diff options
Diffstat (limited to 'id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth')
7 files changed, 156 insertions, 243 deletions
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/AuthenticationServer.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/AuthenticationServer.java index b05c1494a..ff33c37ab 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/AuthenticationServer.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/AuthenticationServer.java @@ -315,12 +315,18 @@ public class AuthenticationServer implements MOAIDAuthConstants { appletwidth = StringEscapeUtils.escapeHtml(appletwidth); - //TODO: cleanup before MOA-ID 2.1 release - String htmlForm = new GetIdentityLinkFormBuilder().build(template, - session.getBkuURL(), infoboxReadRequest, dataURL, null, - null, pushInfobox, oaParam, appletheigth, appletwidth); - - return htmlForm; + //TODO: cleanup before MOA-ID 2.1 release + try { + String htmlForm = new GetIdentityLinkFormBuilder().build(template, + session.getBkuURL(), infoboxReadRequest, dataURL, null, + null, pushInfobox, oaParam, appletheigth, appletwidth); + + return htmlForm; + + } catch (BuildException e) { + throw new BuildException("builder.07", null, e); + + } } /** @@ -525,16 +531,16 @@ public class AuthenticationServer implements MOAIDAuthConstants { } catch (SAXException e) { - throw new AuthenticationException("auth.16", + throw new AuthenticationException("auth.15", new Object[]{GET_MIS_SESSIONID}, e); } catch (IOException e) { - throw new AuthenticationException("auth.16", + throw new AuthenticationException("auth.15", new Object[]{GET_MIS_SESSIONID}, e); } catch (ParserConfigurationException e) { - throw new AuthenticationException("auth.16", + throw new AuthenticationException("auth.15", new Object[]{GET_MIS_SESSIONID}, e); } catch (TransformerException e) { - throw new AuthenticationException("auth.16", + throw new AuthenticationException("auth.15", new Object[]{GET_MIS_SESSIONID}, e); } @@ -554,9 +560,9 @@ public class AuthenticationServer implements MOAIDAuthConstants { OAAuthParameter oaParam) throws ConfigurationException, BuildException, ValidateException { - // check for intermediate processing of the infoboxes - if (session.isValidatorInputPending()) - return "Redirect to Input Processor"; +// // check for intermediate processing of the infoboxes +// if (session.isValidatorInputPending()) +// return "Redirect to Input Processor"; if (authConf == null) authConf = AuthConfigurationProvider.getInstance(); @@ -612,9 +618,9 @@ public class AuthenticationServer implements MOAIDAuthConstants { OAAuthParameter oaParam, X509Certificate cert) throws ConfigurationException { - // check for intermediate processing of the infoboxes - if (session.isValidatorInputPending()) - return "Redirect to Input Processor"; +// // check for intermediate processing of the infoboxes +// if (session.isValidatorInputPending()) +// return "Redirect to Input Processor"; if (authConf == null) authConf = AuthConfigurationProvider.getInstance(); @@ -1239,44 +1245,44 @@ public class AuthenticationServer implements MOAIDAuthConstants { throw e; } - // post processing of the infoboxes - Iterator iter = session.getInfoboxValidatorIterator(); - boolean formpending = false; - if (iter != null) { - while (!formpending && iter.hasNext()) { - Vector infoboxValidatorVector = (Vector) iter.next(); - String identifier = (String) infoboxValidatorVector.get(0); - String friendlyName = (String) infoboxValidatorVector.get(1); - InfoboxValidator infoboxvalidator = (InfoboxValidator) infoboxValidatorVector - .get(2); - InfoboxValidationResult infoboxValidationResult = null; - try { - infoboxValidationResult = infoboxvalidator.validate(csresp - .getSamlAssertion()); - } catch (ValidateException e) { - Logger.error("Error validating " + identifier + " infobox:" - + e.getMessage()); - throw new ValidateException("validator.44", - new Object[]{friendlyName}); - } - if (!infoboxValidationResult.isValid()) { - Logger.info("Validation of " + identifier - + " infobox failed."); - throw new ValidateException("validator.40", new Object[]{ - friendlyName, - infoboxValidationResult.getErrorMessage()}); - } - String form = infoboxvalidator.getForm(); - if (ParepUtils.isEmpty(form)) { - AddAdditionalSAMLAttributes( - session, - infoboxValidationResult.getExtendedSamlAttributes(), - identifier, friendlyName); - } else { - return "Redirect to Input Processor"; - } - } - } +// // post processing of the infoboxes +// Iterator iter = session.getInfoboxValidatorIterator(); +// boolean formpending = false; +// if (iter != null) { +// while (!formpending && iter.hasNext()) { +// Vector infoboxValidatorVector = (Vector) iter.next(); +// String identifier = (String) infoboxValidatorVector.get(0); +// String friendlyName = (String) infoboxValidatorVector.get(1); +// InfoboxValidator infoboxvalidator = (InfoboxValidator) infoboxValidatorVector +// .get(2); +// InfoboxValidationResult infoboxValidationResult = null; +// try { +// infoboxValidationResult = infoboxvalidator.validate(csresp +// .getSamlAssertion()); +// } catch (ValidateException e) { +// Logger.error("Error validating " + identifier + " infobox:" +// + e.getMessage()); +// throw new ValidateException("validator.44", +// new Object[]{friendlyName}); +// } +// if (!infoboxValidationResult.isValid()) { +// Logger.info("Validation of " + identifier +// + " infobox failed."); +// throw new ValidateException("validator.40", new Object[]{ +// friendlyName, +// infoboxValidationResult.getErrorMessage()}); +// } +// String form = infoboxvalidator.getForm(); +// if (ParepUtils.isEmpty(form)) { +// AddAdditionalSAMLAttributes( +// session, +// infoboxValidationResult.getExtendedSamlAttributes(), +// identifier, friendlyName); +// } else { +// return "Redirect to Input Processor"; +// } +// } +// } session.setXMLVerifySignatureResponse(vsresp); session.setSignerCertificate(vsresp.getX509certificate()); @@ -1397,44 +1403,44 @@ public class AuthenticationServer implements MOAIDAuthConstants { throw new AuthenticationException("auth.10", new Object[]{ REQ_VERIFY_AUTH_BLOCK, PARAM_SESSIONID}); - // post processing of the infoboxes - Iterator iter = session.getInfoboxValidatorIterator(); - boolean formpending = false; - if (iter != null) { - while (!formpending && iter.hasNext()) { - Vector infoboxValidatorVector = (Vector) iter.next(); - String identifier = (String) infoboxValidatorVector.get(0); - String friendlyName = (String) infoboxValidatorVector.get(1); - InfoboxValidator infoboxvalidator = (InfoboxValidator) infoboxValidatorVector - .get(2); - InfoboxValidationResult infoboxValidationResult = null; - try { - infoboxValidationResult = infoboxvalidator.validate(session - .getIdentityLink().getSamlAssertion()); - } catch (ValidateException e) { - Logger.error("Error validating " + identifier + " infobox:" - + e.getMessage()); - throw new ValidateException("validator.44", - new Object[]{friendlyName}); - } - if (!infoboxValidationResult.isValid()) { - Logger.info("Validation of " + identifier - + " infobox failed."); - throw new ValidateException("validator.40", new Object[]{ - friendlyName, - infoboxValidationResult.getErrorMessage()}); - } - String form = infoboxvalidator.getForm(); - if (ParepUtils.isEmpty(form)) { - AddAdditionalSAMLAttributes( - session, - infoboxValidationResult.getExtendedSamlAttributes(), - identifier, friendlyName); - } else { - return "Redirect to Input Processor"; - } - } - } +// // post processing of the infoboxes +// Iterator iter = session.getInfoboxValidatorIterator(); +// boolean formpending = false; +// if (iter != null) { +// while (!formpending && iter.hasNext()) { +// Vector infoboxValidatorVector = (Vector) iter.next(); +// String identifier = (String) infoboxValidatorVector.get(0); +// String friendlyName = (String) infoboxValidatorVector.get(1); +// InfoboxValidator infoboxvalidator = (InfoboxValidator) infoboxValidatorVector +// .get(2); +// InfoboxValidationResult infoboxValidationResult = null; +// try { +// infoboxValidationResult = infoboxvalidator.validate(session +// .getIdentityLink().getSamlAssertion()); +// } catch (ValidateException e) { +// Logger.error("Error validating " + identifier + " infobox:" +// + e.getMessage()); +// throw new ValidateException("validator.44", +// new Object[]{friendlyName}); +// } +// if (!infoboxValidationResult.isValid()) { +// Logger.info("Validation of " + identifier +// + " infobox failed."); +// throw new ValidateException("validator.40", new Object[]{ +// friendlyName, +// infoboxValidationResult.getErrorMessage()}); +// } +// String form = infoboxvalidator.getForm(); +// if (ParepUtils.isEmpty(form)) { +// AddAdditionalSAMLAttributes( +// session, +// infoboxValidationResult.getExtendedSamlAttributes(), +// identifier, friendlyName); +// } else { +// return "Redirect to Input Processor"; +// } +// } +// } VerifyXMLSignatureResponse vsresp = new VerifyXMLSignatureResponse(); X509Certificate cert = session.getSignerCertificate(); diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/data/AuthenticationSession.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/data/AuthenticationSession.java index 58412b218..c5ba49b2e 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/data/AuthenticationSession.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/data/AuthenticationSession.java @@ -203,10 +203,10 @@ public class AuthenticationSession implements Serializable { */ private List<ExtendedSAMLAttribute> extendedSAMLAttributesAUTH; - /** - * If infobox validators are needed after signing, they can be stored in this list. - */ - private List infoboxValidators; +// /** +// * If infobox validators are needed after signing, they can be stored in this list. +// */ +// private List infoboxValidators; /** * The register and number in the register parameter in case of a business service application. @@ -347,7 +347,7 @@ public class AuthenticationSession implements Serializable { public AuthenticationSession(String id) { sessionID = id; // setTimestampStart(); - infoboxValidators = new ArrayList(); +// infoboxValidators = new ArrayList(); } public X509Certificate getSignerCertificate() { @@ -712,15 +712,15 @@ public class AuthenticationSession implements Serializable { this.issueInstant = issueInstant; } - /** - * Returns the iterator to the stored infobox validators. - * - * @return Iterator - */ - public Iterator getInfoboxValidatorIterator() { - if (infoboxValidators == null) return null; - return infoboxValidators.iterator(); - } +// /** +// * Returns the iterator to the stored infobox validators. +// * +// * @return Iterator +// */ +// public Iterator getInfoboxValidatorIterator() { +// if (infoboxValidators == null) return null; +// return infoboxValidators.iterator(); +// } // /** // * Adds an infobox validator class to the stored infobox validators. @@ -744,23 +744,23 @@ public class AuthenticationSession implements Serializable { // return infoboxValidators.iterator(); // } - /** - * Tests for pending input events of the infobox validators. - * - * @return true if a validator has a form to show - */ - public boolean isValidatorInputPending() { - boolean result = false; - Iterator iter = getInfoboxValidatorIterator(); - if (iter != null) { - while (!result && iter.hasNext()) { - Vector infoboxValidatorVector = (Vector) iter.next(); - InfoboxValidator infoboxvalidator = (InfoboxValidator) infoboxValidatorVector.get(2); - if (!ParepUtils.isEmpty(infoboxvalidator.getForm())) result = true; - } - } - return result; - } +// /** +// * Tests for pending input events of the infobox validators. +// * +// * @return true if a validator has a form to show +// */ +// public boolean isValidatorInputPending() { +// boolean result = false; +// Iterator iter = getInfoboxValidatorIterator(); +// if (iter != null) { +// while (!result && iter.hasNext()) { +// Vector infoboxValidatorVector = (Vector) iter.next(); +// InfoboxValidator infoboxvalidator = (InfoboxValidator) infoboxValidatorVector.get(2); +// if (!ParepUtils.isEmpty(infoboxvalidator.getForm())) result = true; +// } +// } +// return result; +// } // /** // * Returns the first pending infobox validator. diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/exception/BKUException.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/exception/BKUException.java index f1d3b078e..9c2960c4c 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/exception/BKUException.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/exception/BKUException.java @@ -29,16 +29,6 @@ public class BKUException extends MOAIDException { private String bkuErrorCode; private String bkuErrorMessage; - public BKUException(String messageId, Object[] parameters) { - super(messageId, parameters); - - } - - - public BKUException(String messageId, Object[] parameters, Throwable wrapped) { - super(messageId, parameters, wrapped); - } - public BKUException(String messageId, Object[] parameters, String bkuErrorCode, String bkuErrorMessage) { super(messageId, parameters); diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/exception/MISSimpleClientException.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/exception/MISSimpleClientException.java index e26ab6597..c80cbea26 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/exception/MISSimpleClientException.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/exception/MISSimpleClientException.java @@ -46,6 +46,7 @@ package at.gv.egovernment.moa.id.auth.exception;
+
public class MISSimpleClientException extends MOAIDException {
private static final long serialVersionUID = 1L;
@@ -59,22 +60,16 @@ public class MISSimpleClientException extends MOAIDException { public MISSimpleClientException(String message) {
super(message, null);
- this.misErrorMessage = message;
}
public MISSimpleClientException(String message, String code, String text) {
- super(message, null);
+ super(message, new Object[] { code , text });
this.misErrorMessage = text;
this.misErrorCode = code;
}
- public MISSimpleClientException(Throwable cause) {
- super("UNDEFINED ERROR", null, cause);
- }
-
public MISSimpleClientException(String message, Throwable cause) {
super(message, null, cause);
- this.misErrorMessage = message;
}
/**
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/GetMISSessionIDServlet.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/GetMISSessionIDServlet.java index a776bbe9a..9e2e845b5 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/GetMISSessionIDServlet.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/GetMISSessionIDServlet.java @@ -65,7 +65,6 @@ import at.gv.egovernment.moa.id.auth.MOAIDAuthConstants; import at.gv.egovernment.moa.id.auth.builder.DataURLBuilder; import at.gv.egovernment.moa.id.auth.data.AuthenticationSession; import at.gv.egovernment.moa.id.auth.exception.AuthenticationException; -import at.gv.egovernment.moa.id.auth.exception.MISSimpleClientException; import at.gv.egovernment.moa.id.auth.exception.MOAIDException; import at.gv.egovernment.moa.id.auth.exception.WrongParametersException; import at.gv.egovernment.moa.id.commons.db.ConfigurationDBUtils; @@ -190,13 +189,9 @@ public class GetMISSessionIDServlet extends AuthServlet { List<MISMandate> list = MISSimpleClient.sendGetMandatesRequest( connectionParameters.getUrl(), misSessionID, sslFactory); - if (list == null) { + if (list == null || list.size() == 0) { Logger.error("Keine Vollmacht gefunden."); - throw new MISSimpleClientException("Keine Vollmacht gefunden"); - } - if (list.size() == 0) { - Logger.error("Keine Vollmacht gefunden."); - throw new MISSimpleClientException("Keine Vollmacht gefunden"); + throw new AuthenticationException("auth.15", null); } // for now: list contains only one element @@ -205,7 +200,7 @@ public class GetMISSessionIDServlet extends AuthServlet { String sMandate = new String(mandate.getMandate()); if (sMandate == null || sMandate.compareToIgnoreCase("") == 0) { Logger.error("Mandate is empty."); - throw new AuthenticationException("auth.16", + throw new AuthenticationException("auth.15", new Object[] { GET_MIS_SESSIONID }); } diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/VerifyAuthenticationBlockServlet.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/VerifyAuthenticationBlockServlet.java index 787dc6f10..c82d1168a 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/VerifyAuthenticationBlockServlet.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/VerifyAuthenticationBlockServlet.java @@ -227,7 +227,7 @@ public class VerifyAuthenticationBlockServlet extends AuthServlet { if (profiles == null) { Logger.error("No Mandate/Profile for OA configured."); - throw new AuthenticationException("auth.16", new Object[] { GET_MIS_SESSIONID}); + throw new AuthenticationException("config.21", new Object[] { GET_MIS_SESSIONID}); } // String profilesArray[] = profiles.split(","); @@ -323,78 +323,5 @@ public class VerifyAuthenticationBlockServlet extends AuthServlet { } } - - /** - * Calls the MIS Service - * @param session - * @throws IOException - */ -// private void callMISService(AuthenticationSession session, HttpServletRequest req, HttpServletResponse resp) throws IOException { -// -// try { -// AuthConfigurationProvider authConf= AuthConfigurationProvider.getInstance(); -// ConnectionParameter connectionParameters = authConf.getOnlineMandatesConnectionParameter(); -// SSLSocketFactory sslFactory = SSLUtils.getSSLSocketFactory(AuthConfigurationProvider.getInstance(), connectionParameters); -// -// // get identitity link as byte[] -// Element elem = session.getIdentityLink().getSamlAssertion(); -// String s = DOMUtils.serializeNode(elem); -// -// System.out.println("IDL: " + s); -// -// byte[] idl = s.getBytes(); -// -// // redirect url -// // build redirect(to the GetMISSessionIdSerlvet) -// String redirectURL = -// new DataURLBuilder().buildDataURL( -// session.getAuthURL(), -// GET_MIS_SESSIONID, -// session.getSessionID()); -// -// String oaURL = session.getOAURLRequested(); -// OAAuthParameter oaParam = authConf.getOnlineApplicationParameter(oaURL); -// String profiles = oaParam.getMandateProfiles(); -// -// if (profiles == null) { -// Logger.error("No Mandate/Profile for OA configured."); -// throw new AuthenticationException("auth.16", new Object[] { GET_MIS_SESSIONID}); -// } -// -// String profilesArray[] = profiles.split(","); -// for(int i = 0; i < profilesArray.length; i++) { -// profilesArray[i] = profilesArray[i].trim(); -// } -// -// String oaFriendlyName = oaParam.getFriendlyName(); -// String mandateReferenceValue = session.getMandateReferenceValue(); -// X509Certificate cert = session.getSignerCertificate(); -// MISSessionId misSessionID = MISSimpleClient.sendSessionIdRequest(connectionParameters.getUrl(), idl, cert.getEncoded(), oaFriendlyName, redirectURL, mandateReferenceValue, profilesArray, sslFactory); -// String redirectMISGUI = misSessionID.getRedirectURL(); -// -// if (misSessionID == null) { -// Logger.error("Fehler bei Anfrage an Vollmachten Service. MIS Session ID ist null."); -// throw new MISSimpleClientException("Fehler bei Anfrage an Vollmachten Service."); -// } -// -// session.setMISSessionID(misSessionID.getSessiondId()); -// -// resp.setStatus(302); -// resp.addHeader("Location", redirectMISGUI); -// Logger.debug("REDIRECT TO: " + redirectURL); -// } -// catch (MOAIDException ex) { -// handleError(null, ex, req, resp); -// } catch (GeneralSecurityException ex) { -// handleError(null, ex, req, resp); -// } catch (PKIException e) { -// handleError(null, e, req, resp); -// } catch (MISSimpleClientException e) { -// handleError(null, e, req, resp); -// } catch (TransformerException e) { -// handleError(null, e, req, resp); -// } -// } - } diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/validator/parep/ParepUtils.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/validator/parep/ParepUtils.java index 5483b865e..0e2251f21 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/validator/parep/ParepUtils.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/validator/parep/ParepUtils.java @@ -113,27 +113,27 @@ public class ParepUtils { }
}
- /*
- *
- */
- public static String extractRepresentativeID(Element mandate) throws ValidateException {
- try {
- Element nameSpaceNode = mandate.getOwnerDocument().createElement("NameSpaceNode");
- nameSpaceNode.setAttribute("xmlns:md", SZRGWConstants.MANDATE_NS);
- Node resultNode = XPathAPI.selectSingleNode(mandate, "//md:Mandate/attribute::MandateID", nameSpaceNode);
- if (resultNode != null) {
- // because following line is not ready for JDK 1.4.x we need to get the childnode;
- // return resultNode.getTextContent();
- Node textNode = resultNode.getFirstChild();
- if (textNode != null) {
- return textNode.getNodeValue();
- }
- }
- return null;
- } catch (Exception e) {
- throw new ValidateException("validator.62", null);
- }
- }
+// /*
+// *
+// */
+// public static String extractRepresentativeID(Element mandate) throws ValidateException {
+// try {
+// Element nameSpaceNode = mandate.getOwnerDocument().createElement("NameSpaceNode");
+// nameSpaceNode.setAttribute("xmlns:md", SZRGWConstants.MANDATE_NS);
+// Node resultNode = XPathAPI.selectSingleNode(mandate, "//md:Mandate/attribute::MandateID", nameSpaceNode);
+// if (resultNode != null) {
+// // because following line is not ready for JDK 1.4.x we need to get the childnode;
+// // return resultNode.getTextContent();
+// Node textNode = resultNode.getFirstChild();
+// if (textNode != null) {
+// return textNode.getNodeValue();
+// }
+// }
+// return null;
+// } catch (Exception e) {
+// throw new ValidateException("validator.62", null);
+// }
+// }
/**
|