aboutsummaryrefslogtreecommitdiff
path: root/id/server/modules/moa-id-module-sl20_authentication/src/main/java/at/gv/egovernment/moa/id/auth/modules/sl20_auth/sl20/SL20JSONExtractorUtils.java
diff options
context:
space:
mode:
Diffstat (limited to 'id/server/modules/moa-id-module-sl20_authentication/src/main/java/at/gv/egovernment/moa/id/auth/modules/sl20_auth/sl20/SL20JSONExtractorUtils.java')
-rw-r--r--id/server/modules/moa-id-module-sl20_authentication/src/main/java/at/gv/egovernment/moa/id/auth/modules/sl20_auth/sl20/SL20JSONExtractorUtils.java89
1 files changed, 55 insertions, 34 deletions
diff --git a/id/server/modules/moa-id-module-sl20_authentication/src/main/java/at/gv/egovernment/moa/id/auth/modules/sl20_auth/sl20/SL20JSONExtractorUtils.java b/id/server/modules/moa-id-module-sl20_authentication/src/main/java/at/gv/egovernment/moa/id/auth/modules/sl20_auth/sl20/SL20JSONExtractorUtils.java
index 6949b7a18..2e81d9c64 100644
--- a/id/server/modules/moa-id-module-sl20_authentication/src/main/java/at/gv/egovernment/moa/id/auth/modules/sl20_auth/sl20/SL20JSONExtractorUtils.java
+++ b/id/server/modules/moa-id-module-sl20_authentication/src/main/java/at/gv/egovernment/moa/id/auth/modules/sl20_auth/sl20/SL20JSONExtractorUtils.java
@@ -1,7 +1,6 @@
package at.gv.egovernment.moa.id.auth.modules.sl20_auth.sl20;
import java.io.InputStreamReader;
-import java.net.URLDecoder;
import java.util.Base64;
import java.util.HashMap;
import java.util.Iterator;
@@ -13,6 +12,7 @@ import org.apache.http.HttpEntity;
import org.apache.http.HttpResponse;
import org.apache.http.client.utils.URIBuilder;
import org.apache.log4j.Logger;
+import org.jose4j.base64url.Base64Url;
import com.google.gson.JsonElement;
import com.google.gson.JsonObject;
@@ -107,45 +107,64 @@ public class SL20JSONExtractorUtils {
}
/**
- * Extract Map of Key/Value pairs from a JSON Array
+ * Extract Map of Key/Value pairs from a JSON Element
*
- * @param input
- * @param keyID
+ * @param input parent JSON object
+ * @param keyID KeyId of the child that should be parsed
* @param isRequired
* @return
* @throws SLCommandoParserException
*/
public static Map<String, String> getMapOfStringElements(JsonObject input, String keyID, boolean isRequired) throws SLCommandoParserException {
JsonElement internal = getAndCheck(input, keyID, isRequired);
+ return getMapOfStringElements(internal);
+ }
+
+ /**
+ * Extract Map of Key/Value pairs from a JSON Element
+ *
+ * @param input
+ * @return
+ * @throws SLCommandoParserException
+ */
+ public static Map<String, String> getMapOfStringElements(JsonElement input) throws SLCommandoParserException {
Map<String, String> result = new HashMap<String, String>();
- if (internal != null) {
- if (!internal.isJsonArray())
- throw new SLCommandoParserException("JSON Element IS NOT a JSON array");
-
- Iterator<JsonElement> arrayIterator = internal.getAsJsonArray().iterator();
- while(arrayIterator.hasNext()) {
- //JsonObject next = arrayIterator.next().getAsJsonObject();
- //result.put(
- // next.get(SL20Constants.SL20_COMMAND_PARAM_GENERAL_REQPARAMETER_KEY).getAsString(),
- // next.get(SL20Constants.SL20_COMMAND_PARAM_GENERAL_REQPARAMETER_VALUE).getAsString());
- JsonElement next = arrayIterator.next();
- Iterator<Entry<String, JsonElement>> entry = next.getAsJsonObject().entrySet().iterator();
- while (entry.hasNext()) {
- Entry<String, JsonElement> el = entry.next();
- if (result.containsKey(el.getKey()))
- log.info("Attr. Map already contains Element with Key: " + el.getKey() + ". Overwrite element ... ");
-
- result.put(el.getKey(), el.getValue().getAsString());
+ if (input != null) {
+ if (input.isJsonArray()) {
+ Iterator<JsonElement> arrayIterator = input.getAsJsonArray().iterator();
+ while(arrayIterator.hasNext()) {
+ JsonElement next = arrayIterator.next();
+ Iterator<Entry<String, JsonElement>> entry = next.getAsJsonObject().entrySet().iterator();
+ entitySetToMap(result, entry);
- }
- }
+ }
+
+ } else if (input.isJsonObject()) {
+ Iterator<Entry<String, JsonElement>> objectKeys = input.getAsJsonObject().entrySet().iterator();
+ entitySetToMap(result, objectKeys);
+
+ } else
+ throw new SLCommandoParserException("JSON Element IS NOT a JSON array or a JSON object");
+
}
return result;
}
+ private static void entitySetToMap(Map<String, String> result, Iterator<Entry<String, JsonElement>> entry) {
+ while (entry.hasNext()) {
+ Entry<String, JsonElement> el = entry.next();
+ if (result.containsKey(el.getKey()))
+ log.info("Attr. Map already contains Element with Key: " + el.getKey() + ". Overwrite element ... ");
+
+ result.put(el.getKey(), el.getValue().getAsString());
+
+ }
+
+ }
+
public static JsonElement extractSL20Result(JsonObject command, IJOSETools decrypter, boolean mustBeEncrypted) throws SL20Exception {
JsonElement result = command.get(SL20Constants.SL20_COMMAND_CONTAINER_RESULT);
@@ -207,19 +226,21 @@ public class SL20JSONExtractorUtils {
if (sl20Payload == null && sl20SignedPayload == null)
throw new SLCommandoParserException("NO payLoad OR signedPayload FOUND.");
- else if (sl20Payload == null && sl20SignedPayload == null)
- throw new SLCommandoParserException("payLoad AND signedPayload FOUND. Can not used twice");
-
+ //TODO:
+ //else if (sl20Payload != null && sl20SignedPayload != null) {
+ //log.warn("Find 'signed' AND 'unsigned' SL2.0 payload");
+ //throw new SLCommandoParserException("payLoad AND signedPayload FOUND. Can not used twice");
+ //}
else if (sl20SignedPayload == null && mustBeSigned)
throw new SLCommandoParserException("payLoad MUST be signed.");
+
+ else if (joseTools != null && sl20SignedPayload != null && sl20SignedPayload.isJsonPrimitive()) {
+ return joseTools.validateSignature(sl20SignedPayload.getAsString());
- else if (sl20Payload != null)
+ } else if (sl20Payload != null)
return new VerificationResult(sl20Payload.getAsJsonObject());
- else if (sl20SignedPayload != null && sl20SignedPayload.isJsonPrimitive()) {
- return joseTools.validateSignature(sl20SignedPayload.getAsString());
-
- } else
+ else
throw new SLCommandoParserException("Internal build error");
@@ -242,10 +263,10 @@ public class SL20JSONExtractorUtils {
throw new SLCommandoParserException("Find Redirect statuscode but not Location header");
String sl20RespString = new URIBuilder(locationHeader[0].getValue()).getQueryParams().get(0).getValue();
- sl20Resp = new JsonParser().parse(URLDecoder.decode(sl20RespString)).getAsJsonObject();
+ sl20Resp = new JsonParser().parse(Base64Url.encode((sl20RespString.getBytes()))).getAsJsonObject();
} else if (httpResp.getStatusLine().getStatusCode() == 200) {
- if (!httpResp.getEntity().getContentType().getValue().equals("application/json;charset=UTF-8"))
+ if (!httpResp.getEntity().getContentType().getValue().startsWith("application/json"))
throw new SLCommandoParserException("SL20 response with a wrong ContentType: " + httpResp.getEntity().getContentType().getValue());
sl20Resp = parseSL20ResultFromResponse(httpResp.getEntity());
generated by cgit v1.2.3 (git 2.25.1) at 2024-08-22 04:07:12 +0000