************************************************/

+/*

+ * Copyright 2003 Federal Chancellery Austria

+ * MOA-ID has been developed in a cooperation between BRZ, the Federal

+ * Chancellery Austria - ICT staff unit, and Graz University of Technology.

+ *

+ * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by

+ * the European Commission - subsequent versions of the EUPL (the "Licence");

+ * You may not use this work except in compliance with the Licence.

+ * You may obtain a copy of the Licence at:

+ * http://www.osor.eu/eupl/

+ *

+ * Unless required by applicable law or agreed to in writing, software

+ * distributed under the Licence is distributed on an "AS IS" basis,

+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.

+ * See the Licence for the specific language governing permissions and

+ * limitations under the Licence.

+ *

+ * This product combines work with different licenses. See the "NOTICE" text

+ * file for details on the various modules and licenses.

+ * The "NOTICE" text file is part of the distribution. Any derivative works

+ * that you distribute must include a readable copy of the "NOTICE" text file.

+ */

+

+

 package at.gv.egovernment.moa.id.auth.servlet;

 

-import java.io.IOException;
-import java.security.cert.CertificateException;
-import java.util.Map;
-
-import javax.servlet.ServletException;
-import javax.servlet.http.HttpServletRequest;
-import javax.servlet.http.HttpServletResponse;
-import javax.xml.transform.TransformerException;
-
-import org.apache.commons.fileupload.FileUploadException;
-import org.apache.commons.lang.StringEscapeUtils;
-import org.w3c.dom.Element;
-
-import at.gv.egovernment.moa.id.auth.AuthenticationServer;
-import at.gv.egovernment.moa.id.auth.MOAIDAuthConstants;
-import at.gv.egovernment.moa.id.auth.builder.DataURLBuilder;
-import at.gv.egovernment.moa.id.auth.data.AuthenticationSession;
-import at.gv.egovernment.moa.id.auth.data.CreateXMLSignatureResponse;
-import at.gv.egovernment.moa.id.auth.data.IdentityLink;
-import at.gv.egovernment.moa.id.auth.exception.MOAIDException;
-import at.gv.egovernment.moa.id.auth.exception.WrongParametersException;
-import at.gv.egovernment.moa.id.auth.parser.CreateXMLSignatureResponseParser;
-import at.gv.egovernment.moa.id.auth.parser.IdentityLinkAssertionParser;
-import at.gv.egovernment.moa.id.auth.validator.parep.client.szrgw.CreateIdentityLinkResponse;
-import at.gv.egovernment.moa.id.auth.validator.parep.client.szrgw.SZRGWClientException;
-import at.gv.egovernment.moa.id.commons.db.ex.MOADatabaseException;
-import at.gv.egovernment.moa.id.moduls.ModulUtils;
-import at.gv.egovernment.moa.id.storage.AuthenticationSessionStoreage;
-import at.gv.egovernment.moa.id.util.ParamValidatorUtils;
-import at.gv.egovernment.moa.logging.Logger;
-import at.gv.egovernment.moa.util.DOMUtils;
+import java.io.IOException;

+import java.security.cert.CertificateException;

+import java.util.Map;

+

+import javax.servlet.ServletException;

+import javax.servlet.http.HttpServletRequest;

+import javax.servlet.http.HttpServletResponse;

+import javax.xml.transform.TransformerException;

+

+import org.apache.commons.fileupload.FileUploadException;

+import org.apache.commons.lang.StringEscapeUtils;

+import org.w3c.dom.Element;

+

+import at.gv.egovernment.moa.id.auth.AuthenticationServer;

+import at.gv.egovernment.moa.id.auth.MOAIDAuthConstants;

+import at.gv.egovernment.moa.id.auth.builder.DataURLBuilder;

+import at.gv.egovernment.moa.id.auth.data.AuthenticationSession;

+import at.gv.egovernment.moa.id.auth.data.CreateXMLSignatureResponse;

+import at.gv.egovernment.moa.id.auth.data.IdentityLink;

+import at.gv.egovernment.moa.id.auth.exception.MOAIDException;

+import at.gv.egovernment.moa.id.auth.exception.WrongParametersException;

+import at.gv.egovernment.moa.id.auth.parser.CreateXMLSignatureResponseParser;

+import at.gv.egovernment.moa.id.auth.parser.IdentityLinkAssertionParser;

+import at.gv.egovernment.moa.id.auth.validator.parep.client.szrgw.CreateIdentityLinkResponse;

+import at.gv.egovernment.moa.id.auth.validator.parep.client.szrgw.SZRGWClientException;

+import at.gv.egovernment.moa.id.commons.db.ex.MOADatabaseException;

+import at.gv.egovernment.moa.id.moduls.ModulUtils;

+import at.gv.egovernment.moa.id.storage.AuthenticationSessionStoreage;

+import at.gv.egovernment.moa.id.util.ParamValidatorUtils;

+import at.gv.egovernment.moa.logging.Logger;

+import at.gv.egovernment.moa.util.DOMUtils;

 

 /**

  * Servlet requested for getting the foreign eID

@@ -64,11 +86,11 @@ import at.gv.egovernment.moa.util.DOMUtils;
  */

 public class GetForeignIDServlet extends AuthServlet {

 

-  /**
-	 * 
-	 */
-	private static final long serialVersionUID = -3415644214702379483L;
-
+  /**

+	 * 

+	 */

+	private static final long serialVersionUID = -3415644214702379483L;

+

 /**

    * Constructor for GetForeignIDServlet.

    */

@@ -114,9 +136,9 @@ public class GetForeignIDServlet extends AuthServlet {
 		resp.setHeader(MOAIDAuthConstants.HEADER_CACHE_CONTROL,MOAIDAuthConstants.HEADER_VALUE_CACHE_CONTROL);

 		resp.addHeader(MOAIDAuthConstants.HEADER_CACHE_CONTROL,MOAIDAuthConstants.HEADER_VALUE_CACHE_CONTROL_IE);

 		

-		Map<String, String> parameters;
-		
-		String pendingRequestID = null;
+		Map<String, String> parameters;

+		

+		String pendingRequestID = null;

 		

 	    try 

 	    {

@@ -126,7 +148,7 @@ public class GetForeignIDServlet extends AuthServlet {
 	      Logger.error("Parsing mulitpart/form-data request parameters failed: " + e.getMessage());

 	      throw new IOException(e.getMessage());

 	     	}

-	    String sessionID = req.getParameter(PARAM_SESSIONID);
+	    String sessionID = req.getParameter(PARAM_SESSIONID);

 	    pendingRequestID = AuthenticationSessionStoreage.getPendingRequestID(sessionID);

 	    

 	    // escape parameter strings

@@ -152,13 +174,13 @@ public class GetForeignIDServlet extends AuthServlet {
 	    	CreateXMLSignatureResponse csresp =

 	    	      new CreateXMLSignatureResponseParser(xmlCreateXMLSignatureResponse).parseResponseDsig();

 

-	    	Element signature = csresp.getDsigSignature();
-	    	
-	    	try {
-				session.setSignerCertificate(AuthenticationServer.getCertificateFromXML(signature));
-			} catch (CertificateException e) {
-				Logger.error("Could not extract certificate from CreateXMLSignatureResponse");
-				throw new MOAIDException("auth.14", null);
+	    	Element signature = csresp.getDsigSignature();

+	    	

+	    	try {

+				session.setSignerCertificate(AuthenticationServer.getCertificateFromXML(signature));

+			} catch (CertificateException e) {

+				Logger.error("Could not extract certificate from CreateXMLSignatureResponse");

+				throw new MOAIDException("auth.14", null);

 			}

 	    	

 	    	// make SZR request to the identity link

@@ -180,41 +202,41 @@ public class GetForeignIDServlet extends AuthServlet {
 		    	

 		    	IdentityLinkAssertionParser ilParser = new IdentityLinkAssertionParser(samlAssertion);

 		    	IdentityLink identitylink = ilParser.parseIdentityLink();

-		    	session.setIdentityLink(identitylink);
+		    	session.setIdentityLink(identitylink);

 		    	

 		    	String samlArtifactBase64 = 

-		    		AuthenticationServer.getInstance().getForeignAuthenticationData(session);
-		    	
-		    	
-	    		//session is implicit stored in changeSessionID!!!! 
-	    		String newMOASessionID = AuthenticationSessionStoreage.changeSessionID(session);
-	    		
-	    		Logger.info("Changed MOASession " + sessionID + " to Session " + newMOASessionID);
-	    		Logger.info("Daten angelegt zu MOASession " + newMOASessionID);
-		    	
-		    	if (!samlArtifactBase64.equals("Redirect to Input Processor")) {
-		    		/*redirectURL = session.getOAURLRequested();
-		    		if (!session.getBusinessService()) {
-		    			redirectURL = addURLParameter(redirectURL, PARAM_TARGET, URLEncoder.encode(session.getTarget(), "UTF-8"));
-		    		}
-		    		redirectURL = addURLParameter(redirectURL, PARAM_SAMLARTIFACT, URLEncoder.encode(samlArtifactBase64, "UTF-8"));
-		    		redirectURL = resp.encodeRedirectURL(redirectURL);*/
-		    							
-		    		redirectURL = new DataURLBuilder().buildDataURL(session.getAuthURL(), 
-							ModulUtils.buildAuthURL(session.getModul(), session.getAction(), pendingRequestID), newMOASessionID);
-		    		redirectURL = resp.encodeRedirectURL(redirectURL);
-		    		
-		    	} else {				    		
-		    		redirectURL = new DataURLBuilder().buildDataURL(session.getAuthURL(), AuthenticationServer.REQ_PROCESS_VALIDATOR_INPUT, newMOASessionID);
-		    		
+		    		AuthenticationServer.getInstance().getForeignAuthenticationData(session);

+		    	

+		    	

+	    		//session is implicit stored in changeSessionID!!!! 

+	    		String newMOASessionID = AuthenticationSessionStoreage.changeSessionID(session);

+	    		

+	    		Logger.info("Changed MOASession " + sessionID + " to Session " + newMOASessionID);

+	    		Logger.info("Daten angelegt zu MOASession " + newMOASessionID);

+		    	

+		    	if (!samlArtifactBase64.equals("Redirect to Input Processor")) {

+		    		/*redirectURL = session.getOAURLRequested();

+		    		if (!session.getBusinessService()) {

+		    			redirectURL = addURLParameter(redirectURL, PARAM_TARGET, URLEncoder.encode(session.getTarget(), "UTF-8"));

+		    		}

+		    		redirectURL = addURLParameter(redirectURL, PARAM_SAMLARTIFACT, URLEncoder.encode(samlArtifactBase64, "UTF-8"));

+		    		redirectURL = resp.encodeRedirectURL(redirectURL);*/

+		    							

+		    		redirectURL = new DataURLBuilder().buildDataURL(session.getAuthURL(), 

+							ModulUtils.buildAuthURL(session.getModul(), session.getAction(), pendingRequestID), newMOASessionID);

+		    		redirectURL = resp.encodeRedirectURL(redirectURL);

+		    		

+		    	} else {				    		

+		    		redirectURL = new DataURLBuilder().buildDataURL(session.getAuthURL(), AuthenticationServer.REQ_PROCESS_VALIDATOR_INPUT, newMOASessionID);

+		    		

 		    	}

-		    	
-		    	try {
-					AuthenticationSessionStoreage.storeSession(session);
-				} catch (MOADatabaseException e) {
-					throw new MOAIDException("Session store error", null);
-				}
-		    	
+		    	

+		    	try {

+					AuthenticationSessionStoreage.storeSession(session);

+				} catch (MOADatabaseException e) {

+					throw new MOAIDException("Session store error", null);

+				}

+		    	

 		    	

 		    	resp.setContentType("text/html");

 		    	resp.setStatus(302);