aboutsummaryrefslogtreecommitdiff
path: root/id/server
diff options
context:
space:
mode:
Diffstat (limited to 'id/server')
-rw-r--r--id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/id/commons/validation/TargetValidator.java104
-rw-r--r--id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/id/commons/validation/ValidationHelper.java387
2 files changed, 491 insertions, 0 deletions
diff --git a/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/id/commons/validation/TargetValidator.java b/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/id/commons/validation/TargetValidator.java
new file mode 100644
index 000000000..2ad50568a
--- /dev/null
+++ b/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/id/commons/validation/TargetValidator.java
@@ -0,0 +1,104 @@
+/*******************************************************************************
+ * Copyright 2014 Federal Chancellery Austria
+ * MOA-ID has been developed in a cooperation between BRZ, the Federal
+ * Chancellery Austria - ICT staff unit, and Graz University of Technology.
+ *
+ * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by
+ * the European Commission - subsequent versions of the EUPL (the "Licence");
+ * You may not use this work except in compliance with the Licence.
+ * You may obtain a copy of the Licence at:
+ * http://www.osor.eu/eupl/
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the Licence is distributed on an "AS IS" basis,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the Licence for the specific language governing permissions and
+ * limitations under the Licence.
+ *
+ * This product combines work with different licenses. See the "NOTICE" text
+ * file for details on the various modules and licenses.
+ * The "NOTICE" text file is part of the distribution. Any derivative works
+ * that you distribute must include a readable copy of the "NOTICE" text file.
+ *******************************************************************************/
+package at.gv.egovernment.moa.id.commons.validation;
+
+import java.util.ArrayList;
+import java.util.Collections;
+import java.util.HashMap;
+import java.util.List;
+import java.util.Map;
+
+import at.gv.egovernment.moa.util.MiscUtil;
+
+
+public class TargetValidator {
+
+ private static Map<String, String> targetList = null;
+
+ static {
+ targetList = new HashMap<String, String>();
+ targetList.put("AR", "Arbeit");
+ targetList.put("AS", "Amtliche Statistik");
+ targetList.put("BF", "Bildung und Forschung");
+ targetList.put("BW", "Bauen und Wohnen");
+ targetList.put("EA", "EU und Auswärtige Angelegenheiten");
+ targetList.put("EF", "Ein- und Ausfuhr");
+ targetList.put("GH", "Gesundheit");
+ targetList.put("GS", "Gesellschaft und Soziales");
+// targetList.put("GS-RE", "Restitution");
+ targetList.put("JR", "Justiz/Zivilrechtswesen");
+ targetList.put("KL", "Kultus");
+ targetList.put("KU", "Kunst und Kultur");
+ targetList.put("LF", "Land- und Forstwirtschaft");
+ targetList.put("LV", "Landesverteidigung");
+ targetList.put("RT", "Rundfunk und sonstige Medien sowie Telekommunikation");
+ targetList.put("SA", "Steuern und Abgaben");
+ targetList.put("SA", "Sport und Freizeit");
+ targetList.put("SO", "Sicherheit und Ordnung");
+// targetList.put("SO-VR", "Vereinsregister");
+// targetList.put("SR-RG", "Strafregister");
+ targetList.put("SV", "Sozialversicherung");
+ targetList.put("UW", "Umwelt");
+ targetList.put("VT", "Verkehr und Technik");
+ targetList.put("VV", "Vermögensverwaltung");
+ targetList.put("WT", "Wirtschaft");
+ targetList.put("ZP", "Personenidentität und Bürgerrechte(zur Person)");
+ targetList.put("BR", "Bereichsübergreifender Rechtsschutz");
+ targetList.put("HR", "Zentrales Rechnungswesen");
+ targetList.put("KI", "Auftraggeberinterne allgemeine Kanzleiindizes");
+ targetList.put("OI", "Öffentlichkeitsarbeit");
+ targetList.put("PV", "Personalverwaltung");
+ targetList.put("RD", "Zentraler Rechtsdienst");
+ targetList.put("VS", "Zentrale Durchführung von Verwaltungsstrafverfahren");
+// targetList.put("VS-RG", "Zentrales Verwaltungsstrafregister");
+ targetList.put("ZU", "Zustellungen");
+ }
+
+ public static List<String> getListOfTargets() {
+ Map<String, String> list = new HashMap<String, String>();
+ list.put("", "");
+ list.putAll(targetList);
+
+ List<String> sortedList = new ArrayList<String>();
+ sortedList.addAll(list.keySet());
+ Collections.sort(sortedList);
+
+ return sortedList;
+
+ }
+
+ public static String getTargetFriendlyName(String target) {
+ String name = targetList.get(target);
+
+ if (MiscUtil.isNotEmpty(name))
+ return name;
+ else
+ return null;
+ }
+
+ public static boolean isValidTarget(String target) {
+ return targetList.containsKey(target);
+ }
+
+
+}
diff --git a/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/id/commons/validation/ValidationHelper.java b/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/id/commons/validation/ValidationHelper.java
new file mode 100644
index 000000000..be6d7d01e
--- /dev/null
+++ b/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/id/commons/validation/ValidationHelper.java
@@ -0,0 +1,387 @@
+/*******************************************************************************
+ * Copyright 2014 Federal Chancellery Austria
+ * MOA-ID has been developed in a cooperation between BRZ, the Federal
+ * Chancellery Austria - ICT staff unit, and Graz University of Technology.
+ *
+ * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by
+ * the European Commission - subsequent versions of the EUPL (the "Licence");
+ * You may not use this work except in compliance with the Licence.
+ * You may obtain a copy of the Licence at:
+ * http://www.osor.eu/eupl/
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the Licence is distributed on an "AS IS" basis,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the Licence for the specific language governing permissions and
+ * limitations under the Licence.
+ *
+ * This product combines work with different licenses. See the "NOTICE" text
+ * file for details on the various modules and licenses.
+ * The "NOTICE" text file is part of the distribution. Any derivative works
+ * that you distribute must include a readable copy of the "NOTICE" text file.
+ *******************************************************************************/
+package at.gv.egovernment.moa.id.commons.validation;
+
+import iaik.asn1.ObjectID;
+import iaik.utils.Util;
+import iaik.x509.X509Certificate;
+import iaik.x509.X509ExtensionInitException;
+
+import java.io.IOException;
+import java.net.MalformedURLException;
+import java.net.URL;
+import java.net.UnknownHostException;
+import java.security.cert.Certificate;
+import java.security.cert.CertificateEncodingException;
+import java.security.cert.CertificateException;
+import java.text.ParseException;
+import java.text.SimpleDateFormat;
+import java.util.regex.Matcher;
+import java.util.regex.Pattern;
+
+import javax.net.ssl.HttpsURLConnection;
+import javax.net.ssl.SSLSession;
+import javax.net.ssl.SSLSocket;
+import javax.net.ssl.SSLSocketFactory;
+
+import org.apache.log4j.Logger;
+
+
+public class ValidationHelper {
+
+ public static final String PUBLICSERVICE_URL_POSTFIX = ".gv.at";
+
+ private static final Logger log = Logger.getLogger(ValidationHelper.class);
+ private static final String TEMPLATE_DATEFORMAT = "dd.MM.yyyy";
+
+
+
+ public static boolean isPublicServiceAllowed(String identifier) {
+
+ SSLSocket socket = null;
+
+ try {
+ URL url = new URL(identifier);
+ String host = url.getHost();
+
+ if (host.endsWith("/"))
+ host = host.substring(0, host.length()-1);
+
+ if (url.getHost().endsWith(PUBLICSERVICE_URL_POSTFIX)) {
+ log.debug("PublicURLPrefix with .gv.at Domain found.");
+ return true;
+
+ } else {
+ SSLSocketFactory factory = HttpsURLConnection.getDefaultSSLSocketFactory();
+ socket = (SSLSocket) factory.createSocket(url.getHost(), url.getPort());
+ socket.startHandshake();
+
+ SSLSession session = socket.getSession();
+ Certificate[] servercerts = session.getPeerCertificates();
+ X509Certificate[] iaikChain = new X509Certificate[servercerts.length];
+ for (int i=0; i<servercerts.length; i++) {
+ iaikChain[i] = new X509Certificate(servercerts[i].getEncoded());
+ }
+
+
+ X509Certificate cert = Util.arrangeCertificateChain(iaikChain, false)[0];
+
+ if (cert != null) {
+ ObjectID vwOID = new ObjectID("1.2.40.0.10.1.1.1"); // Verwaltungseigenschaft
+ ObjectID dOID = new ObjectID("1.2.40.0.10.1.1.2"); // Dienstleistereigenschaft
+
+
+ if ((cert.getExtension(vwOID) == null) && (cert.getExtension(dOID) == null)) {
+ return false;
+
+ } else {
+ log.info("Found correct X509 Extension in server certificate. PublicService is allowed");
+ return true;
+ }
+ }
+
+ return false;
+ }
+
+ } catch (MalformedURLException e) {
+ log.warn("PublicURLPrefix can not parsed to URL", e);
+ return false;
+
+ } catch (UnknownHostException e) {
+ log.warn("Can not connect to PublicURLPrefix Server", e);
+ return false;
+
+ } catch (IOException e) {
+ log.warn("Can not connect to PublicURLPrefix Server", e);
+ return false;
+
+ } catch (CertificateEncodingException e) {
+ log.warn("Can not parse X509 server certificate", e);
+ return false;
+
+ } catch (CertificateException e) {
+ log.warn("Can not read X509 server certificate", e);
+ return false;
+
+ } catch (X509ExtensionInitException e) {
+ log.warn("Can not read X509 server certificate extension", e);
+ return false;
+ }
+
+ finally {
+ if (socket != null)
+ try {
+ socket.close();
+ } catch (IOException e) {
+ log.warn("SSL Socket can not be closed.", e);
+ }
+ }
+ }
+
+ public static boolean validateOAID(String oaIDObj) {
+ if (oaIDObj != null) {
+ try {
+
+ long oaID = Long.valueOf(oaIDObj);
+
+ if (oaID > 0 && oaID < Long.MAX_VALUE)
+ return true;
+
+ } catch (Throwable t) {
+ log.warn("No valid DataBase OAID received! " + oaIDObj);
+ }
+ }
+ return false;
+ }
+
+ public static boolean validateNumber(String value) {
+
+ log.debug("Validate Number " + value);
+
+ try {
+ Float.valueOf(value);
+
+ return true;
+
+ } catch (NumberFormatException e) {
+ return false;
+ }
+
+
+ }
+
+ public static boolean validatePhoneNumber(String value) {
+ log.debug ("Validate PhoneNumber " + value);
+
+ /* ************************************************************************************************
+ * Legende:
+ * ======== AA = post/pre-Text
+ * BB = (+49)
+ * CC = Vorwahl
+ * DD = Durchwahl
+ * EE = Nebenstelle
+ * Pattern p = Pattern.compile("^ [a-zA-Z .,;:/\\-]* [ ]* [(]{0,1}[ ]*[+]{0,1}[ ]*[0-9]{0,2}[ ]*[)]{0,1} [ ]* [0-9]*[ ]* [0-9][ ]* [0-9]* [ ]* [a-zA-Z .,;:\\/-]* $");
+ * ------- AA ------- --------------------- BB --------------------- --------- CC -------- - DD - - EE - ------- AA -------
+ * ************************************************************************************************ */
+ Pattern pattern = Pattern.compile("^[a-zA-Z .,;:/\\-]*[ ]*[(]{0,1}[ ]*[+]{0,1}[ ]*[0-9]{0,2}[ ]*[)]{0,1}[ ]*[0-9]*[ ]*[0-9]*[ ]*[0-9]*[ ]*[a-zA-Z .,;:\\/-]*$");
+ Matcher matcher = pattern.matcher(value);
+ boolean b = matcher.matches();
+ if (b) {
+ log.debug("Parameter PhoneNumber erfolgreich ueberprueft");
+ return true;
+ }
+ else {
+ log.error("Fehler Ueberpruefung Parameter PhoneNumber. PhoneNumber entspricht nicht den Kriterien ^ [a-zA-Z .,;:/\\-]* [ ]* [(]{0,1}[ ]*[+]{0,1}[ ]*[0-9]{0,2}[ ]*[)]{0,1} [ ]* [0-9]*[ ]*[/\\-]{0,1} [ ]*[ ]* [0-9]* [ ]* [a-zA-Z .,;:\\/-]* $");
+ return false;
+ }
+
+
+ }
+
+ public static boolean validateURL(String urlString) {
+
+ log.debug("Validate URL " + urlString);
+
+ if (urlString.startsWith("http") || urlString.startsWith("https")) {
+ try {
+ new URL(urlString);
+ return true;
+
+ } catch (MalformedURLException e) {
+ }
+ }
+
+ return false;
+ }
+
+// public static boolean validateGeneralURL(String urlString) {
+//
+// log.debug("Validate URL " + urlString);
+//
+// try {
+// new URL(urlString);
+// return true;
+//
+// } catch (MalformedURLException e) {
+//
+// }
+//
+// return false;
+// }
+
+ public static boolean isValidAdminTarget(String target) {
+
+ log.debug("Ueberpruefe Parameter Target");
+
+ Pattern pattern = Pattern.compile("[a-zA-Z-]{1,5}");
+ Matcher matcher = pattern.matcher(target);
+ boolean b = matcher.matches();
+ if (b) {
+ log.debug("Parameter SSO-Target erfolgreich ueberprueft. SSO Target is PublicService.");
+ return true;
+ }
+ else {
+ log.info("Parameter SSO-Target entspricht nicht den Kriterien " +
+ "(nur Zeichen a-z, A-Z und -, sowie 1-5 Zeichen lang) fuer den oeffentlichen Bereich. " +
+ "Valiere SSO-Target fuer privatwirtschaftliche Bereiche.");
+ return false;
+ }
+ }
+
+ public static boolean isValidTarget(String target) {
+
+ log.debug("Ueberpruefe Parameter Target");
+
+ if (TargetValidator.isValidTarget(target)) {
+ log.debug("Parameter Target erfolgreich ueberprueft");
+ return true;
+ }
+ else {
+ log.error("Fehler Ueberpruefung Parameter Target. Target entspricht nicht den Kriterien (nur Zeichen a-z, A-Z und -, sowie 1-5 Zeichen lang)");
+ return false;
+ }
+
+ }
+
+ public static boolean isValidSourceID(String sourceID) {
+
+ log.debug("Ueberpruefe Parameter sourceID");
+
+ Pattern pattern = Pattern.compile("[\\w-_]{1,20}");
+ Matcher matcher = pattern.matcher(sourceID);
+ boolean b = matcher.matches();
+ if (b) {
+ log.debug("Parameter sourceID erfolgreich ueberprueft");
+ return true;
+ }
+ else {
+ log.error("Fehler Ueberpruefung Parameter sourceID. SourceID entspricht nicht den Kriterien (nur Zeichen a-z, A-Z, - und _, sowie 1-20 Zeichen lang)");
+ return false;
+ }
+ }
+
+ public static boolean isDateFormat(String dateString) {
+ if (dateString.length() > TEMPLATE_DATEFORMAT.length())
+ return false;
+
+ SimpleDateFormat sdf = new SimpleDateFormat(TEMPLATE_DATEFORMAT);
+ try {
+ sdf.parse(dateString);
+ return true;
+
+ } catch (ParseException e) {
+ return false;
+ }
+ }
+
+ public static boolean isEmailAddressFormat(String address) {
+ if (address == null) {
+ return false;
+ }
+ return Pattern.compile("^[a-zA-Z0-9._%+-]+@[a-zA-Z0-9.-]+\\.[a-zA-Z]{2,6}$").matcher(address).matches();
+ }
+
+ public static boolean isValidOAIdentifier(String param) {
+ if (param == null) {
+ return false;
+ }
+ return param.indexOf(";") != -1 ||
+ param.indexOf("%") != -1 ||
+ param.indexOf("\"") != -1 ||
+ param.indexOf("'") != -1 ||
+ param.indexOf("?") != -1 ||
+ param.indexOf("`") != -1 ||
+ param.indexOf(",") != -1 ||
+ param.indexOf("<") != -1 ||
+ param.indexOf(">") != -1 ||
+ param.indexOf("\\") != -1;
+
+ }
+
+ public static String getNotValidOAIdentifierCharacters() {
+
+ return "; % \" ' ` , < > \\";
+ }
+
+ public static boolean containsPotentialCSSCharacter(String param, boolean commaallowed) {
+
+ if (param == null) {
+ return false;
+ }
+ return param.indexOf(";") != -1 ||
+ param.indexOf("%") != -1 ||
+ param.indexOf("\"") != -1 ||
+ param.indexOf("'") != -1 ||
+ param.indexOf("?") != -1 ||
+ param.indexOf("`") != -1 ||
+ ( param.indexOf(",") != -1 && !commaallowed ) ||
+ param.indexOf("<") != -1 ||
+ param.indexOf(">") != -1 ||
+ param.indexOf("\\") != -1 ||
+ param.indexOf("/") != -1;
+ }
+
+ public static String getPotentialCSSCharacter(boolean commaallowed) {
+
+ if (commaallowed)
+ return "; % \" ' ` < > \\ /";
+ else
+ return "; % \" ' ` , < > \\ /";
+ }
+
+ public static boolean isNotValidIdentityLinkSigner(String param) {
+ if (param == null) {
+ return false;
+ }
+ return param.indexOf(";") != -1 ||
+ param.indexOf("%") != -1 ||
+ param.indexOf("\"") != -1 ||
+ param.indexOf("'") != -1 ||
+ param.indexOf("?") != -1 ||
+ param.indexOf("`") != -1 ||
+ param.indexOf("<") != -1 ||
+ param.indexOf(">") != -1;
+
+ }
+
+ public static String getNotValidIdentityLinkSignerCharacters() {
+
+ return "; % \" ' ` < >";
+ }
+
+ public static boolean isValidHexValue(String param) {
+
+ try {
+ if (param.startsWith("#") && param.length() <= 7) {
+ Long.decode(param);
+ return true;
+ }
+
+ } catch (Exception e) {
+
+ }
+ return false;
+
+ }
+
+}