From 0436de6184c1a95d463da52929e3bf60923d6e04 Mon Sep 17 00:00:00 2001 From: Thomas Lenz Date: Mon, 13 Dec 2021 09:23:09 +0100 Subject: update third-party libs and resolve API issues --- .../validation/oa/OATargetConfigValidation.java | 254 ++++++++++----------- 1 file changed, 126 insertions(+), 128 deletions(-) (limited to 'id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/validation/oa/OATargetConfigValidation.java') diff --git a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/validation/oa/OATargetConfigValidation.java b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/validation/oa/OATargetConfigValidation.java index 4807d479e..3e1ed0a38 100644 --- a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/validation/oa/OATargetConfigValidation.java +++ b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/validation/oa/OATargetConfigValidation.java @@ -29,8 +29,6 @@ import java.util.regex.Pattern; import javax.servlet.http.HttpServletRequest; -import org.apache.log4j.Logger; - import at.gv.egovernment.moa.id.commons.validation.ValidationHelper; import at.gv.egovernment.moa.id.configuration.Constants; import at.gv.egovernment.moa.id.configuration.data.oa.OAGeneralConfig; @@ -38,133 +36,133 @@ import at.gv.egovernment.moa.id.configuration.data.oa.OATargetConfiguration; import at.gv.egovernment.moa.id.configuration.helper.LanguageHelper; import at.gv.egovernment.moa.id.configuration.validation.CompanyNumberValidator; import at.gv.egovernment.moa.util.MiscUtil; +import lombok.extern.slf4j.Slf4j; +@Slf4j public class OATargetConfigValidation { - private static final Logger log = Logger.getLogger(OATargetConfigValidation.class); - - public List validate(OATargetConfiguration form, boolean isAdmin, OAGeneralConfig general, HttpServletRequest request) { - - List errors = new ArrayList(); - String check; - - if (general.isBusinessService()) { - - //check identification type - check = form.getIdentificationType(); - if (!form.getIdentificationTypeList().contains(check)) { - log.info("IdentificationType is not known."); - errors.add(LanguageHelper.getErrorString("validation.general.stork.sptarget", request)); - } - - //check identification number - check = form.getIdentificationNumber(); - if (MiscUtil.isEmpty(check)) { - log.info("Empty IdentificationNumber"); - errors.add(LanguageHelper.getErrorString("validation.general.identificationnumber.empty", request)); - - } else { - if (ValidationHelper.containsNotValidCharacter(check, false)) { - log.warn("IdentificationNumber contains potentail XSS characters: " + check); - errors.add(LanguageHelper.getErrorString("validation.general.identificationnumber.valid", - new Object[] {ValidationHelper.getNotValidCharacter(false)}, request )); - } - - if (form.getIdentificationType().equals(Constants.IDENIFICATIONTYPE_FN)) { - CompanyNumberValidator val = new CompanyNumberValidator(); - if (!val.validate(check)) { - log.info("Not valid CompanyNumber"); - errors.add(LanguageHelper.getErrorString("validation.general.identificationnumber.fn.valid", request)); - } - - } else if (form.getIdentificationType().equals(Constants.IDENIFICATIONTYPE_EIDAS)) { - Pattern pattern = Pattern.compile("[A-Z,a-z]{2}\\+[A-Z,a-z]{2}"); - Matcher matcher = pattern.matcher(check); - if (!matcher.matches()) { - log.info("Not valid eIDAS Target"); - errors.add(LanguageHelper.getErrorString("validation.general.identificationnumber.eidas.valid", request)); - - } - - } - } - - } else { - - check = form.getTarget_subsector(); - if (MiscUtil.isNotEmpty(check)) { - if (!ValidationHelper.isValidAdminTarget(check)) { - log.info("Not valid Target-Subsector"); - errors.add(LanguageHelper.getErrorString("validation.general.target.subsector.valid", request)); - } - } - - - if (!isAdmin) { - //check PublicURL Prefix allows PublicService - if (!ValidationHelper.isPublicServiceAllowed(general.getIdentifier())) { - log.warn("PublicURLPrefix does not allow PublicService: " + general.getIdentifier()); - errors.add(LanguageHelper.getErrorString("validation.general.target.publicserviceurl", - new Object[] {general.getIdentifier()}, request )); - general.setBusinessService(true); - return errors; - - } - - //check Target - check = form.getTarget(); - if (MiscUtil.isEmpty(check)) { - log.info("Empty Target"); - errors.add(LanguageHelper.getErrorString("validation.general.target.empty", request)); - - } else { - if (!ValidationHelper.isValidTarget(check)) { - log.info("Not valid Target"); - errors.add(LanguageHelper.getErrorString("validation.general.target.valid", request)); - } - } - - } else { - - //check targetFrindlyName(); - check = form.getTargetFriendlyName(); - if (MiscUtil.isNotEmpty(check)) { - if (ValidationHelper.containsNotValidCharacter(check, false)) { - log.warn("TargetFriendlyName contains potentail XSS characters: " + check); - errors.add(LanguageHelper.getErrorString("validation.general.targetfriendlyname", - new Object[] {ValidationHelper.getNotValidCharacter(false)}, request )); - } - } - - if (MiscUtil.isEmpty(form.getTarget()) && MiscUtil.isEmpty(form.getTarget_admin())) { - log.info("Empty Target"); - errors.add(LanguageHelper.getErrorString("validation.general.target.empty", request)); - } - - //check Target - check = form.getTarget(); - if (MiscUtil.isNotEmpty(check)) { - if (!ValidationHelper.isValidTarget(check)) { - log.info("Not valid Target"); - errors.add(LanguageHelper.getErrorString("validation.general.target.valid", request)); - } - } - - //check Admin Target - check = form.getTarget_admin(); - if (MiscUtil.isNotEmpty(check)) { - if (!ValidationHelper.isValidAdminTarget(check)) { - log.info("Not valid Target"); - errors.add(LanguageHelper.getErrorString("validation.general.target.admin.valid", request)); - } - } - } - } - - - //foreign bPK configuration - - - return errors; - } + public List validate(OATargetConfiguration form, boolean isAdmin, OAGeneralConfig general, + HttpServletRequest request) { + + final List errors = new ArrayList<>(); + String check; + + if (general.isBusinessService()) { + + // check identification type + check = form.getIdentificationType(); + if (!form.getIdentificationTypeList().contains(check)) { + log.info("IdentificationType is not known."); + errors.add(LanguageHelper.getErrorString("validation.general.stork.sptarget", request)); + } + + // check identification number + check = form.getIdentificationNumber(); + if (MiscUtil.isEmpty(check)) { + log.info("Empty IdentificationNumber"); + errors.add(LanguageHelper.getErrorString("validation.general.identificationnumber.empty", request)); + + } else { + if (ValidationHelper.containsNotValidCharacter(check, false)) { + log.warn("IdentificationNumber contains potentail XSS characters: " + check); + errors.add(LanguageHelper.getErrorString("validation.general.identificationnumber.valid", + new Object[] { ValidationHelper.getNotValidCharacter(false) }, request)); + } + + if (form.getIdentificationType().equals(Constants.IDENIFICATIONTYPE_FN)) { + final CompanyNumberValidator val = new CompanyNumberValidator(); + if (!val.validate(check)) { + log.info("Not valid CompanyNumber"); + errors.add(LanguageHelper.getErrorString("validation.general.identificationnumber.fn.valid", + request)); + } + + } else if (form.getIdentificationType().equals(Constants.IDENIFICATIONTYPE_EIDAS)) { + final Pattern pattern = Pattern.compile("[A-Z,a-z]{2}\\+[A-Z,a-z]{2}"); + final Matcher matcher = pattern.matcher(check); + if (!matcher.matches()) { + log.info("Not valid eIDAS Target"); + errors.add(LanguageHelper.getErrorString("validation.general.identificationnumber.eidas.valid", + request)); + + } + + } + } + + } else { + + check = form.getTarget_subsector(); + if (MiscUtil.isNotEmpty(check)) { + if (!ValidationHelper.isValidAdminTarget(check)) { + log.info("Not valid Target-Subsector"); + errors.add(LanguageHelper.getErrorString("validation.general.target.subsector.valid", request)); + } + } + + if (!isAdmin) { + // check PublicURL Prefix allows PublicService + if (!ValidationHelper.isPublicServiceAllowed(general.getIdentifier())) { + log.warn("PublicURLPrefix does not allow PublicService: " + general.getIdentifier()); + errors.add(LanguageHelper.getErrorString("validation.general.target.publicserviceurl", + new Object[] { general.getIdentifier() }, request)); + general.setBusinessService(true); + return errors; + + } + + // check Target + check = form.getTarget(); + if (MiscUtil.isEmpty(check)) { + log.info("Empty Target"); + errors.add(LanguageHelper.getErrorString("validation.general.target.empty", request)); + + } else { + if (!ValidationHelper.isValidTarget(check)) { + log.info("Not valid Target"); + errors.add(LanguageHelper.getErrorString("validation.general.target.valid", request)); + } + } + + } else { + + // check targetFrindlyName(); + check = form.getTargetFriendlyName(); + if (MiscUtil.isNotEmpty(check)) { + if (ValidationHelper.containsNotValidCharacter(check, false)) { + log.warn("TargetFriendlyName contains potentail XSS characters: " + check); + errors.add(LanguageHelper.getErrorString("validation.general.targetfriendlyname", + new Object[] { ValidationHelper.getNotValidCharacter(false) }, request)); + } + } + + if (MiscUtil.isEmpty(form.getTarget()) && MiscUtil.isEmpty(form.getTarget_admin())) { + log.info("Empty Target"); + errors.add(LanguageHelper.getErrorString("validation.general.target.empty", request)); + } + + // check Target + check = form.getTarget(); + if (MiscUtil.isNotEmpty(check)) { + if (!ValidationHelper.isValidTarget(check)) { + log.info("Not valid Target"); + errors.add(LanguageHelper.getErrorString("validation.general.target.valid", request)); + } + } + + // check Admin Target + check = form.getTarget_admin(); + if (MiscUtil.isNotEmpty(check)) { + if (!ValidationHelper.isValidAdminTarget(check)) { + log.info("Not valid Target"); + errors.add(LanguageHelper.getErrorString("validation.general.target.admin.valid", request)); + } + } + } + } + + // foreign bPK configuration + + return errors; + } } -- cgit v1.2.3