diff options
Diffstat (limited to 'id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth')
7 files changed, 46 insertions, 38 deletions
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/AuthenticationServer.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/AuthenticationServer.java index c2eefa3d8..8d2684c9b 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/AuthenticationServer.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/AuthenticationServer.java @@ -11,6 +11,7 @@ import java.io.ByteArrayInputStream; import java.io.IOException; import java.io.InputStream; import java.io.StringWriter; +import java.io.UnsupportedEncodingException; import java.math.BigInteger; import java.security.NoSuchAlgorithmException; import java.security.Principal; @@ -1663,7 +1664,7 @@ public class AuthenticationServer implements MOAIDAuthConstants { SZRGWClient client = new SZRGWClient(connectionParameters); CreateIdentityLinkRequest request = new CreateIdentityLinkRequest(); - request.setSignature(citizenSignature.getBytes()); + request.setSignature(citizenSignature.getBytes("UTF-8")); PEPSData data = new PEPSData(); data.setDateOfBirth(PEPSDateOfBirth); @@ -1711,6 +1712,8 @@ public class AuthenticationServer implements MOAIDAuthConstants { catch (ConfigurationException e) { Logger.warn(e); Logger.warn(MOAIDMessageProvider.getInstance().getMessage("config.12", null )); + } catch (UnsupportedEncodingException e) { + Logger.warn(e); } return null; @@ -1912,7 +1915,7 @@ public class AuthenticationServer implements MOAIDAuthConstants { template.merge(context, writer); resp.setContentType("text/html;charset=UTF-8"); - resp.getOutputStream().write(writer.toString().getBytes()); + resp.getOutputStream().write(writer.toString().getBytes("UTF-8")); } catch (Exception e) { Logger.error("Error sending STORK SAML AuthnRequest.", e); diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/builder/StartAuthenticationBuilder.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/builder/StartAuthenticationBuilder.java index 9f2d5b641..484fe1f9e 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/builder/StartAuthenticationBuilder.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/builder/StartAuthenticationBuilder.java @@ -56,7 +56,7 @@ public class StartAuthenticationBuilder { STORKConfig storkConfig = AuthConfigurationProvider.getInstance().getStorkConfig(); - Logger.info("Starting authentication for a citizen of country: " + (StringUtils.isEmpty(moasession.getCcc()) ? "AT" : moasession.getCcc())); + Logger.info("Starting authentication for a citizen of country: " + (StringUtils.isEmpty(moasession.getCcc()) ? "AT" : moasession.getCcc())); // STORK or normal authentication if (storkConfig.isSTORKAuthentication(moasession.getCcc())) { //STORK authentication diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/GetForeignIDServlet.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/GetForeignIDServlet.java index f11489dd2..bbc704f22 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/GetForeignIDServlet.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/GetForeignIDServlet.java @@ -161,7 +161,6 @@ public class GetForeignIDServlet extends AuthServlet { AuthenticationSession session = null;
try {
String xmlCreateXMLSignatureResponse = (String)parameters.get(PARAM_XMLRESPONSE);
-
// check parameter
if (!ParamValidatorUtils.isValidSessionID(sessionID))
throw new WrongParametersException("GetForeignID", PARAM_SESSIONID, "auth.12");
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/PEPSConnectorServlet.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/PEPSConnectorServlet.java index 0ba144b80..2d49eb809 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/PEPSConnectorServlet.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/PEPSConnectorServlet.java @@ -270,7 +270,7 @@ public class PEPSConnectorServlet extends AuthServlet { for(Object currentX509Data : ((JAXBElement<X509DataType>) current).getValue().getX509IssuerSerialOrX509SKIOrX509SubjectName()) {
JAXBElement<?> casted = ((JAXBElement<?>) currentX509Data);
if(casted.getName().getLocalPart().equals("X509Certificate")) {
- moaSession.setSignerCertificate(new X509Certificate(((String)casted.getValue()).getBytes()));
+ moaSession.setSignerCertificate(new X509Certificate(((String)casted.getValue()).getBytes("UTF-8")));
break;
}
}
@@ -339,7 +339,7 @@ public class PEPSConnectorServlet extends AuthServlet { StringWriter writer = new StringWriter();
template.merge(context, writer);
- response.getOutputStream().write(writer.toString().getBytes());
+ response.getOutputStream().write(writer.toString().getBytes("UTF-8"));
} catch (Exception e1) {
Logger.error("Error sending gender retrival form.", e1);
// httpSession.invalidate();
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/PEPSConnectorWithLocalSigningServlet.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/PEPSConnectorWithLocalSigningServlet.java index ee0ae4b87..dfb2753ec 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/PEPSConnectorWithLocalSigningServlet.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/PEPSConnectorWithLocalSigningServlet.java @@ -233,7 +233,7 @@ public class PEPSConnectorWithLocalSigningServlet extends AuthServlet { StringWriter writer = new StringWriter(); template.merge(context, writer); - response.getOutputStream().write(writer.toString().getBytes()); + response.getOutputStream().write(writer.toString().getBytes("UTF-8")); } catch (Exception e1) { Logger.error("Error sending gender retrival form.", e1); // httpSession.invalidate(); @@ -505,7 +505,7 @@ public class PEPSConnectorWithLocalSigningServlet extends AuthServlet { StringWriter writer = new StringWriter(); template.merge(context, writer); - response.getOutputStream().write(writer.toString().getBytes()); + response.getOutputStream().write(writer.toString().getBytes("UTF-8")); } catch (Exception e1) { Logger.error("Error sending gender retrival form.", e1); // httpSession.invalidate(); @@ -576,7 +576,7 @@ public class PEPSConnectorWithLocalSigningServlet extends AuthServlet { StringWriter writer = new StringWriter(); template.merge(context, writer); - resp.getOutputStream().write(writer.toString().getBytes()); + resp.getOutputStream().write(writer.toString().getBytes("UTF-8")); } catch (Exception e) { Logger.error("Error sending DSS signrequest.", e); throw new MOAIDException("stork.11", null); @@ -615,7 +615,7 @@ public class PEPSConnectorWithLocalSigningServlet extends AuthServlet { return citizenSignature; } - private X509Certificate getSignerCertificate(String citizenSignature) throws CertificateException, JAXBException + private X509Certificate getSignerCertificate(String citizenSignature) throws CertificateException, JAXBException, UnsupportedEncodingException { JAXBContext ctx = JAXBContext.newInstance(SignatureType.class.getPackage().getName()); SignatureType root = ((JAXBElement<SignatureType>) ctx.createUnmarshaller().unmarshal(IOUtils.toInputStream(citizenSignature))).getValue(); @@ -626,7 +626,7 @@ public class PEPSConnectorWithLocalSigningServlet extends AuthServlet { for(Object currentX509Data : ((JAXBElement<X509DataType>) current).getValue().getX509IssuerSerialOrX509SKIOrX509SubjectName()) { JAXBElement<?> casted = ((JAXBElement<?>) currentX509Data); if(casted.getName().getLocalPart().equals("X509Certificate")) { - return new X509Certificate(((String)casted.getValue()).getBytes()); + return new X509Certificate(((String)casted.getValue()).getBytes("UTF-8")); } } } diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/VerifyAuthenticationBlockServlet.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/VerifyAuthenticationBlockServlet.java index 98edf1fe4..e7fa9cbd7 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/VerifyAuthenticationBlockServlet.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/VerifyAuthenticationBlockServlet.java @@ -207,7 +207,7 @@ public class VerifyAuthenticationBlockServlet extends AuthServlet { //System.out.println("IDL: " + s); - byte[] idl = s.getBytes(); + byte[] idl = s.getBytes("UTF-8"); // redirect url // build redirect(to the GetMISSessionIdSerlvet) @@ -238,7 +238,7 @@ public class VerifyAuthenticationBlockServlet extends AuthServlet { String oaFriendlyName = oaParam.getFriendlyName(); String mandateReferenceValue = session.getMandateReferenceValue(); byte[] cert = session.getEncodedSignerCertificate(); - byte[] authBlock = session.getAuthBlock().getBytes(); + byte[] authBlock = session.getAuthBlock().getBytes("UTF-8"); //TODO: check in case of SSO!!! String targetType = null; diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/stork/STORKResponseProcessor.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/stork/STORKResponseProcessor.java index 2c8b44404..46fd06741 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/stork/STORKResponseProcessor.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/stork/STORKResponseProcessor.java @@ -105,13 +105,19 @@ public class STORKResponseProcessor { * @throws STORKException the sTORK exception
*/
private static String getAttributeValue(String attributeName, IPersonalAttributeList attributeList) throws STORKException {
+ return getAttributeValue(attributeName, attributeList, true);
+ }
+ private static String getAttributeValue(String attributeName, IPersonalAttributeList attributeList, boolean throwException) throws STORKException {
try {
String result = attributeList.get(attributeName).getValue().get(0);
Logger.trace(attributeName + " : " + result);
return result;
- } catch(NullPointerException e) {
+ } catch(Exception e) {
Logger.error(attributeName + " not found in response");
- throw new STORKException(attributeName + " not found in response");
+ if(throwException)
+ throw new STORKException(attributeName + " not found in response");
+ else
+ return null;
}
}
@@ -137,29 +143,29 @@ public class STORKResponseProcessor { // if there is no signedDoc attribute, we cannot go on
String citizenSignature = getAttributeValue("signedDoc", attributeList);
- String fiscalNumber = getAttributeValue("fiscalNumber", attributeList);
+ String fiscalNumber = getAttributeValue("fiscalNumber", attributeList, false);
// if we have a signedDoc we test for a representation case
// - according to stork samlengine and commons
if(hasAttribute("mandate", attributeList)) {
// we have a representation case
- String mandate = getAttributeValue("mandate", attributeList);
+ String mandate = getAttributeValue("mandate", attributeList, false);
if(!hasAttribute("dateOfBirth", attributeList)) {
// if we get here, we have a natural person representing a legal person
- String organizationAddress = getAttributeValue("canonicalRegisteredAddress", attributeList);
- String organizationType = getAttributeValue("translateableType", attributeList);
+ String organizationAddress = getAttributeValue("canonicalRegisteredAddress", attributeList, false);
+ String organizationType = getAttributeValue("translateableType", attributeList, false);
identityLinkResponse = AuthenticationServer.getInstance().getIdentityLink(citizenSignature, null, null, mandate, organizationAddress, organizationType, targetType, targetValue, oaFriendlyName, filters, fiscalNumber);
} else {
// if we get here, we have a natural person representing another natural person
- String eIdentifier = getAttributeValue("eIdentifier", attributeList);
- String givenName = getAttributeValue("givenName", attributeList);
- String lastName = getAttributeValue("surname", attributeList);
- String dateOfBirth = getAttributeValue("dateOfBirth", attributeList);
+ String eIdentifier = getAttributeValue("eIdentifier", attributeList, false);
+ String givenName = getAttributeValue("givenName", attributeList, false);
+ String lastName = getAttributeValue("surname", attributeList, false);
+ String dateOfBirth = getAttributeValue("dateOfBirth", attributeList, false);
// gender attribute is mandatory here because of some legal stuff
- String gender = getAttributeValue("gender", attributeList);
+ String gender = getAttributeValue("gender", attributeList, false);
if (!StringUtils.isEmpty(dateOfBirth))
dateOfBirth = DateTimeUtils.formatPEPSDateToMOADate(dateOfBirth);
@@ -172,25 +178,25 @@ public class STORKResponseProcessor { // - according to stork spec
else if(hasAttribute("mandateContent", attributeList) || hasAttribute("representative", attributeList) || hasAttribute("represented", attributeList)) {
// we have a representation case
- String representative = getAttributeValue("representative", attributeList);
- String represented = getAttributeValue("represented", attributeList);
- String mandate = getAttributeValue("mandateContent", attributeList);
+ String representative = getAttributeValue("representative", attributeList, false);
+ String represented = getAttributeValue("represented", attributeList, false);
+ String mandate = getAttributeValue("mandateContent", attributeList, false);
if(!hasAttribute("dateOfBirth", attributeList)) {
// if we get here, we have a natural person representing a legal person
- String organizationAddress = getAttributeValue("canonicalRegisteredAddress", attributeList);
- String organizationType = getAttributeValue("translateableType", attributeList);
+ String organizationAddress = getAttributeValue("canonicalRegisteredAddress", attributeList, false);
+ String organizationType = getAttributeValue("translateableType", attributeList, false);
identityLinkResponse = AuthenticationServer.getInstance().getIdentityLink(citizenSignature, representative, represented, mandate, organizationAddress, organizationType, targetType, targetValue, oaFriendlyName, filters, fiscalNumber);
} else {
// if we get here, we have a natural person representing another natural person
- String eIdentifier = getAttributeValue("eIdentifier", attributeList);
- String givenName = getAttributeValue("givenName", attributeList);
- String lastName = getAttributeValue("surname", attributeList);
- String dateOfBirth = getAttributeValue("dateOfBirth", attributeList);
+ String eIdentifier = getAttributeValue("eIdentifier", attributeList, false);
+ String givenName = getAttributeValue("givenName", attributeList, false);
+ String lastName = getAttributeValue("surname", attributeList, false);
+ String dateOfBirth = getAttributeValue("dateOfBirth", attributeList, false);
// gender attribute is mandatory here because of some legal stuff
- String gender = getAttributeValue("gender", attributeList);
+ String gender = getAttributeValue("gender", attributeList, false);
if (!StringUtils.isEmpty(dateOfBirth))
dateOfBirth = DateTimeUtils.formatPEPSDateToMOADate(dateOfBirth);
@@ -201,10 +207,10 @@ public class STORKResponseProcessor { }
} else {
// we do not have a representation case
- String eIdentifier = getAttributeValue("eIdentifier", attributeList);
- String givenName = getAttributeValue("givenName", attributeList);
- String lastName = getAttributeValue("surname", attributeList);
- String dateOfBirth = getAttributeValue("dateOfBirth", attributeList);
+ String eIdentifier = getAttributeValue("eIdentifier", attributeList, false);
+ String givenName = getAttributeValue("givenName", attributeList, false);
+ String lastName = getAttributeValue("surname", attributeList, false);
+ String dateOfBirth = getAttributeValue("dateOfBirth", attributeList, false);
if (!StringUtils.isEmpty(dateOfBirth))
dateOfBirth = DateTimeUtils.formatPEPSDateToMOADate(dateOfBirth);
identityLinkResponse = AuthenticationServer.getInstance().getIdentityLink(eIdentifier, givenName, lastName, dateOfBirth, citizenSignature, fiscalNumber);
|