1 files changed, 69 insertions, 183 deletions

diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/util/ServletUtils.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/util/ServletUtils.java
index 3dbc0ab7b..a4d79ac05 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/util/ServletUtils.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/util/ServletUtils.java
@@ -1,183 +1,69 @@
-/*******************************************************************************

- * Copyright 2014 Federal Chancellery Austria

- * MOA-ID has been developed in a cooperation between BRZ, the Federal

- * Chancellery Austria - ICT staff unit, and Graz University of Technology.

- * 

- * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by

- * the European Commission - subsequent versions of the EUPL (the "Licence");

- * You may not use this work except in compliance with the Licence.

- * You may obtain a copy of the Licence at:

- * http://www.osor.eu/eupl/

- * 

- * Unless required by applicable law or agreed to in writing, software

- * distributed under the Licence is distributed on an "AS IS" basis,

- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.

- * See the Licence for the specific language governing permissions and

- * limitations under the Licence.

- * 

- * This product combines work with different licenses. See the "NOTICE" text

- * file for details on the various modules and licenses.

- * The "NOTICE" text file is part of the distribution. Any derivative works

- * that you distribute must include a readable copy of the "NOTICE" text file.

- ******************************************************************************/

-/*

- * Copyright 2003 Federal Chancellery Austria

- * MOA-ID has been developed in a cooperation between BRZ, the Federal

- * Chancellery Austria - ICT staff unit, and Graz University of Technology.

- *

- * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by

- * the European Commission - subsequent versions of the EUPL (the "Licence");

- * You may not use this work except in compliance with the Licence.

- * You may obtain a copy of the Licence at:

- * http://www.osor.eu/eupl/

- *

- * Unless required by applicable law or agreed to in writing, software

- * distributed under the Licence is distributed on an "AS IS" basis,

- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.

- * See the Licence for the specific language governing permissions and

- * limitations under the Licence.

- *

- * This product combines work with different licenses. See the "NOTICE" text

- * file for details on the various modules and licenses.

- * The "NOTICE" text file is part of the distribution. Any derivative works

- * that you distribute must include a readable copy of the "NOTICE" text file.

- */

-

-

-/**

- * 

- */

-package at.gv.egovernment.moa.id.util;

-

-import java.io.IOException;

-import java.io.OutputStream;

-import java.net.URLEncoder;

-

-import javax.servlet.http.HttpServletRequest;

-import javax.servlet.http.HttpServletResponse;

-

-import at.gv.egovernment.moa.id.auth.AuthenticationServer;

-import at.gv.egovernment.moa.id.auth.builder.DataURLBuilder;

-import at.gv.egovernment.moa.id.auth.data.AuthenticationSession;

-import at.gv.egovernment.moa.id.auth.exception.MOAIDException;

-import at.gv.egovernment.moa.logging.Logger;

-

-/**

- * @author <a href="mailto:peter.danner@egiz.gv.at">Peter Danner</a>

- *

- */

-public class ServletUtils {

-  

-  /**

-   * Writes out whether the CreateXMLSignatureRequest or a Redirect for form input processing 

-   * depending on the requests starting text.

-   * 

-   * @param resp The httpServletResponse

-   * @param session The current AuthenticationSession

-   * @param createXMLSignatureRequestOrRedirect The request

-   * @param servletGoal The servlet to which the redirect should happen

-   * @param servletName The servlet name for debug purposes

-   * @throws MOAIDException

-   * @throws IOException

-   */

-  public static void writeCreateXMLSignatureRequestOrRedirect(HttpServletResponse resp, AuthenticationSession session, String createXMLSignatureRequestOrRedirect, String servletGoal, String servletName) 

-  throws MOAIDException,

-         IOException

-  { 

-    if (!createXMLSignatureRequestOrRedirect.startsWith("Redirect")) {

-      resp.setStatus(307);

-      String dataURL = new DataURLBuilder().buildDataURL(

-        session.getAuthURL(), AuthenticationServer.REQ_VERIFY_AUTH_BLOCK, session.getSessionID());

-      resp.addHeader("Location", dataURL);

-      

-      //TODO test impact of explicit setting charset with older versions of BKUs (HotSign)

-      resp.setContentType("text/xml;charset=UTF-8");

-      

-      OutputStream out = resp.getOutputStream();

-      out.write(createXMLSignatureRequestOrRedirect.getBytes("UTF-8"));

-      out.flush();

-      out.close();

-      Logger.debug("Finished POST " + servletName);

-      

-    } else {

-      String redirectURL = new DataURLBuilder().buildDataURL(session.getAuthURL(), servletGoal, session.getSessionID());

-      resp.setContentType("text/html");

-      resp.setStatus(302);

-      resp.addHeader("Location", redirectURL);

-      Logger.debug("REDIRECT TO: " + redirectURL);

-      

-    }

-  }

-  /**

-   * Writes out whether the CreateXMLSignatureRequest or a Redirect for form input processing 

-   * depending on the requests starting text.

-   * 

-   * @param resp The httpServletResponse

-   * @param createXMLSignatureRequestOrRedirect The request

-   * @param servletGoal The servlet to which the redirect should happen

-   * @param servletName The servlet name for debug purposes

-   * @throws MOAIDException

-   * @throws IOException

-   */

-  public static void writeCreateXMLSignatureRequest(HttpServletResponse resp, String createXMLSignatureRequestOrRedirect, String servletGoal, String servletName, String dataURL) 

-  throws MOAIDException,

-         IOException

-  { 

-      resp.setStatus(307);

-      resp.addHeader("Location", dataURL);

-      

-      //TODO test impact of explicit setting charset with older versions of BKUs (HotSign)

-      resp.setContentType("text/xml;charset=UTF-8");

-            

-      OutputStream out = resp.getOutputStream();

-      out.write(createXMLSignatureRequestOrRedirect.getBytes("UTF-8"));

-      out.flush();

-      out.close();

-      Logger.debug("Finished POST " + servletName);

-    

-  }

-

-  /**

-   * Writes out whether the CreateXMLSignatureRequest or a Redirect for form input processing 

-   * depending on the requests starting text.

-   * 

-   * @param resp The httpServletResponse

-   * @param session The current AuthenticationSession

-   * @param createXMLSignatureRequestOrRedirect The request

-   * @param servletGoal The servlet to which the redirect should happen

-   * @param servletName The servlet name for debug purposes

-   * @throws MOAIDException

-   * @throws IOException

-   */

-  public static void writeCreateXMLSignatureRequestURLEncoded(HttpServletResponse resp, AuthenticationSession session, String createXMLSignatureRequestOrRedirect, String servletGoal, String servletName, String dataURL) 

-  throws MOAIDException,

-         IOException { 

-	  resp.setStatus(200);

-	  Logger.debug("ContentType set to: application/x-www-form-urlencoded");

-	

-	  resp.setContentType("application/x-www-form-urlencoded");

-	  

-	  String content = "XMLRequest=" + URLEncoder.encode(createXMLSignatureRequestOrRedirect, "UTF-8") + "&" + 

-	  					"DataURL=" + URLEncoder.encode(dataURL, "UTF-8");

-      

-      OutputStream out = resp.getOutputStream();

-      out.write(content.getBytes("UTF-8"));

-      out.flush();

-      out.close();

-      Logger.debug("Finished POST " + servletName);

-    

-  }

-

-  public static String getBaseUrl( HttpServletRequest request ) {

-	    if ( ( request.getServerPort() == 80 ) ||

-	         ( request.getServerPort() == 443 ) )

-	      return request.getScheme() + "://" +

-	             request.getServerName() +

-	             request.getContextPath();

-	    else

-	      return request.getScheme() + "://" +

-	             request.getServerName() + ":" + request.getServerPort() +

-	             request.getContextPath();

-	  }

-  

-}

+/*******************************************************************************
+ * Copyright 2014 Federal Chancellery Austria
+ * MOA-ID has been developed in a cooperation between BRZ, the Federal
+ * Chancellery Austria - ICT staff unit, and Graz University of Technology.
+ * 
+ * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by
+ * the European Commission - subsequent versions of the EUPL (the "Licence");
+ * You may not use this work except in compliance with the Licence.
+ * You may obtain a copy of the Licence at:
+ * http://www.osor.eu/eupl/
+ * 
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the Licence is distributed on an "AS IS" basis,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the Licence for the specific language governing permissions and
+ * limitations under the Licence.
+ * 
+ * This product combines work with different licenses. See the "NOTICE" text
+ * file for details on the various modules and licenses.
+ * The "NOTICE" text file is part of the distribution. Any derivative works
+ * that you distribute must include a readable copy of the "NOTICE" text file.
+ ******************************************************************************/
+/*
+ * Copyright 2003 Federal Chancellery Austria
+ * MOA-ID has been developed in a cooperation between BRZ, the Federal
+ * Chancellery Austria - ICT staff unit, and Graz University of Technology.
+ *
+ * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by
+ * the European Commission - subsequent versions of the EUPL (the "Licence");
+ * You may not use this work except in compliance with the Licence.
+ * You may obtain a copy of the Licence at:
+ * http://www.osor.eu/eupl/
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the Licence is distributed on an "AS IS" basis,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the Licence for the specific language governing permissions and
+ * limitations under the Licence.
+ *
+ * This product combines work with different licenses. See the "NOTICE" text
+ * file for details on the various modules and licenses.
+ * The "NOTICE" text file is part of the distribution. Any derivative works
+ * that you distribute must include a readable copy of the "NOTICE" text file.
+ */
+
+
+/**
+ * 
+ */
+package at.gv.egovernment.moa.id.util;
+
+import javax.servlet.http.HttpServletRequest;
+
+public class ServletUtils {
+  
+	
+  public static String getBaseUrl( HttpServletRequest request ) {
+	    if ( ( request.getServerPort() == 80 ) ||
+	         ( request.getServerPort() == 443 ) )
+	      return request.getScheme() + "://" +
+	             request.getServerName() +
+	             request.getContextPath();
+	    else
+	      return request.getScheme() + "://" +
+	             request.getServerName() + ":" + request.getServerPort() +
+	             request.getContextPath();
+	  }
+  
+}