From 40118762b215438892aa03d59d3d1b04efc87579 Mon Sep 17 00:00:00 2001 From: Thomas Lenz Date: Fri, 24 May 2019 08:11:50 +0200 Subject: switch to version 4.0.0-Snapshot for MOA E-ID Proxy --- pom.xml | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/pom.xml b/pom.xml index c4302201b..b4db972b3 100644 --- a/pom.xml +++ b/pom.xml @@ -12,14 +12,14 @@ UTF-8 - 3.4.3 + 4.0.0-Snapshot - 3.4.3 - 3.4.3 + 4.0.0-Snapshot + 4.0.0-Snapshot 2.0.1 - 2.5.3 + 3.0.0-Snapshot 2.0.6 1.3.2 -- cgit v1.2.3 From cd0a225cac0ba73ec6efa5f33324a94dd9353548 Mon Sep 17 00:00:00 2001 From: Thomas Lenz Date: Fri, 24 May 2019 08:13:56 +0200 Subject: add EAAF module for SL2.0 --- pom.xml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/pom.xml b/pom.xml index b4db972b3..7aa5a2c9d 100644 --- a/pom.xml +++ b/pom.xml @@ -462,11 +462,11 @@ eaaf_module_pvp2_core ${egiz.eaaf.version} - + -- cgit v1.2.3 From 996774dbf06b037d9f843e57a2cfac9bcc111a51 Mon Sep 17 00:00:00 2001 From: Thomas Lenz Date: Fri, 24 May 2019 08:14:55 +0200 Subject: update Demo-OA to illustrate SAML2 SubjectNameId --- .../egovernment/moa/id/demoOA/Configuration.java | 16 +++++++- .../moa/id/demoOA/servlet/pvp2/Authenticate.java | 44 +++++++++++++--------- .../id/demoOA/servlet/pvp2/DemoApplication.java | 23 ++++++++--- .../moa/id/demoOA/utils/ApplicationBean.java | 9 +++++ id/oa/src/main/webapp/demoapp.jsp | 6 ++- id/oa/src/main/webapp/index.jsp | 2 + 6 files changed, 76 insertions(+), 24 deletions(-) diff --git a/id/oa/src/main/java/at/gv/egovernment/moa/id/demoOA/Configuration.java b/id/oa/src/main/java/at/gv/egovernment/moa/id/demoOA/Configuration.java index 09069ac7f..8ada01cb6 100644 --- a/id/oa/src/main/java/at/gv/egovernment/moa/id/demoOA/Configuration.java +++ b/id/oa/src/main/java/at/gv/egovernment/moa/id/demoOA/Configuration.java @@ -182,6 +182,21 @@ public class Configuration { return Boolean.parseBoolean(props.getProperty("general.login.pvp2.binding.resp.redirect", "false")); } + + public boolean setAuthnContextClassRef() { + return Boolean.parseBoolean(props.getProperty("general.login.pvp2.req.set.authncontextclassref", "true")); + } + + public String getScopeRequesterId() { + return props.getProperty("general.login.pvp2.sp.requesterId"); + } + + public boolean setNameIdPolicy() { + return Boolean.parseBoolean(props.getProperty("general.login.pvp2.req.set.nameIDPolicy", "true")); + } + + + public void initializePVP2Login() throws ConfigurationException { if (!pvp2logininitialzied) initalPVP2Login(); @@ -276,6 +291,5 @@ public class Configuration { throw new ConfigurationException("PVP2 authentification can not be initialized.", e); } } - } diff --git a/id/oa/src/main/java/at/gv/egovernment/moa/id/demoOA/servlet/pvp2/Authenticate.java b/id/oa/src/main/java/at/gv/egovernment/moa/id/demoOA/servlet/pvp2/Authenticate.java index 4c909ff80..0671b8c14 100644 --- a/id/oa/src/main/java/at/gv/egovernment/moa/id/demoOA/servlet/pvp2/Authenticate.java +++ b/id/oa/src/main/java/at/gv/egovernment/moa/id/demoOA/servlet/pvp2/Authenticate.java @@ -35,6 +35,7 @@ import javax.xml.parsers.DocumentBuilderFactory; import javax.xml.parsers.ParserConfigurationException; import org.apache.commons.lang3.RandomUtils; +import org.apache.commons.lang3.StringUtils; import org.apache.velocity.app.VelocityEngine; import org.apache.velocity.runtime.RuntimeConstants; import org.joda.time.DateTime; @@ -52,6 +53,8 @@ import org.opensaml.saml2.core.NameID; import org.opensaml.saml2.core.NameIDPolicy; import org.opensaml.saml2.core.NameIDType; import org.opensaml.saml2.core.RequestedAuthnContext; +import org.opensaml.saml2.core.RequesterID; +import org.opensaml.saml2.core.Scoping; import org.opensaml.saml2.metadata.EntityDescriptor; import org.opensaml.saml2.metadata.SingleSignOnService; import org.opensaml.saml2.metadata.impl.SingleSignOnServiceBuilder; @@ -136,11 +139,12 @@ public class Authenticate extends HttpServlet { issuer.setFormat(NameIDType.ENTITY); authReq.setIssuer(issuer); - NameIDPolicy policy = SAML2Utils - .createSAMLObject(NameIDPolicy.class); - policy.setAllowCreate(true); - policy.setFormat(NameID.PERSISTENT); - authReq.setNameIDPolicy(policy); + if (config.setNameIdPolicy()) { + NameIDPolicy policy = SAML2Utils.createSAMLObject(NameIDPolicy.class); + policy.setAllowCreate(true); + policy.setFormat(NameID.PERSISTENT); + authReq.setNameIDPolicy(policy); + } String entityname = config.getPVP2IDPMetadataEntityName(); if (MiscUtil.isEmpty(entityname)) { @@ -183,20 +187,26 @@ public class Authenticate extends HttpServlet { //authReq.setDestination("http://test.test.test"); + if (config.setAuthnContextClassRef()) { + RequestedAuthnContext reqAuthContext = + SAML2Utils.createSAMLObject(RequestedAuthnContext.class); + AuthnContextClassRef authnClassRef = + SAML2Utils.createSAMLObject(AuthnContextClassRef.class); + authnClassRef.setAuthnContextClassRef("http://www.stork.gov.eu/1.0/citizenQAALevel/4"); + reqAuthContext.setComparison(AuthnContextComparisonTypeEnumeration.MINIMUM); + reqAuthContext.getAuthnContextClassRefs().add(authnClassRef); + authReq.setRequestedAuthnContext(reqAuthContext); + } - RequestedAuthnContext reqAuthContext = - SAML2Utils.createSAMLObject(RequestedAuthnContext.class); - - AuthnContextClassRef authnClassRef = - SAML2Utils.createSAMLObject(AuthnContextClassRef.class); - - authnClassRef.setAuthnContextClassRef("http://www.stork.gov.eu/1.0/citizenQAALevel/4"); - - reqAuthContext.setComparison(AuthnContextComparisonTypeEnumeration.MINIMUM); - - reqAuthContext.getAuthnContextClassRefs().add(authnClassRef); + if (StringUtils.isNotEmpty(config.getScopeRequesterId())) { + Scoping scope = SAML2Utils.createSAMLObject(Scoping.class); + RequesterID requesterId = SAML2Utils.createSAMLObject(RequesterID.class); + requesterId.setRequesterID(config.getScopeRequesterId()); + scope.getRequesterIDs().add(requesterId ); + authReq.setScoping(scope ); + + } - authReq.setRequestedAuthnContext(reqAuthContext); //sign authentication request KeyStore keyStore = config.getPVP2KeyStore(); diff --git a/id/oa/src/main/java/at/gv/egovernment/moa/id/demoOA/servlet/pvp2/DemoApplication.java b/id/oa/src/main/java/at/gv/egovernment/moa/id/demoOA/servlet/pvp2/DemoApplication.java index aeb4d8eac..e36a880ba 100644 --- a/id/oa/src/main/java/at/gv/egovernment/moa/id/demoOA/servlet/pvp2/DemoApplication.java +++ b/id/oa/src/main/java/at/gv/egovernment/moa/id/demoOA/servlet/pvp2/DemoApplication.java @@ -198,11 +198,7 @@ public class DemoApplication extends HttpServlet { } - //set assertion - org.w3c.dom.Document doc = SAML2Utils.asDOMDocument(samlResponse); - String assertion = DOMUtils.serializeNode(doc); - bean.setAssertion(assertion); - + if (samlResponse.getStatus().getStatusCode().getValue().equals(StatusCode.SUCCESS_URI)) { List saml2assertions = new ArrayList(); @@ -245,12 +241,28 @@ public class DemoApplication extends HttpServlet { } + samlResponse.getAssertions().clear(); + samlResponse.getAssertions().addAll(saml2assertions); + + //set assertion + org.w3c.dom.Document doc = SAML2Utils.asDOMDocument(samlResponse); + String assertion = DOMUtils.serializeNode(doc); + bean.setAssertion(assertion); + + String principleId = null; String givenName = null; String familyName = null; String birthday = null; for (org.opensaml.saml2.core.Assertion saml2assertion : saml2assertions) { + try { + principleId = saml2assertion.getSubject().getNameID().getValue(); + + } catch (Exception e) { + log.warn("Can not read SubjectNameId", e); + } + //loop through the nodes to get what we want List attributeStatements = saml2assertion.getAttributeStatements(); for (int i = 0; i < attributeStatements.size(); i++) @@ -277,6 +289,7 @@ public class DemoApplication extends HttpServlet { } + bean.setPrincipleId(principleId); bean.setDateOfBirth(birthday); bean.setFamilyName(familyName); bean.setGivenName(givenName); diff --git a/id/oa/src/main/java/at/gv/egovernment/moa/id/demoOA/utils/ApplicationBean.java b/id/oa/src/main/java/at/gv/egovernment/moa/id/demoOA/utils/ApplicationBean.java index 05c253b6e..59090cbcc 100644 --- a/id/oa/src/main/java/at/gv/egovernment/moa/id/demoOA/utils/ApplicationBean.java +++ b/id/oa/src/main/java/at/gv/egovernment/moa/id/demoOA/utils/ApplicationBean.java @@ -32,6 +32,7 @@ public class ApplicationBean implements Serializable { private String givenName; private String dateOfBirth; private String assertion; + private String principleId; private boolean isLogin = false; @@ -122,6 +123,14 @@ public class ApplicationBean implements Serializable { public void setSuccessMessage(String successMessage) { this.successMessage = successMessage; } + + public String getPrincipleId() { + return principleId; + } + public void setPrincipleId(String principleId) { + this.principleId = principleId; + } + diff --git a/id/oa/src/main/webapp/demoapp.jsp b/id/oa/src/main/webapp/demoapp.jsp index c6b005deb..7d511a5ce 100644 --- a/id/oa/src/main/webapp/demoapp.jsp +++ b/id/oa/src/main/webapp/demoapp.jsp @@ -31,7 +31,11 @@
- + + + + + diff --git a/id/oa/src/main/webapp/index.jsp b/id/oa/src/main/webapp/index.jsp index 49f3e3e3a..628d3e7a3 100644 --- a/id/oa/src/main/webapp/index.jsp +++ b/id/oa/src/main/webapp/index.jsp @@ -21,6 +21,8 @@ -- cgit v1.2.3 From ac531e30d13d6714e2ac61f7329e6adc130aa288 Mon Sep 17 00:00:00 2001 From: Thomas Lenz Date: Fri, 24 May 2019 12:23:41 +0200 Subject: untested switch to EAAF-components 1.0.7 --- id/server/auth-final/pom.xml | 41 ------------- id/server/idserverlib/pom.xml | 5 +- .../id/auth/builder/AuthenticationDataBuilder.java | 22 +++++-- .../moa/id/auth/data/AuthenticationSession.java | 12 ++++ .../id/auth/data/VerifyXMLSignatureResponse.java | 1 - .../tasks/EvaluateSSOConsentsTaskImpl.java | 2 +- .../tasks/GenerateBKUSelectionFrameTask.java | 2 +- .../GenerateSSOConsentEvaluatorFrameTask.java | 2 +- .../parser/VerifyXMLSignatureResponseParser.java | 2 +- .../id/auth/servlet/GUILayoutBuilderServlet.java | 10 ++-- .../GeneralProcessEngineSignalController.java | 3 +- .../id/auth/servlet/IDPSingleLogOutServlet.java | 30 +++++----- .../moa/id/auth/servlet/RedirectServlet.java | 12 ++-- .../attributes/SimpleStringAttributeGenerator.java | 68 ---------------------- .../pvp2x/builder/SingleLogOutBuilder.java | 18 +++--- .../main/resources/moaid.authentication.beans.xml | 29 ++------- .../moa/id/config/auth/data/DummyAuthConfig.java | 12 ---- .../moa/id/config/auth/data/DummyAuthSession.java | 10 ++++ .../moa/id/config/auth/data/DummyAuthStorage.java | 2 +- .../src/test/java/test/tlenz/simpletest.java | 6 +- id/server/moa-id-commons/pom.xml | 4 ++ .../api/data/IVerifiyXMLSignatureResponse.java | 1 - .../moa/id/commons/utils/X509Utils.java | 62 -------------------- .../MOAIDGuiBilderConfigurationFactory.java | 5 +- ...roviderSpecificGUIFormBuilderConfiguration.java | 55 ++++++++++------- .../DefaultGUIFormBuilderConfiguration.java | 23 +++++--- .../auth/frontend/builder/GUIFormBuilderImpl.java | 8 +-- id/server/moa-id-spring-initializer/pom.xml | 1 - .../moa/id/auth/MOAContextCloseHandler.java | 2 +- ...tizenCardAuthProcessEngineSignalController.java | 3 +- .../moa-id-module-AT_eIDAS_connector/pom.xml | 5 +- .../EidasCentralAuthMetadataController.java | 5 +- .../EidasCentralAuthSignalController.java | 3 +- .../utils/EidasCentralAuthMetadataProvider.java | 2 +- id/server/modules/moa-id-module-eIDAS/pom.xml | 11 ++++ ...strianAuthWitheID4UAuthenticationModulImpl.java | 17 ++++-- .../auth/modules/eidas/eID4UAPSignalServlet.java | 3 +- .../id/auth/modules/eidas/eIDASSignalServlet.java | 3 +- .../engine/MOAeIDASChainingMetadataProvider.java | 2 +- .../tasks/CollectAddtionalAttributesTask.java | 2 +- .../modules/eidas/utils/eIDASAttributeBuilder.java | 2 +- .../moa/id/protocols/eidas/EIDASProtocol.java | 6 +- .../moa-id-module-elga_mandate_service/pom.xml | 5 ++ .../controller/ELGAMandateMetadataController.java | 5 +- .../controller/ELGAMandateSignalController.java | 3 +- .../tasks/EvaluateMandateServiceTask.java | 2 +- .../tasks/SelectMandateServiceTask.java | 2 +- .../utils/ELGAMandateServiceMetadataProvider.java | 2 +- .../oauth20/protocol/OAuth20Protocol.java | 8 +-- .../moa-id-module-sl20_authentication/pom.xml | 26 +++++++++ .../auth/modules/sl20_auth/SL20SignalServlet.java | 3 +- .../modules/sl20_auth/sl20/JsonSecurityUtils.java | 3 +- .../sl20/verifier/QualifiedeIDVerifier.java | 3 +- .../sl20_auth/dummydata/DummyAuthConfig.java | 11 ---- .../data/SSOTransferAuthenticationData.java | 12 ++++ .../ssotransfer/servlet/SSOTransferServlet.java | 16 ++--- .../servlet/SSOTransferSignalServlet.java | 5 +- .../task/InitializeRestoreSSOSessionTask.java | 2 +- .../ssotransfer/task/RestoreSSOSessionTask.java | 2 +- .../auth/modules/ssotransfer/utils/GUIUtils.java | 17 +++--- .../FederatedAuthMetadataController.java | 5 +- .../controller/FederatedAuthSignalController.java | 3 +- .../protocols/saml1/SAML1AuthenticationServer.java | 2 +- .../moa/id/protocols/saml1/SAML1Protocol.java | 6 +- pom.xml | 20 ++++++- 65 files changed, 310 insertions(+), 367 deletions(-) delete mode 100644 id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/builder/attributes/SimpleStringAttributeGenerator.java delete mode 100644 id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/id/commons/utils/X509Utils.java diff --git a/id/server/auth-final/pom.xml b/id/server/auth-final/pom.xml index 504adb486..6301a10ec 100644 --- a/id/server/auth-final/pom.xml +++ b/id/server/auth-final/pom.xml @@ -130,61 +130,20 @@ moa-id-frontend-resources - - - - - MOA.id.server.modules moa-id-module-monitoring - MOA.id.server.modules moa-id-module-saml1 - - MOA.id.server.modules - moa-id-module-openID - - - MOA.id.server.modules - moa-id-module-elga_mandate_service - - - MOA.id.server.modules - moa-id-modul-citizencard_authentication - - - MOA.id.server.modules - moa-id-module-sl20_authentication - - - - MOA.id.server.modules - moa-id-module-AT_eIDAS_connector - - - - - diff --git a/id/server/idserverlib/pom.xml b/id/server/idserverlib/pom.xml index 4d8843ead..1fd6b3695 100644 --- a/id/server/idserverlib/pom.xml +++ b/id/server/idserverlib/pom.xml @@ -74,7 +74,6 @@ at.gv.egiz.components egiz-spring-api - 0.1 @@ -244,6 +243,10 @@ commons-discovery commons-discovery --> + + org.apache.commons + commons-text + commons-fileupload commons-fileupload diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/builder/AuthenticationDataBuilder.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/builder/AuthenticationDataBuilder.java index acf59cebf..25a508687 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/builder/AuthenticationDataBuilder.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/builder/AuthenticationDataBuilder.java @@ -53,6 +53,7 @@ import at.gv.egiz.eaaf.core.api.idp.auth.data.IIdentityLink; import at.gv.egiz.eaaf.core.exceptions.EAAFAuthenticationException; import at.gv.egiz.eaaf.core.exceptions.EAAFBuilderException; import at.gv.egiz.eaaf.core.exceptions.EAAFConfigurationException; +import at.gv.egiz.eaaf.core.exceptions.EAAFException; import at.gv.egiz.eaaf.core.exceptions.EAAFParserException; import at.gv.egiz.eaaf.core.exceptions.EAAFStorageException; import at.gv.egiz.eaaf.core.exceptions.XPathException; @@ -60,6 +61,7 @@ import at.gv.egiz.eaaf.core.impl.data.Pair; import at.gv.egiz.eaaf.core.impl.idp.AuthenticationData; import at.gv.egiz.eaaf.core.impl.idp.auth.builder.AbstractAuthenticationDataBuilder; import at.gv.egiz.eaaf.core.impl.idp.auth.builder.BPKBuilder; +import at.gv.egiz.eaaf.core.impl.idp.builder.SimpleStringAttributeGenerator; import at.gv.egiz.eaaf.core.impl.utils.XPathUtils; import at.gv.egovernment.moa.id.auth.data.AuthenticationSessionStorageConstants; import at.gv.egovernment.moa.id.auth.data.AuthenticationSessionWrapper; @@ -84,7 +86,6 @@ import at.gv.egovernment.moa.id.data.MISMandate; import at.gv.egovernment.moa.id.data.MOAAuthenticationData; import at.gv.egovernment.moa.id.protocols.builder.attributes.MandateNaturalPersonSourcePinAttributeBuilder; import at.gv.egovernment.moa.id.protocols.builder.attributes.MandateNaturalPersonSourcePinTypeAttributeBuilder; -import at.gv.egovernment.moa.id.protocols.builder.attributes.SimpleStringAttributeGenerator; import at.gv.egovernment.moa.id.protocols.pvp2x.PVPConstants; import at.gv.egovernment.moa.id.storage.IAuthenticationSessionStoreage; import at.gv.egovernment.moa.id.util.IdentityLinkReSigner; @@ -134,7 +135,7 @@ public class AuthenticationDataBuilder extends AbstractAuthenticationDataBuilder } @Override - public IAuthData buildAuthenticationData(IRequest pendingReq) throws EAAFAuthenticationException { + protected IAuthData buildDeprecatedAuthData(IRequest pendingReq) throws EAAFException { try { return buildAuthenticationData(pendingReq, pendingReq.getSessionData(AuthenticationSessionWrapper.class), @@ -145,7 +146,6 @@ public class AuthenticationDataBuilder extends AbstractAuthenticationDataBuilder throw new EAAFAuthenticationException("builder.11", new Object[]{e.getMessage()}, e); } - } private IAuthData buildAuthenticationData(IRequest pendingReq, @@ -216,7 +216,7 @@ public class AuthenticationDataBuilder extends AbstractAuthenticationDataBuilder IOAAuthParameters oaParam, IRequest protocolRequest) throws BuildException, ConfigurationException, EAAFBuilderException { try { //generate basic authentication data - generateBasicAuthData(authData, protocolRequest, session); + generateDeprecatedBasicAuthData(authData, protocolRequest, session); //set Austrian eID demo-mode flag authData.setIseIDNewDemoMode(Boolean.parseBoolean( @@ -926,4 +926,18 @@ public class AuthenticationDataBuilder extends AbstractAuthenticationDataBuilder } } } + + @Override + protected IAuthData getAuthDataInstance(IRequest pendingReq) throws EAAFException { + throw new RuntimeException("This method is NOT supported by MOA-ID"); + + } + + @Override + protected void buildServiceSpecificAuthenticationData(IAuthData authData, IRequest pendingReq) + throws EAAFException { + throw new RuntimeException("This method is NOT supported by MOA-ID"); + + } + } diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/data/AuthenticationSession.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/data/AuthenticationSession.java index cadaec2a0..8b587c550 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/data/AuthenticationSession.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/data/AuthenticationSession.java @@ -674,5 +674,17 @@ public class AuthenticationSession implements Serializable, IAuthenticationSessi result.put(GENERIC_PREFIX + el.getKey(), el.getValue()); return Collections.unmodifiableMap(result); + } + + @Override + public boolean isEIDProcess() { + return false; + + } + + @Override + public void setEIDProcess(boolean value) { + Logger.warn("set E-ID process will be ignored!!!"); + } } diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/data/VerifyXMLSignatureResponse.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/data/VerifyXMLSignatureResponse.java index c054976ec..636871a09 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/data/VerifyXMLSignatureResponse.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/data/VerifyXMLSignatureResponse.java @@ -261,7 +261,6 @@ public Date getSigningDateTime() { /* (non-Javadoc) * @see at.gv.egovernment.moa.id.auth.data.IVerifiyXMLSignatureResponse#setSigningDateTime(java.util.Date) */ -@Override public void setSigningDateTime(Date signingDateTime) { this.signingDateTime = signingDateTime; } diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/modules/internal/tasks/EvaluateSSOConsentsTaskImpl.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/modules/internal/tasks/EvaluateSSOConsentsTaskImpl.java index 375b144d7..4fefaf17b 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/modules/internal/tasks/EvaluateSSOConsentsTaskImpl.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/modules/internal/tasks/EvaluateSSOConsentsTaskImpl.java @@ -112,7 +112,7 @@ public class EvaluateSSOConsentsTaskImpl extends AbstractAuthServletTask { requestStoreage.storePendingRequest(pendingReq); //redirect to auth. protocol finalization - performRedirectToProtocolFinialization(pendingReq, response); + performRedirectToProtocolFinialization(executionContext, pendingReq, request, response); } catch (MOAIDException e) { throw new TaskExecutionException(pendingReq, e.getMessage(), e); diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/modules/internal/tasks/GenerateBKUSelectionFrameTask.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/modules/internal/tasks/GenerateBKUSelectionFrameTask.java index 98e632bd8..cc070f8fd 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/modules/internal/tasks/GenerateBKUSelectionFrameTask.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/modules/internal/tasks/GenerateBKUSelectionFrameTask.java @@ -73,7 +73,7 @@ public class GenerateBKUSelectionFrameTask extends AbstractAuthServletTask { SPSpecificGUIBuilderConfigurationWithDBLoad.VIEW_BKUSELECTION, GeneralProcessEngineSignalController.ENDPOINT_BKUSELECTION_EVALUATION); - guiBuilder.build(response, config, "BKU-Selection form"); + guiBuilder.build(request, response, config, "BKU-Selection form"); } catch (GUIBuildException e) { Logger.warn("Can not build GUI:'BKU-Selection'. Msg:" + e.getMessage()); diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/modules/internal/tasks/GenerateSSOConsentEvaluatorFrameTask.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/modules/internal/tasks/GenerateSSOConsentEvaluatorFrameTask.java index 3c364e924..64c3721df 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/modules/internal/tasks/GenerateSSOConsentEvaluatorFrameTask.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/modules/internal/tasks/GenerateSSOConsentEvaluatorFrameTask.java @@ -71,7 +71,7 @@ public class GenerateSSOConsentEvaluatorFrameTask extends AbstractAuthServletTas SPSpecificGUIBuilderConfigurationWithDBLoad.VIEW_SENDASSERTION, GeneralProcessEngineSignalController.ENDPOINT_SENDASSERTION_EVALUATION); - guiBuilder.build(response, config, "SendAssertion-Evaluation"); + guiBuilder.build(request, response, config, "SendAssertion-Evaluation"); //Log consents evaluator event to revisionslog revisionsLogger.logEvent(pendingReq, MOAIDEventConstants.AUTHPROCESS_SSO_ASK_USER_START); diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/parser/VerifyXMLSignatureResponseParser.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/parser/VerifyXMLSignatureResponseParser.java index c66353846..32660a3db 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/parser/VerifyXMLSignatureResponseParser.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/parser/VerifyXMLSignatureResponseParser.java @@ -176,7 +176,7 @@ public class VerifyXMLSignatureResponseParser { public IVerifiyXMLSignatureResponse parseData() throws ParseException { - IVerifiyXMLSignatureResponse respData=new VerifyXMLSignatureResponse(); + VerifyXMLSignatureResponse respData=new VerifyXMLSignatureResponse(); try { diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/GUILayoutBuilderServlet.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/GUILayoutBuilderServlet.java index 18aa93cc9..6803264dd 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/GUILayoutBuilderServlet.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/GUILayoutBuilderServlet.java @@ -59,7 +59,7 @@ public class GUILayoutBuilderServlet extends AbstractController { @Autowired AuthConfiguration authConfig; @Autowired IRequestStorage requestStoreage; - @Autowired IGUIFormBuilder formBuilder; + @Autowired IGUIFormBuilder formBuilder; public GUILayoutBuilderServlet() { super(); @@ -93,7 +93,7 @@ public class GUILayoutBuilderServlet extends AbstractController { } //build GUI component - formBuilder.build(resp, config, MOAIDConstants.DEFAULT_CONTENT_TYPE_HTML_UTF8, "BKUDetection-Frame"); + formBuilder.build(req, resp, config, MOAIDConstants.DEFAULT_CONTENT_TYPE_HTML_UTF8, "BKUDetection-Frame"); } catch (Exception e) { @@ -124,7 +124,7 @@ public class GUILayoutBuilderServlet extends AbstractController { null); //build GUI component - formBuilder.build(resp, config, "text/css; charset=UTF-8", "CSS-Form"); + formBuilder.build(req, resp, config, "text/css; charset=UTF-8", "CSS-Form"); } catch (Exception e) { Logger.warn("GUI ressource:'CSS' generation FAILED.", e); @@ -153,7 +153,7 @@ public class GUILayoutBuilderServlet extends AbstractController { GeneralProcessEngineSignalController.ENDPOINT_BKUSELECTION_EVALUATION); //build GUI component - formBuilder.build(resp, config, "text/javascript; charset=UTF-8", "JavaScript"); + formBuilder.build(req, resp, config, "text/javascript; charset=UTF-8", "JavaScript"); } catch (Exception e) { Logger.warn("GUI ressource:'JavaScript' generation FAILED.", e); @@ -168,7 +168,7 @@ public class GUILayoutBuilderServlet extends AbstractController { req.getParameter(EAAFConstants.PARAM_HTTP_TARGET_PENDINGREQUESTID)); if (MiscUtil.isNotEmpty(pendingReqID)) { - IRequest pendingReq = requestStorage.getPendingRequest(pendingReqID); + IRequest pendingReq = requestStoreage.getPendingRequest(pendingReqID); if (pendingReq != null) { Logger.trace("GUI-Layout builder: Pending-request:" + pendingReqID + " found -> Build specific template"); diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/GeneralProcessEngineSignalController.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/GeneralProcessEngineSignalController.java index 87325989a..09b18d9c6 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/GeneralProcessEngineSignalController.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/GeneralProcessEngineSignalController.java @@ -31,6 +31,7 @@ import org.springframework.stereotype.Controller; import org.springframework.web.bind.annotation.RequestMapping; import org.springframework.web.bind.annotation.RequestMethod; +import at.gv.egiz.eaaf.core.exceptions.EAAFException; import at.gv.egiz.eaaf.core.impl.idp.controller.AbstractProcessEngineSignalController; /** @@ -50,7 +51,7 @@ public class GeneralProcessEngineSignalController extends AbstractProcessEngineS "/signalProcess" }, method = {RequestMethod.POST, RequestMethod.GET}) - public void performGenericAuthenticationProcess(HttpServletRequest req, HttpServletResponse resp) throws IOException { + public void performGenericAuthenticationProcess(HttpServletRequest req, HttpServletResponse resp) throws IOException, EAAFException { signalProcessManagement(req, resp); } diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/IDPSingleLogOutServlet.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/IDPSingleLogOutServlet.java index c39d78d8b..b7970e4fd 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/IDPSingleLogOutServlet.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/IDPSingleLogOutServlet.java @@ -37,7 +37,9 @@ import org.springframework.web.bind.annotation.RequestMapping; import org.springframework.web.bind.annotation.RequestMethod; import at.gv.egiz.eaaf.core.api.IRequest; +import at.gv.egiz.eaaf.core.api.gui.IGUIFormBuilder; import at.gv.egiz.eaaf.core.api.idp.auth.IAuthenticationManager; +import at.gv.egiz.eaaf.core.api.idp.auth.services.IProtocolAuthenticationService; import at.gv.egiz.eaaf.core.api.idp.slo.ISLOInformationContainer; import at.gv.egiz.eaaf.core.exceptions.EAAFException; import at.gv.egiz.eaaf.core.exceptions.GUIBuildException; @@ -72,11 +74,13 @@ public class IDPSingleLogOutServlet extends AbstractController { @Autowired IAuthenticationManager authManager; @Autowired IAuthenticationSessionStoreage authenicationStorage; @Autowired SingleLogOutBuilder sloBuilder; + @Autowired IProtocolAuthenticationService protAuthService; + @Autowired(required=true) private IGUIFormBuilder guiBuilder; @RequestMapping(value = "/idpSingleLogout", method = {RequestMethod.GET}) public void doGet(HttpServletRequest req, HttpServletResponse resp) - throws ServletException, IOException { + throws ServletException, IOException, EAAFException { Logger.debug("Receive IDP-initiated SingleLogOut"); String authURL = HTTPUtils.extractAuthURLFromRequest(req); @@ -117,21 +121,21 @@ public class IDPSingleLogOutServlet extends AbstractController { null); if (MOAIDAuthConstants.SLOSTATUS_SUCCESS.equals(status)) - config.putCustomParameter("successMsg", + config.putCustomParameter(null, "successMsg", MOAIDMessageProvider.getInstance().getMessage("slo.00", null)); else - config.putCustomParameterWithOutEscaption("errorMsg", + config.putCustomParameterWithOutEscaption(null, "errorMsg", MOAIDMessageProvider.getInstance().getMessage("slo.01", null)); - guiBuilder.build(resp, config, "Single-LogOut GUI"); + guiBuilder.build(req, resp, config, "Single-LogOut GUI"); } catch (GUIBuildException e) { - handleErrorNoRedirect(e, req, resp, false); + protAuthService.handleErrorNoRedirect(e, req, resp, false); } catch (MOADatabaseException e) { - handleErrorNoRedirect(e, req, resp, false); + protAuthService.handleErrorNoRedirect(e, req, resp, false); } catch (EAAFException e) { - handleErrorNoRedirect(e, req, resp, false); + protAuthService.handleErrorNoRedirect(e, req, resp, false); } @@ -154,7 +158,7 @@ public class IDPSingleLogOutServlet extends AbstractController { } } catch (Exception e) { - handleErrorNoRedirect(e, req, resp, false); + protAuthService.handleErrorNoRedirect(e, req, resp, false); } @@ -166,7 +170,7 @@ public class IDPSingleLogOutServlet extends AbstractController { SLOInformationContainer sloContainer = transactionStorage.get(restartProcess, SLOInformationContainer.class); if (sloContainer == null) { Logger.info("No Single LogOut processing information with ID: " + restartProcess); - handleErrorNoRedirect(new MOAIDException("slo.03", null), req, resp, false); + protAuthService.handleErrorNoRedirect(new MOAIDException("slo.03", null), req, resp, false); return; } @@ -233,10 +237,10 @@ public class IDPSingleLogOutServlet extends AbstractController { DefaultGUIFormBuilderConfiguration.VIEW_SINGLELOGOUT, null); - config.putCustomParameterWithOutEscaption("errorMsg", + config.putCustomParameterWithOutEscaption(null, "errorMsg", MOAIDMessageProvider.getInstance().getMessage("slo.01", null)); - guiBuilder.build(resp, config, "Single-LogOut GUI"); + guiBuilder.build(req, resp, config, "Single-LogOut GUI"); } catch (GUIBuildException e) { e.printStackTrace(); @@ -251,10 +255,10 @@ public class IDPSingleLogOutServlet extends AbstractController { DefaultGUIFormBuilderConfiguration.VIEW_SINGLELOGOUT, null); - config.putCustomParameter("successMsg", + config.putCustomParameter(null, "successMsg", MOAIDMessageProvider.getInstance().getMessage("slo.02", null)); - guiBuilder.build(resp, config, "Single-LogOut GUI"); + guiBuilder.build(req, resp, config, "Single-LogOut GUI"); } catch (GUIBuildException e) { e.printStackTrace(); diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/RedirectServlet.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/RedirectServlet.java index 478462adb..abb19c6cf 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/RedirectServlet.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/RedirectServlet.java @@ -122,9 +122,9 @@ public class RedirectServlet { authURL, DefaultGUIFormBuilderConfiguration.VIEW_REDIRECT, null); - config.putCustomParameterWithOutEscaption(URL, StringEscapeUtils.escapeHtml(url)); - config.putCustomParameter(TARGET, redirectTarget); - guiBuilder.build(resp, config, "RedirectForm.html"); + config.putCustomParameterWithOutEscaption(null, URL, StringEscapeUtils.escapeHtml(url)); + config.putCustomParameter(null, TARGET, redirectTarget); + guiBuilder.build(req, resp, config, "RedirectForm.html"); } else if (MiscUtil.isNotEmpty(interIDP)) { //store IDP identifier and redirect to generate AuthRequst service @@ -153,10 +153,10 @@ public class RedirectServlet { authURL, DefaultGUIFormBuilderConfiguration.VIEW_REDIRECT, null); - config.putCustomParameterWithOutEscaption(URL, StringEscapeUtils.escapeHtml(url)); - config.putCustomParameter(TARGET, redirectTarget); + config.putCustomParameterWithOutEscaption(null, URL, StringEscapeUtils.escapeHtml(url)); + config.putCustomParameter(null, TARGET, redirectTarget); - guiBuilder.build(resp, config, "RedirectForm.html"); + guiBuilder.build(req, resp, config, "RedirectForm.html"); } diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/builder/attributes/SimpleStringAttributeGenerator.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/builder/attributes/SimpleStringAttributeGenerator.java deleted file mode 100644 index 5daa71b1f..000000000 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/builder/attributes/SimpleStringAttributeGenerator.java +++ /dev/null @@ -1,68 +0,0 @@ -/* - * Copyright 2014 Federal Chancellery Austria - * MOA-ID has been developed in a cooperation between BRZ, the Federal - * Chancellery Austria - ICT staff unit, and Graz University of Technology. - * - * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by - * the European Commission - subsequent versions of the EUPL (the "Licence"); - * You may not use this work except in compliance with the Licence. - * You may obtain a copy of the Licence at: - * http://www.osor.eu/eupl/ - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the Licence is distributed on an "AS IS" basis, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the Licence for the specific language governing permissions and - * limitations under the Licence. - * - * This product combines work with different licenses. See the "NOTICE" text - * file for details on the various modules and licenses. - * The "NOTICE" text file is part of the distribution. Any derivative works - * that you distribute must include a readable copy of the "NOTICE" text file. - */ -package at.gv.egovernment.moa.id.protocols.builder.attributes; - -import at.gv.egiz.eaaf.core.api.idp.IAttributeGenerator; - -/** - * @author tlenz - * - */ -public class SimpleStringAttributeGenerator implements IAttributeGenerator { - - /* (non-Javadoc) - * @see at.gv.egovernment.moa.id.protocols.builder.attributes.IAttributeGenerator#buildStringAttribute(java.lang.String, java.lang.String, java.lang.String) - */ - @Override - public String buildStringAttribute(String friendlyName, String name, String value) { - return value; - - } - - /* (non-Javadoc) - * @see at.gv.egovernment.moa.id.protocols.builder.attributes.IAttributeGenerator#buildIntegerAttribute(java.lang.String, java.lang.String, int) - */ - @Override - public String buildIntegerAttribute(String friendlyName, String name, int value) { - return String.valueOf(value); - - } - - /* (non-Javadoc) - * @see at.gv.egovernment.moa.id.protocols.builder.attributes.IAttributeGenerator#buildLongAttribute(java.lang.String, java.lang.String, long) - */ - @Override - public String buildLongAttribute(String friendlyName, String name, long value) { - return String.valueOf(value); - - } - - /* (non-Javadoc) - * @see at.gv.egovernment.moa.id.protocols.builder.attributes.IAttributeGenerator#buildEmptyAttribute(java.lang.String, java.lang.String) - */ - @Override - public String buildEmptyAttribute(String friendlyName, String name) { - return null; - } - -} diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/builder/SingleLogOutBuilder.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/builder/SingleLogOutBuilder.java index 8229fb405..19b79d165 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/builder/SingleLogOutBuilder.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/builder/SingleLogOutBuilder.java @@ -223,11 +223,11 @@ public class SingleLogOutBuilder { DefaultGUIFormBuilderConfiguration.VIEW_SINGLELOGOUT, null); - config.putCustomParameterWithOutEscaption("redirectURLs", sloReqList); - config.putCustomParameterWithOutEscaption("timeoutURL", timeOutURL); - config.putCustomParameter("timeout", String.valueOf(SLOTIMEOUT)); + config.putCustomParameterWithOutEscaption(null, "redirectURLs", sloReqList); + config.putCustomParameterWithOutEscaption(null, "timeoutURL", timeOutURL); + config.putCustomParameter(null, "timeout", String.valueOf(SLOTIMEOUT)); - guiBuilder.build(httpResp, config, "Single-LogOut GUI"); + guiBuilder.build(httpReq, httpResp, config, "Single-LogOut GUI"); } else { @@ -249,16 +249,16 @@ public class SingleLogOutBuilder { if (sloContainer.getSloFailedOAs() == null || sloContainer.getSloFailedOAs().size() == 0) { revisionsLogger.logEvent(sloContainer.getSessionID(), sloContainer.getTransactionID(), MOAIDEventConstants.AUTHPROCESS_SLO_ALL_VALID); - config.putCustomParameter("successMsg", + config.putCustomParameter(null, "successMsg", MOAIDMessageProvider.getInstance().getMessage("slo.00", null)); } else { revisionsLogger.logEvent(sloContainer.getSessionID(), sloContainer.getTransactionID(), MOAIDEventConstants.AUTHPROCESS_SLO_NOT_ALL_VALID); - config.putCustomParameterWithOutEscaption("errorMsg", + config.putCustomParameterWithOutEscaption(null, "errorMsg", MOAIDMessageProvider.getInstance().getMessage("slo.01", null)); } - guiBuilder.build(httpResp, config, "Single-LogOut GUI"); + guiBuilder.build(httpReq, httpResp, config, "Single-LogOut GUI"); } @@ -285,11 +285,11 @@ public class SingleLogOutBuilder { null); revisionsLogger.logEvent(sloContainer.getSessionID(), sloContainer.getTransactionID(), MOAIDEventConstants.AUTHPROCESS_SLO_NOT_ALL_VALID); - config.putCustomParameterWithOutEscaption("errorMsg", + config.putCustomParameterWithOutEscaption(null, "errorMsg", MOAIDMessageProvider.getInstance().getMessage("slo.01", null)); try { - guiBuilder.build(httpResp, config, "Single-LogOut GUI"); + guiBuilder.build(httpReq, httpResp, config, "Single-LogOut GUI"); } catch (GUIBuildException e1) { Logger.warn("Can not build GUI:'Single-LogOut'. Msg:" + e.getMessage()); diff --git a/id/server/idserverlib/src/main/resources/moaid.authentication.beans.xml b/id/server/idserverlib/src/main/resources/moaid.authentication.beans.xml index 02c683305..794b62477 100644 --- a/id/server/idserverlib/src/main/resources/moaid.authentication.beans.xml +++ b/id/server/idserverlib/src/main/resources/moaid.authentication.beans.xml @@ -21,36 +21,15 @@ - - - - - - - - - - - - - - - - - - - - - + + + diff --git a/id/server/idserverlib/src/test/java/at/gv/egovernment/moa/id/config/auth/data/DummyAuthConfig.java b/id/server/idserverlib/src/test/java/at/gv/egovernment/moa/id/config/auth/data/DummyAuthConfig.java index c0ae06a82..75f704045 100644 --- a/id/server/idserverlib/src/test/java/at/gv/egovernment/moa/id/config/auth/data/DummyAuthConfig.java +++ b/id/server/idserverlib/src/test/java/at/gv/egovernment/moa/id/config/auth/data/DummyAuthConfig.java @@ -432,24 +432,12 @@ public class DummyAuthConfig implements AuthConfiguration { return false; } - @Override - public URI getConfigurationFilePath() { - // TODO Auto-generated method stub - return null; - } - @Override public URI getConfigurationRootDirectory() { // TODO Auto-generated method stub return null; } - @Override - public Properties getFullConfigurationProperties() { - // TODO Auto-generated method stub - return null; - } - @Override public ISPConfiguration getServiceProviderConfiguration(String arg0) throws EAAFConfigurationException { // TODO Auto-generated method stub diff --git a/id/server/idserverlib/src/test/java/at/gv/egovernment/moa/id/config/auth/data/DummyAuthSession.java b/id/server/idserverlib/src/test/java/at/gv/egovernment/moa/id/config/auth/data/DummyAuthSession.java index ad68e089e..2d033d858 100644 --- a/id/server/idserverlib/src/test/java/at/gv/egovernment/moa/id/config/auth/data/DummyAuthSession.java +++ b/id/server/idserverlib/src/test/java/at/gv/egovernment/moa/id/config/auth/data/DummyAuthSession.java @@ -292,5 +292,15 @@ public class DummyAuthSession implements IAuthenticationSession, AuthProzessData } + @Override + public boolean isEIDProcess() { + return false; + } + + @Override + public void setEIDProcess(boolean value) { + + } + } diff --git a/id/server/idserverlib/src/test/java/at/gv/egovernment/moa/id/config/auth/data/DummyAuthStorage.java b/id/server/idserverlib/src/test/java/at/gv/egovernment/moa/id/config/auth/data/DummyAuthStorage.java index 846819868..d774cc8c3 100644 --- a/id/server/idserverlib/src/test/java/at/gv/egovernment/moa/id/config/auth/data/DummyAuthStorage.java +++ b/id/server/idserverlib/src/test/java/at/gv/egovernment/moa/id/config/auth/data/DummyAuthStorage.java @@ -20,7 +20,7 @@ import at.gv.egovernment.moa.id.commons.db.ex.MOADatabaseException; import at.gv.egovernment.moa.id.storage.IAuthenticationSessionStoreage; public class DummyAuthStorage implements IAuthenticationSessionStoreage { - + @Override public AuthenticationSession createInternalSSOSession(IRequest target) throws MOADatabaseException, BuildException { // TODO Auto-generated method stub diff --git a/id/server/idserverlib/src/test/java/test/tlenz/simpletest.java b/id/server/idserverlib/src/test/java/test/tlenz/simpletest.java index caf672d05..049c2324e 100644 --- a/id/server/idserverlib/src/test/java/test/tlenz/simpletest.java +++ b/id/server/idserverlib/src/test/java/test/tlenz/simpletest.java @@ -1,6 +1,5 @@ package test.tlenz; -import java.io.ByteArrayInputStream; import java.io.File; import java.io.FileInputStream; import java.io.InputStream; @@ -27,8 +26,6 @@ import at.gv.egovernment.moa.spss.api.xmlverify.VerifySignatureLocation; import at.gv.egovernment.moa.spss.api.xmlverify.VerifyXMLSignatureRequest; import at.gv.egovernment.moa.spss.api.xmlverify.VerifyXMLSignatureResponse; import iaik.asn1.ASN1; -import iaik.asn1.ASN1Object; -import iaik.utils.ASN1InputStream; /******************************************************************************* * Copyright 2014 Federal Chancellery Austria @@ -76,7 +73,8 @@ public class simpletest { try { try { - String test = "3082065406092A864886F70D010702A082064530820641020101310B300906052B240302010500300B06092A864886F70D010701A08204B3308204AF30820397A00302010202030E6CBE300D06092A864886F70D0101050500308197310B300906035504061302415431483046060355040A0C3F412D5472757374204765732E20662E20536963686572686569747373797374656D6520696D20656C656B74722E20446174656E7665726B65687220476D6248311E301C060355040B0C15612D7369676E2D5072656D69756D2D5369672D3032311E301C06035504030C15612D7369676E2D5072656D69756D2D5369672D3032301E170D3133303431303130343633335A170D3138303431303038343633335A305E310B30090603550406130241543116301406035504030C0D41726D696E20466973636865723110300E06035504040C0746697363686572310E300C060355042A0C0541726D696E311530130603550405130C3933373131343838363833343059301306072A8648CE3D020106082A8648CE3D03010703420004BF7ADE98B7CD89A0559F2BA9463454E08DBE3516A86BB7B8F4FDBB42FF24A03991AF5BD63D72197F63AB03C88260C31E4A9C17DB5E8681FCAE1D7CF90EB1ACD1A38202053082020130110603551D0E040A0408433A176E9B70B5CD300E0603551D0F0101FF0404030206C030130603551D23040C300A80084DDFE1FF4BD9C9DF301E0603551D1104173015811361726D696E40666973636865722E6F722E617430090603551D1304023000307B06082B06010505070101046F306D304206082B060105050730028636687474703A2F2F7777772E612D74727573742E61742F63657274732F612D7369676E2D5072656D69756D2D5369672D3032612E637274302706082B06010505073001861B687474703A2F2F6F6373702E612D74727573742E61742F6F63737030590603551D2004523050304406062A280011010B303A303806082B06010505070201162C687474703A2F2F7777772E612D74727573742E61742F646F63732F63702F612D7369676E2D5072656D69756D3008060604008B300101302706082B060105050701030101FF041830163008060604008E460101300A06082B06010505070B0130819A0603551D1F04819230818F30818CA08189A081868681836C6461703A2F2F6C6461702E612D74727573742E61742F6F753D612D7369676E2D5072656D69756D2D5369672D30322C6F3D412D54727573742C633D41543F63657274696669636174657265766F636174696F6E6C6973743F626173653F6F626A656374636C6173733D65696443657274696669636174696F6E417574686F72697479300D06092A864886F70D01010505000382010100352830958A68A260CFEFB1DA157C1452E22735A2BBC40F51A19D22481766537630C8E0C99CCE50F614E437ABFF943C7D6A69CCB0F79ED6A9B5356182DFBA095F3534671073D586F70B002CEF846E6D4447031AFBFE5D727D2A893688294D494C37454C187F15611EFDFA84D64D0C9D4E3EC9FF8A126A842EDB70D1F9AD497A1A11CC1363AAFD76D7412F21248B855363D3AB771C538D5610BC7F0FCEA359F33F5FA6A228E0539C16AF12A1B2DE608719CBE39C41AFE5BD0CDDC781F00C6A86B21BA252DD23DAEBB3B91CADE8278B330945CA11D4A77188197E744BA9B5288E9D4A4C7502D706D7CEA569D258E116E6ACE42F4C24449803076C30A7BABE26CAE7318201693082016502010130819F308197310B300906035504061302415431483046060355040A0C3F412D5472757374204765732E20662E20536963686572686569747373797374656D6520696D20656C656B74722E20446174656E7665726B65687220476D6248311E301C060355040B0C15612D7369676E2D5072656D69756D2D5369672D3032311E301C06035504030C15612D7369676E2D5072656D69756D2D5369672D303202030E6CBE300906052B240302010500A05F301806092A864886F70D010903310B06092A864886F70D010701301E06092A864886F70D0109053111180F32303137303631393130303130305A302306092A864886F70D010904311604149D0A3FDC7F8CED863952B468C927AC87CE227B68300E060A04007F0007010104010605000440002B459189C71E69CC13E111ED1F493D89681E0A815CCEA297AC3D76A48A75E7D11081F08D7A0FAA4210205D2B8A0A7A83E0F5211AD51BDE2581D4C4E400C06AA1000000000000000000000"; + //String test = "3082065406092A864886F70D010702A082064530820641020101310B300906052B240302010500300B06092A864886F70D010701A08204B3308204AF30820397A00302010202030E6CBE300D06092A864886F70D0101050500308197310B300906035504061302415431483046060355040A0C3F412D5472757374204765732E20662E20536963686572686569747373797374656D6520696D20656C656B74722E20446174656E7665726B65687220476D6248311E301C060355040B0C15612D7369676E2D5072656D69756D2D5369672D3032311E301C06035504030C15612D7369676E2D5072656D69756D2D5369672D3032301E170D3133303431303130343633335A170D3138303431303038343633335A305E310B30090603550406130241543116301406035504030C0D41726D696E20466973636865723110300E06035504040C0746697363686572310E300C060355042A0C0541726D696E311530130603550405130C3933373131343838363833343059301306072A8648CE3D020106082A8648CE3D03010703420004BF7ADE98B7CD89A0559F2BA9463454E08DBE3516A86BB7B8F4FDBB42FF24A03991AF5BD63D72197F63AB03C88260C31E4A9C17DB5E8681FCAE1D7CF90EB1ACD1A38202053082020130110603551D0E040A0408433A176E9B70B5CD300E0603551D0F0101FF0404030206C030130603551D23040C300A80084DDFE1FF4BD9C9DF301E0603551D1104173015811361726D696E40666973636865722E6F722E617430090603551D1304023000307B06082B06010505070101046F306D304206082B060105050730028636687474703A2F2F7777772E612D74727573742E61742F63657274732F612D7369676E2D5072656D69756D2D5369672D3032612E637274302706082B06010505073001861B687474703A2F2F6F6373702E612D74727573742E61742F6F63737030590603551D2004523050304406062A280011010B303A303806082B06010505070201162C687474703A2F2F7777772E612D74727573742E61742F646F63732F63702F612D7369676E2D5072656D69756D3008060604008B300101302706082B060105050701030101FF041830163008060604008E460101300A06082B06010505070B0130819A0603551D1F04819230818F30818CA08189A081868681836C6461703A2F2F6C6461702E612D74727573742E61742F6F753D612D7369676E2D5072656D69756D2D5369672D30322C6F3D412D54727573742C633D41543F63657274696669636174657265766F636174696F6E6C6973743F626173653F6F626A656374636C6173733D65696443657274696669636174696F6E417574686F72697479300D06092A864886F70D01010505000382010100352830958A68A260CFEFB1DA157C1452E22735A2BBC40F51A19D22481766537630C8E0C99CCE50F614E437ABFF943C7D6A69CCB0F79ED6A9B5356182DFBA095F3534671073D586F70B002CEF846E6D4447031AFBFE5D727D2A893688294D494C37454C187F15611EFDFA84D64D0C9D4E3EC9FF8A126A842EDB70D1F9AD497A1A11CC1363AAFD76D7412F21248B855363D3AB771C538D5610BC7F0FCEA359F33F5FA6A228E0539C16AF12A1B2DE608719CBE39C41AFE5BD0CDDC781F00C6A86B21BA252DD23DAEBB3B91CADE8278B330945CA11D4A77188197E744BA9B5288E9D4A4C7502D706D7CEA569D258E116E6ACE42F4C24449803076C30A7BABE26CAE7318201693082016502010130819F308197310B300906035504061302415431483046060355040A0C3F412D5472757374204765732E20662E20536963686572686569747373797374656D6520696D20656C656B74722E20446174656E7665726B65687220476D6248311E301C060355040B0C15612D7369676E2D5072656D69756D2D5369672D3032311E301C06035504030C15612D7369676E2D5072656D69756D2D5369672D303202030E6CBE300906052B240302010500A05F301806092A864886F70D010903310B06092A864886F70D010701301E06092A864886F70D0109053111180F32303137303631393130303130305A302306092A864886F70D010904311604149D0A3FDC7F8CED863952B468C927AC87CE227B68300E060A04007F0007010104010605000440002B459189C71E69CC13E111ED1F493D89681E0A815CCEA297AC3D76A48A75E7D11081F08D7A0FAA4210205D2B8A0A7A83E0F5211AD51BDE2581D4C4E400C06AA1000000000000000000000"; + String test = "308006092a864886f70d010702a0803080020101310f300d06096086480165030402010500308006092a864886f70d0107010000a08204953082049130820379a0030201020203133594300d06092a864886f70d0101050500308197310b300906035504061302415431483046060355040a0c3f412d5472757374204765732e20662e20536963686572686569747373797374656d6520696d20656c656b74722e20446174656e7665726b65687220476d6248311e301c060355040b0c15612d7369676e2d5072656d69756d2d5369672d3032311e301c06035504030c15612d7369676e2d5072656d69756d2d5369672d3032301e170d3134303530323039303734395a170d3139303530323039303734395a3060310b30090603550406130241543117301506035504030c0e4d6178204d75737465726d616e6e3113301106035504040c0a4d75737465726d616e6e310c300a060355042a0c034d6178311530130603550405130c3237333736313333323837363059301306072a8648ce3d020106082a8648ce3d03010703420004f7be38b8b730fd5ab3b62a54de3ca256f0f81c0b99116affce3326258448a23a1406207d6e9a8b217fee06466d43d7bed6cbf27c4e3049600576b66f8836a5f3a38201e5308201e130110603551d0e040a04084daa6d7cb1103d48300e0603551d0f0101ff0404030206c030130603551d23040c300a80084ddfe1ff4bd9c9df30090603551d1304023000307b06082b06010505070101046f306d304206082b060105050730028636687474703a2f2f7777772e612d74727573742e61742f63657274732f612d7369676e2d5072656d69756d2d5369672d3032612e637274302706082b06010505073001861b687474703a2f2f6f6373702e612d74727573742e61742f6f63737030590603551d2004523050304406062a280011010b303a303806082b06010505070201162c687474703a2f2f7777772e612d74727573742e61742f646f63732f63702f612d7369676e2d5072656d69756d3008060604008b300101302706082b060105050701030101ff041830163008060604008e460101300a06082b06010505070b0130819a0603551d1f04819230818f30818ca08189a081868681836c6461703a2f2f6c6461702e612d74727573742e61742f6f753d612d7369676e2d5072656d69756d2d5369672d30322c6f3d412d54727573742c633d41543f63657274696669636174657265766f636174696f6e6c6973743f626173653f6f626a656374636c6173733d65696443657274696669636174696f6e417574686f72697479300d06092a864886f70d01010505000382010100cd7da6254ccf3aec8479bddc2539ceb9ef591a1b51d8757bb6851d2974c909ada603ec18cf96da6a829ca71a6e55d84855f4d7e34776dc1b709c551e466069d6f3e1b805491ef86a9ac3e95ad871d3d382eab50e9268ea0b7312e40304d8215c6c42e5a101a73f839f47aa55ef47642c471d9e1852c6a67c5b0b6aab13d0e7340c0fdfc284a90ee1460baf17cab1d1eecfb513704fdd2460e65dd56fb644e19cc0a80883f31da1d4872809797964e6dc3bd6e09beb45ebc39abcb9356f564f24e2b01fdd9aa6b5353c8ee37f6938fc4b7de1480b4889c9a9b16d16a161db060fb0aa3681175209b7e48b9892c6de847eb76c5122f0543e637b7bc259a8507b883182010d3082010902010130819f308197310b300906035504061302415431483046060355040a0c3f412d5472757374204765732e20662e20536963686572686569747373797374656d6520696d20656c656b74722e20446174656e7665726b65687220476d6248311e301c060355040b0c15612d7369676e2d5072656d69756d2d5369672d3032311e301c06035504030c15612d7369676e2d5072656d69756d2d5369672d30320203133594300d06096086480165030402010500300b06072a8648ce3d0201050004463044022079c3a32116fba799d77df0458e88f1d3370251382030f8d54f136afbe6635c39022072dc7bc7411a96b47717817f9c851954f6b511a30e47944221acc985bab6502b00000000000000000"; byte[] bytes = new byte[test.length()/2]; for (int i=0; i + + at.gv.egiz.eaaf + eaaf_core_api + at.gv.egiz.eaaf eaaf-core diff --git a/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/id/commons/api/data/IVerifiyXMLSignatureResponse.java b/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/id/commons/api/data/IVerifiyXMLSignatureResponse.java index 08dfcae71..b08a49895 100644 --- a/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/id/commons/api/data/IVerifiyXMLSignatureResponse.java +++ b/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/id/commons/api/data/IVerifiyXMLSignatureResponse.java @@ -156,6 +156,5 @@ public interface IVerifiyXMLSignatureResponse { Date getSigningDateTime(); - void setSigningDateTime(Date signingDateTime); } \ No newline at end of file diff --git a/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/id/commons/utils/X509Utils.java b/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/id/commons/utils/X509Utils.java deleted file mode 100644 index 026b1a5fb..000000000 --- a/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/id/commons/utils/X509Utils.java +++ /dev/null @@ -1,62 +0,0 @@ -package at.gv.egovernment.moa.id.commons.utils; - -import java.security.cert.X509Certificate; -import java.util.List; - -import javax.security.auth.x500.X500Principal; - -public class X509Utils { - - /** - * Sorts the Certificate Chain by IssuerDN and SubjectDN. The [0]-Element should be the Hostname, - * the last Element should be the Root Certificate. - * - * @param certs - * The first element must be the correct one. - * @return sorted Certificate Chain - */ - public static List sortCertificates( - List certs) - { - int length = certs.size(); - if (certs.size() <= 1) - { - return certs; - } - - for (X509Certificate cert : certs) - { - if (cert == null) - { - throw new NullPointerException(); - } - } - - for (int i = 0; i < length; i++) - { - boolean found = false; - X500Principal issuer = certs.get(i).getIssuerX500Principal(); - for (int j = i + 1; j < length; j++) - { - X500Principal subject = certs.get(j).getSubjectX500Principal(); - if (issuer.equals(subject)) - { - // sorting necessary? - if (i + 1 != j) - { - X509Certificate tmp = certs.get(i + 1); - certs.set(i + 1, certs.get(j)); - certs.set(j, tmp); - } - found = true; - } - } - if (!found) - { - break; - } - } - - return certs; - } -} diff --git a/id/server/moa-id-frontend-resources/src/main/java/at/gv/egovernment/moa/id/auth/frontend/MOAIDGuiBilderConfigurationFactory.java b/id/server/moa-id-frontend-resources/src/main/java/at/gv/egovernment/moa/id/auth/frontend/MOAIDGuiBilderConfigurationFactory.java index f32b90eb0..2422fdfa8 100644 --- a/id/server/moa-id-frontend-resources/src/main/java/at/gv/egovernment/moa/id/auth/frontend/MOAIDGuiBilderConfigurationFactory.java +++ b/id/server/moa-id-frontend-resources/src/main/java/at/gv/egovernment/moa/id/auth/frontend/MOAIDGuiBilderConfigurationFactory.java @@ -6,12 +6,13 @@ import java.net.URI; import at.gv.egiz.eaaf.core.api.IRequest; import at.gv.egiz.eaaf.core.api.gui.IGUIBuilderConfiguration; import at.gv.egiz.eaaf.core.api.gui.IGUIBuilderConfigurationFactory; +import at.gv.egiz.eaaf.core.api.gui.IVelocityGUIBuilderConfiguration; import at.gv.egovernment.moa.id.auth.frontend.builder.DefaultGUIFormBuilderConfiguration; import at.gv.egovernment.moa.id.auth.frontend.builder.SPSpecificGUIBuilderConfigurationWithFileSystemLoad; import at.gv.egovernment.moa.id.commons.config.MOAIDConfigurationConstants; public class MOAIDGuiBilderConfigurationFactory implements IGUIBuilderConfigurationFactory { - + @Override public IGUIBuilderConfiguration getDefaultErrorGUI(String authURL) { return new DefaultGUIFormBuilderConfiguration(authURL, @@ -20,7 +21,7 @@ public class MOAIDGuiBilderConfigurationFactory implements IGUIBuilderConfigurat } @Override - public IGUIBuilderConfiguration getSPSpecificSAML2PostConfiguration(IRequest pendingReq, String viewName, URI configRootDir) + public IVelocityGUIBuilderConfiguration getSPSpecificSAML2PostConfiguration(IRequest pendingReq, String viewName, URI configRootDir) throws MalformedURLException { return new SPSpecificGUIBuilderConfigurationWithFileSystemLoad( pendingReq, diff --git a/id/server/moa-id-frontend-resources/src/main/java/at/gv/egovernment/moa/id/auth/frontend/builder/AbstractServiceProviderSpecificGUIFormBuilderConfiguration.java b/id/server/moa-id-frontend-resources/src/main/java/at/gv/egovernment/moa/id/auth/frontend/builder/AbstractServiceProviderSpecificGUIFormBuilderConfiguration.java index c9dcd291a..5ef48526e 100644 --- a/id/server/moa-id-frontend-resources/src/main/java/at/gv/egovernment/moa/id/auth/frontend/builder/AbstractServiceProviderSpecificGUIFormBuilderConfiguration.java +++ b/id/server/moa-id-frontend-resources/src/main/java/at/gv/egovernment/moa/id/auth/frontend/builder/AbstractServiceProviderSpecificGUIFormBuilderConfiguration.java @@ -26,10 +26,12 @@ import java.io.ByteArrayInputStream; import java.io.InputStream; import java.util.HashMap; import java.util.Map; +import java.util.Map.Entry; import org.apache.commons.lang.StringEscapeUtils; import at.gv.egiz.eaaf.core.api.IRequest; +import at.gv.egiz.eaaf.core.api.gui.IVelocityGUIBuilderConfiguration; import at.gv.egiz.eaaf.core.impl.gui.AbstractGUIFormBuilderConfiguration; import at.gv.egovernment.moa.id.auth.frontend.utils.FormBuildUtils; import at.gv.egovernment.moa.id.commons.MOAIDAuthConstants; @@ -42,7 +44,8 @@ import at.gv.egovernment.moa.util.MiscUtil; * @author tlenz * */ -public abstract class AbstractServiceProviderSpecificGUIFormBuilderConfiguration extends AbstractGUIFormBuilderConfiguration { +public abstract class AbstractServiceProviderSpecificGUIFormBuilderConfiguration extends AbstractGUIFormBuilderConfiguration + implements IVelocityGUIBuilderConfiguration { public static final String VIEW_TEMPLATE_MAINGUI_DIRECTORY = "mainGUI/"; @@ -116,59 +119,65 @@ public abstract class AbstractServiceProviderSpecificGUIFormBuilderConfiguration * @see at.gv.egovernment.moa.id.auth.frontend.builder.IGUIBuilderConfiguration#getViewParameters() */ @Override - public final Map getSpecificViewParameters() { - Map params = new HashMap(); - params.put(PARAM_BKU_ONLINE, IOAAuthParameters.THIRDBKU); - params.put(PARAM_BKU_HANDY, IOAAuthParameters.HANDYBKU); - params.put(PARAM_BKU_LOCAL, IOAAuthParameters.LOCALBKU); + public final void putSpecificViewParameters() { + + if (customParameters == null) + customParameters = new HashMap(); + + setViewParameter(null, PARAM_BKU_ONLINE, IOAAuthParameters.THIRDBKU); + setViewParameter(null, PARAM_BKU_HANDY, IOAAuthParameters.HANDYBKU); + setViewParameter(null, PARAM_BKU_LOCAL, IOAAuthParameters.LOCALBKU); if (pendingReq != null) { - params.put(PARAM_PENDINGREQUESTID, StringEscapeUtils.escapeHtml(pendingReq.getPendingRequestId())); + setViewParameter(null, PARAM_PENDINGREQUESTID, StringEscapeUtils.escapeHtml(pendingReq.getPendingRequestId())); //add service-provider specific GUI parameters IOAAuthParameters oaParam = pendingReq.getServiceProviderConfiguration(IOAAuthParameters.class); if (oaParam != null) { - params.put(PARAM_OANAME, StringEscapeUtils.escapeHtml(oaParam.getFriendlyName())); + setViewParameter(null, PARAM_OANAME, StringEscapeUtils.escapeHtml(oaParam.getFriendlyName())); //set BKU URLs if (MiscUtil.isNotEmpty(oaParam.getBKUURL(IOAAuthParameters.LOCALBKU))) - params.put(PARAM_BKU_URL_LOCAL, oaParam.getBKUURL(IOAAuthParameters.LOCALBKU)); + setViewParameter(null, PARAM_BKU_URL_LOCAL, oaParam.getBKUURL(IOAAuthParameters.LOCALBKU)); else - params.put(PARAM_BKU_URL_LOCAL, MOAIDAuthConstants.DEFAULT_BKU_HTTPS); + setViewParameter(null, PARAM_BKU_URL_LOCAL, MOAIDAuthConstants.DEFAULT_BKU_HTTPS); if (MiscUtil.isNotEmpty(oaParam.getBKUURL(IOAAuthParameters.HANDYBKU))) - params.put(PARAM_BKU_URL_HANDY, oaParam.getBKUURL(IOAAuthParameters.HANDYBKU)); + setViewParameter(null, PARAM_BKU_URL_HANDY, oaParam.getBKUURL(IOAAuthParameters.HANDYBKU)); if (MiscUtil.isNotEmpty(oaParam.getBKUURL(IOAAuthParameters.THIRDBKU))) - params.put(PARAM_BKU_URL_THIRD, oaParam.getBKUURL(IOAAuthParameters.THIRDBKU)); + setViewParameter(null, PARAM_BKU_URL_THIRD, oaParam.getBKUURL(IOAAuthParameters.THIRDBKU)); //set eIDAS login information if requird if (oaParam.isShowStorkLogin()) { - addCountrySelection(params, oaParam); - params.put(PARAM_EIDAS_VISIBLE, ""); + addCountrySelection(customParameters, oaParam); + setViewParameter(null, PARAM_EIDAS_VISIBLE, ""); } else { - params.put(PARAM_COUNTRYLIST, ""); - params.put(PARAM_EIDAS_VISIBLE, FormBuildUtils.TEMPLATEVISIBLE); + setViewParameter(null, PARAM_COUNTRYLIST, ""); + setViewParameter(null, PARAM_EIDAS_VISIBLE, FormBuildUtils.TEMPLATEVISIBLE); } - FormBuildUtils.customiceLayoutBKUSelection(params, oaParam); + FormBuildUtils.customiceLayoutBKUSelection(customParameters, oaParam); } else - FormBuildUtils.defaultLayoutBKUSelection(params); + FormBuildUtils.defaultLayoutBKUSelection(customParameters); } else { //add default GUI parameters - FormBuildUtils.defaultLayoutBKUSelection(params); + FormBuildUtils.defaultLayoutBKUSelection(customParameters); } //add additional custom parameters - if (customParameters != null) - params.putAll(customParameters); + if (customParameters != null) { + for (Entry el : customParameters.entrySet()) + setViewParameter(null, el.getKey(), el.getValue()); + } + - return params; + } /** @@ -246,6 +255,8 @@ public abstract class AbstractServiceProviderSpecificGUIFormBuilderConfiguration public void setTemplateClasspahtDir(String templateClasspahtDir) { this.templateClasspahtDir = templateClasspahtDir; } + + diff --git a/id/server/moa-id-frontend-resources/src/main/java/at/gv/egovernment/moa/id/auth/frontend/builder/DefaultGUIFormBuilderConfiguration.java b/id/server/moa-id-frontend-resources/src/main/java/at/gv/egovernment/moa/id/auth/frontend/builder/DefaultGUIFormBuilderConfiguration.java index e59c19219..85d8413ae 100644 --- a/id/server/moa-id-frontend-resources/src/main/java/at/gv/egovernment/moa/id/auth/frontend/builder/DefaultGUIFormBuilderConfiguration.java +++ b/id/server/moa-id-frontend-resources/src/main/java/at/gv/egovernment/moa/id/auth/frontend/builder/DefaultGUIFormBuilderConfiguration.java @@ -25,10 +25,12 @@ package at.gv.egovernment.moa.id.auth.frontend.builder; import java.io.InputStream; import java.util.HashMap; import java.util.Map; +import java.util.Map.Entry; import org.apache.commons.lang.StringEscapeUtils; import at.gv.egiz.eaaf.core.api.IRequest; +import at.gv.egiz.eaaf.core.api.gui.IVelocityGUIBuilderConfiguration; import at.gv.egiz.eaaf.core.api.gui.ModifyableGuiBuilderConfiguration; import at.gv.egiz.eaaf.core.impl.gui.AbstractGUIFormBuilderConfiguration; @@ -38,7 +40,7 @@ import at.gv.egiz.eaaf.core.impl.gui.AbstractGUIFormBuilderConfiguration; * @author tlenz * */ -public class DefaultGUIFormBuilderConfiguration extends AbstractGUIFormBuilderConfiguration implements ModifyableGuiBuilderConfiguration { +public class DefaultGUIFormBuilderConfiguration extends AbstractGUIFormBuilderConfiguration implements ModifyableGuiBuilderConfiguration, IVelocityGUIBuilderConfiguration { public static final String VIEW_REDIRECT = "redirectForm.html"; public static final String VIEW_ERRORMESSAGE = "error_message.html"; @@ -76,7 +78,7 @@ public class DefaultGUIFormBuilderConfiguration extends AbstractGUIFormBuilderCo * @see at.gv.egovernment.moa.id.auth.frontend.builder.ModifyableGuiBuilderConfiguration#putCustomParameterWithOutEscaption(java.lang.String, java.lang.Object) */ @Override - public void putCustomParameterWithOutEscaption(String key, Object value) { + public void putCustomParameterWithOutEscaption(String group, String key, Object value) { if (customParameters == null) customParameters = new HashMap(); @@ -87,7 +89,7 @@ public class DefaultGUIFormBuilderConfiguration extends AbstractGUIFormBuilderCo * @see at.gv.egovernment.moa.id.auth.frontend.builder.ModifyableGuiBuilderConfiguration#putCustomParameter(java.lang.String, java.lang.String) */ @Override - public void putCustomParameter(String key, String value) { + public void putCustomParameter(String group, String key, String value) { if (customParameters == null) customParameters = new HashMap(); @@ -99,16 +101,17 @@ public class DefaultGUIFormBuilderConfiguration extends AbstractGUIFormBuilderCo * @see at.gv.egovernment.moa.id.auth.frontend.builder.IGUIBuilderConfiguration#getViewParameters() */ @Override - public Map getSpecificViewParameters() { - Map params = new HashMap(); + public void putSpecificViewParameters() { if (pendingReq != null) { - params.put(PARAM_PENDINGREQUESTID, StringEscapeUtils.escapeHtml(pendingReq.getPendingRequestId())); + setViewParameter(null, PARAM_PENDINGREQUESTID, StringEscapeUtils.escapeHtml(pendingReq.getPendingRequestId())); } - if (customParameters != null) - params.putAll(customParameters); + //add additional custom parameters + if (customParameters != null) { + for (Entry el : customParameters.entrySet()) + setViewParameter(null, el.getKey(), el.getValue()); + } - return params; } /* (non-Javadoc) @@ -137,4 +140,6 @@ public class DefaultGUIFormBuilderConfiguration extends AbstractGUIFormBuilderCo return null; } + + } diff --git a/id/server/moa-id-frontend-resources/src/main/java/at/gv/egovernment/moa/id/auth/frontend/builder/GUIFormBuilderImpl.java b/id/server/moa-id-frontend-resources/src/main/java/at/gv/egovernment/moa/id/auth/frontend/builder/GUIFormBuilderImpl.java index 43d499589..20f919d0c 100644 --- a/id/server/moa-id-frontend-resources/src/main/java/at/gv/egovernment/moa/id/auth/frontend/builder/GUIFormBuilderImpl.java +++ b/id/server/moa-id-frontend-resources/src/main/java/at/gv/egovernment/moa/id/auth/frontend/builder/GUIFormBuilderImpl.java @@ -30,9 +30,9 @@ import java.net.URI; import org.springframework.beans.factory.annotation.Autowired; import org.springframework.stereotype.Service; -import at.gv.egiz.eaaf.core.api.gui.IGUIBuilderConfiguration; +import at.gv.egiz.eaaf.core.api.gui.IVelocityGUIBuilderConfiguration; import at.gv.egiz.eaaf.core.exceptions.GUIBuildException; -import at.gv.egiz.eaaf.core.impl.gui.AbstractGUIFormBuilderImpl; +import at.gv.egiz.eaaf.core.impl.gui.AbstractVelocityGUIFormBuilderImpl; import at.gv.egovernment.moa.id.commons.api.AuthConfiguration; import at.gv.egovernment.moa.logging.Logger; @@ -41,7 +41,7 @@ import at.gv.egovernment.moa.logging.Logger; * */ @Service("guiFormBuilder") -public class GUIFormBuilderImpl extends AbstractGUIFormBuilderImpl { +public class GUIFormBuilderImpl extends AbstractVelocityGUIFormBuilderImpl { private static final String CONFIG_HTMLTEMPLATES_DIR = "htmlTemplates/"; @@ -55,7 +55,7 @@ public class GUIFormBuilderImpl extends AbstractGUIFormBuilderImpl { } @Override - protected InputStream getInternalTemplate(IGUIBuilderConfiguration config) throws GUIBuildException { + protected InputStream getInternalTemplate(IVelocityGUIBuilderConfiguration config) throws GUIBuildException { String viewName = config.getViewName(); //load specific template diff --git a/id/server/moa-id-spring-initializer/pom.xml b/id/server/moa-id-spring-initializer/pom.xml index d838bbe53..967a7cc7c 100644 --- a/id/server/moa-id-spring-initializer/pom.xml +++ b/id/server/moa-id-spring-initializer/pom.xml @@ -26,7 +26,6 @@ at.gv.egiz.components egiz-spring-api - 0.1 diff --git a/id/server/moa-id-spring-initializer/src/main/java/at/gv/egovernment/moa/id/auth/MOAContextCloseHandler.java b/id/server/moa-id-spring-initializer/src/main/java/at/gv/egovernment/moa/id/auth/MOAContextCloseHandler.java index 59779060f..c97cf2c08 100644 --- a/id/server/moa-id-spring-initializer/src/main/java/at/gv/egovernment/moa/id/auth/MOAContextCloseHandler.java +++ b/id/server/moa-id-spring-initializer/src/main/java/at/gv/egovernment/moa/id/auth/MOAContextCloseHandler.java @@ -37,7 +37,7 @@ import org.springframework.scheduling.concurrent.ThreadPoolTaskExecutor; import org.springframework.scheduling.concurrent.ThreadPoolTaskScheduler; import org.springframework.stereotype.Component; -import at.gv.egiz.eaaf.core.api.IDestroyableObject; +import at.gv.egiz.components.spring.api.IDestroyableObject; import at.gv.egovernment.moa.logging.Logger; /** diff --git a/id/server/modules/moa-id-modul-citizencard_authentication/src/main/java/at/gv/egovernment/moa/id/auth/servlet/CitizenCardAuthProcessEngineSignalController.java b/id/server/modules/moa-id-modul-citizencard_authentication/src/main/java/at/gv/egovernment/moa/id/auth/servlet/CitizenCardAuthProcessEngineSignalController.java index 582af517c..b63501a6f 100644 --- a/id/server/modules/moa-id-modul-citizencard_authentication/src/main/java/at/gv/egovernment/moa/id/auth/servlet/CitizenCardAuthProcessEngineSignalController.java +++ b/id/server/modules/moa-id-modul-citizencard_authentication/src/main/java/at/gv/egovernment/moa/id/auth/servlet/CitizenCardAuthProcessEngineSignalController.java @@ -31,6 +31,7 @@ import org.springframework.stereotype.Controller; import org.springframework.web.bind.annotation.RequestMapping; import org.springframework.web.bind.annotation.RequestMethod; +import at.gv.egiz.eaaf.core.exceptions.EAAFException; import at.gv.egiz.eaaf.core.impl.idp.controller.AbstractProcessEngineSignalController; /** @@ -47,7 +48,7 @@ public class CitizenCardAuthProcessEngineSignalController extends AbstractProces "/VerifyIdentityLink" }, method = {RequestMethod.POST, RequestMethod.GET}) - public void performCitizenCardAuthentication(HttpServletRequest req, HttpServletResponse resp) throws IOException { + public void performCitizenCardAuthentication(HttpServletRequest req, HttpServletResponse resp) throws IOException, EAAFException { signalProcessManagement(req, resp); } diff --git a/id/server/modules/moa-id-module-AT_eIDAS_connector/pom.xml b/id/server/modules/moa-id-module-AT_eIDAS_connector/pom.xml index c340f90c9..481313035 100644 --- a/id/server/modules/moa-id-module-AT_eIDAS_connector/pom.xml +++ b/id/server/modules/moa-id-module-AT_eIDAS_connector/pom.xml @@ -43,7 +43,10 @@ MOA.id.server moa-id-lib - + + at.gv.egiz.components + egiz-spring-api + org.springframework diff --git a/id/server/modules/moa-id-module-AT_eIDAS_connector/src/main/java/at/gv/egovernment/moa/id/auth/modules/eIDAScentralAuth/controller/EidasCentralAuthMetadataController.java b/id/server/modules/moa-id-module-AT_eIDAS_connector/src/main/java/at/gv/egovernment/moa/id/auth/modules/eIDAScentralAuth/controller/EidasCentralAuthMetadataController.java index 4898c8f1e..b80e995ed 100644 --- a/id/server/modules/moa-id-module-AT_eIDAS_connector/src/main/java/at/gv/egovernment/moa/id/auth/modules/eIDAScentralAuth/controller/EidasCentralAuthMetadataController.java +++ b/id/server/modules/moa-id-module-AT_eIDAS_connector/src/main/java/at/gv/egovernment/moa/id/auth/modules/eIDAScentralAuth/controller/EidasCentralAuthMetadataController.java @@ -37,6 +37,7 @@ import org.springframework.web.bind.annotation.RequestMethod; import com.google.common.net.MediaType; +import at.gv.egiz.eaaf.core.exceptions.EAAFException; import at.gv.egiz.eaaf.core.impl.data.Pair; import at.gv.egiz.eaaf.core.impl.idp.controller.AbstractController; import at.gv.egiz.eaaf.core.impl.utils.HTTPUtils; @@ -72,7 +73,7 @@ public class EidasCentralAuthMetadataController extends AbstractController { @RequestMapping(value = EidasCentralAuthConstants.ENDPOINT_METADATA, method = {RequestMethod.GET}) - public void getSPMetadata(HttpServletRequest req, HttpServletResponse resp) throws IOException { + public void getSPMetadata(HttpServletRequest req, HttpServletResponse resp) throws IOException, EAAFException { //check PublicURL prefix try { String authURL = HTTPUtils.extractAuthURLFromRequest(req); @@ -101,7 +102,7 @@ public class EidasCentralAuthMetadataController extends AbstractController { } catch (Exception e) { Logger.warn("Build federated-authentication PVP metadata FAILED.", e); - handleErrorNoRedirect(e, req, resp, false); + protAuthService.handleErrorNoRedirect(e, req, resp, false); } diff --git a/id/server/modules/moa-id-module-AT_eIDAS_connector/src/main/java/at/gv/egovernment/moa/id/auth/modules/eIDAScentralAuth/controller/EidasCentralAuthSignalController.java b/id/server/modules/moa-id-module-AT_eIDAS_connector/src/main/java/at/gv/egovernment/moa/id/auth/modules/eIDAScentralAuth/controller/EidasCentralAuthSignalController.java index 1486ef841..60a98213e 100644 --- a/id/server/modules/moa-id-module-AT_eIDAS_connector/src/main/java/at/gv/egovernment/moa/id/auth/modules/eIDAScentralAuth/controller/EidasCentralAuthSignalController.java +++ b/id/server/modules/moa-id-module-AT_eIDAS_connector/src/main/java/at/gv/egovernment/moa/id/auth/modules/eIDAScentralAuth/controller/EidasCentralAuthSignalController.java @@ -32,6 +32,7 @@ import org.springframework.stereotype.Controller; import org.springframework.web.bind.annotation.RequestMapping; import org.springframework.web.bind.annotation.RequestMethod; +import at.gv.egiz.eaaf.core.exceptions.EAAFException; import at.gv.egiz.eaaf.core.impl.idp.controller.AbstractProcessEngineSignalController; import at.gv.egovernment.moa.id.auth.modules.eIDAScentralAuth.EidasCentralAuthConstants; import at.gv.egovernment.moa.logging.Logger; @@ -55,7 +56,7 @@ public class EidasCentralAuthSignalController extends AbstractProcessEngineSigna EidasCentralAuthConstants.ENDPOINT_REDIRECT }, method = {RequestMethod.POST, RequestMethod.GET}) - public void performCitizenCardAuthentication(HttpServletRequest req, HttpServletResponse resp) throws IOException { + public void performCitizenCardAuthentication(HttpServletRequest req, HttpServletResponse resp) throws IOException, EAAFException { signalProcessManagement(req, resp); } diff --git a/id/server/modules/moa-id-module-AT_eIDAS_connector/src/main/java/at/gv/egovernment/moa/id/auth/modules/eIDAScentralAuth/utils/EidasCentralAuthMetadataProvider.java b/id/server/modules/moa-id-module-AT_eIDAS_connector/src/main/java/at/gv/egovernment/moa/id/auth/modules/eIDAScentralAuth/utils/EidasCentralAuthMetadataProvider.java index cd3f1f788..3a4bcdc48 100644 --- a/id/server/modules/moa-id-module-AT_eIDAS_connector/src/main/java/at/gv/egovernment/moa/id/auth/modules/eIDAScentralAuth/utils/EidasCentralAuthMetadataProvider.java +++ b/id/server/modules/moa-id-module-AT_eIDAS_connector/src/main/java/at/gv/egovernment/moa/id/auth/modules/eIDAScentralAuth/utils/EidasCentralAuthMetadataProvider.java @@ -44,7 +44,7 @@ import org.opensaml.xml.parse.BasicParserPool; import org.springframework.beans.factory.annotation.Autowired; import org.springframework.stereotype.Service; -import at.gv.egiz.eaaf.core.api.IDestroyableObject; +import at.gv.egiz.components.spring.api.IDestroyableObject; import at.gv.egiz.eaaf.modules.pvp2.impl.metadata.MetadataFilterChain; import at.gv.egiz.eaaf.modules.pvp2.impl.metadata.SimpleMetadataProvider; import at.gv.egiz.eaaf.modules.pvp2.impl.validation.metadata.SchemaValidationFilter; diff --git a/id/server/modules/moa-id-module-eIDAS/pom.xml b/id/server/modules/moa-id-module-eIDAS/pom.xml index 5f4192645..6dabb938e 100644 --- a/id/server/modules/moa-id-module-eIDAS/pom.xml +++ b/id/server/modules/moa-id-module-eIDAS/pom.xml @@ -69,6 +69,12 @@ + + + com.google.code.gson + gson + 2.8.5 + eu.eidas.extension.eID4U @@ -76,6 +82,11 @@ ${eID4U.module.version} + + at.gv.egiz.components + egiz-spring-api + + com.google.code.findbugs jsr305 diff --git a/id/server/modules/moa-id-module-eIDAS/src/main/java/at/gv/egovernment/moa/id/auth/modules/eidas/AustrianAuthWitheID4UAuthenticationModulImpl.java b/id/server/modules/moa-id-module-eIDAS/src/main/java/at/gv/egovernment/moa/id/auth/modules/eidas/AustrianAuthWitheID4UAuthenticationModulImpl.java index d3aa7b4a0..6efa55ac8 100644 --- a/id/server/modules/moa-id-module-eIDAS/src/main/java/at/gv/egovernment/moa/id/auth/modules/eidas/AustrianAuthWitheID4UAuthenticationModulImpl.java +++ b/id/server/modules/moa-id-module-eIDAS/src/main/java/at/gv/egovernment/moa/id/auth/modules/eidas/AustrianAuthWitheID4UAuthenticationModulImpl.java @@ -30,6 +30,7 @@ import at.gv.egiz.eaaf.core.api.IRequest; import at.gv.egiz.eaaf.core.api.IRequestStorage; import at.gv.egiz.eaaf.core.api.data.EAAFConstants; import at.gv.egiz.eaaf.core.api.idp.process.ExecutionContext; +import at.gv.egiz.eaaf.core.exceptions.PendingReqIdValidationException; import at.gv.egovernment.moa.id.auth.modules.internal.DefaultCitizenCardAuthModuleImpl; import at.gv.egovernment.moa.id.protocols.eidas.EIDASData; import at.gv.egovernment.moa.logging.Logger; @@ -72,11 +73,19 @@ public class AustrianAuthWitheID4UAuthenticationModulImpl extends DefaultCitizen Logger.warn("Process execution context contains NO 'pendingReqId'. Looks very suspect!"); else { - IRequest pendingReq = requestStore.getPendingRequest(pendingReqId); - if (pendingReq != null && pendingReq instanceof EIDASData) { - return "eID4UAttributCollectionAuthentication"; - + IRequest pendingReq; + try { + pendingReq = requestStore.getPendingRequest(pendingReqId); + if (pendingReq != null && pendingReq instanceof EIDASData) { + return "eID4UAttributCollectionAuthentication"; + + } + + } catch (PendingReqIdValidationException e) { + Logger.warn("Validation of PendingRequestId FAILED. Reason: " + e.getMessage()); + } + } } diff --git a/id/server/modules/moa-id-module-eIDAS/src/main/java/at/gv/egovernment/moa/id/auth/modules/eidas/eID4UAPSignalServlet.java b/id/server/modules/moa-id-module-eIDAS/src/main/java/at/gv/egovernment/moa/id/auth/modules/eidas/eID4UAPSignalServlet.java index c8c65ce76..65b6d1725 100644 --- a/id/server/modules/moa-id-module-eIDAS/src/main/java/at/gv/egovernment/moa/id/auth/modules/eidas/eID4UAPSignalServlet.java +++ b/id/server/modules/moa-id-module-eIDAS/src/main/java/at/gv/egovernment/moa/id/auth/modules/eidas/eID4UAPSignalServlet.java @@ -9,6 +9,7 @@ import org.springframework.stereotype.Controller; import org.springframework.web.bind.annotation.RequestMapping; import org.springframework.web.bind.annotation.RequestMethod; +import at.gv.egiz.eaaf.core.exceptions.EAAFException; import at.gv.egiz.eaaf.core.impl.idp.controller.AbstractProcessEngineSignalController; import at.gv.egovernment.moa.id.protocols.oauth20.OAuth20Constants; import at.gv.egovernment.moa.id.util.CookieUtils; @@ -26,7 +27,7 @@ public class eID4UAPSignalServlet extends AbstractProcessEngineSignalController @RequestMapping(value = {eID4UConstants.HTTP_ENDPOINT_AP_CONSENT_RETURN }, method = {RequestMethod.POST, RequestMethod.GET}) - public void performCitizenCardAuthentication(HttpServletRequest req, HttpServletResponse resp) throws IOException { + public void performCitizenCardAuthentication(HttpServletRequest req, HttpServletResponse resp) throws IOException, EAAFException { signalProcessManagement(req, resp); } diff --git a/id/server/modules/moa-id-module-eIDAS/src/main/java/at/gv/egovernment/moa/id/auth/modules/eidas/eIDASSignalServlet.java b/id/server/modules/moa-id-module-eIDAS/src/main/java/at/gv/egovernment/moa/id/auth/modules/eidas/eIDASSignalServlet.java index 49d98ed33..70c86dad8 100644 --- a/id/server/modules/moa-id-module-eIDAS/src/main/java/at/gv/egovernment/moa/id/auth/modules/eidas/eIDASSignalServlet.java +++ b/id/server/modules/moa-id-module-eIDAS/src/main/java/at/gv/egovernment/moa/id/auth/modules/eidas/eIDASSignalServlet.java @@ -32,6 +32,7 @@ import org.springframework.stereotype.Controller; import org.springframework.web.bind.annotation.RequestMapping; import org.springframework.web.bind.annotation.RequestMethod; +import at.gv.egiz.eaaf.core.exceptions.EAAFException; import at.gv.egiz.eaaf.core.impl.idp.controller.AbstractProcessEngineSignalController; import at.gv.egovernment.moa.logging.Logger; @@ -54,7 +55,7 @@ public class eIDASSignalServlet extends AbstractProcessEngineSignalController { "/eidas/sp/redirect" }, method = {RequestMethod.POST, RequestMethod.GET}) - public void performCitizenCardAuthentication(HttpServletRequest req, HttpServletResponse resp) throws IOException { + public void performCitizenCardAuthentication(HttpServletRequest req, HttpServletResponse resp) throws IOException, EAAFException { signalProcessManagement(req, resp); } diff --git a/id/server/modules/moa-id-module-eIDAS/src/main/java/at/gv/egovernment/moa/id/auth/modules/eidas/engine/MOAeIDASChainingMetadataProvider.java b/id/server/modules/moa-id-module-eIDAS/src/main/java/at/gv/egovernment/moa/id/auth/modules/eidas/engine/MOAeIDASChainingMetadataProvider.java index feeff6f84..2a401bb04 100644 --- a/id/server/modules/moa-id-module-eIDAS/src/main/java/at/gv/egovernment/moa/id/auth/modules/eidas/engine/MOAeIDASChainingMetadataProvider.java +++ b/id/server/modules/moa-id-module-eIDAS/src/main/java/at/gv/egovernment/moa/id/auth/modules/eidas/engine/MOAeIDASChainingMetadataProvider.java @@ -29,7 +29,7 @@ import org.opensaml.xml.XMLObject; import org.springframework.beans.factory.annotation.Autowired; import org.springframework.stereotype.Service; -import at.gv.egiz.eaaf.core.api.IDestroyableObject; +import at.gv.egiz.components.spring.api.IDestroyableObject; import at.gv.egiz.eaaf.core.api.IGarbageCollectorProcessing; import at.gv.egiz.eaaf.core.api.IPostStartupInitializable; import at.gv.egiz.eaaf.core.api.idp.IConfiguration; diff --git a/id/server/modules/moa-id-module-eIDAS/src/main/java/at/gv/egovernment/moa/id/auth/modules/eidas/tasks/CollectAddtionalAttributesTask.java b/id/server/modules/moa-id-module-eIDAS/src/main/java/at/gv/egovernment/moa/id/auth/modules/eidas/tasks/CollectAddtionalAttributesTask.java index a58bc4f8d..d2ddc7ef8 100644 --- a/id/server/modules/moa-id-module-eIDAS/src/main/java/at/gv/egovernment/moa/id/auth/modules/eidas/tasks/CollectAddtionalAttributesTask.java +++ b/id/server/modules/moa-id-module-eIDAS/src/main/java/at/gv/egovernment/moa/id/auth/modules/eidas/tasks/CollectAddtionalAttributesTask.java @@ -16,6 +16,7 @@ import at.gv.egiz.eaaf.core.api.idp.process.ExecutionContext; import at.gv.egiz.eaaf.core.api.storage.ITransactionStorage; import at.gv.egiz.eaaf.core.exceptions.TaskExecutionException; import at.gv.egiz.eaaf.core.impl.idp.auth.modules.AbstractAuthServletTask; +import at.gv.egiz.eaaf.core.impl.idp.builder.SimpleStringAttributeGenerator; import at.gv.egiz.eaaf.core.impl.idp.builder.attributes.BPKAttributeBuilder; import at.gv.egiz.eaaf.core.impl.utils.Random; import at.gv.egiz.eid4u.api.attributes.Definitions; @@ -23,7 +24,6 @@ import at.gv.egovernment.moa.id.auth.builder.AuthenticationDataBuilder; import at.gv.egovernment.moa.id.auth.data.AuthenticationSessionWrapper; import at.gv.egovernment.moa.id.auth.modules.eidas.eID4UConstants; import at.gv.egovernment.moa.id.auth.modules.eidas.eid4u.utils.AttributeScopeMapper; -import at.gv.egovernment.moa.id.protocols.builder.attributes.SimpleStringAttributeGenerator; import at.gv.egovernment.moa.id.protocols.eidas.EIDASData; import at.gv.egovernment.moa.id.protocols.oauth20.OAuth20Constants; import at.gv.egovernment.moa.id.protocols.oauth20.OAuth20SessionObject; diff --git a/id/server/modules/moa-id-module-eIDAS/src/main/java/at/gv/egovernment/moa/id/auth/modules/eidas/utils/eIDASAttributeBuilder.java b/id/server/modules/moa-id-module-eIDAS/src/main/java/at/gv/egovernment/moa/id/auth/modules/eidas/utils/eIDASAttributeBuilder.java index d2323d161..4a6f83e5f 100644 --- a/id/server/modules/moa-id-module-eIDAS/src/main/java/at/gv/egovernment/moa/id/auth/modules/eidas/utils/eIDASAttributeBuilder.java +++ b/id/server/modules/moa-id-module-eIDAS/src/main/java/at/gv/egovernment/moa/id/auth/modules/eidas/utils/eIDASAttributeBuilder.java @@ -36,9 +36,9 @@ import at.gv.egiz.eaaf.core.api.idp.IAuthData; import at.gv.egiz.eaaf.core.api.idp.ISPConfiguration; import at.gv.egiz.eaaf.core.exceptions.AttributeBuilderException; import at.gv.egiz.eaaf.core.impl.data.Pair; +import at.gv.egiz.eaaf.core.impl.idp.builder.SimpleStringAttributeGenerator; import at.gv.egiz.eaaf.modules.pvp2.impl.builder.PVPAttributeBuilder; import at.gv.egovernment.moa.id.data.IMOAAuthData; -import at.gv.egovernment.moa.id.protocols.builder.attributes.SimpleStringAttributeGenerator; import at.gv.egovernment.moa.id.protocols.eidas.attributes.builder.IeIDASAttribute; import at.gv.egovernment.moa.id.protocols.eidas.attributes.builder.eIDASMetadata; import at.gv.egovernment.moa.logging.Logger; diff --git a/id/server/modules/moa-id-module-eIDAS/src/main/java/at/gv/egovernment/moa/id/protocols/eidas/EIDASProtocol.java b/id/server/modules/moa-id-module-eIDAS/src/main/java/at/gv/egovernment/moa/id/protocols/eidas/EIDASProtocol.java index 7c9e66ba0..3996ad59c 100644 --- a/id/server/modules/moa-id-module-eIDAS/src/main/java/at/gv/egovernment/moa/id/protocols/eidas/EIDASProtocol.java +++ b/id/server/modules/moa-id-module-eIDAS/src/main/java/at/gv/egovernment/moa/id/protocols/eidas/EIDASProtocol.java @@ -48,7 +48,7 @@ import at.gv.egiz.eaaf.core.api.idp.IModulInfo; import at.gv.egiz.eaaf.core.api.idp.ISPConfiguration; import at.gv.egiz.eaaf.core.exceptions.EAAFException; import at.gv.egiz.eaaf.core.impl.gui.velocity.VelocityProvider; -import at.gv.egiz.eaaf.core.impl.idp.controller.AbstractAuthProtocolModulController; +import at.gv.egiz.eaaf.core.impl.idp.controller.AbstractController; import at.gv.egiz.eaaf.core.impl.utils.KeyValueUtils; import at.gv.egovernment.moa.id.advancedlogging.MOAIDEventConstants; import at.gv.egovernment.moa.id.auth.modules.eidas.Constants; @@ -82,7 +82,7 @@ import eu.eidas.engine.exceptions.EIDASSAMLEngineException; * @author tlenz */ @Controller -public class EIDASProtocol extends AbstractAuthProtocolModulController implements IModulInfo { +public class EIDASProtocol extends AbstractController implements IModulInfo { public static final String eIDAS_GENERIC_REQ_DATA_LEVELOFASSURENCE = "eIDAS_GENERIC_REQ_DATA_LEVELOFASSURENCE"; @@ -169,7 +169,7 @@ public class EIDASProtocol extends AbstractAuthProtocolModulController implement pendingReq.setAction(eIDASAuthenticationRequest.class.getName()); //switch to session authentication - performAuthentication(req, resp, pendingReq); + protAuthService.performAuthentication(req, resp, pendingReq); } /* diff --git a/id/server/modules/moa-id-module-elga_mandate_service/pom.xml b/id/server/modules/moa-id-module-elga_mandate_service/pom.xml index 3b5d1ba66..86cb4b1a7 100644 --- a/id/server/modules/moa-id-module-elga_mandate_service/pom.xml +++ b/id/server/modules/moa-id-module-elga_mandate_service/pom.xml @@ -33,6 +33,11 @@ moa-id-lib + + at.gv.egiz.components + egiz-spring-api + + MOA.id.server.modules moa-id-modul-citizencard_authentication diff --git a/id/server/modules/moa-id-module-elga_mandate_service/src/main/java/at/gv/egovernment/moa/id/auth/modules/elgamandates/controller/ELGAMandateMetadataController.java b/id/server/modules/moa-id-module-elga_mandate_service/src/main/java/at/gv/egovernment/moa/id/auth/modules/elgamandates/controller/ELGAMandateMetadataController.java index d52cd750a..be7778abc 100644 --- a/id/server/modules/moa-id-module-elga_mandate_service/src/main/java/at/gv/egovernment/moa/id/auth/modules/elgamandates/controller/ELGAMandateMetadataController.java +++ b/id/server/modules/moa-id-module-elga_mandate_service/src/main/java/at/gv/egovernment/moa/id/auth/modules/elgamandates/controller/ELGAMandateMetadataController.java @@ -34,6 +34,7 @@ import org.springframework.web.bind.annotation.RequestMethod; import com.google.common.net.MediaType; +import at.gv.egiz.eaaf.core.exceptions.EAAFException; import at.gv.egiz.eaaf.core.impl.idp.controller.AbstractController; import at.gv.egiz.eaaf.core.impl.utils.HTTPUtils; import at.gv.egiz.eaaf.modules.pvp2.api.IPVP2BasicConfiguration; @@ -67,7 +68,7 @@ public class ELGAMandateMetadataController extends AbstractController { @RequestMapping(value = "/sp/elga_mandate/metadata", method = {RequestMethod.GET}) - public void getSPMetadata(HttpServletRequest req, HttpServletResponse resp) throws IOException { + public void getSPMetadata(HttpServletRequest req, HttpServletResponse resp) throws IOException, EAAFException { //check PublicURL prefix try { String authURL = HTTPUtils.extractAuthURLFromRequest(req); @@ -94,7 +95,7 @@ public class ELGAMandateMetadataController extends AbstractController { } catch (Exception e) { Logger.warn("Build federated-authentication PVP metadata FAILED.", e); - handleErrorNoRedirect(e, req, resp, false); + protAuthService.handleErrorNoRedirect(e, req, resp, false); } diff --git a/id/server/modules/moa-id-module-elga_mandate_service/src/main/java/at/gv/egovernment/moa/id/auth/modules/elgamandates/controller/ELGAMandateSignalController.java b/id/server/modules/moa-id-module-elga_mandate_service/src/main/java/at/gv/egovernment/moa/id/auth/modules/elgamandates/controller/ELGAMandateSignalController.java index 503884edd..7effbc905 100644 --- a/id/server/modules/moa-id-module-elga_mandate_service/src/main/java/at/gv/egovernment/moa/id/auth/modules/elgamandates/controller/ELGAMandateSignalController.java +++ b/id/server/modules/moa-id-module-elga_mandate_service/src/main/java/at/gv/egovernment/moa/id/auth/modules/elgamandates/controller/ELGAMandateSignalController.java @@ -32,6 +32,7 @@ import org.springframework.stereotype.Controller; import org.springframework.web.bind.annotation.RequestMapping; import org.springframework.web.bind.annotation.RequestMethod; +import at.gv.egiz.eaaf.core.exceptions.EAAFException; import at.gv.egiz.eaaf.core.impl.idp.controller.AbstractProcessEngineSignalController; import at.gv.egovernment.moa.id.auth.modules.elgamandates.ELGAMandatesAuthConstants; import at.gv.egovernment.moa.logging.Logger; @@ -55,7 +56,7 @@ public class ELGAMandateSignalController extends AbstractProcessEngineSignalCont "/sp/elga_mandate/redirect" }, method = {RequestMethod.POST, RequestMethod.GET}) - public void performCitizenCardAuthentication(HttpServletRequest req, HttpServletResponse resp) throws IOException { + public void performCitizenCardAuthentication(HttpServletRequest req, HttpServletResponse resp) throws IOException, EAAFException { signalProcessManagement(req, resp); } diff --git a/id/server/modules/moa-id-module-elga_mandate_service/src/main/java/at/gv/egovernment/moa/id/auth/modules/elgamandates/tasks/EvaluateMandateServiceTask.java b/id/server/modules/moa-id-module-elga_mandate_service/src/main/java/at/gv/egovernment/moa/id/auth/modules/elgamandates/tasks/EvaluateMandateServiceTask.java index 5c1f8e7bb..9980c4884 100644 --- a/id/server/modules/moa-id-module-elga_mandate_service/src/main/java/at/gv/egovernment/moa/id/auth/modules/elgamandates/tasks/EvaluateMandateServiceTask.java +++ b/id/server/modules/moa-id-module-elga_mandate_service/src/main/java/at/gv/egovernment/moa/id/auth/modules/elgamandates/tasks/EvaluateMandateServiceTask.java @@ -94,7 +94,7 @@ public class EvaluateMandateServiceTask extends AbstractAuthServletTask { requestStoreage.storePendingRequest(pendingReq); //redirect to protocol finalization - performRedirectToProtocolFinialization(pendingReq, response); + performRedirectToProtocolFinialization(executionContext, pendingReq, request, response); } diff --git a/id/server/modules/moa-id-module-elga_mandate_service/src/main/java/at/gv/egovernment/moa/id/auth/modules/elgamandates/tasks/SelectMandateServiceTask.java b/id/server/modules/moa-id-module-elga_mandate_service/src/main/java/at/gv/egovernment/moa/id/auth/modules/elgamandates/tasks/SelectMandateServiceTask.java index 854f9d2bb..1cd697c4e 100644 --- a/id/server/modules/moa-id-module-elga_mandate_service/src/main/java/at/gv/egovernment/moa/id/auth/modules/elgamandates/tasks/SelectMandateServiceTask.java +++ b/id/server/modules/moa-id-module-elga_mandate_service/src/main/java/at/gv/egovernment/moa/id/auth/modules/elgamandates/tasks/SelectMandateServiceTask.java @@ -69,7 +69,7 @@ public class SelectMandateServiceTask extends AbstractAuthServletTask { GeneralProcessEngineSignalController.ENDPOINT_GENERIC, authConfig.getConfigurationRootDirectory().toURL().toString()); - guiBuilder.build(response, config, "Mandate-Service selection"); + guiBuilder.build(request, response, config, "Mandate-Service selection"); Logger.debug("GUI for mandate-service selection is generated. Wait for user interaction ... "); diff --git a/id/server/modules/moa-id-module-elga_mandate_service/src/main/java/at/gv/egovernment/moa/id/auth/modules/elgamandates/utils/ELGAMandateServiceMetadataProvider.java b/id/server/modules/moa-id-module-elga_mandate_service/src/main/java/at/gv/egovernment/moa/id/auth/modules/elgamandates/utils/ELGAMandateServiceMetadataProvider.java index 7bb98c719..aa4dfbe60 100644 --- a/id/server/modules/moa-id-module-elga_mandate_service/src/main/java/at/gv/egovernment/moa/id/auth/modules/elgamandates/utils/ELGAMandateServiceMetadataProvider.java +++ b/id/server/modules/moa-id-module-elga_mandate_service/src/main/java/at/gv/egovernment/moa/id/auth/modules/elgamandates/utils/ELGAMandateServiceMetadataProvider.java @@ -44,7 +44,7 @@ import org.opensaml.xml.parse.BasicParserPool; import org.springframework.beans.factory.annotation.Autowired; import org.springframework.stereotype.Service; -import at.gv.egiz.eaaf.core.api.IDestroyableObject; +import at.gv.egiz.components.spring.api.IDestroyableObject; import at.gv.egiz.eaaf.modules.pvp2.impl.metadata.MetadataFilterChain; import at.gv.egiz.eaaf.modules.pvp2.impl.metadata.SimpleMetadataProvider; import at.gv.egiz.eaaf.modules.pvp2.impl.validation.metadata.SchemaValidationFilter; diff --git a/id/server/modules/moa-id-module-openID/src/main/java/at/gv/egovernment/moa/id/protocols/oauth20/protocol/OAuth20Protocol.java b/id/server/modules/moa-id-module-openID/src/main/java/at/gv/egovernment/moa/id/protocols/oauth20/protocol/OAuth20Protocol.java index 0952ba0a6..4f3c683ce 100644 --- a/id/server/modules/moa-id-module-openID/src/main/java/at/gv/egovernment/moa/id/protocols/oauth20/protocol/OAuth20Protocol.java +++ b/id/server/modules/moa-id-module-openID/src/main/java/at/gv/egovernment/moa/id/protocols/oauth20/protocol/OAuth20Protocol.java @@ -23,7 +23,7 @@ import at.gv.egiz.eaaf.core.api.idp.IModulInfo; import at.gv.egiz.eaaf.core.exceptions.EAAFException; import at.gv.egiz.eaaf.core.exceptions.InvalidProtocolRequestException; import at.gv.egiz.eaaf.core.exceptions.ProtocolNotActiveException; -import at.gv.egiz.eaaf.core.impl.idp.controller.AbstractAuthProtocolModulController; +import at.gv.egiz.eaaf.core.impl.idp.controller.AbstractController; import at.gv.egiz.eaaf.core.impl.idp.controller.protocols.RequestImpl; import at.gv.egovernment.moa.id.advancedlogging.MOAIDEventConstants; import at.gv.egovernment.moa.id.auth.servlet.RedirectServlet; @@ -37,7 +37,7 @@ import at.gv.egovernment.moa.logging.Logger; import at.gv.egovernment.moa.util.MiscUtil; @Controller -public class OAuth20Protocol extends AbstractAuthProtocolModulController implements IModulInfo { +public class OAuth20Protocol extends AbstractController implements IModulInfo { public static final String NAME = OAuth20Protocol.class.getName(); public static final String PATH = "id_oauth20"; @@ -101,7 +101,7 @@ public class OAuth20Protocol extends AbstractAuthProtocolModulController impleme req.getRemoteAddr()); //process request - performAuthentication(req, resp, (RequestImpl)pendingReq); + protAuthService.performAuthentication(req, resp, (RequestImpl)pendingReq); } @@ -135,7 +135,7 @@ public class OAuth20Protocol extends AbstractAuthProtocolModulController impleme req.getRemoteAddr()); //process request - performAuthentication(req, resp, (RequestImpl)pendingReq); + protAuthService.performAuthentication(req, resp, (RequestImpl)pendingReq); } diff --git a/id/server/modules/moa-id-module-sl20_authentication/pom.xml b/id/server/modules/moa-id-module-sl20_authentication/pom.xml index 74aa6682b..6ad72adde 100644 --- a/id/server/modules/moa-id-module-sl20_authentication/pom.xml +++ b/id/server/modules/moa-id-module-sl20_authentication/pom.xml @@ -45,6 +45,10 @@ MOA.id.server moa-id-lib + + at.gv.egiz.eaaf + eaaf_module_auth_sl20 + com.google.code.gson @@ -65,6 +69,7 @@ + org.springframework spring-test @@ -75,6 +80,27 @@ junit test + + xerces + xercesImpl + test + + + xalan-bin-dist + xml-apis + test + + + xalan-bin-dist + xalan + test + + + xalan-bin-dist + serializer + test + + diff --git a/id/server/modules/moa-id-module-sl20_authentication/src/main/java/at/gv/egovernment/moa/id/auth/modules/sl20_auth/SL20SignalServlet.java b/id/server/modules/moa-id-module-sl20_authentication/src/main/java/at/gv/egovernment/moa/id/auth/modules/sl20_auth/SL20SignalServlet.java index a8c4a941e..a5a472ed8 100644 --- a/id/server/modules/moa-id-module-sl20_authentication/src/main/java/at/gv/egovernment/moa/id/auth/modules/sl20_auth/SL20SignalServlet.java +++ b/id/server/modules/moa-id-module-sl20_authentication/src/main/java/at/gv/egovernment/moa/id/auth/modules/sl20_auth/SL20SignalServlet.java @@ -31,6 +31,7 @@ import org.springframework.stereotype.Controller; import org.springframework.web.bind.annotation.RequestMapping; import org.springframework.web.bind.annotation.RequestMethod; +import at.gv.egiz.eaaf.core.exceptions.EAAFException; import at.gv.egiz.eaaf.core.impl.idp.controller.AbstractProcessEngineSignalController; import at.gv.egovernment.moa.logging.Logger; @@ -54,7 +55,7 @@ public class SL20SignalServlet extends AbstractProcessEngineSignalController { Constants.HTTP_ENDPOINT_RESUME }, method = {RequestMethod.POST, RequestMethod.GET}) - public void performCitizenCardAuthentication(HttpServletRequest req, HttpServletResponse resp) throws IOException { + public void performCitizenCardAuthentication(HttpServletRequest req, HttpServletResponse resp) throws IOException, EAAFException { Logger.trace("Receive req. on SL2.0 servlet with pendingReqId ... "); signalProcessManagement(req, resp); } diff --git a/id/server/modules/moa-id-module-sl20_authentication/src/main/java/at/gv/egovernment/moa/id/auth/modules/sl20_auth/sl20/JsonSecurityUtils.java b/id/server/modules/moa-id-module-sl20_authentication/src/main/java/at/gv/egovernment/moa/id/auth/modules/sl20_auth/sl20/JsonSecurityUtils.java index a02f86376..39364f062 100644 --- a/id/server/modules/moa-id-module-sl20_authentication/src/main/java/at/gv/egovernment/moa/id/auth/modules/sl20_auth/sl20/JsonSecurityUtils.java +++ b/id/server/modules/moa-id-module-sl20_authentication/src/main/java/at/gv/egovernment/moa/id/auth/modules/sl20_auth/sl20/JsonSecurityUtils.java @@ -32,6 +32,7 @@ import com.google.gson.JsonSyntaxException; import at.gv.egiz.eaaf.core.impl.utils.FileUtils; import at.gv.egiz.eaaf.core.impl.utils.KeyStoreUtils; +import at.gv.egiz.eaaf.core.impl.utils.X509Utils; import at.gv.egovernment.moa.id.auth.modules.sl20_auth.Constants; import at.gv.egovernment.moa.id.auth.modules.sl20_auth.data.VerificationResult; import at.gv.egovernment.moa.id.auth.modules.sl20_auth.exceptions.SL20Exception; @@ -40,11 +41,11 @@ import at.gv.egovernment.moa.id.auth.modules.sl20_auth.exceptions.SLCommandoBuil import at.gv.egovernment.moa.id.auth.modules.sl20_auth.exceptions.SLCommandoParserException; import at.gv.egovernment.moa.id.commons.api.AuthConfiguration; import at.gv.egovernment.moa.id.commons.api.exceptions.ConfigurationException; -import at.gv.egovernment.moa.id.commons.utils.X509Utils; import at.gv.egovernment.moa.logging.Logger; import at.gv.egovernment.moa.util.Base64Utils; import at.gv.egovernment.moa.util.MiscUtil; + @Service public class JsonSecurityUtils implements IJOSETools{ diff --git a/id/server/modules/moa-id-module-sl20_authentication/src/main/java/at/gv/egovernment/moa/id/auth/modules/sl20_auth/sl20/verifier/QualifiedeIDVerifier.java b/id/server/modules/moa-id-module-sl20_authentication/src/main/java/at/gv/egovernment/moa/id/auth/modules/sl20_auth/sl20/verifier/QualifiedeIDVerifier.java index 599a67dfd..8a288b9b8 100644 --- a/id/server/modules/moa-id-module-sl20_authentication/src/main/java/at/gv/egovernment/moa/id/auth/modules/sl20_auth/sl20/verifier/QualifiedeIDVerifier.java +++ b/id/server/modules/moa-id-module-sl20_authentication/src/main/java/at/gv/egovernment/moa/id/auth/modules/sl20_auth/sl20/verifier/QualifiedeIDVerifier.java @@ -19,6 +19,7 @@ import at.gv.egiz.eaaf.core.impl.utils.KeyValueUtils; import at.gv.egiz.eaaf.modules.pvp2.impl.utils.SAML2Utils; import at.gv.egiz.eaaf.modules.pvp2.sp.impl.utils.AssertionAttributeExtractor; import at.gv.egovernment.moa.id.auth.builder.SignatureVerificationUtils; +import at.gv.egovernment.moa.id.auth.exception.ValidateException; import at.gv.egovernment.moa.id.auth.invoke.SignatureVerificationInvoker; import at.gv.egovernment.moa.id.auth.modules.sl20_auth.exceptions.SL20eIDDataValidationException; import at.gv.egovernment.moa.id.auth.modules.sl20_auth.sl20.SL20Constants; @@ -112,7 +113,7 @@ public class QualifiedeIDVerifier { // date and time validateSigningDateTime(sigVerifyResult, authBlockExtractor); - } catch ( Exception e) { + } catch ( ValidateException e) { Logger.warn("Validation of eID information FAILED. ", e); throw new SL20eIDDataValidationException(new Object[] { SL20Constants.SL20_COMMAND_PARAM_EID_RESULT_IDL, diff --git a/id/server/modules/moa-id-module-sl20_authentication/src/test/java/at/gv/egovernment/moa/id/auth/modules/sl20_auth/dummydata/DummyAuthConfig.java b/id/server/modules/moa-id-module-sl20_authentication/src/test/java/at/gv/egovernment/moa/id/auth/modules/sl20_auth/dummydata/DummyAuthConfig.java index fe12e9b76..7b82eb253 100644 --- a/id/server/modules/moa-id-module-sl20_authentication/src/test/java/at/gv/egovernment/moa/id/auth/modules/sl20_auth/dummydata/DummyAuthConfig.java +++ b/id/server/modules/moa-id-module-sl20_authentication/src/test/java/at/gv/egovernment/moa/id/auth/modules/sl20_auth/dummydata/DummyAuthConfig.java @@ -400,11 +400,6 @@ public class DummyAuthConfig implements AuthConfiguration { return false; } - @Override - public URI getConfigurationFilePath() { - // TODO Auto-generated method stub - return null; - } @Override public URI getConfigurationRootDirectory() { @@ -412,12 +407,6 @@ public class DummyAuthConfig implements AuthConfiguration { return null; } - @Override - public Properties getFullConfigurationProperties() { - // TODO Auto-generated method stub - return null; - } - @Override public ISPConfiguration getServiceProviderConfiguration(String arg0) throws EAAFConfigurationException { // TODO Auto-generated method stub diff --git a/id/server/modules/moa-id-module-ssoTransfer/src/main/java/at/gv/egovernment/moa/id/auth/modules/ssotransfer/data/SSOTransferAuthenticationData.java b/id/server/modules/moa-id-module-ssoTransfer/src/main/java/at/gv/egovernment/moa/id/auth/modules/ssotransfer/data/SSOTransferAuthenticationData.java index e7280f847..efbfd8472 100644 --- a/id/server/modules/moa-id-module-ssoTransfer/src/main/java/at/gv/egovernment/moa/id/auth/modules/ssotransfer/data/SSOTransferAuthenticationData.java +++ b/id/server/modules/moa-id-module-ssoTransfer/src/main/java/at/gv/egovernment/moa/id/auth/modules/ssotransfer/data/SSOTransferAuthenticationData.java @@ -393,5 +393,17 @@ public class SSOTransferAuthenticationData implements IMOAAuthData { return null; } + @Override + public String getEncryptedSourceId() { + // TODO Auto-generated method stub + return null; + } + + @Override + public String getEncryptedSourceIdType() { + // TODO Auto-generated method stub + return null; + } + } diff --git a/id/server/modules/moa-id-module-ssoTransfer/src/main/java/at/gv/egovernment/moa/id/auth/modules/ssotransfer/servlet/SSOTransferServlet.java b/id/server/modules/moa-id-module-ssoTransfer/src/main/java/at/gv/egovernment/moa/id/auth/modules/ssotransfer/servlet/SSOTransferServlet.java index dc2baab7d..3ab826bcd 100644 --- a/id/server/modules/moa-id-module-ssoTransfer/src/main/java/at/gv/egovernment/moa/id/auth/modules/ssotransfer/servlet/SSOTransferServlet.java +++ b/id/server/modules/moa-id-module-ssoTransfer/src/main/java/at/gv/egovernment/moa/id/auth/modules/ssotransfer/servlet/SSOTransferServlet.java @@ -158,7 +158,7 @@ public class SSOTransferServlet{ DefaultGUIFormBuilderConfiguration.VIEW_SSO_SESSION_TRANSFER, null); - internalCreateQRCodeForTransfer(resp, authURL, + internalCreateQRCodeForTransfer(req, resp, authURL, "123456", "/TestTransmitSSOSession", config); } catch (MOAIDException | MOADatabaseException e) { @@ -423,7 +423,7 @@ public class SSOTransferServlet{ String ssoSessionId = authenticationSessionStorage.getInternalSSOSessionWithSSOID(ssoid); if(ssoSessionId != null) { - internalCreateQRCodeForTransfer(resp, authURL, + internalCreateQRCodeForTransfer(req, resp, authURL, ssoSessionId, SSOTransferConstants.SERVLET_SSOTRANSFER_TO_SMARTPHONE, config); @@ -432,10 +432,10 @@ public class SSOTransferServlet{ } - config.putCustomParameter("errorMsg", + config.putCustomParameter(null, "errorMsg", "No active Single Sign-On session found! SSO Session transfer is not possible."); - guiBuilder.build(resp, config, "SSO-Transfer-Module"); + guiBuilder.build(req, resp, config, "SSO-Transfer-Module"); } catch (MOAIDException | MOADatabaseException e) { e.printStackTrace(); @@ -518,7 +518,7 @@ public class SSOTransferServlet{ } - private void internalCreateQRCodeForTransfer(HttpServletResponse resp, String authURL, + private void internalCreateQRCodeForTransfer(HttpServletRequest req, HttpServletResponse resp, String authURL, String moaSessionID, String servletEndPoint, DefaultGUIFormBuilderConfiguration config) throws Exception { SSOTransferContainer container = new SSOTransferContainer(); String token = Random.nextRandom(); @@ -572,12 +572,12 @@ public class SSOTransferServlet{ ByteArrayOutputStream qrStream = QRCode.from(qrResult.toString()).to(ImageType.GIF).withSize(350, 350).stream(); String base64EncodedImage = Base64Utils.encode(qrStream.toByteArray()); - config.putCustomParameter("QRImage", base64EncodedImage); + config.putCustomParameter(null, "QRImage", base64EncodedImage); - config.putCustomParameterWithOutEscaption("successMsg", "Scan the QR-Code with your SSO-Transfer App to start the transfer operation."); + config.putCustomParameterWithOutEscaption(null, "successMsg", "Scan the QR-Code with your SSO-Transfer App to start the transfer operation."); - guiBuilder.build(resp, config, "SSO-Session Transfer-Module"); + guiBuilder.build(req, resp, config, "SSO-Session Transfer-Module"); } diff --git a/id/server/modules/moa-id-module-ssoTransfer/src/main/java/at/gv/egovernment/moa/id/auth/modules/ssotransfer/servlet/SSOTransferSignalServlet.java b/id/server/modules/moa-id-module-ssoTransfer/src/main/java/at/gv/egovernment/moa/id/auth/modules/ssotransfer/servlet/SSOTransferSignalServlet.java index bf215373d..169eb464b 100644 --- a/id/server/modules/moa-id-module-ssoTransfer/src/main/java/at/gv/egovernment/moa/id/auth/modules/ssotransfer/servlet/SSOTransferSignalServlet.java +++ b/id/server/modules/moa-id-module-ssoTransfer/src/main/java/at/gv/egovernment/moa/id/auth/modules/ssotransfer/servlet/SSOTransferSignalServlet.java @@ -33,6 +33,7 @@ import org.springframework.web.bind.annotation.RequestMapping; import org.springframework.web.bind.annotation.RequestMethod; import at.gv.egiz.eaaf.core.api.IRequest; +import at.gv.egiz.eaaf.core.exceptions.EAAFException; import at.gv.egiz.eaaf.core.impl.idp.controller.AbstractProcessEngineSignalController; import at.gv.egiz.eaaf.core.impl.utils.TransactionIDUtils; import at.gv.egovernment.moa.id.commons.api.exceptions.MOAIDException; @@ -53,13 +54,13 @@ public class SSOTransferSignalServlet extends AbstractProcessEngineSignalControl @RequestMapping(value = { "/SSOTransferSignalEndpoint" }, method = {RequestMethod.POST, RequestMethod.GET}) - public void performSSOTransfer(HttpServletRequest req, HttpServletResponse resp) throws IOException { + public void performSSOTransfer(HttpServletRequest req, HttpServletResponse resp) throws IOException, EAAFException { signalProcessManagement(req, resp); } @Override - protected void signalProcessManagement(HttpServletRequest req, HttpServletResponse resp) throws IOException { + protected void signalProcessManagement(HttpServletRequest req, HttpServletResponse resp) throws IOException, EAAFException { String pendingRequestID = StringEscapeUtils.escapeHtml(getPendingRequestId(req)); IRequest pendingReq = null; try { diff --git a/id/server/modules/moa-id-module-ssoTransfer/src/main/java/at/gv/egovernment/moa/id/auth/modules/ssotransfer/task/InitializeRestoreSSOSessionTask.java b/id/server/modules/moa-id-module-ssoTransfer/src/main/java/at/gv/egovernment/moa/id/auth/modules/ssotransfer/task/InitializeRestoreSSOSessionTask.java index 921e3844b..7132eb08e 100644 --- a/id/server/modules/moa-id-module-ssoTransfer/src/main/java/at/gv/egovernment/moa/id/auth/modules/ssotransfer/task/InitializeRestoreSSOSessionTask.java +++ b/id/server/modules/moa-id-module-ssoTransfer/src/main/java/at/gv/egovernment/moa/id/auth/modules/ssotransfer/task/InitializeRestoreSSOSessionTask.java @@ -85,7 +85,7 @@ public class InitializeRestoreSSOSessionTask extends AbstractAuthServletTask { Pair dhKeyIDP = ssoTransferUtils.createSpecificKey(dhSpec.getP(), dhSpec.getG()); String nonce = Random.nextLongRandom(); - GUIUtils.buildSSOTransferGUI(guiBuilder, response, authURL, + GUIUtils.buildSSOTransferGUI(guiBuilder, request, response, authURL, pendingReq.getPendingRequestId(), nonce, dhKeyIDP.getF()); //store DH params and nonce to pending-request diff --git a/id/server/modules/moa-id-module-ssoTransfer/src/main/java/at/gv/egovernment/moa/id/auth/modules/ssotransfer/task/RestoreSSOSessionTask.java b/id/server/modules/moa-id-module-ssoTransfer/src/main/java/at/gv/egovernment/moa/id/auth/modules/ssotransfer/task/RestoreSSOSessionTask.java index 90b74ebd7..d89d0bd2b 100644 --- a/id/server/modules/moa-id-module-ssoTransfer/src/main/java/at/gv/egovernment/moa/id/auth/modules/ssotransfer/task/RestoreSSOSessionTask.java +++ b/id/server/modules/moa-id-module-ssoTransfer/src/main/java/at/gv/egovernment/moa/id/auth/modules/ssotransfer/task/RestoreSSOSessionTask.java @@ -267,7 +267,7 @@ public class RestoreSSOSessionTask extends AbstractAuthServletTask { } - GUIUtils.buildSSOTransferGUI(guiBuilder, response, + GUIUtils.buildSSOTransferGUI(guiBuilder, request, response, authURL, pendingReq.getPendingRequestId(), nonce, container.getDhParams().getF()); } catch (IOException | MOAIDException e) { diff --git a/id/server/modules/moa-id-module-ssoTransfer/src/main/java/at/gv/egovernment/moa/id/auth/modules/ssotransfer/utils/GUIUtils.java b/id/server/modules/moa-id-module-ssoTransfer/src/main/java/at/gv/egovernment/moa/id/auth/modules/ssotransfer/utils/GUIUtils.java index 1a4a9b80b..2814874bd 100644 --- a/id/server/modules/moa-id-module-ssoTransfer/src/main/java/at/gv/egovernment/moa/id/auth/modules/ssotransfer/utils/GUIUtils.java +++ b/id/server/modules/moa-id-module-ssoTransfer/src/main/java/at/gv/egovernment/moa/id/auth/modules/ssotransfer/utils/GUIUtils.java @@ -26,6 +26,7 @@ import java.io.ByteArrayOutputStream; import java.io.IOException; import javax.crypto.spec.DHPublicKeySpec; +import javax.servlet.http.HttpServletRequest; import javax.servlet.http.HttpServletResponse; import com.google.gson.JsonObject; @@ -50,9 +51,9 @@ public class GUIUtils { public static final int REFESH_TIMEOUT = 5 * 1000; //5 sec public static void buildSSOTransferGUI( - IGUIFormBuilder guiBuilder, HttpServletResponse httpResp, + IGUIFormBuilder guiBuilder, HttpServletRequest httpReq,HttpServletResponse httpResp, String authURL, String pendingReqID) throws ConfigurationException, IOException { - buildSSOTransferGUI(guiBuilder, httpResp, authURL, pendingReqID, null, null); + buildSSOTransferGUI(guiBuilder, httpReq, httpResp, authURL, pendingReqID, null, null); } @@ -66,7 +67,7 @@ public class GUIUtils { * @throws ConfigurationException * @throws IOException */ - public static void buildSSOTransferGUI(IGUIFormBuilder guiBuilder, HttpServletResponse response, String authURL, + public static void buildSSOTransferGUI(IGUIFormBuilder guiBuilder, HttpServletRequest request, HttpServletResponse response, String authURL, String requestID, String nonce, DHPublicKeySpec dhKeyIDP) throws ConfigurationException, IOException { try { String containerURL = authURL @@ -103,12 +104,12 @@ public class GUIUtils { DefaultGUIFormBuilderConfiguration.VIEW_SSO_SESSION_TRANSFER, null); - config.putCustomParameter("QRImage", base64EncodedImage); - config.putCustomParameterWithOutEscaption("successMsg", "Select the SSO Session in your SSO-Transfer App and scan the QR-Code to start the process."); - config.putCustomParameterWithOutEscaption("timeoutURL", containerURL); - config.putCustomParameter("timeout", String.valueOf(REFESH_TIMEOUT)); + config.putCustomParameter(null, "QRImage", base64EncodedImage); + config.putCustomParameterWithOutEscaption(null, "successMsg", "Select the SSO Session in your SSO-Transfer App and scan the QR-Code to start the process."); + config.putCustomParameterWithOutEscaption(null, "timeoutURL", containerURL); + config.putCustomParameter(null, "timeout", String.valueOf(REFESH_TIMEOUT)); - guiBuilder.build(response, config, "SSO-Transfer-Module"); + guiBuilder.build(request, response, config, "SSO-Transfer-Module"); } catch (GUIBuildException e) { Logger.warn("Can not build GUI:'BKU-Selection'. Msg:" + e.getMessage(), e); diff --git a/id/server/modules/moa-id-modules-federated_authentication/src/main/java/at/gv/egovernment/moa/id/auth/modules/federatedauth/controller/FederatedAuthMetadataController.java b/id/server/modules/moa-id-modules-federated_authentication/src/main/java/at/gv/egovernment/moa/id/auth/modules/federatedauth/controller/FederatedAuthMetadataController.java index 6a733adb8..8eb6e7b92 100644 --- a/id/server/modules/moa-id-modules-federated_authentication/src/main/java/at/gv/egovernment/moa/id/auth/modules/federatedauth/controller/FederatedAuthMetadataController.java +++ b/id/server/modules/moa-id-modules-federated_authentication/src/main/java/at/gv/egovernment/moa/id/auth/modules/federatedauth/controller/FederatedAuthMetadataController.java @@ -34,6 +34,7 @@ import org.springframework.web.bind.annotation.RequestMethod; import com.google.common.net.MediaType; +import at.gv.egiz.eaaf.core.exceptions.EAAFException; import at.gv.egiz.eaaf.core.impl.idp.controller.AbstractController; import at.gv.egiz.eaaf.core.impl.utils.HTTPUtils; import at.gv.egiz.eaaf.modules.pvp2.api.IPVP2BasicConfiguration; @@ -67,7 +68,7 @@ public class FederatedAuthMetadataController extends AbstractController { @RequestMapping(value = "/sp/federated/metadata", method = {RequestMethod.GET}) - public void getSPMetadata(HttpServletRequest req, HttpServletResponse resp) throws IOException { + public void getSPMetadata(HttpServletRequest req, HttpServletResponse resp) throws IOException, EAAFException { //check PublicURL prefix try { String authURL = HTTPUtils.extractAuthURLFromRequest(req); @@ -94,7 +95,7 @@ public class FederatedAuthMetadataController extends AbstractController { } catch (Exception e) { Logger.warn("Build federated-authentication PVP metadata FAILED.", e); - handleErrorNoRedirect(e, req, resp, false); + protAuthService.handleErrorNoRedirect(e, req, resp, false); } diff --git a/id/server/modules/moa-id-modules-federated_authentication/src/main/java/at/gv/egovernment/moa/id/auth/modules/federatedauth/controller/FederatedAuthSignalController.java b/id/server/modules/moa-id-modules-federated_authentication/src/main/java/at/gv/egovernment/moa/id/auth/modules/federatedauth/controller/FederatedAuthSignalController.java index 5edd36248..ae68261ee 100644 --- a/id/server/modules/moa-id-modules-federated_authentication/src/main/java/at/gv/egovernment/moa/id/auth/modules/federatedauth/controller/FederatedAuthSignalController.java +++ b/id/server/modules/moa-id-modules-federated_authentication/src/main/java/at/gv/egovernment/moa/id/auth/modules/federatedauth/controller/FederatedAuthSignalController.java @@ -32,6 +32,7 @@ import org.springframework.stereotype.Controller; import org.springframework.web.bind.annotation.RequestMapping; import org.springframework.web.bind.annotation.RequestMethod; +import at.gv.egiz.eaaf.core.exceptions.EAAFException; import at.gv.egiz.eaaf.core.impl.idp.controller.AbstractProcessEngineSignalController; import at.gv.egovernment.moa.id.auth.modules.federatedauth.FederatedAuthConstants; import at.gv.egovernment.moa.logging.Logger; @@ -55,7 +56,7 @@ public class FederatedAuthSignalController extends AbstractProcessEngineSignalCo "/sp/federated/redirect" }, method = {RequestMethod.POST, RequestMethod.GET}) - public void performCitizenCardAuthentication(HttpServletRequest req, HttpServletResponse resp) throws IOException { + public void performCitizenCardAuthentication(HttpServletRequest req, HttpServletResponse resp) throws IOException, EAAFException { signalProcessManagement(req, resp); } diff --git a/id/server/modules/moa-id-modules-saml1/src/main/java/at/gv/egovernment/moa/id/protocols/saml1/SAML1AuthenticationServer.java b/id/server/modules/moa-id-modules-saml1/src/main/java/at/gv/egovernment/moa/id/protocols/saml1/SAML1AuthenticationServer.java index 7a9557baf..10ae63e17 100644 --- a/id/server/modules/moa-id-modules-saml1/src/main/java/at/gv/egovernment/moa/id/protocols/saml1/SAML1AuthenticationServer.java +++ b/id/server/modules/moa-id-modules-saml1/src/main/java/at/gv/egovernment/moa/id/protocols/saml1/SAML1AuthenticationServer.java @@ -53,6 +53,7 @@ import at.gv.egiz.eaaf.core.exceptions.EAAFBuilderException; import at.gv.egiz.eaaf.core.exceptions.EAAFException; import at.gv.egiz.eaaf.core.impl.data.Pair; import at.gv.egiz.eaaf.core.impl.idp.auth.builder.BPKBuilder; +import at.gv.egiz.eaaf.core.impl.idp.builder.SimpleStringAttributeGenerator; import at.gv.egiz.eaaf.core.impl.utils.DOMUtils; import at.gv.egiz.eaaf.core.impl.utils.Random; import at.gv.egovernment.moa.id.auth.AuthenticationServer; @@ -78,7 +79,6 @@ import at.gv.egovernment.moa.id.protocols.builder.attributes.BPKListAttributeBui import at.gv.egovernment.moa.id.protocols.builder.attributes.EncryptedBPKAttributeBuilder; import at.gv.egovernment.moa.id.protocols.builder.attributes.MandateNaturalPersonBPKListAttributeBuilder; import at.gv.egovernment.moa.id.protocols.builder.attributes.MandateNaturalPersonEncBPKListAttributeBuilder; -import at.gv.egovernment.moa.id.protocols.builder.attributes.SimpleStringAttributeGenerator; import at.gv.egovernment.moa.id.protocols.pvp2x.PVPConstants; import at.gv.egovernment.moa.logging.Logger; import at.gv.egovernment.moa.util.Base64Utils; diff --git a/id/server/modules/moa-id-modules-saml1/src/main/java/at/gv/egovernment/moa/id/protocols/saml1/SAML1Protocol.java b/id/server/modules/moa-id-modules-saml1/src/main/java/at/gv/egovernment/moa/id/protocols/saml1/SAML1Protocol.java index 20c66d7a2..bb1f3c155 100644 --- a/id/server/modules/moa-id-modules-saml1/src/main/java/at/gv/egovernment/moa/id/protocols/saml1/SAML1Protocol.java +++ b/id/server/modules/moa-id-modules-saml1/src/main/java/at/gv/egovernment/moa/id/protocols/saml1/SAML1Protocol.java @@ -42,7 +42,7 @@ import at.gv.egiz.eaaf.core.exceptions.EAAFException; import at.gv.egiz.eaaf.core.exceptions.EAAFStorageException; import at.gv.egiz.eaaf.core.exceptions.InvalidProtocolRequestException; import at.gv.egiz.eaaf.core.exceptions.ProtocolNotActiveException; -import at.gv.egiz.eaaf.core.impl.idp.controller.AbstractAuthProtocolModulController; +import at.gv.egiz.eaaf.core.impl.idp.controller.AbstractController; import at.gv.egovernment.moa.id.advancedlogging.MOAIDEventConstants; import at.gv.egovernment.moa.id.auth.exception.WrongParametersException; import at.gv.egovernment.moa.id.auth.servlet.RedirectServlet; @@ -66,7 +66,7 @@ import at.gv.egovernment.moa.util.URLEncoder; */ @Controller -public class SAML1Protocol extends AbstractAuthProtocolModulController implements IModulInfo { +public class SAML1Protocol extends AbstractController implements IModulInfo { @Autowired private SAML1AuthenticationServer saml1AuthServer; @@ -127,7 +127,7 @@ public class SAML1Protocol extends AbstractAuthProtocolModulController implement //preProcess SAML1 Request preProcess(req, resp, pendingReq); - performAuthentication(req, resp, pendingReq); + protAuthService.performAuthentication(req, resp, pendingReq); return; } diff --git a/pom.xml b/pom.xml index 7aa5a2c9d..772ab3f31 100644 --- a/pom.xml +++ b/pom.xml @@ -25,6 +25,7 @@ 1.3.2 + 0.3 1.0.7 5.1.5.RELEASE 2.1.5.RELEASE @@ -60,6 +61,7 @@ 3.7 4.1 3.2.2 + 1.6 2.10 2.9.7 @@ -320,6 +322,12 @@ ${org.apache.commons.collections3.version} + + org.apache.commons + commons-text + ${org.apache.commons-text.version} + + org.apache.struts struts2-core @@ -337,6 +345,12 @@ ${egovutils.version} + + at.gv.egiz.components + egiz-spring-api + ${egiz-spring-api.version} + + org.slf4j slf4j-api @@ -434,7 +448,11 @@ 1.46 --> - + + at.gv.egiz.eaaf + eaaf_core_api + ${egiz.eaaf.version} + at.gv.egiz.eaaf eaaf-core -- cgit v1.2.3 From 66859cd53d4181350525e91c4d35071932675ca7 Mon Sep 17 00:00:00 2001 From: Thomas Lenz Date: Wed, 29 May 2019 14:04:44 +0200 Subject: refactoring from MOA-ID 3.4.x to MOA E-ID Proxy 4.0.x --- .../config/ConfigurationProvider.java | 5 + .../id/configuration/data/GeneralMOAIDConfig.java | 320 ++++++----- .../data/oa/OAAuthenticationData.java | 63 ++- .../configuration/struts/action/BasicAction.java | 17 + .../configuration/struts/action/BasicOAAction.java | 6 +- .../struts/action/EditGeneralConfigAction.java | 598 +++++++++++---------- .../configuration/struts/action/EditOAAction.java | 42 +- .../struts/action/InterfederationIDPAction.java | 7 +- .../validation/moaconfig/MOAConfigValidator.java | 421 ++++++++------- .../oa/OAAuthenticationDataValidation.java | 8 + .../resources/applicationResources_de.properties | 9 +- .../resources/applicationResources_en.properties | 9 +- .../src/main/webapp/jsp/editMOAConfig.jsp | 524 +++++++++--------- .../src/main/webapp/jsp/editOAGeneral.jsp | 55 +- .../main/webapp/jsp/snippets/OA/authentication.jsp | 24 +- .../webapp/jsp/snippets/OA/targetConfiguration.jsp | 40 +- .../src/main/webapp/jsp/snippets/main_menu.jsp | 12 +- .../task/impl/GeneralMOAIDConfigurationTask.java | 87 +-- .../ServicesAuthenticationInformationTask.java | 19 +- id/server/auth-final/pom.xml | 4 + id/server/idserverlib/pom.xml | 19 +- .../id/advancedlogging/MOAIDEventConstants.java | 6 + .../moa/id/auth/MOAIDAuthInitializer.java | 2 +- .../id/auth/builder/AuthenticationDataBuilder.java | 2 +- .../id/auth/modules/BKUSelectionModuleImpl.java | 9 +- .../id/auth/servlet/IDPSingleLogOutServlet.java | 21 +- .../PropertyBasedAuthConfigurationProvider.java | 7 +- .../gv/egovernment/moa/id/data/IMOAAuthData.java | 5 +- .../moa/id/data/MOAAuthenticationData.java | 20 +- .../moa/id/moduls/AuthenticationManager.java | 16 +- .../pvp2x/metadata/MOAMetadataProvider.java | 6 +- .../pvp2x/signer/IDPCredentialProvider.java | 3 +- .../protocols/pvp2x/utils/MOASAMLSOAPClient.java | 4 +- .../at/gv/egovernment/moa/id/util/SSLUtils.java | 4 +- ....egiz.eaaf.core.api.idp.auth.modules.AuthModule | 1 - .../main/resources/moaid.authentication.beans.xml | 26 + .../resources/properties/id_messages_de.properties | 2 + .../moa/id/config/auth/data/DummyAuthConfig.java | 12 +- .../config/ConfigurationMigrationUtils.java | 19 +- .../config/MOAIDConfigurationConstants.java | 7 +- .../dao/config/deprecated/MOAIDConfiguration.java | 14 + .../dao/config/deprecated/OnlineApplication.java | 14 +- ...roviderSpecificGUIFormBuilderConfiguration.java | 6 + .../DefaultGUIFormBuilderConfiguration.java | 5 + .../id/util/client/mis/simple/MISSimpleClient.java | 2 +- .../EidasCentralAuthMetadataController.java | 2 +- .../utils/EidasCentralAuthMetadataProvider.java | 4 +- .../modules/moa-id-module-E-ID_connector/pom.xml | 70 +++ .../eidproxyauth/EIDProxyAuthConstants.java | 118 ++++ .../eidproxyauth/EIDProxyAuthModuleImpl.java | 71 +++ .../EIDProxyAuthSpringResourceProvider.java | 63 +++ .../config/EIDAuthMetadataConfiguration.java | 355 ++++++++++++ .../config/EIDAuthRequestBuilderConfiguration.java | 271 ++++++++++ .../controller/EIDAuthMetadataController.java | 133 +++++ .../controller/EIDAuthSignalController.java | 68 +++ .../eidproxyauth/tasks/CreateAuthnRequestTask.java | 146 +++++ .../tasks/ReceiveAuthnResponseTask.java | 286 ++++++++++ .../utils/EIDAuthCredentialProvider.java | 124 +++++ .../utils/EIDAuthMetadataProvider.java | 347 ++++++++++++ .../id/auth/modules/eidproxyauth/utils/Utils.java | 45 ++ .../main/resources/EID_connector_auth.process.xml | 17 + ...iz.components.spring.api.SpringResourceProvider | 1 + .../main/resources/moaid_EID_connector.beans.xml | 43 ++ .../engine/MOAeIDASChainingMetadataProvider.java | 6 +- .../ReceiveConsentForAddtionalAttributesTask.java | 2 +- .../utils/ELGAMandateServiceMetadataProvider.java | 4 +- .../sl20_auth/tasks/CreateQualeIDRequestTask.java | 6 +- .../sl20_auth/tasks/ReceiveQualeIDTask.java | 6 +- .../sl20_auth/tasks/VerifyQualifiedeIDTask.java | 2 +- .../sl20_auth/dummydata/DummyAuthConfig.java | 21 +- .../data/SSOTransferAuthenticationData.java | 13 + .../protocols/saml1/SAML1AuthenticationServer.java | 40 ++ id/server/modules/module-monitoring/pom.xml | 6 +- id/server/modules/pom.xml | 3 +- pom.xml | 27 +- 75 files changed, 3723 insertions(+), 1079 deletions(-) create mode 100644 id/server/modules/moa-id-module-E-ID_connector/pom.xml create mode 100644 id/server/modules/moa-id-module-E-ID_connector/src/main/java/at/gv/egovernment/moa/id/auth/modules/eidproxyauth/EIDProxyAuthConstants.java create mode 100644 id/server/modules/moa-id-module-E-ID_connector/src/main/java/at/gv/egovernment/moa/id/auth/modules/eidproxyauth/EIDProxyAuthModuleImpl.java create mode 100644 id/server/modules/moa-id-module-E-ID_connector/src/main/java/at/gv/egovernment/moa/id/auth/modules/eidproxyauth/EIDProxyAuthSpringResourceProvider.java create mode 100644 id/server/modules/moa-id-module-E-ID_connector/src/main/java/at/gv/egovernment/moa/id/auth/modules/eidproxyauth/config/EIDAuthMetadataConfiguration.java create mode 100644 id/server/modules/moa-id-module-E-ID_connector/src/main/java/at/gv/egovernment/moa/id/auth/modules/eidproxyauth/config/EIDAuthRequestBuilderConfiguration.java create mode 100644 id/server/modules/moa-id-module-E-ID_connector/src/main/java/at/gv/egovernment/moa/id/auth/modules/eidproxyauth/controller/EIDAuthMetadataController.java create mode 100644 id/server/modules/moa-id-module-E-ID_connector/src/main/java/at/gv/egovernment/moa/id/auth/modules/eidproxyauth/controller/EIDAuthSignalController.java create mode 100644 id/server/modules/moa-id-module-E-ID_connector/src/main/java/at/gv/egovernment/moa/id/auth/modules/eidproxyauth/tasks/CreateAuthnRequestTask.java create mode 100644 id/server/modules/moa-id-module-E-ID_connector/src/main/java/at/gv/egovernment/moa/id/auth/modules/eidproxyauth/tasks/ReceiveAuthnResponseTask.java create mode 100644 id/server/modules/moa-id-module-E-ID_connector/src/main/java/at/gv/egovernment/moa/id/auth/modules/eidproxyauth/utils/EIDAuthCredentialProvider.java create mode 100644 id/server/modules/moa-id-module-E-ID_connector/src/main/java/at/gv/egovernment/moa/id/auth/modules/eidproxyauth/utils/EIDAuthMetadataProvider.java create mode 100644 id/server/modules/moa-id-module-E-ID_connector/src/main/java/at/gv/egovernment/moa/id/auth/modules/eidproxyauth/utils/Utils.java create mode 100644 id/server/modules/moa-id-module-E-ID_connector/src/main/resources/EID_connector_auth.process.xml create mode 100644 id/server/modules/moa-id-module-E-ID_connector/src/main/resources/META-INF/services/at.gv.egiz.components.spring.api.SpringResourceProvider create mode 100644 id/server/modules/moa-id-module-E-ID_connector/src/main/resources/moaid_EID_connector.beans.xml diff --git a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/config/ConfigurationProvider.java b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/config/ConfigurationProvider.java index 39cd0980b..656c9cc83 100644 --- a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/config/ConfigurationProvider.java +++ b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/config/ConfigurationProvider.java @@ -326,6 +326,11 @@ public class ConfigurationProvider { return configRootDir; } + public boolean isMOAIDMode() { + String result = props.getProperty("general.moaidmode.active", "false"); + return Boolean.parseBoolean(result); + } + public String getMOAIDInstanceURL() { return props.getProperty("general.moaid.instance.url"); } diff --git a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/data/GeneralMOAIDConfig.java b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/data/GeneralMOAIDConfig.java index dc6e840d7..11fbccc0a 100644 --- a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/data/GeneralMOAIDConfig.java +++ b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/data/GeneralMOAIDConfig.java @@ -55,6 +55,7 @@ import at.gv.egovernment.moa.id.commons.db.dao.config.deprecated.TransformsInfoT import at.gv.egovernment.moa.id.commons.db.dao.config.deprecated.TrustAnchor; import at.gv.egovernment.moa.id.commons.db.dao.config.deprecated.VerifyAuthBlock; import at.gv.egovernment.moa.id.commons.db.dao.config.deprecated.VerifyIdentityLink; +import at.gv.egovernment.moa.id.config.webgui.exception.ConfigurationException; import at.gv.egovernment.moa.id.configuration.Constants; import at.gv.egovernment.moa.id.configuration.config.ConfigurationProvider; import at.gv.egovernment.moa.id.configuration.data.pvp2.ContactForm; @@ -88,6 +89,7 @@ public class GeneralMOAIDConfig { private String mandateURL = null; private String szrgwURL = null; private String elgaMandateServiceURL = null; + private String eidSystemServiceURL = null; private boolean protocolActiveSAML1 = false; private boolean protocolActivePVP21 = true; @@ -131,7 +133,16 @@ public class GeneralMOAIDConfig { private String publicURLPrefix = null; private boolean virtualPublicURLPrefixEnabled = false; + private boolean moaidMode = false; + public GeneralMOAIDConfig() { + try { + this.moaidMode = ConfigurationProvider.getInstance().isMOAIDMode(); + } catch (ConfigurationException e) { + e.printStackTrace(); + + } + chainigmodelist = new HashMap(); ChainingModeType[] values = ChainingModeType.values(); for (int i=0; i list = authblock.getVerifyTransformsInfoProfileID(); - if (list.size() == 1) - moaspssAuthTransformations += list.get(0); - else { - for (String el : list) - moaspssAuthTransformations += el + LINE_DELIMITER + "\n"; + + //deactive STORK + if (isMoaidMode()) { + ForeignIdentities foreign = auth.getForeignIdentities(); + if (foreign != null) { + ConnectionParameterClientAuthType connect_foreign = foreign.getConnectionParameter(); + if (connect_foreign != null) { + if (MiscUtil.isNotEmpty(connect_foreign.getURL())) { + if (KeyValueUtils.isCSVValueString(connect_foreign.getURL())) + szrgwURL = KeyValueUtils.normalizeCSVValueString(connect_foreign.getURL()); + + else { + if (connect_foreign.getURL().contains(KeyValueUtils.CSV_DELIMITER)) { + //remove trailing comma if exist + szrgwURL = connect_foreign.getURL().substring(0, + connect_foreign.getURL().indexOf(KeyValueUtils.CSV_DELIMITER)); + + } else + szrgwURL = connect_foreign.getURL(); + + } + + } + } + + STORK stork = foreign.getSTORK(); + if (stork != null) { + //TODO: add Stork config + + } } } - VerifyIdentityLink idl = moaspss.getVerifyIdentityLink(); - if (idl != null) { - moaspssIdlTrustProfile = idl.getTrustProfileID(); - moaspssIdlTrustProfileTest = idl.getTestTrustProfileID(); - } } - - OnlineMandates mandates = auth.getOnlineMandates(); - if (mandates != null) { - ConnectionParameterClientAuthType con = mandates.getConnectionParameter(); - if (con != null) { - if (MiscUtil.isNotEmpty(con.getURL())) { - if (KeyValueUtils.isCSVValueString(con.getURL())) - mandateURL = KeyValueUtils.normalizeCSVValueString(con.getURL()); + + if (isMoaidMode()) { + MOASP moaspss = auth.getMOASP(); + if (moaspss != null) { + ConnectionParameterClientAuthType con = moaspss.getConnectionParameter(); + if (con != null) + moaspssURL = con.getURL(); + + VerifyAuthBlock authblock = moaspss.getVerifyAuthBlock(); + if (authblock != null) { + moaspssAuthTrustProfile = authblock.getTrustProfileID(); + moaspssAuthTrustProfileTest = authblock.getTestTrustProfileID(); + List list = authblock.getVerifyTransformsInfoProfileID(); + if (list.size() == 1) + moaspssAuthTransformations += list.get(0); else { - if (con.getURL().contains(KeyValueUtils.CSV_DELIMITER)) { - //remove trailing comma if exist - mandateURL = con.getURL().substring(0, - con.getURL().indexOf(KeyValueUtils.CSV_DELIMITER)); - - } else - mandateURL = con.getURL(); - + for (String el : list) + moaspssAuthTransformations += el + LINE_DELIMITER + "\n"; } + } + VerifyIdentityLink idl = moaspss.getVerifyIdentityLink(); + if (idl != null) { + moaspssIdlTrustProfile = idl.getTrustProfileID(); + moaspssIdlTrustProfileTest = idl.getTestTrustProfileID(); + } + } + + OnlineMandates mandates = auth.getOnlineMandates(); + if (mandates != null) { + ConnectionParameterClientAuthType con = mandates.getConnectionParameter(); + if (con != null) { + if (MiscUtil.isNotEmpty(con.getURL())) { + if (KeyValueUtils.isCSVValueString(con.getURL())) + mandateURL = KeyValueUtils.normalizeCSVValueString(con.getURL()); + + else { + if (con.getURL().contains(KeyValueUtils.CSV_DELIMITER)) { + //remove trailing comma if exist + mandateURL = con.getURL().substring(0, + con.getURL().indexOf(KeyValueUtils.CSV_DELIMITER)); + + } else + mandateURL = con.getURL(); + + } + + } + } - } } @@ -330,9 +364,12 @@ public class GeneralMOAIDConfig { } - OAuth oauth = protocols.getOAuth(); - if (oauth != null) { - protocolActiveOAuth = oauth.isIsActive(); + if (isMoaidMode()) { + OAuth oauth = protocols.getOAuth(); + if (oauth != null) { + protocolActiveOAuth = oauth.isIsActive(); + + } } @@ -361,73 +398,79 @@ public class GeneralMOAIDConfig { pvp2OrgName = org.getName(); pvp2OrgURL = org.getURL(); } - } + } + } - SecurityLayer seclayer = auth.getSecurityLayer(); - if (seclayer != null) { - List list = seclayer.getTransformsInfo(); + if (isMoaidMode()) { + SecurityLayer seclayer = auth.getSecurityLayer(); + if (seclayer != null) { + List list = seclayer.getTransformsInfo(); + + for (TransformsInfoType el : list) { + fileUploadFileName.add(el.getFilename()); + } + } - for (TransformsInfoType el : list) { - fileUploadFileName.add(el.getFilename()); + SSO sso = auth.getSSO(); + if (sso != null) { + ssoFriendlyName = sso.getFriendlyName(); + + // IdentificationNumber idl = sso.getIdentificationNumber(); + // if (idl != null) + // ssoIdentificationNumber = idl.getValue(); + + //INFO: only for backup + if (MiscUtil.isEmpty(publicURLPrefix)) + publicURLPrefix = sso.getPublicURL(); + + ssoSpecialText = sso.getSpecialText(); + + if (MiscUtil.isNotEmpty(sso.getTarget()) && + sso.getTarget().startsWith(Constants.PREFIX_WPBK)) { + ssoTarget = sso.getTarget().substring(Constants.PREFIX_WPBK.length()). + replace("+", ""); + + } else + ssoTarget = sso.getTarget(); + } } - SSO sso = auth.getSSO(); - if (sso != null) { - ssoFriendlyName = sso.getFriendlyName(); - -// IdentificationNumber idl = sso.getIdentificationNumber(); -// if (idl != null) -// ssoIdentificationNumber = idl.getValue(); - - //INFO: only for backup - if (MiscUtil.isEmpty(publicURLPrefix)) - publicURLPrefix = sso.getPublicURL(); - - ssoSpecialText = sso.getSpecialText(); - - if (MiscUtil.isNotEmpty(sso.getTarget()) && - sso.getTarget().startsWith(Constants.PREFIX_WPBK)) { - ssoTarget = sso.getTarget().substring(Constants.PREFIX_WPBK.length()). - replace("+", ""); + ChainingModes modes = config.getChainingModes(); + if (modes != null) { + ChainingModeType defaultmode = modes.getSystemDefaultMode(); + if (defaultmode != null) { + + defaultchainigmode = defaultmode.value(); - } else - ssoTarget = sso.getTarget(); + } + List trustanchor = modes.getTrustAnchor(); + if (trustanchor != null) { + //TODO: set addional trust anchors!!!! + } } - } - - ChainingModes modes = config.getChainingModes(); - if (modes != null) { - ChainingModeType defaultmode = modes.getSystemDefaultMode(); - if (defaultmode != null) { - - defaultchainigmode = defaultmode.value(); - + + DefaultBKUs defaultbkus = config.getDefaultBKUs(); + if (defaultbkus != null) { + defaultBKUHandy = defaultbkus.getHandyBKU(); + defaultBKULocal = defaultbkus.getLocalBKU(); + defaultBKUOnline = defaultbkus.getOnlineBKU(); } - List trustanchor = modes.getTrustAnchor(); - if (trustanchor != null) { - //TODO: set addional trust anchors!!!! + SLRequestTemplates slreq = config.getSLRequestTemplates(); + if (slreq != null) { + SLRequestTemplateHandy = slreq.getHandyBKU(); + SLRequestTemplateLocal = slreq.getLocalBKU(); + SLRequestTemplateOnline = slreq.getOnlineBKU(); } + } trustedCACerts = config.getTrustedCACertificates(); - DefaultBKUs defaultbkus = config.getDefaultBKUs(); - if (defaultbkus != null) { - defaultBKUHandy = defaultbkus.getHandyBKU(); - defaultBKULocal = defaultbkus.getLocalBKU(); - defaultBKUOnline = defaultbkus.getOnlineBKU(); - } - - SLRequestTemplates slreq = config.getSLRequestTemplates(); - if (slreq != null) { - SLRequestTemplateHandy = slreq.getHandyBKU(); - SLRequestTemplateLocal = slreq.getLocalBKU(); - SLRequestTemplateOnline = slreq.getOnlineBKU(); - } + } } @@ -1099,10 +1142,25 @@ public class GeneralMOAIDConfig { this.elgaMandateServiceURL = elgaMandateServiceURL; } - - - - - + /** + * @return the eidSystemServiceURL + */ + public String getEidSystemServiceURL() { + return eidSystemServiceURL; + } + + /** + * @param eidSystemServiceURL the elgaMandateServiceURL to set + */ + public void setEidSystemeServiceURL(String eidSystemServiceURL) { + if (MiscUtil.isNotEmpty(eidSystemServiceURL)) + this.eidSystemServiceURL = KeyValueUtils.removeAllNewlineFromString(eidSystemServiceURL); + else + this.eidSystemServiceURL = eidSystemServiceURL; + } + + public boolean isMoaidMode() { + return moaidMode; + } } diff --git a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/data/oa/OAAuthenticationData.java b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/data/oa/OAAuthenticationData.java index e896bb80b..b3db074a2 100644 --- a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/data/oa/OAAuthenticationData.java +++ b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/data/oa/OAAuthenticationData.java @@ -66,9 +66,11 @@ public class OAAuthenticationData implements IOnlineApplicationData { private List misServicesList = new ArrayList(); private List elgaServicesList = new ArrayList(); private List szrgwServicesList = new ArrayList(); + private List eidServicesList = new ArrayList(); private String misServiceSelected = null; private String elgaServiceSelected = null; private String szrgwServiceSelected = null; + private String eidServiceSelected = null; private boolean calculateHPI = false; @@ -90,10 +92,20 @@ public class OAAuthenticationData implements IOnlineApplicationData { private boolean sl20Active = false; private String sl20EndPoints = null; + private boolean isMoaidMode = false; + /** + * @param isMoaidMode * */ public OAAuthenticationData() { + try { + this.isMoaidMode = ConfigurationProvider.getInstance().isMOAIDMode(); + } catch (ConfigurationException e) { + e.printStackTrace(); + + } + keyBoxIdentifierList = new HashMap(); MOAKeyBoxSelector[] values = MOAKeyBoxSelector.values(); for (int i=0; i parse(OnlineApplication dbOA, AuthenticatedUser authUser, HttpServletRequest request) { keyBoxIdentifier = dbOA.getKeyBoxIdentifier().value(); - szrgwServiceSelected = dbOA.getSelectedSZRGWServiceURL(); + szrgwServiceSelected = dbOA.getSelectedSZRGWServiceURL(); + eidServiceSelected = dbOA.getSelectedEIDServiceURL(); AuthComponentOA oaauth = dbOA.getAuthComponentOA(); if (oaauth != null) { @@ -302,6 +324,10 @@ public class OAAuthenticationData implements IOnlineApplicationData { if (MiscUtil.isNotEmpty(getSzrgwServiceSelected())) dbOA.setSelectedSZRGWServiceURL(getSzrgwServiceSelected()); + + if (MiscUtil.isNotEmpty(getEidServiceSelected())) + dbOA.setSelectedEIDServiceURL(getEidServiceSelected()); + if (authUser.isAdmin()) { //store BKU-URLs @@ -800,7 +826,18 @@ public class OAAuthenticationData implements IOnlineApplicationData { return szrgwServicesList; } + public List getEidServicesList() { + return eidServicesList; + } + + public String getEidServiceSelected() { + return eidServiceSelected; + } + public void setEidServiceSelected(String eidServiceSelected) { + this.eidServiceSelected = eidServiceSelected; + } + public boolean isSl20Active() { return sl20Active; } @@ -820,7 +857,9 @@ public class OAAuthenticationData implements IOnlineApplicationData { else this.sl20EndPoints = sl20EndPoints; } + + public boolean isMoaidMode() { + return isMoaidMode; + } - - } diff --git a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/struts/action/BasicAction.java b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/struts/action/BasicAction.java index 0d0cda246..9bbbe3df0 100644 --- a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/struts/action/BasicAction.java +++ b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/struts/action/BasicAction.java @@ -56,6 +56,17 @@ public class BasicAction extends ActionSupport implements ServletRequestAware, protected HttpSession session = null; protected String formID; + protected static boolean isMoaidMode = false; + + public BasicAction() { + try { + isMoaidMode = ConfigurationProvider.getInstance().isMOAIDMode(); + } catch (ConfigurationException e) { + log.warn("Can NOT load configuration. Set 'moaidmode' to 'false'", e); + } + } + + protected void populateBasicInformations() throws BasicActionException { try { configuration = ConfigurationProvider.getInstance(); @@ -115,6 +126,12 @@ public class BasicAction extends ActionSupport implements ServletRequestAware, public void setFormID(String formID) { this.formID = formID; } + + + public static boolean isMoaidMode() { + return isMoaidMode; + } + } diff --git a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/struts/action/BasicOAAction.java b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/struts/action/BasicOAAction.java index 9e0b8b1cd..20db561d6 100644 --- a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/struts/action/BasicOAAction.java +++ b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/struts/action/BasicOAAction.java @@ -88,10 +88,14 @@ public class BasicOAAction extends BasicAction { private InputStream stream = null; + + /** * */ - public BasicOAAction() { + public BasicOAAction() { + super(); + formList = new LinkedHashMap(); OAGeneralConfig generalOA = new OAGeneralConfig(); diff --git a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/struts/action/EditGeneralConfigAction.java b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/struts/action/EditGeneralConfigAction.java index c3e8c459e..7c3daf928 100644 --- a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/struts/action/EditGeneralConfigAction.java +++ b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/struts/action/EditGeneralConfigAction.java @@ -65,7 +65,9 @@ import at.gv.egovernment.moa.id.commons.db.dao.config.deprecated.TransformsInfoT import at.gv.egovernment.moa.id.commons.db.dao.config.deprecated.VerifyAuthBlock; import at.gv.egovernment.moa.id.commons.db.dao.config.deprecated.VerifyIdentityLink; import at.gv.egovernment.moa.id.commons.validation.ValidationHelper; +import at.gv.egovernment.moa.id.config.webgui.exception.ConfigurationException; import at.gv.egovernment.moa.id.configuration.Constants; +import at.gv.egovernment.moa.id.configuration.config.ConfigurationProvider; import at.gv.egovernment.moa.id.configuration.data.GeneralMOAIDConfig; import at.gv.egovernment.moa.id.configuration.data.GeneralStorkConfig; import at.gv.egovernment.moa.id.configuration.exception.BasicActionException; @@ -100,19 +102,22 @@ public class EditGeneralConfigAction extends BasicAction { MOAIDConfiguration dbconfig = configuration.getDbRead().getMOAIDConfiguration(); - + moaconfig = new GeneralMOAIDConfig(); - moaconfig.parse(dbconfig); - storkconfig = new GeneralStorkConfig(); - storkconfig.parse(dbconfig); - + moaconfig.parse(dbconfig); if (moaconfig == null) { log.error("MOA configuration is null"); } - if (storkconfig == null) { - log.error("Stork configuration is null"); + if (moaconfig.isMoaidMode()) { + storkconfig = new GeneralStorkConfig(); + storkconfig.parse(dbconfig); + if (storkconfig == null) { + log.error("Stork configuration is null"); + } } + + formID = Random.nextRandom(); session.setAttribute(Constants.SESSION_FORMID, formID); @@ -149,13 +154,21 @@ public class EditGeneralConfigAction extends BasicAction { } session.setAttribute(Constants.SESSION_FORMID, null); + boolean isMoaidMode = false; + try { + isMoaidMode = ConfigurationProvider.getInstance().isMOAIDMode(); + } catch (ConfigurationException e) { + log.warn("Can NOT load configuration. Set 'moaidmode' to 'false'", e); + } + if (authUser.isAdmin()) { MOAConfigValidator validator = new MOAConfigValidator(); - List errors = validator.validate(moaconfig, request); + List errors = validator.validate(moaconfig, request, isMoaidMode); - errors.addAll(new StorkConfigValidator().validate(storkconfig, request)); + if (isMoaidMode) + errors.addAll(new StorkConfigValidator().validate(storkconfig, request)); if (errors.size() > 0) { log.info("General MOA-ID configuration has some errors."); @@ -181,7 +194,7 @@ public class EditGeneralConfigAction extends BasicAction { } } - String error = saveFormToDatabase(); + String error = saveFormToDatabase(isMoaidMode); if (error != null) { log.warn("General MOA-ID config can not be stored in Database"); @@ -218,7 +231,7 @@ public class EditGeneralConfigAction extends BasicAction { return Constants.STRUTS_SUCCESS; } - private String saveFormToDatabase() { + private String saveFormToDatabase(boolean isMoaidMode) { log.debug("Saving form to database"); // log.error("Saving form to db"); @@ -370,20 +383,24 @@ public class EditGeneralConfigAction extends BasicAction { } + OAuth oauth= dbprotocols.getOAuth(); if (oauth == null) { oauth = new OAuth(); dbprotocols.setOAuth(oauth); } - oauth.setIsActive(moaconfig.isProtocolActiveOAuth()); - + PVP2 pvp2 = dbprotocols.getPVP2(); if (pvp2 == null) { pvp2 = new PVP2(); dbprotocols.setPVP2(pvp2); } - pvp2.setIsActive(moaconfig.isProtocolActivePVP21()); + if (isMoaidMode) { + oauth.setIsActive(moaconfig.isProtocolActiveOAuth()); + pvp2.setIsActive(moaconfig.isProtocolActivePVP21()); + + } if (MiscUtil.isNotEmpty(moaconfig.getPvp2IssuerName())) pvp2.setIssuerName(moaconfig.getPvp2IssuerName()); @@ -437,80 +454,6 @@ public class EditGeneralConfigAction extends BasicAction { if (MiscUtil.isNotEmpty(moaconfig.getPvp2Contact().getType())) cont.setType(moaconfig.getPvp2Contact().getType()); - SSO dbsso = dbauth.getSSO(); - if (dbsso == null) { - dbsso = new SSO(); - dbauth.setSSO(dbsso); - } - - if (MiscUtil.isNotEmpty(moaconfig.getSsoFriendlyName())) - dbsso.setFriendlyName(StringHelper.getUTF8String( - moaconfig.getSsoFriendlyName())); - if (MiscUtil.isNotEmpty(moaconfig.getSsoSpecialText())) - dbsso.setSpecialText(StringHelper.getUTF8String( - moaconfig.getSsoSpecialText())); -// if (MiscUtil.isNotEmpty(moaconfig.getSsoPublicUrl())) -// dbsso.setPublicURL(moaconfig.getSsoPublicUrl()); - - if (MiscUtil.isNotEmpty(moaconfig.getSsoTarget())) { - - if (!ValidationHelper.isValidAdminTarget(moaconfig.getSsoTarget())) { - String num = moaconfig.getSsoTarget().replaceAll(" ", ""); - String pre = null; - if (num.startsWith(Constants.IDENIFICATIONTYPE_FN)) { - num = num.substring(Constants.IDENIFICATIONTYPE_FN.length()); - - num = at.gv.egovernment.moa.util.StringUtils.deleteLeadingZeros(num); - pre = Constants.IDENIFICATIONTYPE_FN; - } - - if (num.startsWith(Constants.IDENIFICATIONTYPE_ZVR)) { - num = num.substring(Constants.IDENIFICATIONTYPE_ZVR.length()); - pre = Constants.IDENIFICATIONTYPE_ZVR; - } - - if (num.startsWith(Constants.IDENIFICATIONTYPE_ERSB)){ - num = num.substring(Constants.IDENIFICATIONTYPE_ERSB.length()); - pre = Constants.IDENIFICATIONTYPE_ERSB; - } - - dbsso.setTarget(Constants.PREFIX_WPBK + pre + "+" + num); - - } else { - dbsso.setTarget(moaconfig.getSsoTarget()); - - } - } -// if (MiscUtil.isNotEmpty(moaconfig.getSsoIdentificationNumber())) { -// IdentificationNumber ssoid = dbsso.getIdentificationNumber(); -// if (ssoid == null) { -// ssoid = new IdentificationNumber(); -// dbsso.setIdentificationNumber(ssoid); -// } -// ssoid.setValue(moaconfig.getSsoIdentificationNumber()); -// } - - DefaultBKUs dbbkus = dbconfig.getDefaultBKUs(); - - if (dbbkus == null) { - dbbkus = new DefaultBKUs(); - dbconfig.setDefaultBKUs(dbbkus); - } - - if (MiscUtil.isNotEmpty(moaconfig.getDefaultBKUHandy())) - dbbkus.setHandyBKU(moaconfig.getDefaultBKUHandy()); - else - dbbkus.setHandyBKU(new String()); - - if (MiscUtil.isNotEmpty(moaconfig.getDefaultBKUOnline())) - dbbkus.setOnlineBKU(moaconfig.getDefaultBKUOnline()); - else - dbbkus.setOnlineBKU(new String()); - - if (MiscUtil.isNotEmpty(moaconfig.getDefaultBKULocal())) - dbbkus.setLocalBKU(moaconfig.getDefaultBKULocal()); - else - dbbkus.setLocalBKU(new String()); ChainingModes dbchainingmodes = dbconfig.getChainingModes(); if (dbchainingmodes == null) { @@ -521,230 +464,331 @@ public class EditGeneralConfigAction extends BasicAction { dbchainingmodes.setSystemDefaultMode( ChainingModeType.fromValue("pkix")); - IdentityLinkSigners idlsigners = dbauth.getIdentityLinkSigners(); - if (idlsigners == null) { - idlsigners = new IdentityLinkSigners(); - dbauth.setIdentityLinkSigners(idlsigners); - } - - ForeignIdentities dbforeign = dbauth.getForeignIdentities(); - if (dbforeign == null) { - dbforeign = new ForeignIdentities(); - dbauth.setForeignIdentities(dbforeign); - } - if (MiscUtil.isNotEmpty(moaconfig.getSzrgwURL())) { - ConnectionParameterClientAuthType forcon = dbforeign.getConnectionParameter(); - if (forcon == null) { - forcon = new ConnectionParameterClientAuthType(); - dbforeign.setConnectionParameter(forcon); + if (isMoaidMode) { + SSO dbsso = dbauth.getSSO(); + if (dbsso == null) { + dbsso = new SSO(); + dbauth.setSSO(dbsso); } - if (KeyValueUtils.isCSVValueString(moaconfig.getSzrgwURL())) - forcon.setURL(KeyValueUtils.normalizeCSVValueString(moaconfig.getSzrgwURL())); + if (MiscUtil.isNotEmpty(moaconfig.getSsoFriendlyName())) + dbsso.setFriendlyName(StringHelper.getUTF8String( + moaconfig.getSsoFriendlyName())); + if (MiscUtil.isNotEmpty(moaconfig.getSsoSpecialText())) + dbsso.setSpecialText(StringHelper.getUTF8String( + moaconfig.getSsoSpecialText())); + // if (MiscUtil.isNotEmpty(moaconfig.getSsoPublicUrl())) + // dbsso.setPublicURL(moaconfig.getSsoPublicUrl()); + + if (MiscUtil.isNotEmpty(moaconfig.getSsoTarget())) { - else { - if (moaconfig.getSzrgwURL().contains(KeyValueUtils.CSV_DELIMITER)) - forcon.setURL( - moaconfig.getSzrgwURL().trim().substring(0, - moaconfig.getSzrgwURL().indexOf(KeyValueUtils.CSV_DELIMITER))); + if (!ValidationHelper.isValidAdminTarget(moaconfig.getSsoTarget())) { + String num = moaconfig.getSsoTarget().replaceAll(" ", ""); + String pre = null; + if (num.startsWith(Constants.IDENIFICATIONTYPE_FN)) { + num = num.substring(Constants.IDENIFICATIONTYPE_FN.length()); + + num = at.gv.egovernment.moa.util.StringUtils.deleteLeadingZeros(num); + pre = Constants.IDENIFICATIONTYPE_FN; + } - else - forcon.setURL( - StringUtils.chomp(moaconfig.getSzrgwURL().trim())); - + if (num.startsWith(Constants.IDENIFICATIONTYPE_ZVR)) { + num = num.substring(Constants.IDENIFICATIONTYPE_ZVR.length()); + pre = Constants.IDENIFICATIONTYPE_ZVR; + } + + if (num.startsWith(Constants.IDENIFICATIONTYPE_ERSB)){ + num = num.substring(Constants.IDENIFICATIONTYPE_ERSB.length()); + pre = Constants.IDENIFICATIONTYPE_ERSB; + } + + dbsso.setTarget(Constants.PREFIX_WPBK + pre + "+" + num); + + } else { + dbsso.setTarget(moaconfig.getSsoTarget()); + + } } + // if (MiscUtil.isNotEmpty(moaconfig.getSsoIdentificationNumber())) { + // IdentificationNumber ssoid = dbsso.getIdentificationNumber(); + // if (ssoid == null) { + // ssoid = new IdentificationNumber(); + // dbsso.setIdentificationNumber(ssoid); + // } + // ssoid.setValue(moaconfig.getSsoIdentificationNumber()); + // } + + DefaultBKUs dbbkus = dbconfig.getDefaultBKUs(); + + if (dbbkus == null) { + dbbkus = new DefaultBKUs(); + dbconfig.setDefaultBKUs(dbbkus); + } + + if (MiscUtil.isNotEmpty(moaconfig.getDefaultBKUHandy())) + dbbkus.setHandyBKU(moaconfig.getDefaultBKUHandy()); + else + dbbkus.setHandyBKU(new String()); + + if (MiscUtil.isNotEmpty(moaconfig.getDefaultBKUOnline())) + dbbkus.setOnlineBKU(moaconfig.getDefaultBKUOnline()); + else + dbbkus.setOnlineBKU(new String()); + + if (MiscUtil.isNotEmpty(moaconfig.getDefaultBKULocal())) + dbbkus.setLocalBKU(moaconfig.getDefaultBKULocal()); + else + dbbkus.setLocalBKU(new String()); - } + - ForeignIdentities foreign = dbauth.getForeignIdentities(); - if (foreign != null) { - STORK stork = foreign.getSTORK(); - if (stork == null) { - stork = new STORK(); - foreign.setSTORK(stork); - + IdentityLinkSigners idlsigners = dbauth.getIdentityLinkSigners(); + if (idlsigners == null) { + idlsigners = new IdentityLinkSigners(); + dbauth.setIdentityLinkSigners(idlsigners); + } + + ForeignIdentities dbforeign = dbauth.getForeignIdentities(); + if (dbforeign == null) { + dbforeign = new ForeignIdentities(); + dbauth.setForeignIdentities(dbforeign); } - - try { - log.error("QAAAA " + storkconfig.getDefaultQaa()); - stork.setGeneral_eIDAS_LOA(storkconfig.getDefaultQaa()); - if (storkconfig.getAttributes() != null) { - List dbStorkAttr = new ArrayList(); - stork.setAttributes(dbStorkAttr); - + if (MiscUtil.isNotEmpty(moaconfig.getSzrgwURL())) { + ConnectionParameterClientAuthType forcon = dbforeign.getConnectionParameter(); + if (forcon == null) { + forcon = new ConnectionParameterClientAuthType(); + dbforeign.setConnectionParameter(forcon); + } + + if (KeyValueUtils.isCSVValueString(moaconfig.getSzrgwURL())) + forcon.setURL(KeyValueUtils.normalizeCSVValueString(moaconfig.getSzrgwURL())); - for (StorkAttribute attr : storkconfig.getAttributes()) { - if (attr != null && MiscUtil.isNotEmpty(attr.getName())) - dbStorkAttr.add(attr); + else { + if (moaconfig.getSzrgwURL().contains(KeyValueUtils.CSV_DELIMITER)) + forcon.setURL( + moaconfig.getSzrgwURL().trim().substring(0, + moaconfig.getSzrgwURL().indexOf(KeyValueUtils.CSV_DELIMITER))); - else - log.info("Remove null or empty STORK attribute"); - } - - } else - stork.setAttributes((List) (new ArrayList())); - - if (storkconfig.getCpepslist() != null) { - List dbStorkCPEPS = new ArrayList(); - stork.setCPEPS(dbStorkCPEPS); + else + forcon.setURL( + StringUtils.chomp(moaconfig.getSzrgwURL().trim())); + + } + + } + + ForeignIdentities foreign = dbauth.getForeignIdentities(); + if (foreign != null) { + STORK stork = foreign.getSTORK(); + if (stork == null) { + stork = new STORK(); + foreign.setSTORK(stork); - for (CPEPS cpeps : storkconfig.getCpepslist()) { - if (cpeps != null && MiscUtil.isNotEmpty(cpeps.getURL()) && - MiscUtil.isNotEmpty(cpeps.getCountryCode())) { + } + + try { + log.error("QAAAA " + storkconfig.getDefaultQaa()); + stork.setGeneral_eIDAS_LOA(storkconfig.getDefaultQaa()); + + if (storkconfig.getAttributes() != null) { + List dbStorkAttr = new ArrayList(); + stork.setAttributes(dbStorkAttr); - if (cpeps.getCountryCode().equals("CC") && - cpeps.getURL().equals("http://")) - log.info("Remove dummy STORK CPEPS entry."); - - else - dbStorkCPEPS.add(cpeps); + + for (StorkAttribute attr : storkconfig.getAttributes()) { + if (attr != null && MiscUtil.isNotEmpty(attr.getName())) + dbStorkAttr.add(attr); - } else - log.info("Remove null or emtpy STORK CPEPS configuration"); - } + else + log.info("Remove null or empty STORK attribute"); + } + + } else + stork.setAttributes((List) (new ArrayList())); + + if (storkconfig.getCpepslist() != null) { + List dbStorkCPEPS = new ArrayList(); + stork.setCPEPS(dbStorkCPEPS); + + for (CPEPS cpeps : storkconfig.getCpepslist()) { + if (cpeps != null && MiscUtil.isNotEmpty(cpeps.getURL()) && + MiscUtil.isNotEmpty(cpeps.getCountryCode())) { + + if (cpeps.getCountryCode().equals("CC") && + cpeps.getURL().equals("http://")) + log.info("Remove dummy STORK CPEPS entry."); + + else + dbStorkCPEPS.add(cpeps); + + } else + log.info("Remove null or emtpy STORK CPEPS configuration"); + } + + } else + stork.setCPEPS((List) (new ArrayList())); - } else - stork.setCPEPS((List) (new ArrayList())); - - } catch (Exception e) { - e.printStackTrace(); - - } - - try{ - log.info("CPEPS LIST: " + storkconfig.getCpepslist().size() ); - log.trace("CPEPS 1:" + storkconfig.getCpepslist().get(0).getCountryCode() +storkconfig.getCpepslist().get(0).getURL()); - - } catch (Exception ex) { - log.info("CPEPS LIST is null"); - - } - } - - //write MIS Mandate-Service URLs - if (MiscUtil.isNotEmpty(moaconfig.getMandateURL())) { - OnlineMandates dbmandate = dbauth.getOnlineMandates(); - if (dbmandate == null) { - dbmandate = new OnlineMandates(); - dbauth.setOnlineMandates(dbmandate); + } catch (Exception e) { + e.printStackTrace(); + + } + + try{ + log.info("CPEPS LIST: " + storkconfig.getCpepslist().size() ); + log.trace("CPEPS 1:" + storkconfig.getCpepslist().get(0).getCountryCode() +storkconfig.getCpepslist().get(0).getURL()); + + } catch (Exception ex) { + log.info("CPEPS LIST is null"); + + } } - ConnectionParameterClientAuthType dbmandateconnection = dbmandate.getConnectionParameter(); - - if (dbmandateconnection == null) { - dbmandateconnection = new ConnectionParameterClientAuthType(); - dbmandate.setConnectionParameter(dbmandateconnection); + + //write MIS Mandate-Service URLs + if (MiscUtil.isNotEmpty(moaconfig.getMandateURL())) { + OnlineMandates dbmandate = dbauth.getOnlineMandates(); + if (dbmandate == null) { + dbmandate = new OnlineMandates(); + dbauth.setOnlineMandates(dbmandate); + } + ConnectionParameterClientAuthType dbmandateconnection = dbmandate.getConnectionParameter(); + + if (dbmandateconnection == null) { + dbmandateconnection = new ConnectionParameterClientAuthType(); + dbmandate.setConnectionParameter(dbmandateconnection); + } + + if (KeyValueUtils.isCSVValueString(moaconfig.getMandateURL())) + dbmandateconnection.setURL(KeyValueUtils.normalizeCSVValueString(moaconfig.getMandateURL())); + + else { + if (moaconfig.getMandateURL().contains(KeyValueUtils.CSV_DELIMITER)) + dbmandateconnection.setURL( + moaconfig.getMandateURL().trim().substring(0, + moaconfig.getMandateURL().indexOf(KeyValueUtils.CSV_DELIMITER))); + + else + dbmandateconnection.setURL( + StringUtils.chomp(moaconfig.getMandateURL().trim())); + + } } - if (KeyValueUtils.isCSVValueString(moaconfig.getMandateURL())) - dbmandateconnection.setURL(KeyValueUtils.normalizeCSVValueString(moaconfig.getMandateURL())); - - else { - if (moaconfig.getMandateURL().contains(KeyValueUtils.CSV_DELIMITER)) - dbmandateconnection.setURL( - moaconfig.getMandateURL().trim().substring(0, - moaconfig.getMandateURL().indexOf(KeyValueUtils.CSV_DELIMITER))); + //write ELGA Mandate-Service URLs + if (MiscUtil.isNotEmpty(moaconfig.getElgaMandateServiceURL())) { + if (KeyValueUtils.isCSVValueString(moaconfig.getElgaMandateServiceURL())) + dbconfig.setElgaMandateServiceURLs(KeyValueUtils.normalizeCSVValueString(moaconfig.getElgaMandateServiceURL())); - else - dbmandateconnection.setURL( - StringUtils.chomp(moaconfig.getMandateURL().trim())); - - } + else { + if (moaconfig.getElgaMandateServiceURL().contains(KeyValueUtils.CSV_DELIMITER)) + dbconfig.setElgaMandateServiceURLs( + moaconfig.getElgaMandateServiceURL().trim().substring(0, + moaconfig.getElgaMandateServiceURL().indexOf(KeyValueUtils.CSV_DELIMITER))); + + else + dbconfig.setElgaMandateServiceURLs( + StringUtils.chomp(moaconfig.getElgaMandateServiceURL().trim())); + + } + } } - //write ELGA Mandate-Service URLs - if (MiscUtil.isNotEmpty(moaconfig.getElgaMandateServiceURL())) { - if (KeyValueUtils.isCSVValueString(moaconfig.getElgaMandateServiceURL())) - dbconfig.setElgaMandateServiceURLs(KeyValueUtils.normalizeCSVValueString(moaconfig.getElgaMandateServiceURL())); + + //write E-ID System URLs + if (MiscUtil.isNotEmpty(moaconfig.getEidSystemServiceURL())) { + if (KeyValueUtils.isCSVValueString(moaconfig.getEidSystemServiceURL())) + dbconfig.setEidSystemServiceURLs(KeyValueUtils.normalizeCSVValueString(moaconfig.getEidSystemServiceURL())); else { - if (moaconfig.getElgaMandateServiceURL().contains(KeyValueUtils.CSV_DELIMITER)) - dbconfig.setElgaMandateServiceURLs( - moaconfig.getElgaMandateServiceURL().trim().substring(0, - moaconfig.getElgaMandateServiceURL().indexOf(KeyValueUtils.CSV_DELIMITER))); + if (moaconfig.getEidSystemServiceURL().contains(KeyValueUtils.CSV_DELIMITER)) + dbconfig.setEidSystemServiceURLs( + moaconfig.getEidSystemServiceURL().trim().substring(0, + moaconfig.getEidSystemServiceURL().indexOf(KeyValueUtils.CSV_DELIMITER))); else - dbconfig.setElgaMandateServiceURLs( - StringUtils.chomp(moaconfig.getElgaMandateServiceURL().trim())); + dbconfig.setEidSystemServiceURLs( + StringUtils.chomp(moaconfig.getEidSystemServiceURL().trim())); } } - - MOASP dbmoasp = dbauth.getMOASP(); - if (dbmoasp == null) { - dbmoasp = new MOASP(); - dbauth.setMOASP(dbmoasp); - } - if (MiscUtil.isNotEmpty(moaconfig.getMoaspssURL())) { - ConnectionParameterClientAuthType moaspcon = dbmoasp.getConnectionParameter(); - if (moaspcon == null) { - moaspcon = new ConnectionParameterClientAuthType(); - dbmoasp.setConnectionParameter(moaspcon); + if (isMoaidMode) { + MOASP dbmoasp = dbauth.getMOASP(); + if (dbmoasp == null) { + dbmoasp = new MOASP(); + dbauth.setMOASP(dbmoasp); } - moaspcon.setURL(moaconfig.getMoaspssURL()); - } - VerifyIdentityLink moaidl = dbmoasp.getVerifyIdentityLink(); - if (moaidl == null) { - moaidl = new VerifyIdentityLink(); - dbmoasp.setVerifyIdentityLink(moaidl); - } - moaidl.setTrustProfileID(moaconfig.getMoaspssIdlTrustProfile()); - moaidl.setTestTrustProfileID(moaconfig.getMoaspssIdlTrustProfileTest()); - - VerifyAuthBlock moaauth = dbmoasp.getVerifyAuthBlock(); - if (moaauth == null) { - moaauth = new VerifyAuthBlock(); - dbmoasp.setVerifyAuthBlock(moaauth); - } - moaauth.setTrustProfileID(moaconfig.getMoaspssAuthTrustProfile()); - moaauth.setTestTrustProfileID(moaconfig.getMoaspssAuthTrustProfileTest()); - - if (moaauth.getVerifyTransformsInfoProfileID() != null && - moaauth.getVerifyTransformsInfoProfileID().size() > 0) - moaauth.getVerifyTransformsInfoProfileID().set(0, moaconfig.getAuthTransformList().get(0)); - - else { - if (moaauth.getVerifyTransformsInfoProfileID() == null) { - moaauth.setVerifyTransformsInfoProfileID(new ArrayList()); - + if (MiscUtil.isNotEmpty(moaconfig.getMoaspssURL())) { + ConnectionParameterClientAuthType moaspcon = dbmoasp.getConnectionParameter(); + if (moaspcon == null) { + moaspcon = new ConnectionParameterClientAuthType(); + dbmoasp.setConnectionParameter(moaspcon); + } + moaspcon.setURL(moaconfig.getMoaspssURL()); } - moaauth.getVerifyTransformsInfoProfileID().add(moaconfig.getAuthTransformList().get(0)); - } - - SecurityLayer seclayertrans = dbauth.getSecurityLayer(); - if (seclayertrans == null) { - seclayertrans = new SecurityLayer(); - dbauth.setSecurityLayer(seclayertrans); - } - List trans = new ArrayList(); - Map moatrans = moaconfig.getSecLayerTransformation(); - if (moatrans != null) { - Set keys = moatrans.keySet(); - for (String key : keys) { - TransformsInfoType elem = new TransformsInfoType(); - elem.setFilename(key); - elem.setTransformation(moatrans.get(key)); - trans.add(elem); + VerifyIdentityLink moaidl = dbmoasp.getVerifyIdentityLink(); + if (moaidl == null) { + moaidl = new VerifyIdentityLink(); + dbmoasp.setVerifyIdentityLink(moaidl); } + moaidl.setTrustProfileID(moaconfig.getMoaspssIdlTrustProfile()); + moaidl.setTestTrustProfileID(moaconfig.getMoaspssIdlTrustProfileTest()); + + VerifyAuthBlock moaauth = dbmoasp.getVerifyAuthBlock(); + if (moaauth == null) { + moaauth = new VerifyAuthBlock(); + dbmoasp.setVerifyAuthBlock(moaauth); + } + moaauth.setTrustProfileID(moaconfig.getMoaspssAuthTrustProfile()); + moaauth.setTestTrustProfileID(moaconfig.getMoaspssAuthTrustProfileTest()); + + if (moaauth.getVerifyTransformsInfoProfileID() != null && + moaauth.getVerifyTransformsInfoProfileID().size() > 0) + moaauth.getVerifyTransformsInfoProfileID().set(0, moaconfig.getAuthTransformList().get(0)); + + else { + if (moaauth.getVerifyTransformsInfoProfileID() == null) { + moaauth.setVerifyTransformsInfoProfileID(new ArrayList()); + + } + moaauth.getVerifyTransformsInfoProfileID().add(moaconfig.getAuthTransformList().get(0)); + } + + SecurityLayer seclayertrans = dbauth.getSecurityLayer(); + if (seclayertrans == null) { + seclayertrans = new SecurityLayer(); + dbauth.setSecurityLayer(seclayertrans); + } + List trans = new ArrayList(); + Map moatrans = moaconfig.getSecLayerTransformation(); + if (moatrans != null) { + Set keys = moatrans.keySet(); + for (String key : keys) { + TransformsInfoType elem = new TransformsInfoType(); + elem.setFilename(key); + elem.setTransformation(moatrans.get(key)); + trans.add(elem); + } + } + if (trans.size() > 0) + seclayertrans.setTransformsInfo(trans); + + + SLRequestTemplates slrequesttempl = dbconfig.getSLRequestTemplates(); + if (slrequesttempl == null) { + slrequesttempl = new SLRequestTemplates(); + dbconfig.setSLRequestTemplates(slrequesttempl); + } + if (MiscUtil.isNotEmpty(moaconfig.getSLRequestTemplateHandy())) + slrequesttempl.setHandyBKU(moaconfig.getSLRequestTemplateHandy()); + if (MiscUtil.isNotEmpty(moaconfig.getSLRequestTemplateLocal())) + slrequesttempl.setLocalBKU(moaconfig.getSLRequestTemplateLocal()); + if (MiscUtil.isNotEmpty(moaconfig.getSLRequestTemplateOnline())) + slrequesttempl.setOnlineBKU(moaconfig.getSLRequestTemplateOnline()); + } - if (trans.size() > 0) - seclayertrans.setTransformsInfo(trans); - - - SLRequestTemplates slrequesttempl = dbconfig.getSLRequestTemplates(); - if (slrequesttempl == null) { - slrequesttempl = new SLRequestTemplates(); - dbconfig.setSLRequestTemplates(slrequesttempl); - } - if (MiscUtil.isNotEmpty(moaconfig.getSLRequestTemplateHandy())) - slrequesttempl.setHandyBKU(moaconfig.getSLRequestTemplateHandy()); - if (MiscUtil.isNotEmpty(moaconfig.getSLRequestTemplateLocal())) - slrequesttempl.setLocalBKU(moaconfig.getSLRequestTemplateLocal()); - if (MiscUtil.isNotEmpty(moaconfig.getSLRequestTemplateOnline())) - slrequesttempl.setOnlineBKU(moaconfig.getSLRequestTemplateOnline()); if (MiscUtil.isNotEmpty(moaconfig.getTrustedCACerts())) dbconfig.setTrustedCACertificates(moaconfig.getTrustedCACerts()); diff --git a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/struts/action/EditOAAction.java b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/struts/action/EditOAAction.java index cfb74ebd2..6902a668f 100644 --- a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/struts/action/EditOAAction.java +++ b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/struts/action/EditOAAction.java @@ -70,31 +70,33 @@ public class EditOAAction extends BasicOAAction { OAAuthenticationData authOA = new OAAuthenticationData(); formList.put(authOA.getName(), authOA); - OABPKEncryption bPKEncDec = new OABPKEncryption(); - formList.put(bPKEncDec.getName(), bPKEncDec); - - OASSOConfig ssoOA = new OASSOConfig(); - formList.put(ssoOA.getName(), ssoOA); - OASAML1Config saml1OA = new OASAML1Config(); formList.put(saml1OA.getName(), saml1OA); + + if (isMoaidMode) { + OABPKEncryption bPKEncDec = new OABPKEncryption(); + formList.put(bPKEncDec.getName(), bPKEncDec); + + OASSOConfig ssoOA = new OASSOConfig(); + formList.put(ssoOA.getName(), ssoOA); - OAPVP2Config pvp2OA = new OAPVP2Config(); - formList.put(pvp2OA.getName(), pvp2OA); + OAPVP2Config pvp2OA = new OAPVP2Config(); + formList.put(pvp2OA.getName(), pvp2OA); - OAOAuth20Config oauth20OA = new OAOAuth20Config(); - formList.put(oauth20OA.getName(), oauth20OA); + OAOAuth20Config oauth20OA = new OAOAuth20Config(); + formList.put(oauth20OA.getName(), oauth20OA); - OASTORKConfig storkOA = new OASTORKConfig(); - formList.put(storkOA.getName(), storkOA); + OASTORKConfig storkOA = new OASTORKConfig(); + formList.put(storkOA.getName(), storkOA); - Map map = new HashMap(); - map.putAll(FormBuildUtils.getDefaultMap()); - FormularCustomization formOA = new FormularCustomization(map); - formList.put(formOA.getName(), formOA); + Map map = new HashMap(); + map.putAll(FormBuildUtils.getDefaultMap()); + FormularCustomization formOA = new FormularCustomization(map); + formList.put(formOA.getName(), formOA); - OARevisionsLogData revisOA = new OARevisionsLogData(); - formList.put(revisOA.getName(), revisOA); + OARevisionsLogData revisOA = new OARevisionsLogData(); + formList.put(revisOA.getName(), revisOA); + } } @@ -210,8 +212,8 @@ public class EditOAAction extends BasicOAAction { errors.addAll(form.validate(getGeneralOA(), authUser, request)); // Do not allow SSO in combination with special BKUSelection features - if (getSsoOA().isUseSSO() - && (getFormOA().isOnlyMandateAllowed() || !getFormOA() + if (getSsoOA() != null && getSsoOA().isUseSSO() + && (getFormOA() != null && getFormOA().isOnlyMandateAllowed() || !getFormOA() .isShowMandateLoginButton())) { log.warn("Special BKUSelection features can not be used in combination with SSO"); errors.add(LanguageHelper.getErrorString( diff --git a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/struts/action/InterfederationIDPAction.java b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/struts/action/InterfederationIDPAction.java index 7fae5d40c..180f32235 100644 --- a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/struts/action/InterfederationIDPAction.java +++ b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/struts/action/InterfederationIDPAction.java @@ -23,17 +23,14 @@ package at.gv.egovernment.moa.id.configuration.struts.action; import java.util.ArrayList; -import java.util.Date; import java.util.List; import org.apache.log4j.Logger; +import at.gv.egiz.eaaf.core.impl.utils.Random; import at.gv.egovernment.moa.id.commons.db.dao.config.deprecated.AttributeProviderPlugin; import at.gv.egovernment.moa.id.commons.db.dao.config.deprecated.IdentificationNumber; -import at.gv.egovernment.moa.id.commons.db.dao.config.deprecated.MOAIDConfiguration; import at.gv.egovernment.moa.id.commons.db.dao.config.deprecated.OnlineApplication; -import at.gv.egiz.eaaf.core.impl.utils.Random; -import at.gv.egovernment.moa.id.commons.db.dao.config.UserDatabase; import at.gv.egovernment.moa.id.commons.db.ex.MOADatabaseException; import at.gv.egovernment.moa.id.commons.validation.ValidationHelper; import at.gv.egovernment.moa.id.configuration.Constants; @@ -42,7 +39,6 @@ import at.gv.egovernment.moa.id.configuration.data.OAListElement; import at.gv.egovernment.moa.id.configuration.data.oa.IOnlineApplicationData; import at.gv.egovernment.moa.id.configuration.data.oa.OAAuthenticationData; import at.gv.egovernment.moa.id.configuration.data.oa.OAMOAIDPInterfederationConfig; -import at.gv.egovernment.moa.id.configuration.data.oa.OAOAuth20Config; import at.gv.egovernment.moa.id.configuration.data.oa.OASTORKConfig; import at.gv.egovernment.moa.id.configuration.data.oa.OATargetConfiguration; import at.gv.egovernment.moa.id.configuration.data.oa.PVPGatewayInterfederationConfig; @@ -50,7 +46,6 @@ import at.gv.egovernment.moa.id.configuration.exception.BasicActionException; import at.gv.egovernment.moa.id.configuration.exception.BasicOAActionException; import at.gv.egovernment.moa.id.configuration.helper.FormDataHelper; import at.gv.egovernment.moa.id.configuration.helper.LanguageHelper; -import at.gv.egovernment.moa.util.MiscUtil; /** * @author tlenz diff --git a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/validation/moaconfig/MOAConfigValidator.java b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/validation/moaconfig/MOAConfigValidator.java index 717a0c827..247004b75 100644 --- a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/validation/moaconfig/MOAConfigValidator.java +++ b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/validation/moaconfig/MOAConfigValidator.java @@ -46,7 +46,7 @@ public class MOAConfigValidator { private static final Logger log = Logger.getLogger(MOAConfigValidator.class); - public List validate(GeneralMOAIDConfig form, HttpServletRequest request) { + public List validate(GeneralMOAIDConfig form, HttpServletRequest request, boolean isMOAIDMode) { List errors = new ArrayList(); @@ -126,7 +126,7 @@ public class MOAConfigValidator { // } check = form.getDefaultBKUHandy(); - if (MiscUtil.isNotEmpty(check)) { + if (MiscUtil.isNotEmpty(check) && isMOAIDMode) { if (!ValidationHelper.validateURL(check)) { log.info("Not valid Handy-BKU URL"); errors.add(LanguageHelper.getErrorString("validation.general.bku.handy.valid", request)); @@ -134,7 +134,7 @@ public class MOAConfigValidator { } check = form.getDefaultBKULocal(); - if (MiscUtil.isNotEmpty(check)) { + if (MiscUtil.isNotEmpty(check) && isMOAIDMode) { if (!ValidationHelper.validateURL(check)) { log.info("Not valid Online-BKU URL"); errors.add(LanguageHelper.getErrorString("validation.general.bku.local.valid", request)); @@ -142,7 +142,7 @@ public class MOAConfigValidator { } check = form.getDefaultBKUOnline(); - if (MiscUtil.isNotEmpty(check)) { + if (MiscUtil.isNotEmpty(check) && isMOAIDMode) { if (!ValidationHelper.validateURL(check)) { log.info("Not valid Online-BKU URL"); errors.add(LanguageHelper.getErrorString("validation.general.bku.online.valid", request)); @@ -162,7 +162,7 @@ public class MOAConfigValidator { // } check = form.getMandateURL(); - if (MiscUtil.isNotEmpty(check)) { + if (MiscUtil.isNotEmpty(check) && isMOAIDMode) { String[] misURLs = check.split(","); for (String el : misURLs) { if (MiscUtil.isNotEmpty(el) && !ValidationHelper.validateURL(StringUtils.chomp(el.trim()))) { @@ -174,7 +174,7 @@ public class MOAConfigValidator { } check = form.getElgaMandateServiceURL(); - if (MiscUtil.isNotEmpty(check)) { + if (MiscUtil.isNotEmpty(check) && isMOAIDMode) { String[] elgaServiceURLs = check.split(","); for (String el : elgaServiceURLs) { if (MiscUtil.isNotEmpty(el) && !ValidationHelper.validateURL(StringUtils.chomp(el.trim()))) { @@ -185,87 +185,103 @@ public class MOAConfigValidator { } } + check = form.getEidSystemServiceURL(); + if (MiscUtil.isNotEmpty(check)) { + String[] eidServiceURLs = check.split(","); + for (String el : eidServiceURLs) { + if (MiscUtil.isNotEmpty(el) && !ValidationHelper.validateURL(StringUtils.chomp(el.trim()))) { + log.info("Not valid E-ID System Service URL"); + errors.add(LanguageHelper.getErrorString("validation.general.eid.url.valid", + new Object[]{el}, request)); + } + } + } + check = form.getMoaspssAuthTransformations(); List authtranslist = new ArrayList(); - if (MiscUtil.isEmpty(check)) { - log.info("Empty MoaspssAuthTransformation"); - errors.add(LanguageHelper.getErrorString("validation.general.moasp.auth.transformation.empty", request)); - } else { - - //is only required if more then one transformation is in use -// check = StringHelper.formatText(check); -// String[] list = check.split(GeneralMOAIDConfig.LINE_DELIMITER); -// int i=1; -// for(String el : list) { -// if (ValidationHelper.containsPotentialCSSCharacter(el, false)) { -// log.info("IdentityLinkSigners is not valid: " + el); -// errors.add(LanguageHelper.getErrorString("validation.general.moasp.auth.transformation.valid", -// new Object[] {i, ValidationHelper.getPotentialCSSCharacter(false)} )); -// -// } else { -// if (MiscUtil.isNotEmpty(el.trim())) -// authtranslist.add(el.trim()); -// } -// i++; -// } - authtranslist.add(check.trim()); + if (isMOAIDMode) { + if (MiscUtil.isEmpty(check)) { + log.info("Empty MoaspssAuthTransformation"); + errors.add(LanguageHelper.getErrorString("validation.general.moasp.auth.transformation.empty", request)); + } else { + + //is only required if more then one transformation is in use + // check = StringHelper.formatText(check); + // String[] list = check.split(GeneralMOAIDConfig.LINE_DELIMITER); + // int i=1; + // for(String el : list) { + // if (ValidationHelper.containsPotentialCSSCharacter(el, false)) { + // log.info("IdentityLinkSigners is not valid: " + el); + // errors.add(LanguageHelper.getErrorString("validation.general.moasp.auth.transformation.valid", + // new Object[] {i, ValidationHelper.getPotentialCSSCharacter(false)} )); + // + // } else { + // if (MiscUtil.isNotEmpty(el.trim())) + // authtranslist.add(el.trim()); + // } + // i++; + // } + authtranslist.add(check.trim()); + } } form.setAuthTransformList(authtranslist); - check = form.getMoaspssAuthTrustProfile(); - if (MiscUtil.isEmpty(check)) { - log.info("Empty MOA-SP/SS Authblock TrustProfile"); - errors.add(LanguageHelper.getErrorString("validation.general.moasp.auth.trustprofile.empty", request)); - } else { - if (ValidationHelper.containsNotValidCharacter(check, false)) { - log.info("Authblock TrustProfile is not valid: " +check); - errors.add(LanguageHelper.getErrorString("validation.general.moasp.auth.trustprofile.valid", - new Object[] {ValidationHelper.getNotValidCharacter(false)}, request )); + if (isMOAIDMode) { + check = form.getMoaspssAuthTrustProfile(); + if (MiscUtil.isEmpty(check)) { + log.info("Empty MOA-SP/SS Authblock TrustProfile"); + errors.add(LanguageHelper.getErrorString("validation.general.moasp.auth.trustprofile.empty", request)); + } else { + if (ValidationHelper.containsNotValidCharacter(check, false)) { + log.info("Authblock TrustProfile is not valid: " +check); + errors.add(LanguageHelper.getErrorString("validation.general.moasp.auth.trustprofile.valid", + new Object[] {ValidationHelper.getNotValidCharacter(false)}, request )); + } } - } - - check = form.getMoaspssIdlTrustProfile(); - if (MiscUtil.isEmpty(check)) { - log.info("Empty MOA-SP/SS IdentityLink TrustProfile"); - errors.add(LanguageHelper.getErrorString("validation.general.moasp.idl.trustprofile.empty", request)); - } else { - if (ValidationHelper.containsNotValidCharacter(check, false)) { - log.info("IdentityLink TrustProfile is not valid: " +check); - errors.add(LanguageHelper.getErrorString("validation.general.moasp.idl.trustprofile.valid", - new Object[] {ValidationHelper.getNotValidCharacter(false)}, request )); + + check = form.getMoaspssIdlTrustProfile(); + if (MiscUtil.isEmpty(check)) { + log.info("Empty MOA-SP/SS IdentityLink TrustProfile"); + errors.add(LanguageHelper.getErrorString("validation.general.moasp.idl.trustprofile.empty", request)); + } else { + if (ValidationHelper.containsNotValidCharacter(check, false)) { + log.info("IdentityLink TrustProfile is not valid: " +check); + errors.add(LanguageHelper.getErrorString("validation.general.moasp.idl.trustprofile.valid", + new Object[] {ValidationHelper.getNotValidCharacter(false)}, request )); + } } - } - - check = form.getMoaspssAuthTrustProfileTest(); - if (MiscUtil.isEmpty(check)) { - log.info("Empty MOA-SP/SS Test-Authblock TrustProfile"); - errors.add(LanguageHelper.getErrorString("validation.general.moasp.auth.trustprofile.test.empty", request)); - } else { - if (ValidationHelper.containsNotValidCharacter(check, false)) { - log.info("Test-Authblock TrustProfile is not valid: " +check); - errors.add(LanguageHelper.getErrorString("validation.general.moasp.auth.trustprofile.test.valid", - new Object[] {ValidationHelper.getNotValidCharacter(false)}, request )); + + check = form.getMoaspssAuthTrustProfileTest(); + if (MiscUtil.isEmpty(check)) { + log.info("Empty MOA-SP/SS Test-Authblock TrustProfile"); + errors.add(LanguageHelper.getErrorString("validation.general.moasp.auth.trustprofile.test.empty", request)); + } else { + if (ValidationHelper.containsNotValidCharacter(check, false)) { + log.info("Test-Authblock TrustProfile is not valid: " +check); + errors.add(LanguageHelper.getErrorString("validation.general.moasp.auth.trustprofile.test.valid", + new Object[] {ValidationHelper.getNotValidCharacter(false)}, request )); + } } - } - - check = form.getMoaspssIdlTrustProfileTest(); - if (MiscUtil.isEmpty(check)) { - log.info("Empty MOA-SP/SS Test-IdentityLink TrustProfile"); - errors.add(LanguageHelper.getErrorString("validation.general.moasp.idl.trustprofile.test.empty", request)); - } else { - if (ValidationHelper.containsNotValidCharacter(check, false)) { - log.info("Test-IdentityLink TrustProfile is not valid: " +check); - errors.add(LanguageHelper.getErrorString("validation.general.moasp.idl.trustprofile.test.valid", - new Object[] {ValidationHelper.getNotValidCharacter(false)}, request )); + + check = form.getMoaspssIdlTrustProfileTest(); + if (MiscUtil.isEmpty(check)) { + log.info("Empty MOA-SP/SS Test-IdentityLink TrustProfile"); + errors.add(LanguageHelper.getErrorString("validation.general.moasp.idl.trustprofile.test.empty", request)); + } else { + if (ValidationHelper.containsNotValidCharacter(check, false)) { + log.info("Test-IdentityLink TrustProfile is not valid: " +check); + errors.add(LanguageHelper.getErrorString("validation.general.moasp.idl.trustprofile.test.valid", + new Object[] {ValidationHelper.getNotValidCharacter(false)}, request )); + } } - } - - - check = form.getMoaspssURL(); - if (MiscUtil.isNotEmpty(check)) { - if (!ValidationHelper.validateURL(check)) { - log.info("Not valid MOA-SP/SS Service URL"); - errors.add(LanguageHelper.getErrorString("validation.general.moaspss.url.valid", request)); + + + check = form.getMoaspssURL(); + if (MiscUtil.isNotEmpty(check)) { + if (!ValidationHelper.validateURL(check)) { + log.info("Not valid MOA-SP/SS Service URL"); + errors.add(LanguageHelper.getErrorString("validation.general.moaspss.url.valid", request)); + } } } @@ -312,109 +328,111 @@ public class MOAConfigValidator { // } // } - check = form.getSLRequestTemplateHandy(); - if (MiscUtil.isEmpty(check)) { - log.info("Empty SLRequestTemplate Handy-BKU"); - errors.add(LanguageHelper.getErrorString("validation.general.slrequest.handy.empty", request)); - } else { - if (ValidationHelper.isNotValidIdentityLinkSigner(check)) { - log.info("SLRequestTemplate Handy-BKU is not valid"); - errors.add(LanguageHelper.getErrorString("validation.general.slrequest.handy.valid", request)); - } - } - - check = form.getSLRequestTemplateLocal(); - if (MiscUtil.isEmpty(check)) { - log.info("Empty SLRequestTemplate local BKU"); - errors.add(LanguageHelper.getErrorString("validation.general.slrequest.local.empty", request)); - } else { - if (ValidationHelper.isNotValidIdentityLinkSigner(check)) { - log.info("SLRequestTemplate local BKU is not valid"); - errors.add(LanguageHelper.getErrorString("validation.general.slrequest.local.valid", request)); - } - } - - check = form.getSLRequestTemplateOnline(); - if (MiscUtil.isEmpty(check)) { - log.info("Empty SLRequestTemplate Online-BKU"); - errors.add(LanguageHelper.getErrorString("validation.general.slrequest.online.empty", request)); - } else { - if (ValidationHelper.isNotValidIdentityLinkSigner(check)) { - log.info("SLRequestTemplate Online-BKU is not valid"); - errors.add(LanguageHelper.getErrorString("validation.general.slrequest.online.valid", request)); + if (isMOAIDMode) { + check = form.getSLRequestTemplateHandy(); + if (MiscUtil.isEmpty(check)) { + log.info("Empty SLRequestTemplate Handy-BKU"); + errors.add(LanguageHelper.getErrorString("validation.general.slrequest.handy.empty", request)); + } else { + if (ValidationHelper.isNotValidIdentityLinkSigner(check)) { + log.info("SLRequestTemplate Handy-BKU is not valid"); + errors.add(LanguageHelper.getErrorString("validation.general.slrequest.handy.valid", request)); + } } - } - - check = form.getSsoFriendlyName(); - if (MiscUtil.isNotEmpty(check)) { - if (ValidationHelper.containsNotValidCharacter(check, false)) { - log.info("SSO friendlyname is not valid: " + check); - errors.add(LanguageHelper.getErrorString("validation.general.sso.friendlyname.valid", - new Object[] {ValidationHelper.getNotValidCharacter(false)}, request )); + + check = form.getSLRequestTemplateLocal(); + if (MiscUtil.isEmpty(check)) { + log.info("Empty SLRequestTemplate local BKU"); + errors.add(LanguageHelper.getErrorString("validation.general.slrequest.local.empty", request)); + } else { + if (ValidationHelper.isNotValidIdentityLinkSigner(check)) { + log.info("SLRequestTemplate local BKU is not valid"); + errors.add(LanguageHelper.getErrorString("validation.general.slrequest.local.valid", request)); + } } - } - -// check = form.getSsoIdentificationNumber(); -// if (MiscUtil.isNotEmpty(check)) { -// if (ValidationHelper.containsPotentialCSSCharacter(check, false)) { -// log.info("SSO IdentificationNumber is not valid: " + check); -// errors.add(LanguageHelper.getErrorString("validation.general.sso.identificationnumber.valid", -// new Object[] {ValidationHelper.getPotentialCSSCharacter(false)} )); -// } -// } - -// check = form.getSsoPublicUrl(); -// if (MiscUtil.isNotEmpty(check)) { -// if (!ValidationHelper.validateURL(check)) { -// log.info("SSO Public URL is not valid"); -// errors.add(LanguageHelper.getErrorString("validation.general.sso.publicurl.valid")); -// } -// } - - check = form.getSsoSpecialText(); - if (MiscUtil.isNotEmpty(check)) { - if (ValidationHelper.containsNotValidCharacter(check, true)) { - log.info("SSO SpecialText is not valid: " + check); - errors.add(LanguageHelper.getErrorString("validation.general.sso.specialauthtext.valid", - new Object[] {ValidationHelper.getNotValidCharacter(true)} , request)); + + check = form.getSLRequestTemplateOnline(); + if (MiscUtil.isEmpty(check)) { + log.info("Empty SLRequestTemplate Online-BKU"); + errors.add(LanguageHelper.getErrorString("validation.general.slrequest.online.empty", request)); + } else { + if (ValidationHelper.isNotValidIdentityLinkSigner(check)) { + log.info("SLRequestTemplate Online-BKU is not valid"); + errors.add(LanguageHelper.getErrorString("validation.general.slrequest.online.valid", request)); + } } - } - - check = form.getSsoTarget(); - if (MiscUtil.isEmpty(check)) { - log.info("Empty SSO Target"); - //errors.add(LanguageHelper.getErrorString("validation.general.sso.target.empty", request)); - } else { - if (!ValidationHelper.isValidAdminTarget(check)) { - + check = form.getSsoFriendlyName(); + if (MiscUtil.isNotEmpty(check)) { if (ValidationHelper.containsNotValidCharacter(check, false)) { - log.warn("IdentificationNumber contains potentail XSS characters: " + check); - errors.add(LanguageHelper.getErrorString("validation.general.sso.target.valid", + log.info("SSO friendlyname is not valid: " + check); + errors.add(LanguageHelper.getErrorString("validation.general.sso.friendlyname.valid", new Object[] {ValidationHelper.getNotValidCharacter(false)}, request )); } + } + + // check = form.getSsoIdentificationNumber(); + // if (MiscUtil.isNotEmpty(check)) { + // if (ValidationHelper.containsPotentialCSSCharacter(check, false)) { + // log.info("SSO IdentificationNumber is not valid: " + check); + // errors.add(LanguageHelper.getErrorString("validation.general.sso.identificationnumber.valid", + // new Object[] {ValidationHelper.getPotentialCSSCharacter(false)} )); + // } + // } + + // check = form.getSsoPublicUrl(); + // if (MiscUtil.isNotEmpty(check)) { + // if (!ValidationHelper.validateURL(check)) { + // log.info("SSO Public URL is not valid"); + // errors.add(LanguageHelper.getErrorString("validation.general.sso.publicurl.valid")); + // } + // } + + check = form.getSsoSpecialText(); + if (MiscUtil.isNotEmpty(check)) { + if (ValidationHelper.containsNotValidCharacter(check, true)) { + log.info("SSO SpecialText is not valid: " + check); + errors.add(LanguageHelper.getErrorString("validation.general.sso.specialauthtext.valid", + new Object[] {ValidationHelper.getNotValidCharacter(true)} , request)); + } + } + + check = form.getSsoTarget(); + if (MiscUtil.isEmpty(check)) { + log.info("Empty SSO Target"); + //errors.add(LanguageHelper.getErrorString("validation.general.sso.target.empty", request)); - String num = check.replaceAll(" ", ""); - - if ( !(num.startsWith(Constants.IDENIFICATIONTYPE_FN) || - num.startsWith(Constants.IDENIFICATIONTYPE_ZVR) || - num.startsWith(Constants.IDENIFICATIONTYPE_ERSB) ) ) { + } else { + if (!ValidationHelper.isValidAdminTarget(check)) { - log.info("Not valid SSO Target"); - errors.add(LanguageHelper.getErrorString("validation.general.sso.target.valid", request)); + if (ValidationHelper.containsNotValidCharacter(check, false)) { + log.warn("IdentificationNumber contains potentail XSS characters: " + check); + errors.add(LanguageHelper.getErrorString("validation.general.sso.target.valid", + new Object[] {ValidationHelper.getNotValidCharacter(false)}, request )); + } + + String num = check.replaceAll(" ", ""); + + if ( !(num.startsWith(Constants.IDENIFICATIONTYPE_FN) || + num.startsWith(Constants.IDENIFICATIONTYPE_ZVR) || + num.startsWith(Constants.IDENIFICATIONTYPE_ERSB) ) ) { + + log.info("Not valid SSO Target"); + errors.add(LanguageHelper.getErrorString("validation.general.sso.target.valid", request)); + } + } - } - } - - check = form.getSzrgwURL(); - if (MiscUtil.isNotEmpty(check)) { - String[] szrGWServiceURLs = check.split(","); - for (String el : szrGWServiceURLs) { - if (MiscUtil.isNotEmpty(el) && !ValidationHelper.validateURL(StringUtils.chomp(el.trim()))) { - log.info("Not valid Online-Mandate Service URL"); - errors.add(LanguageHelper.getErrorString("validation.general.szrgw.url.valid", - new Object[]{el}, request)); + + check = form.getSzrgwURL(); + if (MiscUtil.isNotEmpty(check)) { + String[] szrGWServiceURLs = check.split(","); + for (String el : szrGWServiceURLs) { + if (MiscUtil.isNotEmpty(el) && !ValidationHelper.validateURL(StringUtils.chomp(el.trim()))) { + log.info("Not valid Online-Mandate Service URL"); + errors.add(LanguageHelper.getErrorString("validation.general.szrgw.url.valid", + new Object[]{el}, request)); + } } } } @@ -433,41 +451,42 @@ public class MOAConfigValidator { } - - if (form.getFileUploadFileName() != null && !form.getFileUploadFileName().isEmpty()) { - HashMap map = new HashMap(); - for (int i=0; i map = new HashMap(); + for (int i=0; i - -
-

<%=LanguageHelper.getGUIString("webpages.moaconfig.defaultbkus.header", request) %>

- - - - - - - - - -
- -
-

<%=LanguageHelper.getGUIString("webpages.moaconfig.slrequesttemplates.header", request) %>

+ +
+

<%=LanguageHelper.getGUIString("webpages.moaconfig.defaultbkus.header", request) %>

- - - - - - - - + + + + + + + + +
-
- +
+

<%=LanguageHelper.getGUIString("webpages.moaconfig.slrequesttemplates.header", request) %>

+ + + + + + + + + + +
+ + +

<%=LanguageHelper.getGUIString("webpages.moaconfig.certificates.header", request) %>

@@ -156,177 +158,204 @@ key="webpages.moaconfig.timeout.assertion" cssClass="textfield_long"> - - - - - -
- -
-

<%=LanguageHelper.getGUIString("webpages.moaconfig.moasp.header", request) %>

- - - - - - -<%-- - --%> - - - - - - - - -<%-- - --%> - - + + + + + + + + + + + + -<%-- - --%>
-
-

<%=LanguageHelper.getGUIString("webpages.moaconfig.services.header", request) %>

- - - - - - -
+ +
+

<%=LanguageHelper.getGUIString("webpages.moaconfig.moasp.header", request) %>

+ + + + + + + + <%-- + --%> + + + + + + + + + <%-- + --%> + + + + <%-- + --%> + +
+
-
-

<%=LanguageHelper.getGUIString("webpages.moaconfig.sso.header", request) %>

-<%-- - --%> - - - - - - -
-

<%=LanguageHelper.getGUIString("webpages.oaconfig.stork.header", request) %>

- -

<%=LanguageHelper.getGUIString("webpages.moaconfig.stork.pepslist", request) %>

-
Benutzerdaten:PrincipleId: <%= bean.getPrincipleId()%>
Benutzerdaten: <%= bean.getGivenName()%>  <%= bean.getFamilyName()%>  <%= bean.getDateOfBirth()%>
- - - - - - - - - - - - - - - - - - - - - -
Country ShortcodePEPS URLSupports XMLEncryption
" onclick='this.parentNode.parentNode.parentNode.removeChild(this.parentNode.parentNode);'/>
" onclick='this.parentNode.parentNode.parentNode.removeChild(this.parentNode.parentNode);'/>
- " onclick='newPeps();' /> -

<%=LanguageHelper.getGUIString("webpages.moaconfig.stork.attributes.heading", request) %>

- - - - - - - -
<%=LanguageHelper.getGUIString("webpages.moaconfig.stork.attributes.heading.name", request) %><%=LanguageHelper.getGUIString("webpages.moaconfig.stork.attributes.heading.mandatory", request) %>
" onclick='this.parentNode.parentNode.parentNode.removeChild(this.parentNode.parentNode);'/>
- " onclick='newStorkAttribute();' /> +

<%=LanguageHelper.getGUIString("webpages.moaconfig.services.header", request) %>

+ + + + + + + + + + + +
+ +
+

<%=LanguageHelper.getGUIString("webpages.moaconfig.sso.header", request) %>

+ <%-- + --%> + + + + + + +
+ +
+

<%=LanguageHelper.getGUIString("webpages.oaconfig.stork.header", request) %>

+ +

<%=LanguageHelper.getGUIString("webpages.moaconfig.stork.pepslist", request) %>

+ + + + + + + + + + + + + + + + + + + + + + +
Country ShortcodePEPS URLSupports XMLEncryption
" onclick='this.parentNode.parentNode.parentNode.removeChild(this.parentNode.parentNode);'/>
" onclick='this.parentNode.parentNode.parentNode.removeChild(this.parentNode.parentNode);'/>
+ " onclick='newPeps();' /> +

<%=LanguageHelper.getGUIString("webpages.moaconfig.stork.attributes.heading", request) %>

+ + + + + + + +
<%=LanguageHelper.getGUIString("webpages.moaconfig.stork.attributes.heading.name", request) %><%=LanguageHelper.getGUIString("webpages.moaconfig.stork.attributes.heading.mandatory", request) %>
" onclick='this.parentNode.parentNode.parentNode.removeChild(this.parentNode.parentNode);'/>
+ " onclick='newStorkAttribute();' /> +
+
+

<%=LanguageHelper.getGUIString("webpages.moaconfig.protocols.header", request) %>

@@ -338,18 +367,21 @@ key="webpages.moaconfig.protocols.legacy.saml1" cssClass="checkbox"> - - - - + + + + + + +

@@ -362,12 +394,15 @@ key="webpages.moaconfig.protocols.legacy.saml1" cssClass="checkbox"> - - + + + + +
@@ -461,24 +496,25 @@ -
-

<%=LanguageHelper.getGUIString("webpages.moaconfig.sl.transormations.header", request) %>

- - - - -
- -
-
+ +
+

<%=LanguageHelper.getGUIString("webpages.moaconfig.sl.transormations.header", request) %>

+ + + -
-
-
- -
+
+ + + +
+ +
+
+ +

diff --git a/id/ConfigWebTool/src/main/webapp/jsp/editOAGeneral.jsp b/id/ConfigWebTool/src/main/webapp/jsp/editOAGeneral.jsp index cc4220d0e..feab86593 100644 --- a/id/ConfigWebTool/src/main/webapp/jsp/editOAGeneral.jsp +++ b/id/ConfigWebTool/src/main/webapp/jsp/editOAGeneral.jsp @@ -46,12 +46,14 @@ - + + - + - - + + +

<%=LanguageHelper.getGUIString("webpages.oaconfig.protocols.header", request) %>

@@ -64,35 +66,40 @@ - - - - - - + + + + + + + - - hidden - + + + hidden + - + +
- + + - + + diff --git a/id/ConfigWebTool/src/main/webapp/jsp/snippets/OA/authentication.jsp b/id/ConfigWebTool/src/main/webapp/jsp/snippets/OA/authentication.jsp index d2668e264..7a54df554 100644 --- a/id/ConfigWebTool/src/main/webapp/jsp/snippets/OA/authentication.jsp +++ b/id/ConfigWebTool/src/main/webapp/jsp/snippets/OA/authentication.jsp @@ -3,8 +3,8 @@ <%@ taglib prefix="s" uri="/struts-tags" %> - - + +

<%=LanguageHelper.getGUIString("webpages.oaconfig.general.bku.header", request) %>

@@ -167,16 +167,26 @@
-

<%=LanguageHelper.getGUIString("webpages.oaconfig.general.szrgw.header", request) %>

- +

<%=LanguageHelper.getGUIString("webpages.oaconfig.general.szrgw.header", request) %>

- - -
+ + +
+ +
+

<%=LanguageHelper.getGUIString("webpages.oaconfig.general.eid.header", request) %>

+ + +
\ No newline at end of file diff --git a/id/ConfigWebTool/src/main/webapp/jsp/snippets/OA/targetConfiguration.jsp b/id/ConfigWebTool/src/main/webapp/jsp/snippets/OA/targetConfiguration.jsp index 367dc445d..2436b1051 100644 --- a/id/ConfigWebTool/src/main/webapp/jsp/snippets/OA/targetConfiguration.jsp +++ b/id/ConfigWebTool/src/main/webapp/jsp/snippets/OA/targetConfiguration.jsp @@ -123,25 +123,27 @@ cssClass="checkbox"> - - - - - + + + + + + + diff --git a/id/ConfigWebTool/src/main/webapp/jsp/snippets/main_menu.jsp b/id/ConfigWebTool/src/main/webapp/jsp/snippets/main_menu.jsp index 95d6de912..f4c377d9c 100644 --- a/id/ConfigWebTool/src/main/webapp/jsp/snippets/main_menu.jsp +++ b/id/ConfigWebTool/src/main/webapp/jsp/snippets/main_menu.jsp @@ -18,10 +18,14 @@ - + + + + +