From 8b8ea32ebd30b542a9b4ea1c797078377443f251 Mon Sep 17 00:00:00 2001 From: Alexander Marsalek Date: Mon, 7 Jul 2014 17:14:55 +0200 Subject: Encoding fix, getAttributeValue now optionally returns null instead of throwing an exception --- .../moa/id/auth/AuthenticationServer.java | 7 ++- .../auth/builder/StartAuthenticationBuilder.java | 2 +- .../moa/id/auth/servlet/GetForeignIDServlet.java | 1 - .../moa/id/auth/servlet/PEPSConnectorServlet.java | 4 +- .../PEPSConnectorWithLocalSigningServlet.java | 10 ++-- .../servlet/VerifyAuthenticationBlockServlet.java | 4 +- .../moa/id/auth/stork/STORKResponseProcessor.java | 56 ++++++++++++---------- .../gv/egovernment/moa/id/moduls/SSOManager.java | 2 +- .../moa/id/protocols/pvp2x/MetadataAction.java | 2 +- .../pvp2x/builder/attributes/EIDAuthBlock.java | 2 +- .../builder/attributes/EIDIdentityLinkBuilder.java | 2 +- .../pvp2x/builder/attributes/EIDSTORKTOKEN.java | 2 +- .../pvp2x/verification/SAMLVerifierMOASP.java | 2 +- .../id/protocols/stork2/AuthenticationRequest.java | 4 +- .../moa/id/protocols/stork2/ConsentEvaluator.java | 4 +- .../MandateAttributeRequestProvider.java | 2 +- .../SignedDocAttributeRequestProvider.java | 45 ++++++++++++++++- .../StorkAttributeRequestProvider.java | 2 +- 18 files changed, 102 insertions(+), 51 deletions(-) diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/AuthenticationServer.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/AuthenticationServer.java index c2eefa3d8..8d2684c9b 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/AuthenticationServer.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/AuthenticationServer.java @@ -11,6 +11,7 @@ import java.io.ByteArrayInputStream; import java.io.IOException; import java.io.InputStream; import java.io.StringWriter; +import java.io.UnsupportedEncodingException; import java.math.BigInteger; import java.security.NoSuchAlgorithmException; import java.security.Principal; @@ -1663,7 +1664,7 @@ public class AuthenticationServer implements MOAIDAuthConstants { SZRGWClient client = new SZRGWClient(connectionParameters); CreateIdentityLinkRequest request = new CreateIdentityLinkRequest(); - request.setSignature(citizenSignature.getBytes()); + request.setSignature(citizenSignature.getBytes("UTF-8")); PEPSData data = new PEPSData(); data.setDateOfBirth(PEPSDateOfBirth); @@ -1711,6 +1712,8 @@ public class AuthenticationServer implements MOAIDAuthConstants { catch (ConfigurationException e) { Logger.warn(e); Logger.warn(MOAIDMessageProvider.getInstance().getMessage("config.12", null )); + } catch (UnsupportedEncodingException e) { + Logger.warn(e); } return null; @@ -1912,7 +1915,7 @@ public class AuthenticationServer implements MOAIDAuthConstants { template.merge(context, writer); resp.setContentType("text/html;charset=UTF-8"); - resp.getOutputStream().write(writer.toString().getBytes()); + resp.getOutputStream().write(writer.toString().getBytes("UTF-8")); } catch (Exception e) { Logger.error("Error sending STORK SAML AuthnRequest.", e); diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/builder/StartAuthenticationBuilder.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/builder/StartAuthenticationBuilder.java index 9f2d5b641..484fe1f9e 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/builder/StartAuthenticationBuilder.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/builder/StartAuthenticationBuilder.java @@ -56,7 +56,7 @@ public class StartAuthenticationBuilder { STORKConfig storkConfig = AuthConfigurationProvider.getInstance().getStorkConfig(); - Logger.info("Starting authentication for a citizen of country: " + (StringUtils.isEmpty(moasession.getCcc()) ? "AT" : moasession.getCcc())); + Logger.info("Starting authentication for a citizen of country: " + (StringUtils.isEmpty(moasession.getCcc()) ? "AT" : moasession.getCcc())); // STORK or normal authentication if (storkConfig.isSTORKAuthentication(moasession.getCcc())) { //STORK authentication diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/GetForeignIDServlet.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/GetForeignIDServlet.java index f11489dd2..bbc704f22 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/GetForeignIDServlet.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/GetForeignIDServlet.java @@ -161,7 +161,6 @@ public class GetForeignIDServlet extends AuthServlet { AuthenticationSession session = null; try { String xmlCreateXMLSignatureResponse = (String)parameters.get(PARAM_XMLRESPONSE); - // check parameter if (!ParamValidatorUtils.isValidSessionID(sessionID)) throw new WrongParametersException("GetForeignID", PARAM_SESSIONID, "auth.12"); diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/PEPSConnectorServlet.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/PEPSConnectorServlet.java index 0ba144b80..2d49eb809 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/PEPSConnectorServlet.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/PEPSConnectorServlet.java @@ -270,7 +270,7 @@ public class PEPSConnectorServlet extends AuthServlet { for(Object currentX509Data : ((JAXBElement) current).getValue().getX509IssuerSerialOrX509SKIOrX509SubjectName()) { JAXBElement casted = ((JAXBElement) currentX509Data); if(casted.getName().getLocalPart().equals("X509Certificate")) { - moaSession.setSignerCertificate(new X509Certificate(((String)casted.getValue()).getBytes())); + moaSession.setSignerCertificate(new X509Certificate(((String)casted.getValue()).getBytes("UTF-8"))); break; } } @@ -339,7 +339,7 @@ public class PEPSConnectorServlet extends AuthServlet { StringWriter writer = new StringWriter(); template.merge(context, writer); - response.getOutputStream().write(writer.toString().getBytes()); + response.getOutputStream().write(writer.toString().getBytes("UTF-8")); } catch (Exception e1) { Logger.error("Error sending gender retrival form.", e1); // httpSession.invalidate(); diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/PEPSConnectorWithLocalSigningServlet.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/PEPSConnectorWithLocalSigningServlet.java index ee0ae4b87..dfb2753ec 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/PEPSConnectorWithLocalSigningServlet.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/PEPSConnectorWithLocalSigningServlet.java @@ -233,7 +233,7 @@ public class PEPSConnectorWithLocalSigningServlet extends AuthServlet { StringWriter writer = new StringWriter(); template.merge(context, writer); - response.getOutputStream().write(writer.toString().getBytes()); + response.getOutputStream().write(writer.toString().getBytes("UTF-8")); } catch (Exception e1) { Logger.error("Error sending gender retrival form.", e1); // httpSession.invalidate(); @@ -505,7 +505,7 @@ public class PEPSConnectorWithLocalSigningServlet extends AuthServlet { StringWriter writer = new StringWriter(); template.merge(context, writer); - response.getOutputStream().write(writer.toString().getBytes()); + response.getOutputStream().write(writer.toString().getBytes("UTF-8")); } catch (Exception e1) { Logger.error("Error sending gender retrival form.", e1); // httpSession.invalidate(); @@ -576,7 +576,7 @@ public class PEPSConnectorWithLocalSigningServlet extends AuthServlet { StringWriter writer = new StringWriter(); template.merge(context, writer); - resp.getOutputStream().write(writer.toString().getBytes()); + resp.getOutputStream().write(writer.toString().getBytes("UTF-8")); } catch (Exception e) { Logger.error("Error sending DSS signrequest.", e); throw new MOAIDException("stork.11", null); @@ -615,7 +615,7 @@ public class PEPSConnectorWithLocalSigningServlet extends AuthServlet { return citizenSignature; } - private X509Certificate getSignerCertificate(String citizenSignature) throws CertificateException, JAXBException + private X509Certificate getSignerCertificate(String citizenSignature) throws CertificateException, JAXBException, UnsupportedEncodingException { JAXBContext ctx = JAXBContext.newInstance(SignatureType.class.getPackage().getName()); SignatureType root = ((JAXBElement) ctx.createUnmarshaller().unmarshal(IOUtils.toInputStream(citizenSignature))).getValue(); @@ -626,7 +626,7 @@ public class PEPSConnectorWithLocalSigningServlet extends AuthServlet { for(Object currentX509Data : ((JAXBElement) current).getValue().getX509IssuerSerialOrX509SKIOrX509SubjectName()) { JAXBElement casted = ((JAXBElement) currentX509Data); if(casted.getName().getLocalPart().equals("X509Certificate")) { - return new X509Certificate(((String)casted.getValue()).getBytes()); + return new X509Certificate(((String)casted.getValue()).getBytes("UTF-8")); } } } diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/VerifyAuthenticationBlockServlet.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/VerifyAuthenticationBlockServlet.java index 98edf1fe4..e7fa9cbd7 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/VerifyAuthenticationBlockServlet.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/VerifyAuthenticationBlockServlet.java @@ -207,7 +207,7 @@ public class VerifyAuthenticationBlockServlet extends AuthServlet { //System.out.println("IDL: " + s); - byte[] idl = s.getBytes(); + byte[] idl = s.getBytes("UTF-8"); // redirect url // build redirect(to the GetMISSessionIdSerlvet) @@ -238,7 +238,7 @@ public class VerifyAuthenticationBlockServlet extends AuthServlet { String oaFriendlyName = oaParam.getFriendlyName(); String mandateReferenceValue = session.getMandateReferenceValue(); byte[] cert = session.getEncodedSignerCertificate(); - byte[] authBlock = session.getAuthBlock().getBytes(); + byte[] authBlock = session.getAuthBlock().getBytes("UTF-8"); //TODO: check in case of SSO!!! String targetType = null; diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/stork/STORKResponseProcessor.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/stork/STORKResponseProcessor.java index 2c8b44404..46fd06741 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/stork/STORKResponseProcessor.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/stork/STORKResponseProcessor.java @@ -105,13 +105,19 @@ public class STORKResponseProcessor { * @throws STORKException the sTORK exception */ private static String getAttributeValue(String attributeName, IPersonalAttributeList attributeList) throws STORKException { + return getAttributeValue(attributeName, attributeList, true); + } + private static String getAttributeValue(String attributeName, IPersonalAttributeList attributeList, boolean throwException) throws STORKException { try { String result = attributeList.get(attributeName).getValue().get(0); Logger.trace(attributeName + " : " + result); return result; - } catch(NullPointerException e) { + } catch(Exception e) { Logger.error(attributeName + " not found in response"); - throw new STORKException(attributeName + " not found in response"); + if(throwException) + throw new STORKException(attributeName + " not found in response"); + else + return null; } } @@ -137,29 +143,29 @@ public class STORKResponseProcessor { // if there is no signedDoc attribute, we cannot go on String citizenSignature = getAttributeValue("signedDoc", attributeList); - String fiscalNumber = getAttributeValue("fiscalNumber", attributeList); + String fiscalNumber = getAttributeValue("fiscalNumber", attributeList, false); // if we have a signedDoc we test for a representation case // - according to stork samlengine and commons if(hasAttribute("mandate", attributeList)) { // we have a representation case - String mandate = getAttributeValue("mandate", attributeList); + String mandate = getAttributeValue("mandate", attributeList, false); if(!hasAttribute("dateOfBirth", attributeList)) { // if we get here, we have a natural person representing a legal person - String organizationAddress = getAttributeValue("canonicalRegisteredAddress", attributeList); - String organizationType = getAttributeValue("translateableType", attributeList); + String organizationAddress = getAttributeValue("canonicalRegisteredAddress", attributeList, false); + String organizationType = getAttributeValue("translateableType", attributeList, false); identityLinkResponse = AuthenticationServer.getInstance().getIdentityLink(citizenSignature, null, null, mandate, organizationAddress, organizationType, targetType, targetValue, oaFriendlyName, filters, fiscalNumber); } else { // if we get here, we have a natural person representing another natural person - String eIdentifier = getAttributeValue("eIdentifier", attributeList); - String givenName = getAttributeValue("givenName", attributeList); - String lastName = getAttributeValue("surname", attributeList); - String dateOfBirth = getAttributeValue("dateOfBirth", attributeList); + String eIdentifier = getAttributeValue("eIdentifier", attributeList, false); + String givenName = getAttributeValue("givenName", attributeList, false); + String lastName = getAttributeValue("surname", attributeList, false); + String dateOfBirth = getAttributeValue("dateOfBirth", attributeList, false); // gender attribute is mandatory here because of some legal stuff - String gender = getAttributeValue("gender", attributeList); + String gender = getAttributeValue("gender", attributeList, false); if (!StringUtils.isEmpty(dateOfBirth)) dateOfBirth = DateTimeUtils.formatPEPSDateToMOADate(dateOfBirth); @@ -172,25 +178,25 @@ public class STORKResponseProcessor { // - according to stork spec else if(hasAttribute("mandateContent", attributeList) || hasAttribute("representative", attributeList) || hasAttribute("represented", attributeList)) { // we have a representation case - String representative = getAttributeValue("representative", attributeList); - String represented = getAttributeValue("represented", attributeList); - String mandate = getAttributeValue("mandateContent", attributeList); + String representative = getAttributeValue("representative", attributeList, false); + String represented = getAttributeValue("represented", attributeList, false); + String mandate = getAttributeValue("mandateContent", attributeList, false); if(!hasAttribute("dateOfBirth", attributeList)) { // if we get here, we have a natural person representing a legal person - String organizationAddress = getAttributeValue("canonicalRegisteredAddress", attributeList); - String organizationType = getAttributeValue("translateableType", attributeList); + String organizationAddress = getAttributeValue("canonicalRegisteredAddress", attributeList, false); + String organizationType = getAttributeValue("translateableType", attributeList, false); identityLinkResponse = AuthenticationServer.getInstance().getIdentityLink(citizenSignature, representative, represented, mandate, organizationAddress, organizationType, targetType, targetValue, oaFriendlyName, filters, fiscalNumber); } else { // if we get here, we have a natural person representing another natural person - String eIdentifier = getAttributeValue("eIdentifier", attributeList); - String givenName = getAttributeValue("givenName", attributeList); - String lastName = getAttributeValue("surname", attributeList); - String dateOfBirth = getAttributeValue("dateOfBirth", attributeList); + String eIdentifier = getAttributeValue("eIdentifier", attributeList, false); + String givenName = getAttributeValue("givenName", attributeList, false); + String lastName = getAttributeValue("surname", attributeList, false); + String dateOfBirth = getAttributeValue("dateOfBirth", attributeList, false); // gender attribute is mandatory here because of some legal stuff - String gender = getAttributeValue("gender", attributeList); + String gender = getAttributeValue("gender", attributeList, false); if (!StringUtils.isEmpty(dateOfBirth)) dateOfBirth = DateTimeUtils.formatPEPSDateToMOADate(dateOfBirth); @@ -201,10 +207,10 @@ public class STORKResponseProcessor { } } else { // we do not have a representation case - String eIdentifier = getAttributeValue("eIdentifier", attributeList); - String givenName = getAttributeValue("givenName", attributeList); - String lastName = getAttributeValue("surname", attributeList); - String dateOfBirth = getAttributeValue("dateOfBirth", attributeList); + String eIdentifier = getAttributeValue("eIdentifier", attributeList, false); + String givenName = getAttributeValue("givenName", attributeList, false); + String lastName = getAttributeValue("surname", attributeList, false); + String dateOfBirth = getAttributeValue("dateOfBirth", attributeList, false); if (!StringUtils.isEmpty(dateOfBirth)) dateOfBirth = DateTimeUtils.formatPEPSDateToMOADate(dateOfBirth); identityLinkResponse = AuthenticationServer.getInstance().getIdentityLink(eIdentifier, givenName, lastName, dateOfBirth, citizenSignature, fiscalNumber); diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/moduls/SSOManager.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/moduls/SSOManager.java index cb12bc5bd..ca3117a79 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/moduls/SSOManager.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/moduls/SSOManager.java @@ -342,7 +342,7 @@ public class SSOManager { httpResp.setContentType("text/html;charset=UTF-8"); - httpResp.getOutputStream().write(writer.toString().getBytes()); + httpResp.getOutputStream().write(writer.toString().getBytes("UTF-8")); } diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/MetadataAction.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/MetadataAction.java index fec8e3b98..dbf54951f 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/MetadataAction.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/MetadataAction.java @@ -165,7 +165,7 @@ public class MetadataAction implements IAction { Logger.debug("METADATA: " + metadataXML); httpResp.setContentType("text/xml"); - httpResp.getOutputStream().write(metadataXML.getBytes()); + httpResp.getOutputStream().write(metadataXML.getBytes("UTF-8")); httpResp.getOutputStream().close(); diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/builder/attributes/EIDAuthBlock.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/builder/attributes/EIDAuthBlock.java index ded9e7166..4f3aff469 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/builder/attributes/EIDAuthBlock.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/builder/attributes/EIDAuthBlock.java @@ -46,7 +46,7 @@ public class EIDAuthBlock implements IPVPAttributeBuilder { String authblock = authData.getAuthBlock(); if (MiscUtil.isNotEmpty(authblock)) { return g.buildStringAttribute(EID_AUTH_BLOCK_FRIENDLY_NAME, EID_AUTH_BLOCK_NAME, - Base64Utils.encode(authblock.getBytes())); + Base64Utils.encode(authblock.getBytes("UTF-8"))); } } diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/builder/attributes/EIDIdentityLinkBuilder.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/builder/attributes/EIDIdentityLinkBuilder.java index 531369e9a..e8aeb8fcd 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/builder/attributes/EIDIdentityLinkBuilder.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/builder/attributes/EIDIdentityLinkBuilder.java @@ -43,7 +43,7 @@ public class EIDIdentityLinkBuilder implements IPVPAttributeBuilder { ilAssertion = authData.getIdentityLink().getSerializedSamlAssertion(); return g.buildStringAttribute(EID_IDENTITY_LINK_FRIENDLY_NAME, - EID_IDENTITY_LINK_NAME, Base64Utils.encode(ilAssertion.getBytes())); + EID_IDENTITY_LINK_NAME, Base64Utils.encode(ilAssertion.getBytes("UTF-8"))); } catch (IOException e) { Logger.warn("IdentityLink serialization error.", e); diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/builder/attributes/EIDSTORKTOKEN.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/builder/attributes/EIDSTORKTOKEN.java index 04cc59b10..5e723baab 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/builder/attributes/EIDSTORKTOKEN.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/builder/attributes/EIDSTORKTOKEN.java @@ -54,7 +54,7 @@ public class EIDSTORKTOKEN implements IPVPAttributeBuilder { } else { try { return g.buildStringAttribute(EID_STORK_TOKEN_FRIENDLY_NAME, EID_STORK_TOKEN_NAME, - Base64Utils.encode(storkResponse.getBytes())); + Base64Utils.encode(storkResponse.getBytes("UTF-8"))); } catch (IOException e) { Logger.warn("Encode AuthBlock BASE64 failed.", e); diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/verification/SAMLVerifierMOASP.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/verification/SAMLVerifierMOASP.java index 8dfebc06c..4de783323 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/verification/SAMLVerifierMOASP.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/verification/SAMLVerifierMOASP.java @@ -70,7 +70,7 @@ public class SAMLVerifierMOASP implements ISAMLVerifier { // builds a for a call of MOA-SP Element domVerifyXMLSignatureRequest = new VerifyXMLSignatureRequestBuilder() - .build(XMLUtil.printXML(request.getDOM()).getBytes(), + .build(XMLUtil.printXML(request.getDOM()).getBytes("UTF-8"), trustProfileID); Logger.trace("VerifyXMLSignatureRequest for MOA-SP succesfully built"); diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AuthenticationRequest.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AuthenticationRequest.java index b62e6de32..c64c5b488 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AuthenticationRequest.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AuthenticationRequest.java @@ -318,7 +318,7 @@ public class AuthenticationRequest implements IAction { Logger.debug("Sending html content: " + writer.getBuffer().toString()); Logger.debug("Sending html content2 : " + new String(writer.getBuffer())); - httpResp.getOutputStream().write(writer.getBuffer().toString().getBytes()); + httpResp.getOutputStream().write(writer.getBuffer().toString().getBytes("UTF-8")); } catch (IOException e) { Logger.error("Velocity IO error: " + e.getMessage()); @@ -380,7 +380,7 @@ public class AuthenticationRequest implements IAction { Logger.debug("Sending html content: " + writer.getBuffer().toString()); Logger.debug("Sending html content2 : " + new String(writer.getBuffer())); - httpResp.getOutputStream().write(writer.getBuffer().toString().getBytes()); + httpResp.getOutputStream().write(writer.getBuffer().toString().getBytes("UTF-8")); } catch (Exception e) { Logger.error("Velocity error: " + e.getMessage()); diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/ConsentEvaluator.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/ConsentEvaluator.java index 2b00f15e2..3159574fe 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/ConsentEvaluator.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/ConsentEvaluator.java @@ -142,7 +142,7 @@ public class ConsentEvaluator implements IAction { StringWriter writer = new StringWriter(); template.merge(context, writer); - response.getOutputStream().write(writer.getBuffer().toString().getBytes()); + response.getOutputStream().write(writer.getBuffer().toString().getBytes("UTF-8")); } catch (Exception e) { Logger.error("Velocity error: " + e.getMessage()); @@ -209,7 +209,7 @@ public class ConsentEvaluator implements IAction { Logger.debug("Sending html content: " + writer.getBuffer().toString()); Logger.debug("Sending html content2 : " + new String(writer.getBuffer())); - httpResp.getOutputStream().write(writer.getBuffer().toString().getBytes()); + httpResp.getOutputStream().write(writer.getBuffer().toString().getBytes("UTF-8")); } catch (Exception e) { Logger.error("Velocity error: " + e.getMessage()); diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/attributeproviders/MandateAttributeRequestProvider.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/attributeproviders/MandateAttributeRequestProvider.java index 8df3c00aa..07e5b70ba 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/attributeproviders/MandateAttributeRequestProvider.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/attributeproviders/MandateAttributeRequestProvider.java @@ -192,7 +192,7 @@ public class MandateAttributeRequestProvider extends AttributeProvider { StringWriter writer = new StringWriter(); template.merge(context, writer); - resp.getOutputStream().write(writer.toString().getBytes()); + resp.getOutputStream().write(writer.toString().getBytes("UTF-8")); } catch (Exception e) { Logger.error("Error sending STORK SAML AttrRequest.", e); throw new MOAIDException("stork.11", null); diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/attributeproviders/SignedDocAttributeRequestProvider.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/attributeproviders/SignedDocAttributeRequestProvider.java index af973475b..2aa10b9dd 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/attributeproviders/SignedDocAttributeRequestProvider.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/attributeproviders/SignedDocAttributeRequestProvider.java @@ -217,6 +217,49 @@ public class SignedDocAttributeRequestProvider extends AttributeProvider { { //No document service used? // do nothing.... + //TODO temporary fix because document is deleted after fetching => SP can't download Doc + //Add doc to Signresponse + + DocumentWithSignature documentWithSignature = new DocumentWithSignature(); + DocumentType value = new DocumentType(); + if(signResponse.getProfile().toLowerCase().contains("xades")) + { + value.setBase64XML(data); + } + else + { + Base64Data base64data = new Base64Data(); + base64data.setValue(data); + base64data.setMimeType(dataSource.getContentType()); + value.setBase64Data(base64data); + } + documentWithSignature.setDocument(value); + if(signResponse.getOptionalOutputs()!=null) + { + //signResponse.getOptionalOutputs().getAny().add(documentWithSignature); + for(Object o :signResponse.getOptionalOutputs().getAny()) + { + if(o instanceof DocumentWithSignature) + { + signResponse.getOptionalOutputs().getAny().remove(o); + signResponse.getOptionalOutputs().getAny().add(documentWithSignature); + break; + } + } + } + else + { + AnyType anytype = new AnyType(); + anytype.getAny().add(documentWithSignature); + signResponse.setOptionalOutputs(anytype ); + } + +// System.out.println("overwriting:"+signResponse.getResult().getResultMessage()+" with DTL url:"+dtlUrl); + InputStream istr = ApiUtils.marshalToInputStream(signResponse); + StringWriter writer = new StringWriter(); + IOUtils.copy(istr, writer, "UTF-8"); + signResponseString = writer.toString(); + Logger.info("SignResponse overwritten:"+signResponseString); } } else @@ -335,7 +378,7 @@ public class SignedDocAttributeRequestProvider extends AttributeProvider { StringWriter writer = new StringWriter(); template.merge(context, writer); - resp.getOutputStream().write(writer.toString().getBytes()); + resp.getOutputStream().write(writer.toString().getBytes("UTF-8")); } catch (Exception e) { Logger.error("Error sending DSS signrequest.", e); throw new MOAIDException("stork.11", null); diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/attributeproviders/StorkAttributeRequestProvider.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/attributeproviders/StorkAttributeRequestProvider.java index d7e2cdf58..cb3a33c69 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/attributeproviders/StorkAttributeRequestProvider.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/attributeproviders/StorkAttributeRequestProvider.java @@ -172,7 +172,7 @@ public class StorkAttributeRequestProvider extends AttributeProvider { StringWriter writer = new StringWriter(); template.merge(context, writer); - resp.getOutputStream().write(writer.toString().getBytes()); + resp.getOutputStream().write(writer.toString().getBytes("UTF-8")); } catch (Exception e) { Logger.error("Error sending STORK SAML AttrRequest.", e); throw new MOAIDException("stork.11", null); -- cgit v1.2.3