From f7c35a0214cb10cf6f7de031e9e5e73f40e4569d Mon Sep 17 00:00:00 2001 From: Thomas Lenz Date: Wed, 7 Aug 2013 18:02:34 +0200 Subject: WebInterface MOAID-General finished --- .../id/configuration/data/GeneralMOAIDConfig.java | 103 +++++- .../moa/id/configuration/helper/StringHelper.java | 28 ++ .../struts/action/EditGeneralConfigAction.java | 397 ++++++++++++++++++++- .../configuration/struts/action/EditOAAction.java | 26 +- .../configuration/validation/ValidationHelper.java | 8 +- .../validation/moaconfig/MOAConfigValidator.java | 291 +++++++++++++++ .../validation/moaconfig/PVP2ContactValidator.java | 80 +++++ 7 files changed, 906 insertions(+), 27 deletions(-) create mode 100644 id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/helper/StringHelper.java create mode 100644 id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/validation/moaconfig/PVP2ContactValidator.java (limited to 'id/ConfigWebTool/src/main/java/at/gv') diff --git a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/data/GeneralMOAIDConfig.java b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/data/GeneralMOAIDConfig.java index f03b1c057..d14e12df5 100644 --- a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/data/GeneralMOAIDConfig.java +++ b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/data/GeneralMOAIDConfig.java @@ -38,22 +38,28 @@ import at.gv.egovernment.moa.id.configuration.data.pvp2.ContactForm; public class GeneralMOAIDConfig { - public static final String LINE_DELIMITER = ";\n"; + public static final long DEFAULTTIMEOUTASSERTION = 120; //sec + public static final long DEFAULTTIMEOUTMOASESSIONCREATED = 1200; //sec + public static final long DEFAULTTIMEOUTMOASESSIONUPDATED = 2700; //sec + + public static final String LINE_DELIMITER = ";"; private String szrgwURL = null; private String alternativeSourceID = null; private String certStoreDirectory = null; private boolean trustmanagerrevocationcheck = false; - private long timeoutAssertion = 120; //sec - private long timeoutMOASessionCreated = 1200; //sec - private long timeoutMOASessionUpdated = 2700; //sec + private String timeoutAssertion = String.valueOf(DEFAULTTIMEOUTASSERTION); + private String timeoutMOASessionCreated = String.valueOf(DEFAULTTIMEOUTMOASESSIONCREATED); + private String timeoutMOASessionUpdated = String.valueOf(DEFAULTTIMEOUTMOASESSIONUPDATED); private String identityLinkSigners = ""; + private List idlSignersList = null; private String moaspssURL = null; private String moaspssAuthTrustProfile = null; private String moaspssAuthTransformations = ""; + private List authTransformList = null; private String moaspssIdlTrustProfile = null; private String mandateURL = null; @@ -71,6 +77,7 @@ public class GeneralMOAIDConfig { private List fileUpload = null; private List fileUploadContentType; private List fileUploadFileName; + private Map secLayerTransformation = null; private String ssoTarget = null; private String ssoFriendlyName = null; @@ -130,11 +137,11 @@ public class GeneralMOAIDConfig { if (timeouts != null) { if(timeouts.getAssertion() != null) - timeoutAssertion = timeouts.getAssertion().longValue(); + timeoutAssertion = String.valueOf(timeouts.getAssertion().longValue()); if(timeouts.getMOASessionCreated() != null) - timeoutMOASessionCreated = timeouts.getMOASessionCreated().longValue(); + timeoutMOASessionCreated = String.valueOf(timeouts.getMOASessionCreated().longValue()); if(timeouts.getMOASessionUpdated() != null) - timeoutMOASessionUpdated = timeouts.getMOASessionUpdated().longValue(); + timeoutMOASessionUpdated = String.valueOf(timeouts.getMOASessionUpdated().longValue()); } } @@ -144,7 +151,7 @@ public class GeneralMOAIDConfig { List idem = idlsign.getX509SubjectNameItems(); for (IdentityLinkSignersX509SubjectNameItem el : idem) { - identityLinkSigners += el.getItem() + LINE_DELIMITER; + identityLinkSigners += el.getItem() + LINE_DELIMITER + "\n"; } } @@ -161,7 +168,7 @@ public class GeneralMOAIDConfig { List list = authblock.getVerifyTransformsInfoProfileID(); for (String el : list) - moaspssAuthTransformations += el + LINE_DELIMITER; + moaspssAuthTransformations += el + LINE_DELIMITER + "\n"; } VerifyIdentityLink idl = moaspss.getVerifyIdentityLink(); @@ -219,8 +226,9 @@ public class GeneralMOAIDConfig { fileUploadFileName = new ArrayList(); - for (TransformsInfoType el : list) + for (TransformsInfoType el : list) { fileUploadFileName.add(el.getFilename()); + } } SSO sso = auth.getSSO(); @@ -314,42 +322,42 @@ public class GeneralMOAIDConfig { /** * @return the timeoutAssertion */ - public long getTimeoutAssertion() { + public String getTimeoutAssertion() { return timeoutAssertion; } /** * @param timeoutAssertion the timeoutAssertion to set */ - public void setTimeoutAssertion(long timeoutAssertion) { + public void setTimeoutAssertion(String timeoutAssertion) { this.timeoutAssertion = timeoutAssertion; } /** * @return the timeoutMOASessionCreated */ - public long getTimeoutMOASessionCreated() { + public String getTimeoutMOASessionCreated() { return timeoutMOASessionCreated; } /** * @param timeoutMOASessionCreated the timeoutMOASessionCreated to set */ - public void setTimeoutMOASessionCreated(long timeoutMOASessionCreated) { + public void setTimeoutMOASessionCreated(String timeoutMOASessionCreated) { this.timeoutMOASessionCreated = timeoutMOASessionCreated; } /** * @return the timeoutMOASessionUpdated */ - public long getTimeoutMOASessionUpdated() { + public String getTimeoutMOASessionUpdated() { return timeoutMOASessionUpdated; } /** * @param timeoutMOASessionUpdated the timeoutMOASessionUpdated to set */ - public void setTimeoutMOASessionUpdated(long timeoutMOASessionUpdated) { + public void setTimeoutMOASessionUpdated(String timeoutMOASessionUpdated) { this.timeoutMOASessionUpdated = timeoutMOASessionUpdated; } @@ -800,6 +808,69 @@ public class GeneralMOAIDConfig { public void setChainigmodelist(Map chainigmodelist) { GeneralMOAIDConfig.chainigmodelist = chainigmodelist; } + + /** + * @return the secLayerTransformation + */ + public Map getSecLayerTransformation() { + return secLayerTransformation; + } + + /** + * @param secLayerTransformation the secLayerTransformation to set + */ + public void setSecLayerTransformation(Map secLayerTransformation) { + this.secLayerTransformation = secLayerTransformation; + } + + /** + * @return the idlSignersList + */ + public List getIdlSignersList() { + return idlSignersList; + } + + /** + * @param idlSignersList the idlSignersList to set + */ + public void setIdlSignersList(List idlSignersList) { + this.idlSignersList = idlSignersList; + } + + /** + * @return the authTransformList + */ + public List getAuthTransformList() { + return authTransformList; + } + + /** + * @param authTransformList the authTransformList to set + */ + public void setAuthTransformList(List authTransformList) { + this.authTransformList = authTransformList; + } + + + + + public void setFileUpload(File fileUpload) { + if (this.fileUpload == null) + this.fileUpload = new ArrayList(); + this.fileUpload.add(fileUpload); + } + + public void setFileUploadContentType(String fileUploadContentType) { + if (this.fileUploadContentType == null) + this.fileUploadContentType = new ArrayList(); + this.fileUploadContentType.add(fileUploadContentType); + } + + public void setFileUploadFileName(String fileUploadFileName) { + if (this.fileUploadFileName == null) + this.fileUploadFileName = new ArrayList(); + this.fileUploadFileName.add(fileUploadFileName); + } } diff --git a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/helper/StringHelper.java b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/helper/StringHelper.java new file mode 100644 index 000000000..8abb0be86 --- /dev/null +++ b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/helper/StringHelper.java @@ -0,0 +1,28 @@ +package at.gv.egovernment.moa.id.configuration.helper; + +public class StringHelper { + + public static String formatText(String strGivenText) + { + StringBuffer sbFormattedText = new StringBuffer(strGivenText); + + for(int i=0; i errors = validator.validate(moaconfig); + + if (errors.size() > 0) { + log.info("General MOA-ID configuration has some erros."); + for (String el : errors) + addActionError(el); + + return Constants.STRUTS_ERROR_VALIDATION; + } + String error = saveFormToDatabase(); - + if (error != null) { + log.warn("General MOA-ID config can not be stored in Database"); + addActionError(error); + return Constants.STRUTS_SUCCESS; + } } else { addActionError(LanguageHelper.getErrorString("errors.notallowed", request)); @@ -76,6 +133,7 @@ public class EditGeneralConfigAction extends ActionSupport } else return Constants.STRUTS_REAUTHENTICATE; + addActionMessage(LanguageHelper.getGUIString("webpages.moaconfig.save.success")); return Constants.STRUTS_SUCCESS; } @@ -91,6 +149,343 @@ public class EditGeneralConfigAction extends ActionSupport return Constants.STRUTS_SUCCESS; } + private String saveFormToDatabase() { + + MOAIDConfiguration oldconfig = ConfigurationDBRead.getMOAIDConfiguration(); + AuthComponentGeneral oldauth = null; + if (oldconfig != null) { + oldauth = oldconfig.getAuthComponentGeneral(); + } + +// MOAIDConfiguration dbconfig = ConfigurationDBRead.getMOAIDConfiguration(); +// if (dbconfig == null) { +// dbconfig = new MOAIDConfiguration(); +// isnewconfig = true; +// } + + MOAIDConfiguration dbconfig = new MOAIDConfiguration(); + + AuthComponentGeneral dbauth = dbconfig.getAuthComponentGeneral(); + if (dbauth == null) { + dbauth = new AuthComponentGeneral(); + dbconfig.setAuthComponentGeneral(dbauth); + } + + GeneralConfiguration dbauthgeneral = dbauth.getGeneralConfiguration(); + if (dbauthgeneral == null) { + dbauthgeneral = new GeneralConfiguration(); + dbauth.setGeneralConfiguration(dbauthgeneral); + } + + GeneralConfiguration oldauthgeneral = null; + if (oldauth != null) + oldauthgeneral = oldauth.getGeneralConfiguration(); + + if (MiscUtil.isNotEmpty(moaconfig.getAlternativeSourceID())) + dbauthgeneral.setAlternativeSourceID(moaconfig.getAlternativeSourceID()); + else { + if (oldauthgeneral != null) + dbauthgeneral.setAlternativeSourceID(oldauthgeneral.getAlternativeSourceID()); + } + + if (MiscUtil.isNotEmpty(moaconfig.getCertStoreDirectory())) + dbauthgeneral.setCertStoreDirectory(moaconfig.getCertStoreDirectory()); + + TimeOuts dbtimeouts = dbauthgeneral.getTimeOuts(); + if (dbtimeouts == null) { + dbtimeouts = new TimeOuts(); + dbauthgeneral.setTimeOuts(dbtimeouts); + } + if (MiscUtil.isEmpty(moaconfig.getTimeoutAssertion())) + dbtimeouts.setAssertion(BigInteger.valueOf(GeneralMOAIDConfig.DEFAULTTIMEOUTASSERTION)); + else + dbtimeouts.setAssertion(new BigInteger(moaconfig.getTimeoutAssertion())); + + if (MiscUtil.isEmpty(moaconfig.getTimeoutMOASessionCreated())) + dbtimeouts.setMOASessionCreated(BigInteger.valueOf(GeneralMOAIDConfig.DEFAULTTIMEOUTMOASESSIONCREATED)); + else + dbtimeouts.setMOASessionCreated(new BigInteger(moaconfig.getTimeoutMOASessionCreated())); + + if (MiscUtil.isEmpty(moaconfig.getTimeoutMOASessionUpdated())) + dbtimeouts.setMOASessionUpdated(BigInteger.valueOf(GeneralMOAIDConfig.DEFAULTTIMEOUTMOASESSIONUPDATED)); + else + dbtimeouts.setMOASessionUpdated(new BigInteger(moaconfig.getTimeoutMOASessionUpdated())); + + dbauthgeneral.setTrustManagerRevocationChecking(moaconfig.isTrustmanagerrevocationcheck()); + + + Protocols dbprotocols = dbauth.getProtocols(); + if (dbprotocols == null) { + dbprotocols = new Protocols(); + dbauth.setProtocols(dbprotocols); + } + LegacyAllowed legprot = dbprotocols.getLegacyAllowed(); + if (legprot == null) { + legprot = new LegacyAllowed(); + dbprotocols.setLegacyAllowed(legprot); + } + + List el = new ArrayList(); + if (moaconfig.isLegacy_pvp2()) + el.add(Constants.MOA_CONFIG_PROTOCOL_PVP2); + if (moaconfig.isLegacy_saml1()) + el.add(Constants.MOA_CONFIG_PROTOCOL_SAML1); + legprot.setProtocolName(el); + + PVP2 pvp2 = dbprotocols.getPVP2(); + if (pvp2 == null) { + pvp2 = new PVP2(); + dbprotocols.setPVP2(pvp2); + } + if (MiscUtil.isNotEmpty(moaconfig.getPvp2IssuerName())) + pvp2.setIssuerName(moaconfig.getPvp2IssuerName()); + if (MiscUtil.isNotEmpty(moaconfig.getPvp2PublicUrlPrefix())) + pvp2.setPublicURLPrefix(moaconfig.getPvp2PublicUrlPrefix()); + + Organization pvp2org = pvp2.getOrganization(); + if (pvp2org == null) { + pvp2org = new Organization(); + pvp2.setOrganization(pvp2org); + } + if (MiscUtil.isNotEmpty(moaconfig.getPvp2OrgDisplayName())) + pvp2org.setDisplayName(moaconfig.getPvp2OrgDisplayName()); + if (MiscUtil.isNotEmpty(moaconfig.getPvp2OrgName())) + pvp2org.setName(moaconfig.getPvp2OrgName()); + if (MiscUtil.isNotEmpty(moaconfig.getPvp2OrgURL())) + pvp2org.setURL(moaconfig.getPvp2OrgURL()); + + List pvp2cont = pvp2.getContact(); + if (pvp2cont == null) { + pvp2cont = new ArrayList(); + pvp2.setContact(pvp2cont); + } + Contact cont = new Contact(); + pvp2cont.add(cont); + if (MiscUtil.isNotEmpty(moaconfig.getPvp2Contact().getCompany())) + cont.setCompany(moaconfig.getPvp2Contact().getCompany()); + + if (MiscUtil.isNotEmpty(moaconfig.getPvp2Contact().getGivenname())) + cont.setGivenName(moaconfig.getPvp2Contact().getGivenname()); + + //TODO: change to list if required + if (MiscUtil.isNotEmpty(moaconfig.getPvp2Contact().getMail())) + cont.setMail(Arrays.asList(moaconfig.getPvp2Contact().getMail())); + if (MiscUtil.isNotEmpty(moaconfig.getPvp2Contact().getPhone())) + cont.setPhone(Arrays.asList(moaconfig.getPvp2Contact().getPhone())); + + if (MiscUtil.isNotEmpty(moaconfig.getPvp2Contact().getSurname())) + cont.setSurName(moaconfig.getPvp2Contact().getSurname()); + if (MiscUtil.isNotEmpty(moaconfig.getPvp2Contact().getType())) + cont.setType(moaconfig.getPvp2Contact().getType()); + + SSO dbsso = dbauth.getSSO(); + if (dbsso == null) { + dbsso = new SSO(); + dbauth.setSSO(dbsso); + } + + if (MiscUtil.isNotEmpty(moaconfig.getSsoFriendlyName())) + dbsso.setFriendlyName(moaconfig.getSsoFriendlyName()); + if (MiscUtil.isNotEmpty(moaconfig.getSsoSpecialText())) + dbsso.setSpecialText(moaconfig.getSsoSpecialText()); + if (MiscUtil.isNotEmpty(moaconfig.getSsoPublicUrl())) + dbsso.setPublicURL(moaconfig.getSsoPublicUrl()); + + if (MiscUtil.isNotEmpty(moaconfig.getSsoTarget())) + dbsso.setTarget(moaconfig.getSsoTarget()); + + if (MiscUtil.isNotEmpty(moaconfig.getSsoIdentificationNumber())) { + IdentificationNumber ssoid = dbsso.getIdentificationNumber(); + if (ssoid == null) { + ssoid = new IdentificationNumber(); + dbsso.setIdentificationNumber(ssoid); + } + ssoid.setValue(moaconfig.getSsoIdentificationNumber()); + } + + DefaultBKUs dbbkus = dbconfig.getDefaultBKUs(); + if (dbbkus == null) { + dbbkus = new DefaultBKUs(); + dbconfig.setDefaultBKUs(dbbkus); + } + + if (MiscUtil.isNotEmpty(moaconfig.getDefaultBKUHandy())) + dbbkus.setHandyBKU(moaconfig.getDefaultBKUHandy()); + + if (MiscUtil.isNotEmpty(moaconfig.getDefaultBKUOnline())) + dbbkus.setOnlineBKU(moaconfig.getDefaultBKUOnline()); + + if (MiscUtil.isNotEmpty(moaconfig.getDefaultBKULocal())) + dbbkus.setLocalBKU(moaconfig.getDefaultBKULocal()); + + ChainingModes dbchainingmodes = dbconfig.getChainingModes(); + if (dbchainingmodes == null) { + dbchainingmodes = new ChainingModes(); + dbconfig.setChainingModes(dbchainingmodes); + } + + dbchainingmodes.setSystemDefaultMode( + ChainingModeType.fromValue(moaconfig.getDefaultchainigmode())); + if (oldconfig != null) { + ChainingModes oldchainigmodes = oldconfig.getChainingModes(); + if (oldchainigmodes != null) { + List oldtrustanchor = oldchainigmodes.getTrustAnchor(); + if (oldtrustanchor != null) { + List trustanchor = new ArrayList(); + for (TrustAnchor oldel : oldtrustanchor) { + TrustAnchor TAel = new TrustAnchor(); + TAel.setX509IssuerName(oldel.getX509IssuerName()); + TAel.setX509SerialNumber(oldel.getX509SerialNumber()); + TAel.setMode(oldel.getMode()); + trustanchor.add(TAel); + } + dbchainingmodes.setTrustAnchor(trustanchor); + } + } + } + + IdentityLinkSigners idlsigners = dbauth.getIdentityLinkSigners(); + if (idlsigners == null) { + idlsigners = new IdentityLinkSigners(); + dbauth.setIdentityLinkSigners(idlsigners); + } + if (moaconfig.getIdlSignersList().size() > 0) { + idlsigners.setX509SubjectName(moaconfig.getIdlSignersList()); + } + + ForeignIdentities dbforeign = dbauth.getForeignIdentities(); + if (dbforeign == null) { + dbforeign = new ForeignIdentities(); + dbauth.setForeignIdentities(dbforeign); + } + + if (MiscUtil.isNotEmpty(moaconfig.getSzrgwURL())) { + ConnectionParameterClientAuthType forcon = dbforeign.getConnectionParameter(); + if (forcon == null) { + forcon = new ConnectionParameterClientAuthType(); + dbforeign.setConnectionParameter(forcon); + } + forcon.setURL(moaconfig.getSzrgwURL()); + } + + //TODO: Set STORK Config!!! + if (oldauth != null) { + ForeignIdentities oldforeign = oldauth.getForeignIdentities(); + if (oldforeign != null) { + STORK oldstork = oldforeign.getSTORK(); + if (oldstork != null) + dbforeign.setSTORK(oldstork); + } + } + + if (MiscUtil.isNotEmpty(moaconfig.getMandateURL())) { + OnlineMandates dbmandate = dbauth.getOnlineMandates(); + if (dbmandate == null) { + dbmandate = new OnlineMandates(); + dbauth.setOnlineMandates(dbmandate); + } + ConnectionParameterClientAuthType dbmandateconnection = dbmandate.getConnectionParameter(); + + if (dbmandateconnection == null) { + dbmandateconnection = new ConnectionParameterClientAuthType(); + dbmandate.setConnectionParameter(dbmandateconnection); + } + dbmandateconnection.setURL(moaconfig.getMandateURL()); + } + + MOASP dbmoasp = dbauth.getMOASP(); + if (dbmoasp == null) { + dbmoasp = new MOASP(); + dbauth.setMOASP(dbmoasp); + } + if (MiscUtil.isNotEmpty(moaconfig.getMoaspssURL())) { + ConnectionParameterClientAuthType moaspcon = dbmoasp.getConnectionParameter(); + if (moaspcon == null) { + moaspcon = new ConnectionParameterClientAuthType(); + dbmoasp.setConnectionParameter(moaspcon); + } + moaspcon.setURL(moaconfig.getMoaspssURL()); + } + VerifyIdentityLink moaidl = dbmoasp.getVerifyIdentityLink(); + if (moaidl == null) { + moaidl = new VerifyIdentityLink(); + dbmoasp.setVerifyIdentityLink(moaidl); + } + moaidl.setTrustProfileID(moaconfig.getMoaspssIdlTrustProfile()); + VerifyAuthBlock moaauth = dbmoasp.getVerifyAuthBlock(); + if (moaauth == null) { + moaauth = new VerifyAuthBlock(); + dbmoasp.setVerifyAuthBlock(moaauth); + } + moaauth.setTrustProfileID(moaconfig.getMoaspssAuthTrustProfile()); + + moaauth.setVerifyTransformsInfoProfileID(moaconfig.getAuthTransformList()); + + SecurityLayer seclayertrans = dbauth.getSecurityLayer(); + if (seclayertrans == null) { + seclayertrans = new SecurityLayer(); + dbauth.setSecurityLayer(seclayertrans); + } + List trans = new ArrayList(); + Map moatrans = moaconfig.getSecLayerTransformation(); + if (moatrans != null) { + Set keys = moatrans.keySet(); + for (String key : keys) { + TransformsInfoType elem = new TransformsInfoType(); + elem.setFilename(key); + elem.setTransformation(moatrans.get(key)); + trans.add(elem); + } + } else { + if (oldauth != null) { + SecurityLayer oldsectrans = oldauth.getSecurityLayer(); + if (oldsectrans != null) { + List oldtranslist = oldsectrans.getTransformsInfo(); + for (TransformsInfoType oldel : oldtranslist) { + TransformsInfoType elem = new TransformsInfoType(); + elem.setFilename(oldel.getFilename()); + elem.setTransformation(oldel.getTransformation()); + trans.add(elem); + } + } + } + } + if (trans.size() > 0) + seclayertrans.setTransformsInfo(trans); + + + SLRequestTemplates slrequesttempl = dbconfig.getSLRequestTemplates(); + if (slrequesttempl == null) { + slrequesttempl = new SLRequestTemplates(); + dbconfig.setSLRequestTemplates(slrequesttempl); + } + if (MiscUtil.isNotEmpty(moaconfig.getSLRequestTemplateHandy())) + slrequesttempl.setHandyBKU(moaconfig.getSLRequestTemplateHandy()); + if (MiscUtil.isNotEmpty(moaconfig.getSLRequestTemplateLocal())) + slrequesttempl.setLocalBKU(moaconfig.getSLRequestTemplateLocal()); + if (MiscUtil.isNotEmpty(moaconfig.getSLRequestTemplateOnline())) + slrequesttempl.setOnlineBKU(moaconfig.getSLRequestTemplateOnline()); + + if (MiscUtil.isNotEmpty(moaconfig.getTrustedCACerts())) + dbconfig.setTrustedCACertificates(moaconfig.getTrustedCACerts()); + + //save config + try { + ConfigurationDBUtils.save(dbconfig); + + if (oldconfig != null) + ConfigurationDBUtils.delete(oldconfig); + + } catch (MOADatabaseException e) { + log.warn("MOAID Configuration can not be stored in Database", e); + return LanguageHelper.getErrorString("error.db.oa.store"); + } + + ConfigurationDBUtils.closeSession(); + + return null; + } + public void setServletResponse(HttpServletResponse response) { this.response = response; diff --git a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/struts/action/EditOAAction.java b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/struts/action/EditOAAction.java index a9210ad27..96918d37c 100644 --- a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/struts/action/EditOAAction.java +++ b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/struts/action/EditOAAction.java @@ -87,11 +87,25 @@ ServletResponseAware { return Constants.STRUTS_ERROR; } oaid = Long.valueOf(oaidobj); - - request.getSession().setAttribute(Constants.SESSION_OAID, oaid); - - OnlineApplication onlineapplication = ConfigurationDBRead.getOnlineApplication(oaid); - + + OnlineApplication onlineapplication = null;; + if (authUser.isAdmin()) + onlineapplication = ConfigurationDBRead.getOnlineApplication(oaid); + else { + UserDatabase userdb = ConfigurationDBRead.getUserWithID(authUser.getUserID()); + List oas = userdb.getOnlineApplication(); + for (OnlineApplication oa : oas) { + if (oa.getHjid() == oaid) { + onlineapplication = oa; + break; + } + } + if (onlineapplication == null) { + addActionError(LanguageHelper.getErrorString("errors.edit.oa.oaid", request)); + return Constants.STRUTS_ERROR; + } + } + generalOA.parse(onlineapplication); ssoOA.parse(onlineapplication); saml1OA.parse(onlineapplication); @@ -103,6 +117,8 @@ ServletResponseAware { } ConfigurationDBUtils.closeSession(); + + request.getSession().setAttribute(Constants.SESSION_OAID, oaid); newOA = false; diff --git a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/validation/ValidationHelper.java b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/validation/ValidationHelper.java index 6da106b85..aeac75e44 100644 --- a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/validation/ValidationHelper.java +++ b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/validation/ValidationHelper.java @@ -163,7 +163,7 @@ public class ValidationHelper { return "; % \" ' ` , < > \\ /"; } - public static boolean isValidIdentityLinkSigner(String param) { + public static boolean isNotValidIdentityLinkSigner(String param) { if (param == null) { return false; } @@ -173,15 +173,13 @@ public class ValidationHelper { param.indexOf("'") != -1 || param.indexOf("?") != -1 || param.indexOf("`") != -1 || - param.indexOf(",") != -1 || param.indexOf("<") != -1 || - param.indexOf(">") != -1 || - param.indexOf("\\") != -1; + param.indexOf(">") != -1; } public static String getNotValidIdentityLinkSignerCharacters() { - return "; % \" ' ` , < > \\"; + return "; % \" ' ` < >"; } } diff --git a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/validation/moaconfig/MOAConfigValidator.java b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/validation/moaconfig/MOAConfigValidator.java index cdd1d2c60..c41535d00 100644 --- a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/validation/moaconfig/MOAConfigValidator.java +++ b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/validation/moaconfig/MOAConfigValidator.java @@ -1,14 +1,21 @@ package at.gv.egovernment.moa.id.configuration.validation.moaconfig; +import java.io.File; +import java.io.FileInputStream; +import java.io.IOException; import java.util.ArrayList; +import java.util.HashMap; import java.util.List; import java.util.Map; import org.apache.log4j.Logger; import at.gv.egovernment.moa.id.configuration.data.GeneralMOAIDConfig; +import at.gv.egovernment.moa.id.configuration.data.pvp2.ContactForm; import at.gv.egovernment.moa.id.configuration.helper.LanguageHelper; +import at.gv.egovernment.moa.id.configuration.helper.StringHelper; import at.gv.egovernment.moa.id.configuration.validation.ValidationHelper; +import at.gv.egovernment.moa.util.Base64Utils; import at.gv.egovernment.moa.util.MiscUtil; public class MOAConfigValidator { @@ -21,6 +28,7 @@ public class MOAConfigValidator { log.debug("Validate general MOA configuration"); + String check = form.getAlternativeSourceID(); if (MiscUtil.isNotEmpty(check)) { if (ValidationHelper.containsPotentialCSSCharacter(check, false)) { @@ -29,6 +37,31 @@ public class MOAConfigValidator { new Object[] {ValidationHelper.getPotentialCSSCharacter(false)} )); } } + + check = form.getTimeoutAssertion(); + if (MiscUtil.isNotEmpty(check)) { + if (!ValidationHelper.validateNumber(check)) { + log.warn("Assertion Timeout is no number " + check); + errors.add(LanguageHelper.getErrorString("validation.general.timeouts.assertion.valid", + new Object[] {ValidationHelper.getNotValidOAIdentifierCharacters()} )); + } + } + check = form.getTimeoutMOASessionCreated(); + if (MiscUtil.isNotEmpty(check)) { + if (!ValidationHelper.validateNumber(check)) { + log.warn("MOASessionCreated Timeout is no number " + check); + errors.add(LanguageHelper.getErrorString("validation.general.timeouts.moasessioncreated.valid", + new Object[] {ValidationHelper.getNotValidOAIdentifierCharacters()} )); + } + } + check = form.getTimeoutMOASessionUpdated(); + if (MiscUtil.isNotEmpty(check)) { + if (!ValidationHelper.validateNumber(check)) { + log.warn("MOASessionUpdated Timeout is no number " + check); + errors.add(LanguageHelper.getErrorString("validation.general.timeouts.moasessionupdated.valid", + new Object[] {ValidationHelper.getNotValidOAIdentifierCharacters()} )); + } + } check = form.getCertStoreDirectory(); if (MiscUtil.isNotEmpty(check)) { @@ -79,14 +112,272 @@ public class MOAConfigValidator { } check = form.getIdentityLinkSigners(); + List idllist = new ArrayList(); if (MiscUtil.isEmpty(check)) { log.info("Empty IdentityLinkSigners"); errors.add(LanguageHelper.getErrorString("validation.general.IdentityLinkSigners.empty")); } else { String[] list = check.split(GeneralMOAIDConfig.LINE_DELIMITER); + int i = 1; + for(String el : list) { + if (ValidationHelper.isNotValidIdentityLinkSigner(el)) { + log.info("IdentityLinkSigners is not valid: " + el); + errors.add(LanguageHelper.getErrorString("validation.general.IdentityLinkSigners.valid", + new Object[] {i, ValidationHelper.getNotValidIdentityLinkSignerCharacters()} )); + + } else { + String elformat = StringHelper.formatText(el.trim()); + if (MiscUtil.isNotEmpty(elformat)) + idllist.add(elformat); + } + i++; + } + } + form.setIdlSignersList(idllist); + + check = form.getMandateURL(); + if (MiscUtil.isNotEmpty(check)) { + if (!ValidationHelper.validateURL(check)) { + log.info("Not valid Online-Mandate Service URL"); + errors.add(LanguageHelper.getErrorString("validation.general.mandateservice.valid")); + } + } + + check = form.getMoaspssAuthTransformations(); + List authtranslist = new ArrayList(); + if (MiscUtil.isEmpty(check)) { + log.info("Empty MoaspssAuthTransformation"); + errors.add(LanguageHelper.getErrorString("validation.general.moasp.auth.transformation.empty")); + } else { + check = StringHelper.formatText(check); + String[] list = check.split(GeneralMOAIDConfig.LINE_DELIMITER); + int i=1; for(String el : list) { + if (ValidationHelper.containsPotentialCSSCharacter(el, false)) { + log.info("IdentityLinkSigners is not valid: " + el); + errors.add(LanguageHelper.getErrorString("validation.general.moasp.auth.transformation.valid", + new Object[] {i, ValidationHelper.getPotentialCSSCharacter(false)} )); + + } else { + if (MiscUtil.isNotEmpty(el.trim())) + authtranslist.add(el.trim()); + } + i++; + } + } + form.setAuthTransformList(authtranslist); + + check = form.getMoaspssAuthTrustProfile(); + if (MiscUtil.isEmpty(check)) { + log.info("Empty MOA-SP/SS Authblock TrustProfile"); + errors.add(LanguageHelper.getErrorString("validation.general.moasp.auth.trustprofile.empty")); + } else { + if (ValidationHelper.containsPotentialCSSCharacter(check, false)) { + log.info("Authblock TrustProfile is not valid: " +check); + errors.add(LanguageHelper.getErrorString("validation.general.moasp.auth.trustprofile.valid", + new Object[] {ValidationHelper.getPotentialCSSCharacter(false)} )); + } + } + + check = form.getMoaspssIdlTrustProfile(); + if (MiscUtil.isEmpty(check)) { + log.info("Empty MOA-SP/SS IdentityLink TrustProfile"); + errors.add(LanguageHelper.getErrorString("validation.general.moasp.idl.trustprofile.empty")); + } else { + if (ValidationHelper.containsPotentialCSSCharacter(check, false)) { + log.info("IdentityLink TrustProfile is not valid: " +check); + errors.add(LanguageHelper.getErrorString("validation.general.moasp.idl.trustprofile.valid", + new Object[] {ValidationHelper.getPotentialCSSCharacter(false)} )); + } + } + + check = form.getMoaspssURL(); + if (MiscUtil.isNotEmpty(check)) { + if (!ValidationHelper.validateURL(check)) { + log.info("Not valid MOA-SP/SS Service URL"); + errors.add(LanguageHelper.getErrorString("validation.general.moaspss.url.valid")); + } + } + + check = form.getPvp2IssuerName(); + if (MiscUtil.isNotEmpty(check)) { + if (ValidationHelper.containsPotentialCSSCharacter(check, false)) { + log.info("PVP2 IssuerName is not valid: " + check); + errors.add(LanguageHelper.getErrorString("validation.general.protocol.pvp2.issuername.valid", + new Object[] {ValidationHelper.getPotentialCSSCharacter(false)} )); + } + } + + check = form.getPvp2OrgDisplayName(); + if (MiscUtil.isNotEmpty(check)) { + if (ValidationHelper.containsPotentialCSSCharacter(check, false)) { + log.info("PVP2 organisation display name is not valid: " + check); + errors.add(LanguageHelper.getErrorString("validation.general.protocol.pvp2.org.displayname.valid", + new Object[] {ValidationHelper.getPotentialCSSCharacter(false)} )); + } + } + + check = form.getPvp2OrgName(); + if (MiscUtil.isNotEmpty(check)) { + if (ValidationHelper.containsPotentialCSSCharacter(check, false)) { + log.info("PVP2 organisation name is not valid: " + check); + errors.add(LanguageHelper.getErrorString("validation.general.protocol.pvp2.org.name.valid", + new Object[] {ValidationHelper.getPotentialCSSCharacter(false)} )); + } + } + + check = form.getPvp2OrgURL(); + if (MiscUtil.isNotEmpty(check)) { + if (!ValidationHelper.validateURL(check)) { + log.info("PVP2 organisation URL is not valid"); + errors.add(LanguageHelper.getErrorString("validation.general.protocol.pvp2.org.url.valid")); + } + } + + check = form.getPvp2PublicUrlPrefix(); + if (MiscUtil.isNotEmpty(check)) { + if (!ValidationHelper.validateURL(check)) { + log.info("PVP2 Service URL is not valid"); + errors.add(LanguageHelper.getErrorString("validation.general.protocol.pvp2.serviceurl.valid")); + } + } + + check = form.getSLRequestTemplateHandy(); + if (MiscUtil.isEmpty(check)) { + log.info("Empty SLRequestTemplate Handy-BKU"); + errors.add(LanguageHelper.getErrorString("validation.general.slrequest.handy.empty")); + } else { + if (!ValidationHelper.validateURL(check)) { + log.info("SLRequestTemplate Handy-BKU is not valid"); + errors.add(LanguageHelper.getErrorString("validation.general.slrequest.handy.valid")); + } + } + + check = form.getSLRequestTemplateLocal(); + if (MiscUtil.isEmpty(check)) { + log.info("Empty SLRequestTemplate local BKU"); + errors.add(LanguageHelper.getErrorString("validation.general.slrequest.local.empty")); + } else { + if (!ValidationHelper.validateURL(check)) { + log.info("SLRequestTemplate local BKU is not valid"); + errors.add(LanguageHelper.getErrorString("validation.general.slrequest.local.valid")); + } + } + + check = form.getSLRequestTemplateOnline(); + if (MiscUtil.isEmpty(check)) { + log.info("Empty SLRequestTemplate Online-BKU"); + errors.add(LanguageHelper.getErrorString("validation.general.slrequest.online.empty")); + } else { + if (!ValidationHelper.validateURL(check)) { + log.info("SLRequestTemplate Online-BKU is not valid"); + errors.add(LanguageHelper.getErrorString("validation.general.slrequest.online.valid")); + } + } + + check = form.getSsoFriendlyName(); + if (MiscUtil.isNotEmpty(check)) { + if (ValidationHelper.containsPotentialCSSCharacter(check, false)) { + log.info("SSO friendlyname is not valid: " + check); + errors.add(LanguageHelper.getErrorString("validation.general.sso.friendlyname.valid", + new Object[] {ValidationHelper.getPotentialCSSCharacter(false)} )); + } + } + + check = form.getSsoIdentificationNumber(); + if (MiscUtil.isNotEmpty(check)) { + if (ValidationHelper.containsPotentialCSSCharacter(check, false)) { + log.info("SSO IdentificationNumber is not valid: " + check); + errors.add(LanguageHelper.getErrorString("validation.general.sso.identificationnumber.valid", + new Object[] {ValidationHelper.getPotentialCSSCharacter(false)} )); + } + } + + check = form.getSsoPublicUrl(); + if (MiscUtil.isNotEmpty(check)) { + if (!ValidationHelper.validateURL(check)) { + log.info("SSO Public URL is not valid"); + errors.add(LanguageHelper.getErrorString("validation.general.sso.publicurl.valid")); + } + } + + check = form.getSsoSpecialText(); + if (MiscUtil.isNotEmpty(check)) { + if (ValidationHelper.containsPotentialCSSCharacter(check, true)) { + log.info("SSO SpecialText is not valid: " + check); + errors.add(LanguageHelper.getErrorString("validation.general.sso.specialauthtext.valid", + new Object[] {ValidationHelper.getPotentialCSSCharacter(true)} )); + } + } + + check = form.getSsoTarget(); + if (MiscUtil.isEmpty(check)) { + log.info("Empty SSO Target"); + errors.add(LanguageHelper.getErrorString("validation.general.sso.target.empty")); + + } else { + if (!ValidationHelper.isValidTarget(check)) { + log.info("Not valid SSO Target"); + errors.add(LanguageHelper.getErrorString("validation.general.sso.target.valid")); + } + } + + check = form.getSzrgwURL(); + if (MiscUtil.isNotEmpty(check)) { + if (!ValidationHelper.validateURL(check)) { + log.info("SZRGW URL is not valid"); + errors.add(LanguageHelper.getErrorString("validation.general.szrgw.url.valid")); + } + } + + check = form.getTrustedCACerts(); + if (MiscUtil.isEmpty(check)) { + log.info("Empty TrustCACerts Directory"); + errors.add(LanguageHelper.getErrorString("validation.general.trustedcacerts.empty")); + + } else { + if (ValidationHelper.isNotValidIdentityLinkSigner(check)) { + log.info("Not valid TrustCACerts Directory"); + errors.add(LanguageHelper.getErrorString("validation.general.trustedcacerts.valid", + new Object[] {ValidationHelper.getNotValidOAIdentifierCharacters()} )); + } + } + + + + if (form.getFileUploadFileName() != null) { + HashMap map = new HashMap(); + for (int i=0; i AllowedTypes= Arrays.asList( + "technical", + "support", + "administrative", + "billing", + "other"); + + private static final Logger log = Logger.getLogger(PVP2ContactValidator.class); + + public Listvalidate(ContactForm contact) { + List errors = new ArrayList(); + + String check = contact.getCompany(); + if (MiscUtil.isNotEmpty(check)) { + if (ValidationHelper.containsPotentialCSSCharacter(check, false)) { + log.info("PVP2 Contact: Company is not valid: " + check); + errors.add(LanguageHelper.getErrorString("validation.general.protocol.pvp2.contact.company.valid", + new Object[] {ValidationHelper.getPotentialCSSCharacter(false)} )); + } + } + + check = contact.getGivenname(); + if (MiscUtil.isNotEmpty(check)) { + if (ValidationHelper.containsPotentialCSSCharacter(check, false)) { + log.info("PVP2 Contact: GivenName is not valid: " + check); + errors.add(LanguageHelper.getErrorString("validation.general.protocol.pvp2.contact.givenname.valid", + new Object[] {ValidationHelper.getPotentialCSSCharacter(false)} )); + } + } + + check = contact.getSurname(); + if (MiscUtil.isNotEmpty(check)) { + if (ValidationHelper.containsPotentialCSSCharacter(check, false)) { + log.info("PVP2 Contact: SureName is not valid: " + check); + errors.add(LanguageHelper.getErrorString("validation.general.protocol.pvp2.contact.surename.valid", + new Object[] {ValidationHelper.getPotentialCSSCharacter(false)} )); + } + } + + check = contact.getType(); + if (MiscUtil.isNotEmpty(check)) { + if (!AllowedTypes.contains(check)) { + errors.add(LanguageHelper.getErrorString("validation.general.protocol.pvp2.contact.type.valid")); + } + } + + check = contact.getMail(); + if (MiscUtil.isNotEmpty(check)) { + if (!ValidationHelper.isEmailAddressFormat(check)) { + errors.add(LanguageHelper.getErrorString("validation.general.protocol.pvp2.contact.mail.valid")); + } + } + + check = contact.getPhone(); + if (MiscUtil.isNotEmpty(check)) { + if (!ValidationHelper.containsPotentialCSSCharacter(check, false)) { + errors.add(LanguageHelper.getErrorString("validation.general.protocol.pvp2.contact.phone.valid")); + } + } + + return errors; + } +} -- cgit v1.2.3