aboutsummaryrefslogtreecommitdiff
path: root/id/server/modules/moa-id-modul-citizencard_authentication/src/main/java/at/gv/egovernment/moa/id/auth/modules/internal/tasks/VerifyCertificateTask.java
diff options
context:
space:
mode:
Diffstat (limited to 'id/server/modules/moa-id-modul-citizencard_authentication/src/main/java/at/gv/egovernment/moa/id/auth/modules/internal/tasks/VerifyCertificateTask.java')
-rw-r--r--id/server/modules/moa-id-modul-citizencard_authentication/src/main/java/at/gv/egovernment/moa/id/auth/modules/internal/tasks/VerifyCertificateTask.java103
1 files changed, 41 insertions, 62 deletions
diff --git a/id/server/modules/moa-id-modul-citizencard_authentication/src/main/java/at/gv/egovernment/moa/id/auth/modules/internal/tasks/VerifyCertificateTask.java b/id/server/modules/moa-id-modul-citizencard_authentication/src/main/java/at/gv/egovernment/moa/id/auth/modules/internal/tasks/VerifyCertificateTask.java
index 2734d1027..df158a7ec 100644
--- a/id/server/modules/moa-id-modul-citizencard_authentication/src/main/java/at/gv/egovernment/moa/id/auth/modules/internal/tasks/VerifyCertificateTask.java
+++ b/id/server/modules/moa-id-modul-citizencard_authentication/src/main/java/at/gv/egovernment/moa/id/auth/modules/internal/tasks/VerifyCertificateTask.java
@@ -1,7 +1,6 @@
package at.gv.egovernment.moa.id.auth.modules.internal.tasks;
-import static at.gv.egovernment.moa.id.auth.MOAIDAuthConstants.*;
-import iaik.x509.X509Certificate;
+import static at.gv.egovernment.moa.id.commons.MOAIDAuthConstants.REQ_GET_FOREIGN_ID;
import java.io.IOException;
import java.util.Map;
@@ -10,36 +9,30 @@ import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import org.apache.commons.fileupload.FileUploadException;
-import org.apache.commons.lang.StringEscapeUtils;
+import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.beans.factory.annotation.Qualifier;
+import org.springframework.stereotype.Component;
import at.gv.egovernment.moa.id.advancedlogging.MOAIDEventConstants;
-import at.gv.egovernment.moa.id.advancedlogging.MOAReversionLogger;
import at.gv.egovernment.moa.id.auth.AuthenticationServer;
import at.gv.egovernment.moa.id.auth.builder.DataURLBuilder;
-import at.gv.egovernment.moa.id.auth.data.AuthenticationSession;
import at.gv.egovernment.moa.id.auth.exception.AuthenticationException;
-import at.gv.egovernment.moa.id.auth.exception.MOAIDException;
-import at.gv.egovernment.moa.id.auth.exception.WrongParametersException;
import at.gv.egovernment.moa.id.auth.modules.AbstractAuthServletTask;
import at.gv.egovernment.moa.id.auth.modules.TaskExecutionException;
-
+import at.gv.egovernment.moa.id.commons.api.exceptions.MOAIDException;
import at.gv.egovernment.moa.id.commons.db.ex.MOADatabaseException;
-import at.gv.egovernment.moa.id.moduls.IRequest;
-import at.gv.egovernment.moa.id.moduls.RequestStorage;
import at.gv.egovernment.moa.id.process.api.ExecutionContext;
-import at.gv.egovernment.moa.id.storage.AuthenticationSessionStoreage;
import at.gv.egovernment.moa.id.util.CitizenCardServletUtils;
-import at.gv.egovernment.moa.id.util.ParamValidatorUtils;
-import at.gv.egovernment.moa.id.util.ServletUtils;
import at.gv.egovernment.moa.logging.Logger;
import at.gv.egovernment.moa.spss.util.CertificateUtils;
+import iaik.x509.X509Certificate;
/**
- * Parses the certificate from {@code InfoBoxReadResponse} (via POST parameter {@linkplain at.gv.egovernment.moa.id.auth.MOAIDAuthConstants#PARAM_XMLRESPONSE PARAM_XMLRESPONSE}), creates the auth block to be signed and returns a {@code CreateXMLSignatureRequest} for auth block signature.<p/>
+ * Parses the certificate from {@code InfoBoxReadResponse} (via POST parameter {@linkplain at.gv.egovernment.moa.id.commons.MOAIDAuthConstants#PARAM_XMLRESPONSE PARAM_XMLRESPONSE}), creates the auth block to be signed and returns a {@code CreateXMLSignatureRequest} for auth block signature.<p/>
* In detail:
* <ul>
* <li>Renames the moa session id.</li>
- * <li>Retrieves the certificate via {@code InfoBoxReadResponse} from POST parameter {@linkplain at.gv.egovernment.moa.id.auth.MOAIDAuthConstants#PARAM_XMLRESPONSE PARAM_XMLRESPONSE}.</li>
+ * <li>Retrieves the certificate via {@code InfoBoxReadResponse} from POST parameter {@linkplain at.gv.egovernment.moa.id.commons.MOAIDAuthConstants#PARAM_XMLRESPONSE PARAM_XMLRESPONSE}.</li>
* <li>Verifies the certificate.</li>
* <li>Creates the auth block to be signed using information from the certificate (Organwalter, foreign citizen.</li>
* <li>Puts it in a {@code CreateXMLSignatureRequest}.</li>
@@ -48,8 +41,8 @@ import at.gv.egovernment.moa.spss.util.CertificateUtils;
* </ul>
* Expects:
* <ul>
- * <li>HttpServletRequest parameter {@linkplain at.gv.egovernment.moa.id.auth.MOAIDAuthConstants#PARAM_SESSIONID PARAM_SESSIONID}</li>
- * <li>HttpServletRequest parameter {@linkplain at.gv.egovernment.moa.id.auth.MOAIDAuthConstants#PARAM_XMLRESPONSE PARAM_SESSIONID} containing a {@code InfoBoxReadResponse}.</li>
+ * <li>HttpServletRequest parameter {@linkplain at.gv.egovernment.moa.id.commons.MOAIDAuthConstants#PARAM_SESSIONID PARAM_SESSIONID}</li>
+ * <li>HttpServletRequest parameter {@linkplain at.gv.egovernment.moa.id.commons.MOAIDAuthConstants#PARAM_XMLRESPONSE PARAM_SESSIONID} containing a {@code InfoBoxReadResponse}.</li>
* </ul>
* Result:
* <ul>
@@ -59,15 +52,18 @@ import at.gv.egovernment.moa.spss.util.CertificateUtils;
* @see #execute(ExecutionContext, HttpServletRequest, HttpServletResponse)
*
*/
+@Component("VerifyCertificateTask")
public class VerifyCertificateTask extends AbstractAuthServletTask {
+ @Autowired @Qualifier("CitizenCardAuthenticationServer") private AuthenticationServer authServer;
+
@Override
public void execute(ExecutionContext executionContext, HttpServletRequest req, HttpServletResponse resp)
throws TaskExecutionException {
// note: code taken from at.gv.egovernment.moa.id.auth.servlet.VerifyCertificateServlet
- Logger.debug("POST VerifyCertificateServlet");
+ Logger.debug("Reveive VerifyCertificate Response");
Map<String, String> parameters;
try
@@ -76,53 +72,42 @@ public class VerifyCertificateTask extends AbstractAuthServletTask {
} catch (FileUploadException | IOException e)
{
Logger.error("Parsing mulitpart/form-data request parameters failed: " + e.getMessage());
- throw new TaskExecutionException("Parsing mulitpart/form-data request parameters failed", new IOException(e.getMessage()));
+ throw new TaskExecutionException(pendingReq, "Parsing mulitpart/form-data request parameters failed", new IOException(e.getMessage()));
}
- String sessionID = req.getParameter(PARAM_SESSIONID);
-
- // escape parameter strings
- sessionID = StringEscapeUtils.escapeHtml(sessionID);
- AuthenticationSession session = null;
try {
- // check parameter
- if (!ParamValidatorUtils.isValidSessionID(sessionID))
- throw new WrongParametersException("VerifyCertificate", PARAM_SESSIONID, "auth.12");
-
- session = AuthenticationServer.getSession(sessionID);
-
- IRequest pendingReq = RequestStorage.getPendingRequest(
- (String) executionContext.get("pendingRequestID"));
- MOAReversionLogger.getInstance().logEvent(pendingReq.getOnlineApplicationConfiguration(),
+ //execute default task initialization
+ defaultTaskInitialization(req, executionContext);
+
+ revisionsLogger.logEvent(pendingReq.getOnlineApplicationConfiguration(),
pendingReq, MOAIDEventConstants.AUTHPROCESS_BKU_DATAURL_IP, req.getRemoteHost());
- //change MOASessionID
- sessionID = AuthenticationSessionStoreage.changeSessionID(session);
-
- X509Certificate cert = AuthenticationServer.getInstance().getCertificate(pendingReq, sessionID, parameters);
+ //read certificate from response
+ X509Certificate cert = authServer.getCertificate(pendingReq, parameters);
if (cert == null) {
Logger.error("Certificate could not be read.");
throw new AuthenticationException("auth.14", null);
}
-
- boolean useMandate = session.getUseMandate();
-
- if (useMandate) {
+
+ if (moasession.isMandateUsed()) {
- // verify certificate for OrganWalter
- String createXMLSignatureRequestOrRedirect = AuthenticationServer.getInstance().verifyCertificate(session, cert, pendingReq);
+ // verify certificate for OrganWalter
+ authServer.verifyCertificate(moasession, cert, pendingReq);
+
+ //create AuthBlock
+ String createXMLSignatureRequestOrRedirect =
+ authServer.getCreateXMLSignatureRequestAuthBlockOrRedirect(moasession, pendingReq);
try {
- AuthenticationSessionStoreage.storeSession(session);
+ authenticatedSessionStorage.storeSession(moasession);
+
} catch (MOADatabaseException e) {
throw new MOAIDException("session store error", null);
}
- // TODO[branch]: Mandate; respond with CXSR for authblock signature, dataURL "/VerifyAuthBlock"
- CitizenCardServletUtils.writeCreateXMLSignatureRequestOrRedirect(resp, session, createXMLSignatureRequestOrRedirect, AuthenticationServer.REQ_PROCESS_VALIDATOR_INPUT, "VerifyCertificate");
+ CitizenCardServletUtils.writeCreateXMLSignatureRequestOrRedirect(resp, pendingReq, createXMLSignatureRequestOrRedirect, AuthenticationServer.REQ_PROCESS_VALIDATOR_INPUT, "VerifyCertificate");
- }
- else {
+ } else {
String countrycode = CertificateUtils.getIssuerCountry(cert);
if (countrycode != null) {
@@ -133,35 +118,29 @@ public class VerifyCertificateTask extends AbstractAuthServletTask {
}
// Foreign Identities Modus
- MOAReversionLogger.getInstance().logEvent(pendingReq.getOnlineApplicationConfiguration(),
+ revisionsLogger.logEvent(pendingReq.getOnlineApplicationConfiguration(),
pendingReq, MOAIDEventConstants.AUTHPROCESS_FOREIGN_FOUND);
- String createXMLSignatureRequest = AuthenticationServer.getInstance().createXMLSignatureRequestForeignID(session, cert);
+ String createXMLSignatureRequest = authServer.createXMLSignatureRequestForeignID(pendingReq, cert);
+
// build dataurl (to the GetForeignIDSerlvet)
String dataurl =
new DataURLBuilder().buildDataURL(
- session.getAuthURL(),
+ pendingReq.getAuthURL(),
REQ_GET_FOREIGN_ID,
- session.getSessionID());
-
- try {
- AuthenticationSessionStoreage.storeSession(session);
- } catch (MOADatabaseException e) {
- throw new MOAIDException("session store error", null);
- }
-
- // TODO[branch]: Foreign citizen; respond with CXSR for authblock signature, dataURL "/GetForeignID"
+ pendingReq.getRequestID());
+
CitizenCardServletUtils.writeCreateXMLSignatureRequest(resp, createXMLSignatureRequest, AuthenticationServer.REQ_PROCESS_VALIDATOR_INPUT, "GetForeignID", dataurl);
Logger.debug("Send CreateXMLSignatureRequest to BKU");
}
}
catch (MOAIDException ex) {
- throw new TaskExecutionException(ex.getMessage(), ex);
+ throw new TaskExecutionException(pendingReq, ex.getMessage(), ex);
} catch (Exception e) {
Logger.error("CertificateValidation has an interal Error.", e);
- throw new TaskExecutionException(e.getMessage(), e);
+ throw new TaskExecutionException(pendingReq, e.getMessage(), e);
}
generated by cgit v1.2.3 (git 2.25.1) at 2024-09-13 11:32:55 +0000