1 files changed, 145 insertions, 0 deletions

diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/SelectBKUServlet.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/SelectBKUServlet.java
new file mode 100644
index 000000000..6e285a2c0
--- /dev/null
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/SelectBKUServlet.java
@@ -0,0 +1,145 @@
+/*
+* Copyright 2003 Federal Chancellery Austria
+*
+* Licensed under the Apache License, Version 2.0 (the "License");
+* you may not use this file except in compliance with the License.
+* You may obtain a copy of the License at
+*
+*     http://www.apache.org/licenses/LICENSE-2.0
+*
+* Unless required by applicable law or agreed to in writing, software
+* distributed under the License is distributed on an "AS IS" BASIS,
+* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+* See the License for the specific language governing permissions and
+* limitations under the License.
+*/
+package at.gv.egovernment.moa.id.auth.servlet;
+
+import java.io.IOException;
+import java.io.OutputStreamWriter;
+import java.io.Writer;
+
+import javax.servlet.ServletConfig;
+import javax.servlet.ServletException;
+import javax.servlet.http.HttpServletRequest;
+import javax.servlet.http.HttpServletResponse;
+
+import org.apache.commons.lang.StringEscapeUtils;
+
+import at.gv.egovernment.moa.id.auth.AuthenticationServer;
+import at.gv.egovernment.moa.id.auth.MOAIDAuthConstants;
+import at.gv.egovernment.moa.id.auth.MOAIDAuthInitializer;
+import at.gv.egovernment.moa.id.auth.WrongParametersException;
+import at.gv.egovernment.moa.id.config.auth.AuthConfigurationProvider;
+import at.gv.egovernment.moa.id.util.MOAIDMessageProvider;
+import at.gv.egovernment.moa.id.util.ParamValidatorUtils;
+import at.gv.egovernment.moa.logging.Logger;
+
+/**
+ * Servlet requested for selecting a BKU.
+ * <br>In case of {@link AuthConfigurationProvider#getBKUSelectionType}==HTMLComplete,
+ * the browser is redirected to the configured "BKU-Auswahl-URL".
+ * <br>In case of {@link AuthConfigurationProvider#getBKUSelectionType}==HTMLSelect,
+ * the list of available BKU's is fetched from a BKU-Auswahl server, and presented
+ * to the user in an HTML form.
+ * 
+ * @author Paul Ivancsics
+ * @version $Id$
+ */
+public class SelectBKUServlet extends AuthServlet {
+
+  /**
+   * Calls the web application initializer.
+   * 
+   * @see javax.servlet.Servlet#init(ServletConfig)
+   */
+  public void init(ServletConfig servletConfig) throws ServletException {
+    try {
+      super.init(servletConfig);
+      MOAIDAuthInitializer.initialize();
+      Logger.debug("default platform file.encoding: " + System.getProperty("file.encoding"));
+      Logger.info(MOAIDMessageProvider.getInstance().getMessage("init.00", null));
+    }
+    catch (Exception ex) {
+      Logger.fatal(MOAIDMessageProvider.getInstance().getMessage("init.02", null), ex);
+      throw new ServletException(ex);
+    }
+  }
+  
+  /**
+   * Responds with an HTML form which requests the user to choose a BKU.
+   */
+  protected void doGet(HttpServletRequest req, HttpServletResponse resp)
+    throws ServletException, IOException {
+
+    Logger.debug("GET SelectBKU");
+    
+    resp.setHeader(MOAIDAuthConstants.HEADER_EXPIRES,MOAIDAuthConstants.HEADER_VALUE_EXPIRES);
+    resp.setHeader(MOAIDAuthConstants.HEADER_PRAGMA,MOAIDAuthConstants.HEADER_VALUE_PRAGMA);
+	resp.setHeader(MOAIDAuthConstants.HEADER_CACHE_CONTROL,MOAIDAuthConstants.HEADER_VALUE_CACHE_CONTROL);
+	resp.addHeader(MOAIDAuthConstants.HEADER_CACHE_CONTROL,MOAIDAuthConstants.HEADER_VALUE_CACHE_CONTROL_IE);
+    
+    String authURL = req.getScheme() + "://" + req.getServerName();
+    if ((req.getScheme().equalsIgnoreCase("https") && req.getServerPort()!=443) || (req.getScheme().equalsIgnoreCase("http") && req.getServerPort()!=80)) { 
+      authURL = authURL.concat(":" + req.getServerPort());
+    }
+    authURL = authURL.concat(req.getContextPath() + "/");
+
+    String target = req.getParameter(PARAM_TARGET);
+    String oaURL = req.getParameter(PARAM_OA);
+    String bkuSelectionTemplateURL = req.getParameter(PARAM_BKUTEMPLATE);
+    String templateURL = req.getParameter(PARAM_TEMPLATE);
+    
+    // escape parameter strings
+    target = StringEscapeUtils.escapeHtml(target);
+    oaURL = StringEscapeUtils.escapeHtml(oaURL);    
+    templateURL = StringEscapeUtils.escapeHtml(templateURL);
+    bkuSelectionTemplateURL = StringEscapeUtils.escapeHtml(bkuSelectionTemplateURL);
+    
+    
+    resp.setHeader(HEADER_EXPIRES,HEADER_VALUE_EXPIRES);
+    resp.setHeader(HEADER_PRAGMA,HEADER_VALUE_PRAGMA);
+    resp.setHeader(HEADER_CACHE_CONTROL,HEADER_VALUE_CACHE_CONTROL);
+    resp.addHeader(HEADER_CACHE_CONTROL,HEADER_VALUE_CACHE_CONTROL_IE);
+
+    try {
+       
+       // check parameter
+       if (!ParamValidatorUtils.isValidTarget(target))
+          throw new WrongParametersException("SelectBKU", PARAM_TARGET, "auth.12");
+       if (!ParamValidatorUtils.isValidOA(oaURL))
+          throw new WrongParametersException("SelectBKU", PARAM_OA, "auth.12");
+       if (!ParamValidatorUtils.isValidTemplate(req, templateURL))
+          throw new WrongParametersException("SelectBKU", PARAM_TEMPLATE, "auth.12");
+       if (!ParamValidatorUtils.isValidTemplate(req, bkuSelectionTemplateURL))
+           throw new WrongParametersException("SelectBKU", PARAM_TEMPLATE, "auth.12");
+
+       
+      String returnValue = AuthenticationServer.getInstance().selectBKU(
+        authURL, target, oaURL, bkuSelectionTemplateURL, templateURL);
+      String bkuSelectionType = AuthConfigurationProvider.getInstance().getBKUSelectionType();
+      if (bkuSelectionType.equals(AuthConfigurationProvider.BKU_SELECTION_TYPE_HTMLCOMPLETE)) {
+        // bkuSelectionType==HTMLComplete
+        String redirectURL = returnValue;               
+				resp.setContentType("text/html");
+        resp.sendRedirect(redirectURL);
+        Logger.info("REDIRECT TO: " + redirectURL);
+      } else {
+        // bkuSelectionType==HTMLSelect
+        String htmlForm = returnValue;
+        resp.setContentType("text/html;charset=UTF-8");
+        Logger.debug("HTML-Form: " + htmlForm);
+        Writer out = new OutputStreamWriter(resp.getOutputStream(), "UTF8");
+        out.write(htmlForm);
+        out.flush();
+        Logger.debug("Finished GET SelectBKU");
+      }
+    }
+    catch (WrongParametersException ex) {
+      handleWrongParameters(ex, req, resp);
+    }
+    catch (Throwable ex) {
+      handleError(null, ex, req, resp);
+    }
+  }
+}