From f306cf7529f44d09a12a87f177368353fe1d3bc5 Mon Sep 17 00:00:00 2001 From: Florian Reimair Date: Thu, 19 Dec 2013 12:04:10 +0100 Subject: OA qaa and attributes validated and persisted --- .../id/configuration/data/GeneralStorkConfig.java | 3 +- .../id/configuration/data/oa/OASTORKConfig.java | 49 +++++++++++++++++++++- .../configuration/struts/action/EditOAAction.java | 2 + .../validation/oa/OASTORKConfigValidation.java | 37 ++++++++++++++-- 4 files changed, 84 insertions(+), 7 deletions(-) (limited to 'id/ConfigWebTool/src/main/java') diff --git a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/data/GeneralStorkConfig.java b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/data/GeneralStorkConfig.java index f270ab624..8b527aa8f 100644 --- a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/data/GeneralStorkConfig.java +++ b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/data/GeneralStorkConfig.java @@ -1,10 +1,9 @@ package at.gv.egovernment.moa.id.configuration.data; import java.util.ArrayList; +import java.util.Arrays; import java.util.List; -import edu.emory.mathcs.backport.java.util.Arrays; - import at.gv.egovernment.moa.id.commons.db.dao.config.AuthComponentGeneral; import at.gv.egovernment.moa.id.commons.db.dao.config.CPEPS; import at.gv.egovernment.moa.id.commons.db.dao.config.ForeignIdentities; diff --git a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/data/oa/OASTORKConfig.java b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/data/oa/OASTORKConfig.java index 1884fb808..f6fc4416f 100644 --- a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/data/oa/OASTORKConfig.java +++ b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/data/oa/OASTORKConfig.java @@ -1,12 +1,20 @@ package at.gv.egovernment.moa.id.configuration.data.oa; +import java.util.ArrayList; +import java.util.Arrays; +import java.util.List; + +import at.gv.egovernment.moa.id.commons.db.ConfigurationDBRead; import at.gv.egovernment.moa.id.commons.db.dao.config.AuthComponentOA; import at.gv.egovernment.moa.id.commons.db.dao.config.OASTORK; import at.gv.egovernment.moa.id.commons.db.dao.config.OnlineApplication; +import at.gv.egovernment.moa.id.commons.db.dao.config.RequestedAttributesType; public class OASTORKConfig { private boolean isStorkLogonEnabled = false; + private int qaa; + private List attributes; public OASTORKConfig() { @@ -14,7 +22,7 @@ public class OASTORKConfig { /** * Parses the OA config for stork entities. - * + * * @param dbOAConfig * the db oa config */ @@ -24,6 +32,21 @@ public class OASTORKConfig { OASTORK config = authdata.getOASTORK(); if(config != null) { setStorkLogonEnabled(config.isStorkLogonEnabled()); + + try { + setQaa(config.getQaa()); + } catch(NullPointerException e) { + // if there is no configuration available for the OA, get the default qaa level + setQaa(ConfigurationDBRead.getMOAIDConfiguration().getAuthComponentGeneral().getForeignIdentities().getSTORK().getQualityAuthenticationAssuranceLevel()); + } + + RequestedAttributesType tmp = config.getAttributes(); + if(null == tmp) + // if there is no configuration available for the OA, get the default attributes + tmp = ConfigurationDBRead.getMOAIDConfiguration().getAuthComponentGeneral().getForeignIdentities().getSTORK().getRequestedAttributes(); + attributes = new ArrayList(); + for(String current : tmp.getAttributeValue()) + attributes.add(current); } } } @@ -35,4 +58,28 @@ public class OASTORKConfig { public void setStorkLogonEnabled(boolean enabled) { this.isStorkLogonEnabled = enabled; } + + public int getQaa() { + return qaa; + } + + public void setQaa(int qaa) { + this.qaa = qaa; + } + + public RequestedAttributesType getRequestedAttributesType() { + RequestedAttributesType tmp = new RequestedAttributesType(); + tmp.setAttributeValue(attributes); + return tmp; + } + + public String getAttributes() { + return Arrays.toString(attributes.toArray()).replace("[", "").replace("]", ""); + } + + public void setAttributes(String attributes) { + this.attributes = new ArrayList(); + for(String current : attributes.split(",")) + this.attributes.add(current.trim()); + } } diff --git a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/struts/action/EditOAAction.java b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/struts/action/EditOAAction.java index 5e473d85c..466feba23 100644 --- a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/struts/action/EditOAAction.java +++ b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/struts/action/EditOAAction.java @@ -967,6 +967,8 @@ public class EditOAAction extends ActionSupport implements ServletRequestAware, } // transfer the incoming data to the database model stork.setStorkLogonEnabled(storkOA.isStorkLogonEnabled()); + stork.setQaa(storkOA.getQaa()); + stork.setAttributes(storkOA.getRequestedAttributesType()); try { if (newentry) { diff --git a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/validation/oa/OASTORKConfigValidation.java b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/validation/oa/OASTORKConfigValidation.java index d12d918bd..31cf7bcee 100644 --- a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/validation/oa/OASTORKConfigValidation.java +++ b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/validation/oa/OASTORKConfigValidation.java @@ -3,15 +3,44 @@ package at.gv.egovernment.moa.id.configuration.validation.oa; import java.util.ArrayList; import java.util.List; +import org.apache.log4j.Logger; + import at.gv.egovernment.moa.id.configuration.data.oa.OASTORKConfig; +import at.gv.egovernment.moa.id.configuration.helper.LanguageHelper; +import at.gv.egovernment.moa.id.configuration.validation.ValidationHelper; +import at.gv.egovernment.moa.util.MiscUtil; public class OASTORKConfigValidation { + + private static final Logger log = Logger.getLogger(OASTORKConfigValidation.class); + public List validate(OASTORKConfig oageneral) { - + List errors = new ArrayList(); - - // we only have a checkbox for now, so no need to validate anything here - + + // check qaa + int qaa = oageneral.getQaa(); + if(1 > qaa && 4 < qaa) { + log.warn("QAA is out of range : " + qaa); + errors.add(LanguageHelper.getErrorString("validation.stork.qaa.outofrange", + new Object[] {qaa} )); + } + + // check attributes + String check = oageneral.getAttributes(); + if (MiscUtil.isNotEmpty(check)) { + if (ValidationHelper.containsPotentialCSSCharacter(check, true)) { + log.warn("attributes contains potentail XSS characters: " + check); + errors.add(LanguageHelper.getErrorString("validation.stork.requestedattributes", + new Object[] {ValidationHelper.getPotentialCSSCharacter(true)} )); + } + if(!check.toLowerCase().matches("^[a-z0-9, ]*$")) { + log.warn("attributes do not match the requested format : " + check); + errors.add(LanguageHelper.getErrorString("validation.stork.requestedattributes", + new Object[] {check} )); + } + } + return errors; } } -- cgit v1.2.3