diff options
Diffstat (limited to 'id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet')
5 files changed, 141 insertions, 36 deletions
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/AuthServlet.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/AuthServlet.java index eb480e37c..404dc68af 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/AuthServlet.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/AuthServlet.java @@ -66,8 +66,11 @@ import org.apache.commons.fileupload.FileItemFactory; import org.apache.commons.fileupload.FileUploadException; import org.apache.commons.fileupload.disk.DiskFileItemFactory; import org.apache.commons.fileupload.servlet.ServletFileUpload; - -import com.datentechnik.process_engine.springweb.AbstractAuthSourceServlet; +import org.springframework.beans.BeansException; +import org.springframework.beans.factory.NoSuchBeanDefinitionException; +import org.springframework.beans.factory.NoUniqueBeanDefinitionException; +import org.springframework.web.context.WebApplicationContext; +import org.springframework.web.context.support.WebApplicationContextUtils; import at.gv.egovernment.moa.id.advancedlogging.StatisticLogger; import at.gv.egovernment.moa.id.auth.MOAIDAuthConstants; @@ -83,6 +86,8 @@ import at.gv.egovernment.moa.logging.Logger; import at.gv.egovernment.moa.util.MiscUtil; import at.gv.egovernment.moa.util.URLDecoder; +import com.datentechnik.process_engine.ProcessEngine; + /** * Base class for MOA-ID Auth Servlets, providing standard error handling and * constant names. @@ -90,7 +95,7 @@ import at.gv.egovernment.moa.util.URLDecoder; * @author Paul Ivancsics * @version $Id$ */ -public class AuthServlet extends AbstractAuthSourceServlet implements MOAIDAuthConstants { +public class AuthServlet extends HttpServlet implements MOAIDAuthConstants { /** * @@ -99,6 +104,11 @@ public class AuthServlet extends AbstractAuthSourceServlet implements MOAIDAuthC protected static final String ERROR_CODE_PARAM = "errorid"; + /** + * The process engine. + */ + private ProcessEngine processEngine; + @Override protected void doGet(HttpServletRequest req, HttpServletResponse resp) throws ServletException, IOException { @@ -456,4 +466,31 @@ public class AuthServlet extends AbstractAuthSourceServlet implements MOAIDAuthC } + + /** + * Returns the underlying process engine instance. + * + * @return The process engine (never {@code null}). + * @throws NoSuchBeanDefinitionException + * if no {@link ProcessEngine} bean was found. + * @throws NoUniqueBeanDefinitionException + * if more than one {@link ProcessEngine} bean was found. + * @throws BeansException + * if a problem getting the {@link ProcessEngine} bean occurred. + * @throws IllegalStateException + * if the Spring WebApplicationContext was not found, which means that the servlet is used outside a + * Spring web environment. + */ + public synchronized ProcessEngine getProcessEngine() { + if (processEngine == null) { + WebApplicationContext ctx = WebApplicationContextUtils.getWebApplicationContext(getServletContext()); + if (ctx == null) { + throw new IllegalStateException( + "Unable to find Spring WebApplicationContext. Servlet needs to be executed within a Spring web environment."); + } + processEngine = ctx.getBean(ProcessEngine.class); + } + return processEngine; + } + } diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/GenerateIFrameTemplateServlet.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/GenerateIFrameTemplateServlet.java index 2ef8ab5ec..430936e97 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/GenerateIFrameTemplateServlet.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/GenerateIFrameTemplateServlet.java @@ -23,18 +23,14 @@ package at.gv.egovernment.moa.id.auth.servlet; import java.io.IOException; -import java.io.PrintWriter; import java.util.List; -import javax.servlet.ServletConfig; import javax.servlet.ServletException; import javax.servlet.http.HttpServletRequest; import javax.servlet.http.HttpServletResponse; import org.apache.commons.lang.StringEscapeUtils; -import at.gv.egovernment.moa.id.auth.MOAIDAuthInitializer; -import at.gv.egovernment.moa.id.auth.builder.StartAuthenticationBuilder; import at.gv.egovernment.moa.id.auth.data.AuthenticationSession; import at.gv.egovernment.moa.id.auth.exception.AuthenticationException; import at.gv.egovernment.moa.id.auth.exception.MOAIDException; @@ -46,29 +42,16 @@ import at.gv.egovernment.moa.id.commons.db.ex.MOADatabaseException; import at.gv.egovernment.moa.id.config.auth.AuthConfigurationProvider; import at.gv.egovernment.moa.id.config.auth.OAAuthParameter; import at.gv.egovernment.moa.id.storage.AuthenticationSessionStoreage; -import at.gv.egovernment.moa.id.util.MOAIDMessageProvider; import at.gv.egovernment.moa.logging.Logger; import at.gv.egovernment.moa.util.FileUtils; import at.gv.egovernment.moa.util.MiscUtil; -import at.gv.egovernment.moa.util.StringUtils; + +import com.datentechnik.process_engine.ProcessInstance; public class GenerateIFrameTemplateServlet extends AuthServlet { private static final long serialVersionUID = 1L; - public void init(ServletConfig servletConfig) throws ServletException { -// try { -// super.init(servletConfig); -// MOAIDAuthInitializer.initialize(); -// Logger.debug("default platform file.encoding: " + System.getProperty("file.encoding")); -// Logger.info(MOAIDMessageProvider.getInstance().getMessage("init.00", null)); -// } -// catch (Exception ex) { -// Logger.fatal(MOAIDMessageProvider.getInstance().getMessage("init.02", null), ex); -// throw new ServletException(ex); -// } - } - protected void doGet(HttpServletRequest req, HttpServletResponse resp) throws ServletException, IOException { Logger.info("Receive " + GenerateIFrameTemplateServlet.class + " Request"); @@ -95,7 +78,7 @@ public class GenerateIFrameTemplateServlet extends AuthServlet { moasession = AuthenticationSessionStoreage.getSession(moasessionid); - AuthenticationSessionStoreage.changeSessionID(moasession); +// AuthenticationSessionStoreage.changeSessionID(moasession); } catch (MOADatabaseException e) { Logger.info("MOASession with SessionID="+ moasessionid + " is not found in Database"); @@ -162,26 +145,28 @@ public class GenerateIFrameTemplateServlet extends AuthServlet { req); } - StartAuthenticationBuilder startauth = StartAuthenticationBuilder.getInstance(); - String getIdentityLinkForm = startauth.build(moasession, req, resp); - - //store MOASession + // select and create process instance + // TODO[MOAID-49]: Automatically selection of process + ProcessInstance pi = getProcessEngine().createProcessInstance("DefaultAuthentication"); + // keep process instance id in moa session + moasession.setProcessInstanceId(pi.getId()); + // set execution context + pi.getExecutionContext().put("ccc", moasession.getCcc()); + pi.getExecutionContext().put("useMandate", moasession.getUseMandate()); + pi.getExecutionContext().put("bkuURL", moasession.getBkuURL()); + + // make sure moa session has been persisted before running the process try { AuthenticationSessionStoreage.storeSession(moasession); - } catch (MOADatabaseException e) { Logger.error("Database Error! MOASession is not stored!"); throw new MOAIDException("init.04", new Object[] { moasession.getSessionID()}); } - - if (!StringUtils.isEmpty(getIdentityLinkForm)) { - resp.setContentType("text/html;charset=UTF-8"); - PrintWriter out = new PrintWriter(resp.getOutputStream()); - out.print(getIdentityLinkForm); - out.flush(); - Logger.debug("Finished GET "+GenerateIFrameTemplateServlet.class); - } + + // start process + getProcessEngine().start(pi); + } catch (WrongParametersException ex) { handleWrongParameters(ex, req, resp); @@ -199,4 +184,13 @@ public class GenerateIFrameTemplateServlet extends AuthServlet { ConfigurationDBUtils.closeSession(); } } + + + + + + + + + } diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/ProcessEngineSignalServlet.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/ProcessEngineSignalServlet.java new file mode 100644 index 000000000..1ea8631c6 --- /dev/null +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/ProcessEngineSignalServlet.java @@ -0,0 +1,60 @@ +package at.gv.egovernment.moa.id.auth.servlet;
+
+import java.io.IOException;
+
+import javax.servlet.ServletException;
+import javax.servlet.http.HttpServletRequest;
+import javax.servlet.http.HttpServletResponse;
+
+import org.apache.commons.lang.StringEscapeUtils;
+
+import at.gv.egovernment.moa.id.auth.AuthenticationServer;
+import at.gv.egovernment.moa.id.auth.MOAIDAuthConstants;
+import at.gv.egovernment.moa.id.auth.data.AuthenticationSession;
+import at.gv.egovernment.moa.id.auth.exception.WrongParametersException;
+import at.gv.egovernment.moa.id.commons.db.MOASessionDBUtils;
+import at.gv.egovernment.moa.id.util.ParamValidatorUtils;
+
+import com.datentechnik.process_engine.ProcessInstance;
+
+public class ProcessEngineSignalServlet extends AuthServlet {
+
+ private static final long serialVersionUID = 1L;
+
+ @Override
+ protected void doPost(HttpServletRequest req, HttpServletResponse resp) throws ServletException, IOException {
+ String sessionID = StringEscapeUtils.escapeHtml(req.getParameter(PARAM_SESSIONID));
+
+ resp.setHeader(MOAIDAuthConstants.HEADER_EXPIRES, MOAIDAuthConstants.HEADER_VALUE_EXPIRES);
+ resp.setHeader(MOAIDAuthConstants.HEADER_PRAGMA, MOAIDAuthConstants.HEADER_VALUE_PRAGMA);
+ resp.setHeader(MOAIDAuthConstants.HEADER_CACHE_CONTROL, MOAIDAuthConstants.HEADER_VALUE_CACHE_CONTROL);
+ resp.addHeader(MOAIDAuthConstants.HEADER_CACHE_CONTROL, MOAIDAuthConstants.HEADER_VALUE_CACHE_CONTROL_IE);
+
+ try {
+
+ // check parameter
+ if (!ParamValidatorUtils.isValidSessionID(sessionID)) {
+ throw new WrongParametersException("ProcessEngineSignal", PARAM_SESSIONID, "auth.12");
+ }
+
+ // retrieve moa session
+ AuthenticationSession session = AuthenticationServer.getSession(sessionID);
+
+ // process instance is mandatory
+ if (session.getProcessInstanceId() == null) {
+ throw new IllegalStateException("MOA session does not provide process instance id.");
+ }
+
+ // wake up next task
+ ProcessInstance pi = getProcessEngine().getProcessInstance(session.getProcessInstanceId());
+ getProcessEngine().signal(pi);
+
+ } catch (Exception ex) {
+ handleError(null, ex, req, resp, null);
+ } finally {
+ MOASessionDBUtils.closeSession();
+ }
+
+ }
+
+}
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/VerifyAuthenticationBlockServlet.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/VerifyAuthenticationBlockServlet.java index e7fa9cbd7..dc350bfb7 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/VerifyAuthenticationBlockServlet.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/VerifyAuthenticationBlockServlet.java @@ -71,6 +71,7 @@ import at.gv.egovernment.moa.id.auth.exception.AuthenticationException; import at.gv.egovernment.moa.id.auth.exception.MISSimpleClientException; import at.gv.egovernment.moa.id.auth.exception.MOAIDException; import at.gv.egovernment.moa.id.auth.exception.WrongParametersException; +import at.gv.egovernment.moa.id.auth.tasks.VerifyAuthenticationBlockTask; import at.gv.egovernment.moa.id.commons.db.ConfigurationDBUtils; import at.gv.egovernment.moa.id.commons.db.ex.MOADatabaseException; import at.gv.egovernment.moa.id.config.ConnectionParameter; @@ -92,6 +93,7 @@ import at.gv.egovernment.moa.util.DOMUtils; * * @author Paul Ivancsics * @version $Id$ + * @deprecated Use {@link VerifyAuthenticationBlockTask} instead. */ public class VerifyAuthenticationBlockServlet extends AuthServlet { @@ -151,6 +153,9 @@ public class VerifyAuthenticationBlockServlet extends AuthServlet { protected void doPost(HttpServletRequest req, HttpServletResponse resp) throws ServletException, IOException { + if (System.currentTimeMillis() > 0) { + throw new IllegalStateException(getClass().getName() + " should not be called any more."); + } Logger.debug("POST VerifyAuthenticationBlock"); resp.setHeader(MOAIDAuthConstants.HEADER_EXPIRES,MOAIDAuthConstants.HEADER_VALUE_EXPIRES); @@ -158,6 +163,9 @@ public class VerifyAuthenticationBlockServlet extends AuthServlet { resp.setHeader(MOAIDAuthConstants.HEADER_CACHE_CONTROL,MOAIDAuthConstants.HEADER_VALUE_CACHE_CONTROL); resp.addHeader(MOAIDAuthConstants.HEADER_CACHE_CONTROL,MOAIDAuthConstants.HEADER_VALUE_CACHE_CONTROL_IE); + if (System.currentTimeMillis() > 0) { + throw new IllegalStateException(getClass().getName() + " should not be called any more."); + } String pendingRequestID = null; Map<String, String> parameters; diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/VerifyIdentityLinkServlet.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/VerifyIdentityLinkServlet.java index 3b503f07b..3fcdfe150 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/VerifyIdentityLinkServlet.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/VerifyIdentityLinkServlet.java @@ -65,6 +65,7 @@ import at.gv.egovernment.moa.id.auth.exception.AuthenticationException; import at.gv.egovernment.moa.id.auth.exception.MOAIDException; import at.gv.egovernment.moa.id.auth.exception.ParseException; import at.gv.egovernment.moa.id.auth.exception.WrongParametersException; +import at.gv.egovernment.moa.id.auth.tasks.VerifyIdentityLinkTask; import at.gv.egovernment.moa.id.commons.db.ConfigurationDBUtils; import at.gv.egovernment.moa.id.commons.db.MOASessionDBUtils; import at.gv.egovernment.moa.id.commons.db.ex.MOADatabaseException; @@ -82,6 +83,7 @@ import at.gv.egovernment.moa.logging.Logger; * * @author Paul Ivancsics * @version $Id$ + * @deprecated Use {@link VerifyIdentityLinkTask} instead. */ public class VerifyIdentityLinkServlet extends AuthServlet { @@ -134,6 +136,10 @@ public class VerifyIdentityLinkServlet extends AuthServlet { protected void doPost(HttpServletRequest req, HttpServletResponse resp) throws ServletException, IOException { + if (System.currentTimeMillis() > 0) { + throw new IllegalStateException(getClass().getName() + " should not be called any more."); + } + Logger.debug("POST VerifyIdentityLink"); Map<String, String> parameters; |