diff options
Diffstat (limited to 'id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/proxy/servlet/ProxyServlet.java')
-rw-r--r-- | id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/proxy/servlet/ProxyServlet.java | 88 |
1 files changed, 73 insertions, 15 deletions
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/proxy/servlet/ProxyServlet.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/proxy/servlet/ProxyServlet.java index ddaab7a28..f3f6c55c1 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/proxy/servlet/ProxyServlet.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/proxy/servlet/ProxyServlet.java @@ -30,6 +30,7 @@ import java.io.IOException; import java.io.InputStream; import java.io.OutputStream; import java.io.StringWriter; +import java.io.UnsupportedEncodingException; import java.net.HttpURLConnection; import java.util.Enumeration; import java.util.HashMap; @@ -54,6 +55,7 @@ import at.gv.egovernment.moa.id.BuildException; import at.gv.egovernment.moa.id.MOAIDException; import at.gv.egovernment.moa.id.ParseException; import at.gv.egovernment.moa.id.ServiceException; +import at.gv.egovernment.moa.id.auth.servlet.RedirectServlet; import at.gv.egovernment.moa.id.config.ConfigurationException; import at.gv.egovernment.moa.id.config.legacy.ConnectionParameter; import at.gv.egovernment.moa.id.config.proxy.OAConfiguration; @@ -72,6 +74,8 @@ import at.gv.egovernment.moa.id.util.MOAIDMessageProvider; import at.gv.egovernment.moa.id.util.SSLUtils; import at.gv.egovernment.moa.logging.Logger; import at.gv.egovernment.moa.util.Base64Utils; +import at.gv.egovernment.moa.util.MiscUtil; +import at.gv.egovernment.moa.util.URLEncoder; /** * Servlet requested for logging in at an online application, @@ -88,6 +92,8 @@ public class ProxyServlet extends HttpServlet { private static final String PARAM_TARGET = "Target"; /** Name of the Parameter for the SAMLArtifact */ private static final String PARAM_SAMLARTIFACT = "SAMLArtifact"; + /** Name of the Parameter for the ErrorMessage */ + private static final String PARAM_ERRORMASSAGE = "error"; /** Name of the Attribute for marking the session as authenticated*/ private static final String ATT_AUTHDATAFETCHED = "AuthDataFetched"; @@ -191,6 +197,13 @@ public class ProxyServlet extends HttpServlet { if (session.getAttribute(ATT_BROWSERREQU)==null) { + // read configuration data + ProxyConfigurationProvider proxyConf = ProxyConfigurationProvider.getInstance(); + OAProxyParameter oaParam = proxyConf.getOnlineApplicationParameter(urlRequested); + if (oaParam == null) { + throw new ProxyException("proxy.02", new Object[] { urlRequested }); + } + samlArtifact = req.getParameter(PARAM_SAMLARTIFACT); Logger.debug("moa-id-proxy login " + PARAM_SAMLARTIFACT + ": " + samlArtifact); // String target = req.getParameter(PARAM_TARGET); parameter given but not processed @@ -200,19 +213,26 @@ public class ProxyServlet extends HttpServlet { AuthenticationData authData; try { authData = new GetAuthenticationDataInvoker().getAuthenticationData(samlArtifact); + } catch (ServiceException ex) { - throw new ProxyException("proxy.14", new Object[] {ex.getMessage()}, ex); + throw new ProxyException("proxy.14", new Object[] {ex.getMessage()}, ex); + } catch (ProxyException ex) { throw new ProxyException("proxy.14", new Object[] {ex.getMessage()}, ex); - } + + } catch (MOAIDException ex) { + String errorURL = oaParam.getErrorRedirctURL(); + if (MiscUtil.isNotEmpty(errorURL)) { + generateErrorAndRedirct(resp, errorURL, ex.getMessage()); + return; + + } else { + Logger.info("No ErrorRedirectURL defined. The error is shown on MOA-ID Proxy errorpage."); + throw new ProxyException("proxy.14", new Object[] {ex.getMessage()}, ex); + } + } session.setAttribute(ATT_AUTHDATAFETCHED, "true"); - - // read configuration data - ProxyConfigurationProvider proxyConf = ProxyConfigurationProvider.getInstance(); - OAProxyParameter oaParam = proxyConf.getOnlineApplicationParameter(urlRequested); - if (oaParam == null) { - throw new ProxyException("proxy.02", new Object[] { urlRequested }); - } + publicURLPrefix = oaParam.getPublicURLPrefix(); Logger.debug("OA: " + publicURLPrefix); oaConf = oaParam.getOaConfiguration(); @@ -257,17 +277,32 @@ public class ProxyServlet extends HttpServlet { loginHeaders.remove("param3"); } } catch (LoginParameterResolverException ex) { - throw new ProxyException("proxy.13", new Object[] { publicURLPrefix }); + String errorURL = oaParam.getErrorRedirctURL(); + if (MiscUtil.isNotEmpty(errorURL)) { + generateErrorAndRedirct(resp, errorURL, + MOAIDMessageProvider.getInstance().getMessage("proxy.13", + new Object[] { publicURLPrefix })); + return; + + } else + throw new ProxyException("proxy.13", new Object[] { publicURLPrefix }); + } catch (NotAllowedException e) { - throw new ProxyException("proxy.15", new Object[] { }); + String errorURL = oaParam.getErrorRedirctURL(); + if (MiscUtil.isNotEmpty(errorURL)) { + generateErrorAndRedirct(resp, errorURL, + MOAIDMessageProvider.getInstance().getMessage("proxy.15", + new Object[] { })); + return; + + } else + throw new ProxyException("proxy.15", new Object[] { }); } // setup SSLSocketFactory for communication with the online application if (oaConnParam.isHTTPSURL()) { - try { - - //TODO: einkommentieren!!!! - //ssf = SSLUtils.getSSLSocketFactory(proxyConf, oaConnParam); + try { + ssf = SSLUtils.getSSLSocketFactory(proxyConf, oaConnParam); } catch (Throwable ex) { throw new ProxyException( "proxy.05", @@ -923,5 +958,28 @@ private static void copyStream(InputStream source, OutputStream destination, byt } } +private static void generateErrorAndRedirct(HttpServletResponse resp, String errorURL, String message) { + try { + errorURL = addURLParameter(errorURL, PARAM_ERRORMASSAGE, + URLEncoder.encode(message, "UTF-8")); + + } catch (UnsupportedEncodingException e) { + errorURL = addURLParameter(errorURL, PARAM_ERRORMASSAGE, "Fehlermeldung%20konnte%20nicht%20%C3%BCbertragen%20werden."); + } + + errorURL = resp.encodeRedirectURL(errorURL); + resp.setContentType("text/html"); + resp.setStatus(302); + resp.addHeader("Location", errorURL); +} + +protected static String addURLParameter(String url, String paramname, + String paramvalue) { + String param = paramname + "=" + paramvalue; + if (url.indexOf("?") < 0) + return url + "?" + param; + else + return url + "&" + param; +} } |