From b53d2f387282b731ea72806ec7d410a1c27a878d Mon Sep 17 00:00:00 2001 From: Thomas Lenz Date: Tue, 12 Jun 2018 06:25:41 +0200 Subject: add foreign bPK generation into AuthenticationDataBuilder --- .../main/webapp/jsp/snippets/OA/targetConfiguration.jsp | 15 +++++++++++++++ 1 file changed, 15 insertions(+) (limited to 'id/ConfigWebTool/src/main/webapp/jsp/snippets/OA') diff --git a/id/ConfigWebTool/src/main/webapp/jsp/snippets/OA/targetConfiguration.jsp b/id/ConfigWebTool/src/main/webapp/jsp/snippets/OA/targetConfiguration.jsp index b8bd1dc02..a61ce3053 100644 --- a/id/ConfigWebTool/src/main/webapp/jsp/snippets/OA/targetConfiguration.jsp +++ b/id/ConfigWebTool/src/main/webapp/jsp/snippets/OA/targetConfiguration.jsp @@ -111,5 +111,20 @@ + +
+

<%=LanguageHelper.getGUIString("webpages.oaconfig.general.foreignbpk.header", request) %>

+ + + +
+ \ No newline at end of file -- cgit v1.2.3 From 30e324851d67bd900471457e3c30a19b4073ec77 Mon Sep 17 00:00:00 2001 From: Thomas Lenz Date: Mon, 25 Jun 2018 13:22:20 +0200 Subject: add SP specific configuration for SL2.0 --- .../data/oa/OAAuthenticationData.java | 55 +++++++++++++++- .../oa/OAAuthenticationDataValidation.java | 61 ++++++++++++++++- .../resources/applicationResources_de.properties | 8 +++ .../resources/applicationResources_en.properties | 8 +++ .../main/webapp/jsp/snippets/OA/authentication.jsp | 21 ++++++ .../ServicesAuthenticationInformationTask.java | 76 ++++++++++++++++++++++ .../moa/id/moduls/AuthenticationManager.java | 4 +- .../moa/id/commons/MOAIDAuthConstants.java | 1 + .../moa/id/commons/api/IOAAuthParameters.java | 3 +- .../config/ConfigurationMigrationUtils.java | 24 +++++++ .../config/MOAIDConfigurationConstants.java | 3 + .../db/dao/config/deprecated/AuthComponentOA.java | 38 ++++++++--- .../moa/id/commons/utils/KeyValueUtils.java | 26 ++++++++ .../moa/id/auth/modules/sl20_auth/Constants.java | 5 +- .../sl20_auth/SL20AuthenticationModulImpl.java | 43 +++++++++--- .../sl20_auth/tasks/CreateQualeIDRequestTask.java | 37 +++++------ 16 files changed, 366 insertions(+), 47 deletions(-) (limited to 'id/ConfigWebTool/src/main/webapp/jsp/snippets/OA') diff --git a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/data/oa/OAAuthenticationData.java b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/data/oa/OAAuthenticationData.java index ad99f5d22..2f51e68b4 100644 --- a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/data/oa/OAAuthenticationData.java +++ b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/data/oa/OAAuthenticationData.java @@ -85,6 +85,11 @@ public class OAAuthenticationData implements IOnlineApplicationData { private boolean useTestIDLValidationTrustStore = false; private boolean useTestAuthblockValidationTrustStore = false; + + //SL2.0 + private boolean sl20Active = false; + private String sl20EndPoints = null; + /** * */ @@ -253,6 +258,29 @@ public class OAAuthenticationData implements IOnlineApplicationData { useTestIDLValidationTrustStore = oaauth.getTestCredentials().isUseTestIDLTrustStore(); } + //parse SL2.0 information + if (oaauth.isSl20Active()) { + //parse SL2.0 endpoint information + if (oaauth.getSl20EndPoints() != null) { + if (KeyValueUtils.isCSVValueString(oaauth.getSl20EndPoints())) + sl20EndPoints = KeyValueUtils.normalizeCSVValueString(oaauth.getSl20EndPoints()); + + else { + if (oaauth.getSl20EndPoints().contains(KeyValueUtils.CSV_DELIMITER)) { + //remove trailing comma if exist + sl20EndPoints = oaauth.getSl20EndPoints().substring(0, + oaauth.getSl20EndPoints().indexOf(KeyValueUtils.CSV_DELIMITER)); + + } else + sl20EndPoints = oaauth.getSl20EndPoints(); + + } + } + sl20Active = oaauth.isSl20Active(); + + } + + return null; } @@ -392,7 +420,10 @@ public class OAAuthenticationData implements IOnlineApplicationData { testing.setUseTestIDLTrustStore(useTestIDLValidationTrustStore); - + //store SL2.0 information + authoa.setSl20Active(isSl20Active()); + authoa.setSl20EndPoints(getSl20EndPoints()); + return null; } @@ -768,6 +799,28 @@ public class OAAuthenticationData implements IOnlineApplicationData { public List getSzrgwServicesList() { return szrgwServicesList; } + + + public boolean isSl20Active() { + return sl20Active; + } + + public void setSl20Active(boolean sl20Active) { + this.sl20Active = sl20Active; + } + + public String getSl20EndPoints() { + return sl20EndPoints; + } + + public void setSl20EndPoints(String sl20EndPoints) { + if (MiscUtil.isNotEmpty(sl20EndPoints)) + this.sl20EndPoints = + KeyValueUtils.removeAllNewlineFromString(sl20EndPoints); + else + this.sl20EndPoints = sl20EndPoints; + } + } diff --git a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/validation/oa/OAAuthenticationDataValidation.java b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/validation/oa/OAAuthenticationDataValidation.java index a758088b1..32ef4a6cc 100644 --- a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/validation/oa/OAAuthenticationDataValidation.java +++ b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/validation/oa/OAAuthenticationDataValidation.java @@ -31,6 +31,7 @@ import javax.servlet.http.HttpServletRequest; import org.apache.log4j.Logger; import at.gv.egovernment.moa.id.commons.MOAIDAuthConstants; +import at.gv.egovernment.moa.id.commons.utils.KeyValueUtils; import at.gv.egovernment.moa.id.commons.validation.ValidationHelper; import at.gv.egovernment.moa.id.configuration.data.oa.OAAuthenticationData; import at.gv.egovernment.moa.id.configuration.helper.LanguageHelper; @@ -187,7 +188,65 @@ public class OAAuthenticationDataValidation { } - + + if (form.isSl20Active()) { + if (MiscUtil.isNotEmpty(form.getSl20EndPoints())) { + log.debug("Validate SL2.0 configuration ... "); + List sl20Endpoints = KeyValueUtils.getListOfCSVValues(form.getSl20EndPoints()); + if (sl20Endpoints.size() == 1) { + String value = sl20Endpoints.get(0); + + if (!value.startsWith(KeyValueUtils.DEFAULT_VALUE + KeyValueUtils.KEYVVALUEDELIMITER) && + value.contains(KeyValueUtils.KEYVVALUEDELIMITER)) { + log.warn("SL2.0 endpoint '" + value + "' has wrong format"); + errors.add(LanguageHelper.getErrorString("validation.general.sl20.endpoints.wrong", + new Object[] {value}, request )); + + } else if (!value.startsWith(KeyValueUtils.DEFAULT_VALUE + KeyValueUtils.KEYVVALUEDELIMITER) && + !value.contains(KeyValueUtils.KEYVVALUEDELIMITER) ) { + log.info("Find one SL2.0 endpoint without 'default='. Start update ... "); + form.setSl20EndPoints(KeyValueUtils.DEFAULT_VALUE + KeyValueUtils.KEYVVALUEDELIMITER + value); + + } + + } else { + boolean findDefault = false; + for (String el : sl20Endpoints) { + if (!el.contains(KeyValueUtils.KEYVVALUEDELIMITER)) { + log.warn("SL2.0 endpoint '" + el + "' has wrong format"); + errors.add(LanguageHelper.getErrorString("validation.general.sl20.endpoints.wrong", + new Object[] {el}, request )); + + } else { + if (el.startsWith(KeyValueUtils.DEFAULT_VALUE + KeyValueUtils.KEYVVALUEDELIMITER)) { + log.debug("Find default endpoint."); + findDefault = true; + + } else { + String firstPart = el.split(KeyValueUtils.KEYVVALUEDELIMITER)[0]; + try { + Integer.valueOf(firstPart); + + } catch (NumberFormatException e) { + log.warn("SL2.0 endpoint '" + el + "' has wrong format", e); + errors.add(LanguageHelper.getErrorString("validation.general.sl20.endpoints.wrong", + new Object[] {el}, request )); + + } + } + } + } + + if (!findDefault) { + log.warn("SL2.0 endpoints contains NO default endpoint"); + errors.add(LanguageHelper.getErrorString("validation.general.sl20.endpoints.default", + new Object[] {}, request )); + + } + } + } + } + return errors; } } diff --git a/id/ConfigWebTool/src/main/resources/applicationResources_de.properties b/id/ConfigWebTool/src/main/resources/applicationResources_de.properties index 2006625ff..047d4b200 100644 --- a/id/ConfigWebTool/src/main/resources/applicationResources_de.properties +++ b/id/ConfigWebTool/src/main/resources/applicationResources_de.properties @@ -562,3 +562,11 @@ validation.general.form.appletredirecttarget=Der RedirectTarget beinhaltet einen validation.general.form.fonttype=Der BKU-Auswahl Schrifttyp enth\u00E4lt nicht erlaubte Zeichen. Folgende Zeichen sind nicht erlaubt\: {0} validation.general.form.applet.width=Die Appleth\u00F6he ist keine g\\u00FCltige Zahl. validation.general.form.applet.height=Die Appletbreite ist keine g\\u00FCltige Zahl. + + +###new +webpages.oaconfig.general.sl20.header=Security Layer für mobile Authententifizierung +webpages.oaconfig.general.sl20.enable=SL2.0 aktivieren +webpages.oaconfig.general.sl20.endpoints=VDA Endpunkt URLs +validation.general.sl20.endpoints.default=SL2.0 Endpunkt beinhaltet keinen 'default' Endpunkt. +validation.general.sl20.endpoints.wrong=SL2.0 Endpunkt ist ung\\u00FCltig formatiert {0}. diff --git a/id/ConfigWebTool/src/main/resources/applicationResources_en.properties b/id/ConfigWebTool/src/main/resources/applicationResources_en.properties index 694294df7..43fa0f3ae 100644 --- a/id/ConfigWebTool/src/main/resources/applicationResources_en.properties +++ b/id/ConfigWebTool/src/main/resources/applicationResources_en.properties @@ -559,3 +559,11 @@ validation.general.form.appletredirecttarget=RedirectTarget contains invalud val validation.general.form.fonttype=Font type for CCE selection contains forbidden characters. The following characters are not allowed\: {0} validation.general.form.applet.width=The height of applet is invalid number. validation.general.form.applet.height=The width of applet is invalid number. + + +###new +webpages.oaconfig.general.sl20.header=Security Layer for mobile Authentication +webpages.oaconfig.general.sl20.enable=Activate SL2.0 +webpages.oaconfig.general.sl20.endpoints=VDA endPoint URLs +validation.general.sl20.endpoints.default=SL2.0 endpoint contains NO 'default'. +validation.general.sl20.endpoints.wrong=SL2.0 endpoint {0} is not valid. \ No newline at end of file diff --git a/id/ConfigWebTool/src/main/webapp/jsp/snippets/OA/authentication.jsp b/id/ConfigWebTool/src/main/webapp/jsp/snippets/OA/authentication.jsp index 59661091b..d2668e264 100644 --- a/id/ConfigWebTool/src/main/webapp/jsp/snippets/OA/authentication.jsp +++ b/id/ConfigWebTool/src/main/webapp/jsp/snippets/OA/authentication.jsp @@ -67,6 +67,27 @@ +
+

<%=LanguageHelper.getGUIString("webpages.oaconfig.general.sl20.header", request) %>

+ + + + + +
+ +

<%=LanguageHelper.getGUIString("webpages.oaconfig.general.testing.header", request) %>

diff --git a/id/moa-id-webgui/src/main/java/at/gv/egovernment/moa/id/config/webgui/validation/task/impl/ServicesAuthenticationInformationTask.java b/id/moa-id-webgui/src/main/java/at/gv/egovernment/moa/id/config/webgui/validation/task/impl/ServicesAuthenticationInformationTask.java index 25855dcb6..956d07c44 100644 --- a/id/moa-id-webgui/src/main/java/at/gv/egovernment/moa/id/config/webgui/validation/task/impl/ServicesAuthenticationInformationTask.java +++ b/id/moa-id-webgui/src/main/java/at/gv/egovernment/moa/id/config/webgui/validation/task/impl/ServicesAuthenticationInformationTask.java @@ -279,6 +279,82 @@ public class ServicesAuthenticationInformationTask extends AbstractTaskValidator LanguageHelper.getErrorString("validation.general.szrgw.url.valid", new Object[]{check}))); } + + + + + + check = input.get(MOAIDConfigurationConstants.SERVICE_AUTH_SL20_ENDPOINTS); + if (input.get(MOAIDConfigurationConstants.SERVICE_AUTH_SL20_ENABLED) != null && + Boolean.valueOf(input.get(MOAIDConfigurationConstants.SERVICE_AUTH_SL20_ENABLED))) { + if (MiscUtil.isNotEmpty(check)) { + log.debug("Validate SL2.0 configuration ... "); + List sl20Endpoints = KeyValueUtils.getListOfCSVValues(check); + if (sl20Endpoints.size() == 1) { + String value = sl20Endpoints.get(0); + + if (!value.startsWith(KeyValueUtils.DEFAULT_VALUE + KeyValueUtils.KEYVVALUEDELIMITER) && + value.contains(KeyValueUtils.KEYVVALUEDELIMITER)) { + log.warn("SL2.0 endpoint '" + value + "' has wrong format"); + errors.add(new ValidationObjectIdentifier( + MOAIDConfigurationConstants.SERVICE_AUTH_SL20_ENDPOINTS, + "SL2.0 - EndPoint URLs", + LanguageHelper.getErrorString("validation.general.sl20.endpoints.wrong", new Object[]{value}))); + + } else if (!value.startsWith(KeyValueUtils.DEFAULT_VALUE + KeyValueUtils.KEYVVALUEDELIMITER) && + !value.contains(KeyValueUtils.KEYVVALUEDELIMITER) ) { + log.info("Find one SL2.0 endpoint without 'default='. Start updateing ... "); + sl20Endpoints.remove(0); + sl20Endpoints.add(KeyValueUtils.DEFAULT_VALUE + KeyValueUtils.KEYVVALUEDELIMITER + value); + + } + + } else { + boolean findDefault = false; + for (String el : sl20Endpoints) { + if (!el.contains(KeyValueUtils.KEYVVALUEDELIMITER)) { + log.warn("SL2.0 endpoint '" + el + "' has wrong format"); + errors.add(new ValidationObjectIdentifier( + MOAIDConfigurationConstants.SERVICE_AUTH_SL20_ENDPOINTS, + "SL2.0 - EndPoint URLs", + LanguageHelper.getErrorString("validation.general.sl20.endpoints.wrong", new Object[]{el}))); + + } else { + if (el.startsWith(KeyValueUtils.DEFAULT_VALUE + KeyValueUtils.KEYVVALUEDELIMITER)) { + log.debug("Find default endpoint."); + findDefault = true; + + } else { + String firstPart = el.split(KeyValueUtils.KEYVVALUEDELIMITER)[0]; + try { + Integer.valueOf(firstPart); + + } catch (NumberFormatException e) { + log.warn("SL2.0 endpoint '" + el + "' has wrong format", e); + errors.add(new ValidationObjectIdentifier( + MOAIDConfigurationConstants.SERVICE_AUTH_SL20_ENDPOINTS, + "SL2.0 - EndPoint URLs", + LanguageHelper.getErrorString("validation.general.sl20.endpoints.wrong", new Object[]{el}))); + + } + } + } + } + + if (!findDefault) { + log.warn("SL2.0 endpoints contains NO default endpoint"); + errors.add(new ValidationObjectIdentifier( + MOAIDConfigurationConstants.SERVICE_AUTH_SL20_ENDPOINTS, + "SL2.0 - EndPoint URLs", + LanguageHelper.getErrorString("validation.general.sl20.endpoints.default", new Object[]{}))); + + } + } + } + } + + + if (!errors.isEmpty()) throw new ConfigurationTaskValidationException(errors); diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/moduls/AuthenticationManager.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/moduls/AuthenticationManager.java index e093ce1e2..db0170e54 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/moduls/AuthenticationManager.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/moduls/AuthenticationManager.java @@ -476,7 +476,9 @@ public class AuthenticationManager extends MOAIDAuthConstants { try { //put pending-request ID on execurtionContext executionContext.put(MOAIDAuthConstants.PARAM_TARGET_PENDINGREQUESTID, pendingReq.getRequestID()); - + executionContext.put(MOAIDAuthConstants.PROCESSCONTEXT_SP_CONFIG, pendingReq.getOnlineApplicationConfiguration()); + + // create process instance String processDefinitionId = ModuleRegistration.getInstance().selectProcess(executionContext); diff --git a/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/id/commons/MOAIDAuthConstants.java b/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/id/commons/MOAIDAuthConstants.java index 6f6735d48..58f930590 100644 --- a/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/id/commons/MOAIDAuthConstants.java +++ b/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/id/commons/MOAIDAuthConstants.java @@ -190,6 +190,7 @@ public class MOAIDAuthConstants extends MOAIDConstants{ public static final String PROCESSCONTEXT_ISLEGACYREQUEST = "isLegacyRequest"; public static final String PROCESSCONTEXT_UNIQUE_OA_IDENTFIER = "uniqueSPId"; public static final String PROCESSCONTEXT_SSL_CLIENT_CERTIFICATE = MOASESSION_DATA_HOLDEROFKEY_CERTIFICATE; + public static final String PROCESSCONTEXT_SP_CONFIG = "spConfig"; //General protocol-request data-store keys public static final String AUTHPROCESS_DATA_SECURITYLAYERTEMPLATE = "authProces_SecurityLayerTemplate"; diff --git a/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/id/commons/api/IOAAuthParameters.java b/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/id/commons/api/IOAAuthParameters.java index 332764edf..4e697f099 100644 --- a/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/id/commons/api/IOAAuthParameters.java +++ b/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/id/commons/api/IOAAuthParameters.java @@ -22,6 +22,7 @@ */ package at.gv.egovernment.moa.id.commons.api; +import java.io.Serializable; import java.security.PrivateKey; import java.util.Collection; import java.util.List; @@ -37,7 +38,7 @@ import at.gv.egovernment.moa.id.commons.api.exceptions.ConfigurationException; * @author tlenz * */ -public interface IOAAuthParameters { +public interface IOAAuthParameters extends Serializable{ public static final String CONFIG_KEY_RESTRICTIONS_BASEID_INTERNAL = "configuration.restrictions.baseID.idpProcessing"; public static final String CONFIG_KEY_RESTRICTIONS_BASEID_TRANSMISSION = "configuration.restrictions.baseID.spTransmission"; diff --git a/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/id/commons/config/ConfigurationMigrationUtils.java b/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/id/commons/config/ConfigurationMigrationUtils.java index 48d64225c..f42c1eb69 100644 --- a/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/id/commons/config/ConfigurationMigrationUtils.java +++ b/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/id/commons/config/ConfigurationMigrationUtils.java @@ -181,12 +181,26 @@ public class ConfigurationMigrationUtils { else result.put(MOAIDConfigurationConstants.SERVICE_AUTH_TARGET_FOREIGN, StringUtils.EMPTY); + //convert selected SZR-GW service if (MiscUtil.isNotEmpty(oa.getSelectedSZRGWServiceURL())) result.put(MOAIDConfigurationConstants.SERVICE_EXTERNAL_SZRGW_SERVICE_URL, oa.getSelectedSZRGWServiceURL()); AuthComponentOA oaauth = oa.getAuthComponentOA(); if (oaauth != null) { + + //convert SL20 infos + if (oaauth.isSl20Active() != null) + result.put(MOAIDConfigurationConstants.SERVICE_AUTH_SL20_ENABLED, oaauth.isSl20Active().toString()); + else + result.put(MOAIDConfigurationConstants.SERVICE_AUTH_SL20_ENABLED, Boolean.FALSE.toString()); + + if (MiscUtil.isNotEmpty(oaauth.getSl20EndPoints())) + result.put(MOAIDConfigurationConstants.SERVICE_AUTH_SL20_ENDPOINTS, oaauth.getSl20EndPoints()); + else + result.put(MOAIDConfigurationConstants.SERVICE_AUTH_SL20_ENDPOINTS, StringUtils.EMPTY); + + //convert business identifier IdentificationNumber idnumber = oaauth.getIdentificationNumber(); @@ -777,6 +791,16 @@ public class ConfigurationMigrationUtils { } + //set SL20 things + if (MiscUtil.isNotEmpty(oa.get(MOAIDConfigurationConstants.SERVICE_AUTH_SL20_ENABLED))) + authoa.setSl20Active(Boolean.valueOf(oa.get(MOAIDConfigurationConstants.SERVICE_AUTH_SL20_ENABLED))); + else + authoa.setSl20Active(false); + + authoa.setSl20EndPoints(oa.get(MOAIDConfigurationConstants.SERVICE_AUTH_SL20_ENDPOINTS)); + + + dbOA.setSelectedSZRGWServiceURL(oa.get(MOAIDConfigurationConstants.SERVICE_EXTERNAL_SZRGW_SERVICE_URL)); dbOA.setMandateServiceSelectionTemplateURL(oa.get(MOAIDConfigurationConstants.SERVICE_AUTH_TEMPLATES_ELGAMANDATESERVICESELECTION_URL)); diff --git a/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/id/commons/config/MOAIDConfigurationConstants.java b/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/id/commons/config/MOAIDConfigurationConstants.java index 8b52e4e0c..9d5553277 100644 --- a/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/id/commons/config/MOAIDConfigurationConstants.java +++ b/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/id/commons/config/MOAIDConfigurationConstants.java @@ -84,6 +84,9 @@ public final class MOAIDConfigurationConstants extends MOAIDConstants { public static final String SERVICE_AUTH_BKU_AUTHBLOCKTEXT = AUTH + ".authblock.additionaltext"; public static final String SERVICE_AUTH_BKU_AUTHBLOCK_REMOVEBPK = AUTH + ".authblock.removebPK"; + public static final String SERVICE_AUTH_SL20_ENABLED = AUTH + ".sl20.enabled"; + public static final String SERVICE_AUTH_SL20_ENDPOINTS = AUTH + ".sl20.endpoints"; + private static final String SERVICE_AUTH_TEMPLATES = AUTH + "." + TEMPLATES; public static final String SERVICE_AUTH_TEMPLATES_BKUSELECTION_DATA = SERVICE_AUTH_TEMPLATES + ".bkuselection.data"; public static final String SERVICE_AUTH_TEMPLATES_BKUSELECTION_PREVIEW = SERVICE_AUTH_TEMPLATES + ".bkuselection.preview"; diff --git a/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/id/commons/db/dao/config/deprecated/AuthComponentOA.java b/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/id/commons/db/dao/config/deprecated/AuthComponentOA.java index 04efb0afe..852df16e6 100644 --- a/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/id/commons/db/dao/config/deprecated/AuthComponentOA.java +++ b/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/id/commons/db/dao/config/deprecated/AuthComponentOA.java @@ -11,23 +11,17 @@ package at.gv.egovernment.moa.id.commons.db.dao.config.deprecated; import java.io.Serializable; import java.util.ArrayList; import java.util.List; + import javax.persistence.CascadeType; -import javax.persistence.Column; -import javax.persistence.Entity; -import javax.persistence.GeneratedValue; -import javax.persistence.GenerationType; -import javax.persistence.Id; -import javax.persistence.Inheritance; -import javax.persistence.InheritanceType; -import javax.persistence.JoinColumn; import javax.persistence.ManyToOne; import javax.persistence.OneToMany; -import javax.persistence.Table; import javax.xml.bind.annotation.XmlAccessType; import javax.xml.bind.annotation.XmlAccessorType; import javax.xml.bind.annotation.XmlAttribute; import javax.xml.bind.annotation.XmlElement; +import javax.xml.bind.annotation.XmlTransient; import javax.xml.bind.annotation.XmlType; + import org.jvnet.jaxb2_commons.lang.Equals; import org.jvnet.jaxb2_commons.lang.EqualsStrategy; import org.jvnet.jaxb2_commons.lang.HashCode; @@ -162,6 +156,13 @@ public class AuthComponentOA @XmlAttribute(name = "Hjid") protected Long hjid; + + @XmlTransient + protected Boolean sl20Active; + @XmlTransient + protected String sl20EndPoints; + + /** * Gets the value of the bkuurls property. * @@ -522,11 +523,28 @@ public class AuthComponentOA + public Long getHjid() { return hjid; } - /** + public Boolean isSl20Active() { + return sl20Active; + } + + public void setSl20Active(Boolean sl20Active) { + this.sl20Active = sl20Active; + } + + public String getSl20EndPoints() { + return sl20EndPoints; + } + + public void setSl20EndPoints(String sl20EndPoints) { + this.sl20EndPoints = sl20EndPoints; + } + + /** * Sets the value of the hjid property. * * @param value diff --git a/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/id/commons/utils/KeyValueUtils.java b/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/id/commons/utils/KeyValueUtils.java index 40ef5a23a..a206c9125 100644 --- a/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/id/commons/utils/KeyValueUtils.java +++ b/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/id/commons/utils/KeyValueUtils.java @@ -34,6 +34,7 @@ import java.util.Set; import org.apache.commons.lang3.StringUtils; +import at.gv.egovernment.moa.logging.Logger; import at.gv.egovernment.moa.util.MiscUtil; /** @@ -44,6 +45,8 @@ public class KeyValueUtils { public static final String KEY_DELIMITER = "."; public static final String CSV_DELIMITER = ","; + public static final String KEYVVALUEDELIMITER = "="; + public static final String DEFAULT_VALUE = "default"; /** * Convert Java properties into a Map @@ -327,6 +330,29 @@ public class KeyValueUtils { return list; } + /** + * Convert a List of String elements to a Map of Key/Value pairs + *
+ * Every List element used as a key/value pair and the '=' sign represents the delimiter between key and value + * + * @param elements List of key/value elements + * @return Map of Key / Value pairs, but never null + */ + public static Map convertListToMap(List elements) { + Map map = new HashMap(); + for (String el : elements) { + if (el.contains(KEYVVALUEDELIMITER)) { + String[] split = el.split(KEYVVALUEDELIMITER); + map.put(split[0], split[1]); + + } else + Logger.debug("Key/Value Mapper: '" + el + "' contains NO '='. Ignore it."); + + } + + return map; + } + /** * This method remove all newline delimiter (\n or \r\n) from input data * diff --git a/id/server/modules/moa-id-module-sl20_authentication/src/main/java/at/gv/egovernment/moa/id/auth/modules/sl20_auth/Constants.java b/id/server/modules/moa-id-module-sl20_authentication/src/main/java/at/gv/egovernment/moa/id/auth/modules/sl20_auth/Constants.java index 9fcb3aa58..f474461bf 100644 --- a/id/server/modules/moa-id-module-sl20_authentication/src/main/java/at/gv/egovernment/moa/id/auth/modules/sl20_auth/Constants.java +++ b/id/server/modules/moa-id-module-sl20_authentication/src/main/java/at/gv/egovernment/moa/id/auth/modules/sl20_auth/Constants.java @@ -6,7 +6,8 @@ public class Constants { public static final String HTTP_ENDPOINT_RESUME = "/sl20/resume"; public static final String CONFIG_PROP_PREFIX = "modules.sl20"; - public static final String CONFIG_PROP_VDA_ENDPOINT_QUALeID_DEFAULT = CONFIG_PROP_PREFIX + ".vda.urls.qualeID.endpoint"; + public static final String CONFIG_PROP_VDA_ENDPOINT_QUALeID = CONFIG_PROP_PREFIX + ".vda.urls.qualeID.endpoint."; + public static final String CONFIG_PROP_VDA_ENDPOINT_QUALeID_DEFAULT = "default"; public static final String CONFIG_PROP_VDA_AUTHBLOCK_ID = CONFIG_PROP_PREFIX + ".vda.authblock.id"; public static final String CONFIG_PROP_VDA_AUTHBLOCK_TRANSFORMATION_ID = CONFIG_PROP_PREFIX + ".vda.authblock.transformation.id"; public static final String CONFIG_PROP_SECURITY_KEYSTORE_PATH = CONFIG_PROP_PREFIX + ".security.keystore.path"; @@ -16,7 +17,7 @@ public class Constants { public static final String CONFIG_PROP_SECURITY_KEYSTORE_KEY_ENCRYPTION_ALIAS = CONFIG_PROP_PREFIX + ".security.encryption.alias";; public static final String CONFIG_PROP_SECURITY_KEYSTORE_KEY_ENCRYPTION_PASSWORD = CONFIG_PROP_PREFIX + ".security.encryption.password"; - public static final String CONFIG_PROP_VDA_ENDPOINT_QUALeID_LIST = CONFIG_PROP_VDA_ENDPOINT_QUALeID_DEFAULT + "."; + public static final String CONFIG_PROP_VDA_ENDPOINT_QUALeID_LIST = CONFIG_PROP_VDA_ENDPOINT_QUALeID; public static final String CONFIG_PROP_SP_LIST = CONFIG_PROP_PREFIX + ".sp.entityIds."; public static final String CONFIG_PROP_DISABLE_EID_VALIDATION = CONFIG_PROP_PREFIX + ".security.eID.validation.disable"; diff --git a/id/server/modules/moa-id-module-sl20_authentication/src/main/java/at/gv/egovernment/moa/id/auth/modules/sl20_auth/SL20AuthenticationModulImpl.java b/id/server/modules/moa-id-module-sl20_authentication/src/main/java/at/gv/egovernment/moa/id/auth/modules/sl20_auth/SL20AuthenticationModulImpl.java index 367e7b604..2c106b52e 100644 --- a/id/server/modules/moa-id-module-sl20_authentication/src/main/java/at/gv/egovernment/moa/id/auth/modules/sl20_auth/SL20AuthenticationModulImpl.java +++ b/id/server/modules/moa-id-module-sl20_authentication/src/main/java/at/gv/egovernment/moa/id/auth/modules/sl20_auth/SL20AuthenticationModulImpl.java @@ -27,15 +27,18 @@ import java.util.List; import javax.annotation.PostConstruct; -import org.apache.commons.lang3.StringUtils; import org.springframework.beans.factory.annotation.Autowired; import at.gv.egovernment.moa.id.auth.modules.AuthModule; import at.gv.egovernment.moa.id.auth.modules.sl20_auth.sl20.SL20Constants; +import at.gv.egovernment.moa.id.commons.MOAIDAuthConstants; import at.gv.egovernment.moa.id.commons.api.AuthConfiguration; +import at.gv.egovernment.moa.id.commons.api.IOAAuthParameters; +import at.gv.egovernment.moa.id.commons.config.MOAIDConfigurationConstants; import at.gv.egovernment.moa.id.moduls.AuthenticationManager; import at.gv.egovernment.moa.id.process.api.ExecutionContext; import at.gv.egovernment.moa.logging.Logger; +import at.gv.egovernment.moa.util.MiscUtil; /** * @author tlenz @@ -75,23 +78,43 @@ public class SL20AuthenticationModulImpl implements AuthModule { */ @Override public String selectProcess(ExecutionContext context) { + Object spConfigObj = context.get(MOAIDAuthConstants.PROCESSCONTEXT_SP_CONFIG); + IOAAuthParameters spConfig = null; + if (spConfigObj != null && spConfigObj instanceof IOAAuthParameters) + spConfig = (IOAAuthParameters)spConfigObj; + String sl20ClientTypeHeader = (String) context.get(SL20Constants.HTTP_HEADER_SL20_CLIENT_TYPE.toLowerCase()); String sl20VDATypeHeader = (String) context.get(SL20Constants.HTTP_HEADER_SL20_VDA_TYPE.toLowerCase()); - if ( StringUtils.isNotBlank(sl20ClientTypeHeader) -// && ( -// StringUtils.isNotBlank(sl20VDATypeHeader) -// //&& VDA_TYPE_IDS.contains(sl20VDATypeHeader.trim()) -// ) - ) { - Logger.trace(SL20Constants.HTTP_HEADER_SL20_CLIENT_TYPE + "' header found"); + if (spConfig != null && + MiscUtil.isNotEmpty(spConfig.getConfigurationValue(MOAIDConfigurationConstants.SERVICE_AUTH_SL20_ENABLED)) && + Boolean.valueOf(spConfig.getConfigurationValue(MOAIDConfigurationConstants.SERVICE_AUTH_SL20_ENABLED))) { + Logger.debug("SL2.0 is enabled for " + spConfig.getPublicURLPrefix()); + Logger.trace(SL20Constants.HTTP_HEADER_SL20_CLIENT_TYPE + ": " + sl20ClientTypeHeader); + Logger.trace(SL20Constants.HTTP_HEADER_SL20_VDA_TYPE + ": " + sl20VDATypeHeader); return "SL20Authentication"; } else { - Logger.trace("No '" + SL20Constants.HTTP_HEADER_SL20_CLIENT_TYPE + "' header found"); + Logger.trace("SL2.0 is NOT enabled for " + spConfig.getPublicURLPrefix()); return null; - } + } + + +// if ( StringUtils.isNotBlank(sl20ClientTypeHeader) +//// && ( +//// StringUtils.isNotBlank(sl20VDATypeHeader) +//// //&& VDA_TYPE_IDS.contains(sl20VDATypeHeader.trim()) +//// ) +// ) { +// Logger.trace(SL20Constants.HTTP_HEADER_SL20_CLIENT_TYPE + "' header found"); +// return "SL20Authentication"; +// +// } else { +// Logger.trace("No '" + SL20Constants.HTTP_HEADER_SL20_CLIENT_TYPE + "' header found"); +// return null; +// +// } } /* (non-Javadoc) diff --git a/id/server/modules/moa-id-module-sl20_authentication/src/main/java/at/gv/egovernment/moa/id/auth/modules/sl20_auth/tasks/CreateQualeIDRequestTask.java b/id/server/modules/moa-id-module-sl20_authentication/src/main/java/at/gv/egovernment/moa/id/auth/modules/sl20_auth/tasks/CreateQualeIDRequestTask.java index b87d614c5..883ae07f2 100644 --- a/id/server/modules/moa-id-module-sl20_authentication/src/main/java/at/gv/egovernment/moa/id/auth/modules/sl20_auth/tasks/CreateQualeIDRequestTask.java +++ b/id/server/modules/moa-id-module-sl20_authentication/src/main/java/at/gv/egovernment/moa/id/auth/modules/sl20_auth/tasks/CreateQualeIDRequestTask.java @@ -39,7 +39,9 @@ import at.gv.egovernment.moa.id.auth.modules.sl20_auth.sl20.SL20JSONExtractorUti import at.gv.egovernment.moa.id.commons.api.AuthConfiguration; import at.gv.egovernment.moa.id.commons.api.IOAAuthParameters; import at.gv.egovernment.moa.id.commons.api.exceptions.MOAIDException; +import at.gv.egovernment.moa.id.commons.config.MOAIDConfigurationConstants; import at.gv.egovernment.moa.id.commons.utils.HttpClientWithProxySupport; +import at.gv.egovernment.moa.id.commons.utils.KeyValueUtils; import at.gv.egovernment.moa.id.process.api.ExecutionContext; import at.gv.egovernment.moa.id.protocols.pvp2x.utils.SAML2Utils; import at.gv.egovernment.moa.id.util.SSLUtils; @@ -202,30 +204,22 @@ public class CreateQualeIDRequestTask extends AbstractAuthServletTask { } private String extractVDAURLForSpecificOA(IOAAuthParameters oaConfig, ExecutionContext executionContext) { + String spSpecificVDAEndpoints = oaConfig.getConfigurationValue(MOAIDConfigurationConstants.SERVICE_AUTH_SL20_ENDPOINTS); + Map endPointMap = authConfig.getBasicMOAIDConfigurationWithPrefix(Constants.CONFIG_PROP_VDA_ENDPOINT_QUALeID_LIST); + if (MiscUtil.isNotEmpty(spSpecificVDAEndpoints)) { + endPointMap.putAll(KeyValueUtils.convertListToMap( + KeyValueUtils.getListOfCSVValues( + KeyValueUtils.normalizeCSVValueString(spSpecificVDAEndpoints)))); + Logger.debug("Find OA specific SL2.0 endpoints. Updating endPoint list ... "); + + } + + Logger.trace("Find #" + endPointMap.size() + " SL2.0 endpoints ... "); - //selection based on EntityID -// Map listOfVDAs = authConfig.getBasicMOAIDConfigurationWithPrefix(Constants.CONFIG_PROP_VDA_ENDPOINT_QUALeID_LIST); -// Map listOfSPs = authConfig.getBasicMOAIDConfigurationWithPrefix(Constants.CONFIG_PROP_SP_LIST); -// -// for (Entry el : listOfSPs.entrySet()) { -// List spEntityIds = KeyValueUtils.getListOfCSVValues(el.getValue()); -// if (spEntityIds.contains(oaConfig.getPublicURLPrefix())) { -// Logger.trace("Select VDA endPoint with Id: " + el.getKey()); -// if (listOfVDAs.containsKey(el.getKey())) -// return listOfVDAs.get(el.getKey()); -// -// else -// Logger.info("No VDA endPoint with Id: " + el.getKey()); -// -// } else -// Logger.trace("SP list: " + el.getKey() + " does not contain OAIdentifier: " + oaConfig.getPublicURLPrefix()); -// -// } - //selection based on request Header String sl20VDATypeHeader = (String) executionContext.get(SL20Constants.HTTP_HEADER_SL20_VDA_TYPE.toLowerCase()); if (MiscUtil.isNotEmpty(sl20VDATypeHeader)) { - String vdaURL = authConfig.getBasicMOAIDConfiguration(Constants.CONFIG_PROP_VDA_ENDPOINT_QUALeID_LIST + sl20VDATypeHeader); + String vdaURL = endPointMap.get(sl20VDATypeHeader); if (MiscUtil.isNotEmpty(vdaURL)) return vdaURL.trim(); @@ -235,7 +229,8 @@ public class CreateQualeIDRequestTask extends AbstractAuthServletTask { } Logger.info("NO SP specific VDA endpoint found. Use default VDA"); - return authConfig.getBasicMOAIDConfiguration(Constants.CONFIG_PROP_VDA_ENDPOINT_QUALeID_DEFAULT); + return endPointMap.getOrDefault(Constants.CONFIG_PROP_VDA_ENDPOINT_QUALeID_DEFAULT, + Constants.CONFIG_PROP_VDA_ENDPOINT_QUALeID + Constants.CONFIG_PROP_VDA_ENDPOINT_QUALeID_DEFAULT); } -- cgit v1.2.3 From 158d41705d0f8c67a858e84bda8d2c16377cf288 Mon Sep 17 00:00:00 2001 From: Thomas Lenz Date: Fri, 13 Jul 2018 15:48:17 +0200 Subject: some bug fixes --- .../src/main/webapp/jsp/snippets/OA/stork.jsp | 3 +- .../conf/moa-id/htmlTemplates/css_template.css | 84 +++++++++++++-------- .../conf/moa-id/htmlTemplates/loginFormFull.html | 68 ++++++++++------- id/server/idserverlib/pom.xml | 4 +- .../moa/id/advancedlogging/StatisticLogger.java | 80 +++++++++++--------- .../id/auth/builder/AuthenticationDataBuilder.java | 10 +-- .../builder/CreateXMLSignatureRequestBuilder.java | 2 +- .../moa/id/auth/data/AuthenticationSession.java | 22 ++++-- .../tasks/EvaluateSSOConsentsTaskImpl.java | 16 ++-- .../internal/tasks/UserRestrictionTask.java | 2 +- .../StartAuthentificationParameterParser.java | 8 +- .../moa/id/moduls/AuthenticationManager.java | 11 +-- .../gv/egovernment/moa/id/moduls/SSOManager.java | 32 +++++--- .../storage/DBAuthenticationSessionStoreage.java | 3 +- .../resources/properties/id_messages_de.properties | 6 +- .../protocol_response_statuscodes_de.properties | 2 + .../auth/data/AuthenticationDataBuilderTest.java | 2 +- ...roviderSpecificGUIFormBuilderConfiguration.java | 12 ++- .../moa/id/auth/frontend/utils/FormBuildUtils.java | 18 ++--- .../moa/id/auth/AuthenticationServer.java | 10 +-- .../AuthenticationBlockAssertionBuilder.java | 2 +- .../internal/tasks/CertificateReadRequestTask.java | 4 +- .../internal/tasks/CreateIdentityLinkFormTask.java | 2 +- .../internal/tasks/GetMISSessionIDTask.java | 3 +- .../tasks/InitializeBKUAuthenticationTask.java | 9 ++- .../tasks/PrepareAuthBlockSignatureTask.java | 3 +- .../internal/tasks/PrepareGetMISMandateTask.java | 3 +- .../tasks/VerifyAuthenticationBlockTask.java | 3 +- .../internal/tasks/VerifyCertificateTask.java | 3 +- .../internal/tasks/VerifyIdentityLinkTask.java | 3 +- .../CreateXMLSignatureResponseValidator.java | 4 +- .../tasks/CreateAuthnRequestTask.java | 50 +++--------- .../tasks/ReceiveAuthnResponseTask.java | 34 +++++++-- .../auth/modules/eIDAScentralAuth/utils/Utils.java | 45 +++++++++++ .../tasks/FirstBKAMobileAuthTask.java | 19 +---- .../tasks/SecondBKAMobileAuthTask.java | 13 +--- .../eidas/tasks/CreateIdentityLinkTask.java | 18 ++--- .../eidas/tasks/ReceiveAuthnResponseTask.java | 19 +++-- .../moa/id/protocols/eidas/EIDASProtocol.java | 6 +- .../tasks/ReceiveElgaMandateResponseTask.java | 8 +- .../elgamandates/tasks/RequestELGAMandateTask.java | 4 +- .../oauth20/protocol/OAuth20AuthRequest.java | 3 +- .../oauth20/protocol/OAuth20BaseRequest.java | 11 +-- .../oauth20/protocol/OAuth20Protocol.java | 4 +- .../oauth20/protocol/OAuth20TokenRequest.java | 3 +- .../sl20_auth/tasks/CreateQualeIDRequestTask.java | 2 +- .../sl20_auth/tasks/ReceiveQualeIDTask.java | 19 +++-- .../sl20_auth/tasks/VerifyQualifiedeIDTask.java | 14 ++-- .../task/InitializeRestoreSSOSessionTask.java | 4 +- .../ssotransfer/task/RestoreSSOSessionTask.java | 14 ++-- .../tasks/CreateAuthnRequestTask.java | 2 +- .../tasks/ReceiveAuthnResponseTask.java | 16 ++-- .../moa/id/protocols/saml1/GetArtifactAction.java | 6 +- .../moa/id/protocols/saml1/SAML1Protocol.java | 4 +- .../eaaf/eaaf-core/1.0.0/eaaf-core-1.0.0-tests.jar | Bin 53076 -> 53645 bytes .../egiz/eaaf/eaaf-core/1.0.0/eaaf-core-1.0.0.jar | Bin 360335 -> 360662 bytes .../1.0.0/eaaf_module_pvp2_core-1.0.0.jar | Bin 110449 -> 110555 bytes .../1.0.0/eaaf_module_pvp2_idp-1.0.0.jar | Bin 35302 -> 35407 bytes .../1.0.0/eaaf_module_pvp2_sp-1.0.0.jar | Bin 15649 -> 15649 bytes 59 files changed, 411 insertions(+), 341 deletions(-) create mode 100644 id/server/modules/moa-id-module-AT_eIDAS_connector/src/main/java/at/gv/egovernment/moa/id/auth/modules/eIDAScentralAuth/utils/Utils.java (limited to 'id/ConfigWebTool/src/main/webapp/jsp/snippets/OA') diff --git a/id/ConfigWebTool/src/main/webapp/jsp/snippets/OA/stork.jsp b/id/ConfigWebTool/src/main/webapp/jsp/snippets/OA/stork.jsp index 76c8d069b..129b32508 100644 --- a/id/ConfigWebTool/src/main/webapp/jsp/snippets/OA/stork.jsp +++ b/id/ConfigWebTool/src/main/webapp/jsp/snippets/OA/stork.jsp @@ -22,7 +22,7 @@ labelposition="left" cssClass="textfield_long"/> - +
diff --git a/id/server/data/deploy/conf/moa-id/htmlTemplates/css_template.css b/id/server/data/deploy/conf/moa-id/htmlTemplates/css_template.css index c8de82c50..f95106c5a 100644 --- a/id/server/data/deploy/conf/moa-id/htmlTemplates/css_template.css +++ b/id/server/data/deploy/conf/moa-id/htmlTemplates/css_template.css @@ -87,7 +87,7 @@ } #leftcontent { - width: 300px; + width: 400px; /*margin-top: 30px;*/ margin: auto; } @@ -99,9 +99,9 @@ } #bkulogin { - overflow:hidden; - min-width: 190px; - min-height: 180px; + overflow:hidden; + min-width: 190px; + min-height: 180px; /*height: 260px;*/ } @@ -130,11 +130,16 @@ float:left; margin-left: 40px; } + #centerbutton { + width: 30% + float: middle; + } + #rightbutton { width: 30%; float:right; - margin-right: 45px; + margin-right: 40px; text-align: right; } @@ -266,7 +271,7 @@ } } - @media screen and (max-width: 399px) and (min-width: 300px) { + @media screen and (max-width: 399px) and (min-width: 400px) { #localBKU p { font-size: 0.9em; } @@ -381,15 +386,14 @@ visibility: hidden; } - #leftcontent { - visibility: visible; - margin-bottom: 0px; - text-align: left; - border:none; - vertical-align: middle; - min-height: 173px; - min-width: 204px; - + #leftcontent { + visibility: visible; + margin-bottom: 0px; + text-align: left; + border:none; + vertical-align: middle; + min-height: 173px; + min-width: 204px; } #bku_header { @@ -452,13 +456,14 @@ } #leftbutton { - width: 35%; + width: 30%; float:left; margin-left: 15px; } + #rightbutton { - width: 35%; + width: 30%; float:right; margin-right: 25px; text-align: right; @@ -479,12 +484,17 @@ padding-top: 4%; height: 10%; position: relative; - text-align: center; + text-align: left; } .verticalcenter { vertical-align: middle; } + + .mandate{ + float: left; + margin-left: 4%; + } #mandateLogin div { clear: both; @@ -509,29 +519,37 @@ #bkukarte { float:left; text-align:center; - width:40%; - min-height: 70px; - padding-left: 5%; - padding-top: 2%; + width:33%; + min-height: 90px; + + padding-top: 2%; } #bkuhandy { - float:right; + float:left; text-align:center; - width:40%; - min-height: 90px; - padding-right: 5%; - padding-top: 2%; + width:33%; + min-height: 90px; + + padding-top: 2%; } + #bkueulogin { + float:left; + text-align:center; + width:33%; + min-height: 90px; + padding-top: 2%; + + } - .bkuimage { - width: 60%; - height: auto; - margin-bottom: 10%; - } + .bkuimage { + width: 55%; + height: auto; + margin-bottom: 10%; + } #mandate{ - text-align:center; + text-align:left; padding : 5px 5px 5px 5px; } diff --git a/id/server/data/deploy/conf/moa-id/htmlTemplates/loginFormFull.html b/id/server/data/deploy/conf/moa-id/htmlTemplates/loginFormFull.html index fe9bc2166..01249537f 100644 --- a/id/server/data/deploy/conf/moa-id/htmlTemplates/loginFormFull.html +++ b/id/server/data/deploy/conf/moa-id/htmlTemplates/loginFormFull.html @@ -4,7 +4,7 @@ - + @@ -26,8 +26,8 @@
-
-
- HandyBKU - -
-
+ + + + +
+ HandyBKU + +
+ + +
+ EULogin +
+ + + + +
+
- + + + + + + a href="info_stork.html" target="_blank" class="infobutton">i - + -->

Anscheinend verwenden Sie Internet Explorer im diff --git a/id/server/idserverlib/pom.xml b/id/server/idserverlib/pom.xml index 9b9b13d8b..0e8b996ba 100644 --- a/id/server/idserverlib/pom.xml +++ b/id/server/idserverlib/pom.xml @@ -319,8 +319,8 @@ eaaf-core test-jar tests - 1.0.0-snapshot - test + 1.0.0 + test Starting session reconstruction ..."); //transfer SSO Assertion into MOA-Session - AuthenticationSession moaSession = new AuthenticationSession("1235", new Date()); + AuthenticationSessionWrapper moaSession = pendingReq.getSessionData(AuthenticationSessionWrapper.class); ssoTransferUtils.parseSSOContainerToMOASessionDataObject(pendingReq, moaSession, attributeExtractor); - pendingReq.setGenericDataToSession(moaSession.getKeyValueRepresentationFromAuthSession()); // store MOASession into database requestStoreage.storePendingRequest(pendingReq); @@ -249,8 +245,8 @@ public class RestoreSSOSessionTask extends AbstractAuthServletTask { } else { //session is valid --> load MOASession object - - IAuthenticationSession moasession = new AuthenticationSessionWrapper(pendingReq.genericFullDataStorage()); + AuthenticationSessionWrapper moasession = pendingReq.getSessionData(AuthenticationSessionWrapper.class); + DateTime moaSessionCreated = new DateTime(moasession.getSessionCreated().getTime()); if (moaSessionCreated.plusMinutes(1).isBeforeNow()) { Logger.warn("No SSO session-container received. Stop authentication process after time-out."); diff --git a/id/server/modules/moa-id-modules-federated_authentication/src/main/java/at/gv/egovernment/moa/id/auth/modules/federatedauth/tasks/CreateAuthnRequestTask.java b/id/server/modules/moa-id-modules-federated_authentication/src/main/java/at/gv/egovernment/moa/id/auth/modules/federatedauth/tasks/CreateAuthnRequestTask.java index 20fd5ebc4..d0d97e9e8 100644 --- a/id/server/modules/moa-id-modules-federated_authentication/src/main/java/at/gv/egovernment/moa/id/auth/modules/federatedauth/tasks/CreateAuthnRequestTask.java +++ b/id/server/modules/moa-id-modules-federated_authentication/src/main/java/at/gv/egovernment/moa/id/auth/modules/federatedauth/tasks/CreateAuthnRequestTask.java @@ -73,7 +73,7 @@ public class CreateAuthnRequestTask extends AbstractAuthServletTask { throws TaskExecutionException { try{ // get IDP entityID - String idpEntityID = pendingReq.getGenericData(SSOManager.DATAID_INTERFEDERATIOIDP_URL, String.class); + String idpEntityID = pendingReq.getRawData(SSOManager.DATAID_INTERFEDERATIOIDP_URL, String.class); if (MiscUtil.isEmpty(idpEntityID)) { Logger.info("Interfederation not possible -> not inderfederation IDP EntityID found!"); diff --git a/id/server/modules/moa-id-modules-federated_authentication/src/main/java/at/gv/egovernment/moa/id/auth/modules/federatedauth/tasks/ReceiveAuthnResponseTask.java b/id/server/modules/moa-id-modules-federated_authentication/src/main/java/at/gv/egovernment/moa/id/auth/modules/federatedauth/tasks/ReceiveAuthnResponseTask.java index f5af84405..6b6d1a196 100644 --- a/id/server/modules/moa-id-modules-federated_authentication/src/main/java/at/gv/egovernment/moa/id/auth/modules/federatedauth/tasks/ReceiveAuthnResponseTask.java +++ b/id/server/modules/moa-id-modules-federated_authentication/src/main/java/at/gv/egovernment/moa/id/auth/modules/federatedauth/tasks/ReceiveAuthnResponseTask.java @@ -47,6 +47,7 @@ import at.gv.egiz.eaaf.core.exceptions.EAAFConfigurationException; import at.gv.egiz.eaaf.core.exceptions.EAAFStorageException; import at.gv.egiz.eaaf.core.exceptions.InvalidProtocolRequestException; import at.gv.egiz.eaaf.core.exceptions.TaskExecutionException; +import at.gv.egiz.eaaf.core.impl.idp.auth.data.AuthProcessDataWrapper; import at.gv.egiz.eaaf.core.impl.idp.auth.modules.AbstractAuthServletTask; import at.gv.egiz.eaaf.modules.pvp2.api.binding.IDecoder; import at.gv.egiz.eaaf.modules.pvp2.exception.CredentialsNotAvailableException; @@ -168,11 +169,11 @@ public class ReceiveAuthnResponseTask extends AbstractAuthServletTask { //check if SP is also a federated IDP if (spConfig.isInderfederationIDP()) { //SP is a federated IDP --> answer only with nameID and wait for attribute-Query - pendingReq.setGenericDataToSession( + pendingReq.setRawDataToTransaction( MOAIDAuthConstants.DATAID_INTERFEDERATION_MINIMAL_FRONTCHANNEL_RESP, true); - pendingReq.setGenericDataToSession( + pendingReq.setRawDataToTransaction( MOAIDAuthConstants.DATAID_INTERFEDERATION_NAMEID, extractor.getNameID()); - pendingReq.setGenericDataToSession( + pendingReq.setRawDataToTransaction( MOAIDAuthConstants.DATAID_INTERFEDERATION_QAALEVEL, extractor.getQAALevel()); authenticatedSessionStorage. @@ -195,8 +196,8 @@ public class ReceiveAuthnResponseTask extends AbstractAuthServletTask { } //store valid assertion into pending-request - pendingReq.setGenericDataToSession(SSOManager.DATAID_INTERFEDERATIOIDP_RESPONSE, processedMsg); - pendingReq.setGenericDataToSession(SSOManager.DATAID_INTERFEDERATIOIDP_ENTITYID, processedMsg.getEntityID()); + pendingReq.setRawDataToTransaction(SSOManager.DATAID_INTERFEDERATIOIDP_RESPONSE, processedMsg); + pendingReq.setRawDataToTransaction(SSOManager.DATAID_INTERFEDERATIOIDP_ENTITYID, processedMsg.getEntityID()); //store pending-request requestStoreage.storePendingRequest(pendingReq); @@ -297,6 +298,7 @@ public class ReceiveAuthnResponseTask extends AbstractAuthServletTask { //copy attributes into MOASession Set includedAttrNames = extractor.getAllIncludeAttributeNames(); + AuthProcessDataWrapper session = pendingReq.getSessionData(AuthProcessDataWrapper.class); for (String el : includedAttrNames) { String value = extractor.getSingleAttributeValue(el); @@ -310,13 +312,13 @@ public class ReceiveAuthnResponseTask extends AbstractAuthServletTask { } } - pendingReq.setGenericDataToSession(el, value); + session.setGenericDataToSession(el, value); Logger.debug("Add PVP-attribute " + el + " into MOASession"); } //set validTo from this federated IDP response - pendingReq.setGenericDataToSession( + session.setGenericDataToSession( AuthenticationSessionStorageConstants.FEDERATION_RESPONSE_VALIDE_TO, extractor.getAssertionNotOnOrAfter()); diff --git a/id/server/modules/moa-id-modules-saml1/src/main/java/at/gv/egovernment/moa/id/protocols/saml1/GetArtifactAction.java b/id/server/modules/moa-id-modules-saml1/src/main/java/at/gv/egovernment/moa/id/protocols/saml1/GetArtifactAction.java index 92bcce24b..21dbb573a 100644 --- a/id/server/modules/moa-id-modules-saml1/src/main/java/at/gv/egovernment/moa/id/protocols/saml1/GetArtifactAction.java +++ b/id/server/modules/moa-id-modules-saml1/src/main/java/at/gv/egovernment/moa/id/protocols/saml1/GetArtifactAction.java @@ -85,14 +85,14 @@ public class GetArtifactAction implements IAction { String samlArtifactBase64 = saml1server.BuildSAMLArtifact(oaParam, authData, sourceID); - String oaTargetArea = req.getGenericData(SAML1Protocol.REQ_DATA_TARGET, String.class); + String oaTargetArea = req.getRawData(SAML1Protocol.REQ_DATA_TARGET, String.class); if (authData.isSsoSession()) { String url = req.getAuthURL() + RedirectServlet.SERVICE_ENDPOINT; url = addURLParameter(url, RedirectServlet.REDIRCT_PARAM_URL, URLEncoder.encode(oaURL, "UTF-8")); if (MiscUtil.isNotEmpty(oaTargetArea)) url = addURLParameter(url, MOAIDAuthConstants.PARAM_TARGET, - URLEncoder.encode(req.getGenericData(SAML1Protocol.REQ_DATA_TARGET, String.class), "UTF-8")); + URLEncoder.encode(req.getRawData(SAML1Protocol.REQ_DATA_TARGET, String.class), "UTF-8")); url = addURLParameter(url, MOAIDAuthConstants.PARAM_SAMLARTIFACT, URLEncoder.encode(samlArtifactBase64, "UTF-8")); url = httpResp.encodeRedirectURL(url); @@ -104,7 +104,7 @@ public class GetArtifactAction implements IAction { String redirectURL = oaURL; if (MiscUtil.isNotEmpty(oaTargetArea)) { redirectURL = addURLParameter(redirectURL, MOAIDAuthConstants.PARAM_TARGET, - URLEncoder.encode(req.getGenericData(SAML1Protocol.REQ_DATA_TARGET, String.class), "UTF-8")); + URLEncoder.encode(req.getRawData(SAML1Protocol.REQ_DATA_TARGET, String.class), "UTF-8")); } diff --git a/id/server/modules/moa-id-modules-saml1/src/main/java/at/gv/egovernment/moa/id/protocols/saml1/SAML1Protocol.java b/id/server/modules/moa-id-modules-saml1/src/main/java/at/gv/egovernment/moa/id/protocols/saml1/SAML1Protocol.java index 398119a7f..30d740a2a 100644 --- a/id/server/modules/moa-id-modules-saml1/src/main/java/at/gv/egovernment/moa/id/protocols/saml1/SAML1Protocol.java +++ b/id/server/modules/moa-id-modules-saml1/src/main/java/at/gv/egovernment/moa/id/protocols/saml1/SAML1Protocol.java @@ -193,7 +193,7 @@ public class SAML1Protocol extends AbstractAuthProtocolModulController implement revisionsLogger.logEvent(pendingRequest, MOAIDEventConstants.AUTHPROTOCOL_SAML1_AUTHNREQUEST); if (MiscUtil.isNotEmpty(target)) { - pendingRequest.setGenericDataToSession(REQ_DATA_TARGET, target); + pendingRequest.setRawDataToTransaction(REQ_DATA_TARGET, target); pendingRequest.setTarget(MOAIDAuthConstants.PREFIX_CDID + target); } else { @@ -201,7 +201,7 @@ public class SAML1Protocol extends AbstractAuthProtocolModulController implement pendingRequest.setTarget(targetArea); if (targetArea.startsWith(MOAIDAuthConstants.PREFIX_CDID)) - pendingRequest.setGenericDataToSession(REQ_DATA_TARGET, + pendingRequest.setRawDataToTransaction(REQ_DATA_TARGET, targetArea.substring(MOAIDAuthConstants.PREFIX_CDID.length())); diff --git a/repository/at/gv/egiz/eaaf/eaaf-core/1.0.0/eaaf-core-1.0.0-tests.jar b/repository/at/gv/egiz/eaaf/eaaf-core/1.0.0/eaaf-core-1.0.0-tests.jar index e892b3f35..9edec3e82 100644 Binary files a/repository/at/gv/egiz/eaaf/eaaf-core/1.0.0/eaaf-core-1.0.0-tests.jar and b/repository/at/gv/egiz/eaaf/eaaf-core/1.0.0/eaaf-core-1.0.0-tests.jar differ diff --git a/repository/at/gv/egiz/eaaf/eaaf-core/1.0.0/eaaf-core-1.0.0.jar b/repository/at/gv/egiz/eaaf/eaaf-core/1.0.0/eaaf-core-1.0.0.jar index f3f35cf39..0837eb813 100644 Binary files a/repository/at/gv/egiz/eaaf/eaaf-core/1.0.0/eaaf-core-1.0.0.jar and b/repository/at/gv/egiz/eaaf/eaaf-core/1.0.0/eaaf-core-1.0.0.jar differ diff --git a/repository/at/gv/egiz/eaaf/eaaf_module_pvp2_core/1.0.0/eaaf_module_pvp2_core-1.0.0.jar b/repository/at/gv/egiz/eaaf/eaaf_module_pvp2_core/1.0.0/eaaf_module_pvp2_core-1.0.0.jar index 6473df192..612ec0b6c 100644 Binary files a/repository/at/gv/egiz/eaaf/eaaf_module_pvp2_core/1.0.0/eaaf_module_pvp2_core-1.0.0.jar and b/repository/at/gv/egiz/eaaf/eaaf_module_pvp2_core/1.0.0/eaaf_module_pvp2_core-1.0.0.jar differ diff --git a/repository/at/gv/egiz/eaaf/eaaf_module_pvp2_idp/1.0.0/eaaf_module_pvp2_idp-1.0.0.jar b/repository/at/gv/egiz/eaaf/eaaf_module_pvp2_idp/1.0.0/eaaf_module_pvp2_idp-1.0.0.jar index 6317fa4a4..e45f380a6 100644 Binary files a/repository/at/gv/egiz/eaaf/eaaf_module_pvp2_idp/1.0.0/eaaf_module_pvp2_idp-1.0.0.jar and b/repository/at/gv/egiz/eaaf/eaaf_module_pvp2_idp/1.0.0/eaaf_module_pvp2_idp-1.0.0.jar differ diff --git a/repository/at/gv/egiz/eaaf/eaaf_module_pvp2_sp/1.0.0/eaaf_module_pvp2_sp-1.0.0.jar b/repository/at/gv/egiz/eaaf/eaaf_module_pvp2_sp/1.0.0/eaaf_module_pvp2_sp-1.0.0.jar index ff42b691e..c3251bc5f 100644 Binary files a/repository/at/gv/egiz/eaaf/eaaf_module_pvp2_sp/1.0.0/eaaf_module_pvp2_sp-1.0.0.jar and b/repository/at/gv/egiz/eaaf/eaaf_module_pvp2_sp/1.0.0/eaaf_module_pvp2_sp-1.0.0.jar differ -- cgit v1.2.3