aboutsummaryrefslogtreecommitdiff
path: root/id/server/modules/moa-id-module-ssoTransfer/src/main/java/at/gv/egovernment/moa/id/auth/modules/ssotransfer/servlet/SSOTransferServlet.java
diff options
context:
space:
mode:
Diffstat (limited to 'id/server/modules/moa-id-module-ssoTransfer/src/main/java/at/gv/egovernment/moa/id/auth/modules/ssotransfer/servlet/SSOTransferServlet.java')
-rw-r--r--id/server/modules/moa-id-module-ssoTransfer/src/main/java/at/gv/egovernment/moa/id/auth/modules/ssotransfer/servlet/SSOTransferServlet.java40
1 files changed, 28 insertions, 12 deletions
diff --git a/id/server/modules/moa-id-module-ssoTransfer/src/main/java/at/gv/egovernment/moa/id/auth/modules/ssotransfer/servlet/SSOTransferServlet.java b/id/server/modules/moa-id-module-ssoTransfer/src/main/java/at/gv/egovernment/moa/id/auth/modules/ssotransfer/servlet/SSOTransferServlet.java
index af64e745e..dc2baab7d 100644
--- a/id/server/modules/moa-id-module-ssoTransfer/src/main/java/at/gv/egovernment/moa/id/auth/modules/ssotransfer/servlet/SSOTransferServlet.java
+++ b/id/server/modules/moa-id-module-ssoTransfer/src/main/java/at/gv/egovernment/moa/id/auth/modules/ssotransfer/servlet/SSOTransferServlet.java
@@ -72,11 +72,18 @@ import org.springframework.web.bind.annotation.RequestMethod;
import com.google.gson.JsonObject;
import com.google.gson.JsonParser;
+import at.gv.egiz.eaaf.core.api.gui.IGUIFormBuilder;
+import at.gv.egiz.eaaf.core.api.storage.ITransactionStorage;
+import at.gv.egiz.eaaf.core.exceptions.EAAFException;
+import at.gv.egiz.eaaf.core.exceptions.EAAFStorageException;
+import at.gv.egiz.eaaf.core.impl.utils.FileUtils;
+import at.gv.egiz.eaaf.core.impl.utils.HTTPUtils;
+import at.gv.egiz.eaaf.core.impl.utils.Random;
+import at.gv.egiz.eaaf.modules.pvp2.exception.CredentialsNotAvailableException;
import at.gv.egovernment.moa.id.auth.data.AuthenticationSession;
import at.gv.egovernment.moa.id.auth.exception.AuthenticationException;
import at.gv.egovernment.moa.id.auth.exception.ParseException;
import at.gv.egovernment.moa.id.auth.frontend.builder.DefaultGUIFormBuilderConfiguration;
-import at.gv.egovernment.moa.id.auth.frontend.builder.IGUIFormBuilder;
import at.gv.egovernment.moa.id.auth.modules.ssotransfer.SSOTransferConstants;
import at.gv.egovernment.moa.id.auth.modules.ssotransfer.data.Pair;
import at.gv.egovernment.moa.id.auth.modules.ssotransfer.data.SSOTransferContainer;
@@ -84,20 +91,16 @@ import at.gv.egovernment.moa.id.auth.modules.ssotransfer.utils.SSOContainerUtils
import at.gv.egovernment.moa.id.auth.parser.IdentityLinkAssertionParser;
import at.gv.egovernment.moa.id.commons.api.AuthConfiguration;
import at.gv.egovernment.moa.id.commons.api.data.IAuthenticationSession;
+import at.gv.egovernment.moa.id.commons.api.exceptions.ConfigurationException;
import at.gv.egovernment.moa.id.commons.api.exceptions.MOAIDException;
import at.gv.egovernment.moa.id.commons.api.exceptions.SessionDataStorageException;
import at.gv.egovernment.moa.id.commons.db.ex.MOADatabaseException;
import at.gv.egovernment.moa.id.config.auth.AuthConfigurationProviderFactory;
import at.gv.egovernment.moa.id.moduls.SSOManager;
-import at.gv.egovernment.moa.id.protocols.pvp2x.signer.CredentialsNotAvailableException;
import at.gv.egovernment.moa.id.protocols.pvp2x.signer.IDPCredentialProvider;
import at.gv.egovernment.moa.id.storage.IAuthenticationSessionStoreage;
-import at.gv.egovernment.moa.id.storage.ITransactionStorage;
-import at.gv.egovernment.moa.id.util.HTTPUtils;
-import at.gv.egovernment.moa.id.util.Random;
import at.gv.egovernment.moa.logging.Logger;
import at.gv.egovernment.moa.util.Base64Utils;
-import at.gv.egovernment.moa.util.FileUtils;
import at.gv.egovernment.moa.util.MiscUtil;
import net.glxn.qrgen.QRCode;
import net.glxn.qrgen.image.ImageType;
@@ -138,7 +141,7 @@ public class SSOTransferServlet{
* @throws IOException
*/
@RequestMapping(value = { "/TestTransferSSOSession"
- },
+ },
method = {RequestMethod.GET})
public void testTransferSSOSessionGUIWithoutAuthentication(HttpServletRequest req, HttpServletResponse resp) throws IOException {
try {
@@ -200,7 +203,7 @@ public class SSOTransferServlet{
InputStream idlstream = idlURL.openStream();
moaSession.setIdentityLink(new IdentityLinkAssertionParser(idlstream).parseIdentityLink());
internalTransferPersonalInformation(req, resp, container, moaSession, true);
-
+
} else {
Logger.info("Servlet " + getClass().getName() + " receive a token:" +
token + ", which references an empty data object.");
@@ -267,6 +270,14 @@ public class SSOTransferServlet{
Logger.warn("Device inpersonisation FAILED: " + e.getMessage(), e);
resp.sendError(HttpServletResponse.SC_BAD_REQUEST, StringEscapeUtils.escapeHtml(e.getMessage()));
+ } catch (ConfigurationException e) {
+ Logger.warn("Device inpersonisation FAILED: " + e.getMessage(), e);
+ resp.sendError(HttpServletResponse.SC_BAD_REQUEST, StringEscapeUtils.escapeHtml(e.getMessage()));
+
+ } catch (EAAFException e) {
+ Logger.warn("Device inpersonisation FAILED: " + e.getMessage(), e);
+ resp.sendError(HttpServletResponse.SC_BAD_REQUEST, StringEscapeUtils.escapeHtml(e.getMessage()));
+
}
} else {
@@ -367,6 +378,11 @@ public class SSOTransferServlet{
} catch (NoSuchPaddingException e) {
e.printStackTrace();
resp.sendError(HttpServletResponse.SC_BAD_REQUEST, StringEscapeUtils.escapeHtml(e.getMessage()));
+
+ } catch (EAAFException e) {
+ e.printStackTrace();
+ resp.sendError(HttpServletResponse.SC_BAD_REQUEST, StringEscapeUtils.escapeHtml(e.getMessage()));
+
}
@@ -405,10 +421,10 @@ public class SSOTransferServlet{
if (ssomanager.isValidSSOSession(ssoid, null)) {
//create first step of SSO Transfer GUI
- IAuthenticationSession authSession = authenticationSessionStorage.getInternalMOASessionWithSSOID(ssoid);
- if(authSession != null) {
+ String ssoSessionId = authenticationSessionStorage.getInternalSSOSessionWithSSOID(ssoid);
+ if(ssoSessionId != null) {
internalCreateQRCodeForTransfer(resp, authURL,
- authSession.getSessionID(),
+ ssoSessionId,
SSOTransferConstants.SERVLET_SSOTRANSFER_TO_SMARTPHONE, config);
return;
@@ -436,7 +452,7 @@ public class SSOTransferServlet{
}
private void internalTransferPersonalInformation(HttpServletRequest req, HttpServletResponse resp,
- SSOTransferContainer container, IAuthenticationSession moaSession, boolean developmentMode) throws IOException, InvalidKeyException, NoSuchAlgorithmException, InvalidKeySpecException, OperatorCreationException, CredentialsNotAvailableException, PKCSException, CertificateException, SessionDataStorageException, IllegalBlockSizeException, BadPaddingException, NoSuchPaddingException {
+ SSOTransferContainer container, IAuthenticationSession moaSession, boolean developmentMode) throws IOException, InvalidKeyException, NoSuchAlgorithmException, InvalidKeySpecException, OperatorCreationException, CredentialsNotAvailableException, PKCSException, CertificateException, SessionDataStorageException, IllegalBlockSizeException, BadPaddingException, NoSuchPaddingException, EAAFStorageException {
Logger.debug("");
JsonObject receivedData = getJSONObjectFromPostMessage(req, developmentMode);
generated by cgit v1.2.3 (git 2.25.1) at 2024-06-03 12:30:20 +0000