aboutsummaryrefslogtreecommitdiff
path: root/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/VerifyAuthenticationBlockServlet.java
diff options
context:
space:
mode:
Diffstat (limited to 'id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/VerifyAuthenticationBlockServlet.java')
-rw-r--r--id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/VerifyAuthenticationBlockServlet.java342
1 files changed, 0 insertions, 342 deletions
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/VerifyAuthenticationBlockServlet.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/VerifyAuthenticationBlockServlet.java
deleted file mode 100644
index fa44296fc..000000000
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/VerifyAuthenticationBlockServlet.java
+++ /dev/null
@@ -1,342 +0,0 @@
-///*******************************************************************************
-// * Copyright 2014 Federal Chancellery Austria
-// * MOA-ID has been developed in a cooperation between BRZ, the Federal
-// * Chancellery Austria - ICT staff unit, and Graz University of Technology.
-// *
-// * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by
-// * the European Commission - subsequent versions of the EUPL (the "Licence");
-// * You may not use this work except in compliance with the Licence.
-// * You may obtain a copy of the Licence at:
-// * http://www.osor.eu/eupl/
-// *
-// * Unless required by applicable law or agreed to in writing, software
-// * distributed under the Licence is distributed on an "AS IS" basis,
-// * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-// * See the Licence for the specific language governing permissions and
-// * limitations under the Licence.
-// *
-// * This product combines work with different licenses. See the "NOTICE" text
-// * file for details on the various modules and licenses.
-// * The "NOTICE" text file is part of the distribution. Any derivative works
-// * that you distribute must include a readable copy of the "NOTICE" text file.
-// ******************************************************************************/
-///*
-// * Copyright 2003 Federal Chancellery Austria
-// * MOA-ID has been developed in a cooperation between BRZ, the Federal
-// * Chancellery Austria - ICT staff unit, and Graz University of Technology.
-// *
-// * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by
-// * the European Commission - subsequent versions of the EUPL (the "Licence");
-// * You may not use this work except in compliance with the Licence.
-// * You may obtain a copy of the Licence at:
-// * http://www.osor.eu/eupl/
-// *
-// * Unless required by applicable law or agreed to in writing, software
-// * distributed under the Licence is distributed on an "AS IS" basis,
-// * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-// * See the Licence for the specific language governing permissions and
-// * limitations under the Licence.
-// *
-// * This product combines work with different licenses. See the "NOTICE" text
-// * file for details on the various modules and licenses.
-// * The "NOTICE" text file is part of the distribution. Any derivative works
-// * that you distribute must include a readable copy of the "NOTICE" text file.
-// */
-//
-//
-//package at.gv.egovernment.moa.id.auth.servlet;
-//
-//import iaik.pki.PKIException;
-//
-//import java.io.IOException;
-//import java.security.GeneralSecurityException;
-//import java.util.List;
-//import java.util.Map;
-//
-//import javax.net.ssl.SSLSocketFactory;
-//import javax.servlet.ServletException;
-//import javax.servlet.http.HttpServletRequest;
-//import javax.servlet.http.HttpServletResponse;
-//import javax.xml.transform.TransformerException;
-//
-//import org.apache.commons.fileupload.FileUploadException;
-//import org.apache.commons.lang.StringEscapeUtils;
-//import org.w3c.dom.Element;
-//
-//import at.gv.egovernment.moa.id.auth.AuthenticationServer;
-//import at.gv.egovernment.moa.id.auth.MOAIDAuthConstants;
-//import at.gv.egovernment.moa.id.auth.builder.DataURLBuilder;
-//import at.gv.egovernment.moa.id.auth.data.AuthenticationSession;
-//import at.gv.egovernment.moa.id.auth.exception.AuthenticationException;
-//import at.gv.egovernment.moa.id.auth.exception.MISSimpleClientException;
-//import at.gv.egovernment.moa.id.auth.exception.MOAIDException;
-//import at.gv.egovernment.moa.id.auth.exception.WrongParametersException;
-//import at.gv.egovernment.moa.id.auth.modules.internal.tasks.VerifyAuthenticationBlockTask;
-//import at.gv.egovernment.moa.id.commons.db.ConfigurationDBUtils;
-//import at.gv.egovernment.moa.id.commons.db.ex.MOADatabaseException;
-//import at.gv.egovernment.moa.id.config.ConnectionParameter;
-//import at.gv.egovernment.moa.id.config.auth.AuthConfigurationProvider;
-//import at.gv.egovernment.moa.id.config.auth.OAAuthParameter;
-//import at.gv.egovernment.moa.id.moduls.ModulUtils;
-//import at.gv.egovernment.moa.id.storage.AuthenticationSessionStoreage;
-//import at.gv.egovernment.moa.id.util.ParamValidatorUtils;
-//import at.gv.egovernment.moa.id.util.SSLUtils;
-//import at.gv.egovernment.moa.id.util.client.mis.simple.MISSessionId;
-//import at.gv.egovernment.moa.id.util.client.mis.simple.MISSimpleClient;
-//import at.gv.egovernment.moa.logging.Logger;
-//import at.gv.egovernment.moa.util.DOMUtils;
-//
-///**
-// * Servlet requested for verifying the signed authentication block
-// * provided by the security layer implementation.
-// * Utilizes the {@link AuthenticationServer}.
-// *
-// * @author Paul Ivancsics
-// * @version $Id$
-// * @deprecated Use {@link VerifyAuthenticationBlockTask} instead.
-// */
-//public class VerifyAuthenticationBlockServlet extends AuthServlet {
-//
-//
-// /**
-// *
-// */
-// private static final long serialVersionUID = -2409629495345900542L;
-//
-///**
-// * Constructor for VerifyAuthenticationBlockServlet.
-// */
-// public VerifyAuthenticationBlockServlet() {
-// super();
-// }
-//
-// /**
-// * GET requested by security layer implementation to verify
-// * that data URL resource is available.
-// * @see javax.servlet.http.HttpServlet#doGet(HttpServletRequest, HttpServletResponse)
-// */
-// protected void doGet(HttpServletRequest req, HttpServletResponse resp)
-// throws ServletException, IOException {
-//
-// //doPost(req, resp);
-//
-// Logger.debug("GET VerifyAuthenticationBlock");
-//
-// resp.setHeader(MOAIDAuthConstants.HEADER_EXPIRES,MOAIDAuthConstants.HEADER_VALUE_EXPIRES);
-// resp.setHeader(MOAIDAuthConstants.HEADER_PRAGMA,MOAIDAuthConstants.HEADER_VALUE_PRAGMA);
-// resp.setHeader(MOAIDAuthConstants.HEADER_CACHE_CONTROL,MOAIDAuthConstants.HEADER_VALUE_CACHE_CONTROL);
-// resp.addHeader(MOAIDAuthConstants.HEADER_CACHE_CONTROL,MOAIDAuthConstants.HEADER_VALUE_CACHE_CONTROL_IE);
-//
-// }
-//
-// /**
-// * Verifies the signed authentication block and redirects the browser
-// * to the online application requested, adding a parameter needed for
-// * retrieving the authentication data.
-// * <br>
-// * Request parameters:
-// * <ul>
-// * <li>MOASessionID: ID of associated authentication session</li>
-// * <li>XMLResponse: <code>&lt;CreateXMLSignatureResponse&gt;</code></li>
-// * </ul>
-// * Response:
-// * <ul>
-// * <li>Status: <code>302</code></li>
-// * <li>Header <code>"Location"</code>: URL of the online application requested, with
-// * parameters <code>"Target"</code>(only if the online application is
-// * a public service) and <code>"SAMLArtifact"</code> added</li>
-// * <li>Error status: <code>500</code>
-// * </ul>
-// * @see AuthenticationServer#verifyAuthenticationBlock
-// * @see javax.servlet.http.HttpServlet#doPost(HttpServletRequest, HttpServletResponse)
-// */
-// protected void doPost(HttpServletRequest req, HttpServletResponse resp)
-// throws ServletException, IOException {
-//
-// Logger.debug("POST VerifyAuthenticationBlock");
-//
-// Logger.warn(getClass().getName() + " is deprecated and should not be used any more.");
-//
-// resp.setHeader(MOAIDAuthConstants.HEADER_EXPIRES,MOAIDAuthConstants.HEADER_VALUE_EXPIRES);
-// resp.setHeader(MOAIDAuthConstants.HEADER_PRAGMA,MOAIDAuthConstants.HEADER_VALUE_PRAGMA);
-// resp.setHeader(MOAIDAuthConstants.HEADER_CACHE_CONTROL,MOAIDAuthConstants.HEADER_VALUE_CACHE_CONTROL);
-// resp.addHeader(MOAIDAuthConstants.HEADER_CACHE_CONTROL,MOAIDAuthConstants.HEADER_VALUE_CACHE_CONTROL_IE);
-//
-// String pendingRequestID = null;
-//
-// Map<String, String> parameters;
-// try
-// {
-// parameters = getParameters(req);
-// } catch (FileUploadException e)
-// {
-// Logger.error("Parsing mulitpart/form-data request parameters failed: " + e.getMessage());
-// throw new IOException(e.getMessage());
-//
-// }
-// String sessionID = req.getParameter(PARAM_SESSIONID);
-// String createXMLSignatureResponse = (String)parameters.get(PARAM_XMLRESPONSE);
-//
-// // escape parameter strings
-// sessionID = StringEscapeUtils.escapeHtml(sessionID);
-// pendingRequestID = AuthenticationSessionStoreage.getPendingRequestID(sessionID);
-//
-// String redirectURL = null;
-// try {
-// // check parameter
-// if (!ParamValidatorUtils.isValidSessionID(sessionID))
-// throw new WrongParametersException("VerifyAuthenticationBlock", PARAM_SESSIONID, "auth.12");
-// if (!ParamValidatorUtils.isValidXMLDocument(createXMLSignatureResponse))
-// throw new WrongParametersException("VerifyAuthenticationBlock", PARAM_XMLRESPONSE, "auth.12");
-//
-// AuthenticationSession session = AuthenticationServer.getSession(sessionID);
-//
-// //change MOASessionID
-// sessionID = AuthenticationSessionStoreage.changeSessionID(session);
-//
-// String samlArtifactBase64 = AuthenticationServer.getInstance().verifyAuthenticationBlock(session, createXMLSignatureResponse);
-//
-//
-//
-// if (samlArtifactBase64 == null) {
-// //mandate Mode
-//
-// AuthConfigurationProvider authConf= AuthConfigurationProvider.getInstance();
-// ConnectionParameter connectionParameters = authConf.getOnlineMandatesConnectionParameter();
-// SSLSocketFactory sslFactory = SSLUtils.getSSLSocketFactory(AuthConfigurationProvider.getInstance(), connectionParameters);
-//
-// // get identitity link as byte[]
-// Element elem = session.getIdentityLink().getSamlAssertion();
-// String s = DOMUtils.serializeNode(elem);
-//
-// //System.out.println("IDL: " + s);
-//
-// byte[] idl = s.getBytes("UTF-8");
-//
-// // redirect url
-// // build redirect(to the GetMISSessionIdSerlvet)
-//
-// //change MOASessionID before MIS request
-// String newMOASessionID = AuthenticationSessionStoreage.changeSessionID(session);
-//
-// redirectURL =
-// new DataURLBuilder().buildDataURL(
-// session.getAuthURL(),
-// GET_MIS_SESSIONID,
-// newMOASessionID);
-//
-// String oaURL = session.getOAURLRequested();
-// OAAuthParameter oaParam = authConf.getOnlineApplicationParameter(oaURL);
-// List<String> profiles = oaParam.getMandateProfiles();
-//
-// if (profiles == null) {
-// Logger.error("No Mandate/Profile for OA configured.");
-// throw new AuthenticationException("config.21", new Object[] { GET_MIS_SESSIONID});
-// }
-//
-//// String profilesArray[] = profiles.split(",");
-//// for(int i = 0; i < profilesArray.length; i++) {
-//// profilesArray[i] = profilesArray[i].trim();
-//// }
-//
-// String oaFriendlyName = oaParam.getFriendlyName();
-// String mandateReferenceValue = session.getMandateReferenceValue();
-// byte[] cert = session.getEncodedSignerCertificate();
-// byte[] authBlock = session.getAuthBlock().getBytes("UTF-8");
-//
-// //TODO: check in case of SSO!!!
-// String targetType = null;
-// if(oaParam.getBusinessService()) {
-// String id = oaParam.getIdentityLinkDomainIdentifier();
-// if (id.startsWith(AuthenticationSession.REGISTERANDORDNR_PREFIX_))
-// targetType = id;
-// else
-// targetType = AuthenticationSession.REGISTERANDORDNR_PREFIX_+session.getDomainIdentifier();
-//
-// } else {
-// targetType = AuthenticationSession.TARGET_PREFIX_ + oaParam.getTarget();
-// }
-//
-// MISSessionId misSessionID = MISSimpleClient.sendSessionIdRequest(
-// connectionParameters.getUrl(),
-// idl,
-// cert,
-// oaFriendlyName,
-// redirectURL,
-// mandateReferenceValue,
-// profiles,
-// targetType,
-// authBlock,
-// sslFactory);
-//
-// if (misSessionID == null) {
-// Logger.error("Fehler bei Anfrage an Vollmachten Service. MIS Session ID ist null.");
-// throw new MISSimpleClientException("Fehler bei Anfrage an Vollmachten Service.");
-// }
-//
-// String redirectMISGUI = misSessionID.getRedirectURL();
-// session.setMISSessionID(misSessionID.getSessiondId());
-//
-// try {
-// AuthenticationSessionStoreage.storeSession(session);
-// } catch (MOADatabaseException e) {
-// throw new MOAIDException("Session store error", null);
-// }
-//
-// resp.setStatus(302);
-// resp.addHeader("Location", redirectMISGUI);
-// Logger.debug("REDIRECT TO: " + redirectURL);
-// }
-// else {
-//
-// if (!samlArtifactBase64.equals("Redirect to Input Processor")) {
-// /*redirectURL = session.getOAURLRequested();
-// if (!session.getBusinessService()) {
-// redirectURL = addURLParameter(redirectURL, PARAM_TARGET, URLEncoder.encode(session.getTarget(), "UTF-8"));
-//
-// }
-// redirectURL = addURLParameter(redirectURL, PARAM_SAMLARTIFACT, URLEncoder.encode(samlArtifactBase64, "UTF-8"));
-// redirectURL = resp.encodeRedirectURL(redirectURL);*/
-//
-//
-// redirectURL = new DataURLBuilder().buildDataURL(session.getAuthURL(),
-// ModulUtils.buildAuthURL(session.getModul(), session.getAction(), pendingRequestID), samlArtifactBase64);
-//
-// } else {
-// redirectURL = new DataURLBuilder().buildDataURL(session.getAuthURL(), AuthenticationServer.REQ_PROCESS_VALIDATOR_INPUT, session.getSessionID());
-// }
-//
-// resp.setContentType("text/html");
-// resp.setStatus(302);
-//
-// resp.addHeader("Location", redirectURL);
-// Logger.debug("REDIRECT TO: " + redirectURL);
-//
-// }
-//
-// }
-//
-// catch (MOAIDException ex) {
-// handleError(null, ex, req, resp, pendingRequestID);
-//
-// } catch (GeneralSecurityException e) {
-// handleError(null, e, req, resp, pendingRequestID);
-//
-// } catch (PKIException e) {
-// handleError(null, e, req, resp, pendingRequestID);
-//
-// } catch (TransformerException e) {
-// handleError(null, e, req, resp, pendingRequestID);
-//
-// } catch (Exception e) {
-// Logger.error("AuthBlockValidation has an interal Error.", e);
-// }
-//
-//
-// finally {
-// ConfigurationDBUtils.closeSession();
-// }
-//
-// }
-//
-//}
generated by cgit v1.2.3 (git 2.25.1) at 2024-07-12 17:07:24 +0000