diff options
Diffstat (limited to 'id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth')
7 files changed, 55 insertions, 49 deletions
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/AuthenticationServer.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/AuthenticationServer.java index 25f0ba1d3..84f85b3d6 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/AuthenticationServer.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/AuthenticationServer.java @@ -49,6 +49,7 @@ import javax.servlet.http.HttpSession; import javax.xml.parsers.ParserConfigurationException; import javax.xml.transform.TransformerException; +import org.apache.commons.lang.StringEscapeUtils; import org.apache.xpath.XPathAPI; import org.opensaml.saml2.metadata.RequestedAttribute; import org.opensaml.xml.util.Base64; @@ -212,7 +213,7 @@ public class AuthenticationServer implements MOAIDAuthConstants { * @param templateMandteURL * URL providing an HTML template for the HTML form generated * (for signing in mandates mode) - * @param scheme + * @param req * determines the protocol used * @param sourceID * @return HTML form @@ -220,7 +221,7 @@ public class AuthenticationServer implements MOAIDAuthConstants { * @see GetIdentityLinkFormBuilder * @see InfoboxReadRequestBuilder */ - public String startAuthentication(AuthenticationSession session, String scheme) throws WrongParametersException, + public String startAuthentication(AuthenticationSession session, HttpServletRequest req) throws WrongParametersException, AuthenticationException, ConfigurationException, BuildException { if (session == null) { @@ -289,9 +290,15 @@ public class AuthenticationServer implements MOAIDAuthConstants { .buildDataURL(session.getAuthURL(), REQ_START_AUTHENTICATION, session.getSessionID()); + //get Applet Parameters + String appletwidth = req.getParameter(PARAM_APPLET_WIDTH); + String appletheigth = req.getParameter(PARAM_APPLET_HEIGTH); + appletheigth = StringEscapeUtils.escapeHtml(appletheigth); + appletwidth = StringEscapeUtils.escapeHtml(appletwidth); + String htmlForm = new GetIdentityLinkFormBuilder().build(template, session.getBkuURL(), infoboxReadRequest, dataURL, certInfoRequest, - certInfoDataURL, pushInfobox, oaParam); + certInfoDataURL, pushInfobox, oaParam, appletheigth, appletwidth); return htmlForm; } diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/MOAIDAuthConstants.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/MOAIDAuthConstants.java index c17b86c46..264a4f68b 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/MOAIDAuthConstants.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/MOAIDAuthConstants.java @@ -149,4 +149,7 @@ public interface MOAIDAuthConstants { public final static String EXT_SAML_MANDATE_REPRESENTATIONTEXT = "Vollmachtsvertreter"; public final static String EXT_SAML_MANDATE_CB_BASE_ID = "MandatorDomainIdentifier"; + public static final String PARAM_APPLET_HEIGTH = "heigth"; + public static final String PARAM_APPLET_WIDTH = "width"; + } diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/builder/GetIdentityLinkFormBuilder.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/builder/GetIdentityLinkFormBuilder.java index ceffd90dc..7753b4011 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/builder/GetIdentityLinkFormBuilder.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/builder/GetIdentityLinkFormBuilder.java @@ -27,9 +27,11 @@ package at.gv.egovernment.moa.id.auth.builder; import java.io.IOException; import java.io.StringReader; import java.io.StringWriter; +import java.util.Map; import at.gv.egovernment.moa.id.auth.exception.BuildException; import at.gv.egovernment.moa.id.config.auth.OAAuthParameter; +import at.gv.egovernment.moa.id.util.FormBuildUtils; import at.gv.egovernment.moa.util.MiscUtil; /** @@ -55,9 +57,13 @@ public class GetIdentityLinkFormBuilder extends Builder { /** special tag in the HTML template to be substituted for the infoboxes to be pushed from the BKU */ private static final String PUSHINFOBOX_TAG = "<PushInfobox>"; /** special tag in the HTML template to be substituted for the BKU URL */ - private static final String COLOR_TAG = "<COLOR>"; /** private static int all contains the representation to replace all tags*/ private static final int ALL = -1; + + private static final String COLOR_TAG = "<COLOR>"; + private static final String REDIRECTTARGETTAG = "<REDIRECTTARGET>"; + private static final String APPLETWIDTH_TAG = "<APPLETWIDTH>"; + private static final String APPLETHEIGHT_TAG = "<APPLETHEIGHT>"; /** default HTML template */ private static final String DEFAULT_HTML_TEMPLATE = @@ -115,6 +121,8 @@ public class GetIdentityLinkFormBuilder extends Builder { * may be <code>null</code>, in this case the default URL will be used * @param dataURL DataURL to be sent as a parameter in the form * @param oaParam + * @param appletwidth + * @param appletheigth */ public String build( String htmlTemplate, @@ -123,7 +131,9 @@ public class GetIdentityLinkFormBuilder extends Builder { String dataURL, String certInfoXMLRequest, String certInfoDataURL, - String pushInfobox, OAAuthParameter oaParam) + String pushInfobox, OAAuthParameter oaParam, + String appletheigth, + String appletwidth) throws BuildException { String htmlForm = htmlTemplate == null ? DEFAULT_HTML_TEMPLATE : htmlTemplate; @@ -136,14 +146,24 @@ public class GetIdentityLinkFormBuilder extends Builder { htmlForm = replaceTag(htmlForm, CERTINFO_DATAURL_TAG, certInfoDataURL, true, ALL); if (oaParam != null) { - if (MiscUtil.isNotEmpty(oaParam.getBKUSelectionBackGroundColor())) - htmlForm = replaceTag(htmlForm, COLOR_TAG, oaParam.getBKUSelectionBackGroundColor(), false, ALL); - else - htmlForm = replaceTag(htmlForm, COLOR_TAG, "#DDDDDD", false, ALL); - - } else - htmlForm = replaceTag(htmlForm, COLOR_TAG, "#DDDDDD", false, ALL); + Map<String, String> map = oaParam.getFormCustomizaten(); + htmlForm = replaceTag(htmlForm, COLOR_TAG, map.get(FormBuildUtils.MAIN_BACKGROUNDCOLOR), false, ALL); + htmlForm = replaceTag(htmlForm, REDIRECTTARGETTAG, map.get(FormBuildUtils.REDIRECTTARGET), false, ALL); + + } else { + htmlForm = replaceTag(htmlForm, COLOR_TAG, FormBuildUtils.getDefaultMap().get(FormBuildUtils.MAIN_BACKGROUNDCOLOR), false, ALL); + htmlForm = replaceTag(htmlForm, REDIRECTTARGETTAG, FormBuildUtils.getDefaultMap().get(FormBuildUtils.REDIRECTTARGET), false, ALL); + } + + if (MiscUtil.isNotEmpty(appletheigth)) + htmlForm = replaceTag(htmlForm, APPLETHEIGHT_TAG, appletheigth, true, ALL); + else + htmlForm = replaceTag(htmlForm, APPLETHEIGHT_TAG, "160", true, ALL); + if (MiscUtil.isNotEmpty(appletwidth)) + htmlForm = replaceTag(htmlForm, APPLETWIDTH_TAG, appletwidth, true, ALL); + else + htmlForm = replaceTag(htmlForm, APPLETWIDTH_TAG, "250", true, ALL); return htmlForm; } diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/builder/LoginFormBuilder.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/builder/LoginFormBuilder.java index 789651f16..729af48f7 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/builder/LoginFormBuilder.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/builder/LoginFormBuilder.java @@ -13,6 +13,7 @@ import org.apache.commons.io.IOUtils; import at.gv.egovernment.moa.id.config.auth.AuthConfigurationProvider; import at.gv.egovernment.moa.id.config.auth.OAAuthParameter; import at.gv.egovernment.moa.id.protocols.saml1.SAML1Protocol; +import at.gv.egovernment.moa.id.util.FormBuildUtils; import at.gv.egovernment.moa.logging.Logger; import at.gv.egovernment.moa.util.MiscUtil; @@ -20,12 +21,7 @@ public class LoginFormBuilder { private static final String HTMLTEMPLATESDIR = "htmlTemplates/"; private static final String HTMLTEMPLATEFULL = "loginFormFull.html"; - - private static final String TEMPLATEBGCOLOR = "style=\"background-color: #COLOR#\""; - private static final String TEMPLATEVISIBLE = " display: none"; - private static final String TEMPLATEDISABLED = "disabled=\"true\""; - private static final String TEMPLATECHECKED = "checked=\"true\""; - + private static String AUTH_URL = "#AUTH_URL#"; private static String MODUL = "#MODUL#"; private static String ACTION = "#ACTION#"; @@ -35,11 +31,7 @@ public class LoginFormBuilder { private static String BKU_LOCAL = "#LOCAL#"; private static String CONTEXTPATH = "#CONTEXTPATH#"; private static String MOASESSIONID = "#SESSIONID#"; - private static String BACKGROUNDCOLOR = "#BACKGROUNDCOLOR#"; - private static String COLOR = "#COLOR#"; - private static String MANDATEVISIBLE = "#MANDATEVISIBLE#"; - private static String MANDATECHECKED = "#MANDATECHECKED#"; - + private static String SERVLET = CONTEXTPATH+"/GenerateIframeTemplate"; private static String getTemplate() { @@ -107,24 +99,8 @@ public class LoginFormBuilder { value = value.replace(CONTEXTPATH, contextpath); value = value.replace(MOASESSIONID, moaSessionID); - String bgcolor = oaParam.getBKUSelectionBackGroundColor(); - if (MiscUtil.isNotEmpty(bgcolor)) { - value = value.replace(BACKGROUNDCOLOR, TEMPLATEBGCOLOR); - value = value.replace(COLOR, bgcolor); - } else - value = value.replace(BACKGROUNDCOLOR, ""); - - if (oaParam.isShowMandateCheckBox()) - value = value.replace(MANDATEVISIBLE, ""); - else - value = value.replace(MANDATEVISIBLE, TEMPLATEVISIBLE); - - if (oaParam.isOnlyMandateAllowed()) { - value = value.replace(MANDATECHECKED, TEMPLATECHECKED + " " + TEMPLATEDISABLED); - - } else - value = value.replace(MANDATECHECKED, ""); - + value = FormBuildUtils.customiceLayoutBKUSelection(value, oaParam); + } return value; } diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/builder/SendAssertionFormBuilder.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/builder/SendAssertionFormBuilder.java index cd8750ad0..1617ef796 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/builder/SendAssertionFormBuilder.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/builder/SendAssertionFormBuilder.java @@ -13,6 +13,7 @@ import org.apache.commons.io.IOUtils; import at.gv.egovernment.moa.id.config.auth.AuthConfigurationProvider; import at.gv.egovernment.moa.id.config.auth.OAAuthParameter; import at.gv.egovernment.moa.id.protocols.saml1.SAML1Protocol; +import at.gv.egovernment.moa.id.util.FormBuildUtils; import at.gv.egovernment.moa.logging.Logger; import at.gv.egovernment.moa.util.MiscUtil; @@ -97,13 +98,8 @@ public class SendAssertionFormBuilder { value = value.replace(OANAME, oaParam.getFriendlyName()); value = value.replace(CONTEXTPATH, contextpath); - String bgcolor = oaParam.getBKUSelectionBackGroundColor(); - if (MiscUtil.isNotEmpty(bgcolor)) { - value = value.replace(BACKGROUNDCOLOR, TEMPLATEBGCOLOR); - value = value.replace(COLOR, bgcolor); - } else - value = value.replace(BACKGROUNDCOLOR, ""); - + value = FormBuildUtils.customiceLayoutBKUSelection(value, oaParam); + } return value; } diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/builder/StartAuthenticationBuilder.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/builder/StartAuthenticationBuilder.java index c00aa38c5..3bc152ec8 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/builder/StartAuthenticationBuilder.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/builder/StartAuthenticationBuilder.java @@ -48,7 +48,7 @@ public class StartAuthenticationBuilder { //normal MOA-ID authentication Logger.debug("Starting normal MOA-ID authentication"); - String getIdentityLinkForm = AuthenticationServer.getInstance().startAuthentication(moasession, req.getScheme()); + String getIdentityLinkForm = AuthenticationServer.getInstance().startAuthentication(moasession, req); return getIdentityLinkForm; } diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/GenerateIFrameTemplateServlet.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/GenerateIFrameTemplateServlet.java index cdd5cd384..98ef78d53 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/GenerateIFrameTemplateServlet.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/GenerateIFrameTemplateServlet.java @@ -8,6 +8,8 @@ import javax.servlet.ServletException; import javax.servlet.http.HttpServletRequest; import javax.servlet.http.HttpServletResponse; +import org.apache.commons.lang.StringEscapeUtils; + import at.gv.egovernment.moa.id.auth.MOAIDAuthInitializer; import at.gv.egovernment.moa.id.auth.builder.StartAuthenticationBuilder; import at.gv.egovernment.moa.id.auth.data.AuthenticationSession; @@ -53,6 +55,8 @@ public class GenerateIFrameTemplateServlet extends AuthServlet { String useMandate = req.getParameter(PARAM_USEMANDATE); String ccc = req.getParameter(PARAM_CCC); String moasessionid = req.getParameter(PARAM_SESSIONID); + + moasessionid = StringEscapeUtils.escapeHtml(moasessionid); AuthenticationSession moasession = null; |