1 files changed, 28 insertions, 76 deletions

diff --git a/id/server/modules/moa-id-modul-citizencard_authentication/src/main/java/at/gv/egovernment/moa/id/auth/modules/internal/tasks/PrepareGetMISMandateTask.java b/id/server/modules/moa-id-modul-citizencard_authentication/src/main/java/at/gv/egovernment/moa/id/auth/modules/internal/tasks/PrepareGetMISMandateTask.java
index 099bc085c..afbb87f10 100644
--- a/id/server/modules/moa-id-modul-citizencard_authentication/src/main/java/at/gv/egovernment/moa/id/auth/modules/internal/tasks/PrepareGetMISMandateTask.java
+++ b/id/server/modules/moa-id-modul-citizencard_authentication/src/main/java/at/gv/egovernment/moa/id/auth/modules/internal/tasks/PrepareGetMISMandateTask.java
@@ -22,47 +22,41 @@
  */
 package at.gv.egovernment.moa.id.auth.modules.internal.tasks;
 
-import static at.gv.egovernment.moa.id.auth.MOAIDAuthConstants.GET_MIS_SESSIONID;
-import static at.gv.egovernment.moa.id.auth.MOAIDAuthConstants.PARAM_SESSIONID;
+import static at.gv.egovernment.moa.id.commons.MOAIDAuthConstants.GET_MIS_SESSIONID;
 
 import java.util.List;
 
 import javax.net.ssl.SSLSocketFactory;
 import javax.servlet.http.HttpServletRequest;
 import javax.servlet.http.HttpServletResponse;
+
+import org.springframework.stereotype.Component;
 import org.w3c.dom.Element;
 
 import at.gv.egovernment.moa.id.advancedlogging.MOAIDEventConstants;
-import at.gv.egovernment.moa.id.advancedlogging.MOAReversionLogger;
 import at.gv.egovernment.moa.id.auth.builder.DataURLBuilder;
 import at.gv.egovernment.moa.id.auth.data.AuthenticationSession;
 import at.gv.egovernment.moa.id.auth.exception.AuthenticationException;
 import at.gv.egovernment.moa.id.auth.exception.BuildException;
 import at.gv.egovernment.moa.id.auth.exception.MISSimpleClientException;
-import at.gv.egovernment.moa.id.auth.exception.MOAIDException;
 import at.gv.egovernment.moa.id.auth.modules.AbstractAuthServletTask;
 import at.gv.egovernment.moa.id.auth.modules.TaskExecutionException;
+import at.gv.egovernment.moa.id.commons.api.ConnectionParameterInterface;
+import at.gv.egovernment.moa.id.commons.api.IOAAuthParameters;
+import at.gv.egovernment.moa.id.commons.api.exceptions.MOAIDException;
 import at.gv.egovernment.moa.id.commons.db.ex.MOADatabaseException;
-import at.gv.egovernment.moa.id.config.ConnectionParameter;
-import at.gv.egovernment.moa.id.config.auth.AuthConfiguration;
-import at.gv.egovernment.moa.id.config.auth.AuthConfigurationProviderFactory;
-import at.gv.egovernment.moa.id.config.auth.IOAAuthParameters;
-import at.gv.egovernment.moa.id.config.auth.OAAuthParameter;
-import at.gv.egovernment.moa.id.moduls.IRequest;
-import at.gv.egovernment.moa.id.moduls.RequestStorage;
 import at.gv.egovernment.moa.id.process.api.ExecutionContext;
-import at.gv.egovernment.moa.id.storage.AuthenticationSessionStoreage;
 import at.gv.egovernment.moa.id.util.SSLUtils;
 import at.gv.egovernment.moa.id.util.client.mis.simple.MISSessionId;
 import at.gv.egovernment.moa.id.util.client.mis.simple.MISSimpleClient;
 import at.gv.egovernment.moa.logging.Logger;
 import at.gv.egovernment.moa.util.DOMUtils;
-import at.gv.egovernment.moa.util.MiscUtil;
 
 /**
  * @author tlenz
  *
  */
+@Component("PrepareGetMISMandateTask")
 public class PrepareGetMISMandateTask extends AbstractAuthServletTask {
 
 	/* (non-Javadoc)
@@ -75,66 +69,26 @@ public class PrepareGetMISMandateTask extends AbstractAuthServletTask {
 
 		//mandate Mode
 		try {
-			IRequest pendingReq = RequestStorage.getPendingRequest(
-					(String) executionContext.get("pendingRequestID"));	
-			
-			//get Session from context
-			String moasessionid = (String) executionContext.get(PARAM_SESSIONID);
-			AuthenticationSession session = null;				
-			if (MiscUtil.isEmpty(moasessionid)) {
-				Logger.warn("MOASessionID is empty.");
-				throw new MOAIDException("auth.18", new Object[] {});
-			}
-				
-			try {			
-				session = AuthenticationSessionStoreage.getSession(moasessionid);
-				AuthenticationSessionStoreage.changeSessionID(session);
-								
-			} catch (MOADatabaseException e) {
-				Logger.info("MOASession with SessionID=" + moasessionid + " is not found in Database");
-				throw new MOAIDException("init.04", new Object[] { moasessionid });
-
-			} catch (Throwable e) {
-				Logger.info("No HTTP Session found!");
-				throw new MOAIDException("auth.18", new Object[] {});
-				
-			} finally {
-				executionContext.remove(PARAM_SESSIONID);
-				
-			}
-
-			
-		  AuthConfiguration authConf= AuthConfigurationProviderFactory.getInstance();
-			ConnectionParameter connectionParameters = authConf.getOnlineMandatesConnectionParameter();	
-			SSLSocketFactory sslFactory = SSLUtils.getSSLSocketFactory(AuthConfigurationProviderFactory.getInstance(), connectionParameters);
+			//perform default task initialization
+			defaultTaskInitialization(request, executionContext);
+						
+			ConnectionParameterInterface connectionParameters = authConfig.getOnlineMandatesConnectionParameter();	
+			SSLSocketFactory sslFactory = SSLUtils.getSSLSocketFactory(authConfig, connectionParameters);
 			
 			// get identitity link as byte[]
-			Element elem = session.getIdentityLink().getSamlAssertion();
+			Element elem = moasession.getIdentityLink().getSamlAssertion();
 			String s = DOMUtils.serializeNode(elem);
 			
 			//System.out.println("IDL: " + s);
 			
 			byte[] idl = s.getBytes("UTF-8");
-			
-			// redirect url
-			// build redirect(to the GetMISSessionIdSerlvet)
-			
-			//change MOASessionID before MIS request
-			String newMOASessionID = AuthenticationSessionStoreage.changeSessionID(session);
-			
+						
 	        String redirectURL = new DataURLBuilder().buildDataURL(
-			    session.getAuthURL(),
+			    pendingReq.getAuthURL(),
 			    GET_MIS_SESSIONID,
-			    newMOASessionID);
+			    pendingReq.getRequestID());
 			
-	        String oaURL = session.getOAURLRequested();
 	        IOAAuthParameters oaParam = pendingReq.getOnlineApplicationConfiguration();
-	        if (oaParam == null) {
-	        	oaParam = authConf.getOnlineApplicationParameter(oaURL);
-	        	Logger.info("No Service info in PendingRequest --> load service info from configuration");
-	        	
-	        }
-	        
 	        List<String> profiles = oaParam.getMandateProfiles();
 
 	        if (profiles == null) {
@@ -143,24 +97,21 @@ public class PrepareGetMISMandateTask extends AbstractAuthServletTask {
 	        }
 	        
 	        String oaFriendlyName = oaParam.getFriendlyName();
-	        String mandateReferenceValue = session.getMandateReferenceValue();
-	        byte[] cert = session.getEncodedSignerCertificate();
-	        byte[] authBlock = session.getAuthBlock().getBytes("UTF-8");
+	        String mandateReferenceValue = moasession.getMandateReferenceValue();
+	        byte[] cert = moasession.getEncodedSignerCertificate();
+	        byte[] authBlock = moasession.getAuthBlock().getBytes("UTF-8");
 	        
 	        //TODO: check in case of SSO!!!
 	        String targetType = null;  
-	        if(oaParam.getBusinessService()) {
-	        	String id = oaParam.getIdentityLinkDomainIdentifier();
-	        	if (id.startsWith(AuthenticationSession.REGISTERANDORDNR_PREFIX_))
-	        		targetType = id;
-	        	else
-	        		targetType = AuthenticationSession.REGISTERANDORDNR_PREFIX_+session.getDomainIdentifier();
+	        if(oaParam.getBusinessService()){
+	        	targetType = oaParam.getIdentityLinkDomainIdentifier();
 	        	
 	        } else {
 	        	targetType = AuthenticationSession.TARGET_PREFIX_ + oaParam.getTarget();
+	        	
 	        }
 	        
-	        MOAReversionLogger.getInstance().logEvent(pendingReq.getOnlineApplicationConfiguration(), 
+	        revisionsLogger.logEvent(pendingReq.getOnlineApplicationConfiguration(), 
 					pendingReq, MOAIDEventConstants.AUTHPROCESS_MANDATE_SERVICE_REQUESTED, mandateReferenceValue);
 	        
 	        MISSessionId misSessionID = MISSimpleClient.sendSessionIdRequest(
@@ -178,20 +129,21 @@ public class PrepareGetMISMandateTask extends AbstractAuthServletTask {
 	        if (misSessionID == null) {
 	      	  Logger.error("Fehler bei Anfrage an Vollmachten Service. MIS Session ID ist null.");
 	      	  throw new MISSimpleClientException("Fehler bei Anfrage an Vollmachten Service.");
+	      	  
 	        }
 	        
 	        String redirectMISGUI = misSessionID.getRedirectURL();
-	        session.setMISSessionID(misSessionID.getSessiondId());
+	        moasession.setMISSessionID(misSessionID.getSessiondId());
 		
 			try {
-				AuthenticationSessionStoreage.storeSession(session);
+				authenticatedSessionStorage.storeSession(moasession);
 				
 			} catch (MOADatabaseException | BuildException e) {
 				throw new MOAIDException("Session store error", null);
 				
 			}
 	        			
-			MOAReversionLogger.getInstance().logEvent(pendingReq.getOnlineApplicationConfiguration(), 
+			revisionsLogger.logEvent(pendingReq.getOnlineApplicationConfiguration(), 
 					pendingReq, MOAIDEventConstants.AUTHPROCESS_MANDATE_REDIRECT);
 			
 	        response.setStatus(302);
@@ -199,7 +151,7 @@ public class PrepareGetMISMandateTask extends AbstractAuthServletTask {
 	    	Logger.debug("REDIRECT TO: " + redirectMISGUI);
 	    	
 		} catch (Exception e ) {
-			throw new TaskExecutionException(e.getMessage(), e);
+			throw new TaskExecutionException(pendingReq, e.getMessage(), e);
 			
 		} 
 	}