1 files changed, 149 insertions, 0 deletions

diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/util/ServletUtils.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/util/ServletUtils.java
new file mode 100644
index 000000000..2ff9e5210
--- /dev/null
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/util/ServletUtils.java
@@ -0,0 +1,149 @@
+/*
+ * Copyright 2003 Federal Chancellery Austria
+ * MOA-ID has been developed in a cooperation between BRZ, the Federal
+ * Chancellery Austria - ICT staff unit, and Graz University of Technology.
+ *
+ * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by
+ * the European Commission - subsequent versions of the EUPL (the "Licence");
+ * You may not use this work except in compliance with the Licence.
+ * You may obtain a copy of the Licence at:
+ * http://www.osor.eu/eupl/
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the Licence is distributed on an "AS IS" basis,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the Licence for the specific language governing permissions and
+ * limitations under the Licence.
+ *
+ * This product combines work with different licenses. See the "NOTICE" text
+ * file for details on the various modules and licenses.
+ * The "NOTICE" text file is part of the distribution. Any derivative works
+ * that you distribute must include a readable copy of the "NOTICE" text file.
+ */
+
+
+/**

+ * 

+ */

+package at.gv.egovernment.moa.id.util;

+

+import java.io.IOException;
+import java.io.OutputStream;
+import java.net.URLEncoder;
+
+import javax.servlet.http.HttpServletResponse;
+
+import at.gv.egovernment.moa.id.MOAIDException;
+import at.gv.egovernment.moa.id.auth.AuthenticationServer;
+import at.gv.egovernment.moa.id.auth.builder.DataURLBuilder;
+import at.gv.egovernment.moa.id.auth.data.AuthenticationSession;
+import at.gv.egovernment.moa.logging.Logger;
+

+/**

+ * @author <a href="mailto:peter.danner@egiz.gv.at">Peter Danner</a>

+ *

+ */

+public class ServletUtils {

+  

+  /**

+   * Writes out whether the CreateXMLSignatureRequest or a Redirect for form input processing 

+   * depending on the requests starting text.

+   * 

+   * @param resp The httpServletResponse

+   * @param session The current AuthenticationSession

+   * @param createXMLSignatureRequestOrRedirect The request

+   * @param servletGoal The servlet to which the redirect should happen

+   * @param servletName The servlet name for debug purposes

+   * @throws MOAIDException

+   * @throws IOException

+   */

+  public static void writeCreateXMLSignatureRequestOrRedirect(HttpServletResponse resp, AuthenticationSession session, String createXMLSignatureRequestOrRedirect, String servletGoal, String servletName) 

+  throws MOAIDException,

+         IOException

+  { 

+    if (!createXMLSignatureRequestOrRedirect.startsWith("Redirect")) {

+      resp.setStatus(307);

+      String dataURL = new DataURLBuilder().buildDataURL(

+        session.getAuthURL(), AuthenticationServer.REQ_VERIFY_AUTH_BLOCK, session.getSessionID());

+      resp.addHeader("Location", dataURL);

+      

+      //TODO test impact of explicit setting charset with older versions of BKUs (HotSign)

+      resp.setContentType("text/xml;charset=UTF-8");

+      

+      OutputStream out = resp.getOutputStream();

+      out.write(createXMLSignatureRequestOrRedirect.getBytes("UTF-8"));

+      out.flush();

+      out.close();

+      Logger.debug("Finished POST " + servletName);
+      

+    } else {

+      String redirectURL = new DataURLBuilder().buildDataURL(session.getAuthURL(), servletGoal, session.getSessionID());

+      resp.setContentType("text/html");

+      resp.setStatus(302);

+      resp.addHeader("Location", redirectURL);

+      Logger.debug("REDIRECT TO: " + redirectURL);

+      

+    }

+  }
+  /**
+   * Writes out whether the CreateXMLSignatureRequest or a Redirect for form input processing 
+   * depending on the requests starting text.
+   * 
+   * @param resp The httpServletResponse
+   * @param session The current AuthenticationSession
+   * @param createXMLSignatureRequestOrRedirect The request
+   * @param servletGoal The servlet to which the redirect should happen
+   * @param servletName The servlet name for debug purposes
+   * @throws MOAIDException
+   * @throws IOException
+   */
+  public static void writeCreateXMLSignatureRequest(HttpServletResponse resp, AuthenticationSession session, String createXMLSignatureRequestOrRedirect, String servletGoal, String servletName, String dataURL) 
+  throws MOAIDException,
+         IOException
+  { 
+      resp.setStatus(307);
+      resp.addHeader("Location", dataURL);
+      
+      //TODO test impact of explicit setting charset with older versions of BKUs (HotSign)
+      resp.setContentType("text/xml;charset=UTF-8");
+            
+      OutputStream out = resp.getOutputStream();
+      out.write(createXMLSignatureRequestOrRedirect.getBytes("UTF-8"));
+      out.flush();
+      out.close();
+      Logger.debug("Finished POST " + servletName);
+    
+  }

+
+  /**
+   * Writes out whether the CreateXMLSignatureRequest or a Redirect for form input processing 
+   * depending on the requests starting text.
+   * 
+   * @param resp The httpServletResponse
+   * @param session The current AuthenticationSession
+   * @param createXMLSignatureRequestOrRedirect The request
+   * @param servletGoal The servlet to which the redirect should happen
+   * @param servletName The servlet name for debug purposes
+   * @throws MOAIDException
+   * @throws IOException
+   */
+  public static void writeCreateXMLSignatureRequestURLEncoded(HttpServletResponse resp, AuthenticationSession session, String createXMLSignatureRequestOrRedirect, String servletGoal, String servletName, String dataURL) 
+  throws MOAIDException,
+         IOException { 
+	  resp.setStatus(200);
+	  Logger.debug("ContentType set to: application/x-www-form-urlencoded");
+	
+	  resp.setContentType("application/x-www-form-urlencoded");
+	  
+	  String content = "XMLRequest=" + URLEncoder.encode(createXMLSignatureRequestOrRedirect, "UTF-8") + "&" + 
+	  					"DataURL=" + URLEncoder.encode(dataURL, "UTF-8");
+      
+      OutputStream out = resp.getOutputStream();
+      out.write(content.getBytes("UTF-8"));
+      out.flush();
+      out.close();
+      Logger.debug("Finished POST " + servletName);
+    
+  }
+

+}