aboutsummaryrefslogtreecommitdiff
path: root/id/server/modules/moa-id-modul-citizencard_authentication/src/main/java
diff options
context:
space:
mode:
Diffstat (limited to 'id/server/modules/moa-id-modul-citizencard_authentication/src/main/java')
-rw-r--r--id/server/modules/moa-id-modul-citizencard_authentication/src/main/java/at/gv/egovernment/moa/id/auth/AuthenticationServer.java92
-rw-r--r--id/server/modules/moa-id-modul-citizencard_authentication/src/main/java/at/gv/egovernment/moa/id/auth/CitizenCardAuthenticationSpringResourceProvider.java63
-rw-r--r--id/server/modules/moa-id-modul-citizencard_authentication/src/main/java/at/gv/egovernment/moa/id/auth/builder/AuthenticationBlockAssertionBuilder.java6
-rw-r--r--id/server/modules/moa-id-modul-citizencard_authentication/src/main/java/at/gv/egovernment/moa/id/auth/builder/StartAuthenticationBuilder.java70
-rw-r--r--id/server/modules/moa-id-modul-citizencard_authentication/src/main/java/at/gv/egovernment/moa/id/auth/modules/internal/AuthModuleImpl.java (renamed from id/server/modules/moa-id-modul-citizencard_authentication/src/main/java/at/gv/egovernment/moa/id/auth/modules/internal/DefaultAuthModuleImpl.java)12
-rw-r--r--id/server/modules/moa-id-modul-citizencard_authentication/src/main/java/at/gv/egovernment/moa/id/auth/modules/internal/tasks/CertificateReadRequestTask.java74
-rw-r--r--id/server/modules/moa-id-modul-citizencard_authentication/src/main/java/at/gv/egovernment/moa/id/auth/modules/internal/tasks/CreateIdentityLinkFormTask.java71
-rw-r--r--id/server/modules/moa-id-modul-citizencard_authentication/src/main/java/at/gv/egovernment/moa/id/auth/modules/internal/tasks/GetForeignIDTask.java102
-rw-r--r--id/server/modules/moa-id-modul-citizencard_authentication/src/main/java/at/gv/egovernment/moa/id/auth/modules/internal/tasks/GetMISSessionIDTask.java112
-rw-r--r--id/server/modules/moa-id-modul-citizencard_authentication/src/main/java/at/gv/egovernment/moa/id/auth/modules/internal/tasks/InitializeBKUAuthenticationTask.java60
-rw-r--r--id/server/modules/moa-id-modul-citizencard_authentication/src/main/java/at/gv/egovernment/moa/id/auth/modules/internal/tasks/PrepareAuthBlockSignatureTask.java87
-rw-r--r--id/server/modules/moa-id-modul-citizencard_authentication/src/main/java/at/gv/egovernment/moa/id/auth/modules/internal/tasks/PrepareGetMISMandateTask.java100
-rw-r--r--id/server/modules/moa-id-modul-citizencard_authentication/src/main/java/at/gv/egovernment/moa/id/auth/modules/internal/tasks/VerifyAuthenticationBlockTask.java119
-rw-r--r--id/server/modules/moa-id-modul-citizencard_authentication/src/main/java/at/gv/egovernment/moa/id/auth/modules/internal/tasks/VerifyCertificateTask.java106
-rw-r--r--id/server/modules/moa-id-modul-citizencard_authentication/src/main/java/at/gv/egovernment/moa/id/auth/modules/internal/tasks/VerifyIdentityLinkTask.java75
-rw-r--r--id/server/modules/moa-id-modul-citizencard_authentication/src/main/java/at/gv/egovernment/moa/id/auth/servlet/CitizenCardAuthProcessEngineSignalController.java52
-rw-r--r--id/server/modules/moa-id-modul-citizencard_authentication/src/main/java/at/gv/egovernment/moa/id/util/CitizenCardServletUtils.java10
17 files changed, 693 insertions, 518 deletions
diff --git a/id/server/modules/moa-id-modul-citizencard_authentication/src/main/java/at/gv/egovernment/moa/id/auth/AuthenticationServer.java b/id/server/modules/moa-id-modul-citizencard_authentication/src/main/java/at/gv/egovernment/moa/id/auth/AuthenticationServer.java
index 11917d0c3..065f3866b 100644
--- a/id/server/modules/moa-id-modul-citizencard_authentication/src/main/java/at/gv/egovernment/moa/id/auth/AuthenticationServer.java
+++ b/id/server/modules/moa-id-modul-citizencard_authentication/src/main/java/at/gv/egovernment/moa/id/auth/AuthenticationServer.java
@@ -1,10 +1,6 @@
package at.gv.egovernment.moa.id.auth;
-import iaik.asn1.ObjectID;
-import iaik.x509.X509Certificate;
-import iaik.x509.X509ExtensionInitException;
-
import java.io.ByteArrayInputStream;
import java.io.IOException;
import java.io.InputStream;
@@ -22,6 +18,8 @@ import javax.xml.transform.TransformerException;
import org.apache.commons.lang.StringEscapeUtils;
import org.apache.xpath.XPathAPI;
import org.opensaml.xml.util.Base64;
+import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.stereotype.Service;
import org.w3c.dom.Document;
import org.w3c.dom.Element;
import org.w3c.dom.NodeList;
@@ -29,7 +27,6 @@ import org.xml.sax.SAXException;
import at.gv.egovernment.moa.id.advancedlogging.MOAIDEventConstants;
import at.gv.egovernment.moa.id.advancedlogging.MOAReversionLogger;
-import at.gv.egovernment.moa.id.auth.MOAIDAuthConstants;
import at.gv.egovernment.moa.id.auth.builder.AuthenticationBlockAssertionBuilder;
import at.gv.egovernment.moa.id.auth.builder.BPKBuilder;
import at.gv.egovernment.moa.id.auth.builder.CreateXMLSignatureRequestBuilder;
@@ -63,6 +60,7 @@ import at.gv.egovernment.moa.id.auth.validator.parep.client.szrgw.SZRGWConstants
import at.gv.egovernment.moa.id.config.ConfigurationException;
import at.gv.egovernment.moa.id.config.auth.AuthConfiguration;
import at.gv.egovernment.moa.id.config.auth.AuthConfigurationProviderFactory;
+import at.gv.egovernment.moa.id.config.auth.IOAAuthParameters;
import at.gv.egovernment.moa.id.config.auth.OAAuthParameter;
import at.gv.egovernment.moa.id.data.MISMandate;
import at.gv.egovernment.moa.id.moduls.IRequest;
@@ -76,6 +74,9 @@ import at.gv.egovernment.moa.util.DateTimeUtils;
import at.gv.egovernment.moa.util.FileUtils;
import at.gv.egovernment.moa.util.MiscUtil;
import at.gv.egovernment.moa.util.StringUtils;
+import iaik.asn1.ObjectID;
+import iaik.x509.X509Certificate;
+import iaik.x509.X509ExtensionInitException;
/**
* API for MOA ID Authentication Service.<br> {@link AuthenticationSession} is
@@ -85,24 +86,11 @@ import at.gv.egovernment.moa.util.StringUtils;
* @version $Id: AuthenticationServer.java 1273 2012-02-27 14:50:18Z kstranacher
* $
*/
+@Service("CitizenCardAuthenticationServer")
public class AuthenticationServer extends BaseAuthenticationServer {
- /**
- * single instance
- */
- private static AuthenticationServer instance;
-
- /**
- * Returns the single instance of <code>AuthenticationServer</code>.
- *
- * @return the single instance of <code>AuthenticationServer</code>
- */
- public static AuthenticationServer getInstance() {
- if (instance == null)
- instance = new AuthenticationServer();
- return instance;
- }
-
+ @Autowired private MOAReversionLogger revisionsLogger;
+
/**
* Constructor for AuthenticationServer.
*/
@@ -139,13 +127,14 @@ public class AuthenticationServer extends BaseAuthenticationServer {
* @param templateMandteURL URL providing an HTML template for the HTML form generated
* (for signing in mandates mode)
* @param req determines the protocol used
+ * @param pendingReq
* @param sourceID
* @return HTML form
* @throws AuthenticationException
* @see GetIdentityLinkFormBuilder
* @see InfoboxReadRequestBuilder
*/
- public String startAuthentication(AuthenticationSession session, HttpServletRequest req) throws WrongParametersException,
+ public String startAuthentication(AuthenticationSession session, HttpServletRequest req, IRequest pendingReq) throws WrongParametersException,
AuthenticationException, ConfigurationException, BuildException {
if (session == null) {
@@ -154,7 +143,7 @@ public class AuthenticationServer extends BaseAuthenticationServer {
//load OnlineApplication configuration
OAAuthParameter oaParam =
- AuthConfigurationProviderFactory.getInstance().getOnlineApplicationParameter(session.getPublicOAURLPrefix());
+ authConfig.getOnlineApplicationParameter(session.getPublicOAURLPrefix());
if (oaParam == null)
throw new AuthenticationException("auth.00", new Object[]{session.getPublicOAURLPrefix()});
@@ -172,7 +161,7 @@ public class AuthenticationServer extends BaseAuthenticationServer {
String infoboxReadRequest = "";
- String domainIdentifier = AuthConfigurationProviderFactory.getInstance().getSSOTagetIdentifier().trim();
+ String domainIdentifier = authConfig.getSSOTagetIdentifier().trim();
if (MiscUtil.isEmpty(domainIdentifier) && session.isSsoRequested()) {
//do not use SSO if no Target is set
Logger.warn("NO SSO-Target found in configuration. Single Sign-On is deaktivated!");
@@ -209,34 +198,17 @@ public class AuthenticationServer extends BaseAuthenticationServer {
String dataURL = new DataURLBuilder().buildDataURL(
- session.getAuthURL(), REQ_VERIFY_IDENTITY_LINK, session
- .getSessionID());
+ session.getAuthURL(), REQ_VERIFY_IDENTITY_LINK, pendingReq.getRequestID());
//removed in MOAID 2.0
String pushInfobox = "";
- // VerifyInfoboxParameters verifyInfoboxParameters = oaParam
- // .getVerifyInfoboxParameters();
- // if (verifyInfoboxParameters != null) {
- // pushInfobox = verifyInfoboxParameters.getPushInfobox();
- // session.setPushInfobox(pushInfobox);
- // }
-
- //build CertInfo request
- //removed in MOA-ID 2.0
- // String certInfoRequest = new CertInfoVerifyXMLSignatureRequestBuilder()
- // .build();
- // String certInfoDataURL = new DataURLBuilder()
- // .buildDataURL(session.getAuthURL(), REQ_START_AUTHENTICATION,
- // session.getSessionID());
-
//get Applet Parameters
String appletwidth = req.getParameter(PARAM_APPLET_WIDTH);
String appletheigth = req.getParameter(PARAM_APPLET_HEIGTH);
appletheigth = StringEscapeUtils.escapeHtml(appletheigth);
appletwidth = StringEscapeUtils.escapeHtml(appletwidth);
- //TODO: cleanup before MOA-ID 2.1 release
try {
String htmlForm = new GetIdentityLinkFormBuilder().build(template,
session.getBkuURL(), infoboxReadRequest, dataURL, null,
@@ -333,7 +305,7 @@ public class AuthenticationServer extends BaseAuthenticationServer {
VerifyXMLSignatureResponse verifyXMLSignatureResponse = new VerifyXMLSignatureResponseParser(
domVerifyXMLSignatureResponse).parseData();
- OAAuthParameter oaParam = AuthConfigurationProviderFactory.getInstance()
+ OAAuthParameter oaParam = authConfig
.getOnlineApplicationParameter(session.getPublicOAURLPrefix());
// validates the <VerifyXMLSignatureResponse>
@@ -349,7 +321,7 @@ public class AuthenticationServer extends BaseAuthenticationServer {
//Removed in MOA-ID 2.0
//verifyInfoboxes(session, infoboxReadResponseParameters, false);
- MOAReversionLogger.getInstance().logEvent(pendingReq.getOnlineApplicationConfiguration(),
+ revisionsLogger.logEvent(pendingReq.getOnlineApplicationConfiguration(),
pendingReq, MOAIDEventConstants.AUTHPROCESS_IDL_VALIDATED);
return "found!";
@@ -406,7 +378,7 @@ public class AuthenticationServer extends BaseAuthenticationServer {
AuthConfiguration authConf = AuthConfigurationProviderFactory
.getInstance();
- OAAuthParameter oaParam = AuthConfigurationProviderFactory.getInstance()
+ OAAuthParameter oaParam = authConfig
.getOnlineApplicationParameter(session.getPublicOAURLPrefix());
String returnvalue = getCreateXMLSignatureRequestAuthBlockOrRedirect(session,
@@ -441,7 +413,7 @@ public class AuthenticationServer extends BaseAuthenticationServer {
throw new AuthenticationException("auth.10", new Object[]{
GET_MIS_SESSIONID, PARAM_SESSIONID});
- OAAuthParameter oaParam = AuthConfigurationProviderFactory.getInstance()
+ OAAuthParameter oaParam = authConfig
.getOnlineApplicationParameter(session.getPublicOAURLPrefix());
try {
@@ -480,7 +452,7 @@ public class AuthenticationServer extends BaseAuthenticationServer {
*/
public String getCreateXMLSignatureRequestAuthBlockOrRedirect(
AuthenticationSession session, AuthConfiguration authConf,
- OAAuthParameter oaParam, IRequest pendingReq) throws ConfigurationException,
+ IOAAuthParameters oaParam, IRequest pendingReq) throws ConfigurationException,
BuildException, ValidateException {
// // check for intermediate processing of the infoboxes
@@ -488,9 +460,9 @@ public class AuthenticationServer extends BaseAuthenticationServer {
// return "Redirect to Input Processor";
if (authConf == null)
- authConf = AuthConfigurationProviderFactory.getInstance();
+ authConf = authConfig;
if (oaParam == null)
- oaParam = AuthConfigurationProviderFactory.getInstance()
+ oaParam = authConfig
.getOnlineApplicationParameter(
session.getPublicOAURLPrefix());
@@ -529,7 +501,7 @@ public class AuthenticationServer extends BaseAuthenticationServer {
AuthConfiguration authConf = AuthConfigurationProviderFactory
.getInstance();
- OAAuthParameter oaParam = AuthConfigurationProviderFactory.getInstance()
+ OAAuthParameter oaParam = authConfig
.getOnlineApplicationParameter(session.getPublicOAURLPrefix());
return getCreateXMLSignatureRequestForeigID(session, authConf, oaParam,
@@ -546,9 +518,9 @@ public class AuthenticationServer extends BaseAuthenticationServer {
// return "Redirect to Input Processor";
if (authConf == null)
- authConf = AuthConfigurationProviderFactory.getInstance();
+ authConf = authConfig;
if (oaParam == null)
- oaParam = AuthConfigurationProviderFactory.getInstance()
+ oaParam = authConfig
.getOnlineApplicationParameter(
session.getPublicOAURLPrefix());
@@ -634,15 +606,11 @@ public class AuthenticationServer extends BaseAuthenticationServer {
* including the <code>&lt;ReadInfoboxResponse&gt;</code>
* @throws BKUException
*/
- public X509Certificate getCertificate(IRequest pendingReq, String sessionID,
+ public X509Certificate getCertificate(IRequest pendingReq,
Map<String, String> readInfoboxResponseParameters) throws AuthenticationException,
BuildException, ParseException, ConfigurationException,
ValidateException, ServiceException, BKUException {
- if (isEmpty(sessionID))
- throw new AuthenticationException("auth.10", new Object[]{
- REQ_VERIFY_CERTIFICATE, PARAM_SESSIONID});
-
String xmlReadInfoboxResponse = (String) readInfoboxResponseParameters
.get(PARAM_XMLRESPONSE);
@@ -655,7 +623,7 @@ public class AuthenticationServer extends BaseAuthenticationServer {
xmlReadInfoboxResponse);
X509Certificate cert = p.parseCertificate();
- MOAReversionLogger.getInstance().logEvent(pendingReq.getOnlineApplicationConfiguration(),
+ revisionsLogger.logEvent(pendingReq.getOnlineApplicationConfiguration(),
pendingReq, MOAIDEventConstants.AUTHPROCESS_CERTIFICATE_VALIDATED);
return cert;
@@ -673,7 +641,7 @@ public class AuthenticationServer extends BaseAuthenticationServer {
* to be appended to the AUTH-Block.
*/
private String buildAuthenticationBlock(AuthenticationSession session,
- OAAuthParameter oaParam, IRequest pendingReq) throws BuildException {
+ IOAAuthParameters oaParam, IRequest pendingReq) throws BuildException {
IdentityLink identityLink = session.getIdentityLink();
String issuer = identityLink.getName();
@@ -1121,7 +1089,7 @@ public class AuthenticationServer extends BaseAuthenticationServer {
}
}
- OAAuthParameter oaParam = AuthConfigurationProviderFactory.getInstance()
+ OAAuthParameter oaParam = authConfig
.getOnlineApplicationParameter(session.getPublicOAURLPrefix());
// validates the <VerifyXMLSignatureResponse>
@@ -1163,10 +1131,10 @@ public class AuthenticationServer extends BaseAuthenticationServer {
//set QAA Level four in case of card authentifcation
session.setQAALevel(PVPConstants.STORK_QAA_1_4);
- MOAReversionLogger.getInstance().logEvent(pendingReq.getOnlineApplicationConfiguration(),
+ revisionsLogger.logEvent(pendingReq.getOnlineApplicationConfiguration(),
pendingReq, MOAIDEventConstants.AUTHPROCESS_AUTHBLOCK_VALIDATED);
- MOAReversionLogger.getInstance().logPersonalInformationEvent(pendingReq, session.getIdentityLink()
+ revisionsLogger.logPersonalInformationEvent(pendingReq, session.getIdentityLink()
);
}
diff --git a/id/server/modules/moa-id-modul-citizencard_authentication/src/main/java/at/gv/egovernment/moa/id/auth/CitizenCardAuthenticationSpringResourceProvider.java b/id/server/modules/moa-id-modul-citizencard_authentication/src/main/java/at/gv/egovernment/moa/id/auth/CitizenCardAuthenticationSpringResourceProvider.java
new file mode 100644
index 000000000..18bf5a1ba
--- /dev/null
+++ b/id/server/modules/moa-id-modul-citizencard_authentication/src/main/java/at/gv/egovernment/moa/id/auth/CitizenCardAuthenticationSpringResourceProvider.java
@@ -0,0 +1,63 @@
+/*
+ * Copyright 2014 Federal Chancellery Austria
+ * MOA-ID has been developed in a cooperation between BRZ, the Federal
+ * Chancellery Austria - ICT staff unit, and Graz University of Technology.
+ *
+ * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by
+ * the European Commission - subsequent versions of the EUPL (the "Licence");
+ * You may not use this work except in compliance with the Licence.
+ * You may obtain a copy of the Licence at:
+ * http://www.osor.eu/eupl/
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the Licence is distributed on an "AS IS" basis,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the Licence for the specific language governing permissions and
+ * limitations under the Licence.
+ *
+ * This product combines work with different licenses. See the "NOTICE" text
+ * file for details on the various modules and licenses.
+ * The "NOTICE" text file is part of the distribution. Any derivative works
+ * that you distribute must include a readable copy of the "NOTICE" text file.
+ */
+package at.gv.egovernment.moa.id.auth;
+
+import org.springframework.core.io.ClassPathResource;
+import org.springframework.core.io.Resource;
+
+import at.gv.egiz.components.spring.api.SpringResourceProvider;
+
+/**
+ * @author tlenz
+ *
+ */
+public class CitizenCardAuthenticationSpringResourceProvider implements SpringResourceProvider {
+
+ /* (non-Javadoc)
+ * @see at.gv.egiz.components.spring.api.SpringResourceProvider#getResourcesToLoad()
+ */
+ @Override
+ public Resource[] getResourcesToLoad() {
+ ClassPathResource citizenCardAuthConfig = new ClassPathResource("/moaid_citizencard_auth.beans.xml", MOAIDAuthSpringResourceProvider.class);
+
+ return new Resource[] {citizenCardAuthConfig};
+ }
+
+ /* (non-Javadoc)
+ * @see at.gv.egiz.components.spring.api.SpringResourceProvider#getPackagesToScan()
+ */
+ @Override
+ public String[] getPackagesToScan() {
+ // TODO Auto-generated method stub
+ return null;
+ }
+
+ /* (non-Javadoc)
+ * @see at.gv.egiz.components.spring.api.SpringResourceProvider#getName()
+ */
+ @Override
+ public String getName() {
+ return "MOA-ID-CitizenCardAuthentication SpringResourceProvider";
+ }
+
+}
diff --git a/id/server/modules/moa-id-modul-citizencard_authentication/src/main/java/at/gv/egovernment/moa/id/auth/builder/AuthenticationBlockAssertionBuilder.java b/id/server/modules/moa-id-modul-citizencard_authentication/src/main/java/at/gv/egovernment/moa/id/auth/builder/AuthenticationBlockAssertionBuilder.java
index 760d28d5b..79f407ca3 100644
--- a/id/server/modules/moa-id-modul-citizencard_authentication/src/main/java/at/gv/egovernment/moa/id/auth/builder/AuthenticationBlockAssertionBuilder.java
+++ b/id/server/modules/moa-id-modul-citizencard_authentication/src/main/java/at/gv/egovernment/moa/id/auth/builder/AuthenticationBlockAssertionBuilder.java
@@ -175,7 +175,7 @@ public class AuthenticationBlockAssertionBuilder extends AuthenticationAssertion
String gebDat,
List<ExtendedSAMLAttribute> extendedSAMLAttributes,
AuthenticationSession session,
- OAAuthParameter oaParam)
+ IOAAuthParameters oaParam2)
throws BuildException
{
@@ -193,7 +193,7 @@ public class AuthenticationBlockAssertionBuilder extends AuthenticationAssertion
//adding type of wbPK domain identifier
ExtendedSAMLAttribute idLinkDomainIdentifierTypeAttribute =
- new ExtendedSAMLAttributeImpl("IdentityLinkDomainIdentifierType", oaParam.getIdentityLinkDomainIdentifierType(), Constants.MOA_NS_URI, ExtendedSAMLAttribute.ADD_TO_AUTHBLOCK_ONLY);
+ new ExtendedSAMLAttributeImpl("IdentityLinkDomainIdentifierType", oaParam2.getIdentityLinkDomainIdentifierType(), Constants.MOA_NS_URI, ExtendedSAMLAttribute.ADD_TO_AUTHBLOCK_ONLY);
extendedSAMLAttributes.add(idLinkDomainIdentifierTypeAttribute);
@@ -255,7 +255,7 @@ public class AuthenticationBlockAssertionBuilder extends AuthenticationAssertion
}
//adding friendly name of OA
- String oaFriendlyName = StringUtils.isEmpty(oaParam.getFriendlyName()) ? "" : oaParam.getFriendlyName();
+ String oaFriendlyName = StringUtils.isEmpty(oaParam2.getFriendlyName()) ? "" : oaParam2.getFriendlyName();
ExtendedSAMLAttribute oaFriendlyNameAttribute =
new ExtendedSAMLAttributeImpl("oaFriendlyName", oaFriendlyName, Constants.MOA_NS_URI, ExtendedSAMLAttribute.ADD_TO_AUTHBLOCK_ONLY);
diff --git a/id/server/modules/moa-id-modul-citizencard_authentication/src/main/java/at/gv/egovernment/moa/id/auth/builder/StartAuthenticationBuilder.java b/id/server/modules/moa-id-modul-citizencard_authentication/src/main/java/at/gv/egovernment/moa/id/auth/builder/StartAuthenticationBuilder.java
deleted file mode 100644
index 5c1b12e0d..000000000
--- a/id/server/modules/moa-id-modul-citizencard_authentication/src/main/java/at/gv/egovernment/moa/id/auth/builder/StartAuthenticationBuilder.java
+++ /dev/null
@@ -1,70 +0,0 @@
-/*******************************************************************************
- * Copyright 2014 Federal Chancellery Austria
- * MOA-ID has been developed in a cooperation between BRZ, the Federal
- * Chancellery Austria - ICT staff unit, and Graz University of Technology.
- *
- * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by
- * the European Commission - subsequent versions of the EUPL (the "Licence");
- * You may not use this work except in compliance with the Licence.
- * You may obtain a copy of the Licence at:
- * http://www.osor.eu/eupl/
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the Licence is distributed on an "AS IS" basis,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the Licence for the specific language governing permissions and
- * limitations under the Licence.
- *
- * This product combines work with different licenses. See the "NOTICE" text
- * file for details on the various modules and licenses.
- * The "NOTICE" text file is part of the distribution. Any derivative works
- * that you distribute must include a readable copy of the "NOTICE" text file.
- ******************************************************************************/
-package at.gv.egovernment.moa.id.auth.builder;
-
-import javax.servlet.http.HttpServletRequest;
-import javax.servlet.http.HttpServletResponse;
-
-import at.gv.egovernment.moa.id.auth.AuthenticationServer;
-import at.gv.egovernment.moa.id.auth.data.AuthenticationSession;
-import at.gv.egovernment.moa.id.auth.exception.AuthenticationException;
-import at.gv.egovernment.moa.id.auth.exception.MOAIDException;
-import at.gv.egovernment.moa.id.auth.exception.WrongParametersException;
-import at.gv.egovernment.moa.logging.Logger;
-
-public class StartAuthenticationBuilder {
-
- private static StartAuthenticationBuilder instance = null;
-
- public static StartAuthenticationBuilder getInstance() {
- if (instance == null) {
- instance = new StartAuthenticationBuilder();
- }
- return instance;
- }
-
-
- /**
- * Depending on the selected citizen's country ({@code moasession.ccc}):
- * <ul>
- * <li><strong>Either</strong> creates an "IdentityLinkForm" with embedded {@code InfoBoxReadRequest} to be submitted to a citizen card
- * environment for reading the subject's IdentityLink</li>
- * </ul>
- *
- * @return The IdentityLinkForm.
- */
- public String build(AuthenticationSession moasession, HttpServletRequest req,
- HttpServletResponse resp) throws WrongParametersException, MOAIDException {
-
- if (moasession == null) {
- throw new AuthenticationException("auth.18", new Object[] { });
- }
-
- //normal MOA-ID authentication
- Logger.debug("Starting normal MOA-ID authentication");
-
- String getIdentityLinkForm = AuthenticationServer.getInstance().startAuthentication(moasession, req);
-
- return getIdentityLinkForm;
- }
-}
diff --git a/id/server/modules/moa-id-modul-citizencard_authentication/src/main/java/at/gv/egovernment/moa/id/auth/modules/internal/DefaultAuthModuleImpl.java b/id/server/modules/moa-id-modul-citizencard_authentication/src/main/java/at/gv/egovernment/moa/id/auth/modules/internal/AuthModuleImpl.java
index cac7359c7..29118ac17 100644
--- a/id/server/modules/moa-id-modul-citizencard_authentication/src/main/java/at/gv/egovernment/moa/id/auth/modules/internal/DefaultAuthModuleImpl.java
+++ b/id/server/modules/moa-id-modul-citizencard_authentication/src/main/java/at/gv/egovernment/moa/id/auth/modules/internal/AuthModuleImpl.java
@@ -1,5 +1,6 @@
package at.gv.egovernment.moa.id.auth.modules.internal;
+
import org.apache.commons.lang3.StringUtils;
import at.gv.egovernment.moa.id.auth.MOAIDAuthConstants;
@@ -9,7 +10,7 @@ import at.gv.egovernment.moa.id.process.api.ExecutionContext;
/**
* Module descriptor
*/
-public class DefaultAuthModuleImpl implements AuthModule {
+public class AuthModuleImpl implements AuthModule {
@Override
public int getPriority() {
@@ -19,8 +20,15 @@ public class DefaultAuthModuleImpl implements AuthModule {
@Override
public String selectProcess(ExecutionContext context) {
//select process if BKU is selected and it is no STORK authentication
+
+ boolean performBKUSelection = false;
+ Object performBKUSelectionObj = context.get("performBKUSelection");
+ if (performBKUSelectionObj != null && performBKUSelectionObj instanceof Boolean)
+ performBKUSelection = (boolean) performBKUSelectionObj;
+
if (StringUtils.isBlank((String) context.get("ccc")) &&
- StringUtils.isNotBlank((String) context.get(MOAIDAuthConstants.PARAM_BKU)))
+ StringUtils.isNotBlank((String) context.get(MOAIDAuthConstants.PARAM_BKU)) &&
+ !performBKUSelection)
return "DefaultAuthentication";
else
diff --git a/id/server/modules/moa-id-modul-citizencard_authentication/src/main/java/at/gv/egovernment/moa/id/auth/modules/internal/tasks/CertificateReadRequestTask.java b/id/server/modules/moa-id-modul-citizencard_authentication/src/main/java/at/gv/egovernment/moa/id/auth/modules/internal/tasks/CertificateReadRequestTask.java
index 7e1bf1fc7..6ff0177ac 100644
--- a/id/server/modules/moa-id-modul-citizencard_authentication/src/main/java/at/gv/egovernment/moa/id/auth/modules/internal/tasks/CertificateReadRequestTask.java
+++ b/id/server/modules/moa-id-modul-citizencard_authentication/src/main/java/at/gv/egovernment/moa/id/auth/modules/internal/tasks/CertificateReadRequestTask.java
@@ -1,6 +1,7 @@
package at.gv.egovernment.moa.id.auth.modules.internal.tasks;
-import static at.gv.egovernment.moa.id.auth.MOAIDAuthConstants.*;
+import static at.gv.egovernment.moa.id.auth.MOAIDAuthConstants.PARAM_TARGET_PENDINGREQUESTID;
+import static at.gv.egovernment.moa.id.auth.MOAIDAuthConstants.REQ_VERIFY_CERTIFICATE;
import java.io.IOException;
@@ -9,22 +10,24 @@ import javax.servlet.http.HttpServletResponse;
import org.apache.commons.lang.StringEscapeUtils;
import org.apache.commons.lang3.BooleanUtils;
+import org.apache.commons.lang3.ObjectUtils;
+import org.springframework.stereotype.Service;
import at.gv.egovernment.moa.id.auth.AuthenticationServer;
+import at.gv.egovernment.moa.id.auth.MOAIDAuthConstants;
import at.gv.egovernment.moa.id.auth.builder.DataURLBuilder;
import at.gv.egovernment.moa.id.auth.builder.InfoboxReadRequestBuilderCertificate;
import at.gv.egovernment.moa.id.auth.data.AuthenticationSession;
import at.gv.egovernment.moa.id.auth.exception.AuthenticationException;
import at.gv.egovernment.moa.id.auth.exception.MOAIDException;
-import at.gv.egovernment.moa.id.auth.exception.WrongParametersException;
import at.gv.egovernment.moa.id.auth.modules.AbstractAuthServletTask;
import at.gv.egovernment.moa.id.auth.modules.TaskExecutionException;
-
+import at.gv.egovernment.moa.id.commons.db.ex.MOADatabaseException;
+import at.gv.egovernment.moa.id.moduls.IRequest;
import at.gv.egovernment.moa.id.process.api.ExecutionContext;
-import at.gv.egovernment.moa.id.storage.AuthenticationSessionStoreage;
import at.gv.egovernment.moa.id.util.CitizenCardServletUtils;
-import at.gv.egovernment.moa.id.util.ParamValidatorUtils;
import at.gv.egovernment.moa.logging.Logger;
+import at.gv.egovernment.moa.util.MiscUtil;
/**
* Creates {@code InfoBoxReadRequest} in order to read the subject's certificates.<p/>
@@ -46,44 +49,69 @@ import at.gv.egovernment.moa.logging.Logger;
* @see #execute(ExecutionContext, HttpServletRequest, HttpServletResponse)
*
*/
+@Service("CertificateReadRequestTask")
public class CertificateReadRequestTask extends AbstractAuthServletTask {
@Override
public void execute(ExecutionContext executionContext, HttpServletRequest req, HttpServletResponse resp)
throws TaskExecutionException {
-
- // TODO[branch]: Foreign citizen or mandate mode; respond with IRR for certificates, dataURL = "/VerifyCertificate"
- Logger.info("Send InfoboxReadRequest to BKU to get signer certificate.");
-
- setNoCachingHeaders(resp);
+ Logger.debug("Send InfoboxReadRequest to BKU to get signer certificate.");
+
try {
+ String pendingRequestID = StringEscapeUtils.escapeHtml(
+ ObjectUtils.defaultIfNull(
+ req.getParameter(PARAM_TARGET_PENDINGREQUESTID),
+ (String) executionContext.get(PARAM_TARGET_PENDINGREQUESTID)));
+
+ if (MiscUtil.isEmpty(pendingRequestID)) {
+ Logger.info("No PendingRequestID received");
+ throw new MOAIDException("auth.10", new Object[]{"VerifyIdentityLink", "pendingRequestID"});
+ }
+
+ IRequest pendingReq = requestStoreage.getPendingRequest(pendingRequestID);
- String sessionID = StringEscapeUtils.escapeHtml(req.getParameter(PARAM_SESSIONID));
+ if (pendingReq == null) {
+ Logger.info("No PendingRequest with Id: " + pendingRequestID + " Maybe, a transaction timeout occure.");
+ throw new MOAIDException("auth.28", new Object[]{pendingRequestID});
+
+ }
+
+ //change pending-request ID
+ String newPendingRequestID = requestStoreage.changePendingRequestID(pendingReq);
+ executionContext.put(MOAIDAuthConstants.PARAM_TARGET_PENDINGREQUESTID, newPendingRequestID);
+
+ AuthenticationSession moasession = null;;
+ try {
+ moasession = authenticatedSessionStorage.getSession(pendingReq.getMOASessionIdentifier());
- // check parameter
- if (!ParamValidatorUtils.isValidSessionID(sessionID)) {
- throw new WrongParametersException("CertificateReadRequestTask", PARAM_SESSIONID, "auth.12");
+ if (moasession == null) {
+ Logger.warn("MOASessionID is empty.");
+ throw new MOAIDException("auth.18", new Object[] {});
+ }
+
+ } catch (MOADatabaseException e) {
+ Logger.info("MOASession with SessionID=" + pendingReq.getMOASessionIdentifier() + " is not found in Database");
+ throw new MOAIDException("init.04", new Object[] { pendingReq.getMOASessionIdentifier() });
+
+ } catch (Throwable e) {
+ Logger.info("No HTTP Session found!");
+ throw new MOAIDException("auth.18", new Object[] {});
}
-
- AuthenticationSession session = AuthenticationServer.getSession(sessionID);
-
- boolean useMandate = session.getUseMandate();
+
+ boolean useMandate = moasession.getUseMandate();
boolean identityLinkAvailable = BooleanUtils.isTrue((Boolean) executionContext.get("identityLinkAvailable"));
if (!identityLinkAvailable && useMandate) {
Logger.error("Online-Mandate Mode for foreign citizencs not supported.");
throw new AuthenticationException("auth.13", null);
}
-
- // change MOASessionID
- AuthenticationSessionStoreage.changeSessionID(session);
// create the InfoboxReadRequest to get the certificate
String infoboxReadRequest = new InfoboxReadRequestBuilderCertificate().build(true);
// build dataurl (to the VerifyCertificateSerlvet)
- String dataurl = new DataURLBuilder().buildDataURL(session.getAuthURL(), REQ_VERIFY_CERTIFICATE,
- session.getSessionID());
+ String dataurl = new DataURLBuilder().buildDataURL(pendingReq.getAuthURL(), REQ_VERIFY_CERTIFICATE,
+ pendingReq.getRequestID());
CitizenCardServletUtils.writeCreateXMLSignatureRequest(resp, infoboxReadRequest,
AuthenticationServer.REQ_PROCESS_VALIDATOR_INPUT, "VerifyIdentityLink", dataurl);
diff --git a/id/server/modules/moa-id-modul-citizencard_authentication/src/main/java/at/gv/egovernment/moa/id/auth/modules/internal/tasks/CreateIdentityLinkFormTask.java b/id/server/modules/moa-id-modul-citizencard_authentication/src/main/java/at/gv/egovernment/moa/id/auth/modules/internal/tasks/CreateIdentityLinkFormTask.java
index 307074ee2..ef17700d3 100644
--- a/id/server/modules/moa-id-modul-citizencard_authentication/src/main/java/at/gv/egovernment/moa/id/auth/modules/internal/tasks/CreateIdentityLinkFormTask.java
+++ b/id/server/modules/moa-id-modul-citizencard_authentication/src/main/java/at/gv/egovernment/moa/id/auth/modules/internal/tasks/CreateIdentityLinkFormTask.java
@@ -1,33 +1,28 @@
package at.gv.egovernment.moa.id.auth.modules.internal.tasks;
-import static at.gv.egovernment.moa.id.auth.MOAIDAuthConstants.PARAM_SESSIONID;
-
import java.io.PrintWriter;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
-import org.apache.commons.lang.StringEscapeUtils;
import org.apache.commons.lang3.BooleanUtils;
-import org.apache.commons.lang3.ObjectUtils;
+import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.beans.factory.annotation.Qualifier;
+import org.springframework.stereotype.Service;
import at.gv.egovernment.moa.id.advancedlogging.MOAIDEventConstants;
-import at.gv.egovernment.moa.id.advancedlogging.MOAReversionLogger;
import at.gv.egovernment.moa.id.advancedlogging.TransactionIDUtils;
-import at.gv.egovernment.moa.id.auth.builder.StartAuthenticationBuilder;
+import at.gv.egovernment.moa.id.auth.AuthenticationServer;
+import at.gv.egovernment.moa.id.auth.MOAIDAuthConstants;
import at.gv.egovernment.moa.id.auth.data.AuthenticationSession;
import at.gv.egovernment.moa.id.auth.exception.MOAIDException;
import at.gv.egovernment.moa.id.auth.exception.WrongParametersException;
import at.gv.egovernment.moa.id.auth.modules.AbstractAuthServletTask;
import at.gv.egovernment.moa.id.auth.modules.TaskExecutionException;
-import at.gv.egovernment.moa.id.auth.servlet.GenerateIFrameTemplateServlet;
import at.gv.egovernment.moa.id.commons.db.ex.MOADatabaseException;
import at.gv.egovernment.moa.id.moduls.IRequest;
-import at.gv.egovernment.moa.id.moduls.RequestStorage;
import at.gv.egovernment.moa.id.process.api.ExecutionContext;
-import at.gv.egovernment.moa.id.storage.AuthenticationSessionStoreage;
import at.gv.egovernment.moa.logging.Logger;
-import at.gv.egovernment.moa.util.MiscUtil;
import at.gv.egovernment.moa.util.StringUtils;
/**
@@ -62,46 +57,60 @@ import at.gv.egovernment.moa.util.StringUtils;
* @see #execute(ExecutionContext, HttpServletRequest, HttpServletResponse)
*
*/
+@Service("CreateIdentityLinkFormTask")
public class CreateIdentityLinkFormTask extends AbstractAuthServletTask {
+ @Autowired @Qualifier("CitizenCardAuthenticationServer") private AuthenticationServer authServer;
+
@Override
public void execute(ExecutionContext executionContext, HttpServletRequest req, HttpServletResponse resp)
- throws TaskExecutionException {
-
- String moasessionid = StringEscapeUtils.escapeHtml(ObjectUtils.defaultIfNull(req.getParameter(PARAM_SESSIONID), (String) executionContext.get(PARAM_SESSIONID)));
- AuthenticationSession moasession = null;
+ throws TaskExecutionException {
try {
- if (MiscUtil.isEmpty(moasessionid)) {
- Logger.warn("MOASessionID is empty.");
- throw new MOAIDException("auth.18", new Object[] {});
+ IRequest pendingReq = requestStoreage.getPendingRequest(
+ (String) executionContext.get(MOAIDAuthConstants.PARAM_TARGET_PENDINGREQUESTID));
+
+ if (pendingReq == null) {
+ Logger.info("No PendingRequest with Id: " + executionContext.get("pendingRequestID") + " Maybe, a transaction timeout occure.");
+ throw new MOAIDException("auth.28", new Object[]{executionContext.get("pendingRequestID")});
+
}
+ //change pending-request ID
+ String newPendingRequestID = requestStoreage.changePendingRequestID(pendingReq);
+ executionContext.put(MOAIDAuthConstants.PARAM_TARGET_PENDINGREQUESTID, newPendingRequestID);
+
+ AuthenticationSession moasession = null;;
try {
- moasession = AuthenticationSessionStoreage.getSession(moasessionid);
-
- AuthenticationSessionStoreage.changeSessionID(moasession);
- executionContext.remove(PARAM_SESSIONID);
+ moasession = authenticatedSessionStorage.getSession(pendingReq.getMOASessionIdentifier());
+ if (moasession == null) {
+ Logger.warn("MOASessionID is empty.");
+ throw new MOAIDException("auth.18", new Object[] {});
+ }
+
} catch (MOADatabaseException e) {
- Logger.info("MOASession with SessionID=" + moasessionid + " is not found in Database");
- throw new MOAIDException("init.04", new Object[] { moasessionid });
+ Logger.info("MOASession with SessionID=" + pendingReq.getMOASessionIdentifier() + " is not found in Database");
+ throw new MOAIDException("init.04", new Object[] { pendingReq.getMOASessionIdentifier() });
} catch (Throwable e) {
Logger.info("No HTTP Session found!");
throw new MOAIDException("auth.18", new Object[] {});
}
+
+
+
+
+
+ //normal MOA-ID authentication
+ Logger.debug("Starting normal MOA-ID authentication");
+ String getIdentityLinkForm = authServer.startAuthentication(moasession, req, pendingReq);
- StartAuthenticationBuilder startauth = StartAuthenticationBuilder.getInstance();
- String getIdentityLinkForm = startauth.build(moasession, req, resp);
-
- IRequest pendingReq = RequestStorage.getPendingRequest(
- (String) executionContext.get("pendingRequestID"));
if (BooleanUtils.isTrue((Boolean) executionContext.get("useMandate")))
- MOAReversionLogger.getInstance().logEvent(pendingReq.getOnlineApplicationConfiguration(),
+ revisionsLogger.logEvent(pendingReq.getOnlineApplicationConfiguration(),
pendingReq, MOAIDEventConstants.AUTHPROCESS_MANDATES_REQUESTED);
- MOAReversionLogger.getInstance().logEvent(pendingReq.getOnlineApplicationConfiguration(),
+ revisionsLogger.logEvent(pendingReq.getOnlineApplicationConfiguration(),
pendingReq, MOAIDEventConstants.AUTHPROCESS_BKU_URL, moasession.getBkuURL());
if (!StringUtils.isEmpty(getIdentityLinkForm)) {
@@ -109,7 +118,7 @@ public class CreateIdentityLinkFormTask extends AbstractAuthServletTask {
PrintWriter out = new PrintWriter(resp.getOutputStream());
out.print(getIdentityLinkForm);
out.flush();
- Logger.debug("Finished GET " + GenerateIFrameTemplateServlet.class);
+ Logger.debug("Finished GET " + CreateIdentityLinkFormTask.class);
}
} catch (WrongParametersException ex) {
diff --git a/id/server/modules/moa-id-modul-citizencard_authentication/src/main/java/at/gv/egovernment/moa/id/auth/modules/internal/tasks/GetForeignIDTask.java b/id/server/modules/moa-id-modul-citizencard_authentication/src/main/java/at/gv/egovernment/moa/id/auth/modules/internal/tasks/GetForeignIDTask.java
index b729f26e1..5c88afc56 100644
--- a/id/server/modules/moa-id-modul-citizencard_authentication/src/main/java/at/gv/egovernment/moa/id/auth/modules/internal/tasks/GetForeignIDTask.java
+++ b/id/server/modules/moa-id-modul-citizencard_authentication/src/main/java/at/gv/egovernment/moa/id/auth/modules/internal/tasks/GetForeignIDTask.java
@@ -1,6 +1,8 @@
package at.gv.egovernment.moa.id.auth.modules.internal.tasks;
-import static at.gv.egovernment.moa.id.auth.MOAIDAuthConstants.*;
+import static at.gv.egovernment.moa.id.auth.MOAIDAuthConstants.PARAM_TARGET_PENDINGREQUESTID;
+import static at.gv.egovernment.moa.id.auth.MOAIDAuthConstants.PARAM_XMLRESPONSE;
+import static at.gv.egovernment.moa.id.auth.MOAIDAuthConstants.REQ_VERIFY_AUTH_BLOCK;
import java.io.ByteArrayInputStream;
import java.io.IOException;
@@ -13,12 +15,15 @@ import javax.xml.transform.TransformerException;
import org.apache.commons.fileupload.FileUploadException;
import org.apache.commons.lang.StringEscapeUtils;
+import org.apache.commons.lang3.ObjectUtils;
+import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.beans.factory.annotation.Qualifier;
+import org.springframework.stereotype.Service;
import org.w3c.dom.Element;
import at.gv.egovernment.moa.id.advancedlogging.MOAIDEventConstants;
-import at.gv.egovernment.moa.id.advancedlogging.MOAReversionLogger;
import at.gv.egovernment.moa.id.auth.AuthenticationServer;
-import at.gv.egovernment.moa.id.auth.builder.DataURLBuilder;
+import at.gv.egovernment.moa.id.auth.MOAIDAuthConstants;
import at.gv.egovernment.moa.id.auth.data.AuthenticationSession;
import at.gv.egovernment.moa.id.auth.data.CreateXMLSignatureResponse;
import at.gv.egovernment.moa.id.auth.data.IdentityLink;
@@ -33,14 +38,12 @@ import at.gv.egovernment.moa.id.client.SZRGWClientException;
import at.gv.egovernment.moa.id.client.utils.SZRGWClientUtils;
import at.gv.egovernment.moa.id.commons.db.ex.MOADatabaseException;
import at.gv.egovernment.moa.id.moduls.IRequest;
-import at.gv.egovernment.moa.id.moduls.ModulUtils;
-import at.gv.egovernment.moa.id.moduls.RequestStorage;
import at.gv.egovernment.moa.id.process.api.ExecutionContext;
import at.gv.egovernment.moa.id.protocols.pvp2x.PVPConstants;
-import at.gv.egovernment.moa.id.storage.AuthenticationSessionStoreage;
import at.gv.egovernment.moa.id.util.ParamValidatorUtils;
import at.gv.egovernment.moa.logging.Logger;
import at.gv.egovernment.moa.util.DOMUtils;
+import at.gv.egovernment.moa.util.MiscUtil;
import at.gv.util.xsd.srzgw.CreateIdentityLinkResponse;
/**
@@ -68,16 +71,17 @@ import at.gv.util.xsd.srzgw.CreateIdentityLinkResponse;
* @see #execute(ExecutionContext, HttpServletRequest, HttpServletResponse)
*
*/
+@Service("GetForeignIDTask")
public class GetForeignIDTask extends AbstractAuthServletTask {
+ @Autowired @Qualifier("CitizenCardAuthenticationServer") private AuthenticationServer authServer;
+
@Override
public void execute(ExecutionContext executionContext, HttpServletRequest req, HttpServletResponse resp)
throws TaskExecutionException {
Logger.debug("POST GetForeignIDServlet");
- setNoCachingHeaders(resp);
-
Map<String, String> parameters;
try {
@@ -88,30 +92,53 @@ public class GetForeignIDTask extends AbstractAuthServletTask {
throw new TaskExecutionException("Parsing mulitpart/form-data request parameters failed", new IOException(e.getMessage()));
}
- String sessionID = StringEscapeUtils.escapeHtml(req.getParameter(PARAM_SESSIONID));
- String pendingRequestID = null;
- String redirectURL = null;
- AuthenticationSession session = null;
try {
- // check parameter
- if (!ParamValidatorUtils.isValidSessionID(sessionID)) {
- throw new WrongParametersException("GetForeignID", PARAM_SESSIONID, "auth.12");
+ String pendingRequestID = StringEscapeUtils.escapeHtml(
+ ObjectUtils.defaultIfNull(
+ req.getParameter(PARAM_TARGET_PENDINGREQUESTID),
+ (String) executionContext.get(PARAM_TARGET_PENDINGREQUESTID)));
+
+ if (MiscUtil.isEmpty(pendingRequestID)) {
+ Logger.info("No PendingRequestID received");
+ throw new MOAIDException("auth.10", new Object[]{"VerifyIdentityLink", "pendingRequestID"});
}
+
String xmlCreateXMLSignatureResponse = (String) parameters.get(PARAM_XMLRESPONSE);
if (!ParamValidatorUtils.isValidXMLDocument(xmlCreateXMLSignatureResponse)) {
throw new WrongParametersException("GetForeignID", PARAM_XMLRESPONSE, "auth.12");
}
- pendingRequestID = AuthenticationSessionStoreage.getPendingRequestID(sessionID);
- session = AuthenticationServer.getSession(sessionID);
-
- IRequest pendingReq = RequestStorage.getPendingRequest(
- (String) executionContext.get("pendingRequestID"));
- MOAReversionLogger.getInstance().logEvent(pendingReq.getOnlineApplicationConfiguration(),
- pendingReq, MOAIDEventConstants.AUTHPROCESS_BKU_DATAURL_IP, req.getRemoteHost());
- // change MOASessionID
- sessionID = AuthenticationSessionStoreage.changeSessionID(session);
+ IRequest pendingReq = requestStoreage.getPendingRequest(pendingRequestID);
+
+ if (pendingReq == null) {
+ Logger.info("No PendingRequest with Id: " + pendingRequestID + " Maybe, a transaction timeout occure.");
+ throw new MOAIDException("auth.28", new Object[]{pendingRequestID});
+
+ }
+
+ //change pending-request ID
+ String newPendingRequestID = requestStoreage.changePendingRequestID(pendingReq);
+ executionContext.put(MOAIDAuthConstants.PARAM_TARGET_PENDINGREQUESTID, newPendingRequestID);
+
+ AuthenticationSession moasession = null;;
+ try {
+ moasession = authenticatedSessionStorage.getSession(pendingReq.getMOASessionIdentifier());
+
+ if (moasession == null) {
+ Logger.warn("MOASessionID is empty.");
+ throw new MOAIDException("auth.18", new Object[] {});
+ }
+
+ } catch (MOADatabaseException e) {
+ Logger.info("MOASession with SessionID=" + pendingReq.getMOASessionIdentifier() + " is not found in Database");
+ throw new MOAIDException("init.04", new Object[] { pendingReq.getMOASessionIdentifier() });
+ } catch (Throwable e) {
+ Logger.info("No HTTP Session found!");
+ throw new MOAIDException("auth.18", new Object[] {});
+ }
+
+
Logger.debug(xmlCreateXMLSignatureResponse);
CreateXMLSignatureResponse csresp = new CreateXMLSignatureResponseParser(xmlCreateXMLSignatureResponse)
@@ -119,7 +146,7 @@ public class GetForeignIDTask extends AbstractAuthServletTask {
try {
String serializedAssertion = DOMUtils.serializeNode(csresp.getDsigSignature());
- session.setAuthBlock(serializedAssertion);
+ moasession.setAuthBlock(serializedAssertion);
} catch (TransformerException e) {
throw new ParseException("parser.04", new Object[] { REQ_VERIFY_AUTH_BLOCK, PARAM_XMLRESPONSE });
@@ -132,13 +159,14 @@ public class GetForeignIDTask extends AbstractAuthServletTask {
Element signature = csresp.getDsigSignature();
try {
- session.setSignerCertificate(AuthenticationServer.getCertificateFromXML(signature));
+ moasession.setSignerCertificate(AuthenticationServer.getCertificateFromXML(signature));
+
} catch (CertificateException e) {
Logger.error("Could not extract certificate from CreateXMLSignatureResponse");
throw new MOAIDException("auth.14", null);
}
- MOAReversionLogger.getInstance().logEvent(pendingReq.getOnlineApplicationConfiguration(),
+ revisionsLogger.logEvent(pendingReq.getOnlineApplicationConfiguration(),
pendingReq, MOAIDEventConstants.AUTHPROCESS_FOREIGN_SZRGW_CONNECTED);
// make SZR request to the identity link
@@ -152,30 +180,24 @@ public class GetForeignIDTask extends AbstractAuthServletTask {
IdentityLinkAssertionParser ilParser = new IdentityLinkAssertionParser(new ByteArrayInputStream(
response.getIdentityLink()));
IdentityLink identitylink = ilParser.parseIdentityLink();
- session.setIdentityLink(identitylink);
+ moasession.setIdentityLink(identitylink);
// set QAA Level four in case of card authentifcation
- session.setQAALevel(PVPConstants.STORK_QAA_1_4);
-
- AuthenticationServer.getInstance().getForeignAuthenticationData(session);
-
- // session is implicit stored in changeSessionID!!!!
- String newMOASessionID = AuthenticationSessionStoreage.changeSessionID(session);
+ moasession.setQAALevel(PVPConstants.STORK_QAA_1_4);
- Logger.info("Changed MOASession " + sessionID + " to Session " + newMOASessionID);
- Logger.info("Daten angelegt zu MOASession " + newMOASessionID);
+ authServer.getForeignAuthenticationData(moasession);
- MOAReversionLogger.getInstance().logEvent(pendingReq.getOnlineApplicationConfiguration(),
+ revisionsLogger.logEvent(pendingReq.getOnlineApplicationConfiguration(),
pendingReq, MOAIDEventConstants.AUTHPROCESS_FOREIGN_SZRGW_RECEIVED);
try {
- AuthenticationSessionStoreage.storeSession(session);
+ authenticatedSessionStorage.storeSession(moasession);
+
} catch (MOADatabaseException e) {
throw new MOAIDException("Session store error", null);
}
- //put session to context
- executionContext.put(PARAM_SESSIONID, session.getSessionID());
+
}
} catch (MOAIDException ex) {
diff --git a/id/server/modules/moa-id-modul-citizencard_authentication/src/main/java/at/gv/egovernment/moa/id/auth/modules/internal/tasks/GetMISSessionIDTask.java b/id/server/modules/moa-id-modul-citizencard_authentication/src/main/java/at/gv/egovernment/moa/id/auth/modules/internal/tasks/GetMISSessionIDTask.java
index d85681b40..938b4ce77 100644
--- a/id/server/modules/moa-id-modul-citizencard_authentication/src/main/java/at/gv/egovernment/moa/id/auth/modules/internal/tasks/GetMISSessionIDTask.java
+++ b/id/server/modules/moa-id-modul-citizencard_authentication/src/main/java/at/gv/egovernment/moa/id/auth/modules/internal/tasks/GetMISSessionIDTask.java
@@ -1,7 +1,7 @@
package at.gv.egovernment.moa.id.auth.modules.internal.tasks;
-import static at.gv.egovernment.moa.id.auth.MOAIDAuthConstants.*;
-import iaik.pki.PKIException;
+import static at.gv.egovernment.moa.id.auth.MOAIDAuthConstants.GET_MIS_SESSIONID;
+import static at.gv.egovernment.moa.id.auth.MOAIDAuthConstants.PARAM_TARGET_PENDINGREQUESTID;
import java.security.GeneralSecurityException;
import java.util.List;
@@ -12,34 +12,31 @@ import javax.servlet.http.HttpServletResponse;
import javax.xml.parsers.ParserConfigurationException;
import org.apache.commons.lang.StringEscapeUtils;
+import org.apache.commons.lang3.ObjectUtils;
+import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.beans.factory.annotation.Qualifier;
+import org.springframework.stereotype.Service;
import org.xml.sax.SAXException;
import at.gv.egovernment.moa.id.advancedlogging.MOAIDEventConstants;
-import at.gv.egovernment.moa.id.advancedlogging.MOAReversionLogger;
import at.gv.egovernment.moa.id.auth.AuthenticationServer;
-import at.gv.egovernment.moa.id.auth.builder.DataURLBuilder;
+import at.gv.egovernment.moa.id.auth.MOAIDAuthConstants;
import at.gv.egovernment.moa.id.auth.data.AuthenticationSession;
import at.gv.egovernment.moa.id.auth.exception.AuthenticationException;
import at.gv.egovernment.moa.id.auth.exception.MOAIDException;
-import at.gv.egovernment.moa.id.auth.exception.WrongParametersException;
import at.gv.egovernment.moa.id.auth.modules.AbstractAuthServletTask;
import at.gv.egovernment.moa.id.auth.modules.TaskExecutionException;
-
+import at.gv.egovernment.moa.id.commons.db.ex.MOADatabaseException;
import at.gv.egovernment.moa.id.config.ConnectionParameter;
-import at.gv.egovernment.moa.id.config.auth.AuthConfiguration;
-import at.gv.egovernment.moa.id.config.auth.AuthConfigurationProviderFactory;
import at.gv.egovernment.moa.id.data.MISMandate;
import at.gv.egovernment.moa.id.moduls.IRequest;
-import at.gv.egovernment.moa.id.moduls.ModulUtils;
-import at.gv.egovernment.moa.id.moduls.RequestStorage;
import at.gv.egovernment.moa.id.process.api.ExecutionContext;
-import at.gv.egovernment.moa.id.protocols.pvp2x.PVPConstants;
-import at.gv.egovernment.moa.id.storage.AuthenticationSessionStoreage;
-import at.gv.egovernment.moa.id.util.ParamValidatorUtils;
import at.gv.egovernment.moa.id.util.SSLUtils;
import at.gv.egovernment.moa.id.util.client.mis.simple.MISSimpleClient;
import at.gv.egovernment.moa.logging.Logger;
import at.gv.egovernment.moa.util.DOMUtils;
+import at.gv.egovernment.moa.util.MiscUtil;
+import iaik.pki.PKIException;
/**
* Retrieves a mandate from the online mandate issuing service.<p/>
@@ -64,45 +61,64 @@ import at.gv.egovernment.moa.util.DOMUtils;
* @see #execute(ExecutionContext, HttpServletRequest, HttpServletResponse)
*
*/
+@Service("GetMISSessionIDTask")
public class GetMISSessionIDTask extends AbstractAuthServletTask {
+ @Autowired @Qualifier("CitizenCardAuthenticationServer") private AuthenticationServer authServer;
+
@Override
public void execute(ExecutionContext executionContext, HttpServletRequest req, HttpServletResponse resp)
throws TaskExecutionException {
Logger.debug("POST GetMISSessionIDServlet");
- String sessionID = req.getParameter(PARAM_SESSIONID);
-
- // escape parameter strings
- sessionID = StringEscapeUtils.escapeHtml(sessionID);
-
- AuthenticationSession session = null;
- String pendingRequestID = null;
try {
- // check parameter
- if (!ParamValidatorUtils.isValidSessionID(sessionID))
- throw new WrongParametersException("VerifyCertificate",
- PARAM_SESSIONID, "auth.12");
-
- pendingRequestID = AuthenticationSessionStoreage.getPendingRequestID(sessionID);
+ String pendingRequestID = StringEscapeUtils.escapeHtml(
+ ObjectUtils.defaultIfNull(
+ req.getParameter(PARAM_TARGET_PENDINGREQUESTID),
+ (String) executionContext.get(PARAM_TARGET_PENDINGREQUESTID)));
- session = AuthenticationServer.getSession(sessionID);
-
- IRequest pendingReq = RequestStorage.getPendingRequest(
- (String) executionContext.get("pendingRequestID"));
+ if (MiscUtil.isEmpty(pendingRequestID)) {
+ Logger.info("No PendingRequestID received");
+ throw new MOAIDException("auth.10", new Object[]{"VerifyIdentityLink", "pendingRequestID"});
+ }
- //change MOASessionID
- sessionID = AuthenticationSessionStoreage.changeSessionID(session);
+ IRequest pendingReq = requestStoreage.getPendingRequest(pendingRequestID);
+
+ if (pendingReq == null) {
+ Logger.info("No PendingRequest with Id: " + pendingRequestID + " Maybe, a transaction timeout occure.");
+ throw new MOAIDException("auth.28", new Object[]{pendingRequestID});
+
+ }
+
+ //change pending-request ID
+ String newPendingRequestID = requestStoreage.changePendingRequestID(pendingReq);
+ executionContext.put(MOAIDAuthConstants.PARAM_TARGET_PENDINGREQUESTID, newPendingRequestID);
+
+ AuthenticationSession moasession = null;;
+ try {
+ moasession = authenticatedSessionStorage.getSession(pendingReq.getMOASessionIdentifier());
+
+ if (moasession == null) {
+ Logger.warn("MOASessionID is empty.");
+ throw new MOAIDException("auth.18", new Object[] {});
+ }
+
+ } catch (MOADatabaseException e) {
+ Logger.info("MOASession with SessionID=" + pendingReq.getMOASessionIdentifier() + " is not found in Database");
+ throw new MOAIDException("init.04", new Object[] { pendingReq.getMOASessionIdentifier() });
+
+ } catch (Throwable e) {
+ Logger.info("No HTTP Session found!");
+ throw new MOAIDException("auth.18", new Object[] {});
+ }
- String misSessionID = session.getMISSessionID();
+ String misSessionID = moasession.getMISSessionID();
- AuthConfiguration authConf = AuthConfigurationProviderFactory
- .getInstance();
- ConnectionParameter connectionParameters = authConf
+ ConnectionParameter connectionParameters = authConfig
.getOnlineMandatesConnectionParameter();
SSLSocketFactory sslFactory = SSLUtils.getSSLSocketFactory(
- AuthConfigurationProviderFactory.getInstance(),
+ authConfig,
connectionParameters);
List<MISMandate> list = MISSimpleClient.sendGetMandatesRequest(
@@ -113,7 +129,7 @@ public class GetMISSessionIDTask extends AbstractAuthServletTask {
throw new AuthenticationException("auth.15", null);
}
- MOAReversionLogger.getInstance().logEvent(pendingReq.getOnlineApplicationConfiguration(),
+ revisionsLogger.logEvent(pendingReq.getOnlineApplicationConfiguration(),
pendingReq, MOAIDEventConstants.AUTHPROCESS_MANDATE_RECEIVED);
@@ -136,25 +152,17 @@ public class GetMISSessionIDTask extends AbstractAuthServletTask {
null, null).getDocumentElement();
// extract RepresentationType
- AuthenticationServer.getInstance().verifyMandate(session, mandate);
+ authServer.verifyMandate(moasession, mandate);
- session.setMISMandate(mandate);
+ moasession.setMISMandate(mandate);
//log mandate specific set of events
- MOAReversionLogger.getInstance().logMandateEventSet(pendingReq, mandate);
-
- String oldsessionID = session.getSessionID();
-
- //Session is implicite stored in changeSessionID!!!
- String newMOASessionID = AuthenticationSessionStoreage.changeSessionID(session);
+ revisionsLogger.logMandateEventSet(pendingReq, mandate);
+
+ //Stor MOAsession
+ authenticatedSessionStorage.storeSession(moasession);
- Logger.info("Changed MOASession " + oldsessionID + " to Session " + newMOASessionID);
- Logger.info("Daten angelegt zu MOASession " + newMOASessionID);
-
- //put session to context
- executionContext.put(PARAM_SESSIONID, session.getSessionID());
-
} catch (MOAIDException ex) {
throw new TaskExecutionException(ex.getMessage(), ex);
diff --git a/id/server/modules/moa-id-modul-citizencard_authentication/src/main/java/at/gv/egovernment/moa/id/auth/modules/internal/tasks/InitializeBKUAuthenticationTask.java b/id/server/modules/moa-id-modul-citizencard_authentication/src/main/java/at/gv/egovernment/moa/id/auth/modules/internal/tasks/InitializeBKUAuthenticationTask.java
index 1dd4780f7..86d8de047 100644
--- a/id/server/modules/moa-id-modul-citizencard_authentication/src/main/java/at/gv/egovernment/moa/id/auth/modules/internal/tasks/InitializeBKUAuthenticationTask.java
+++ b/id/server/modules/moa-id-modul-citizencard_authentication/src/main/java/at/gv/egovernment/moa/id/auth/modules/internal/tasks/InitializeBKUAuthenticationTask.java
@@ -27,8 +27,9 @@ import java.util.List;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
+import org.springframework.stereotype.Service;
+
import at.gv.egovernment.moa.id.advancedlogging.MOAIDEventConstants;
-import at.gv.egovernment.moa.id.advancedlogging.MOAReversionLogger;
import at.gv.egovernment.moa.id.auth.MOAIDAuthConstants;
import at.gv.egovernment.moa.id.auth.data.AuthenticationSession;
import at.gv.egovernment.moa.id.auth.exception.AuthenticationException;
@@ -37,12 +38,9 @@ import at.gv.egovernment.moa.id.auth.modules.AbstractAuthServletTask;
import at.gv.egovernment.moa.id.auth.modules.TaskExecutionException;
import at.gv.egovernment.moa.id.auth.parser.StartAuthentificationParameterParser;
import at.gv.egovernment.moa.id.commons.db.ex.MOADatabaseException;
-import at.gv.egovernment.moa.id.config.auth.AuthConfigurationProviderFactory;
import at.gv.egovernment.moa.id.config.auth.IOAAuthParameters;
import at.gv.egovernment.moa.id.moduls.IRequest;
-import at.gv.egovernment.moa.id.moduls.RequestStorage;
import at.gv.egovernment.moa.id.process.api.ExecutionContext;
-import at.gv.egovernment.moa.id.storage.AuthenticationSessionStoreage;
import at.gv.egovernment.moa.logging.Logger;
import at.gv.egovernment.moa.util.FileUtils;
import at.gv.egovernment.moa.util.MiscUtil;
@@ -51,6 +49,7 @@ import at.gv.egovernment.moa.util.MiscUtil;
* @author tlenz
*
*/
+@Service("InitializeBKUAuthenticationTask")
public class InitializeBKUAuthenticationTask extends AbstractAuthServletTask {
/* (non-Javadoc)
@@ -62,19 +61,22 @@ public class InitializeBKUAuthenticationTask extends AbstractAuthServletTask {
throws TaskExecutionException {
try {
- String moasessionid = (String) executionContext.get(MOAIDAuthConstants.PARAM_SESSIONID);
- String pendingRequestID = (String) executionContext.get("pendingRequestID");
-
- //load pending request
- IRequest pendingReq = RequestStorage.getPendingRequest(pendingRequestID);
+ IRequest pendingReq = requestStoreage.getPendingRequest(
+ (String) executionContext.get(MOAIDAuthConstants.PARAM_TARGET_PENDINGREQUESTID));
+
if (pendingReq == null) {
- Logger.info("No PendingRequest with Id: " + pendingRequestID + " Maybe, a transaction timeout occure.");
- throw new MOAIDException("auth.28", new Object[]{pendingRequestID});
+ Logger.info("No PendingRequest with Id: " + executionContext.get("pendingRequestID") + " Maybe, a transaction timeout occure.");
+ throw new MOAIDException("auth.28", new Object[]{executionContext.get("pendingRequestID")});
}
-
+
//load MOASession object
- AuthenticationSession moasession = AuthenticationSessionStoreage.getSession(moasessionid);
+ AuthenticationSession moasession = authenticatedSessionStorage.getSession(pendingReq.getMOASessionIdentifier());
+ if (moasession == null) {
+ Logger.info("MOASession with SessionID=" + pendingReq.getMOASessionIdentifier() + " is not found in Database");
+ throw new MOAIDException("init.04", new Object[] { pendingReq.getMOASessionIdentifier() });
+
+ }
boolean isLegacyRequest = false;
Object isLegacyRequestObj = executionContext.get("isLegacyRequest");
@@ -83,8 +85,8 @@ public class InitializeBKUAuthenticationTask extends AbstractAuthServletTask {
if (isLegacyRequest) {
//parse request parameter into MOASession
- Logger.info("Start Authentication Module: " + moasession.getModul()
- + " Action: " + moasession.getAction());
+ Logger.info("Start Authentication Module: " + pendingReq.requestedModule()
+ + " Action: " + pendingReq.requestedAction());
StartAuthentificationParameterParser.parse(executionContext, request, moasession, pendingReq);
@@ -92,12 +94,9 @@ public class InitializeBKUAuthenticationTask extends AbstractAuthServletTask {
String bkuid = (String) executionContext.get(MOAIDAuthConstants.PARAM_BKU);
String useMandate = (String) executionContext.get(MOAIDAuthConstants.PARAM_USEMANDATE);
String ccc = (String) executionContext.get(MOAIDAuthConstants.PARAM_CCC);
-
- //remove MOASessionID from executionContext because it is not needed any more
-
-
- if (MiscUtil.isEmpty(bkuid) || MiscUtil.isEmpty(moasessionid)) {
- Logger.warn("MOASessionID or BKU-type is empty. Maybe an old BKU-selection template is in use.");
+
+ if (MiscUtil.isEmpty(bkuid)) {
+ Logger.warn("BKU-type is empty. Maybe an old BKU-selection template is in use.");
throw new MOAIDException("auth.23", new Object[] {});
}
@@ -108,21 +107,21 @@ public class InitializeBKUAuthenticationTask extends AbstractAuthServletTask {
throw new AuthenticationException("auth.00", new Object[] { moasession.getOAURLRequested() });
else {
- MOAReversionLogger.getInstance().logEvent(pendingReq.getOnlineApplicationConfiguration(),
+ revisionsLogger.logEvent(pendingReq.getOnlineApplicationConfiguration(),
pendingReq, MOAIDEventConstants.AUTHPROCESS_BKUTYPE_SELECTED, bkuid);
//get Target from config or from request in case of SAML 1
String target = null;
- if (MiscUtil.isNotEmpty(pendingReq.getTarget()) &&
- pendingReq.requestedModule().equals("id_saml1"))
- target = pendingReq.getTarget();
+ if (MiscUtil.isNotEmpty(pendingReq.getGenericData("target", String.class)) &&
+ pendingReq.requestedModule().equals("at.gv.egovernment.moa.id.protocols.saml1.SAML1Protocol"))
+ target = pendingReq.getGenericData("target", String.class);
else
target = oaParam.getTarget();
String bkuURL = oaParam.getBKUURL(bkuid);
if (MiscUtil.isEmpty(bkuURL)) {
Logger.info("No OA specific BKU defined. Use BKU from default configuration");
- bkuURL = AuthConfigurationProviderFactory.getInstance().getDefaultBKUURL(bkuid);
+ bkuURL = authConfig.getDefaultBKUURL(bkuid);
}
//search for OA specific template
@@ -133,13 +132,13 @@ public class InitializeBKUAuthenticationTask extends AbstractAuthServletTask {
templateURL = oaTemplateURLList.get(0);
} else {
- templateURL = AuthConfigurationProviderFactory.getInstance().getSLRequestTemplates(bkuid);
+ templateURL = authConfig.getSLRequestTemplates(bkuid);
}
//make url absolut if it is a local url
if (MiscUtil.isNotEmpty(templateURL))
templateURL = FileUtils.makeAbsoluteURL(templateURL,
- AuthConfigurationProviderFactory.getInstance().getRootConfigFileDir());
+ authConfig.getRootConfigFileDir());
if (oaParam.isOnlyMandateAllowed())
useMandate = "true";
@@ -155,8 +154,6 @@ public class InitializeBKUAuthenticationTask extends AbstractAuthServletTask {
templateURL,
useMandate,
ccc,
- moasession.getModul(),
- moasession.getAction(),
request,
pendingReq);
}
@@ -166,7 +163,8 @@ public class InitializeBKUAuthenticationTask extends AbstractAuthServletTask {
// make sure moa session has been persisted before running the process
try {
- AuthenticationSessionStoreage.storeSession(moasession);
+ authenticatedSessionStorage.storeSession(moasession);
+
} catch (MOADatabaseException e) {
Logger.error("Database Error! MOASession is not stored!");
throw new MOAIDException("init.04", new Object[] {
diff --git a/id/server/modules/moa-id-modul-citizencard_authentication/src/main/java/at/gv/egovernment/moa/id/auth/modules/internal/tasks/PrepareAuthBlockSignatureTask.java b/id/server/modules/moa-id-modul-citizencard_authentication/src/main/java/at/gv/egovernment/moa/id/auth/modules/internal/tasks/PrepareAuthBlockSignatureTask.java
index 49888c136..1c5f3c202 100644
--- a/id/server/modules/moa-id-modul-citizencard_authentication/src/main/java/at/gv/egovernment/moa/id/auth/modules/internal/tasks/PrepareAuthBlockSignatureTask.java
+++ b/id/server/modules/moa-id-modul-citizencard_authentication/src/main/java/at/gv/egovernment/moa/id/auth/modules/internal/tasks/PrepareAuthBlockSignatureTask.java
@@ -1,29 +1,29 @@
package at.gv.egovernment.moa.id.auth.modules.internal.tasks;
-import static at.gv.egovernment.moa.id.auth.MOAIDAuthConstants.*;
+import static at.gv.egovernment.moa.id.auth.MOAIDAuthConstants.PARAM_TARGET_PENDINGREQUESTID;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import org.apache.commons.lang.StringEscapeUtils;
+import org.apache.commons.lang3.ObjectUtils;
+import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.beans.factory.annotation.Qualifier;
+import org.springframework.stereotype.Service;
import at.gv.egovernment.moa.id.auth.AuthenticationServer;
+import at.gv.egovernment.moa.id.auth.MOAIDAuthConstants;
import at.gv.egovernment.moa.id.auth.data.AuthenticationSession;
import at.gv.egovernment.moa.id.auth.exception.MOAIDException;
-import at.gv.egovernment.moa.id.auth.exception.WrongParametersException;
import at.gv.egovernment.moa.id.auth.modules.AbstractAuthServletTask;
import at.gv.egovernment.moa.id.auth.modules.TaskExecutionException;
-
-import at.gv.egovernment.moa.id.config.auth.AuthConfiguration;
-import at.gv.egovernment.moa.id.config.auth.AuthConfigurationProviderFactory;
-import at.gv.egovernment.moa.id.config.auth.OAAuthParameter;
+import at.gv.egovernment.moa.id.commons.db.ex.MOADatabaseException;
+import at.gv.egovernment.moa.id.config.auth.IOAAuthParameters;
import at.gv.egovernment.moa.id.moduls.IRequest;
-import at.gv.egovernment.moa.id.moduls.RequestStorage;
import at.gv.egovernment.moa.id.process.api.ExecutionContext;
-import at.gv.egovernment.moa.id.storage.AuthenticationSessionStoreage;
import at.gv.egovernment.moa.id.util.CitizenCardServletUtils;
-import at.gv.egovernment.moa.id.util.ParamValidatorUtils;
import at.gv.egovernment.moa.logging.Logger;
+import at.gv.egovernment.moa.util.MiscUtil;
/**
* Creates {@code CreateXMLSignatureRequest} for auth block signature.<p/>
@@ -45,47 +45,68 @@ import at.gv.egovernment.moa.logging.Logger;
* @see #execute(ExecutionContext, HttpServletRequest, HttpServletResponse)
*
*/
+@Service("PrepareAuthBlockSignatureTask")
public class PrepareAuthBlockSignatureTask extends AbstractAuthServletTask {
+ @Autowired @Qualifier("CitizenCardAuthenticationServer") private AuthenticationServer authServer;
+
@Override
public void execute(ExecutionContext executionContext, HttpServletRequest req, HttpServletResponse resp)
throws TaskExecutionException {
// note: code taken from at.gv.egovernment.moa.id.auth.servlet.VerifyIdentityLinkServlet
- Logger.debug("Process IdentityLink");
-
- setNoCachingHeaders(resp);
+ Logger.debug("Process CreateAuthBlock Task");
- String pendingRequestID = null;
-
try {
+ String pendingRequestID = StringEscapeUtils.escapeHtml(
+ ObjectUtils.defaultIfNull(
+ req.getParameter(PARAM_TARGET_PENDINGREQUESTID),
+ (String) executionContext.get(PARAM_TARGET_PENDINGREQUESTID)));
- String sessionID = StringEscapeUtils.escapeHtml(req.getParameter(PARAM_SESSIONID));
+ if (MiscUtil.isEmpty(pendingRequestID)) {
+ Logger.info("No PendingRequestID received");
+ throw new MOAIDException("auth.10", new Object[]{"VerifyIdentityLink", "pendingRequestID"});
+ }
- // check parameter
- if (!ParamValidatorUtils.isValidSessionID(sessionID)) {
- throw new WrongParametersException("VerifyIdentityLink", PARAM_SESSIONID, "auth.12");
+ IRequest pendingReq = requestStoreage.getPendingRequest(pendingRequestID);
+
+ if (pendingReq == null) {
+ Logger.info("No PendingRequest with Id: " + pendingRequestID + " Maybe, a transaction timeout occure.");
+ throw new MOAIDException("auth.28", new Object[]{pendingRequestID});
+
}
-
- pendingRequestID = AuthenticationSessionStoreage.getPendingRequestID(sessionID);
- IRequest pendingReq = RequestStorage.getPendingRequest(
- (String) executionContext.get("pendingRequestID"));
- AuthenticationSession session = AuthenticationServer.getSession(sessionID);
-
- // change MOASessionID
- sessionID = AuthenticationSessionStoreage.changeSessionID(session);
+ //change pending-request ID
+ String newPendingRequestID = requestStoreage.changePendingRequestID(pendingReq);
+ executionContext.put(MOAIDAuthConstants.PARAM_TARGET_PENDINGREQUESTID, newPendingRequestID);
+
+ AuthenticationSession moasession = null;;
+ try {
+ moasession = authenticatedSessionStorage.getSession(pendingReq.getMOASessionIdentifier());
+
+ if (moasession == null) {
+ Logger.warn("MOASessionID is empty.");
+ throw new MOAIDException("auth.18", new Object[] {});
+ }
- OAAuthParameter oaParam = AuthConfigurationProviderFactory.getInstance().getOnlineApplicationParameter(
- session.getPublicOAURLPrefix());
- AuthConfiguration authConf = AuthConfigurationProviderFactory.getInstance();
+ } catch (MOADatabaseException e) {
+ Logger.info("MOASession with SessionID=" + pendingReq.getMOASessionIdentifier() + " is not found in Database");
+ throw new MOAIDException("init.04", new Object[] { pendingReq.getMOASessionIdentifier() });
+
+ } catch (Throwable e) {
+ Logger.info("No HTTP Session found!");
+ throw new MOAIDException("auth.18", new Object[] {});
+ }
+
+
+ IOAAuthParameters oaParam = pendingReq.getOnlineApplicationConfiguration();
- String createXMLSignatureRequest = AuthenticationServer.getInstance()
- .getCreateXMLSignatureRequestAuthBlockOrRedirect(session, authConf, oaParam, pendingReq);
+ String createXMLSignatureRequest = authServer
+ .getCreateXMLSignatureRequestAuthBlockOrRedirect(moasession, authConfig, oaParam, pendingReq);
- AuthenticationSessionStoreage.storeSession(session);
+ authenticatedSessionStorage.storeSession(moasession);
- CitizenCardServletUtils.writeCreateXMLSignatureRequestOrRedirect(resp, session,
+ CitizenCardServletUtils.writeCreateXMLSignatureRequestOrRedirect(resp, pendingReq,
createXMLSignatureRequest, AuthenticationServer.REQ_PROCESS_VALIDATOR_INPUT,
"VerifyIdentityLink");
diff --git a/id/server/modules/moa-id-modul-citizencard_authentication/src/main/java/at/gv/egovernment/moa/id/auth/modules/internal/tasks/PrepareGetMISMandateTask.java b/id/server/modules/moa-id-modul-citizencard_authentication/src/main/java/at/gv/egovernment/moa/id/auth/modules/internal/tasks/PrepareGetMISMandateTask.java
index 099bc085c..3d8b94239 100644
--- a/id/server/modules/moa-id-modul-citizencard_authentication/src/main/java/at/gv/egovernment/moa/id/auth/modules/internal/tasks/PrepareGetMISMandateTask.java
+++ b/id/server/modules/moa-id-modul-citizencard_authentication/src/main/java/at/gv/egovernment/moa/id/auth/modules/internal/tasks/PrepareGetMISMandateTask.java
@@ -23,17 +23,21 @@
package at.gv.egovernment.moa.id.auth.modules.internal.tasks;
import static at.gv.egovernment.moa.id.auth.MOAIDAuthConstants.GET_MIS_SESSIONID;
-import static at.gv.egovernment.moa.id.auth.MOAIDAuthConstants.PARAM_SESSIONID;
+import static at.gv.egovernment.moa.id.auth.MOAIDAuthConstants.PARAM_TARGET_PENDINGREQUESTID;
import java.util.List;
import javax.net.ssl.SSLSocketFactory;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
+
+import org.apache.commons.lang.StringEscapeUtils;
+import org.apache.commons.lang3.ObjectUtils;
+import org.springframework.stereotype.Service;
import org.w3c.dom.Element;
import at.gv.egovernment.moa.id.advancedlogging.MOAIDEventConstants;
-import at.gv.egovernment.moa.id.advancedlogging.MOAReversionLogger;
+import at.gv.egovernment.moa.id.auth.MOAIDAuthConstants;
import at.gv.egovernment.moa.id.auth.builder.DataURLBuilder;
import at.gv.egovernment.moa.id.auth.data.AuthenticationSession;
import at.gv.egovernment.moa.id.auth.exception.AuthenticationException;
@@ -44,14 +48,9 @@ import at.gv.egovernment.moa.id.auth.modules.AbstractAuthServletTask;
import at.gv.egovernment.moa.id.auth.modules.TaskExecutionException;
import at.gv.egovernment.moa.id.commons.db.ex.MOADatabaseException;
import at.gv.egovernment.moa.id.config.ConnectionParameter;
-import at.gv.egovernment.moa.id.config.auth.AuthConfiguration;
-import at.gv.egovernment.moa.id.config.auth.AuthConfigurationProviderFactory;
import at.gv.egovernment.moa.id.config.auth.IOAAuthParameters;
-import at.gv.egovernment.moa.id.config.auth.OAAuthParameter;
import at.gv.egovernment.moa.id.moduls.IRequest;
-import at.gv.egovernment.moa.id.moduls.RequestStorage;
import at.gv.egovernment.moa.id.process.api.ExecutionContext;
-import at.gv.egovernment.moa.id.storage.AuthenticationSessionStoreage;
import at.gv.egovernment.moa.id.util.SSLUtils;
import at.gv.egovernment.moa.id.util.client.mis.simple.MISSessionId;
import at.gv.egovernment.moa.id.util.client.mis.simple.MISSimpleClient;
@@ -63,6 +62,7 @@ import at.gv.egovernment.moa.util.MiscUtil;
* @author tlenz
*
*/
+@Service("PrepareGetMISMandateTask")
public class PrepareGetMISMandateTask extends AbstractAuthServletTask {
/* (non-Javadoc)
@@ -75,62 +75,66 @@ public class PrepareGetMISMandateTask extends AbstractAuthServletTask {
//mandate Mode
try {
- IRequest pendingReq = RequestStorage.getPendingRequest(
- (String) executionContext.get("pendingRequestID"));
+ String pendingRequestID = StringEscapeUtils.escapeHtml(
+ ObjectUtils.defaultIfNull(
+ request.getParameter(PARAM_TARGET_PENDINGREQUESTID),
+ (String) executionContext.get(PARAM_TARGET_PENDINGREQUESTID)));
- //get Session from context
- String moasessionid = (String) executionContext.get(PARAM_SESSIONID);
- AuthenticationSession session = null;
- if (MiscUtil.isEmpty(moasessionid)) {
- Logger.warn("MOASessionID is empty.");
- throw new MOAIDException("auth.18", new Object[] {});
+ if (MiscUtil.isEmpty(pendingRequestID)) {
+ Logger.info("No PendingRequestID received");
+ throw new MOAIDException("auth.10", new Object[]{"VerifyIdentityLink", "pendingRequestID"});
}
+
+ IRequest pendingReq = requestStoreage.getPendingRequest(pendingRequestID);
+
+ if (pendingReq == null) {
+ Logger.info("No PendingRequest with Id: " + pendingRequestID + " Maybe, a transaction timeout occure.");
+ throw new MOAIDException("auth.28", new Object[]{pendingRequestID});
+ }
+
+ //change pending-request ID
+ String newPendingRequestID = requestStoreage.changePendingRequestID(pendingReq);
+ executionContext.put(MOAIDAuthConstants.PARAM_TARGET_PENDINGREQUESTID, newPendingRequestID);
+
+ AuthenticationSession moasession = null;;
try {
- session = AuthenticationSessionStoreage.getSession(moasessionid);
- AuthenticationSessionStoreage.changeSessionID(session);
-
+ moasession = authenticatedSessionStorage.getSession(pendingReq.getMOASessionIdentifier());
+
+ if (moasession == null) {
+ Logger.warn("MOASessionID is empty.");
+ throw new MOAIDException("auth.18", new Object[] {});
+ }
+
} catch (MOADatabaseException e) {
- Logger.info("MOASession with SessionID=" + moasessionid + " is not found in Database");
- throw new MOAIDException("init.04", new Object[] { moasessionid });
+ Logger.info("MOASession with SessionID=" + pendingReq.getMOASessionIdentifier() + " is not found in Database");
+ throw new MOAIDException("init.04", new Object[] { pendingReq.getMOASessionIdentifier() });
} catch (Throwable e) {
Logger.info("No HTTP Session found!");
throw new MOAIDException("auth.18", new Object[] {});
-
- } finally {
- executionContext.remove(PARAM_SESSIONID);
-
}
-
- AuthConfiguration authConf= AuthConfigurationProviderFactory.getInstance();
- ConnectionParameter connectionParameters = authConf.getOnlineMandatesConnectionParameter();
- SSLSocketFactory sslFactory = SSLUtils.getSSLSocketFactory(AuthConfigurationProviderFactory.getInstance(), connectionParameters);
+ ConnectionParameter connectionParameters = authConfig.getOnlineMandatesConnectionParameter();
+ SSLSocketFactory sslFactory = SSLUtils.getSSLSocketFactory(authConfig, connectionParameters);
// get identitity link as byte[]
- Element elem = session.getIdentityLink().getSamlAssertion();
+ Element elem = moasession.getIdentityLink().getSamlAssertion();
String s = DOMUtils.serializeNode(elem);
//System.out.println("IDL: " + s);
byte[] idl = s.getBytes("UTF-8");
-
- // redirect url
- // build redirect(to the GetMISSessionIdSerlvet)
-
- //change MOASessionID before MIS request
- String newMOASessionID = AuthenticationSessionStoreage.changeSessionID(session);
-
+
String redirectURL = new DataURLBuilder().buildDataURL(
- session.getAuthURL(),
+ pendingReq.getAuthURL(),
GET_MIS_SESSIONID,
- newMOASessionID);
+ pendingReq.getRequestID());
- String oaURL = session.getOAURLRequested();
+ String oaURL = pendingReq.getOAURL();
IOAAuthParameters oaParam = pendingReq.getOnlineApplicationConfiguration();
if (oaParam == null) {
- oaParam = authConf.getOnlineApplicationParameter(oaURL);
+ oaParam = authConfig.getOnlineApplicationParameter(oaURL);
Logger.info("No Service info in PendingRequest --> load service info from configuration");
}
@@ -143,9 +147,9 @@ public class PrepareGetMISMandateTask extends AbstractAuthServletTask {
}
String oaFriendlyName = oaParam.getFriendlyName();
- String mandateReferenceValue = session.getMandateReferenceValue();
- byte[] cert = session.getEncodedSignerCertificate();
- byte[] authBlock = session.getAuthBlock().getBytes("UTF-8");
+ String mandateReferenceValue = moasession.getMandateReferenceValue();
+ byte[] cert = moasession.getEncodedSignerCertificate();
+ byte[] authBlock = moasession.getAuthBlock().getBytes("UTF-8");
//TODO: check in case of SSO!!!
String targetType = null;
@@ -154,13 +158,13 @@ public class PrepareGetMISMandateTask extends AbstractAuthServletTask {
if (id.startsWith(AuthenticationSession.REGISTERANDORDNR_PREFIX_))
targetType = id;
else
- targetType = AuthenticationSession.REGISTERANDORDNR_PREFIX_+session.getDomainIdentifier();
+ targetType = AuthenticationSession.REGISTERANDORDNR_PREFIX_ + moasession.getDomainIdentifier();
} else {
targetType = AuthenticationSession.TARGET_PREFIX_ + oaParam.getTarget();
}
- MOAReversionLogger.getInstance().logEvent(pendingReq.getOnlineApplicationConfiguration(),
+ revisionsLogger.logEvent(pendingReq.getOnlineApplicationConfiguration(),
pendingReq, MOAIDEventConstants.AUTHPROCESS_MANDATE_SERVICE_REQUESTED, mandateReferenceValue);
MISSessionId misSessionID = MISSimpleClient.sendSessionIdRequest(
@@ -181,17 +185,17 @@ public class PrepareGetMISMandateTask extends AbstractAuthServletTask {
}
String redirectMISGUI = misSessionID.getRedirectURL();
- session.setMISSessionID(misSessionID.getSessiondId());
+ moasession.setMISSessionID(misSessionID.getSessiondId());
try {
- AuthenticationSessionStoreage.storeSession(session);
+ authenticatedSessionStorage.storeSession(moasession);
} catch (MOADatabaseException | BuildException e) {
throw new MOAIDException("Session store error", null);
}
- MOAReversionLogger.getInstance().logEvent(pendingReq.getOnlineApplicationConfiguration(),
+ revisionsLogger.logEvent(pendingReq.getOnlineApplicationConfiguration(),
pendingReq, MOAIDEventConstants.AUTHPROCESS_MANDATE_REDIRECT);
response.setStatus(302);
diff --git a/id/server/modules/moa-id-modul-citizencard_authentication/src/main/java/at/gv/egovernment/moa/id/auth/modules/internal/tasks/VerifyAuthenticationBlockTask.java b/id/server/modules/moa-id-modul-citizencard_authentication/src/main/java/at/gv/egovernment/moa/id/auth/modules/internal/tasks/VerifyAuthenticationBlockTask.java
index 35104bf3e..78be6c8c8 100644
--- a/id/server/modules/moa-id-modul-citizencard_authentication/src/main/java/at/gv/egovernment/moa/id/auth/modules/internal/tasks/VerifyAuthenticationBlockTask.java
+++ b/id/server/modules/moa-id-modul-citizencard_authentication/src/main/java/at/gv/egovernment/moa/id/auth/modules/internal/tasks/VerifyAuthenticationBlockTask.java
@@ -1,50 +1,35 @@
package at.gv.egovernment.moa.id.auth.modules.internal.tasks;
-import static at.gv.egovernment.moa.id.auth.MOAIDAuthConstants.*;
-import iaik.pki.PKIException;
+import static at.gv.egovernment.moa.id.auth.MOAIDAuthConstants.PARAM_TARGET_PENDINGREQUESTID;
+import static at.gv.egovernment.moa.id.auth.MOAIDAuthConstants.PARAM_XMLRESPONSE;
import java.io.IOException;
-import java.security.GeneralSecurityException;
-import java.util.List;
import java.util.Map;
-import javax.net.ssl.SSLSocketFactory;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
-import javax.xml.transform.TransformerException;
import org.apache.commons.fileupload.FileUploadException;
import org.apache.commons.lang.StringEscapeUtils;
-import org.w3c.dom.Element;
+import org.apache.commons.lang3.ObjectUtils;
+import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.beans.factory.annotation.Qualifier;
+import org.springframework.stereotype.Service;
import at.gv.egovernment.moa.id.advancedlogging.MOAIDEventConstants;
-import at.gv.egovernment.moa.id.advancedlogging.MOAReversionLogger;
import at.gv.egovernment.moa.id.auth.AuthenticationServer;
-import at.gv.egovernment.moa.id.auth.builder.DataURLBuilder;
+import at.gv.egovernment.moa.id.auth.MOAIDAuthConstants;
import at.gv.egovernment.moa.id.auth.data.AuthenticationSession;
-import at.gv.egovernment.moa.id.auth.exception.AuthenticationException;
-import at.gv.egovernment.moa.id.auth.exception.MISSimpleClientException;
import at.gv.egovernment.moa.id.auth.exception.MOAIDException;
import at.gv.egovernment.moa.id.auth.exception.WrongParametersException;
import at.gv.egovernment.moa.id.auth.modules.AbstractAuthServletTask;
import at.gv.egovernment.moa.id.auth.modules.TaskExecutionException;
-
import at.gv.egovernment.moa.id.commons.db.ex.MOADatabaseException;
-import at.gv.egovernment.moa.id.config.ConnectionParameter;
-import at.gv.egovernment.moa.id.config.auth.AuthConfiguration;
-import at.gv.egovernment.moa.id.config.auth.AuthConfigurationProviderFactory;
-import at.gv.egovernment.moa.id.config.auth.OAAuthParameter;
import at.gv.egovernment.moa.id.moduls.IRequest;
-import at.gv.egovernment.moa.id.moduls.ModulUtils;
-import at.gv.egovernment.moa.id.moduls.RequestStorage;
import at.gv.egovernment.moa.id.process.api.ExecutionContext;
-import at.gv.egovernment.moa.id.storage.AuthenticationSessionStoreage;
import at.gv.egovernment.moa.id.util.ParamValidatorUtils;
-import at.gv.egovernment.moa.id.util.SSLUtils;
-import at.gv.egovernment.moa.id.util.client.mis.simple.MISSessionId;
-import at.gv.egovernment.moa.id.util.client.mis.simple.MISSimpleClient;
import at.gv.egovernment.moa.logging.Logger;
-import at.gv.egovernment.moa.util.DOMUtils;
+import at.gv.egovernment.moa.util.MiscUtil;
/**
* Verifies the signed authentication block (provided as {@code CreateXMLSignatureResponse}).<p/>
@@ -79,62 +64,84 @@ import at.gv.egovernment.moa.util.DOMUtils;
* @see #execute(ExecutionContext, HttpServletRequest, HttpServletResponse)
*
*/
+@Service("VerifyAuthenticationBlockTask")
public class VerifyAuthenticationBlockTask extends AbstractAuthServletTask {
+ @Autowired @Qualifier("CitizenCardAuthenticationServer") private AuthenticationServer authServer;
+
@Override
public void execute(ExecutionContext executionContext, HttpServletRequest req, HttpServletResponse resp)
throws TaskExecutionException {
-
- // note: code taken from at.gv.egovernment.moa.id.auth.servlet.VerifyAuthenticationBlockServlet
Logger.debug("POST VerifyAuthenticationBlock");
- String pendingRequestID = null;
-
Map<String, String> parameters;
try
{
parameters = getParameters(req);
- } catch (FileUploadException | IOException e)
- {
+ } catch (FileUploadException | IOException e) {
Logger.error("Parsing mulitpart/form-data request parameters failed: " + e.getMessage());
throw new TaskExecutionException("Parsing mulitpart/form-data request parameters failed", new IOException(e.getMessage()));
- }
- String sessionID = req.getParameter(PARAM_SESSIONID);
- String createXMLSignatureResponse = (String)parameters.get(PARAM_XMLRESPONSE);
-
- // escape parameter strings
- sessionID = StringEscapeUtils.escapeHtml(sessionID);
- pendingRequestID = AuthenticationSessionStoreage.getPendingRequestID(sessionID);
-
+ }
+
+ String createXMLSignatureResponse = (String)parameters.get(PARAM_XMLRESPONSE);
+
String redirectURL = null;
try {
- // check parameter
- if (!ParamValidatorUtils.isValidSessionID(sessionID))
- throw new WrongParametersException("VerifyAuthenticationBlock", PARAM_SESSIONID, "auth.12");
- if (!ParamValidatorUtils.isValidXMLDocument(createXMLSignatureResponse))
- throw new WrongParametersException("VerifyAuthenticationBlock", PARAM_XMLRESPONSE, "auth.12");
+ String pendingRequestID = StringEscapeUtils.escapeHtml(
+ ObjectUtils.defaultIfNull(
+ req.getParameter(PARAM_TARGET_PENDINGREQUESTID),
+ (String) executionContext.get(PARAM_TARGET_PENDINGREQUESTID)));
+
+ if (MiscUtil.isEmpty(pendingRequestID)) {
+ Logger.info("No PendingRequestID received");
+ throw new MOAIDException("auth.10", new Object[]{"VerifyIdentityLink", "pendingRequestID"});
+ }
+
+ if (!ParamValidatorUtils.isValidXMLDocument(createXMLSignatureResponse))
+ throw new WrongParametersException("VerifyAuthenticationBlock", PARAM_XMLRESPONSE, "auth.12");
+
+ IRequest pendingReq = requestStoreage.getPendingRequest(pendingRequestID);
+
+ if (pendingReq == null) {
+ Logger.info("No PendingRequest with Id: " + pendingRequestID + " Maybe, a transaction timeout occure.");
+ throw new MOAIDException("auth.28", new Object[]{pendingRequestID});
+
+ }
+
+ //change pending-request ID
+ String newPendingRequestID = requestStoreage.changePendingRequestID(pendingReq);
+ executionContext.put(MOAIDAuthConstants.PARAM_TARGET_PENDINGREQUESTID, newPendingRequestID);
+
+ AuthenticationSession moasession = null;;
+ try {
+ moasession = authenticatedSessionStorage.getSession(pendingReq.getMOASessionIdentifier());
+
+ if (moasession == null) {
+ Logger.warn("MOASessionID is empty.");
+ throw new MOAIDException("auth.18", new Object[] {});
+ }
+
+ } catch (MOADatabaseException e) {
+ Logger.info("MOASession with SessionID=" + pendingReq.getMOASessionIdentifier() + " is not found in Database");
+ throw new MOAIDException("init.04", new Object[] { pendingReq.getMOASessionIdentifier() });
- AuthenticationSession session = AuthenticationServer.getSession(sessionID);
+ } catch (Throwable e) {
+ Logger.info("No HTTP Session found!");
+ throw new MOAIDException("auth.18", new Object[] {});
+ }
+
- IRequest pendingReq = RequestStorage.getPendingRequest(
- (String) executionContext.get("pendingRequestID"));
- MOAReversionLogger.getInstance().logEvent(pendingReq.getOnlineApplicationConfiguration(),
+ revisionsLogger.logEvent(pendingReq.getOnlineApplicationConfiguration(),
pendingReq, MOAIDEventConstants.AUTHPROCESS_BKU_DATAURL_IP, req.getRemoteHost());
-
- //change MOASessionID
- sessionID = AuthenticationSessionStoreage.changeSessionID(session);
-
- AuthenticationServer.getInstance().verifyAuthenticationBlock(pendingReq, session, createXMLSignatureResponse);
+
+ authServer.verifyAuthenticationBlock(pendingReq, moasession, createXMLSignatureResponse);
//store all changes in session DAO
- AuthenticationSessionStoreage.storeSession(session);
-
- //put session to context
- executionContext.put(PARAM_SESSIONID, session.getSessionID());
-
+ authenticatedSessionStorage.storeSession(moasession);
+
}
catch (MOAIDException ex) {
diff --git a/id/server/modules/moa-id-modul-citizencard_authentication/src/main/java/at/gv/egovernment/moa/id/auth/modules/internal/tasks/VerifyCertificateTask.java b/id/server/modules/moa-id-modul-citizencard_authentication/src/main/java/at/gv/egovernment/moa/id/auth/modules/internal/tasks/VerifyCertificateTask.java
index 2734d1027..5c9a069ee 100644
--- a/id/server/modules/moa-id-modul-citizencard_authentication/src/main/java/at/gv/egovernment/moa/id/auth/modules/internal/tasks/VerifyCertificateTask.java
+++ b/id/server/modules/moa-id-modul-citizencard_authentication/src/main/java/at/gv/egovernment/moa/id/auth/modules/internal/tasks/VerifyCertificateTask.java
@@ -1,7 +1,7 @@
package at.gv.egovernment.moa.id.auth.modules.internal.tasks;
-import static at.gv.egovernment.moa.id.auth.MOAIDAuthConstants.*;
-import iaik.x509.X509Certificate;
+import static at.gv.egovernment.moa.id.auth.MOAIDAuthConstants.PARAM_TARGET_PENDINGREQUESTID;
+import static at.gv.egovernment.moa.id.auth.MOAIDAuthConstants.REQ_GET_FOREIGN_ID;
import java.io.IOException;
import java.util.Map;
@@ -11,28 +11,28 @@ import javax.servlet.http.HttpServletResponse;
import org.apache.commons.fileupload.FileUploadException;
import org.apache.commons.lang.StringEscapeUtils;
+import org.apache.commons.lang3.ObjectUtils;
+import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.beans.factory.annotation.Qualifier;
+import org.springframework.stereotype.Service;
import at.gv.egovernment.moa.id.advancedlogging.MOAIDEventConstants;
-import at.gv.egovernment.moa.id.advancedlogging.MOAReversionLogger;
import at.gv.egovernment.moa.id.auth.AuthenticationServer;
+import at.gv.egovernment.moa.id.auth.MOAIDAuthConstants;
import at.gv.egovernment.moa.id.auth.builder.DataURLBuilder;
import at.gv.egovernment.moa.id.auth.data.AuthenticationSession;
import at.gv.egovernment.moa.id.auth.exception.AuthenticationException;
import at.gv.egovernment.moa.id.auth.exception.MOAIDException;
-import at.gv.egovernment.moa.id.auth.exception.WrongParametersException;
import at.gv.egovernment.moa.id.auth.modules.AbstractAuthServletTask;
import at.gv.egovernment.moa.id.auth.modules.TaskExecutionException;
-
import at.gv.egovernment.moa.id.commons.db.ex.MOADatabaseException;
import at.gv.egovernment.moa.id.moduls.IRequest;
-import at.gv.egovernment.moa.id.moduls.RequestStorage;
import at.gv.egovernment.moa.id.process.api.ExecutionContext;
-import at.gv.egovernment.moa.id.storage.AuthenticationSessionStoreage;
import at.gv.egovernment.moa.id.util.CitizenCardServletUtils;
-import at.gv.egovernment.moa.id.util.ParamValidatorUtils;
-import at.gv.egovernment.moa.id.util.ServletUtils;
import at.gv.egovernment.moa.logging.Logger;
import at.gv.egovernment.moa.spss.util.CertificateUtils;
+import at.gv.egovernment.moa.util.MiscUtil;
+import iaik.x509.X509Certificate;
/**
* Parses the certificate from {@code InfoBoxReadResponse} (via POST parameter {@linkplain at.gv.egovernment.moa.id.auth.MOAIDAuthConstants#PARAM_XMLRESPONSE PARAM_XMLRESPONSE}), creates the auth block to be signed and returns a {@code CreateXMLSignatureRequest} for auth block signature.<p/>
@@ -59,15 +59,18 @@ import at.gv.egovernment.moa.spss.util.CertificateUtils;
* @see #execute(ExecutionContext, HttpServletRequest, HttpServletResponse)
*
*/
+@Service("VerifyCertificateTask")
public class VerifyCertificateTask extends AbstractAuthServletTask {
+ @Autowired @Qualifier("CitizenCardAuthenticationServer") private AuthenticationServer authServer;
+
@Override
public void execute(ExecutionContext executionContext, HttpServletRequest req, HttpServletResponse resp)
throws TaskExecutionException {
// note: code taken from at.gv.egovernment.moa.id.auth.servlet.VerifyCertificateServlet
- Logger.debug("POST VerifyCertificateServlet");
+ Logger.debug("Reveive VerifyCertificate Response");
Map<String, String> parameters;
try
@@ -78,48 +81,73 @@ public class VerifyCertificateTask extends AbstractAuthServletTask {
Logger.error("Parsing mulitpart/form-data request parameters failed: " + e.getMessage());
throw new TaskExecutionException("Parsing mulitpart/form-data request parameters failed", new IOException(e.getMessage()));
}
- String sessionID = req.getParameter(PARAM_SESSIONID);
-
- // escape parameter strings
- sessionID = StringEscapeUtils.escapeHtml(sessionID);
- AuthenticationSession session = null;
try {
- // check parameter
- if (!ParamValidatorUtils.isValidSessionID(sessionID))
- throw new WrongParametersException("VerifyCertificate", PARAM_SESSIONID, "auth.12");
-
- session = AuthenticationServer.getSession(sessionID);
-
- IRequest pendingReq = RequestStorage.getPendingRequest(
- (String) executionContext.get("pendingRequestID"));
- MOAReversionLogger.getInstance().logEvent(pendingReq.getOnlineApplicationConfiguration(),
+ String pendingRequestID = StringEscapeUtils.escapeHtml(
+ ObjectUtils.defaultIfNull(
+ req.getParameter(PARAM_TARGET_PENDINGREQUESTID),
+ (String) executionContext.get(PARAM_TARGET_PENDINGREQUESTID)));
+
+ if (MiscUtil.isEmpty(pendingRequestID)) {
+ Logger.info("No PendingRequestID received");
+ throw new MOAIDException("auth.10", new Object[]{"VerifyIdentityLink", "pendingRequestID"});
+ }
+
+ IRequest pendingReq = requestStoreage.getPendingRequest(pendingRequestID);
+
+ if (pendingReq == null) {
+ Logger.info("No PendingRequest with Id: " + pendingRequestID + " Maybe, a transaction timeout occure.");
+ throw new MOAIDException("auth.28", new Object[]{pendingRequestID});
+
+ }
+
+ //change pending-request ID
+ String newPendingRequestID = requestStoreage.changePendingRequestID(pendingReq);
+ executionContext.put(MOAIDAuthConstants.PARAM_TARGET_PENDINGREQUESTID, newPendingRequestID);
+
+ AuthenticationSession moasession = null;;
+ try {
+ moasession = authenticatedSessionStorage.getSession(pendingReq.getMOASessionIdentifier());
+
+ if (moasession == null) {
+ Logger.warn("MOASessionID is empty.");
+ throw new MOAIDException("auth.18", new Object[] {});
+ }
+
+ } catch (MOADatabaseException e) {
+ Logger.info("MOASession with SessionID=" + pendingReq.getMOASessionIdentifier() + " is not found in Database");
+ throw new MOAIDException("init.04", new Object[] { pendingReq.getMOASessionIdentifier() });
+
+ } catch (Throwable e) {
+ Logger.info("No HTTP Session found!");
+ throw new MOAIDException("auth.18", new Object[] {});
+ }
+
+ revisionsLogger.logEvent(pendingReq.getOnlineApplicationConfiguration(),
pendingReq, MOAIDEventConstants.AUTHPROCESS_BKU_DATAURL_IP, req.getRemoteHost());
- //change MOASessionID
- sessionID = AuthenticationSessionStoreage.changeSessionID(session);
- X509Certificate cert = AuthenticationServer.getInstance().getCertificate(pendingReq, sessionID, parameters);
+ X509Certificate cert = authServer.getCertificate(pendingReq, parameters);
if (cert == null) {
Logger.error("Certificate could not be read.");
throw new AuthenticationException("auth.14", null);
}
- boolean useMandate = session.getUseMandate();
+ boolean useMandate = moasession.getUseMandate();
if (useMandate) {
// verify certificate for OrganWalter
- String createXMLSignatureRequestOrRedirect = AuthenticationServer.getInstance().verifyCertificate(session, cert, pendingReq);
+ String createXMLSignatureRequestOrRedirect = authServer.verifyCertificate(moasession, cert, pendingReq);
try {
- AuthenticationSessionStoreage.storeSession(session);
+ authenticatedSessionStorage.storeSession(moasession);
+
} catch (MOADatabaseException e) {
throw new MOAIDException("session store error", null);
}
- // TODO[branch]: Mandate; respond with CXSR for authblock signature, dataURL "/VerifyAuthBlock"
- CitizenCardServletUtils.writeCreateXMLSignatureRequestOrRedirect(resp, session, createXMLSignatureRequestOrRedirect, AuthenticationServer.REQ_PROCESS_VALIDATOR_INPUT, "VerifyCertificate");
+ CitizenCardServletUtils.writeCreateXMLSignatureRequestOrRedirect(resp, pendingReq, createXMLSignatureRequestOrRedirect, AuthenticationServer.REQ_PROCESS_VALIDATOR_INPUT, "VerifyCertificate");
}
else {
@@ -133,24 +161,24 @@ public class VerifyCertificateTask extends AbstractAuthServletTask {
}
// Foreign Identities Modus
- MOAReversionLogger.getInstance().logEvent(pendingReq.getOnlineApplicationConfiguration(),
+ revisionsLogger.logEvent(pendingReq.getOnlineApplicationConfiguration(),
pendingReq, MOAIDEventConstants.AUTHPROCESS_FOREIGN_FOUND);
- String createXMLSignatureRequest = AuthenticationServer.getInstance().createXMLSignatureRequestForeignID(session, cert);
+ String createXMLSignatureRequest = authServer.createXMLSignatureRequestForeignID(moasession, cert);
// build dataurl (to the GetForeignIDSerlvet)
String dataurl =
new DataURLBuilder().buildDataURL(
- session.getAuthURL(),
+ pendingReq.getAuthURL(),
REQ_GET_FOREIGN_ID,
- session.getSessionID());
+ pendingReq.getRequestID());
- try {
- AuthenticationSessionStoreage.storeSession(session);
+ try {
+ authenticatedSessionStorage.storeSession(moasession);
+
} catch (MOADatabaseException e) {
throw new MOAIDException("session store error", null);
}
- // TODO[branch]: Foreign citizen; respond with CXSR for authblock signature, dataURL "/GetForeignID"
CitizenCardServletUtils.writeCreateXMLSignatureRequest(resp, createXMLSignatureRequest, AuthenticationServer.REQ_PROCESS_VALIDATOR_INPUT, "GetForeignID", dataurl);
Logger.debug("Send CreateXMLSignatureRequest to BKU");
diff --git a/id/server/modules/moa-id-modul-citizencard_authentication/src/main/java/at/gv/egovernment/moa/id/auth/modules/internal/tasks/VerifyIdentityLinkTask.java b/id/server/modules/moa-id-modul-citizencard_authentication/src/main/java/at/gv/egovernment/moa/id/auth/modules/internal/tasks/VerifyIdentityLinkTask.java
index 50ef11f27..2c23254e4 100644
--- a/id/server/modules/moa-id-modul-citizencard_authentication/src/main/java/at/gv/egovernment/moa/id/auth/modules/internal/tasks/VerifyIdentityLinkTask.java
+++ b/id/server/modules/moa-id-modul-citizencard_authentication/src/main/java/at/gv/egovernment/moa/id/auth/modules/internal/tasks/VerifyIdentityLinkTask.java
@@ -1,6 +1,6 @@
package at.gv.egovernment.moa.id.auth.modules.internal.tasks;
-import static at.gv.egovernment.moa.id.auth.MOAIDAuthConstants.*;
+import static at.gv.egovernment.moa.id.auth.MOAIDAuthConstants.PARAM_TARGET_PENDINGREQUESTID;
import java.io.IOException;
import java.util.Map;
@@ -9,23 +9,23 @@ import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import org.apache.commons.lang.StringEscapeUtils;
+import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.beans.factory.annotation.Qualifier;
+import org.springframework.stereotype.Service;
import at.gv.egovernment.moa.id.advancedlogging.MOAIDEventConstants;
-import at.gv.egovernment.moa.id.advancedlogging.MOAReversionLogger;
import at.gv.egovernment.moa.id.auth.AuthenticationServer;
+import at.gv.egovernment.moa.id.auth.MOAIDAuthConstants;
import at.gv.egovernment.moa.id.auth.data.AuthenticationSession;
import at.gv.egovernment.moa.id.auth.exception.MOAIDException;
import at.gv.egovernment.moa.id.auth.exception.ParseException;
-import at.gv.egovernment.moa.id.auth.exception.WrongParametersException;
import at.gv.egovernment.moa.id.auth.modules.AbstractAuthServletTask;
import at.gv.egovernment.moa.id.auth.modules.TaskExecutionException;
-
+import at.gv.egovernment.moa.id.commons.db.ex.MOADatabaseException;
import at.gv.egovernment.moa.id.moduls.IRequest;
-import at.gv.egovernment.moa.id.moduls.RequestStorage;
import at.gv.egovernment.moa.id.process.api.ExecutionContext;
-import at.gv.egovernment.moa.id.storage.AuthenticationSessionStoreage;
-import at.gv.egovernment.moa.id.util.ParamValidatorUtils;
import at.gv.egovernment.moa.logging.Logger;
+import at.gv.egovernment.moa.util.MiscUtil;
/**
* Verifies the identity link.<p/>
@@ -51,17 +51,16 @@ import at.gv.egovernment.moa.logging.Logger;
* @see #execute(ExecutionContext, HttpServletRequest, HttpServletResponse)
*
*/
+@Service("VerifyIdentityLinkTask")
public class VerifyIdentityLinkTask extends AbstractAuthServletTask {
+ @Autowired @Qualifier("CitizenCardAuthenticationServer") private AuthenticationServer authServer;
+
@Override
public void execute(ExecutionContext executionContext, HttpServletRequest req, HttpServletResponse resp)
throws TaskExecutionException {
- // note: code taken from at.gv.egovernment.moa.id.auth.servlet.VerifyIdentityLinkServlet
-
- Logger.debug("POST VerifyIdentityLink");
-
- setNoCachingHeaders(resp);
+ Logger.debug("Receive VerifyIdentityLink Response");
Map<String, String> parameters;
@@ -74,20 +73,50 @@ public class VerifyIdentityLinkTask extends AbstractAuthServletTask {
try {
- String sessionID = StringEscapeUtils.escapeHtml(req.getParameter(PARAM_SESSIONID));
- // check parameter
- if (!ParamValidatorUtils.isValidSessionID(sessionID)) {
- throw new WrongParametersException("VerifyIdentityLink", PARAM_SESSIONID, "auth.12");
+ String pendingRequestID = StringEscapeUtils.escapeHtml(req.getParameter(PARAM_TARGET_PENDINGREQUESTID));
+
+ if (MiscUtil.isEmpty(pendingRequestID)) {
+ Logger.info("No PendingRequestID received");
+ throw new MOAIDException("auth.10", new Object[]{"VerifyIdentityLink", "pendingRequestID"});
}
- AuthenticationSession session = AuthenticationServer.getSession(sessionID);
-
- IRequest pendingReq = RequestStorage.getPendingRequest(
- (String) executionContext.get("pendingRequestID"));
- MOAReversionLogger.getInstance().logEvent(pendingReq.getOnlineApplicationConfiguration(),
+
+ IRequest pendingReq = requestStoreage.getPendingRequest(pendingRequestID);
+
+ if (pendingReq == null) {
+ Logger.info("No PendingRequest with Id: " + pendingRequestID + " Maybe, a transaction timeout occure.");
+ throw new MOAIDException("auth.28", new Object[]{pendingRequestID});
+
+ }
+
+ //change pending-request ID
+ String newPendingRequestID = requestStoreage.changePendingRequestID(pendingReq);
+ executionContext.put(MOAIDAuthConstants.PARAM_TARGET_PENDINGREQUESTID, newPendingRequestID);
+
+ AuthenticationSession moasession = null;;
+ try {
+ moasession = authenticatedSessionStorage.getSession(pendingReq.getMOASessionIdentifier());
+
+ if (moasession == null) {
+ Logger.warn("MOASessionID is empty.");
+ throw new MOAIDException("auth.18", new Object[] {});
+ }
+
+ } catch (MOADatabaseException e) {
+ Logger.info("MOASession with SessionID=" + pendingReq.getMOASessionIdentifier() + " is not found in Database");
+ throw new MOAIDException("init.04", new Object[] { pendingReq.getMOASessionIdentifier() });
+
+ } catch (Throwable e) {
+ Logger.info("No HTTP Session found!");
+ throw new MOAIDException("auth.18", new Object[] {});
+ }
+
+
+ revisionsLogger.logEvent(pendingReq.getOnlineApplicationConfiguration(),
pendingReq, MOAIDEventConstants.AUTHPROCESS_BKU_DATAURL_IP, req.getRemoteHost());
- boolean identityLinkAvailable = AuthenticationServer.getInstance().verifyIdentityLink(pendingReq, session, parameters) != null;
- AuthenticationSessionStoreage.storeSession(session);
+ boolean identityLinkAvailable = authServer.verifyIdentityLink(pendingReq, moasession, parameters) != null;
+
+ authenticatedSessionStorage.storeSession(moasession);
executionContext.put("identityLinkAvailable", identityLinkAvailable);
diff --git a/id/server/modules/moa-id-modul-citizencard_authentication/src/main/java/at/gv/egovernment/moa/id/auth/servlet/CitizenCardAuthProcessEngineSignalController.java b/id/server/modules/moa-id-modul-citizencard_authentication/src/main/java/at/gv/egovernment/moa/id/auth/servlet/CitizenCardAuthProcessEngineSignalController.java
new file mode 100644
index 000000000..139be49fe
--- /dev/null
+++ b/id/server/modules/moa-id-modul-citizencard_authentication/src/main/java/at/gv/egovernment/moa/id/auth/servlet/CitizenCardAuthProcessEngineSignalController.java
@@ -0,0 +1,52 @@
+/*
+ * Copyright 2014 Federal Chancellery Austria
+ * MOA-ID has been developed in a cooperation between BRZ, the Federal
+ * Chancellery Austria - ICT staff unit, and Graz University of Technology.
+ *
+ * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by
+ * the European Commission - subsequent versions of the EUPL (the "Licence");
+ * You may not use this work except in compliance with the Licence.
+ * You may obtain a copy of the Licence at:
+ * http://www.osor.eu/eupl/
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the Licence is distributed on an "AS IS" basis,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the Licence for the specific language governing permissions and
+ * limitations under the Licence.
+ *
+ * This product combines work with different licenses. See the "NOTICE" text
+ * file for details on the various modules and licenses.
+ * The "NOTICE" text file is part of the distribution. Any derivative works
+ * that you distribute must include a readable copy of the "NOTICE" text file.
+ */
+package at.gv.egovernment.moa.id.auth.servlet;
+
+import java.io.IOException;
+
+import javax.servlet.http.HttpServletRequest;
+import javax.servlet.http.HttpServletResponse;
+
+import org.springframework.stereotype.Controller;
+import org.springframework.web.bind.annotation.RequestMapping;
+import org.springframework.web.bind.annotation.RequestMethod;
+
+/**
+ * @author tlenz
+ *
+ */
+@Controller
+public class CitizenCardAuthProcessEngineSignalController extends AbstractProcessEngineSignalController {
+
+ @RequestMapping(value = {"/GetMISSessionID",
+ "/GetForeignID",
+ "/VerifyAuthBlock",
+ "/VerifyCertificate",
+ "/VerifyIdentityLink"
+ },
+ method = {RequestMethod.POST, RequestMethod.GET})
+ public void performCitizenCardAuthentication(HttpServletRequest req, HttpServletResponse resp) throws IOException {
+ signalProcessManagement(req, resp);
+
+}
+}
diff --git a/id/server/modules/moa-id-modul-citizencard_authentication/src/main/java/at/gv/egovernment/moa/id/util/CitizenCardServletUtils.java b/id/server/modules/moa-id-modul-citizencard_authentication/src/main/java/at/gv/egovernment/moa/id/util/CitizenCardServletUtils.java
index 276d6a105..36bab9355 100644
--- a/id/server/modules/moa-id-modul-citizencard_authentication/src/main/java/at/gv/egovernment/moa/id/util/CitizenCardServletUtils.java
+++ b/id/server/modules/moa-id-modul-citizencard_authentication/src/main/java/at/gv/egovernment/moa/id/util/CitizenCardServletUtils.java
@@ -53,13 +53,13 @@ import java.io.IOException;
import java.io.OutputStream;
import java.net.URLEncoder;
-import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import at.gv.egovernment.moa.id.auth.MOAIDAuthConstants;
import at.gv.egovernment.moa.id.auth.builder.DataURLBuilder;
import at.gv.egovernment.moa.id.auth.data.AuthenticationSession;
import at.gv.egovernment.moa.id.auth.exception.MOAIDException;
+import at.gv.egovernment.moa.id.moduls.IRequest;
import at.gv.egovernment.moa.logging.Logger;
/**
@@ -73,21 +73,21 @@ public class CitizenCardServletUtils extends ServletUtils{
* depending on the requests starting text.
*
* @param resp The httpServletResponse
- * @param session The current AuthenticationSession
+ * @param pendingReq The current AuthenticationSession
* @param createXMLSignatureRequestOrRedirect The request
* @param servletGoal The servlet to which the redirect should happen
* @param servletName The servlet name for debug purposes
* @throws MOAIDException
* @throws IOException
*/
- public static void writeCreateXMLSignatureRequestOrRedirect(HttpServletResponse resp, AuthenticationSession session, String createXMLSignatureRequestOrRedirect, String servletGoal, String servletName)
+ public static void writeCreateXMLSignatureRequestOrRedirect(HttpServletResponse resp, IRequest pendingReq, String createXMLSignatureRequestOrRedirect, String servletGoal, String servletName)
throws MOAIDException,
IOException
{
if (!createXMLSignatureRequestOrRedirect.startsWith("Redirect")) {
resp.setStatus(307);
String dataURL = new DataURLBuilder().buildDataURL(
- session.getAuthURL(), MOAIDAuthConstants.REQ_VERIFY_AUTH_BLOCK, session.getSessionID());
+ pendingReq.getAuthURL(), MOAIDAuthConstants.REQ_VERIFY_AUTH_BLOCK, pendingReq.getRequestID());
resp.addHeader("Location", dataURL);
//TODO test impact of explicit setting charset with older versions of BKUs (HotSign)
@@ -100,7 +100,7 @@ public class CitizenCardServletUtils extends ServletUtils{
Logger.debug("Finished POST " + servletName);
} else {
- String redirectURL = new DataURLBuilder().buildDataURL(session.getAuthURL(), servletGoal, session.getSessionID());
+ String redirectURL = new DataURLBuilder().buildDataURL(pendingReq.getAuthURL(), servletGoal, pendingReq.getRequestID());
resp.setContentType("text/html");
resp.setStatus(302);
resp.addHeader("Location", redirectURL);