From 30e324851d67bd900471457e3c30a19b4073ec77 Mon Sep 17 00:00:00 2001 From: Thomas Lenz Date: Mon, 25 Jun 2018 13:22:20 +0200 Subject: add SP specific configuration for SL2.0 --- .../data/oa/OAAuthenticationData.java | 55 ++++++++++++++++++- .../oa/OAAuthenticationDataValidation.java | 61 +++++++++++++++++++++- .../resources/applicationResources_de.properties | 8 +++ .../resources/applicationResources_en.properties | 8 +++ .../main/webapp/jsp/snippets/OA/authentication.jsp | 21 ++++++++ 5 files changed, 151 insertions(+), 2 deletions(-) (limited to 'id/ConfigWebTool/src') diff --git a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/data/oa/OAAuthenticationData.java b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/data/oa/OAAuthenticationData.java index ad99f5d22..2f51e68b4 100644 --- a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/data/oa/OAAuthenticationData.java +++ b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/data/oa/OAAuthenticationData.java @@ -85,6 +85,11 @@ public class OAAuthenticationData implements IOnlineApplicationData { private boolean useTestIDLValidationTrustStore = false; private boolean useTestAuthblockValidationTrustStore = false; + + //SL2.0 + private boolean sl20Active = false; + private String sl20EndPoints = null; + /** * */ @@ -253,6 +258,29 @@ public class OAAuthenticationData implements IOnlineApplicationData { useTestIDLValidationTrustStore = oaauth.getTestCredentials().isUseTestIDLTrustStore(); } + //parse SL2.0 information + if (oaauth.isSl20Active()) { + //parse SL2.0 endpoint information + if (oaauth.getSl20EndPoints() != null) { + if (KeyValueUtils.isCSVValueString(oaauth.getSl20EndPoints())) + sl20EndPoints = KeyValueUtils.normalizeCSVValueString(oaauth.getSl20EndPoints()); + + else { + if (oaauth.getSl20EndPoints().contains(KeyValueUtils.CSV_DELIMITER)) { + //remove trailing comma if exist + sl20EndPoints = oaauth.getSl20EndPoints().substring(0, + oaauth.getSl20EndPoints().indexOf(KeyValueUtils.CSV_DELIMITER)); + + } else + sl20EndPoints = oaauth.getSl20EndPoints(); + + } + } + sl20Active = oaauth.isSl20Active(); + + } + + return null; } @@ -392,7 +420,10 @@ public class OAAuthenticationData implements IOnlineApplicationData { testing.setUseTestIDLTrustStore(useTestIDLValidationTrustStore); - + //store SL2.0 information + authoa.setSl20Active(isSl20Active()); + authoa.setSl20EndPoints(getSl20EndPoints()); + return null; } @@ -768,6 +799,28 @@ public class OAAuthenticationData implements IOnlineApplicationData { public List getSzrgwServicesList() { return szrgwServicesList; } + + + public boolean isSl20Active() { + return sl20Active; + } + + public void setSl20Active(boolean sl20Active) { + this.sl20Active = sl20Active; + } + + public String getSl20EndPoints() { + return sl20EndPoints; + } + + public void setSl20EndPoints(String sl20EndPoints) { + if (MiscUtil.isNotEmpty(sl20EndPoints)) + this.sl20EndPoints = + KeyValueUtils.removeAllNewlineFromString(sl20EndPoints); + else + this.sl20EndPoints = sl20EndPoints; + } + } diff --git a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/validation/oa/OAAuthenticationDataValidation.java b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/validation/oa/OAAuthenticationDataValidation.java index a758088b1..32ef4a6cc 100644 --- a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/validation/oa/OAAuthenticationDataValidation.java +++ b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/validation/oa/OAAuthenticationDataValidation.java @@ -31,6 +31,7 @@ import javax.servlet.http.HttpServletRequest; import org.apache.log4j.Logger; import at.gv.egovernment.moa.id.commons.MOAIDAuthConstants; +import at.gv.egovernment.moa.id.commons.utils.KeyValueUtils; import at.gv.egovernment.moa.id.commons.validation.ValidationHelper; import at.gv.egovernment.moa.id.configuration.data.oa.OAAuthenticationData; import at.gv.egovernment.moa.id.configuration.helper.LanguageHelper; @@ -187,7 +188,65 @@ public class OAAuthenticationDataValidation { } - + + if (form.isSl20Active()) { + if (MiscUtil.isNotEmpty(form.getSl20EndPoints())) { + log.debug("Validate SL2.0 configuration ... "); + List sl20Endpoints = KeyValueUtils.getListOfCSVValues(form.getSl20EndPoints()); + if (sl20Endpoints.size() == 1) { + String value = sl20Endpoints.get(0); + + if (!value.startsWith(KeyValueUtils.DEFAULT_VALUE + KeyValueUtils.KEYVVALUEDELIMITER) && + value.contains(KeyValueUtils.KEYVVALUEDELIMITER)) { + log.warn("SL2.0 endpoint '" + value + "' has wrong format"); + errors.add(LanguageHelper.getErrorString("validation.general.sl20.endpoints.wrong", + new Object[] {value}, request )); + + } else if (!value.startsWith(KeyValueUtils.DEFAULT_VALUE + KeyValueUtils.KEYVVALUEDELIMITER) && + !value.contains(KeyValueUtils.KEYVVALUEDELIMITER) ) { + log.info("Find one SL2.0 endpoint without 'default='. Start update ... "); + form.setSl20EndPoints(KeyValueUtils.DEFAULT_VALUE + KeyValueUtils.KEYVVALUEDELIMITER + value); + + } + + } else { + boolean findDefault = false; + for (String el : sl20Endpoints) { + if (!el.contains(KeyValueUtils.KEYVVALUEDELIMITER)) { + log.warn("SL2.0 endpoint '" + el + "' has wrong format"); + errors.add(LanguageHelper.getErrorString("validation.general.sl20.endpoints.wrong", + new Object[] {el}, request )); + + } else { + if (el.startsWith(KeyValueUtils.DEFAULT_VALUE + KeyValueUtils.KEYVVALUEDELIMITER)) { + log.debug("Find default endpoint."); + findDefault = true; + + } else { + String firstPart = el.split(KeyValueUtils.KEYVVALUEDELIMITER)[0]; + try { + Integer.valueOf(firstPart); + + } catch (NumberFormatException e) { + log.warn("SL2.0 endpoint '" + el + "' has wrong format", e); + errors.add(LanguageHelper.getErrorString("validation.general.sl20.endpoints.wrong", + new Object[] {el}, request )); + + } + } + } + } + + if (!findDefault) { + log.warn("SL2.0 endpoints contains NO default endpoint"); + errors.add(LanguageHelper.getErrorString("validation.general.sl20.endpoints.default", + new Object[] {}, request )); + + } + } + } + } + return errors; } } diff --git a/id/ConfigWebTool/src/main/resources/applicationResources_de.properties b/id/ConfigWebTool/src/main/resources/applicationResources_de.properties index 2006625ff..047d4b200 100644 --- a/id/ConfigWebTool/src/main/resources/applicationResources_de.properties +++ b/id/ConfigWebTool/src/main/resources/applicationResources_de.properties @@ -562,3 +562,11 @@ validation.general.form.appletredirecttarget=Der RedirectTarget beinhaltet einen validation.general.form.fonttype=Der BKU-Auswahl Schrifttyp enth\u00E4lt nicht erlaubte Zeichen. Folgende Zeichen sind nicht erlaubt\: {0} validation.general.form.applet.width=Die Appleth\u00F6he ist keine g\\u00FCltige Zahl. validation.general.form.applet.height=Die Appletbreite ist keine g\\u00FCltige Zahl. + + +###new +webpages.oaconfig.general.sl20.header=Security Layer für mobile Authententifizierung +webpages.oaconfig.general.sl20.enable=SL2.0 aktivieren +webpages.oaconfig.general.sl20.endpoints=VDA Endpunkt URLs +validation.general.sl20.endpoints.default=SL2.0 Endpunkt beinhaltet keinen 'default' Endpunkt. +validation.general.sl20.endpoints.wrong=SL2.0 Endpunkt ist ung\\u00FCltig formatiert {0}. diff --git a/id/ConfigWebTool/src/main/resources/applicationResources_en.properties b/id/ConfigWebTool/src/main/resources/applicationResources_en.properties index 694294df7..43fa0f3ae 100644 --- a/id/ConfigWebTool/src/main/resources/applicationResources_en.properties +++ b/id/ConfigWebTool/src/main/resources/applicationResources_en.properties @@ -559,3 +559,11 @@ validation.general.form.appletredirecttarget=RedirectTarget contains invalud val validation.general.form.fonttype=Font type for CCE selection contains forbidden characters. The following characters are not allowed\: {0} validation.general.form.applet.width=The height of applet is invalid number. validation.general.form.applet.height=The width of applet is invalid number. + + +###new +webpages.oaconfig.general.sl20.header=Security Layer for mobile Authentication +webpages.oaconfig.general.sl20.enable=Activate SL2.0 +webpages.oaconfig.general.sl20.endpoints=VDA endPoint URLs +validation.general.sl20.endpoints.default=SL2.0 endpoint contains NO 'default'. +validation.general.sl20.endpoints.wrong=SL2.0 endpoint {0} is not valid. \ No newline at end of file diff --git a/id/ConfigWebTool/src/main/webapp/jsp/snippets/OA/authentication.jsp b/id/ConfigWebTool/src/main/webapp/jsp/snippets/OA/authentication.jsp index 59661091b..d2668e264 100644 --- a/id/ConfigWebTool/src/main/webapp/jsp/snippets/OA/authentication.jsp +++ b/id/ConfigWebTool/src/main/webapp/jsp/snippets/OA/authentication.jsp @@ -67,6 +67,27 @@ +
+

<%=LanguageHelper.getGUIString("webpages.oaconfig.general.sl20.header", request) %>

+ + + + + +
+ +

<%=LanguageHelper.getGUIString("webpages.oaconfig.general.testing.header", request) %>

-- cgit v1.2.3