diff options
Diffstat (limited to 'id/server/idserverlib/src/main/java')
5 files changed, 295 insertions, 4 deletions
| diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/builder/GUILayoutBuilder.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/builder/GUILayoutBuilder.java new file mode 100644 index 000000000..b95cbbc16 --- /dev/null +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/builder/GUILayoutBuilder.java @@ -0,0 +1,157 @@ +/* + * Copyright 2014 Federal Chancellery Austria + * MOA-ID has been developed in a cooperation between BRZ, the Federal + * Chancellery Austria - ICT staff unit, and Graz University of Technology. + * + * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by + * the European Commission - subsequent versions of the EUPL (the "Licence"); + * You may not use this work except in compliance with the Licence. + * You may obtain a copy of the Licence at: + * http://www.osor.eu/eupl/ + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the Licence is distributed on an "AS IS" basis, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the Licence for the specific language governing permissions and + * limitations under the Licence. + * + * This product combines work with different licenses. See the "NOTICE" text + * file for details on the various modules and licenses. + * The "NOTICE" text file is part of the distribution. Any derivative works + * that you distribute must include a readable copy of the "NOTICE" text file. + */ +package at.gv.egovernment.moa.id.auth.builder; + +import java.io.File; +import java.io.FileInputStream; +import java.io.FileNotFoundException; +import java.io.IOException; +import java.io.InputStream; +import java.io.StringWriter; +import java.net.URI; + +import org.apache.commons.io.IOUtils; + +import at.gv.egovernment.moa.id.config.auth.AuthConfigurationProviderFactory; +import at.gv.egovernment.moa.id.config.auth.IOAAuthParameters; +import at.gv.egovernment.moa.id.moduls.IRequest; +import at.gv.egovernment.moa.id.util.FormBuildUtils; +import at.gv.egovernment.moa.logging.Logger; + +/** + * @author tlenz + * + */ +public class GUILayoutBuilder { +	private static final String CSS_LAYOUTTEMPLATE = "css_template.css"; +	private static final String JS_LAYOUTTEMPLATE = "javascript_tempalte.js";	 +	private static final String HTMLTEMPLATESDIR = "htmlTemplates/"; + +	private static String CONTEXTPATH = "#CONTEXTPATH#"; +	private static String MOASESSIONID = "#SESSIONID#"; +	private static String AUTH_URL = "#AUTH_URL#"; +	private static String BKU_ONLINE = "#ONLINE#"; +	private static String BKU_HANDY =  "#HANDY#";  +	private static String BKU_LOCAL =  "#LOCAL#";  +	 +	 +	public static String buildCSS(IRequest pendingReq, String authURL) { +		return buildForm(pendingReq, authURL, CSS_LAYOUTTEMPLATE); +		 +	} +	 +	public static String buildJS(IRequest pendingReq, String authURL) { +		return buildForm(pendingReq, authURL, JS_LAYOUTTEMPLATE); +		 +	} +	 +	 +	 +	private static String getTemplate(String templateName) {		 +		String pathLocation; +		InputStream input = null; +		try { +			String rootconfigdir = AuthConfigurationProviderFactory.getInstance().getRootConfigFileDir();	 +			pathLocation = rootconfigdir + HTMLTEMPLATESDIR + templateName; +		 +			try { +				File file = new File(new URI(pathLocation)); +				input = new  FileInputStream(file); +			 +			} catch (FileNotFoundException e)  {				 +				Logger.warn("No LoginFormTempaltes found. Use Generic Templates from package.");			 +				pathLocation = "resources/templates/" + templateName;			 +				input = Thread.currentThread() +						.getContextClassLoader() +						.getResourceAsStream(pathLocation); +			 +			} +			 +			return getTemplate(input); +			 +		} catch (Exception e) {			 +			return null; +			 +		} finally { +			try { +				if (input != null) +					input.close(); +				 +			} catch (IOException e) { +				Logger.warn("SendAssertionTemplate inputstream can not be closed.", e); +				 +			} +		}		 +	} +	 +	private static String getTemplate(InputStream input) { +			String template = null;			 +		try {				 + +			StringWriter writer = new StringWriter(); +			IOUtils.copy(input, writer); +			template = writer.toString(); +							 +		} catch (Exception e) { +			Logger.error("Failed to read template", e); +			 +		}			 +		return template; +	} +	 +	private static String buildForm(IRequest pendingReq, String authURL, String templateName) { +		//load default GUI-Layout template template +		String value = getTemplate(templateName); + +		if (pendingReq != null) { +			IOAAuthParameters oaParam = pendingReq.getOnlineApplicationConfiguration(); +				 +			if(value != null) { +				//only for BKU-Selection step and JavaScript generation +				value = value.replace(AUTH_URL, LoginFormBuilder.SERVLET); +				 +				value = value.replace(CONTEXTPATH, pendingReq.getAuthURL()); +				value = value.replace(MOASESSIONID, pendingReq.getRequestID()); +								 +				value = value.replace(BKU_ONLINE, IOAAuthParameters.ONLINEBKU); +				value = value.replace(BKU_HANDY, IOAAuthParameters.HANDYBKU); +				value = value.replace(BKU_LOCAL, IOAAuthParameters.LOCALBKU); +				 +				 +				value = FormBuildUtils.customiceLayoutBKUSelection(value,  +						oaParam.isShowMandateCheckBox(), +						oaParam.isOnlyMandateAllowed(), +						oaParam.getFormCustomizaten(), +						oaParam.isShowStorkLogin());			 +			} +						 +		} else { +			value = FormBuildUtils.defaultLayoutBKUSelection(value); +			value = value.replace(CONTEXTPATH, authURL); +								 +		} +		 +		return value;		 +	} +	 +} diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/builder/LoginFormBuilder.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/builder/LoginFormBuilder.java index 4bcda3517..e1aa41ce2 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/builder/LoginFormBuilder.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/builder/LoginFormBuilder.java @@ -47,8 +47,6 @@ public class LoginFormBuilder {  	private static final String HTMLTEMPLATEFULL = "loginFormFull.html";  	private static String AUTH_URL = "#AUTH_URL#"; -	private static String MODUL = "#MODUL#"; -	private static String ACTION = "#ACTION#";  	private static String OANAME = "#OAName#";  	private static String BKU_ONLINE = "#ONLINE#";  	private static String BKU_HANDY =  "#HANDY#";  @@ -57,7 +55,7 @@ public class LoginFormBuilder {  	private static String MOASESSIONID = "#SESSIONID#";  	private static String PEPSLIST = "#PEPSLIST#"; -	private static String SERVLET = CONTEXTPATH+"/GenerateIframeTemplate"; +	public static String SERVLET = CONTEXTPATH+"/GenerateIframeTemplate";  	private static String getTemplate() {  		String pathLocation =""; diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/GUILayoutBuilderServlet.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/GUILayoutBuilderServlet.java new file mode 100644 index 000000000..1d9a57b48 --- /dev/null +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/GUILayoutBuilderServlet.java @@ -0,0 +1,126 @@ +/* + * Copyright 2014 Federal Chancellery Austria + * MOA-ID has been developed in a cooperation between BRZ, the Federal + * Chancellery Austria - ICT staff unit, and Graz University of Technology. + * + * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by + * the European Commission - subsequent versions of the EUPL (the "Licence"); + * You may not use this work except in compliance with the Licence. + * You may obtain a copy of the Licence at: + * http://www.osor.eu/eupl/ + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the Licence is distributed on an "AS IS" basis, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the Licence for the specific language governing permissions and + * limitations under the Licence. + * + * This product combines work with different licenses. See the "NOTICE" text + * file for details on the various modules and licenses. + * The "NOTICE" text file is part of the distribution. Any derivative works + * that you distribute must include a readable copy of the "NOTICE" text file. + */ +package at.gv.egovernment.moa.id.auth.servlet; + +import java.io.IOException; +import java.io.PrintWriter; + +import javax.servlet.http.HttpServletRequest; +import javax.servlet.http.HttpServletResponse; + +import org.apache.commons.lang.StringEscapeUtils; +import org.springframework.beans.factory.annotation.Autowired; +import org.springframework.stereotype.Controller; +import org.springframework.web.bind.annotation.RequestMapping; +import org.springframework.web.bind.annotation.RequestMethod; + +import at.gv.egovernment.moa.id.auth.MOAIDAuthConstants; +import at.gv.egovernment.moa.id.auth.builder.GUILayoutBuilder; +import at.gv.egovernment.moa.id.config.auth.AuthConfiguration; +import at.gv.egovernment.moa.id.moduls.IRequest; +import at.gv.egovernment.moa.id.moduls.IRequestStorage; +import at.gv.egovernment.moa.id.util.HTTPUtils; +import at.gv.egovernment.moa.logging.Logger; +import at.gv.egovernment.moa.util.MiscUtil; + +/** + * @author tlenz + * + */ +@Controller +public class GUILayoutBuilderServlet extends AbstractController { + +	public static final String ENDPOINT_CSS = "/css/buildCSS"; +	public static final String ENDPOINT_JS = "/js/buildJS"; +	 +	@Autowired AuthConfiguration authConfig; +	@Autowired IRequestStorage requestStoreage; +	 +	public GUILayoutBuilderServlet() { +		super(); +		Logger.debug("Registering servlet " + getClass().getName()  +				+ " with mappings '" + ENDPOINT_CSS  +				+ "' and '" + ENDPOINT_JS + "'."); +		 +	} +	 +	@RequestMapping(value = "/css/buildCSS", method = {RequestMethod.GET}) +	public void buildCSS(HttpServletRequest req, HttpServletResponse resp) throws IOException {		 +		IRequest pendingReq = extractPendingRequest(req); + +		//build Service-Provider specific CSS +		String css = GUILayoutBuilder.buildCSS(pendingReq, HTTPUtils.extractAuthURLFromRequest(req)); + +		resp.setContentType("text/css;charset=UTF-8"); +		writeResponse(resp, css, "CSS"); +							 +	} +	 +	@RequestMapping(value = "/js/buildJS", method = {RequestMethod.GET}) +	public void buildJavaScript(HttpServletRequest req, HttpServletResponse resp) throws IOException { +		IRequest pendingReq = extractPendingRequest(req); +		 +		//build Service-Provider specific CSS +		String js = GUILayoutBuilder.buildJS(pendingReq, HTTPUtils.extractAuthURLFromRequest(req)); +			 +		resp.setContentType("text/javascript;charset=UTF-8");			 +		writeResponse(resp, js, "JavaScript"); +					 +	} +	 +	private void writeResponse(HttpServletResponse resp, String value, String ressourceID) throws IOException { +		if (MiscUtil.isNotEmpty(value)) { +			PrintWriter out = new PrintWriter(resp.getOutputStream());  +			out.print(value); +			out.flush(); +			 +		} else { +			Logger.warn("GUI ressource: " + ressourceID + " generation FAILED."); +			resp.sendError(HttpServletResponse.SC_INTERNAL_SERVER_ERROR, "Created resource failed"); +			 +		} +		 +	} +	 +	private IRequest extractPendingRequest(HttpServletRequest req) { +		try { +			String authURL = HTTPUtils.extractAuthURLFromRequest(req);		 +			String pendingReqID = StringEscapeUtils.escapeHtml( +					req.getParameter(MOAIDAuthConstants.PARAM_TARGET_PENDINGREQUESTID)); +		 +			if (MiscUtil.isNotEmpty(pendingReqID) && authConfig.getPublicURLPrefix().contains(authURL)) {		 +				IRequest pendingReq = requestStorage.getPendingRequest(pendingReqID); +				if (pendingReq != null) +					return pendingReq; +			 +			} +			 +			Logger.info("Prohibit GUI-Layout builder-request. No pending-request or wrong auth-URL."); +			 +		} catch (Exception e) { +			Logger.warn("GUI-Layout builder-servlet has an error during request-preprocessing.", e); +		}	 +		 +		return null; +	} +} diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/GeneralProcessEngineSignalController.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/GeneralProcessEngineSignalController.java index 6bccd5b88..26a0488ca 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/GeneralProcessEngineSignalController.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/GeneralProcessEngineSignalController.java @@ -39,6 +39,8 @@ import org.springframework.web.bind.annotation.RequestMethod;  public class GeneralProcessEngineSignalController extends AbstractProcessEngineSignalController { +	 +	  	@RequestMapping(value = {"/GenerateIframeTemplate",   							 "/SSOSendAssertionServlet",  							 "/signalProcess" diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/util/FormBuildUtils.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/util/FormBuildUtils.java index d3ac574f8..9a1237b80 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/util/FormBuildUtils.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/util/FormBuildUtils.java @@ -26,7 +26,6 @@ import java.util.HashMap;  import java.util.Map;  import java.util.Set; -import at.gv.egovernment.moa.id.config.auth.OAAuthParameter;  import at.gv.egovernment.moa.util.MiscUtil;  public class FormBuildUtils { @@ -123,6 +122,15 @@ public class FormBuildUtils {  	public static Map<String, String> getDefaultMap() {  		return defaultmap;  	} + +	/** +	 * @param value +	 * @return +	 */ +	public static String defaultLayoutBKUSelection(String value) { +		return customiceLayoutBKUSelection(value, false, false, getDefaultMap(), false); +		 +	}  } | 
