From 028be490569e4080947f7708f08782f4306503ae Mon Sep 17 00:00:00 2001 From: pdanner Date: Fri, 19 Oct 2007 13:12:22 +0000 Subject: Fixed path choice on parep validation git-svn-id: https://joinup.ec.europa.eu/svn/moa-idspss/trunk@1028 d688527b-c9ab-4aba-bd8d-4036d912da1d --- .../auth/servlet/ProcessValidatorInputServlet.java | 71 +++++++++++++--------- 1 file changed, 42 insertions(+), 29 deletions(-) diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/ProcessValidatorInputServlet.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/ProcessValidatorInputServlet.java index 89834307d..e2eda5755 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/ProcessValidatorInputServlet.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/ProcessValidatorInputServlet.java @@ -124,37 +124,50 @@ public class ProcessValidatorInputServlet extends AuthServlet { String dataURL = new DataURLBuilder().buildDataURL( session.getAuthURL(), AuthenticationServer.REQ_VERIFY_AUTH_BLOCK, sessionID); - // Test if we have a user input form sign template - String inputProcessorSignTemplateURL = req.getParameter(PARAM_INPUT_PROCESSOR_SIGN_TEMPLATE); - String inputProcessorSignTemplate = null; - OAAuthParameter oaParam = - AuthConfigurationProvider.getInstance().getOnlineApplicationParameter(session.getOAURLRequested()); - // override template url by url from configuration file - if (oaParam.getInputProcessorSignTemplateURL() != null) { - inputProcessorSignTemplateURL = oaParam.getInputProcessorSignTemplateURL(); - } - if (inputProcessorSignTemplateURL != null) { - try { - inputProcessorSignTemplate = new String(FileUtils.readURL(inputProcessorSignTemplateURL)); - } catch (IOException ex) { - throw new AuthenticationException( - "auth.03", - new Object[] { inputProcessorSignTemplateURL, ex.toString()}, - ex); + String htmlForm = null; + + boolean doInputProcessorSign = false; + String inputProcessorSignForm = req.getParameter("Sign_Form"); + if (inputProcessorSignForm==null) inputProcessorSignForm = (String) req.getAttribute("Sign_Form"); + if (inputProcessorSignForm==null) inputProcessorSignForm = (String) parameters.get("Sign_Form"); + if (inputProcessorSignForm==null) inputProcessorSignForm = (String) parameters.get("Sign_Form_"); + if (!ParepUtils.isEmpty(inputProcessorSignForm)) doInputProcessorSign = inputProcessorSignForm.equalsIgnoreCase("true"); + if (doInputProcessorSign) { + // Test if we have a user input form sign template + String inputProcessorSignTemplateURL = req.getParameter(PARAM_INPUT_PROCESSOR_SIGN_TEMPLATE); + String inputProcessorSignTemplate = null; + OAAuthParameter oaParam = + AuthConfigurationProvider.getInstance().getOnlineApplicationParameter(session.getOAURLRequested()); + // override template url by url from configuration file + if (oaParam.getInputProcessorSignTemplateURL() != null) { + inputProcessorSignTemplateURL = oaParam.getInputProcessorSignTemplateURL(); + } + if (inputProcessorSignTemplateURL != null) { + try { + inputProcessorSignTemplate = new String(FileUtils.readURL(inputProcessorSignTemplateURL)); + } catch (IOException ex) { + throw new AuthenticationException( + "auth.03", + new Object[] { inputProcessorSignTemplateURL, ex.toString()}, + ex); + } } + + htmlForm = new GetVerifyAuthBlockFormBuilder().build( + inputProcessorSignTemplate, session.getBkuURL(), createXMLSignatureRequestOrRedirect, dataURL, session.getPushInfobox()); + htmlForm = ParepUtils.replaceAll(htmlForm, "", session.getAuthURL()); + htmlForm = ParepUtils.replaceAll(htmlForm, "", sessionID); + htmlForm = ParepUtils.replaceAll(htmlForm, "", session.getBkuURL()); + htmlForm = ParepUtils.replaceAll(htmlForm, "", dataURL); + htmlForm = ParepUtils.replaceAll(htmlForm, "", session.getPushInfobox()); + resp.setContentType("text/html;charset=UTF-8"); + } else { + htmlForm = createXMLSignatureRequestOrRedirect; + resp.setStatus(307); + resp.addHeader("Location", dataURL); + //TODO test impact of explicit setting charset with older versions of BKUs (HotSign) + resp.setContentType("text/xml;charset=UTF-8"); } - - - - String htmlForm = new GetVerifyAuthBlockFormBuilder().build( - inputProcessorSignTemplate, session.getBkuURL(), createXMLSignatureRequestOrRedirect, dataURL, session.getPushInfobox()); - htmlForm = ParepUtils.replaceAll(htmlForm, "", session.getAuthURL()); - htmlForm = ParepUtils.replaceAll(htmlForm, "", sessionID); - htmlForm = ParepUtils.replaceAll(htmlForm, "", session.getBkuURL()); - htmlForm = ParepUtils.replaceAll(htmlForm, "", dataURL); - htmlForm = ParepUtils.replaceAll(htmlForm, "", session.getPushInfobox()); - - resp.setContentType("text/html;charset=UTF-8"); OutputStream out = resp.getOutputStream(); out.write(htmlForm.getBytes("UTF-8")); -- cgit v1.2.3