aboutsummaryrefslogtreecommitdiff
path: root/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet
diff options
context:
space:
mode:
Diffstat (limited to 'id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet')
-rw-r--r--id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/AuthServlet.java13
-rw-r--r--id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/GenerateIFrameTemplateServlet.java87
-rw-r--r--id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/GetMISSessionIDServlet.java100
-rw-r--r--id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/ProcessValidatorInputServlet.java232
-rw-r--r--id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/RedirectServlet.java37
-rw-r--r--id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/SelectBKUServlet.java178
6 files changed, 359 insertions, 288 deletions
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/AuthServlet.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/AuthServlet.java
index 187cf4fdb..4b15d80b4 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/AuthServlet.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/AuthServlet.java
@@ -415,12 +415,15 @@ public class AuthServlet extends HttpServlet implements MOAIDAuthConstants {
throws AuthenticationException, ConfigurationException {
// check if HTTP Connection may be allowed (through
// FRONTEND_SERVLETS_ENABLE_HTTP_CONNECTION_PROPERTY)
- String boolStr = AuthConfigurationProvider
- .getInstance()
- .getGenericConfigurationParameter(
- AuthConfigurationProvider.FRONTEND_SERVLETS_ENABLE_HTTP_CONNECTION_PROPERTY);
+
+ //Removed from MOA-ID 2.0 config
+// String boolStr = AuthConfigurationProvider
+// .getInstance()
+// .getGenericConfigurationParameter(
+// AuthConfigurationProvider.FRONTEND_SERVLETS_ENABLE_HTTP_CONNECTION_PROPERTY);
if ((!authURL.startsWith("https:"))
- && (false == BoolUtils.valueOf(boolStr)))
+ //&& (false == BoolUtils.valueOf(boolStr))
+ )
throw new AuthenticationException("auth.07", new Object[] { authURL
+ "*" });
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/GenerateIFrameTemplateServlet.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/GenerateIFrameTemplateServlet.java
index e6eecd11b..2ea34ee12 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/GenerateIFrameTemplateServlet.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/GenerateIFrameTemplateServlet.java
@@ -86,15 +86,16 @@ public class GenerateIFrameTemplateServlet extends AuthServlet {
//load Parameters from config
String target = oaParam.getTarget();
- String sourceID = ""; //TODO: load from Config
- String bkuURL = getBKUURIFromConfig(Integer.valueOf(bkuid), oaParam);
- String templateURL = getTemplateURIFromConfig(Integer.valueOf(bkuid), oaParam);;
-
+// String sourceID = ""; //TODO: load from Config
+// String bkuURL = getBKUURIFromConfig(Integer.valueOf(bkuid), oaParam);
+// String templateURL = getTemplateURIFromConfig(Integer.valueOf(bkuid), oaParam);
+
+ String bkuURL = oaParam.getBKUURL(bkuid);
+ String templateURL = AuthConfigurationProvider.getInstance().getSLRequestTemplates(bkuid);
//parse all OA parameters i
StartAuthentificationParameterParser.parse(moasession,
target,
- sourceID,
moasession.getOAURLRequested(),
bkuURL,
templateURL,
@@ -136,43 +137,43 @@ public class GenerateIFrameTemplateServlet extends AuthServlet {
}
- private String getTemplateURIFromConfig(int bkuID, OAAuthParameter oaParam) throws WrongParametersException {
- //TODO: CHANGE to real OA config
-
- List<String> bkuURIs = Arrays.asList(
- "http://localhost:8080/moa-id-auth/template_onlineBKU.html",
- "http://localhost:8080/moa-id-auth/template_handyBKU.html",
- "http://127.0.0.1:8080/moa-id-auth/template_localBKU.html");
-
+// private String getTemplateURIFromConfig(int bkuID, OAAuthParameter oaParam) throws WrongParametersException {
+// //TODO: CHANGE to real OA config
+//
// List<String> bkuURIs = Arrays.asList(
-// "http://demo.egiz.gv.at/demoportal_moaid-2.0/template_onlineBKU.html",
-// "http://demo.egiz.gv.at/demoportal_moaid-2.0/template_handyBKU.html",
-// "http://demo.egiz.gv.at/demoportal_moaid-2.0/template_localBKU.html");
-
- if (bkuID < bkuURIs.size())
- return bkuURIs.get(bkuID);
- else
- throw new WrongParametersException("GenerateIFrameTemplate", PARAM_TEMPLATE,
- "auth.12");
- }
-
- private String getBKUURIFromConfig(int bkuID, OAAuthParameter oaParam) throws WrongParametersException {
- //TODO: CHANGE to real OA config
-
- List<String> bkuURIs = Arrays.asList(
- "https://labda.iaik.tugraz.at:8843/bkuonline/https-security-layer-request",
- "https://www.handy-signatur.at/mobile/https-security-layer-request/default.aspx",
- "https://127.0.0.1:3496/https-security-layer-request");
-
-// List<String> bkuURIs = Arrays.asList(
-// "https://demo.egiz.gv.at/demoportal_bkuonline/https-security-layer-request",
-// "https://www.handy-signatur.at/mobile/https-security-layer-request/default.aspx",
-// "https://127.0.0.1:3496/https-security-layer-request");
-
- if (bkuID < bkuURIs.size())
- return bkuURIs.get(bkuID);
- else
- throw new WrongParametersException("GenerateIFrameTemplate", PARAM_BKU,
- "auth.12");
- }
+// "http://localhost:8080/moa-id-auth/template_onlineBKU.html",
+// "http://localhost:8080/moa-id-auth/template_handyBKU.html",
+// "http://127.0.0.1:8080/moa-id-auth/template_localBKU.html");
+//
+//// List<String> bkuURIs = Arrays.asList(
+//// "http://demo.egiz.gv.at/demoportal_moaid-2.0/template_onlineBKU.html",
+//// "http://demo.egiz.gv.at/demoportal_moaid-2.0/template_handyBKU.html",
+//// "http://demo.egiz.gv.at/demoportal_moaid-2.0/template_localBKU.html");
+//
+// if (bkuID < bkuURIs.size())
+// return bkuURIs.get(bkuID);
+// else
+// throw new WrongParametersException("GenerateIFrameTemplate", PARAM_TEMPLATE,
+// "auth.12");
+// }
+//
+// private String getBKUURIFromConfig(int bkuID, OAAuthParameter oaParam) throws WrongParametersException {
+// //TODO: CHANGE to real OA config
+//
+// List<String> bkuURIs = Arrays.asList(
+// "https://labda.iaik.tugraz.at:8843/bkuonline/https-security-layer-request",
+// "https://www.handy-signatur.at/mobile/https-security-layer-request/default.aspx",
+// "https://127.0.0.1:3496/https-security-layer-request");
+//
+//// List<String> bkuURIs = Arrays.asList(
+//// "https://demo.egiz.gv.at/demoportal_bkuonline/https-security-layer-request",
+//// "https://www.handy-signatur.at/mobile/https-security-layer-request/default.aspx",
+//// "https://127.0.0.1:3496/https-security-layer-request");
+//
+// if (bkuID < bkuURIs.size())
+// return bkuURIs.get(bkuID);
+// else
+// throw new WrongParametersException("GenerateIFrameTemplate", PARAM_BKU,
+// "auth.12");
+// }
}
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/GetMISSessionIDServlet.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/GetMISSessionIDServlet.java
index d41d20def..7d825da17 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/GetMISSessionIDServlet.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/GetMISSessionIDServlet.java
@@ -40,6 +40,7 @@ import org.apache.commons.lang.StringEscapeUtils;
import org.w3c.dom.Element;
import org.xml.sax.SAXException;
+import at.gv.egovernment.moa.id.AuthenticationException;
import at.gv.egovernment.moa.id.MOAIDException;
import at.gv.egovernment.moa.id.auth.AuthenticationServer;
import at.gv.egovernment.moa.id.auth.MOAIDAuthConstants;
@@ -50,6 +51,7 @@ import at.gv.egovernment.moa.id.auth.data.AuthenticationSession;
import at.gv.egovernment.moa.id.config.ConnectionParameter;
import at.gv.egovernment.moa.id.config.auth.AuthConfigurationProvider;
import at.gv.egovernment.moa.id.moduls.ModulUtils;
+import at.gv.egovernment.moa.id.storage.AuthenticationSessionStoreage;
import at.gv.egovernment.moa.id.util.ParamValidatorUtils;
import at.gv.egovernment.moa.id.util.SSLUtils;
import at.gv.egovernment.moa.id.util.client.mis.simple.MISMandate;
@@ -174,47 +176,75 @@ public class GetMISSessionIDServlet extends AuthServlet {
// for now: list contains only one element
MISMandate mandate = (MISMandate) list.get(0);
- // verify mandate signature
- AuthenticationServer.getInstance().verifyMandate(session, mandate);
-
- byte[] byteMandate = mandate.getMandate();
- String stringMandate = new String(byteMandate);
- Element mandateDoc = DOMUtils.parseDocument(stringMandate, false,
- null, null).getDocumentElement();
-
+ String sMandate = new String(mandate.getMandate());
+ if (sMandate == null | sMandate.compareToIgnoreCase("") == 0) {
+ Logger.error("Mandate is empty.");
+ throw new AuthenticationException("auth.16",
+ new Object[] { GET_MIS_SESSIONID });
+ }
+
// TODO OW bPK (Offen: was bei saml:NameIdentifier
// NameQualifier="urn:publicid:gv.at:cdid+bpk"> und <saml:Attribute
// AttributeName="bPK" )
System.out.println("\n\n\n OW BPK: " + mandate.getOWbPK());
// TODO wenn OW bPK vorhanden - in SAML Assertion setzen!
- String redirectURL = null;
- String samlArtifactBase64 = AuthenticationServer.getInstance()
- .verifyAuthenticationBlockMandate(session, mandateDoc);
-
- if (!samlArtifactBase64.equals("Redirect to Input Processor")) {
-
- redirectURL = session.getOAURLRequested();
- if (!session.getBusinessService()) {
- // redirectURL = addURLParameter(redirectURL, PARAM_TARGET,
- // URLEncoder.encode(session.getTarget(), "UTF-8"));
- }
- // redirectURL = addURLParameter(redirectURL,
- // PARAM_SAMLARTIFACT, URLEncoder.encode(samlArtifactBase64,
- // "UTF-8"));
- redirectURL = new DataURLBuilder().buildDataURL(
- session.getAuthURL(),
- ModulUtils.buildAuthURL(session.getModul(),
- session.getAction()), samlArtifactBase64);
- redirectURL = resp.encodeRedirectURL(redirectURL);
-
- } else {
- redirectURL = new DataURLBuilder().buildDataURL(
- session.getAuthURL(),
- AuthenticationServer.REQ_PROCESS_VALIDATOR_INPUT,
- session.getSessionID());
-
- }
+ //check if it is a parsable XML
+ byte[] byteMandate = mandate.getMandate();
+ String stringMandate = new String(byteMandate);
+ Element mandateDoc = DOMUtils.parseDocument(stringMandate, false,
+ null, null).getDocumentElement();
+
+ // extract RepresentationType
+ AuthenticationServer.getInstance().verifyMandate(session, mandate);
+
+ session.setMISMandate(mandate);
+ session.setAuthenticatedUsed(false);
+ session.setAuthenticated(true);
+
+ String oldsessionID = session.getSessionID();
+
+ //Session is implicite stored in changeSessionID!!!
+ String newMOASessionID = AuthenticationSessionStoreage.changeSessionID(session);
+
+ Logger.info("Changed MOASession " + oldsessionID + " to Session " + newMOASessionID);
+ Logger.info("Daten angelegt zu MOASession " + newMOASessionID);
+
+ String redirectURL = new DataURLBuilder().buildDataURL(
+ session.getAuthURL(),
+ ModulUtils.buildAuthURL(session.getModul(),
+ session.getAction()), newMOASessionID);
+ redirectURL = resp.encodeRedirectURL(redirectURL);
+
+
+// String samlArtifactBase64 = AuthenticationServer.getInstance()
+// .verifyAuthenticationBlockMandate(session, mandateDoc);
+
+// if (!samlArtifactBase64.equals("Redirect to Input Processor")) {
+//
+// redirectURL = session.getOAURLRequested();
+// if (!session.getBusinessService()) {
+// // redirectURL = addURLParameter(redirectURL, PARAM_TARGET,
+// // URLEncoder.encode(session.getTarget(), "UTF-8"));
+// }
+// // redirectURL = addURLParameter(redirectURL,
+// // PARAM_SAMLARTIFACT, URLEncoder.encode(samlArtifactBase64,
+// // "UTF-8"));
+// redirectURL = new DataURLBuilder().buildDataURL(
+// session.getAuthURL(),
+// ModulUtils.buildAuthURL(session.getModul(),
+// session.getAction()), samlArtifactBase64);
+// redirectURL = resp.encodeRedirectURL(redirectURL);
+//
+// } else {
+// redirectURL = new DataURLBuilder().buildDataURL(
+// session.getAuthURL(),
+// AuthenticationServer.REQ_PROCESS_VALIDATOR_INPUT,
+// session.getSessionID());
+//
+// }
+
+
resp.setContentType("text/html");
resp.setStatus(302);
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/ProcessValidatorInputServlet.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/ProcessValidatorInputServlet.java
index f89460a83..200d25fbe 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/ProcessValidatorInputServlet.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/ProcessValidatorInputServlet.java
@@ -147,122 +147,122 @@ public class ProcessValidatorInputServlet extends AuthServlet {
protected void doPost(HttpServletRequest req, HttpServletResponse resp)
throws ServletException, IOException {
- Logger.debug("POST ProcessInput");
-
- resp.setHeader(MOAIDAuthConstants.HEADER_EXPIRES,MOAIDAuthConstants.HEADER_VALUE_EXPIRES);
- resp.setHeader(MOAIDAuthConstants.HEADER_PRAGMA,MOAIDAuthConstants.HEADER_VALUE_PRAGMA);
- resp.setHeader(MOAIDAuthConstants.HEADER_CACHE_CONTROL,MOAIDAuthConstants.HEADER_VALUE_CACHE_CONTROL);
- resp.addHeader(MOAIDAuthConstants.HEADER_CACHE_CONTROL,MOAIDAuthConstants.HEADER_VALUE_CACHE_CONTROL_IE);
-
- Map parameters;
- try {
- parameters = getParameters(req);
- } catch (FileUploadException e) {
- Logger.error("Parsing mulitpart/form-data request parameters failed: " + e.getMessage());
- throw new IOException(e.getMessage());
- }
-
- String sessionID = req.getParameter(PARAM_SESSIONID);
- if (sessionID==null) sessionID = (String) req.getAttribute(PARAM_SESSIONID);
- if (sessionID==null) sessionID = (String) parameters.get(PARAM_SESSIONID);
- if (sessionID==null) sessionID = (String) parameters.get(PARAM_SESSIONID+"_");
-
- // escape parameter strings
- sessionID = StringEscapeUtils.escapeHtml(sessionID);
-
- try {
-
- if (!ParamValidatorUtils.isValidSessionID(sessionID))
- throw new WrongParametersException("ProcessInput", PARAM_SESSIONID, "auth.12");
-
- AuthenticationSession session = AuthenticationServer.getSession(sessionID);
- AuthenticationServer.processInput(session, parameters);
- String createXMLSignatureRequestOrRedirect = AuthenticationServer.getInstance().getCreateXMLSignatureRequestAuthBlockOrRedirect(session, null, null);
- if (!createXMLSignatureRequestOrRedirect.startsWith("Redirect")) {
- // Now sign the AUTH Block
- String dataURL = new DataURLBuilder().buildDataURL(
- session.getAuthURL(), AuthenticationServer.REQ_VERIFY_AUTH_BLOCK, sessionID);
-
- String htmlForm = null;
-
- boolean doInputProcessorSign = false; // If sign process should be within an extra form, provide a parameter. Otherwise transport through security layer is assumed
-
- String inputProcessorSignForm = req.getParameter("Sign_Form");
- if (inputProcessorSignForm==null) inputProcessorSignForm = (String) req.getAttribute("Sign_Form");
- if (inputProcessorSignForm==null) inputProcessorSignForm = (String) parameters.get("Sign_Form");
- if (inputProcessorSignForm==null) inputProcessorSignForm = (String) parameters.get("Sign_Form_");
- // escape parameter strings
- inputProcessorSignForm = StringEscapeUtils.escapeHtml(inputProcessorSignForm);
- if (!ParepUtils.isEmpty(inputProcessorSignForm)) doInputProcessorSign = inputProcessorSignForm.equalsIgnoreCase("true");
- if (doInputProcessorSign) {
- // Test if we have a user input form sign template
-
- String inputProcessorSignTemplateURL = req.getParameter(PARAM_INPUT_PROCESSOR_SIGN_TEMPLATE);
-
- if (!ParamValidatorUtils.isValidSignUrl(inputProcessorSignTemplateURL))
- throw new WrongParametersException("ProcessInput", PARAM_INPUT_PROCESSOR_SIGN_TEMPLATE, "auth.12");
-
- String inputProcessorSignTemplate = null;
- OAAuthParameter oaParam =
- AuthConfigurationProvider.getInstance().getOnlineApplicationParameter(session.getOAURLRequested());
- // override template url by url from configuration file
- if (oaParam.getInputProcessorSignTemplateURL() != null) {
- inputProcessorSignTemplateURL = oaParam.getInputProcessorSignTemplateURL();
- }
- if (inputProcessorSignTemplateURL != null) {
- try {
- inputProcessorSignTemplate = new String(FileUtils.readURL(inputProcessorSignTemplateURL));
- } catch (IOException ex) {
- throw new AuthenticationException(
- "auth.03",
- new Object[] { inputProcessorSignTemplateURL, ex.toString()},
- ex);
- }
- }
-
- htmlForm = new GetVerifyAuthBlockFormBuilder().build(
- inputProcessorSignTemplate, session.getBkuURL(), createXMLSignatureRequestOrRedirect, dataURL, session.getPushInfobox());
- htmlForm = ParepUtils.replaceAll(htmlForm, "<BASE_href>", session.getAuthURL());
- htmlForm = ParepUtils.replaceAll(htmlForm, "<MOASessionID>", sessionID);
- htmlForm = ParepUtils.replaceAll(htmlForm, "<BKU>", session.getBkuURL());
- htmlForm = ParepUtils.replaceAll(htmlForm, "<DataURL>", dataURL);
- htmlForm = ParepUtils.replaceAll(htmlForm, "<PushInfobox>", session.getPushInfobox());
- resp.setContentType("text/html;charset=UTF-8");
- } else {
- htmlForm = createXMLSignatureRequestOrRedirect;
- resp.setStatus(307);
- resp.addHeader("Location", dataURL);
- //TODO test impact of explicit setting charset with older versions of BKUs (HotSign)
- resp.setContentType("text/xml;charset=UTF-8");
- }
-
- OutputStream out = resp.getOutputStream();
- out.write(htmlForm.getBytes("UTF-8"));
- out.flush();
- out.close();
- Logger.debug("Finished POST ProcessInput");
- } else {
- String redirectURL = new DataURLBuilder().buildDataURL(session.getAuthURL(), AuthenticationServer.REQ_PROCESS_VALIDATOR_INPUT, session.getSessionID());
- resp.setContentType("text/html");
- resp.setStatus(302);
- resp.addHeader("Location", redirectURL);
- Logger.debug("REDIRECT TO: " + redirectURL);
- }
-
- try {
- AuthenticationSessionStoreage.storeSession(session);
-
- } catch (MOADatabaseException e) {
- throw new AuthenticationException("", null);
- }
-
- }
- catch (WrongParametersException ex) {
- handleWrongParameters(ex, req, resp);
- }
- catch (MOAIDException ex) {
- handleError(null, ex, req, resp);
- }
+// Logger.debug("POST ProcessInput");
+//
+// resp.setHeader(MOAIDAuthConstants.HEADER_EXPIRES,MOAIDAuthConstants.HEADER_VALUE_EXPIRES);
+// resp.setHeader(MOAIDAuthConstants.HEADER_PRAGMA,MOAIDAuthConstants.HEADER_VALUE_PRAGMA);
+// resp.setHeader(MOAIDAuthConstants.HEADER_CACHE_CONTROL,MOAIDAuthConstants.HEADER_VALUE_CACHE_CONTROL);
+// resp.addHeader(MOAIDAuthConstants.HEADER_CACHE_CONTROL,MOAIDAuthConstants.HEADER_VALUE_CACHE_CONTROL_IE);
+//
+// Map parameters;
+// try {
+// parameters = getParameters(req);
+// } catch (FileUploadException e) {
+// Logger.error("Parsing mulitpart/form-data request parameters failed: " + e.getMessage());
+// throw new IOException(e.getMessage());
+// }
+//
+// String sessionID = req.getParameter(PARAM_SESSIONID);
+// if (sessionID==null) sessionID = (String) req.getAttribute(PARAM_SESSIONID);
+// if (sessionID==null) sessionID = (String) parameters.get(PARAM_SESSIONID);
+// if (sessionID==null) sessionID = (String) parameters.get(PARAM_SESSIONID+"_");
+//
+// // escape parameter strings
+// sessionID = StringEscapeUtils.escapeHtml(sessionID);
+//
+// try {
+//
+// if (!ParamValidatorUtils.isValidSessionID(sessionID))
+// throw new WrongParametersException("ProcessInput", PARAM_SESSIONID, "auth.12");
+//
+// AuthenticationSession session = AuthenticationServer.getSession(sessionID);
+// AuthenticationServer.processInput(session, parameters);
+// String createXMLSignatureRequestOrRedirect = AuthenticationServer.getInstance().getCreateXMLSignatureRequestAuthBlockOrRedirect(session, null, null);
+// if (!createXMLSignatureRequestOrRedirect.startsWith("Redirect")) {
+// // Now sign the AUTH Block
+// String dataURL = new DataURLBuilder().buildDataURL(
+// session.getAuthURL(), AuthenticationServer.REQ_VERIFY_AUTH_BLOCK, sessionID);
+//
+// String htmlForm = null;
+//
+// boolean doInputProcessorSign = false; // If sign process should be within an extra form, provide a parameter. Otherwise transport through security layer is assumed
+//
+// String inputProcessorSignForm = req.getParameter("Sign_Form");
+// if (inputProcessorSignForm==null) inputProcessorSignForm = (String) req.getAttribute("Sign_Form");
+// if (inputProcessorSignForm==null) inputProcessorSignForm = (String) parameters.get("Sign_Form");
+// if (inputProcessorSignForm==null) inputProcessorSignForm = (String) parameters.get("Sign_Form_");
+// // escape parameter strings
+// inputProcessorSignForm = StringEscapeUtils.escapeHtml(inputProcessorSignForm);
+// if (!ParepUtils.isEmpty(inputProcessorSignForm)) doInputProcessorSign = inputProcessorSignForm.equalsIgnoreCase("true");
+// if (doInputProcessorSign) {
+// // Test if we have a user input form sign template
+//
+// String inputProcessorSignTemplateURL = req.getParameter(PARAM_INPUT_PROCESSOR_SIGN_TEMPLATE);
+//
+// if (!ParamValidatorUtils.isValidSignUrl(inputProcessorSignTemplateURL))
+// throw new WrongParametersException("ProcessInput", PARAM_INPUT_PROCESSOR_SIGN_TEMPLATE, "auth.12");
+//
+// String inputProcessorSignTemplate = null;
+// OAAuthParameter oaParam =
+// AuthConfigurationProvider.getInstance().getOnlineApplicationParameter(session.getOAURLRequested());
+// // override template url by url from configuration file
+// if (oaParam.getInputProcessorSignTemplateURL() != null) {
+// inputProcessorSignTemplateURL = oaParam.getInputProcessorSignTemplateURL();
+// }
+// if (inputProcessorSignTemplateURL != null) {
+// try {
+// inputProcessorSignTemplate = new String(FileUtils.readURL(inputProcessorSignTemplateURL));
+// } catch (IOException ex) {
+// throw new AuthenticationException(
+// "auth.03",
+// new Object[] { inputProcessorSignTemplateURL, ex.toString()},
+// ex);
+// }
+// }
+//
+// htmlForm = new GetVerifyAuthBlockFormBuilder().build(
+// inputProcessorSignTemplate, session.getBkuURL(), createXMLSignatureRequestOrRedirect, dataURL, session.getPushInfobox());
+// htmlForm = ParepUtils.replaceAll(htmlForm, "<BASE_href>", session.getAuthURL());
+// htmlForm = ParepUtils.replaceAll(htmlForm, "<MOASessionID>", sessionID);
+// htmlForm = ParepUtils.replaceAll(htmlForm, "<BKU>", session.getBkuURL());
+// htmlForm = ParepUtils.replaceAll(htmlForm, "<DataURL>", dataURL);
+// htmlForm = ParepUtils.replaceAll(htmlForm, "<PushInfobox>", session.getPushInfobox());
+// resp.setContentType("text/html;charset=UTF-8");
+// } else {
+// htmlForm = createXMLSignatureRequestOrRedirect;
+// resp.setStatus(307);
+// resp.addHeader("Location", dataURL);
+// //TODO test impact of explicit setting charset with older versions of BKUs (HotSign)
+// resp.setContentType("text/xml;charset=UTF-8");
+// }
+//
+// OutputStream out = resp.getOutputStream();
+// out.write(htmlForm.getBytes("UTF-8"));
+// out.flush();
+// out.close();
+// Logger.debug("Finished POST ProcessInput");
+// } else {
+// String redirectURL = new DataURLBuilder().buildDataURL(session.getAuthURL(), AuthenticationServer.REQ_PROCESS_VALIDATOR_INPUT, session.getSessionID());
+// resp.setContentType("text/html");
+// resp.setStatus(302);
+// resp.addHeader("Location", redirectURL);
+// Logger.debug("REDIRECT TO: " + redirectURL);
+// }
+//
+// try {
+// AuthenticationSessionStoreage.storeSession(session);
+//
+// } catch (MOADatabaseException e) {
+// throw new AuthenticationException("", null);
+// }
+//
+// }
+// catch (WrongParametersException ex) {
+// handleWrongParameters(ex, req, resp);
+// }
+// catch (MOAIDException ex) {
+// handleError(null, ex, req, resp);
+// }
}
}
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/RedirectServlet.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/RedirectServlet.java
new file mode 100644
index 000000000..310f3509c
--- /dev/null
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/RedirectServlet.java
@@ -0,0 +1,37 @@
+package at.gv.egovernment.moa.id.auth.servlet;
+
+import java.io.IOException;
+import java.io.PrintWriter;
+
+import javax.servlet.ServletException;
+import javax.servlet.http.HttpServletRequest;
+import javax.servlet.http.HttpServletResponse;
+
+import at.gv.egovernment.moa.id.auth.builder.RedirectFormBuilder;
+import at.gv.egovernment.moa.logging.Logger;
+
+
+
+public class RedirectServlet extends AuthServlet{
+
+ private static final long serialVersionUID = 1L;
+
+ public static final String REDIRCT_GETPARAM = "redirecturl";
+
+ protected void doGet(HttpServletRequest req, HttpServletResponse resp)
+ throws ServletException, IOException {
+ Logger.info("Receive " + RedirectServlet.class + " Request");
+
+ String url = req.getParameter(REDIRCT_GETPARAM);
+
+ Logger.info("Redirect to " + url);
+
+ String redirect_form = RedirectFormBuilder.buildLoginForm(url);
+
+ resp.setContentType("text/html;charset=UTF-8");
+ PrintWriter out = new PrintWriter(resp.getOutputStream());
+ out.write(redirect_form);
+ out.flush();
+ }
+
+}
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/SelectBKUServlet.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/SelectBKUServlet.java
index d544e2f85..2deece26f 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/SelectBKUServlet.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/SelectBKUServlet.java
@@ -91,94 +91,94 @@ public class SelectBKUServlet extends AuthServlet {
Logger.debug("GET SelectBKU");
- resp.setHeader(MOAIDAuthConstants.HEADER_EXPIRES,MOAIDAuthConstants.HEADER_VALUE_EXPIRES);
- resp.setHeader(MOAIDAuthConstants.HEADER_PRAGMA,MOAIDAuthConstants.HEADER_VALUE_PRAGMA);
- resp.setHeader(MOAIDAuthConstants.HEADER_CACHE_CONTROL,MOAIDAuthConstants.HEADER_VALUE_CACHE_CONTROL);
- resp.addHeader(MOAIDAuthConstants.HEADER_CACHE_CONTROL,MOAIDAuthConstants.HEADER_VALUE_CACHE_CONTROL_IE);
-
- String authURL = req.getScheme() + "://" + req.getServerName();
- if ((req.getScheme().equalsIgnoreCase("https") && req.getServerPort()!=443) || (req.getScheme().equalsIgnoreCase("http") && req.getServerPort()!=80)) {
- authURL = authURL.concat(":" + req.getServerPort());
- }
- authURL = authURL.concat(req.getContextPath() + "/");
-
- String target = req.getParameter(PARAM_TARGET);
- String oaURL = req.getParameter(PARAM_OA);
- String bkuSelectionTemplateURL = req.getParameter(PARAM_BKUTEMPLATE);
- String templateURL = req.getParameter(PARAM_TEMPLATE);
-
- // escape parameter strings
- target = StringEscapeUtils.escapeHtml(target);
- oaURL = StringEscapeUtils.escapeHtml(oaURL);
- templateURL = StringEscapeUtils.escapeHtml(templateURL);
- bkuSelectionTemplateURL = StringEscapeUtils.escapeHtml(bkuSelectionTemplateURL);
-
-
- resp.setHeader(HEADER_EXPIRES,HEADER_VALUE_EXPIRES);
- resp.setHeader(HEADER_PRAGMA,HEADER_VALUE_PRAGMA);
- resp.setHeader(HEADER_CACHE_CONTROL,HEADER_VALUE_CACHE_CONTROL);
- resp.addHeader(HEADER_CACHE_CONTROL,HEADER_VALUE_CACHE_CONTROL_IE);
-
- try {
-
- // check parameter
- if (!ParamValidatorUtils.isValidOA(oaURL))
- throw new WrongParametersException("SelectBKU", PARAM_OA, "auth.12");
- if (!ParamValidatorUtils.isValidTemplate(req, templateURL))
- throw new WrongParametersException("SelectBKU", PARAM_TEMPLATE, "auth.12");
- if (!ParamValidatorUtils.isValidTemplate(req, bkuSelectionTemplateURL))
- throw new WrongParametersException("SelectBKU", PARAM_TEMPLATE, "auth.12");
-
- if (!ParamValidatorUtils.isValidTarget(target))
- throw new WrongParametersException("SelectBKU", PARAM_TARGET, "auth.12");
-
- OAAuthParameter oaParam =
- AuthConfigurationProvider.getInstance().getOnlineApplicationParameter(oaURL);
- if (oaParam == null)
- throw new AuthenticationException("auth.00", new Object[] { oaURL });
-
- // get target and target friendly name from config
- String targetConfig = oaParam.getTarget();
-
- String returnValue = null;
- if (StringUtils.isEmpty(targetConfig)) {
- // no target attribut is given in OA config
- // target is used from request
- // check parameter
- if (!ParamValidatorUtils.isValidTarget(target))
- throw new WrongParametersException("StartAuthentication", PARAM_TARGET, "auth.12");
-
- returnValue = AuthenticationServer.getInstance().selectBKU(authURL, target, oaURL, bkuSelectionTemplateURL, templateURL);
- }
- else {
- // use target from config
- returnValue = AuthenticationServer.getInstance().selectBKU(authURL, targetConfig, oaURL, bkuSelectionTemplateURL, templateURL);
- }
-
-
- String bkuSelectionType = AuthConfigurationProvider.getInstance().getBKUSelectionType();
- if (bkuSelectionType.equals(AuthConfigurationProvider.BKU_SELECTION_TYPE_HTMLCOMPLETE)) {
- // bkuSelectionType==HTMLComplete
- String redirectURL = returnValue;
- resp.setContentType("text/html");
- resp.sendRedirect(redirectURL);
- Logger.info("REDIRECT TO: " + redirectURL);
- } else {
- // bkuSelectionType==HTMLSelect
- String htmlForm = returnValue;
- resp.setContentType("text/html;charset=UTF-8");
- Logger.debug("HTML-Form: " + htmlForm);
- Writer out = new OutputStreamWriter(resp.getOutputStream(), "UTF8");
- out.write(htmlForm);
- out.flush();
- Logger.debug("Finished GET SelectBKU");
- }
- }
- catch (WrongParametersException ex) {
- handleWrongParameters(ex, req, resp);
- }
- catch (Throwable ex) {
- handleError(null, ex, req, resp);
- }
+// resp.setHeader(MOAIDAuthConstants.HEADER_EXPIRES,MOAIDAuthConstants.HEADER_VALUE_EXPIRES);
+// resp.setHeader(MOAIDAuthConstants.HEADER_PRAGMA,MOAIDAuthConstants.HEADER_VALUE_PRAGMA);
+// resp.setHeader(MOAIDAuthConstants.HEADER_CACHE_CONTROL,MOAIDAuthConstants.HEADER_VALUE_CACHE_CONTROL);
+// resp.addHeader(MOAIDAuthConstants.HEADER_CACHE_CONTROL,MOAIDAuthConstants.HEADER_VALUE_CACHE_CONTROL_IE);
+//
+// String authURL = req.getScheme() + "://" + req.getServerName();
+// if ((req.getScheme().equalsIgnoreCase("https") && req.getServerPort()!=443) || (req.getScheme().equalsIgnoreCase("http") && req.getServerPort()!=80)) {
+// authURL = authURL.concat(":" + req.getServerPort());
+// }
+// authURL = authURL.concat(req.getContextPath() + "/");
+//
+// String target = req.getParameter(PARAM_TARGET);
+// String oaURL = req.getParameter(PARAM_OA);
+// String bkuSelectionTemplateURL = req.getParameter(PARAM_BKUTEMPLATE);
+// String templateURL = req.getParameter(PARAM_TEMPLATE);
+//
+// // escape parameter strings
+// target = StringEscapeUtils.escapeHtml(target);
+// oaURL = StringEscapeUtils.escapeHtml(oaURL);
+// templateURL = StringEscapeUtils.escapeHtml(templateURL);
+// bkuSelectionTemplateURL = StringEscapeUtils.escapeHtml(bkuSelectionTemplateURL);
+//
+//
+// resp.setHeader(HEADER_EXPIRES,HEADER_VALUE_EXPIRES);
+// resp.setHeader(HEADER_PRAGMA,HEADER_VALUE_PRAGMA);
+// resp.setHeader(HEADER_CACHE_CONTROL,HEADER_VALUE_CACHE_CONTROL);
+// resp.addHeader(HEADER_CACHE_CONTROL,HEADER_VALUE_CACHE_CONTROL_IE);
+//
+// try {
+//
+// // check parameter
+// if (!ParamValidatorUtils.isValidOA(oaURL))
+// throw new WrongParametersException("SelectBKU", PARAM_OA, "auth.12");
+// if (!ParamValidatorUtils.isValidTemplate(req, templateURL))
+// throw new WrongParametersException("SelectBKU", PARAM_TEMPLATE, "auth.12");
+// if (!ParamValidatorUtils.isValidTemplate(req, bkuSelectionTemplateURL))
+// throw new WrongParametersException("SelectBKU", PARAM_TEMPLATE, "auth.12");
+//
+// if (!ParamValidatorUtils.isValidTarget(target))
+// throw new WrongParametersException("SelectBKU", PARAM_TARGET, "auth.12");
+//
+// OAAuthParameter oaParam =
+// AuthConfigurationProvider.getInstance().getOnlineApplicationParameter(oaURL);
+// if (oaParam == null)
+// throw new AuthenticationException("auth.00", new Object[] { oaURL });
+//
+// // get target and target friendly name from config
+// String targetConfig = oaParam.getTarget();
+//
+// String returnValue = null;
+// if (StringUtils.isEmpty(targetConfig)) {
+// // no target attribut is given in OA config
+// // target is used from request
+// // check parameter
+// if (!ParamValidatorUtils.isValidTarget(target))
+// throw new WrongParametersException("StartAuthentication", PARAM_TARGET, "auth.12");
+//
+// returnValue = AuthenticationServer.getInstance().selectBKU(authURL, target, oaURL, bkuSelectionTemplateURL, templateURL);
+// }
+// else {
+// // use target from config
+// returnValue = AuthenticationServer.getInstance().selectBKU(authURL, targetConfig, oaURL, bkuSelectionTemplateURL, templateURL);
+// }
+//
+//
+// String bkuSelectionType = AuthConfigurationProvider.getInstance().getBKUSelectionType();
+// if (bkuSelectionType.equals(AuthConfigurationProvider.BKU_SELECTION_TYPE_HTMLCOMPLETE)) {
+// // bkuSelectionType==HTMLComplete
+// String redirectURL = returnValue;
+// resp.setContentType("text/html");
+// resp.sendRedirect(redirectURL);
+// Logger.info("REDIRECT TO: " + redirectURL);
+// } else {
+// // bkuSelectionType==HTMLSelect
+// String htmlForm = returnValue;
+// resp.setContentType("text/html;charset=UTF-8");
+// Logger.debug("HTML-Form: " + htmlForm);
+// Writer out = new OutputStreamWriter(resp.getOutputStream(), "UTF8");
+// out.write(htmlForm);
+// out.flush();
+// Logger.debug("Finished GET SelectBKU");
+// }
+// }
+// catch (WrongParametersException ex) {
+// handleWrongParameters(ex, req, resp);
+// }
+// catch (Throwable ex) {
+// handleError(null, ex, req, resp);
+// }
}
}
generated by cgit v1.2.3 (git 2.25.1) at 2024-06-28 09:38:15 +0000