From 0436de6184c1a95d463da52929e3bf60923d6e04 Mon Sep 17 00:00:00 2001 From: Thomas Lenz Date: Mon, 13 Dec 2021 09:23:09 +0100 Subject: update third-party libs and resolve API issues --- .../auth/pvp2/servlets/Authenticate.java | 313 +-- .../auth/pvp2/servlets/BuildMetadata.java | 531 +++-- .../auth/pvp2/servlets/SLOBackChannelServlet.java | 203 +- .../auth/pvp2/servlets/SLOBasicServlet.java | 433 ++-- .../auth/pvp2/servlets/SLOFrontChannelServlet.java | 443 ++-- .../config/ConfigurationProvider.java | 1235 ++++++----- .../configuration/data/FormularCustomization.java | 1564 +++++++------- .../id/configuration/data/GeneralMOAIDConfig.java | 2183 ++++++++++---------- .../id/configuration/data/GeneralStorkConfig.java | 274 +-- .../moa/id/configuration/data/OAListElement.java | 187 +- .../moa/id/configuration/data/StorkAttributes.java | 42 +- .../id/configuration/data/UserDatabaseFrom.java | 630 +++--- .../id/configuration/data/oa/AttributeHelper.java | 92 +- .../data/oa/IOnlineApplicationData.java | 55 +- .../data/oa/OAAuthenticationData.java | 1572 +++++++------- .../id/configuration/data/oa/OABPKEncryption.java | 633 +++--- .../id/configuration/data/oa/OAGeneralConfig.java | 275 +-- .../data/oa/OAMOAIDPInterfederationConfig.java | 362 ++-- .../id/configuration/data/oa/OAOAuth20Config.java | 267 +-- .../moa/id/configuration/data/oa/OAPVP2Config.java | 439 ++-- .../configuration/data/oa/OARevisionsLogData.java | 237 ++- .../id/configuration/data/oa/OASAML1Config.java | 383 ++-- .../moa/id/configuration/data/oa/OASSOConfig.java | 184 +- .../id/configuration/data/oa/OASTORKConfig.java | 623 +++--- .../data/oa/OATargetConfiguration.java | 851 ++++---- .../data/oa/PVPGatewayInterfederationConfig.java | 202 +- .../configuration/filter/AuthenticationFilter.java | 6 +- .../id/configuration/filter/EncodingFilter.java | 6 +- .../configuration/helper/AuthenticationHelper.java | 40 +- .../id/configuration/helper/DateTimeHelper.java | 50 +- .../id/configuration/helper/FormDataHelper.java | 131 +- .../id/configuration/helper/LanguageHelper.java | 106 +- .../moa/id/configuration/helper/MailHelper.java | 435 ++-- .../moa/id/configuration/helper/StringHelper.java | 62 +- .../configuration/struts/action/BasicAction.java | 175 +- .../configuration/struts/action/BasicOAAction.java | 1187 +++++------ .../struts/action/EditGeneralConfigAction.java | 1548 +++++++------- .../configuration/struts/action/EditOAAction.java | 981 ++++----- .../struts/action/IDPGatewayAction.java | 36 +- .../struts/action/ImportExportAction.java | 929 +++++---- .../configuration/struts/action/IndexAction.java | 1643 +++++++-------- .../struts/action/InterfederationIDPAction.java | 822 ++++---- .../configuration/struts/action/ListOAsAction.java | 307 ++- .../configuration/struts/action/MOAIDPAction.java | 41 +- .../id/configuration/struts/action/MainAction.java | 66 +- .../struts/action/OpenAdminRequestsAction.java | 125 +- .../struts/action/UserManagementAction.java | 1130 +++++----- .../id/configuration/struts/action/VIDPAction.java | 63 +- .../utils/ConfigurationEncryptionUtils.java | 84 +- .../moa/id/configuration/utils/SAML2Utils.java | 97 +- .../id/configuration/utils/UserRequestCleaner.java | 110 +- .../validation/CompanyNumberValidator.java | 92 +- .../validation/FormularCustomizationValitator.java | 284 +-- .../validation/IdentificationNumberValidator.java | 4 +- .../validation/UserDatabaseFormValidator.java | 312 ++- .../validation/moaconfig/MOAConfigValidator.java | 857 ++++---- .../validation/moaconfig/PVP2ContactValidator.java | 130 +- .../validation/moaconfig/StorkConfigValidator.java | 187 +- .../oa/OAAuthenticationDataValidation.java | 419 ++-- .../validation/oa/OAFileUploadValidation.java | 89 +- .../validation/oa/OAOAUTH20ConfigValidation.java | 33 +- .../validation/oa/OAPVP2ConfigValidation.java | 362 ++-- .../validation/oa/OASAML1ConfigValidation.java | 28 +- .../validation/oa/OASSOConfigValidation.java | 44 +- .../validation/oa/OASTORKConfigValidation.java | 85 +- .../validation/oa/OATargetConfigValidation.java | 254 ++- 66 files changed, 13912 insertions(+), 13661 deletions(-) (limited to 'id/ConfigWebTool/src') diff --git a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/auth/pvp2/servlets/Authenticate.java b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/auth/pvp2/servlets/Authenticate.java index 84fbec0e8..c6946e509 100644 --- a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/auth/pvp2/servlets/Authenticate.java +++ b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/auth/pvp2/servlets/Authenticate.java @@ -36,7 +36,6 @@ import javax.xml.parsers.ParserConfigurationException; import javax.xml.transform.TransformerException; import org.joda.time.DateTime; -import org.opensaml.Configuration; import org.opensaml.common.impl.SecureRandomIdentifierGenerator; import org.opensaml.common.xml.SAMLConstants; import org.opensaml.saml2.core.AuthnContextClassRef; @@ -67,163 +66,167 @@ import at.gv.egovernment.moa.id.configuration.config.ConfigurationProvider; import at.gv.egovernment.moa.id.configuration.utils.SAML2Utils; import at.gv.egovernment.moa.util.MiscUtil; - /** * Servlet implementation class Authenticate */ public class Authenticate extends HttpServlet { - private static final long serialVersionUID = 1L; - - private static final Logger log = LoggerFactory - .getLogger(Authenticate.class); - - private static DocumentBuilderFactory factory = null; - - static { - initialDocumentBuilderFactory(); - } - - synchronized private static void initialDocumentBuilderFactory() { - factory = DocumentBuilderFactory.newInstance(); - factory.setNamespaceAware(true); - - } - - public Document asDOMDocument(XMLObject object) throws IOException, - MarshallingException, TransformerException, ParserConfigurationException { - try { - DocumentBuilder builder = null; - synchronized (factory) { - builder = factory.newDocumentBuilder(); - - } - - Document document = builder.newDocument(); - Marshaller out = Configuration.getMarshallerFactory().getMarshaller( - object); - out.marshall(object, document); - return document; - - } catch (ParserConfigurationException e) { - log.warn("PVP2 AuthenticationServlet can not be initialized.", e); - throw e; - } - - } - - protected void process(HttpServletRequest request, - HttpServletResponse response, Map legacyParameter) throws ServletException, IOException { - try { - - ConfigurationProvider config = ConfigurationProvider.getInstance(); - config.initializePVP2Login(); - - AuthnRequest authReq = SAML2Utils - .createSAMLObject(AuthnRequest.class); - SecureRandomIdentifierGenerator gen = new SecureRandomIdentifierGenerator(); - authReq.setID(gen.generateIdentifier()); - - HttpSession session = request.getSession(); - if (session != null) { - session.setAttribute(Constants.SESSION_PVP2REQUESTID, authReq.getID()); - } - - authReq.setAssertionConsumerServiceIndex(0); - authReq.setAttributeConsumingServiceIndex(0); - authReq.setIssueInstant(new DateTime()); - Subject subject = SAML2Utils.createSAMLObject(Subject.class); - NameID name = SAML2Utils.createSAMLObject(NameID.class); - Issuer issuer = SAML2Utils.createSAMLObject(Issuer.class); - - String serviceURL = config.getPublicUrlPreFix(request); - if (!serviceURL.endsWith("/")) - serviceURL = serviceURL + "/"; - name.setValue(serviceURL); - issuer.setValue(serviceURL); - - subject.setNameID(name); - authReq.setSubject(subject); - issuer.setFormat(NameIDType.ENTITY); - authReq.setIssuer(issuer); - NameIDPolicy policy = SAML2Utils - .createSAMLObject(NameIDPolicy.class); - policy.setAllowCreate(true); - policy.setFormat(NameID.PERSISTENT); - authReq.setNameIDPolicy(policy); - - String entityname = config.getPVP2IDPMetadataEntityName(); - if (MiscUtil.isEmpty(entityname)) { - log.info("No IDP EntityName configurated"); - throw new ConfigurationException("No IDP EntityName configurated"); - } - - HTTPMetadataProvider idpmetadata = config.getMetaDataProvier(); - EntityDescriptor idpEntity = idpmetadata.getEntityDescriptor(entityname); - if (idpEntity == null) { - log.info("IDP EntityName is not found in IDP Metadata"); - throw new ConfigurationException("IDP EntityName is not found in IDP Metadata"); - } - - SingleSignOnService redirectEndpoint = null; - for (SingleSignOnService sss : - idpEntity.getIDPSSODescriptor(SAMLConstants.SAML20P_NS).getSingleSignOnServices()) { - - //Get the service address for the binding you wish to use - if (sss.getBinding().equals(SAMLConstants.SAML2_POST_BINDING_URI)) { - redirectEndpoint = sss; - } - } - - authReq.setDestination(redirectEndpoint.getLocation()); - - RequestedAuthnContext reqAuthContext = - SAML2Utils.createSAMLObject(RequestedAuthnContext.class); - - AuthnContextClassRef authnClassRef = - SAML2Utils.createSAMLObject(AuthnContextClassRef.class); - - authnClassRef.setAuthnContextClassRef("http://www.stork.gov.eu/1.0/citizenQAALevel/4"); - - reqAuthContext.setComparison(AuthnContextComparisonTypeEnumeration.MINIMUM); - - reqAuthContext.getAuthnContextClassRefs().add(authnClassRef); - - authReq.setRequestedAuthnContext(reqAuthContext); - - //sign Message - X509Credential authcredential = PVP2Utils.signMessage((AbstractSignableXMLObject) authReq, config); - - //encode message - PVP2Utils.postBindingEncoder(request, - response, - authReq, - authcredential, - redirectEndpoint.getLocation(), - null); - - } catch (Exception e) { - log.warn("Authentication Request can not be generated", e); - throw new ServletException("Authentication Request can not be generated.", e); - } - } - - /** - * @see HttpServlet#doGet(HttpServletRequest request, HttpServletResponse - * response) - */ - protected void doGet(HttpServletRequest request, - HttpServletResponse response) throws ServletException, IOException { - - process(request, response, null); - } - - /** - * @see HttpServlet#doPost(HttpServletRequest request, HttpServletResponse - * response) - */ - protected void doPost(HttpServletRequest request, - HttpServletResponse response) throws ServletException, IOException { - process(request, response, null); - } + private static final long serialVersionUID = 1L; + + private static final Logger log = LoggerFactory + .getLogger(Authenticate.class); + + private static DocumentBuilderFactory factory = null; + + static { + initialDocumentBuilderFactory(); + } + + synchronized private static void initialDocumentBuilderFactory() { + factory = DocumentBuilderFactory.newInstance(); + factory.setNamespaceAware(true); + + } + + public Document asDOMDocument(XMLObject object) throws IOException, + MarshallingException, TransformerException, ParserConfigurationException { + try { + DocumentBuilder builder = null; + synchronized (factory) { + builder = factory.newDocumentBuilder(); + + } + + final Document document = builder.newDocument(); + final Marshaller out = org.opensaml.xml.Configuration.getMarshallerFactory().getMarshaller( + object); + out.marshall(object, document); + return document; + + } catch (final ParserConfigurationException e) { + log.warn("PVP2 AuthenticationServlet can not be initialized.", e); + throw e; + } + + } + + protected void process(HttpServletRequest request, + HttpServletResponse response, Map legacyParameter) throws ServletException, + IOException { + try { + + final ConfigurationProvider config = ConfigurationProvider.getInstance(); + config.initializePVP2Login(); + + final AuthnRequest authReq = SAML2Utils + .createSAMLObject(AuthnRequest.class); + final SecureRandomIdentifierGenerator gen = new SecureRandomIdentifierGenerator(); + authReq.setID(gen.generateIdentifier()); + + final HttpSession session = request.getSession(); + if (session != null) { + session.setAttribute(Constants.SESSION_PVP2REQUESTID, authReq.getID()); + } + + authReq.setAssertionConsumerServiceIndex(0); + authReq.setAttributeConsumingServiceIndex(0); + authReq.setIssueInstant(new DateTime()); + final Subject subject = SAML2Utils.createSAMLObject(Subject.class); + final NameID name = SAML2Utils.createSAMLObject(NameID.class); + final Issuer issuer = SAML2Utils.createSAMLObject(Issuer.class); + + String serviceURL = config.getPublicUrlPreFix(request); + if (!serviceURL.endsWith("/")) { + serviceURL = serviceURL + "/"; + } + name.setValue(serviceURL); + issuer.setValue(serviceURL); + + subject.setNameID(name); + authReq.setSubject(subject); + issuer.setFormat(NameIDType.ENTITY); + authReq.setIssuer(issuer); + final NameIDPolicy policy = SAML2Utils + .createSAMLObject(NameIDPolicy.class); + policy.setAllowCreate(true); + policy.setFormat(NameIDType.PERSISTENT); + authReq.setNameIDPolicy(policy); + + final String entityname = config.getPVP2IDPMetadataEntityName(); + if (MiscUtil.isEmpty(entityname)) { + log.info("No IDP EntityName configurated"); + throw new ConfigurationException("No IDP EntityName configurated"); + } + + final HTTPMetadataProvider idpmetadata = config.getMetaDataProvier(); + final EntityDescriptor idpEntity = idpmetadata.getEntityDescriptor(entityname); + if (idpEntity == null) { + log.info("IDP EntityName is not found in IDP Metadata"); + throw new ConfigurationException("IDP EntityName is not found in IDP Metadata"); + } + + SingleSignOnService redirectEndpoint = null; + for (final SingleSignOnService sss : idpEntity.getIDPSSODescriptor(SAMLConstants.SAML20P_NS) + .getSingleSignOnServices()) { + + // Get the service address for the binding you wish to use + if (sss.getBinding().equals(SAMLConstants.SAML2_POST_BINDING_URI)) { + redirectEndpoint = sss; + } + } + + authReq.setDestination(redirectEndpoint.getLocation()); + + final RequestedAuthnContext reqAuthContext = + SAML2Utils.createSAMLObject(RequestedAuthnContext.class); + + final AuthnContextClassRef authnClassRef = + SAML2Utils.createSAMLObject(AuthnContextClassRef.class); + + authnClassRef.setAuthnContextClassRef("http://www.stork.gov.eu/1.0/citizenQAALevel/4"); + + reqAuthContext.setComparison(AuthnContextComparisonTypeEnumeration.MINIMUM); + + reqAuthContext.getAuthnContextClassRefs().add(authnClassRef); + + authReq.setRequestedAuthnContext(reqAuthContext); + + // sign Message + final X509Credential authcredential = PVP2Utils.signMessage((AbstractSignableXMLObject) authReq, + config); + + // encode message + PVP2Utils.postBindingEncoder(request, + response, + authReq, + authcredential, + redirectEndpoint.getLocation(), + null); + + } catch (final Exception e) { + log.warn("Authentication Request can not be generated", e); + throw new ServletException("Authentication Request can not be generated.", e); + } + } + + /** + * @see HttpServlet#doGet(HttpServletRequest request, HttpServletResponse + * response) + */ + @Override + protected void doGet(HttpServletRequest request, + HttpServletResponse response) throws ServletException, IOException { + + process(request, response, null); + } + + /** + * @see HttpServlet#doPost(HttpServletRequest request, HttpServletResponse + * response) + */ + @Override + protected void doPost(HttpServletRequest request, + HttpServletResponse response) throws ServletException, IOException { + process(request, response, null); + } } diff --git a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/auth/pvp2/servlets/BuildMetadata.java b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/auth/pvp2/servlets/BuildMetadata.java index 7256d8688..ca03054aa 100644 --- a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/auth/pvp2/servlets/BuildMetadata.java +++ b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/auth/pvp2/servlets/BuildMetadata.java @@ -44,9 +44,7 @@ import javax.xml.transform.TransformerFactoryConfigurationError; import javax.xml.transform.dom.DOMSource; import javax.xml.transform.stream.StreamResult; -import org.apache.log4j.Logger; import org.joda.time.DateTime; -import org.opensaml.Configuration; import org.opensaml.common.impl.SecureRandomIdentifierGenerator; import org.opensaml.common.xml.SAMLConstants; import org.opensaml.saml2.core.NameIDType; @@ -81,275 +79,274 @@ import at.gv.egovernment.moa.id.configuration.auth.pvp2.AttributeListBuilder; import at.gv.egovernment.moa.id.configuration.config.ConfigurationProvider; import at.gv.egovernment.moa.id.configuration.utils.SAML2Utils; import at.gv.egovernment.moa.util.MiscUtil; +import lombok.extern.slf4j.Slf4j; /** * Servlet implementation class BuildMetadata */ +@Slf4j public class BuildMetadata extends HttpServlet { - private static final long serialVersionUID = 1L; - - private static final Logger log = Logger.getLogger(BuildMetadata.class); - - private static final int VALIDUNTIL_IN_HOURS = 24; - - /** - * @see HttpServlet#HttpServlet() - */ - public BuildMetadata() { - super(); - } - - protected static Signature getSignature(Credential credentials) { - Signature signer = SAML2Utils.createSAMLObject(Signature.class); - signer.setSignatureAlgorithm(SignatureConstants.ALGO_ID_SIGNATURE_RSA_SHA256); - signer.setCanonicalizationAlgorithm(SignatureConstants.ALGO_ID_C14N_EXCL_OMIT_COMMENTS); - signer.setSigningCredential(credentials); - return signer; - } - - /** - * @see HttpServlet#doGet(HttpServletRequest request, HttpServletResponse - * response) - */ - protected void doGet(HttpServletRequest request, - HttpServletResponse response) throws ServletException, IOException { - try { - ConfigurationProvider config = ConfigurationProvider.getInstance(); - - //config.initializePVP2Login(); - - SecureRandomIdentifierGenerator idGen = new SecureRandomIdentifierGenerator(); - - EntitiesDescriptor spEntitiesDescriptor = SAML2Utils. - createSAMLObject(EntitiesDescriptor.class); - - DateTime date = new DateTime(); - spEntitiesDescriptor.setValidUntil(date.plusHours(VALIDUNTIL_IN_HOURS)); - - String name = config.getPVP2MetadataEntitiesName(); - if (MiscUtil.isEmpty(name)) { - log.info("NO Metadata EntitiesName configurated"); - throw new ConfigurationException("NO Metadata EntitiesName configurated"); - } - - spEntitiesDescriptor.setName(name); - spEntitiesDescriptor.setID(idGen.generateIdentifier()); - - EntityDescriptor spEntityDescriptor = SAML2Utils - .createSAMLObject(EntityDescriptor.class); - - spEntityDescriptor.setValidUntil(date.plusDays(VALIDUNTIL_IN_HOURS)); - - spEntitiesDescriptor.getEntityDescriptors().add(spEntityDescriptor); - - String serviceURL = config.getPublicUrlPreFix(request); - if (!serviceURL.endsWith("/")) - serviceURL = serviceURL + "/"; - - log.debug("Set OnlineApplicationURL to " + serviceURL); - spEntityDescriptor.setEntityID(serviceURL); - - SPSSODescriptor spSSODescriptor = SAML2Utils - .createSAMLObject(SPSSODescriptor.class); - - spSSODescriptor.setAuthnRequestsSigned(true); - spSSODescriptor.setWantAssertionsSigned(true); - - X509KeyInfoGeneratorFactory keyInfoFactory = new X509KeyInfoGeneratorFactory(); - keyInfoFactory.setEmitEntityCertificate(true); - KeyInfoGenerator keyInfoGenerator = keyInfoFactory.newInstance(); - - KeyStore keyStore = config.getPVP2KeyStore(); - - X509Credential signingcredential = new KeyStoreX509CredentialAdapter( - keyStore, - config.getPVP2KeystoreMetadataKeyAlias(), - config.getPVP2KeystoreMetadataKeyPassword().toCharArray()); - - - log.debug("Set Metadata key information"); - //Set MetaData Signing key - KeyDescriptor entitiesSignKeyDescriptor = SAML2Utils - .createSAMLObject(KeyDescriptor.class); - entitiesSignKeyDescriptor.setUse(UsageType.SIGNING); - entitiesSignKeyDescriptor.setKeyInfo(keyInfoGenerator.generate(signingcredential)); - Signature entitiesSignature = getSignature(signingcredential); - spEntitiesDescriptor.setSignature(entitiesSignature); - - //Set AuthRequest Signing certificate - X509Credential authcredential = new KeyStoreX509CredentialAdapter( - keyStore, - config.getPVP2KeystoreAuthRequestKeyAlias(), - config.getPVP2KeystoreAuthRequestKeyPassword().toCharArray()); - KeyDescriptor signKeyDescriptor = SAML2Utils - .createSAMLObject(KeyDescriptor.class); - signKeyDescriptor.setUse(UsageType.SIGNING); - signKeyDescriptor.setKeyInfo(keyInfoGenerator.generate(authcredential)); - spSSODescriptor.getKeyDescriptors().add(signKeyDescriptor); - - - //set AuthRequest encryption certificate - if (MiscUtil.isNotEmpty(config.getPVP2KeystoreAuthRequestEncryptionKeyAlias())) { - X509Credential authEncCredential = new KeyStoreX509CredentialAdapter( - keyStore, - config.getPVP2KeystoreAuthRequestEncryptionKeyAlias(), - config.getPVP2KeystoreAuthRequestEncryptionKeyPassword().toCharArray()); - KeyDescriptor encryKeyDescriptor = SAML2Utils - .createSAMLObject(KeyDescriptor.class); - encryKeyDescriptor.setUse(UsageType.ENCRYPTION); - encryKeyDescriptor.setKeyInfo(keyInfoGenerator.generate(authEncCredential)); - spSSODescriptor.getKeyDescriptors().add(encryKeyDescriptor); - - } else { - log.warn("No Assertion Encryption-Key defined. This setting is not recommended!"); - - } - - - NameIDFormat persistentnameIDFormat = SAML2Utils.createSAMLObject(NameIDFormat.class); - persistentnameIDFormat.setFormat(NameIDType.PERSISTENT); - - spSSODescriptor.getNameIDFormats().add(persistentnameIDFormat); - - NameIDFormat transientnameIDFormat = SAML2Utils.createSAMLObject(NameIDFormat.class); - transientnameIDFormat.setFormat(NameIDType.TRANSIENT); - - spSSODescriptor.getNameIDFormats().add(transientnameIDFormat); - - NameIDFormat unspecifiednameIDFormat = SAML2Utils.createSAMLObject(NameIDFormat.class); - unspecifiednameIDFormat.setFormat(NameIDType.UNSPECIFIED); - - spSSODescriptor.getNameIDFormats().add(unspecifiednameIDFormat); - - AssertionConsumerService postassertionConsumerService = - SAML2Utils.createSAMLObject(AssertionConsumerService.class); - - postassertionConsumerService.setIndex(0); - postassertionConsumerService.setBinding(SAMLConstants.SAML2_POST_BINDING_URI); - postassertionConsumerService.setLocation(serviceURL + Constants.SERVLET_PVP2ASSERTION); - - spSSODescriptor.getAssertionConsumerServices().add(postassertionConsumerService); - - - //add SLO services - SingleLogoutService postBindingService = SAML2Utils.createSAMLObject(SingleLogoutService.class); - postBindingService.setBinding(SAMLConstants.SAML2_POST_BINDING_URI); - postBindingService.setLocation(serviceURL + Constants.SERVLET_SLO_FRONT); - spSSODescriptor.getSingleLogoutServices().add(postBindingService); - - SingleLogoutService redirectBindingService = SAML2Utils.createSAMLObject(SingleLogoutService.class); - redirectBindingService.setBinding(SAMLConstants.SAML2_REDIRECT_BINDING_URI); - redirectBindingService.setLocation(serviceURL + Constants.SERVLET_SLO_FRONT); - spSSODescriptor.getSingleLogoutServices().add(redirectBindingService); - - SingleLogoutService soapBindingService = SAML2Utils.createSAMLObject(SingleLogoutService.class); - soapBindingService.setBinding(SAMLConstants.SAML2_SOAP11_BINDING_URI); - soapBindingService.setLocation(serviceURL + Constants.SERVLET_SLO_BACK); - spSSODescriptor.getSingleLogoutServices().add(soapBindingService); - - spSSODescriptor.addSupportedProtocol(SAMLConstants.SAML20P_NS); - - spEntityDescriptor.getRoleDescriptors().add(spSSODescriptor); - - spSSODescriptor.setWantAssertionsSigned(true); - spSSODescriptor.setAuthnRequestsSigned(true); - - AttributeConsumingService attributeService = - SAML2Utils.createSAMLObject(AttributeConsumingService.class); - - attributeService.setIndex(0); - attributeService.setIsDefault(true); - ServiceName serviceName = SAML2Utils.createSAMLObject(ServiceName.class); - serviceName.setName(new LocalizedString("Default Service", "de")); - attributeService.getNames().add(serviceName); - - attributeService.getRequestAttributes().addAll(AttributeListBuilder.getRequestedAttributes()); - - spSSODescriptor.getAttributeConsumingServices().add(attributeService); - - DocumentBuilder builder; - DocumentBuilderFactory factory = DocumentBuilderFactory.newInstance(); - - builder = factory.newDocumentBuilder(); - Document document = builder.newDocument(); - Marshaller out = Configuration.getMarshallerFactory().getMarshaller(spEntitiesDescriptor); - out.marshall(spEntitiesDescriptor, document); - - Signer.signObject(entitiesSignature); - - Transformer transformer = TransformerFactory.newInstance().newTransformer(); - - StringWriter sw = new StringWriter(); - StreamResult sr = new StreamResult(sw); - DOMSource source = new DOMSource(document); - transformer.transform(source, sr); - sw.close(); - - byte[] metadataXML = sw.toString().getBytes("UTF-8"); - - response.setContentType("text/xml"); - response.setContentLength(metadataXML.length); - response.getOutputStream().write(metadataXML); - - - } catch (ConfigurationException e) { - log.warn("Configuration can not be loaded.", e); - throw new ServletException("MetaData can not be created. Look into LogFiles for more details."); - - } catch (NoSuchAlgorithmException e) { - log.warn("Requested Algorithm could not found.", e); - throw new ServletException("MetaData can not be created. Look into LogFiles for more details."); - - } catch (KeyStoreException e) { - log.warn("Requested KeyStoreType is not implemented.", e); - throw new ServletException("MetaData can not be created. Look into LogFiles for more details."); - - } catch (CertificateException e) { - log.warn("KeyStore can not be opend or userd.", e); - throw new ServletException("MetaData can not be created. Look into LogFiles for more details."); - - } catch (SecurityException e) { - log.warn("KeyStore can not be opend or used", e); - throw new ServletException("MetaData can not be created. Look into LogFiles for more details."); - - } catch (ParserConfigurationException e) { - log.warn("PVP2 Metadata createn error", e); - throw new ServletException("MetaData can not be created. Look into LogFiles for more details."); - - } catch (MarshallingException e) { - log.warn("PVP2 Metadata createn error", e); - throw new ServletException("MetaData can not be created. Look into LogFiles for more details."); - - } catch (SignatureException e) { - log.warn("PVP2 Metadata can not be signed", e); - throw new ServletException("MetaData can not be created. Look into LogFiles for more details."); - - } catch (TransformerConfigurationException e) { - log.warn("PVP2 Metadata createn error", e); - throw new ServletException("MetaData can not be created. Look into LogFiles for more details."); - - } catch (TransformerFactoryConfigurationError e) { - log.warn("PVP2 Metadata createn error", e); - throw new ServletException("MetaData can not be created. Look into LogFiles for more details."); - - } catch (TransformerException e) { - log.warn("PVP2 Metadata createn error", e); - throw new ServletException("MetaData can not be created. Look into LogFiles for more details."); - } - - catch (Exception e) { - log.warn("Unspecific PVP2 Metadata createn error", e); - throw new ServletException("MetaData can not be created. Look into LogFiles for more details."); - } - - } - - /** - * @see HttpServlet#doPost(HttpServletRequest request, HttpServletResponse - * response) - */ - protected void doPost(HttpServletRequest request, - HttpServletResponse response) throws ServletException, IOException { - } + private static final long serialVersionUID = 1L; + + private static final int VALIDUNTIL_IN_HOURS = 24; + + /** + * @see HttpServlet#HttpServlet() + */ + public BuildMetadata() { + super(); + } + + protected static Signature getSignature(Credential credentials) { + final Signature signer = SAML2Utils.createSAMLObject(Signature.class); + signer.setSignatureAlgorithm(SignatureConstants.ALGO_ID_SIGNATURE_RSA_SHA256); + signer.setCanonicalizationAlgorithm(SignatureConstants.ALGO_ID_C14N_EXCL_OMIT_COMMENTS); + signer.setSigningCredential(credentials); + return signer; + } + + /** + * @see HttpServlet#doGet(HttpServletRequest request, HttpServletResponse + * response) + */ + @Override + protected void doGet(HttpServletRequest request, + HttpServletResponse response) throws ServletException, IOException { + try { + final ConfigurationProvider config = ConfigurationProvider.getInstance(); + + // config.initializePVP2Login(); + + final SecureRandomIdentifierGenerator idGen = new SecureRandomIdentifierGenerator(); + + final EntitiesDescriptor spEntitiesDescriptor = SAML2Utils.createSAMLObject(EntitiesDescriptor.class); + + final DateTime date = new DateTime(); + spEntitiesDescriptor.setValidUntil(date.plusHours(VALIDUNTIL_IN_HOURS)); + + final String name = config.getPVP2MetadataEntitiesName(); + if (MiscUtil.isEmpty(name)) { + log.info("NO Metadata EntitiesName configurated"); + throw new ConfigurationException("NO Metadata EntitiesName configurated"); + } + + spEntitiesDescriptor.setName(name); + spEntitiesDescriptor.setID(idGen.generateIdentifier()); + + final EntityDescriptor spEntityDescriptor = SAML2Utils + .createSAMLObject(EntityDescriptor.class); + + spEntityDescriptor.setValidUntil(date.plusDays(VALIDUNTIL_IN_HOURS)); + + spEntitiesDescriptor.getEntityDescriptors().add(spEntityDescriptor); + + String serviceURL = config.getPublicUrlPreFix(request); + if (!serviceURL.endsWith("/")) { + serviceURL = serviceURL + "/"; + } + + log.debug("Set OnlineApplicationURL to " + serviceURL); + spEntityDescriptor.setEntityID(serviceURL); + + final SPSSODescriptor spSSODescriptor = SAML2Utils + .createSAMLObject(SPSSODescriptor.class); + + spSSODescriptor.setAuthnRequestsSigned(true); + spSSODescriptor.setWantAssertionsSigned(true); + + final X509KeyInfoGeneratorFactory keyInfoFactory = new X509KeyInfoGeneratorFactory(); + keyInfoFactory.setEmitEntityCertificate(true); + final KeyInfoGenerator keyInfoGenerator = keyInfoFactory.newInstance(); + + final KeyStore keyStore = config.getPVP2KeyStore(); + + final X509Credential signingcredential = new KeyStoreX509CredentialAdapter( + keyStore, + config.getPVP2KeystoreMetadataKeyAlias(), + config.getPVP2KeystoreMetadataKeyPassword().toCharArray()); + + log.debug("Set Metadata key information"); + // Set MetaData Signing key + final KeyDescriptor entitiesSignKeyDescriptor = SAML2Utils + .createSAMLObject(KeyDescriptor.class); + entitiesSignKeyDescriptor.setUse(UsageType.SIGNING); + entitiesSignKeyDescriptor.setKeyInfo(keyInfoGenerator.generate(signingcredential)); + final Signature entitiesSignature = getSignature(signingcredential); + spEntitiesDescriptor.setSignature(entitiesSignature); + + // Set AuthRequest Signing certificate + final X509Credential authcredential = new KeyStoreX509CredentialAdapter( + keyStore, + config.getPVP2KeystoreAuthRequestKeyAlias(), + config.getPVP2KeystoreAuthRequestKeyPassword().toCharArray()); + final KeyDescriptor signKeyDescriptor = SAML2Utils + .createSAMLObject(KeyDescriptor.class); + signKeyDescriptor.setUse(UsageType.SIGNING); + signKeyDescriptor.setKeyInfo(keyInfoGenerator.generate(authcredential)); + spSSODescriptor.getKeyDescriptors().add(signKeyDescriptor); + + // set AuthRequest encryption certificate + if (MiscUtil.isNotEmpty(config.getPVP2KeystoreAuthRequestEncryptionKeyAlias())) { + final X509Credential authEncCredential = new KeyStoreX509CredentialAdapter( + keyStore, + config.getPVP2KeystoreAuthRequestEncryptionKeyAlias(), + config.getPVP2KeystoreAuthRequestEncryptionKeyPassword().toCharArray()); + final KeyDescriptor encryKeyDescriptor = SAML2Utils + .createSAMLObject(KeyDescriptor.class); + encryKeyDescriptor.setUse(UsageType.ENCRYPTION); + encryKeyDescriptor.setKeyInfo(keyInfoGenerator.generate(authEncCredential)); + spSSODescriptor.getKeyDescriptors().add(encryKeyDescriptor); + + } else { + log.warn("No Assertion Encryption-Key defined. This setting is not recommended!"); + + } + + final NameIDFormat persistentnameIDFormat = SAML2Utils.createSAMLObject(NameIDFormat.class); + persistentnameIDFormat.setFormat(NameIDType.PERSISTENT); + + spSSODescriptor.getNameIDFormats().add(persistentnameIDFormat); + + final NameIDFormat transientnameIDFormat = SAML2Utils.createSAMLObject(NameIDFormat.class); + transientnameIDFormat.setFormat(NameIDType.TRANSIENT); + + spSSODescriptor.getNameIDFormats().add(transientnameIDFormat); + + final NameIDFormat unspecifiednameIDFormat = SAML2Utils.createSAMLObject(NameIDFormat.class); + unspecifiednameIDFormat.setFormat(NameIDType.UNSPECIFIED); + + spSSODescriptor.getNameIDFormats().add(unspecifiednameIDFormat); + + final AssertionConsumerService postassertionConsumerService = + SAML2Utils.createSAMLObject(AssertionConsumerService.class); + + postassertionConsumerService.setIndex(0); + postassertionConsumerService.setBinding(SAMLConstants.SAML2_POST_BINDING_URI); + postassertionConsumerService.setLocation(serviceURL + Constants.SERVLET_PVP2ASSERTION); + + spSSODescriptor.getAssertionConsumerServices().add(postassertionConsumerService); + + // add SLO services + final SingleLogoutService postBindingService = SAML2Utils.createSAMLObject(SingleLogoutService.class); + postBindingService.setBinding(SAMLConstants.SAML2_POST_BINDING_URI); + postBindingService.setLocation(serviceURL + Constants.SERVLET_SLO_FRONT); + spSSODescriptor.getSingleLogoutServices().add(postBindingService); + + final SingleLogoutService redirectBindingService = SAML2Utils.createSAMLObject( + SingleLogoutService.class); + redirectBindingService.setBinding(SAMLConstants.SAML2_REDIRECT_BINDING_URI); + redirectBindingService.setLocation(serviceURL + Constants.SERVLET_SLO_FRONT); + spSSODescriptor.getSingleLogoutServices().add(redirectBindingService); + + final SingleLogoutService soapBindingService = SAML2Utils.createSAMLObject(SingleLogoutService.class); + soapBindingService.setBinding(SAMLConstants.SAML2_SOAP11_BINDING_URI); + soapBindingService.setLocation(serviceURL + Constants.SERVLET_SLO_BACK); + spSSODescriptor.getSingleLogoutServices().add(soapBindingService); + + spSSODescriptor.addSupportedProtocol(SAMLConstants.SAML20P_NS); + + spEntityDescriptor.getRoleDescriptors().add(spSSODescriptor); + + spSSODescriptor.setWantAssertionsSigned(true); + spSSODescriptor.setAuthnRequestsSigned(true); + + final AttributeConsumingService attributeService = + SAML2Utils.createSAMLObject(AttributeConsumingService.class); + + attributeService.setIndex(0); + attributeService.setIsDefault(true); + final ServiceName serviceName = SAML2Utils.createSAMLObject(ServiceName.class); + serviceName.setName(new LocalizedString("Default Service", "de")); + attributeService.getNames().add(serviceName); + + attributeService.getRequestAttributes().addAll(AttributeListBuilder.getRequestedAttributes()); + + spSSODescriptor.getAttributeConsumingServices().add(attributeService); + + DocumentBuilder builder; + final DocumentBuilderFactory factory = DocumentBuilderFactory.newInstance(); + + builder = factory.newDocumentBuilder(); + final Document document = builder.newDocument(); + final Marshaller out = org.opensaml.xml.Configuration.getMarshallerFactory().getMarshaller( + spEntitiesDescriptor); + out.marshall(spEntitiesDescriptor, document); + + Signer.signObject(entitiesSignature); + + final Transformer transformer = TransformerFactory.newInstance().newTransformer(); + + final StringWriter sw = new StringWriter(); + final StreamResult sr = new StreamResult(sw); + final DOMSource source = new DOMSource(document); + transformer.transform(source, sr); + sw.close(); + + final byte[] metadataXML = sw.toString().getBytes("UTF-8"); + + response.setContentType("text/xml"); + response.setContentLength(metadataXML.length); + response.getOutputStream().write(metadataXML); + + } catch (final ConfigurationException e) { + log.warn("Configuration can not be loaded.", e); + throw new ServletException("MetaData can not be created. Look into LogFiles for more details."); + + } catch (final NoSuchAlgorithmException e) { + log.warn("Requested Algorithm could not found.", e); + throw new ServletException("MetaData can not be created. Look into LogFiles for more details."); + + } catch (final KeyStoreException e) { + log.warn("Requested KeyStoreType is not implemented.", e); + throw new ServletException("MetaData can not be created. Look into LogFiles for more details."); + + } catch (final CertificateException e) { + log.warn("KeyStore can not be opend or userd.", e); + throw new ServletException("MetaData can not be created. Look into LogFiles for more details."); + + } catch (final SecurityException e) { + log.warn("KeyStore can not be opend or used", e); + throw new ServletException("MetaData can not be created. Look into LogFiles for more details."); + + } catch (final ParserConfigurationException e) { + log.warn("PVP2 Metadata createn error", e); + throw new ServletException("MetaData can not be created. Look into LogFiles for more details."); + + } catch (final MarshallingException e) { + log.warn("PVP2 Metadata createn error", e); + throw new ServletException("MetaData can not be created. Look into LogFiles for more details."); + + } catch (final SignatureException e) { + log.warn("PVP2 Metadata can not be signed", e); + throw new ServletException("MetaData can not be created. Look into LogFiles for more details."); + + } catch (final TransformerConfigurationException e) { + log.warn("PVP2 Metadata createn error", e); + throw new ServletException("MetaData can not be created. Look into LogFiles for more details."); + + } catch (final TransformerFactoryConfigurationError e) { + log.warn("PVP2 Metadata createn error", e); + throw new ServletException("MetaData can not be created. Look into LogFiles for more details."); + + } catch (final TransformerException e) { + log.warn("PVP2 Metadata createn error", e); + throw new ServletException("MetaData can not be created. Look into LogFiles for more details."); + } + + catch (final Exception e) { + log.warn("Unspecific PVP2 Metadata createn error", e); + throw new ServletException("MetaData can not be created. Look into LogFiles for more details."); + } + + } + + /** + * @see HttpServlet#doPost(HttpServletRequest request, HttpServletResponse + * response) + */ + @Override + protected void doPost(HttpServletRequest request, + HttpServletResponse response) throws ServletException, IOException { + } } diff --git a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/auth/pvp2/servlets/SLOBackChannelServlet.java b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/auth/pvp2/servlets/SLOBackChannelServlet.java index f2c95f391..01bf39696 100644 --- a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/auth/pvp2/servlets/SLOBackChannelServlet.java +++ b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/auth/pvp2/servlets/SLOBackChannelServlet.java @@ -64,111 +64,116 @@ import at.gv.egovernment.moa.id.configuration.auth.pvp2.PVP2Utils; */ public class SLOBackChannelServlet extends SLOBasicServlet { - private static final long serialVersionUID = 1481623547633064922L; - private static final Logger log = LoggerFactory - .getLogger(SLOBackChannelServlet.class); - - /** - * @throws ConfigurationException - */ - public SLOBackChannelServlet() throws ConfigurationException { - super(); - } - - - protected void doPost(HttpServletRequest request, - HttpServletResponse response) throws ServletException, IOException { - - try { - HTTPSOAP11Decoder soapDecoder = new HTTPSOAP11Decoder(new BasicParserPool()); - - BasicSOAPMessageContext messageContext = new BasicSOAPMessageContext(); - -// BasicSAMLMessageContext messageContext = + private static final long serialVersionUID = 1481623547633064922L; + private static final Logger log = LoggerFactory + .getLogger(SLOBackChannelServlet.class); + + /** + * @throws ConfigurationException + */ + public SLOBackChannelServlet() throws ConfigurationException { + super(); + } + + @Override + protected void doPost(HttpServletRequest request, + HttpServletResponse response) throws ServletException, IOException { + + try { + final HTTPSOAP11Decoder soapDecoder = new HTTPSOAP11Decoder(new BasicParserPool()); + + final BasicSOAPMessageContext messageContext = new BasicSOAPMessageContext(); + +// BasicSAMLMessageContext messageContext = // new BasicSAMLMessageContext(); - - messageContext.setInboundMessageTransport(new HttpServletRequestAdapter(request)); - //messageContext.setMetadataProvider(getConfig().getMetaDataProvier()); - - //set trustPolicy + messageContext.setInboundMessageTransport(new HttpServletRequestAdapter(request)); + + // messageContext.setMetadataProvider(getConfig().getMetaDataProvier()); + + // set trustPolicy // BasicSecurityPolicy policy = new BasicSecurityPolicy(); // policy.getPolicyRules().add( // new PVPSOAPRequestSecurityPolicy( // PVP2Utils.getTrustEngine(getConfig()), -// IDPSSODescriptor.DEFAULT_ELEMENT_NAME)); +// IDPSSODescriptor.DEFAULT_ELEMENT_NAME)); // SecurityPolicyResolver resolver = new StaticSecurityPolicyResolver( -// policy); +// policy); // messageContext.setSecurityPolicyResolver(resolver); - - soapDecoder.decode(messageContext); - - Envelope inboundMessage = (Envelope) messageContext - .getInboundMessage(); - - LogoutResponse sloResp = null; - - if (inboundMessage.getBody() != null) { - List xmlElemList = inboundMessage.getBody().getUnknownXMLObjects(); - - if (!xmlElemList.isEmpty() && xmlElemList.get(0) instanceof LogoutRequest) { - LogoutRequest sloReq = (LogoutRequest) xmlElemList.get(0); - - //validate request signature - PVP2Utils.validateSignature(sloReq, getConfig()); - - sloResp = processLogOutRequest(sloReq, request); - - KeyStore keyStore = getConfig().getPVP2KeyStore(); - X509Credential authcredential = new KeyStoreX509CredentialAdapter( - keyStore, - getConfig().getPVP2KeystoreAuthRequestKeyAlias(), - getConfig().getPVP2KeystoreAuthRequestKeyPassword().toCharArray()); - - HTTPSOAP11Encoder encoder = new HTTPSOAP11Encoder(); - HttpServletResponseAdapter responseAdapter = new HttpServletResponseAdapter( - response, true); - BasicSAMLMessageContext context = new BasicSAMLMessageContext(); - context.setOutboundSAMLMessageSigningCredential(authcredential); - context.setOutboundSAMLMessage(sloResp); - context.setOutboundMessageTransport(responseAdapter); - - encoder.encode(context); - - } else { - log.warn("Received request ist not of type LogOutRequest"); - response.setStatus(HttpServletResponse.SC_BAD_REQUEST); - return; - - } - } - - } catch (MessageDecodingException | SecurityException | NoSuchAlgorithmException | ConfigurationException | ValidationException e) { - log.error("SLO message processing FAILED." , e); - response.sendError(HttpServletResponse.SC_INTERNAL_SERVER_ERROR, StringEscapeUtils.escapeHtml(e.getMessage())); - - } catch (CertificateException e) { - log.error("SLO message processing FAILED." , e); - response.sendError(HttpServletResponse.SC_INTERNAL_SERVER_ERROR, StringEscapeUtils.escapeHtml(e.getMessage())); - - } catch (KeyStoreException e) { - log.error("SLO message processing FAILED." , e); - response.sendError(HttpServletResponse.SC_INTERNAL_SERVER_ERROR, StringEscapeUtils.escapeHtml(e.getMessage())); - - } catch (MessageEncodingException e) { - log.error("SLO message processing FAILED." , e); - response.sendError(HttpServletResponse.SC_INTERNAL_SERVER_ERROR, StringEscapeUtils.escapeHtml(e.getMessage())); - - } - - - - } - - protected void doGet(HttpServletRequest request, - HttpServletResponse response) throws ServletException, IOException { - response.setStatus(HttpServletResponse.SC_NOT_FOUND); - - } - + + soapDecoder.decode(messageContext); + + final Envelope inboundMessage = (Envelope) messageContext + .getInboundMessage(); + + LogoutResponse sloResp = null; + + if (inboundMessage.getBody() != null) { + final List xmlElemList = inboundMessage.getBody().getUnknownXMLObjects(); + + if (!xmlElemList.isEmpty() && xmlElemList.get(0) instanceof LogoutRequest) { + final LogoutRequest sloReq = (LogoutRequest) xmlElemList.get(0); + + // validate request signature + PVP2Utils.validateSignature(sloReq, getConfig()); + + sloResp = processLogOutRequest(sloReq, request); + + final KeyStore keyStore = getConfig().getPVP2KeyStore(); + final X509Credential authcredential = new KeyStoreX509CredentialAdapter( + keyStore, + getConfig().getPVP2KeystoreAuthRequestKeyAlias(), + getConfig().getPVP2KeystoreAuthRequestKeyPassword().toCharArray()); + + final HTTPSOAP11Encoder encoder = new HTTPSOAP11Encoder(); + final HttpServletResponseAdapter responseAdapter = new HttpServletResponseAdapter( + response, true); + final BasicSAMLMessageContext context = + new BasicSAMLMessageContext<>(); + context.setOutboundSAMLMessageSigningCredential(authcredential); + context.setOutboundSAMLMessage(sloResp); + context.setOutboundMessageTransport(responseAdapter); + + encoder.encode(context); + + } else { + log.warn("Received request ist not of type LogOutRequest"); + response.setStatus(HttpServletResponse.SC_BAD_REQUEST); + return; + + } + } + + } catch (MessageDecodingException | SecurityException | NoSuchAlgorithmException | ConfigurationException + | ValidationException e) { + log.error("SLO message processing FAILED.", e); + response.sendError(HttpServletResponse.SC_INTERNAL_SERVER_ERROR, StringEscapeUtils.escapeHtml(e + .getMessage())); + + } catch (final CertificateException e) { + log.error("SLO message processing FAILED.", e); + response.sendError(HttpServletResponse.SC_INTERNAL_SERVER_ERROR, StringEscapeUtils.escapeHtml(e + .getMessage())); + + } catch (final KeyStoreException e) { + log.error("SLO message processing FAILED.", e); + response.sendError(HttpServletResponse.SC_INTERNAL_SERVER_ERROR, StringEscapeUtils.escapeHtml(e + .getMessage())); + + } catch (final MessageEncodingException e) { + log.error("SLO message processing FAILED.", e); + response.sendError(HttpServletResponse.SC_INTERNAL_SERVER_ERROR, StringEscapeUtils.escapeHtml(e + .getMessage())); + + } + + } + + @Override + protected void doGet(HttpServletRequest request, + HttpServletResponse response) throws ServletException, IOException { + response.setStatus(HttpServletResponse.SC_NOT_FOUND); + + } + } diff --git a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/auth/pvp2/servlets/SLOBasicServlet.java b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/auth/pvp2/servlets/SLOBasicServlet.java index c70d34d7e..a880e800b 100644 --- a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/auth/pvp2/servlets/SLOBasicServlet.java +++ b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/auth/pvp2/servlets/SLOBasicServlet.java @@ -62,217 +62,226 @@ import at.gv.egovernment.moa.util.MiscUtil; * */ public class SLOBasicServlet extends HttpServlet { - private static final long serialVersionUID = -4547240664871845098L; - private static final Logger log = LoggerFactory - .getLogger(SLOBasicServlet.class); - - private ConfigurationProvider config; - - public SLOBasicServlet() throws ConfigurationException { - config = ConfigurationProvider.getInstance(); - config.initializePVP2Login(); - } - - protected LogoutRequest createLogOutRequest(String nameID, String nameIDFormat, HttpServletRequest request) throws SLOException { - try { - LogoutRequest sloReq = SAML2Utils.createSAMLObject(LogoutRequest.class); - SecureRandomIdentifierGenerator gen = new SecureRandomIdentifierGenerator(); - sloReq.setID(gen.generateIdentifier()); - sloReq.setIssueInstant(new DateTime()); - NameID name = SAML2Utils.createSAMLObject(NameID.class); - Issuer issuer = SAML2Utils.createSAMLObject(Issuer.class); - - String serviceURL = config.getPublicUrlPreFix(request); - if (!serviceURL.endsWith("/")) - serviceURL = serviceURL + "/"; - name.setValue(serviceURL); - issuer.setValue(serviceURL); - issuer.setFormat(NameIDType.ENTITY); - sloReq.setIssuer(issuer); - - NameID userNameID = SAML2Utils.createSAMLObject(NameID.class); - sloReq.setNameID(userNameID); - userNameID.setFormat(nameIDFormat); - userNameID.setValue(nameID); - - return sloReq; - - } catch (NoSuchAlgorithmException e) { - log.warn("Single LogOut request createn FAILED. ", e); - throw new SLOException(); - - } - - } - - protected LogoutResponse processLogOutRequest(LogoutRequest sloReq, HttpServletRequest request) throws NoSuchAlgorithmException { - //check response destination - String serviceURL = config.getPublicUrlPreFix(request); - if (!serviceURL.endsWith("/")) - serviceURL = serviceURL + "/"; - - String responseDestination = sloReq.getDestination(); - if (MiscUtil.isEmpty(responseDestination) || - !responseDestination.startsWith(serviceURL)) { - log.warn("PVPResponse destination does not match requested destination"); - return createSLOResponse(sloReq, StatusCode.REQUESTER_URI, request); - } - - AuthenticationManager authManager = AuthenticationManager.getInstance(); - if (authManager.isActiveUser(sloReq.getNameID().getValue())) { - AuthenticatedUser authUser = authManager.getActiveUser(sloReq.getNameID().getValue()); - log.info("User " + authUser.getGivenName() + " " + authUser.getFamilyName() + " with nameID:" - + authUser.getNameID() + " get logged out by Single LogOut request."); - authManager.removeActiveUser(authUser); - HttpSession session = request.getSession(false); - if (session != null) - session.invalidate(); - return createSLOResponse(sloReq, StatusCode.SUCCESS_URI, request); - - } else { - log.debug("Single LogOut not possible! User with nameID:" + sloReq.getNameID().getValue() + " is not found."); - return createSLOResponse(sloReq, StatusCode.SUCCESS_URI, request); - - } - - } - - protected LogoutResponse createSLOResponse(LogoutRequest sloReq, String statusCodeURI, HttpServletRequest request) throws NoSuchAlgorithmException { - LogoutResponse sloResp = SAML2Utils.createSAMLObject(LogoutResponse.class); - SecureRandomIdentifierGenerator gen = new SecureRandomIdentifierGenerator(); - sloResp.setID(gen.generateIdentifier()); - sloResp.setInResponseTo(sloReq.getID()); - sloResp.setIssueInstant(new DateTime()); - NameID name = SAML2Utils.createSAMLObject(NameID.class); - Issuer issuer = SAML2Utils.createSAMLObject(Issuer.class); - - String serviceURL = config.getPublicUrlPreFix(request); - if (!serviceURL.endsWith("/")) - serviceURL = serviceURL + "/"; - name.setValue(serviceURL); - issuer.setValue(serviceURL); - issuer.setFormat(NameIDType.ENTITY); - sloResp.setIssuer(issuer); - - Status status = SAML2Utils.createSAMLObject(Status.class); - sloResp.setStatus(status); - StatusCode statusCode = SAML2Utils.createSAMLObject(StatusCode.class); - statusCode.setValue(statusCodeURI); - status.setStatusCode(statusCode ); - - return sloResp; - } - - protected void validateLogOutResponse(LogoutResponse sloResp, String reqID, HttpServletRequest request, HttpServletResponse response) throws PVP2Exception { - //ckeck InResponseTo matchs requestID - if (MiscUtil.isEmpty(reqID)) { - log.info("NO Sigle LogOut request ID"); - throw new PVP2Exception("NO Sigle LogOut request ID"); - } - - if (!reqID.equals(sloResp.getInResponseTo())) { - log.warn("SLORequestID does not match SLO Response ID!"); - throw new PVP2Exception("SLORequestID does not match SLO Response ID!"); - - } - - //check response destination - String serviceURL = config.getPublicUrlPreFix(request); - if (!serviceURL.endsWith("/")) - serviceURL = serviceURL + "/"; - - String responseDestination = sloResp.getDestination(); - if (MiscUtil.isEmpty(responseDestination) || - !responseDestination.startsWith(serviceURL)) { - log.warn("PVPResponse destination does not match requested destination"); - throw new PVP2Exception("SLO response destination does not match requested destination"); - } - - request.getSession().invalidate(); - - if (sloResp.getStatus().getStatusCode().getValue().equals(StatusCode.PARTIAL_LOGOUT_URI)) { - log.warn("Single LogOut process is not completed."); - request.getSession().setAttribute(Constants.SESSION_SLOERROR, - LanguageHelper.getErrorString("webpages.slo.error", request)); - - - } else if (sloResp.getStatus().getStatusCode().getValue().equals(StatusCode.SUCCESS_URI)) { - - if (sloResp.getStatus().getStatusCode().getStatusCode() != null && - !sloResp.getStatus().getStatusCode().getStatusCode().equals(StatusCode.PARTIAL_LOGOUT_URI)) { - log.info("Single LogOut process complete."); - request.getSession().setAttribute(Constants.SESSION_SLOSUCCESS, - LanguageHelper.getErrorString("webpages.slo.success", request)); - - } else { - log.warn("Single LogOut process is not completed."); - request.getSession().setAttribute(Constants.SESSION_SLOERROR, - LanguageHelper.getErrorString("webpages.slo.error", request)); - - } - - } else { - log.warn("Single LogOut response sends an unsupported statustype " + sloResp.getStatus().getStatusCode().getValue()); - request.getSession().setAttribute(Constants.SESSION_SLOERROR, - LanguageHelper.getErrorString("webpages.slo.error", request)); - - } - String redirectURL = serviceURL + Constants.SERVLET_LOGOUT; - redirectURL = response.encodeRedirectURL(redirectURL); - response.setContentType("text/html"); - response.setStatus(302); - response.addHeader("Location", redirectURL); - - } - - protected SingleLogoutService findIDPFrontChannelSLOService() throws - ConfigurationException, SLOException { - - String entityname = config.getPVP2IDPMetadataEntityName(); - if (MiscUtil.isEmpty(entityname)) { - log.info("No IDP EntityName configurated"); - throw new ConfigurationException("No IDP EntityName configurated"); - } - - //get IDP metadata from metadataprovider - HTTPMetadataProvider idpmetadata = config.getMetaDataProvier(); - try { - EntityDescriptor idpEntity = idpmetadata.getEntityDescriptor(entityname); - if (idpEntity == null) { - log.info("IDP EntityName is not found in IDP Metadata"); - throw new ConfigurationException("IDP EntityName is not found in IDP Metadata"); - - } - - //select authentication-service url from metadata - SingleLogoutService redirectEndpoint = null; - for (SingleLogoutService sss : - idpEntity.getIDPSSODescriptor(SAMLConstants.SAML20P_NS).getSingleLogoutServices()) { - - //Get the service address for the binding you wish to use - if (sss.getBinding().equals(SAMLConstants.SAML2_REDIRECT_BINDING_URI)) - redirectEndpoint = sss; - - else if (sss.getBinding().equals(SAMLConstants.SAML2_POST_BINDING_URI) && - redirectEndpoint == null) - redirectEndpoint = sss; - } - - if (redirectEndpoint == null) { - log.warn("Single LogOut FAILED: IDP implements no frontchannel SLO service."); - throw new SLOException("Single LogOut FAILED: IDP implements no frontchannel SLO service."); - } - - return redirectEndpoint; - } catch (MetadataProviderException e) { - log.info("IDP EntityName is not found in IDP Metadata", e); - throw new ConfigurationException("IDP EntityName is not found in IDP Metadata"); - - } - } - - protected ConfigurationProvider getConfig() { - return config; - } + private static final long serialVersionUID = -4547240664871845098L; + private static final Logger log = LoggerFactory + .getLogger(SLOBasicServlet.class); + + private final ConfigurationProvider config; + + public SLOBasicServlet() throws ConfigurationException { + config = ConfigurationProvider.getInstance(); + config.initializePVP2Login(); + } + + protected LogoutRequest createLogOutRequest(String nameID, String nameIDFormat, HttpServletRequest request) + throws SLOException { + try { + final LogoutRequest sloReq = SAML2Utils.createSAMLObject(LogoutRequest.class); + final SecureRandomIdentifierGenerator gen = new SecureRandomIdentifierGenerator(); + sloReq.setID(gen.generateIdentifier()); + sloReq.setIssueInstant(new DateTime()); + final NameID name = SAML2Utils.createSAMLObject(NameID.class); + final Issuer issuer = SAML2Utils.createSAMLObject(Issuer.class); + + String serviceURL = config.getPublicUrlPreFix(request); + if (!serviceURL.endsWith("/")) { + serviceURL = serviceURL + "/"; + } + name.setValue(serviceURL); + issuer.setValue(serviceURL); + issuer.setFormat(NameIDType.ENTITY); + sloReq.setIssuer(issuer); + + final NameID userNameID = SAML2Utils.createSAMLObject(NameID.class); + sloReq.setNameID(userNameID); + userNameID.setFormat(nameIDFormat); + userNameID.setValue(nameID); + + return sloReq; + + } catch (final NoSuchAlgorithmException e) { + log.warn("Single LogOut request createn FAILED. ", e); + throw new SLOException(); + + } + + } + + protected LogoutResponse processLogOutRequest(LogoutRequest sloReq, HttpServletRequest request) + throws NoSuchAlgorithmException { + // check response destination + String serviceURL = config.getPublicUrlPreFix(request); + if (!serviceURL.endsWith("/")) { + serviceURL = serviceURL + "/"; + } + + final String responseDestination = sloReq.getDestination(); + if (MiscUtil.isEmpty(responseDestination) || + !responseDestination.startsWith(serviceURL)) { + log.warn("PVPResponse destination does not match requested destination"); + return createSLOResponse(sloReq, StatusCode.REQUESTER_URI, request); + } + + final AuthenticationManager authManager = AuthenticationManager.getInstance(); + if (authManager.isActiveUser(sloReq.getNameID().getValue())) { + final AuthenticatedUser authUser = authManager.getActiveUser(sloReq.getNameID().getValue()); + log.info("User " + authUser.getGivenName() + " " + authUser.getFamilyName() + " with nameID:" + + authUser.getNameID() + " get logged out by Single LogOut request."); + authManager.removeActiveUser(authUser); + final HttpSession session = request.getSession(false); + if (session != null) { + session.invalidate(); + } + return createSLOResponse(sloReq, StatusCode.SUCCESS_URI, request); + + } else { + log.debug("Single LogOut not possible! User with nameID:" + sloReq.getNameID().getValue() + + " is not found."); + return createSLOResponse(sloReq, StatusCode.SUCCESS_URI, request); + + } + + } + + protected LogoutResponse createSLOResponse(LogoutRequest sloReq, String statusCodeURI, + HttpServletRequest request) throws NoSuchAlgorithmException { + final LogoutResponse sloResp = SAML2Utils.createSAMLObject(LogoutResponse.class); + final SecureRandomIdentifierGenerator gen = new SecureRandomIdentifierGenerator(); + sloResp.setID(gen.generateIdentifier()); + sloResp.setInResponseTo(sloReq.getID()); + sloResp.setIssueInstant(new DateTime()); + final NameID name = SAML2Utils.createSAMLObject(NameID.class); + final Issuer issuer = SAML2Utils.createSAMLObject(Issuer.class); + + String serviceURL = config.getPublicUrlPreFix(request); + if (!serviceURL.endsWith("/")) { + serviceURL = serviceURL + "/"; + } + name.setValue(serviceURL); + issuer.setValue(serviceURL); + issuer.setFormat(NameIDType.ENTITY); + sloResp.setIssuer(issuer); + + final Status status = SAML2Utils.createSAMLObject(Status.class); + sloResp.setStatus(status); + final StatusCode statusCode = SAML2Utils.createSAMLObject(StatusCode.class); + statusCode.setValue(statusCodeURI); + status.setStatusCode(statusCode); + + return sloResp; + } + + protected void validateLogOutResponse(LogoutResponse sloResp, String reqID, HttpServletRequest request, + HttpServletResponse response) throws PVP2Exception { + // ckeck InResponseTo matchs requestID + if (MiscUtil.isEmpty(reqID)) { + log.info("NO Sigle LogOut request ID"); + throw new PVP2Exception("NO Sigle LogOut request ID"); + } + + if (!reqID.equals(sloResp.getInResponseTo())) { + log.warn("SLORequestID does not match SLO Response ID!"); + throw new PVP2Exception("SLORequestID does not match SLO Response ID!"); + + } + + // check response destination + String serviceURL = config.getPublicUrlPreFix(request); + if (!serviceURL.endsWith("/")) { + serviceURL = serviceURL + "/"; + } + + final String responseDestination = sloResp.getDestination(); + if (MiscUtil.isEmpty(responseDestination) || + !responseDestination.startsWith(serviceURL)) { + log.warn("PVPResponse destination does not match requested destination"); + throw new PVP2Exception("SLO response destination does not match requested destination"); + } + + request.getSession().invalidate(); + + if (sloResp.getStatus().getStatusCode().getValue().equals(StatusCode.PARTIAL_LOGOUT_URI)) { + log.warn("Single LogOut process is not completed."); + request.getSession().setAttribute(Constants.SESSION_SLOERROR, + LanguageHelper.getErrorString("webpages.slo.error", request)); + + } else if (sloResp.getStatus().getStatusCode().getValue().equals(StatusCode.SUCCESS_URI)) { + + if (sloResp.getStatus().getStatusCode().getStatusCode() != null && + !sloResp.getStatus().getStatusCode().getStatusCode().equals(StatusCode.PARTIAL_LOGOUT_URI)) { + log.info("Single LogOut process complete."); + request.getSession().setAttribute(Constants.SESSION_SLOSUCCESS, + LanguageHelper.getErrorString("webpages.slo.success", request)); + + } else { + log.warn("Single LogOut process is not completed."); + request.getSession().setAttribute(Constants.SESSION_SLOERROR, + LanguageHelper.getErrorString("webpages.slo.error", request)); + + } + + } else { + log.warn("Single LogOut response sends an unsupported statustype " + sloResp.getStatus().getStatusCode() + .getValue()); + request.getSession().setAttribute(Constants.SESSION_SLOERROR, + LanguageHelper.getErrorString("webpages.slo.error", request)); + + } + String redirectURL = serviceURL + Constants.SERVLET_LOGOUT; + redirectURL = response.encodeRedirectURL(redirectURL); + response.setContentType("text/html"); + response.setStatus(302); + response.addHeader("Location", redirectURL); + + } + + protected SingleLogoutService findIDPFrontChannelSLOService() throws ConfigurationException, SLOException { + + final String entityname = config.getPVP2IDPMetadataEntityName(); + if (MiscUtil.isEmpty(entityname)) { + log.info("No IDP EntityName configurated"); + throw new ConfigurationException("No IDP EntityName configurated"); + } + + // get IDP metadata from metadataprovider + final HTTPMetadataProvider idpmetadata = config.getMetaDataProvier(); + try { + final EntityDescriptor idpEntity = idpmetadata.getEntityDescriptor(entityname); + if (idpEntity == null) { + log.info("IDP EntityName is not found in IDP Metadata"); + throw new ConfigurationException("IDP EntityName is not found in IDP Metadata"); + + } + + // select authentication-service url from metadata + SingleLogoutService redirectEndpoint = null; + for (final SingleLogoutService sss : idpEntity.getIDPSSODescriptor(SAMLConstants.SAML20P_NS) + .getSingleLogoutServices()) { + + // Get the service address for the binding you wish to use + if (sss.getBinding().equals(SAMLConstants.SAML2_REDIRECT_BINDING_URI)) { + redirectEndpoint = sss; + } else if (sss.getBinding().equals(SAMLConstants.SAML2_POST_BINDING_URI) && + redirectEndpoint == null) { + redirectEndpoint = sss; + } + } + + if (redirectEndpoint == null) { + log.warn("Single LogOut FAILED: IDP implements no frontchannel SLO service."); + throw new SLOException("Single LogOut FAILED: IDP implements no frontchannel SLO service."); + } + + return redirectEndpoint; + } catch (final MetadataProviderException e) { + log.info("IDP EntityName is not found in IDP Metadata", e); + throw new ConfigurationException("IDP EntityName is not found in IDP Metadata"); + + } + } + + protected ConfigurationProvider getConfig() { + return config; + } } diff --git a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/auth/pvp2/servlets/SLOFrontChannelServlet.java b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/auth/pvp2/servlets/SLOFrontChannelServlet.java index 274aa21bf..ac9d65cbf 100644 --- a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/auth/pvp2/servlets/SLOFrontChannelServlet.java +++ b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/auth/pvp2/servlets/SLOFrontChannelServlet.java @@ -77,221 +77,230 @@ import at.gv.egovernment.moa.util.MiscUtil; */ public class SLOFrontChannelServlet extends SLOBasicServlet { - private static final long serialVersionUID = -6280199681356977759L; - private static final Logger log = LoggerFactory - .getLogger(SLOFrontChannelServlet.class); - - /** - * @throws ConfigurationException - */ - public SLOFrontChannelServlet() throws ConfigurationException { - super(); - } - - /** - * @see HttpServlet#doGet(HttpServletRequest request, HttpServletResponse - * response) - */ - protected void doGet(HttpServletRequest request, - HttpServletResponse response) throws ServletException, IOException { - try { - if (MiscUtil.isNotEmpty(request.getParameter(Constants.REQUEST_USERSLO))) { - //process user initiated single logout process - Object authUserObj = request.getSession().getAttribute(Constants.SESSION_AUTH); - - if (authUserObj == null) { - log.warn("No user information found. Single Log-Out not possible"); - buildErrorMessage(request, response); - - } - - AuthenticatedUser authUser = (AuthenticatedUser) authUserObj; - - String nameIDFormat = authUser.getNameIDFormat(); - String nameID = authUser.getNameID(); - - //remove user - AuthenticationManager authManager = AuthenticationManager.getInstance(); - authManager.removeActiveUser(authUser); - - if (MiscUtil.isEmpty(nameID) || MiscUtil.isEmpty(nameIDFormat)) { - log.warn("No user information found. Single Log-Out not possible"); - buildErrorMessage(request, response); - - } else - log.info("Fount user information for user nameID: " + nameID - + " , nameIDFormat: " + nameIDFormat - + ". Build Single Log-Out request ..."); - - //build SLO request to IDP - LogoutRequest sloReq = createLogOutRequest(nameID, nameIDFormat, request); - - request.getSession().setAttribute(Constants.SESSION_PVP2REQUESTID, sloReq.getID()); - - //send message - sendMessage(request, response, sloReq, null); - - } else { - //process PVP 2.1 single logout process - HTTPRedirectDeflateDecoder decode = new HTTPRedirectDeflateDecoder( - new BasicParserPool()); - BasicSAMLMessageContext messageContext = new BasicSAMLMessageContext(); - messageContext.setInboundMessageTransport(new HttpServletRequestAdapter(request)); - messageContext.setMetadataProvider(getConfig().getMetaDataProvier()); - - SAML2HTTPRedirectDeflateSignatureRule signatureRule = new SAML2HTTPRedirectDeflateSignatureRule( - PVP2Utils.getTrustEngine(getConfig())); - SAML2AuthnRequestsSignedRule signedRole = new SAML2AuthnRequestsSignedRule(); - BasicSecurityPolicy policy = new BasicSecurityPolicy(); - policy.getPolicyRules().add(signatureRule); - policy.getPolicyRules().add(signedRole); - SecurityPolicyResolver resolver = new StaticSecurityPolicyResolver( - policy); - messageContext.setSecurityPolicyResolver(resolver); - messageContext.setPeerEntityRole(IDPSSODescriptor.DEFAULT_ELEMENT_NAME); - - decode.decode(messageContext); - - signatureRule.evaluate(messageContext); - - - processMessage(request, response, - messageContext.getInboundMessage(), messageContext.getRelayState()); - - } - - } catch (SLOException e) { - log.error("Single LogOut processing error.", e); - buildErrorMessage(request, response); - - } catch (ConfigurationException e) { - log.error("Single LogOut processing error.", e); - buildErrorMessage(request, response); - - } catch (PVP2Exception e) { - log.error("Single LogOut processing error.", e); - buildErrorMessage(request, response); - - } catch (SecurityPolicyException e) { - log.error("Single LogOut processing error.", e); - buildErrorMessage(request, response); - - } catch (MessageDecodingException e) { - log.error("Single LogOut processing error.", e); - buildErrorMessage(request, response); - - } catch (SecurityException e) { - log.error("Single LogOut processing error.", e); - buildErrorMessage(request, response); - - } catch (NoSuchAlgorithmException e) { - log.error("Single LogOut processing error.", e); - buildErrorMessage(request, response); - - } - } - - /** - * @see HttpServlet#doPost(HttpServletRequest request, HttpServletResponse - * response) - */ - protected void doPost(HttpServletRequest request, - HttpServletResponse response) throws ServletException, IOException { - try { - HTTPPostDecoder decode = new HTTPPostDecoder(new BasicParserPool()); - BasicSAMLMessageContext messageContext = new BasicSAMLMessageContext(); - messageContext.setInboundMessageTransport(new HttpServletRequestAdapter(request)); - decode.decode(messageContext); - - PVP2Utils.validateSignature((SignableXMLObject) messageContext.getInboundMessage(), getConfig()); - - processMessage(request, response, - messageContext.getInboundMessage(), messageContext.getRelayState()); - - - } catch (MessageDecodingException e) { - log.error("Single LogOut processing error.", e); - buildErrorMessage(request, response); - - } catch (SecurityException e) { - log.error("Single LogOut processing error.", e); - buildErrorMessage(request, response); - - } catch (ValidationException e) { - log.error("Single LogOut processing error.", e); - buildErrorMessage(request, response); - - } catch (ConfigurationException e) { - log.error("Single LogOut processing error.", e); - buildErrorMessage(request, response); - - } catch (PVP2Exception e) { - log.error("Single LogOut processing error.", e); - buildErrorMessage(request, response); - - } catch (NoSuchAlgorithmException e) { - log.error("Single LogOut processing error.", e); - buildErrorMessage(request, response); - - } - } - - private void buildErrorMessage(HttpServletRequest request, HttpServletResponse response) { - - request.getSession().setAttribute(Constants.SESSION_SLOERROR, - LanguageHelper.getErrorString("webpages.slo.error", request)); - - //check response destination - String serviceURL = getConfig().getPublicUrlPreFix(request); - if (!serviceURL.endsWith("/")) - serviceURL = serviceURL + "/"; - - String redirectURL = serviceURL + Constants.SERVLET_LOGOUT; - redirectURL = response.encodeRedirectURL(redirectURL); - response.setContentType("text/html"); - response.setStatus(302); - response.addHeader("Location", redirectURL); - } - - private void processMessage(HttpServletRequest request, HttpServletResponse response, - XMLObject xmlObject, String relayState) throws ConfigurationException, PVP2Exception, NoSuchAlgorithmException { - if (xmlObject instanceof LogoutRequest) { - LogoutResponse sloResp = - processLogOutRequest((LogoutRequest) xmlObject, request); - sendMessage(request, response, sloResp, relayState); - - } else if (xmlObject instanceof LogoutResponse) { - LogoutResponse sloResp = (LogoutResponse) xmlObject; - - String reqID = (String) request.getSession().getAttribute(Constants.SESSION_PVP2REQUESTID); - request.getSession().setAttribute(Constants.SESSION_PVP2REQUESTID, null); - validateLogOutResponse(sloResp, reqID, request, response); - - } - } - - private void sendMessage(HttpServletRequest request, HttpServletResponse response, - RequestAbstractType sloReq, String relayState) throws ConfigurationException, PVP2Exception { - SingleLogoutService sloService = findIDPFrontChannelSLOService(); - sloReq.setDestination(sloService.getLocation()); - sendMessage(request, response, sloReq, sloService, relayState); - } - - private void sendMessage(HttpServletRequest request, HttpServletResponse response, - StatusResponseType sloReq, String relayState) throws ConfigurationException, PVP2Exception { - SingleLogoutService sloService = findIDPFrontChannelSLOService(); - sloReq.setDestination(sloService.getLocation()); - sendMessage(request, response, sloReq, sloService, relayState); - } - - private void sendMessage(HttpServletRequest request, HttpServletResponse response, - SignableSAMLObject sloReq, SingleLogoutService sloService, String relayState) throws ConfigurationException, PVP2Exception { - X509Credential authcredential = PVP2Utils.signMessage((AbstractSignableXMLObject) sloReq, getConfig()); - if (sloService.getBinding().equals(SAMLConstants.SAML2_POST_BINDING_URI)) - PVP2Utils.postBindingEncoder(request, response, sloReq, authcredential, sloService.getLocation(), relayState); - - else if (sloService.getBinding().equals(SAMLConstants.SAML2_REDIRECT_BINDING_URI)) - PVP2Utils.redirectBindingEncoder(request, response, sloReq, authcredential, sloService.getLocation(), relayState); - } - + private static final long serialVersionUID = -6280199681356977759L; + private static final Logger log = LoggerFactory + .getLogger(SLOFrontChannelServlet.class); + + /** + * @throws ConfigurationException + */ + public SLOFrontChannelServlet() throws ConfigurationException { + super(); + } + + /** + * @see HttpServlet#doGet(HttpServletRequest request, HttpServletResponse + * response) + */ + @Override + protected void doGet(HttpServletRequest request, + HttpServletResponse response) throws ServletException, IOException { + try { + if (MiscUtil.isNotEmpty(request.getParameter(Constants.REQUEST_USERSLO))) { + // process user initiated single logout process + final Object authUserObj = request.getSession().getAttribute(Constants.SESSION_AUTH); + + if (authUserObj == null) { + log.warn("No user information found. Single Log-Out not possible"); + buildErrorMessage(request, response); + + } + + final AuthenticatedUser authUser = (AuthenticatedUser) authUserObj; + + final String nameIDFormat = authUser.getNameIDFormat(); + final String nameID = authUser.getNameID(); + + // remove user + final AuthenticationManager authManager = AuthenticationManager.getInstance(); + authManager.removeActiveUser(authUser); + + if (MiscUtil.isEmpty(nameID) || MiscUtil.isEmpty(nameIDFormat)) { + log.warn("No user information found. Single Log-Out not possible"); + buildErrorMessage(request, response); + + } else { + log.info("Fount user information for user nameID: " + nameID + + " , nameIDFormat: " + nameIDFormat + + ". Build Single Log-Out request ..."); + } + + // build SLO request to IDP + final LogoutRequest sloReq = createLogOutRequest(nameID, nameIDFormat, request); + + request.getSession().setAttribute(Constants.SESSION_PVP2REQUESTID, sloReq.getID()); + + // send message + sendMessage(request, response, sloReq, null); + + } else { + // process PVP 2.1 single logout process + final HTTPRedirectDeflateDecoder decode = new HTTPRedirectDeflateDecoder( + new BasicParserPool()); + final BasicSAMLMessageContext messageContext = + new BasicSAMLMessageContext<>(); + messageContext.setInboundMessageTransport(new HttpServletRequestAdapter(request)); + messageContext.setMetadataProvider(getConfig().getMetaDataProvier()); + + final SAML2HTTPRedirectDeflateSignatureRule signatureRule = new SAML2HTTPRedirectDeflateSignatureRule( + PVP2Utils.getTrustEngine(getConfig())); + final SAML2AuthnRequestsSignedRule signedRole = new SAML2AuthnRequestsSignedRule(); + final BasicSecurityPolicy policy = new BasicSecurityPolicy(); + policy.getPolicyRules().add(signatureRule); + policy.getPolicyRules().add(signedRole); + final SecurityPolicyResolver resolver = new StaticSecurityPolicyResolver( + policy); + messageContext.setSecurityPolicyResolver(resolver); + messageContext.setPeerEntityRole(IDPSSODescriptor.DEFAULT_ELEMENT_NAME); + + decode.decode(messageContext); + + signatureRule.evaluate(messageContext); + + processMessage(request, response, + messageContext.getInboundMessage(), messageContext.getRelayState()); + + } + + } catch (final SLOException e) { + log.error("Single LogOut processing error.", e); + buildErrorMessage(request, response); + + } catch (final ConfigurationException e) { + log.error("Single LogOut processing error.", e); + buildErrorMessage(request, response); + + } catch (final PVP2Exception e) { + log.error("Single LogOut processing error.", e); + buildErrorMessage(request, response); + + } catch (final SecurityPolicyException e) { + log.error("Single LogOut processing error.", e); + buildErrorMessage(request, response); + + } catch (final MessageDecodingException e) { + log.error("Single LogOut processing error.", e); + buildErrorMessage(request, response); + + } catch (final SecurityException e) { + log.error("Single LogOut processing error.", e); + buildErrorMessage(request, response); + + } catch (final NoSuchAlgorithmException e) { + log.error("Single LogOut processing error.", e); + buildErrorMessage(request, response); + + } + } + + /** + * @see HttpServlet#doPost(HttpServletRequest request, HttpServletResponse + * response) + */ + @Override + protected void doPost(HttpServletRequest request, + HttpServletResponse response) throws ServletException, IOException { + try { + final HTTPPostDecoder decode = new HTTPPostDecoder(new BasicParserPool()); + final BasicSAMLMessageContext messageContext = + new BasicSAMLMessageContext<>(); + messageContext.setInboundMessageTransport(new HttpServletRequestAdapter(request)); + decode.decode(messageContext); + + PVP2Utils.validateSignature((SignableXMLObject) messageContext.getInboundMessage(), getConfig()); + + processMessage(request, response, + messageContext.getInboundMessage(), messageContext.getRelayState()); + + } catch (final MessageDecodingException e) { + log.error("Single LogOut processing error.", e); + buildErrorMessage(request, response); + + } catch (final SecurityException e) { + log.error("Single LogOut processing error.", e); + buildErrorMessage(request, response); + + } catch (final ValidationException e) { + log.error("Single LogOut processing error.", e); + buildErrorMessage(request, response); + + } catch (final ConfigurationException e) { + log.error("Single LogOut processing error.", e); + buildErrorMessage(request, response); + + } catch (final PVP2Exception e) { + log.error("Single LogOut processing error.", e); + buildErrorMessage(request, response); + + } catch (final NoSuchAlgorithmException e) { + log.error("Single LogOut processing error.", e); + buildErrorMessage(request, response); + + } + } + + private void buildErrorMessage(HttpServletRequest request, HttpServletResponse response) { + + request.getSession().setAttribute(Constants.SESSION_SLOERROR, + LanguageHelper.getErrorString("webpages.slo.error", request)); + + // check response destination + String serviceURL = getConfig().getPublicUrlPreFix(request); + if (!serviceURL.endsWith("/")) { + serviceURL = serviceURL + "/"; + } + + String redirectURL = serviceURL + Constants.SERVLET_LOGOUT; + redirectURL = response.encodeRedirectURL(redirectURL); + response.setContentType("text/html"); + response.setStatus(302); + response.addHeader("Location", redirectURL); + } + + private void processMessage(HttpServletRequest request, HttpServletResponse response, + XMLObject xmlObject, String relayState) throws ConfigurationException, PVP2Exception, + NoSuchAlgorithmException { + if (xmlObject instanceof LogoutRequest) { + final LogoutResponse sloResp = + processLogOutRequest((LogoutRequest) xmlObject, request); + sendMessage(request, response, sloResp, relayState); + + } else if (xmlObject instanceof LogoutResponse) { + final LogoutResponse sloResp = (LogoutResponse) xmlObject; + + final String reqID = (String) request.getSession().getAttribute(Constants.SESSION_PVP2REQUESTID); + request.getSession().setAttribute(Constants.SESSION_PVP2REQUESTID, null); + validateLogOutResponse(sloResp, reqID, request, response); + + } + } + + private void sendMessage(HttpServletRequest request, HttpServletResponse response, + RequestAbstractType sloReq, String relayState) throws ConfigurationException, PVP2Exception { + final SingleLogoutService sloService = findIDPFrontChannelSLOService(); + sloReq.setDestination(sloService.getLocation()); + sendMessage(request, response, sloReq, sloService, relayState); + } + + private void sendMessage(HttpServletRequest request, HttpServletResponse response, + StatusResponseType sloReq, String relayState) throws ConfigurationException, PVP2Exception { + final SingleLogoutService sloService = findIDPFrontChannelSLOService(); + sloReq.setDestination(sloService.getLocation()); + sendMessage(request, response, sloReq, sloService, relayState); + } + + private void sendMessage(HttpServletRequest request, HttpServletResponse response, + SignableSAMLObject sloReq, SingleLogoutService sloService, String relayState) + throws ConfigurationException, PVP2Exception { + final X509Credential authcredential = PVP2Utils.signMessage((AbstractSignableXMLObject) sloReq, + getConfig()); + if (sloService.getBinding().equals(SAMLConstants.SAML2_POST_BINDING_URI)) { + PVP2Utils.postBindingEncoder(request, response, sloReq, authcredential, sloService.getLocation(), + relayState); + } else if (sloService.getBinding().equals(SAMLConstants.SAML2_REDIRECT_BINDING_URI)) { + PVP2Utils.redirectBindingEncoder(request, response, sloReq, authcredential, sloService.getLocation(), + relayState); + } + } + } diff --git a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/config/ConfigurationProvider.java b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/config/ConfigurationProvider.java index ef6c951c2..8eb4db4a2 100644 --- a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/config/ConfigurationProvider.java +++ b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/config/ConfigurationProvider.java @@ -44,7 +44,6 @@ import java.util.jar.Manifest; import javax.servlet.http.HttpServletRequest; import org.apache.commons.httpclient.MOAHttpClient; -import org.apache.log4j.Logger; import org.opensaml.DefaultBootstrap; import org.opensaml.saml2.metadata.provider.HTTPMetadataProvider; import org.opensaml.xml.parse.BasicParserPool; @@ -68,649 +67,635 @@ import at.gv.egovernment.moa.id.configuration.utils.UserRequestCleaner; import at.gv.egovernment.moa.util.MiscUtil; import iaik.asn1.structures.AlgorithmID; import iaik.x509.X509Certificate; +import lombok.extern.slf4j.Slf4j; - +@Slf4j public class ConfigurationProvider { - public static final String HTMLTEMPLATE_DIR = "/htmlTemplates"; - public static final String HTMLTEMPLATE_FILE = "/loginFormFull.html"; - - private static final Logger log = Logger.getLogger(ConfigurationProvider.class); - - private static final String SYSTEM_PROP_CONFIG = "moa.id.webconfig"; - - private static ConfigurationProvider instance; - private Properties props; - private String configFileName; - private String configRootDir; - - private HTTPMetadataProvider idpMetadataProvider = null; - private KeyStore keyStore = null; - - private String publicURLPreFix = null; - - private boolean pvp2logininitialzied = false; - - private ClassPathXmlApplicationContext context = null; - private MOAIDConfigurationModul configModule = null; - private NewConfigurationDBRead deprecatedDBRead = null; - private FileBasedUserConfiguration userManagement = null; - - private ArrayList activeProfiles = new ArrayList(); - - public static ConfigurationProvider getInstance() throws ConfigurationException { - - if (instance == null) { - instance = new ConfigurationProvider(); - instance.inizialize(); - - } - - return instance; - } - - private void inizialize() throws ConfigurationException { - - log.info("Set SystemProperty for UTF-8 file.encoding as default"); - System.setProperty("file.encoding", "UTF-8"); - - configFileName = System.getProperty(SYSTEM_PROP_CONFIG); - - if (configFileName == null) { - throw new ConfigurationException("config.05"); - } - try { - URI fileURI = new URI(configFileName); - File propertiesFile = new File(fileURI); - - // determine the directory of the root config file - String rootConfigFileDir = propertiesFile.getParent(); - configRootDir = new File(rootConfigFileDir).toURI().toURL().toString();; - - log.info("Loading MOA-ID-AUTH configuration " + configFileName); - - //Initial Hibernate Framework - log.trace("Initializing Hibernate framework."); - - //Load MOAID-2.0 properties file - - - FileInputStream fis; - props = new Properties(); - - fis = new FileInputStream(propertiesFile); - props.load(fis); - fis.close(); + public static final String HTMLTEMPLATE_DIR = "/htmlTemplates"; + public static final String HTMLTEMPLATE_FILE = "/loginFormFull.html"; + + private static final String SYSTEM_PROP_CONFIG = "moa.id.webconfig"; + + private static ConfigurationProvider instance; + private Properties props; + private String configFileName; + private String configRootDir; + + private HTTPMetadataProvider idpMetadataProvider = null; + private KeyStore keyStore = null; + + private String publicURLPreFix = null; + + private boolean pvp2logininitialzied = false; + + private ClassPathXmlApplicationContext context = null; + private MOAIDConfigurationModul configModule = null; + private NewConfigurationDBRead deprecatedDBRead = null; + private FileBasedUserConfiguration userManagement = null; + + private final ArrayList activeProfiles = new ArrayList<>(); + + public static ConfigurationProvider getInstance() throws ConfigurationException { + + if (instance == null) { + instance = new ConfigurationProvider(); + instance.inizialize(); + + } + + return instance; + } + + private void inizialize() throws ConfigurationException { + + log.info("Set SystemProperty for UTF-8 file.encoding as default"); + System.setProperty("file.encoding", "UTF-8"); + + configFileName = System.getProperty(SYSTEM_PROP_CONFIG); + + if (configFileName == null) { + throw new ConfigurationException("config.05"); + } + try { + final URI fileURI = new URI(configFileName); + final File propertiesFile = new File(fileURI); + + // determine the directory of the root config file + final String rootConfigFileDir = propertiesFile.getParent(); + configRootDir = new File(rootConfigFileDir).toURI().toURL().toString(); + + log.info("Loading MOA-ID-AUTH configuration " + configFileName); + + // Initial Hibernate Framework + log.trace("Initializing Hibernate framework."); + + // Load MOAID-2.0 properties file + + FileInputStream fis; + props = new Properties(); + + fis = new FileInputStream(propertiesFile); + props.load(fis); + fis.close(); // //Workaround -> can be removed in next version // if (MiscUtil.isEmpty(System.getProperty("spring.profiles.active"))) { // log.info("Set System-Property to activate 'byteBased' config values"); // System.setProperty("spring.profiles.active", "byteBasedConfig"); -// +// // } - - //initialize generic SpringContext to set profiles - GenericApplicationContext rootContext = new GenericApplicationContext(); + + // initialize generic SpringContext to set profiles + final GenericApplicationContext rootContext = new GenericApplicationContext(); // if (Boolean.valueOf(props.getProperty("configuration.database.byteBasedValues", "false"))) -// activeProfiles.add(SpringProfileConstants.BYTEBASEDCONFIG); +// activeProfiles.add(SpringProfileConstants.BYTEBASEDCONFIG); // for (String el: activeProfiles) // rootContext.getEnvironment().addActiveProfile(el); - //refresh generic context - rootContext.refresh(); - - //initialize SpringContext - context = new ClassPathXmlApplicationContext( - new String[] { "configuration.beans.xml", - "moaid.webgui.beans.xml", - "moaid.migration.beans.xml", - "moaid.configurationtool.beans.xml" - }, rootContext); - - - log.info("Spring-context was initialized with active profiles: " - + Arrays.asList(context.getEnvironment().getActiveProfiles())); - - //Autowire beans in these context - AutowireCapableBeanFactory acbFactory = context.getAutowireCapableBeanFactory(); - acbFactory.autowireBean(this); - - - log.info("Hibernate initialization finished."); - - DefaultBootstrap.bootstrap(); - log.info("OPENSAML initialized"); - - UserRequestCleaner.start(); - - fixJava8_141ProblemWithSSLAlgorithms(); - - log.info("MOA-ID-Configuration initialization completed"); - - - } catch (FileNotFoundException e) { - throw new ConfigurationException("config.01", new Object[]{configFileName}, e); - - } catch (IOException e) { - throw new ConfigurationException("config.02", new Object[]{configFileName}, e); - - } catch (org.opensaml.xml.ConfigurationException e) { - throw new ConfigurationException("config.04", e); - - } catch (URISyntaxException e) { - throw new ConfigurationException("config.01", new Object[]{configFileName}, e); - } - - } - - private static void fixJava8_141ProblemWithSSLAlgorithms() { - log.info("Change AlgorithmIDs to fix problems with Java8 >= 141 ..."); - //new AlgorithmID("1.2.840.113549.1.1.4", "md5WithRSAEncryption", new String[] { "MD5withRSA", "MD5/RSA", }, null, true); - new AlgorithmID("1.2.840.113549.1.1.5", "sha1WithRSAEncryption", - new String[] { "SHA1withRSA" , "SHA1/RSA", "SHA-1/RSA", "SHA/RSA", }, null, true); - new AlgorithmID("1.2.840.113549.1.1.14", "sha224WithRSAEncryption", - new String[] { "SHA224withRSA", "SHA224/RSA", "SHA-224/RSA", }, null, true); - new AlgorithmID("1.2.840.113549.1.1.11", "sha256WithRSAEncryption", - new String[] { "SHA256withRSA", "SHA256/RSA", "SHA-256/RSA", }, null, true); - new AlgorithmID("1.2.840.113549.1.1.12", "sha384WithRSAEncryption", - new String[] { "SHA384withRSA", "SHA384/RSA", "SHA-384/RSA", }, null, true); - new AlgorithmID("1.2.840.113549.1.1.13", "sha512WithRSAEncryption", - new String[] { "SHA512withRSA", "SHA512/RSA", "SHA-512/RSA" }, null, true); - - log.info("Change AlgorithmIDs finished"); + // refresh generic context + rootContext.refresh(); + + // initialize SpringContext + context = new ClassPathXmlApplicationContext( + new String[] { "configuration.beans.xml", + "moaid.webgui.beans.xml", + "moaid.migration.beans.xml", + "moaid.configurationtool.beans.xml" + }, rootContext); + + log.info("Spring-context was initialized with active profiles: " + + Arrays.asList(context.getEnvironment().getActiveProfiles())); + + // Autowire beans in these context + final AutowireCapableBeanFactory acbFactory = context.getAutowireCapableBeanFactory(); + acbFactory.autowireBean(this); + + log.info("Hibernate initialization finished."); + + DefaultBootstrap.bootstrap(); + log.info("OPENSAML initialized"); + + UserRequestCleaner.start(); + + fixJava8_141ProblemWithSSLAlgorithms(); + + log.info("MOA-ID-Configuration initialization completed"); + + } catch (final FileNotFoundException e) { + throw new ConfigurationException("config.01", new Object[] { configFileName }, e); + + } catch (final IOException e) { + throw new ConfigurationException("config.02", new Object[] { configFileName }, e); + + } catch (final org.opensaml.xml.ConfigurationException e) { + throw new ConfigurationException("config.04", e); + + } catch (final URISyntaxException e) { + throw new ConfigurationException("config.01", new Object[] { configFileName }, e); } - - @Autowired(required = true) - public void setMOAIDConfigurationModul(MOAIDConfigurationModul module) { - this.configModule = module; - } - - - - /** - * @param dbRead the dbRead to set - */ - @Autowired(required = true) - public void setDbRead(NewConfigurationDBRead dbRead) { - this.deprecatedDBRead = dbRead; - } - - - - /** - * @return the props - */ - public Properties getConfigurationProperties() { - return props; - } - - /** - * @return the deprecatedDBWrite - */ - public FileBasedUserConfiguration getUserManagement() { - return userManagement; - } - - /** - * @param deprecatedDBWrite the deprecatedDBWrite to set - */ - @Autowired(required = true) - public void setUserManagement(FileBasedUserConfiguration userManagement) { - this.userManagement = userManagement; - } - - - public String getPublicUrlPreFix(HttpServletRequest request) { - publicURLPreFix = props.getProperty("general.publicURLContext"); - - if (MiscUtil.isEmpty(publicURLPreFix) && request != null) { - String url = request.getRequestURL().toString(); - String contextpath = request.getContextPath(); - int index = url.indexOf(contextpath); - publicURLPreFix = url.substring(0, index + contextpath.length() + 1); - } - - return publicURLPreFix; - } - - public int getUserRequestCleanUpDelay() { - String delay = props.getProperty("general.userrequests.cleanup.delay"); - return Integer.getInteger(delay, 12); - } - + + } + + private static void fixJava8_141ProblemWithSSLAlgorithms() { + log.info("Change AlgorithmIDs to fix problems with Java8 >= 141 ..."); + // new AlgorithmID("1.2.840.113549.1.1.4", "md5WithRSAEncryption", new String[] + // { "MD5withRSA", "MD5/RSA", }, null, true); + new AlgorithmID("1.2.840.113549.1.1.5", "sha1WithRSAEncryption", + new String[] { "SHA1withRSA", "SHA1/RSA", "SHA-1/RSA", "SHA/RSA", }, null, true); + new AlgorithmID("1.2.840.113549.1.1.14", "sha224WithRSAEncryption", + new String[] { "SHA224withRSA", "SHA224/RSA", "SHA-224/RSA", }, null, true); + new AlgorithmID("1.2.840.113549.1.1.11", "sha256WithRSAEncryption", + new String[] { "SHA256withRSA", "SHA256/RSA", "SHA-256/RSA", }, null, true); + new AlgorithmID("1.2.840.113549.1.1.12", "sha384WithRSAEncryption", + new String[] { "SHA384withRSA", "SHA384/RSA", "SHA-384/RSA", }, null, true); + new AlgorithmID("1.2.840.113549.1.1.13", "sha512WithRSAEncryption", + new String[] { "SHA512withRSA", "SHA512/RSA", "SHA-512/RSA" }, null, true); + + log.info("Change AlgorithmIDs finished"); + } + + @Autowired(required = true) + public void setMOAIDConfigurationModul(MOAIDConfigurationModul module) { + this.configModule = module; + } + + /** + * @param dbRead the dbRead to set + */ + @Autowired(required = true) + public void setDbRead(NewConfigurationDBRead dbRead) { + this.deprecatedDBRead = dbRead; + } + + /** + * @return the props + */ + public Properties getConfigurationProperties() { + return props; + } + + /** + * @return the deprecatedDBWrite + */ + public FileBasedUserConfiguration getUserManagement() { + return userManagement; + } + + /** + * @param deprecatedDBWrite the deprecatedDBWrite to set + */ + @Autowired(required = true) + public void setUserManagement(FileBasedUserConfiguration userManagement) { + this.userManagement = userManagement; + } + + public String getPublicUrlPreFix(HttpServletRequest request) { + publicURLPreFix = props.getProperty("general.publicURLContext"); + + if (MiscUtil.isEmpty(publicURLPreFix) && request != null) { + final String url = request.getRequestURL().toString(); + final String contextpath = request.getContextPath(); + final int index = url.indexOf(contextpath); + publicURLPreFix = url.substring(0, index + contextpath.length() + 1); + } + + return publicURLPreFix; + } + + public int getUserRequestCleanUpDelay() { + final String delay = props.getProperty("general.userrequests.cleanup.delay"); + return Integer.getInteger(delay, 12); + } + // public String getContactMailAddress() { // return props.getProperty("general.contact.mail"); // } - - public String getSSOLogOutURL() { - return props.getProperty("general.login.pvp2.idp.sso.logout.url"); - } - - public KeyStore getPVP2KeyStore() throws ConfigurationException, IOException, NoSuchAlgorithmException, CertificateException, KeyStoreException { - if (keyStore == null) { - String keystoretype = getPVP2MetadataKeystoreType(); - if (MiscUtil.isEmpty(keystoretype)) { - log.debug("No KeyStoreType defined. Using default KeyStoreType."); - keyStore = KeyStore.getInstance(KeyStore.getDefaultType()); - - } else { - log.debug("Using " + keystoretype + " KeyStoreType."); - keyStore = KeyStore.getInstance(keystoretype); - - } - - - String fileURL = getPVP2MetadataKeystoreURL(); - log.debug("Load KeyStore from URL " + fileURL); - if (MiscUtil.isEmpty(fileURL)) { - log.info("Metadata KeyStoreURL is empty"); - throw new ConfigurationException("Metadata KeyStoreURL is empty"); - } - - URL keystoreURL = new URL((FileUtils.makeAbsoluteURL(fileURL, getConfigRootDir()))); - InputStream inputStream = keystoreURL.openStream(); - keyStore.load(inputStream, getPVP2MetadataKeystorePassword().toCharArray()); - inputStream.close(); - } - - return keyStore; - - } - - public String getConfigFile() { - return configFileName; - } - - public String getConfigRootDir() { - return configRootDir; - } - - public boolean isMOAIDMode() { - String result = props.getProperty("general.moaidmode.active", "true"); - return Boolean.parseBoolean(result); - } - - public String getMOAIDInstanceURL() { - return props.getProperty("general.moaid.instance.url"); - } - - public boolean isLoginDeaktivated() { - String result = props.getProperty("general.login.deaktivate", "false"); - return Boolean.parseBoolean(result); - } - - public boolean isOATargetVerificationDeaktivated() { - String result = props.getProperty("general.OATargetVerification.deaktivate", "false"); - return Boolean.parseBoolean(result); - } - - //PVP2 Login configuration - - public void initializePVP2Login() throws ConfigurationException { - if (!pvp2logininitialzied) - initalPVP2Login(); - } - - public boolean isPVP2LoginActive() { - - return Boolean.parseBoolean(props.getProperty("general.login.pvp2.isactive", "false")); - } - - public boolean isPVP2LoginBusinessService() { - String result = props.getProperty("general.login.pvp2.isbusinessservice", "false"); - return Boolean.parseBoolean(result); - } - - public String getPVP2LoginTarget() { - return props.getProperty("general.login.pvp2.target"); - } - - public String getPVP2LoginIdenificationValue() { - return props.getProperty("general.login.pvp2.identificationvalue"); - } - - public String getPVP2MetadataEntitiesName() { - return props.getProperty("general.login.pvp2.metadata.entities.name"); - } - - public String getPVP2MetadataKeystoreURL() { - return props.getProperty("general.login.pvp2.keystore.url"); - } - - public String getPVP2MetadataKeystorePassword() { - return props.getProperty("general.login.pvp2.keystore.password"); - } - - public String getPVP2MetadataKeystoreType() { - return props.getProperty("general.login.pvp2.keystore.type"); - } - - public String getPVP2KeystoreMetadataKeyAlias() { - return props.getProperty("general.login.pvp2.keystore.metadata.key.alias"); - } - - public String getPVP2KeystoreMetadataKeyPassword() { - return props.getProperty("general.login.pvp2.keystore.metadata.key.password"); - } - - public String getPVP2KeystoreAuthRequestKeyAlias() { - return props.getProperty("general.login.pvp2.keystore.authrequest.key.alias"); - } - - public String getPVP2KeystoreAuthRequestKeyPassword() { - return props.getProperty("general.login.pvp2.keystore.authrequest.key.password"); - } - - public String getPVP2KeystoreAuthRequestEncryptionKeyAlias() { - return props.getProperty("general.login.pvp2.keystore.authrequest.encryption.key.alias"); - } - - public String getPVP2KeystoreAuthRequestEncryptionKeyPassword() { - return props.getProperty("general.login.pvp2.keystore.authrequest.encryption.key.password"); - } - - public String getPVP2IDPMetadataURL() { - return props.getProperty("general.login.pvp2.idp.metadata.url"); - } - - public String getPVP2IDPMetadataCertificate() { - return props.getProperty("general.login.pvp2.idp.metadata.certificate"); - } - - public String getPVP2IDPMetadataEntityName() { - return props.getProperty("general.login.pvp2.idp.metadata.entityID"); - } - - public HTTPMetadataProvider getMetaDataProvier() { - return idpMetadataProvider; - } - - - //SMTP Server - public String getSMTPMailHost() { - return props.getProperty("general.mail.host"); - } - - public String getSMTPMailPort() { - return props.getProperty("general.mail.host.port"); - } - - public String getSMTPMailUsername() { - return props.getProperty("general.mail.host.username"); - } - - public String getSMTPMailPassword() { - return props.getProperty("general.mail.host.password"); - } - - //Mail Configuration - public String getMailFromName() { - return props.getProperty("general.mail.from.name"); - } - - public String getMailFromAddress() { - return props.getProperty("general.mail.from.address"); - } - - public String getMailUserAcountVerificationSubject() { - return props.getProperty("general.mail.useraccountrequest.verification.subject"); - } - - public String getMailUserAcountVerificationTemplate() throws ConfigurationException { - String url = props.getProperty("general.mail.useraccountrequest.verification.template"); - - if (MiscUtil.isNotEmpty(url)) { - return url; - - } else { - log.warn("MailUserAcountVerificationTemplate is empty"); - throw new ConfigurationException("MailUserAcountVerificationTemplate is empty"); - - } - } - - public String getMailUserAcountActivationSubject() { - return props.getProperty("general.mail.useraccountrequest.isactive.subject"); - } - - public String getMailUserAcountActivationTemplate() throws ConfigurationException { - String url = props.getProperty("general.mail.useraccountrequest.isactive.template"); - if (MiscUtil.isNotEmpty(url)) { - return url; - - } else { - log.warn("MailUserAcountActivationTemplate is empty"); - throw new ConfigurationException("MailUserAcountActivationTemplate is empty"); - - } - - } - - public String getMailOAActivationSubject() { - return props.getProperty("general.mail.createOArequest.isactive.subject"); - } - - public String getDefaultLanguage() { + + public String getSSOLogOutURL() { + return props.getProperty("general.login.pvp2.idp.sso.logout.url"); + } + + public KeyStore getPVP2KeyStore() throws ConfigurationException, IOException, NoSuchAlgorithmException, + CertificateException, KeyStoreException { + if (keyStore == null) { + final String keystoretype = getPVP2MetadataKeystoreType(); + if (MiscUtil.isEmpty(keystoretype)) { + log.debug("No KeyStoreType defined. Using default KeyStoreType."); + keyStore = KeyStore.getInstance(KeyStore.getDefaultType()); + + } else { + log.debug("Using " + keystoretype + " KeyStoreType."); + keyStore = KeyStore.getInstance(keystoretype); + + } + + final String fileURL = getPVP2MetadataKeystoreURL(); + log.debug("Load KeyStore from URL " + fileURL); + if (MiscUtil.isEmpty(fileURL)) { + log.info("Metadata KeyStoreURL is empty"); + throw new ConfigurationException("Metadata KeyStoreURL is empty"); + } + + final URL keystoreURL = new URL(FileUtils.makeAbsoluteURL(fileURL, getConfigRootDir())); + final InputStream inputStream = keystoreURL.openStream(); + keyStore.load(inputStream, getPVP2MetadataKeystorePassword().toCharArray()); + inputStream.close(); + } + + return keyStore; + + } + + public String getConfigFile() { + return configFileName; + } + + public String getConfigRootDir() { + return configRootDir; + } + + public boolean isMOAIDMode() { + final String result = props.getProperty("general.moaidmode.active", "true"); + return Boolean.parseBoolean(result); + } + + public String getMOAIDInstanceURL() { + return props.getProperty("general.moaid.instance.url"); + } + + public boolean isLoginDeaktivated() { + final String result = props.getProperty("general.login.deaktivate", "false"); + return Boolean.parseBoolean(result); + } + + public boolean isOATargetVerificationDeaktivated() { + final String result = props.getProperty("general.OATargetVerification.deaktivate", "false"); + return Boolean.parseBoolean(result); + } + + // PVP2 Login configuration + + public void initializePVP2Login() throws ConfigurationException { + if (!pvp2logininitialzied) { + initalPVP2Login(); + } + } + + public boolean isPVP2LoginActive() { + + return Boolean.parseBoolean(props.getProperty("general.login.pvp2.isactive", "false")); + } + + public boolean isPVP2LoginBusinessService() { + final String result = props.getProperty("general.login.pvp2.isbusinessservice", "false"); + return Boolean.parseBoolean(result); + } + + public String getPVP2LoginTarget() { + return props.getProperty("general.login.pvp2.target"); + } + + public String getPVP2LoginIdenificationValue() { + return props.getProperty("general.login.pvp2.identificationvalue"); + } + + public String getPVP2MetadataEntitiesName() { + return props.getProperty("general.login.pvp2.metadata.entities.name"); + } + + public String getPVP2MetadataKeystoreURL() { + return props.getProperty("general.login.pvp2.keystore.url"); + } + + public String getPVP2MetadataKeystorePassword() { + return props.getProperty("general.login.pvp2.keystore.password"); + } + + public String getPVP2MetadataKeystoreType() { + return props.getProperty("general.login.pvp2.keystore.type"); + } + + public String getPVP2KeystoreMetadataKeyAlias() { + return props.getProperty("general.login.pvp2.keystore.metadata.key.alias"); + } + + public String getPVP2KeystoreMetadataKeyPassword() { + return props.getProperty("general.login.pvp2.keystore.metadata.key.password"); + } + + public String getPVP2KeystoreAuthRequestKeyAlias() { + return props.getProperty("general.login.pvp2.keystore.authrequest.key.alias"); + } + + public String getPVP2KeystoreAuthRequestKeyPassword() { + return props.getProperty("general.login.pvp2.keystore.authrequest.key.password"); + } + + public String getPVP2KeystoreAuthRequestEncryptionKeyAlias() { + return props.getProperty("general.login.pvp2.keystore.authrequest.encryption.key.alias"); + } + + public String getPVP2KeystoreAuthRequestEncryptionKeyPassword() { + return props.getProperty("general.login.pvp2.keystore.authrequest.encryption.key.password"); + } + + public String getPVP2IDPMetadataURL() { + return props.getProperty("general.login.pvp2.idp.metadata.url"); + } + + public String getPVP2IDPMetadataCertificate() { + return props.getProperty("general.login.pvp2.idp.metadata.certificate"); + } + + public String getPVP2IDPMetadataEntityName() { + return props.getProperty("general.login.pvp2.idp.metadata.entityID"); + } + + public HTTPMetadataProvider getMetaDataProvier() { + return idpMetadataProvider; + } + + // SMTP Server + public String getSMTPMailHost() { + return props.getProperty("general.mail.host"); + } + + public String getSMTPMailPort() { + return props.getProperty("general.mail.host.port"); + } + + public String getSMTPMailUsername() { + return props.getProperty("general.mail.host.username"); + } + + public String getSMTPMailPassword() { + return props.getProperty("general.mail.host.password"); + } + + // Mail Configuration + public String getMailFromName() { + return props.getProperty("general.mail.from.name"); + } + + public String getMailFromAddress() { + return props.getProperty("general.mail.from.address"); + } + + public String getMailUserAcountVerificationSubject() { + return props.getProperty("general.mail.useraccountrequest.verification.subject"); + } + + public String getMailUserAcountVerificationTemplate() throws ConfigurationException { + final String url = props.getProperty("general.mail.useraccountrequest.verification.template"); + + if (MiscUtil.isNotEmpty(url)) { + return url; + + } else { + log.warn("MailUserAcountVerificationTemplate is empty"); + throw new ConfigurationException("MailUserAcountVerificationTemplate is empty"); + + } + } + + public String getMailUserAcountActivationSubject() { + return props.getProperty("general.mail.useraccountrequest.isactive.subject"); + } + + public String getMailUserAcountActivationTemplate() throws ConfigurationException { + final String url = props.getProperty("general.mail.useraccountrequest.isactive.template"); + if (MiscUtil.isNotEmpty(url)) { + return url; + + } else { + log.warn("MailUserAcountActivationTemplate is empty"); + throw new ConfigurationException("MailUserAcountActivationTemplate is empty"); + + } + + } + + public String getMailOAActivationSubject() { + return props.getProperty("general.mail.createOArequest.isactive.subject"); + } + + public String getDefaultLanguage() { + try { + return props.getProperty("general.defaultlanguage", "de").toLowerCase(); + } catch (final Exception ex) { + return "de"; + } + } + + public String getMailOAActivationTemplate() throws ConfigurationException { + final String url = props.getProperty("general.mail.createOArequest.isactive.template"); + + if (MiscUtil.isNotEmpty(url)) { + return url; + + } else { + log.warn("MailOAActivationTemplate is empty"); + throw new ConfigurationException("MailOAActivationTemplate is empty"); + + } + + } + + public String getMailUserAcountRevocationTemplate() throws ConfigurationException { + final String url = props.getProperty("general.mail.useraccountrequest.rejected.template"); + + if (MiscUtil.isNotEmpty(url)) { + return url; + + } else { + log.warn("MailUserAcountVerificationTemplate is empty"); + throw new ConfigurationException("MailUserAcountRevocationTemplate is empty"); + + } + } + + public String getMailAdminSubject() { + return props.getProperty("general.mail.admin.subject"); + } + + public String getMailAdminTemplate() throws ConfigurationException { + final String url = props.getProperty("general.mail.admin.adresses.template"); + + if (MiscUtil.isNotEmpty(url)) { + return url; + + } else { + log.warn("MailUserAcountVerificationTemplate is empty"); + throw new ConfigurationException("MailAdminTemplate is empty"); + + } + } + + public String getMailAdminAddress() { + return props.getProperty("general.mail.admin.adress"); + } + + public String getConfigToolVersion() { + return parseVersionFromManifest(); + } + + public String getCertStoreDirectory() throws ConfigurationException { + final String dir = props.getProperty("general.ssl.certstore"); + if (MiscUtil.isNotEmpty(dir)) { + return FileUtils.makeAbsoluteURL(dir, configRootDir); + } else { + throw new ConfigurationException("No SSLCertStore configured use default JAVA TrustStore."); + } + + } + + public String getTrustStoreDirectory() throws ConfigurationException { + final String dir = props.getProperty("general.ssl.truststore"); + if (MiscUtil.isNotEmpty(dir)) { + return FileUtils.makeAbsoluteURL(dir, configRootDir); + } else { + throw new ConfigurationException("No SSLTrustStore configured use default JAVA TrustStore."); + } + + } + + public String getConfigurationEncryptionKey() { + return props.getProperty("general.moaconfig.key"); + + } + + public boolean isPVPMetadataSchemaValidationActive() { + return Boolean.parseBoolean(props.getProperty("general.pvp.schemavalidation", "true")); + + } + + /** + * @return + */ + private boolean isHostNameValidationEnabled() { + return Boolean.parseBoolean(props.getProperty("general.ssl.hostnamevalidation", "true")); + + } + + /** + * @return the context + */ + public ApplicationContext getContext() { + return context; + } + + /** + * @return the configModule + */ + public MOAIDConfigurationModul getConfigModule() { + return configModule; + } + + /** + * @return the dbRead + */ + public NewConfigurationDBRead getDbRead() { + return deprecatedDBRead; + } + + private void initalPVP2Login() throws ConfigurationException { + try { + + final String metadataCert = getPVP2IDPMetadataCertificate(); + if (MiscUtil.isEmpty(metadataCert)) { + log.info("NO IDP Certificate to verify IDP Metadata"); + throw new ConfigurationException("NO IDP Certificate to verify IDP Metadata"); + } + + final URL keystoreURL = new URL(FileUtils.makeAbsoluteURL(metadataCert, getConfigRootDir())); + final InputStream certstream = keystoreURL.openStream(); + final X509Certificate cert = new X509Certificate(certstream); + final BasicX509Credential idpCredential = new BasicX509Credential(); + idpCredential.setEntityCertificate(cert); + + log.debug("IDP Certificate loading finished"); + + final String metadataurl = getPVP2IDPMetadataURL(); + if (MiscUtil.isEmpty(metadataurl)) { + log.info("NO IDP Metadata URL."); + throw new ConfigurationException("NO IDP Metadata URL."); + } + + final MOAHttpClient httpClient = new MOAHttpClient(); + + if (metadataurl.startsWith("https:")) { try { - return props.getProperty("general.defaultlanguage", "de").toLowerCase(); - } catch (Exception ex) { - return "de"; + final MOAHttpProtocolSocketFactory protoSocketFactory = new MOAHttpProtocolSocketFactory( + "MOAMetaDataProvider", + true, + ConfigurationProvider.getInstance().getCertStoreDirectory(), + ConfigurationProvider.getInstance().getTrustStoreDirectory(), + null, + "pkix", + true, + new String[] { "crl" }, + ConfigurationProvider.getInstance().isHostNameValidationEnabled()); + + httpClient.setCustomSSLTrustStore(metadataurl, protoSocketFactory); + + } catch (final MOAHttpProtocolSocketFactoryException e) { + log.warn("MOA SSL-TrustStore can not initialized. Use default Java TrustStore."); + } + } + + idpMetadataProvider = new HTTPMetadataProvider(new Timer(true), httpClient, metadataurl); + idpMetadataProvider.setRequireValidMetadata(true); + idpMetadataProvider.setParserPool(new BasicParserPool()); + idpMetadataProvider.setMetadataFilter(new MetaDataVerificationFilter(idpCredential)); + idpMetadataProvider.setMaxRefreshDelay(1000 * 3600 * 12); // refresh Metadata every 12h + idpMetadataProvider.initialize(); + + pvp2logininitialzied = true; + + } catch (final Exception e) { + log.warn("PVP2 authentification can not be initialized."); + throw new ConfigurationException("error.initialization.pvplogin", e); } - - public String getMailOAActivationTemplate() throws ConfigurationException { - String url = props.getProperty("general.mail.createOArequest.isactive.template"); - - if (MiscUtil.isNotEmpty(url)) { - return url; - - } else { - log.warn("MailOAActivationTemplate is empty"); - throw new ConfigurationException("MailOAActivationTemplate is empty"); - - } - - } - - public String getMailUserAcountRevocationTemplate() throws ConfigurationException { - String url = props.getProperty("general.mail.useraccountrequest.rejected.template"); - - if (MiscUtil.isNotEmpty(url)) { - return url; - - } else { - log.warn("MailUserAcountVerificationTemplate is empty"); - throw new ConfigurationException("MailUserAcountRevocationTemplate is empty"); - - } - } - - public String getMailAdminSubject() { - return props.getProperty("general.mail.admin.subject"); - } - - public String getMailAdminTemplate() throws ConfigurationException { - String url = props.getProperty("general.mail.admin.adresses.template"); - - if (MiscUtil.isNotEmpty(url)) { - return url; - - } else { - log.warn("MailUserAcountVerificationTemplate is empty"); - throw new ConfigurationException("MailAdminTemplate is empty"); - - } - } - - public String getMailAdminAddress() { - return props.getProperty("general.mail.admin.adress"); - } - - public String getConfigToolVersion() { - return parseVersionFromManifest(); - } - - public String getCertStoreDirectory() throws ConfigurationException { - String dir = props.getProperty("general.ssl.certstore"); - if (MiscUtil.isNotEmpty(dir)) - return FileUtils.makeAbsoluteURL(dir, configRootDir); - - else - throw new ConfigurationException("No SSLCertStore configured use default JAVA TrustStore."); - - } - - public String getTrustStoreDirectory() throws ConfigurationException { - String dir = props.getProperty("general.ssl.truststore"); - if (MiscUtil.isNotEmpty(dir)) - return FileUtils.makeAbsoluteURL(dir, configRootDir); - - else - throw new ConfigurationException("No SSLTrustStore configured use default JAVA TrustStore."); - - } - - public String getConfigurationEncryptionKey() { - return props.getProperty("general.moaconfig.key"); - - } - - public boolean isPVPMetadataSchemaValidationActive() { - return Boolean.parseBoolean(props.getProperty("general.pvp.schemavalidation", "true")); - - } - - /** - * @return - */ - private boolean isHostNameValidationEnabled() { - return Boolean.parseBoolean(props.getProperty("general.ssl.hostnamevalidation", "true")); - - } - - /** - * @return the context - */ - public ApplicationContext getContext() { - return context; - } - - /** - * @return the configModule - */ - public MOAIDConfigurationModul getConfigModule() { - return configModule; - } - - - - /** - * @return the dbRead - */ - public NewConfigurationDBRead getDbRead() { - return deprecatedDBRead; - } - - private void initalPVP2Login() throws ConfigurationException { - try { - - String metadataCert = getPVP2IDPMetadataCertificate(); - if (MiscUtil.isEmpty(metadataCert)) { - log.info("NO IDP Certificate to verify IDP Metadata"); - throw new ConfigurationException("NO IDP Certificate to verify IDP Metadata"); - } - - URL keystoreURL = new URL((FileUtils.makeAbsoluteURL(metadataCert, getConfigRootDir()))); - InputStream certstream = keystoreURL.openStream(); - X509Certificate cert = new X509Certificate(certstream); - BasicX509Credential idpCredential = new BasicX509Credential(); - idpCredential.setEntityCertificate(cert); - - log.debug("IDP Certificate loading finished"); - - String metadataurl = getPVP2IDPMetadataURL(); - if (MiscUtil.isEmpty(metadataurl)) { - log.info("NO IDP Metadata URL."); - throw new ConfigurationException("NO IDP Metadata URL."); - } - - MOAHttpClient httpClient = new MOAHttpClient(); - - if (metadataurl.startsWith("https:")) { - try { - MOAHttpProtocolSocketFactory protoSocketFactory = new MOAHttpProtocolSocketFactory( - "MOAMetaDataProvider", - true, - ConfigurationProvider.getInstance().getCertStoreDirectory(), - ConfigurationProvider.getInstance().getTrustStoreDirectory(), - null, - "pkix", - true, - new String[]{"crl"}, - ConfigurationProvider.getInstance().isHostNameValidationEnabled()); - - httpClient.setCustomSSLTrustStore(metadataurl, protoSocketFactory); - - } catch (MOAHttpProtocolSocketFactoryException e) { - log.warn("MOA SSL-TrustStore can not initialized. Use default Java TrustStore."); - - } - } - - idpMetadataProvider = new HTTPMetadataProvider(new Timer(true), httpClient, metadataurl); - idpMetadataProvider.setRequireValidMetadata(true); - idpMetadataProvider.setParserPool(new BasicParserPool()); - idpMetadataProvider.setMetadataFilter(new MetaDataVerificationFilter(idpCredential)); - idpMetadataProvider.setMaxRefreshDelay(1000 * 3600 * 12 ); //refresh Metadata every 12h - idpMetadataProvider.initialize(); - - pvp2logininitialzied = true; - - } catch (Exception e) { - log.warn("PVP2 authentification can not be initialized."); - throw new ConfigurationException("error.initialization.pvplogin", e); - } - } - - private String parseVersionFromManifest() { - - - - try { - Class clazz = ConfigurationProvider.class; - String className = clazz.getSimpleName() + ".class"; - String classPath = clazz.getResource(className).toString(); - - if (classPath.startsWith("jar")) { - log.info("MOA-ID-Configuration Version can NOT parsed from Manifest. Set blank Version"); - return Constants.DEFAULT_VERSION; - - } - - String manifestPath = classPath.substring(0, classPath.lastIndexOf("WEB-INF/classes/") + "WEB-INF/classes/".length()) + - "../../META-INF/MANIFEST.MF"; - - Manifest manifest = new Manifest(new URL(manifestPath).openStream());; - - Attributes attributes = manifest.getMainAttributes(); - String version = attributes.getValue("version"); - - if (MiscUtil.isNotEmpty(version)) - return version; - - else { - log.info("MOA-ID-Configuration Version not found in Manifest. Set blank Version"); - return Constants.DEFAULT_VERSION; - - } - - } catch (Throwable e) { - log.info("MOA-ID Version can NOT parsed from Manifest. Set blank Version"); - - return Constants.DEFAULT_VERSION; - } - - - } + } + + private String parseVersionFromManifest() { + + try { + final Class clazz = ConfigurationProvider.class; + final String className = clazz.getSimpleName() + ".class"; + final String classPath = clazz.getResource(className).toString(); + + if (classPath.startsWith("jar")) { + log.info("MOA-ID-Configuration Version can NOT parsed from Manifest. Set blank Version"); + return Constants.DEFAULT_VERSION; + + } + + final String manifestPath = classPath.substring(0, classPath.lastIndexOf("WEB-INF/classes/") + + "WEB-INF/classes/".length()) + + "../../META-INF/MANIFEST.MF"; + + final Manifest manifest = new Manifest(new URL(manifestPath).openStream()); + + final Attributes attributes = manifest.getMainAttributes(); + final String version = attributes.getValue("version"); + + if (MiscUtil.isNotEmpty(version)) { + return version; + } else { + log.info("MOA-ID-Configuration Version not found in Manifest. Set blank Version"); + return Constants.DEFAULT_VERSION; + + } + + } catch (final Throwable e) { + log.info("MOA-ID Version can NOT parsed from Manifest. Set blank Version"); + + return Constants.DEFAULT_VERSION; + } + + } } diff --git a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/data/FormularCustomization.java b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/data/FormularCustomization.java index ca0bb8ac4..a45bec654 100644 --- a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/data/FormularCustomization.java +++ b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/data/FormularCustomization.java @@ -34,8 +34,6 @@ import java.util.Map; import javax.servlet.http.HttpServletRequest; import javax.servlet.http.HttpSession; -import org.apache.log4j.Logger; - import at.gv.egovernment.moa.id.auth.frontend.utils.FormBuildUtils; import at.gv.egovernment.moa.id.commons.config.MOAIDConfigurationConstants; import at.gv.egovernment.moa.id.commons.db.dao.config.deprecated.AuthComponentOA; @@ -52,821 +50,815 @@ import at.gv.egovernment.moa.id.configuration.helper.LanguageHelper; import at.gv.egovernment.moa.id.configuration.validation.FormularCustomizationValitator; import at.gv.egovernment.moa.id.configuration.validation.oa.OAFileUploadValidation; import at.gv.egovernment.moa.util.MiscUtil; +import lombok.extern.slf4j.Slf4j; +@Slf4j public class FormularCustomization implements IOnlineApplicationData { - private static final Logger log = Logger.getLogger(FormularCustomization.class); - - private boolean showMandateLoginButton = true; - private boolean onlyMandateAllowed = false; - - private String fontType = null; - - private String frontColor = null; - private String backGroundColor = null; - private String header_FrontColor = null; - private String header_BackGroundColor = null; - private String header_text = null; - private String button_BackGroundColor = null; - private String button_BackGroundColorFocus = null; - private String button_FrontColor = null; - private String applet_height = null; - private String applet_width = null; - - private Map map = null; - - private String appletRedirectTarget = null; - public static List appletRedirectTargetList = null; - - public static List fontTypeList = null; - public String fontTypeListValue = null; - - private Map sendAssertionForm = new HashMap(); - private Map bkuSelectionForm = new HashMap(); - - private List bkuSelectionFileUpload = null; - private List bkuSelectionFileUploadContentType = null; - private List bkuSelectionFileUploadFileName = new ArrayList(); - private boolean deleteBKUTemplate = false; - - private List sendAssertionFileUpload = null; - private List sendAssertionFileUploadContentType = null; - private List sendAssertionFileUploadFileName = new ArrayList();; - private boolean deleteSendAssertionTemplate = false; - - private String aditionalAuthBlockText = null; - private boolean isHideBPKAuthBlock = false; - - private String saml2PostBindingTemplate = null; - private String mandateServiceSelectionTemplate = null; - - public FormularCustomization() { - new FormularCustomization(null); - } - - public FormularCustomization(Map map) { - appletRedirectTargetList = Arrays.asList("","_blank","_self","_parent","_top"); - fontTypeList = Arrays.asList("","Verdana","Geneva","Arial","Helvetica","sans-serif","Times New Roman"); - Collections.sort(fontTypeList); - - if (map == null) - this.map = FormBuildUtils.getDefaultMap(); - else - this.map = map; - - } - - /* (non-Javadoc) - * @see at.gv.egovernment.moa.id.configuration.data.oa.IOnlineApplicationData#getName() - */ - @Override - public String getName() { - return "OAFormularCustomization"; - } - - /* (non-Javadoc) - * @see at.gv.egovernment.moa.id.configuration.data.oa.IOnlineApplicationData#parse(at.gv.egovernment.moa.id.commons.db.dao.config.OnlineApplication, javax.servlet.http.HttpServletRequest) - */ - @Override - public List parse(OnlineApplication dbOA, AuthenticatedUser authUser, HttpServletRequest request) { - AuthComponentOA auth = dbOA.getAuthComponentOA(); - - mandateServiceSelectionTemplate = dbOA.getMandateServiceSelectionTemplateURL(); - saml2PostBindingTemplate = dbOA.getSaml2PostBindingTemplateURL(); - - if (dbOA.getAuthComponentOA() != null) - isHideBPKAuthBlock = dbOA.isRemoveBPKFromAuthBlock(); - - if (auth != null) { - TemplatesType templates = auth.getTemplates(); - - if (templates != null) { - aditionalAuthBlockText = templates.getAditionalAuthBlockText(); - - TransformsInfoType bkuSelectTemplate = templates.getBKUSelectionTemplate(); - if (bkuSelectTemplate != null - && MiscUtil.isNotEmpty(bkuSelectTemplate.getFilename()) - && !bkuSelectTemplate.getFilename().equals(MOAIDConfigurationConstants.WEBGUI_EMPTY_ELEMENT) - && !bkuSelectTemplate.getFilename().equals(MOAIDConfigurationConstants.WEBGUI_EMPTY_ELEMENT_EMPTY)) { - bkuSelectionFileUploadFileName.add(bkuSelectTemplate.getFilename()); - } - - TransformsInfoType sendAssertionTemplate = templates.getSendAssertionTemplate(); - if (sendAssertionTemplate != null - && MiscUtil.isNotEmpty(sendAssertionTemplate.getFilename()) - && !sendAssertionTemplate.getFilename().equals(MOAIDConfigurationConstants.WEBGUI_EMPTY_ELEMENT) - && !sendAssertionTemplate.getFilename().equals(MOAIDConfigurationConstants.WEBGUI_EMPTY_ELEMENT_EMPTY)) { - sendAssertionFileUploadFileName.add(sendAssertionTemplate.getFilename()); - } - - BKUSelectionCustomizationType formcustom = templates.getBKUSelectionCustomization(); - if (formcustom != null) { - - if (formcustom.isMandateLoginButton() != null) { - showMandateLoginButton = formcustom.isMandateLoginButton(); - } - - if (formcustom.isOnlyMandateLoginAllowed() != null) { - onlyMandateAllowed = formcustom.isOnlyMandateLoginAllowed(); - } - - if (formcustom.getAppletHeight() != null) { - applet_height = formcustom.getAppletHeight(); - } - - if (formcustom.getAppletHeight() != null) { - applet_width = formcustom.getAppletWidth(); - } - - if (MiscUtil.isNotEmpty(formcustom.getAppletRedirectTarget())) - appletRedirectTarget = formcustom.getAppletRedirectTarget(); - - if (MiscUtil.isNotEmpty(formcustom.getBackGroundColor())) { - backGroundColor = formcustom.getBackGroundColor(); - map.put(FormBuildUtils.PARAM_MAIN_BACKGROUNDCOLOR, formcustom.getBackGroundColor()); - } - - if (MiscUtil.isNotEmpty(formcustom.getButtonBackGroundColor())) { - button_BackGroundColor = formcustom.getButtonBackGroundColor(); - map.put(FormBuildUtils.PARAM_BUTTON_BACKGROUNDCOLOR, formcustom.getButtonBackGroundColor()); - } - - if (MiscUtil.isNotEmpty(formcustom.getButtonBackGroundColorFocus())) { - button_BackGroundColorFocus = formcustom.getButtonBackGroundColorFocus(); - map.put(FormBuildUtils.PARAM_BUTTON_BACKGROUNDCOLOR_FOCUS, formcustom.getButtonBackGroundColorFocus()); - } - - if (MiscUtil.isNotEmpty(formcustom.getButtonFontColor())) { - button_FrontColor = formcustom.getButtonFontColor(); - map.put(FormBuildUtils.PARAM_BUTTON_COLOR, formcustom.getButtonFontColor()); - } - - if (MiscUtil.isNotEmpty(formcustom.getFontType())) { - fontType = formcustom.getFontType(); - map.put(FormBuildUtils.PARAM_FONTFAMILY, formcustom.getFontType()); - } - - if (MiscUtil.isNotEmpty(formcustom.getFrontColor())) { - frontColor = formcustom.getFrontColor(); - map.put(FormBuildUtils.PARAM_MAIN_COLOR, formcustom.getFrontColor()); - } - - if (MiscUtil.isNotEmpty(formcustom.getHeaderBackGroundColor())) { - header_BackGroundColor = formcustom.getHeaderBackGroundColor(); - map.put(FormBuildUtils.PARAM_HEADER_BACKGROUNDCOLOR, formcustom.getHeaderBackGroundColor()); - } - - if (MiscUtil.isNotEmpty(formcustom.getHeaderFrontColor())) { - header_FrontColor = formcustom.getHeaderFrontColor(); - map.put(FormBuildUtils.PARAM_HEADER_COLOR, formcustom.getHeaderFrontColor()); - } - - if (MiscUtil.isNotEmpty(formcustom.getHeaderText())) { - header_text = formcustom.getHeaderText(); - map.put(FormBuildUtils.PARAM_HEADER_TEXT, formcustom.getHeaderText()); - } - } - } - } - - request.getSession().setAttribute(Constants.SESSION_BKUFORMPREVIEW, map); - - return null; - } - - /* (non-Javadoc) - * @see at.gv.egovernment.moa.id.configuration.data.oa.IOnlineApplicationData#store(at.gv.egovernment.moa.id.commons.db.dao.config.OnlineApplication, at.gv.egovernment.moa.id.configuration.auth.AuthenticatedUser, javax.servlet.http.HttpServletRequest) - */ - @Override - public String store(OnlineApplication dbOA, AuthenticatedUser authUser, - HttpServletRequest request) { - - AuthComponentOA authoa = dbOA.getAuthComponentOA(); - if (authoa == null) { - authoa = new AuthComponentOA(); - dbOA.setAuthComponentOA(authoa); - } - - dbOA.setRemoveBPKFromAuthBlock(isHideBPKAuthBlock()); - - dbOA.setMandateServiceSelectionTemplateURL(mandateServiceSelectionTemplate); - dbOA.setSaml2PostBindingTemplateURL(saml2PostBindingTemplate); - - TemplatesType templates = authoa.getTemplates(); - if (templates == null) { - templates = new TemplatesType(); - authoa.setTemplates(templates); - } - - templates.setAditionalAuthBlockText(getAditionalAuthBlockText()); - - //store BKU-selection and send-assertion templates - if (authUser.isAdmin()) { - - if (isDeleteBKUTemplate() && templates.getBKUSelectionTemplate() != null) { - //templates.setBKUSelectionTemplate(null); - templates.getBKUSelectionTemplate().setDelete(true); - } - - if (isDeleteSendAssertionTemplate() && templates.getSendAssertionTemplate() != null) { - //templates.setSendAssertionTemplate(null); - templates.getSendAssertionTemplate().setDelete(true); - } - - - if (bkuSelectionForm != null && bkuSelectionForm.size() > 0) { - TransformsInfoType template = new TransformsInfoType(); - - Iterator interator = bkuSelectionForm.keySet().iterator(); - template.setFilename(interator.next()); - template.setTransformation(bkuSelectionForm.get( - template.getFilename())); - - templates.setBKUSelectionTemplate(template); - } - - if (sendAssertionForm != null && sendAssertionForm.size() > 0) { - TransformsInfoType template = new TransformsInfoType(); - - Iterator interator = sendAssertionForm.keySet().iterator(); - template.setFilename(interator.next()); - template.setTransformation(sendAssertionForm.get( - template.getFilename())); - - templates.setSendAssertionTemplate(template); - } + private boolean showMandateLoginButton = true; + private boolean onlyMandateAllowed = false; + + private String fontType = null; + + private String frontColor = null; + private String backGroundColor = null; + private String header_FrontColor = null; + private String header_BackGroundColor = null; + private String header_text = null; + private String button_BackGroundColor = null; + private String button_BackGroundColorFocus = null; + private String button_FrontColor = null; + private String applet_height = null; + private String applet_width = null; + + private Map map = null; + + private String appletRedirectTarget = null; + public static List appletRedirectTargetList = null; + + public static List fontTypeList = null; + public String fontTypeListValue = null; + + private Map sendAssertionForm = new HashMap<>(); + private Map bkuSelectionForm = new HashMap<>(); + + private List bkuSelectionFileUpload = null; + private List bkuSelectionFileUploadContentType = null; + private List bkuSelectionFileUploadFileName = new ArrayList<>(); + private boolean deleteBKUTemplate = false; + + private List sendAssertionFileUpload = null; + private List sendAssertionFileUploadContentType = null; + private List sendAssertionFileUploadFileName = new ArrayList<>(); + private boolean deleteSendAssertionTemplate = false; + + private String aditionalAuthBlockText = null; + private boolean isHideBPKAuthBlock = false; + + private String saml2PostBindingTemplate = null; + private String mandateServiceSelectionTemplate = null; + + public FormularCustomization() { + new FormularCustomization(null); + } + + public FormularCustomization(Map map) { + appletRedirectTargetList = Arrays.asList("", "_blank", "_self", "_parent", "_top"); + fontTypeList = Arrays.asList("", "Verdana", "Geneva", "Arial", "Helvetica", "sans-serif", + "Times New Roman"); + Collections.sort(fontTypeList); + + if (map == null) { + this.map = FormBuildUtils.getDefaultMap(); + } else { + this.map = map; + } + + } + + /* + * (non-Javadoc) + * + * @see + * at.gv.egovernment.moa.id.configuration.data.oa.IOnlineApplicationData#getName + * () + */ + @Override + public String getName() { + return "OAFormularCustomization"; + } + + /* + * (non-Javadoc) + * + * @see + * at.gv.egovernment.moa.id.configuration.data.oa.IOnlineApplicationData#parse( + * at.gv.egovernment.moa.id.commons.db.dao.config.OnlineApplication, + * javax.servlet.http.HttpServletRequest) + */ + @Override + public List parse(OnlineApplication dbOA, AuthenticatedUser authUser, HttpServletRequest request) { + final AuthComponentOA auth = dbOA.getAuthComponentOA(); + + mandateServiceSelectionTemplate = dbOA.getMandateServiceSelectionTemplateURL(); + saml2PostBindingTemplate = dbOA.getSaml2PostBindingTemplateURL(); + + if (dbOA.getAuthComponentOA() != null) { + isHideBPKAuthBlock = dbOA.isRemoveBPKFromAuthBlock(); + } + + if (auth != null) { + final TemplatesType templates = auth.getTemplates(); + + if (templates != null) { + aditionalAuthBlockText = templates.getAditionalAuthBlockText(); + + final TransformsInfoType bkuSelectTemplate = templates.getBKUSelectionTemplate(); + if (bkuSelectTemplate != null + && MiscUtil.isNotEmpty(bkuSelectTemplate.getFilename()) + && !bkuSelectTemplate.getFilename().equals(MOAIDConfigurationConstants.WEBGUI_EMPTY_ELEMENT) + && !bkuSelectTemplate.getFilename().equals( + MOAIDConfigurationConstants.WEBGUI_EMPTY_ELEMENT_EMPTY)) { + bkuSelectionFileUploadFileName.add(bkuSelectTemplate.getFilename()); } - - BKUSelectionCustomizationType bkuselectioncustom = templates.getBKUSelectionCustomization(); - if (bkuselectioncustom == null) { - bkuselectioncustom = new BKUSelectionCustomizationType(); - templates.setBKUSelectionCustomization(bkuselectioncustom); + + final TransformsInfoType sendAssertionTemplate = templates.getSendAssertionTemplate(); + if (sendAssertionTemplate != null + && MiscUtil.isNotEmpty(sendAssertionTemplate.getFilename()) + && !sendAssertionTemplate.getFilename().equals(MOAIDConfigurationConstants.WEBGUI_EMPTY_ELEMENT) + && !sendAssertionTemplate.getFilename().equals( + MOAIDConfigurationConstants.WEBGUI_EMPTY_ELEMENT_EMPTY)) { + sendAssertionFileUploadFileName.add(sendAssertionTemplate.getFilename()); } - - if (authoa.getMandates() != null && - ((authoa.getMandates().getProfileName() != null - && authoa.getMandates().getProfileName().size() > 0) - || MiscUtil.isNotEmpty(authoa.getMandates().getProfiles()))) - - bkuselectioncustom.setMandateLoginButton(true); - else - bkuselectioncustom.setMandateLoginButton(false); - - bkuselectioncustom.setOnlyMandateLoginAllowed(isOnlyMandateAllowed()); - - bkuselectioncustom.setBackGroundColor(parseColor(getBackGroundColor())); - bkuselectioncustom.setFrontColor(parseColor(getFrontColor())); - - bkuselectioncustom.setHeaderBackGroundColor(parseColor(getHeader_BackGroundColor())); - bkuselectioncustom.setHeaderFrontColor(parseColor(getHeader_FrontColor())); - bkuselectioncustom.setHeaderText(getHeader_text()); - - bkuselectioncustom.setButtonBackGroundColor(parseColor(getButton_BackGroundColor())); - bkuselectioncustom.setButtonBackGroundColorFocus(parseColor(getButton_BackGroundColorFocus())); - bkuselectioncustom.setButtonFontColor(parseColor(getButton_FrontColor())); - - if (MiscUtil.isNotEmpty(getAppletRedirectTarget())) - bkuselectioncustom.setAppletRedirectTarget(getAppletRedirectTarget()); - - bkuselectioncustom.setFontType(getFontType()); - - bkuselectioncustom.setAppletHeight(getApplet_height()); - bkuselectioncustom.setAppletWidth(getApplet_width()); - - - return null; - } - - /* (non-Javadoc) - * @see at.gv.egovernment.moa.id.configuration.data.oa.IOnlineApplicationData#validate(at.gv.egovernment.moa.id.configuration.data.oa.OAGeneralConfig, at.gv.egovernment.moa.id.configuration.auth.AuthenticatedUser, javax.servlet.http.HttpServletRequest) - */ - @Override - public List validate(OAGeneralConfig general, - AuthenticatedUser authUser, HttpServletRequest request) { - - HttpSession session = request.getSession(); - List errors = new ArrayList(); - - String check = null; - if (authUser.isAdmin()) { - //validate aditionalAuthBlockText - check = getAditionalAuthBlockText(); - if (MiscUtil.isNotEmpty(check)) { - if (ValidationHelper.containsNotValidCharacter(check, false)) { - log.warn("AditionalAuthBlockText contains potentail XSS characters: " + check); - errors.add(LanguageHelper.getErrorString("validation.general.aditionalauthblocktext", - new Object[] {ValidationHelper.getNotValidCharacter(false)}, request )); - } - } - } - - OAFileUploadValidation valiator_fileUpload = new OAFileUploadValidation(); - //validate BKU-selection template - List templateError = valiator_fileUpload.validate(getBkuSelectionFileUploadFileName() - , getBkuSelectionFileUpload(), "validation.general.bkuselection", bkuSelectionForm, request); - if (templateError != null && templateError.size() == 0) { - if (bkuSelectionForm != null && bkuSelectionForm.size() > 0) - session.setAttribute(Constants.SESSION_BKUSELECTIONTEMPLATE, bkuSelectionForm); - - else - bkuSelectionForm = (Map) session.getAttribute(Constants.SESSION_BKUSELECTIONTEMPLATE); - - } else { - errors.addAll(templateError); + final BKUSelectionCustomizationType formcustom = templates.getBKUSelectionCustomization(); + if (formcustom != null) { + + if (formcustom.isMandateLoginButton() != null) { + showMandateLoginButton = formcustom.isMandateLoginButton(); + } + + if (formcustom.isOnlyMandateLoginAllowed() != null) { + onlyMandateAllowed = formcustom.isOnlyMandateLoginAllowed(); + } + + if (formcustom.getAppletHeight() != null) { + applet_height = formcustom.getAppletHeight(); + } + + if (formcustom.getAppletHeight() != null) { + applet_width = formcustom.getAppletWidth(); + } + + if (MiscUtil.isNotEmpty(formcustom.getAppletRedirectTarget())) { + appletRedirectTarget = formcustom.getAppletRedirectTarget(); + } + + if (MiscUtil.isNotEmpty(formcustom.getBackGroundColor())) { + backGroundColor = formcustom.getBackGroundColor(); + map.put(FormBuildUtils.PARAM_MAIN_BACKGROUNDCOLOR, formcustom.getBackGroundColor()); + } + + if (MiscUtil.isNotEmpty(formcustom.getButtonBackGroundColor())) { + button_BackGroundColor = formcustom.getButtonBackGroundColor(); + map.put(FormBuildUtils.PARAM_BUTTON_BACKGROUNDCOLOR, formcustom.getButtonBackGroundColor()); + } + + if (MiscUtil.isNotEmpty(formcustom.getButtonBackGroundColorFocus())) { + button_BackGroundColorFocus = formcustom.getButtonBackGroundColorFocus(); + map.put(FormBuildUtils.PARAM_BUTTON_BACKGROUNDCOLOR_FOCUS, formcustom + .getButtonBackGroundColorFocus()); + } + + if (MiscUtil.isNotEmpty(formcustom.getButtonFontColor())) { + button_FrontColor = formcustom.getButtonFontColor(); + map.put(FormBuildUtils.PARAM_BUTTON_COLOR, formcustom.getButtonFontColor()); + } + + if (MiscUtil.isNotEmpty(formcustom.getFontType())) { + fontType = formcustom.getFontType(); + map.put(FormBuildUtils.PARAM_FONTFAMILY, formcustom.getFontType()); + } + + if (MiscUtil.isNotEmpty(formcustom.getFrontColor())) { + frontColor = formcustom.getFrontColor(); + map.put(FormBuildUtils.PARAM_MAIN_COLOR, formcustom.getFrontColor()); + } + + if (MiscUtil.isNotEmpty(formcustom.getHeaderBackGroundColor())) { + header_BackGroundColor = formcustom.getHeaderBackGroundColor(); + map.put(FormBuildUtils.PARAM_HEADER_BACKGROUNDCOLOR, formcustom.getHeaderBackGroundColor()); + } + + if (MiscUtil.isNotEmpty(formcustom.getHeaderFrontColor())) { + header_FrontColor = formcustom.getHeaderFrontColor(); + map.put(FormBuildUtils.PARAM_HEADER_COLOR, formcustom.getHeaderFrontColor()); + } + + if (MiscUtil.isNotEmpty(formcustom.getHeaderText())) { + header_text = formcustom.getHeaderText(); + map.put(FormBuildUtils.PARAM_HEADER_TEXT, formcustom.getHeaderText()); + } } + } + } + + request.getSession().setAttribute(Constants.SESSION_BKUFORMPREVIEW, map); + + return null; + } + + /* + * (non-Javadoc) + * + * @see + * at.gv.egovernment.moa.id.configuration.data.oa.IOnlineApplicationData#store( + * at.gv.egovernment.moa.id.commons.db.dao.config.OnlineApplication, + * at.gv.egovernment.moa.id.configuration.auth.AuthenticatedUser, + * javax.servlet.http.HttpServletRequest) + */ + @Override + public String store(OnlineApplication dbOA, AuthenticatedUser authUser, + HttpServletRequest request) { + + AuthComponentOA authoa = dbOA.getAuthComponentOA(); + if (authoa == null) { + authoa = new AuthComponentOA(); + dbOA.setAuthComponentOA(authoa); + } - //validate send-assertion template - templateError = valiator_fileUpload.validate(getSendAssertionFileUploadFileName() - , getSendAssertionFileUpload(), "validation.general.sendassertion", sendAssertionForm, request); - if (templateError != null && templateError.size() == 0) { - if (sendAssertionForm != null && sendAssertionForm.size() > 0) - session.setAttribute(Constants.SESSION_SENDASSERTIONTEMPLATE, sendAssertionForm); + dbOA.setRemoveBPKFromAuthBlock(isHideBPKAuthBlock()); - else - sendAssertionForm = (Map) session.getAttribute(Constants.SESSION_SENDASSERTIONTEMPLATE); + dbOA.setMandateServiceSelectionTemplateURL(mandateServiceSelectionTemplate); + dbOA.setSaml2PostBindingTemplateURL(saml2PostBindingTemplate); - } else { - errors.addAll(templateError); + TemplatesType templates = authoa.getTemplates(); + if (templates == null) { + templates = new TemplatesType(); + authoa.setTemplates(templates); + } - } - - check = getSaml2PostBindingTemplate(); - if (MiscUtil.isNotEmpty(check) && ValidationHelper.isNotValidIdentityLinkSigner(check) ) { - log.info("URL to SAML2 POST-Binding template is not valid"); - errors.add(LanguageHelper.getErrorString("validation.general.templates.saml2.postbinding.valid", request)); - - } - - check = getMandateServiceSelectionTemplate(); - if (MiscUtil.isNotEmpty(check) && ValidationHelper.isNotValidIdentityLinkSigner(check) ) { - log.info("URL to mandate-service selection-template is not valid"); - errors.add(LanguageHelper.getErrorString("validation.general.templates.mandateserviceselection.valid", request)); - - } - - - //validate BKUFormCustomization - errors.addAll(new FormularCustomizationValitator().validate(this, request)); - - return errors; - } - - private String parseColor(String color) { - String value = ""; - - if (MiscUtil.isNotEmpty(color)) { - if (!color.startsWith("#")) - value = "#" + color; - else - value = color; - } - return value; + templates.setAditionalAuthBlockText(getAditionalAuthBlockText()); + + // store BKU-selection and send-assertion templates + if (authUser.isAdmin()) { + + if (isDeleteBKUTemplate() && templates.getBKUSelectionTemplate() != null) { + // templates.setBKUSelectionTemplate(null); + templates.getBKUSelectionTemplate().setDelete(true); + } + + if (isDeleteSendAssertionTemplate() && templates.getSendAssertionTemplate() != null) { + // templates.setSendAssertionTemplate(null); + templates.getSendAssertionTemplate().setDelete(true); + } + + if (bkuSelectionForm != null && bkuSelectionForm.size() > 0) { + final TransformsInfoType template = new TransformsInfoType(); + + final Iterator interator = bkuSelectionForm.keySet().iterator(); + template.setFilename(interator.next()); + template.setTransformation(bkuSelectionForm.get( + template.getFilename())); + + templates.setBKUSelectionTemplate(template); + } + + if (sendAssertionForm != null && sendAssertionForm.size() > 0) { + final TransformsInfoType template = new TransformsInfoType(); + + final Iterator interator = sendAssertionForm.keySet().iterator(); + template.setFilename(interator.next()); + template.setTransformation(sendAssertionForm.get( + template.getFilename())); + + templates.setSendAssertionTemplate(template); + } } - /** - * @return the showMandateLoginButton - */ - public boolean isShowMandateLoginButton() { - return showMandateLoginButton; - } + BKUSelectionCustomizationType bkuselectioncustom = templates.getBKUSelectionCustomization(); + if (bkuselectioncustom == null) { + bkuselectioncustom = new BKUSelectionCustomizationType(); + templates.setBKUSelectionCustomization(bkuselectioncustom); + } + + if (authoa.getMandates() != null && + (authoa.getMandates().getProfileName() != null + && authoa.getMandates().getProfileName().size() > 0 + || MiscUtil.isNotEmpty(authoa.getMandates().getProfiles()))) { + bkuselectioncustom.setMandateLoginButton(true); + } else { + bkuselectioncustom.setMandateLoginButton(false); + } + bkuselectioncustom.setOnlyMandateLoginAllowed(isOnlyMandateAllowed()); - /** - * @param showMandateLoginButton the showMandateLoginButton to set - */ - public void setShowMandateLoginButton(boolean showMandateLoginButton) { - this.showMandateLoginButton = showMandateLoginButton; - } + bkuselectioncustom.setBackGroundColor(parseColor(getBackGroundColor())); + bkuselectioncustom.setFrontColor(parseColor(getFrontColor())); + bkuselectioncustom.setHeaderBackGroundColor(parseColor(getHeader_BackGroundColor())); + bkuselectioncustom.setHeaderFrontColor(parseColor(getHeader_FrontColor())); + bkuselectioncustom.setHeaderText(getHeader_text()); - /** - * @return the onlyMandateAllowed - */ - public boolean isOnlyMandateAllowed() { - return onlyMandateAllowed; - } + bkuselectioncustom.setButtonBackGroundColor(parseColor(getButton_BackGroundColor())); + bkuselectioncustom.setButtonBackGroundColorFocus(parseColor(getButton_BackGroundColorFocus())); + bkuselectioncustom.setButtonFontColor(parseColor(getButton_FrontColor())); + if (MiscUtil.isNotEmpty(getAppletRedirectTarget())) { + bkuselectioncustom.setAppletRedirectTarget(getAppletRedirectTarget()); + } + + bkuselectioncustom.setFontType(getFontType()); + + bkuselectioncustom.setAppletHeight(getApplet_height()); + bkuselectioncustom.setAppletWidth(getApplet_width()); + + return null; + } + + /* + * (non-Javadoc) + * + * @see at.gv.egovernment.moa.id.configuration.data.oa.IOnlineApplicationData# + * validate(at.gv.egovernment.moa.id.configuration.data.oa.OAGeneralConfig, + * at.gv.egovernment.moa.id.configuration.auth.AuthenticatedUser, + * javax.servlet.http.HttpServletRequest) + */ + @Override + public List validate(OAGeneralConfig general, + AuthenticatedUser authUser, HttpServletRequest request) { + + final HttpSession session = request.getSession(); + final List errors = new ArrayList<>(); + + String check = null; + if (authUser.isAdmin()) { + // validate aditionalAuthBlockText + check = getAditionalAuthBlockText(); + if (MiscUtil.isNotEmpty(check)) { + if (ValidationHelper.containsNotValidCharacter(check, false)) { + log.warn("AditionalAuthBlockText contains potentail XSS characters: " + check); + errors.add(LanguageHelper.getErrorString("validation.general.aditionalauthblocktext", + new Object[] { ValidationHelper.getNotValidCharacter(false) }, request)); + } + } + } - /** - * @param onlyMandateAllowed the onlyMandateAllowed to set - */ - public void setOnlyMandateAllowed(boolean onlyMandateAllowed) { - this.onlyMandateAllowed = onlyMandateAllowed; - } + final OAFileUploadValidation valiator_fileUpload = new OAFileUploadValidation(); + // validate BKU-selection template + List templateError = valiator_fileUpload.validate(getBkuSelectionFileUploadFileName(), + getBkuSelectionFileUpload(), "validation.general.bkuselection", bkuSelectionForm, request); + if (templateError != null && templateError.size() == 0) { + if (bkuSelectionForm != null && bkuSelectionForm.size() > 0) { + session.setAttribute(Constants.SESSION_BKUSELECTIONTEMPLATE, bkuSelectionForm); + } else { + bkuSelectionForm = (Map) session.getAttribute(Constants.SESSION_BKUSELECTIONTEMPLATE); + } + } else { + errors.addAll(templateError); - /** - * @return the fontType - */ - public String getFontType() { - return fontType; - } + } + // validate send-assertion template + templateError = valiator_fileUpload.validate(getSendAssertionFileUploadFileName(), + getSendAssertionFileUpload(), "validation.general.sendassertion", sendAssertionForm, request); + if (templateError != null && templateError.size() == 0) { + if (sendAssertionForm != null && sendAssertionForm.size() > 0) { + session.setAttribute(Constants.SESSION_SENDASSERTIONTEMPLATE, sendAssertionForm); + } else { + sendAssertionForm = (Map) session.getAttribute( + Constants.SESSION_SENDASSERTIONTEMPLATE); + } - /** - * @param fontType the fontType to set - */ - public void setFontType(String fontType) { - this.fontType = fontType; - } + } else { + errors.addAll(templateError); + } - /** - * @return the frontColor - */ - public String getFrontColor() { - return frontColor; - } + check = getSaml2PostBindingTemplate(); + if (MiscUtil.isNotEmpty(check) && ValidationHelper.isNotValidIdentityLinkSigner(check)) { + log.info("URL to SAML2 POST-Binding template is not valid"); + errors.add(LanguageHelper.getErrorString("validation.general.templates.saml2.postbinding.valid", + request)); + } - /** - * @param frontColor the frontColor to set - */ - public void setFrontColor(String frontColor) { - this.frontColor = frontColor; - } + check = getMandateServiceSelectionTemplate(); + if (MiscUtil.isNotEmpty(check) && ValidationHelper.isNotValidIdentityLinkSigner(check)) { + log.info("URL to mandate-service selection-template is not valid"); + errors.add(LanguageHelper.getErrorString("validation.general.templates.mandateserviceselection.valid", + request)); + } - /** - * @return the backGroundColor - */ - public String getBackGroundColor() { - return backGroundColor; - } + // validate BKUFormCustomization + errors.addAll(new FormularCustomizationValitator().validate(this, request)); + return errors; + } - /** - * @param backGroundColor the backGroundColor to set - */ - public void setBackGroundColor(String backGroundColor) { - this.backGroundColor = backGroundColor; - } + private String parseColor(String color) { + String value = ""; + if (MiscUtil.isNotEmpty(color)) { + if (!color.startsWith("#")) { + value = "#" + color; + } else { + value = color; + } + } + return value; + } + + /** + * @return the showMandateLoginButton + */ + public boolean isShowMandateLoginButton() { + return showMandateLoginButton; + } + + /** + * @param showMandateLoginButton the showMandateLoginButton to set + */ + public void setShowMandateLoginButton(boolean showMandateLoginButton) { + this.showMandateLoginButton = showMandateLoginButton; + } + + /** + * @return the onlyMandateAllowed + */ + public boolean isOnlyMandateAllowed() { + return onlyMandateAllowed; + } + + /** + * @param onlyMandateAllowed the onlyMandateAllowed to set + */ + public void setOnlyMandateAllowed(boolean onlyMandateAllowed) { + this.onlyMandateAllowed = onlyMandateAllowed; + } + + /** + * @return the fontType + */ + public String getFontType() { + return fontType; + } + + /** + * @param fontType the fontType to set + */ + public void setFontType(String fontType) { + this.fontType = fontType; + } + + /** + * @return the frontColor + */ + public String getFrontColor() { + return frontColor; + } + + /** + * @param frontColor the frontColor to set + */ + public void setFrontColor(String frontColor) { + this.frontColor = frontColor; + } + + /** + * @return the backGroundColor + */ + public String getBackGroundColor() { + return backGroundColor; + } + + /** + * @param backGroundColor the backGroundColor to set + */ + public void setBackGroundColor(String backGroundColor) { + this.backGroundColor = backGroundColor; + } + + /** + * @return the header_FrontColor + */ + public String getHeader_FrontColor() { + return header_FrontColor; + } + + /** + * @param header_FrontColor the header_FrontColor to set + */ + public void setHeader_FrontColor(String header_FrontColor) { + this.header_FrontColor = header_FrontColor; + } + + /** + * @return the header_BackGroundColor + */ + public String getHeader_BackGroundColor() { + return header_BackGroundColor; + } + + /** + * @param header_BackGroundColor the header_BackGroundColor to set + */ + public void setHeader_BackGroundColor(String header_BackGroundColor) { + this.header_BackGroundColor = header_BackGroundColor; + } + + /** + * @return the header_text + */ + public String getHeader_text() { + return header_text; + } + + /** + * @param header_text the header_text to set + */ + public void setHeader_text(String header_text) { + this.header_text = header_text; + } + + /** + * @return the button_BackGroundColor + */ + public String getButton_BackGroundColor() { + return button_BackGroundColor; + } + + /** + * @param button_BackGroundColor the button_BackGroundColor to set + */ + public void setButton_BackGroundColor(String button_BackGroundColor) { + this.button_BackGroundColor = button_BackGroundColor; + } + + /** + * @return the button_BackGroundColorFocus + */ + public String getButton_BackGroundColorFocus() { + return button_BackGroundColorFocus; + } + + /** + * @param button_BackGroundColorFocus the button_BackGroundColorFocus to set + */ + public void setButton_BackGroundColorFocus(String button_BackGroundColorFocus) { + this.button_BackGroundColorFocus = button_BackGroundColorFocus; + } + + /** + * @return the button_FrontColor + */ + public String getButton_FrontColor() { + return button_FrontColor; + } + + /** + * @param button_FrontColor the button_FrontColor to set + */ + public void setButton_FrontColor(String button_FrontColor) { + this.button_FrontColor = button_FrontColor; + } + + /** + * @return the appletRedirectTarget + */ + public String getAppletRedirectTarget() { + return appletRedirectTarget; + } + + /** + * @param appletRedirectTarget the appletRedirectTarget to set + */ + public void setAppletRedirectTarget(String appletRedirectTarget) { + this.appletRedirectTarget = appletRedirectTarget; + } + + /** + * @return the appletredirecttargetlist + */ + public List getAppletRedirectTargetList() { + return appletRedirectTargetList; + } + + /** + * @return the fontTypeList + */ + public List getFontTypeList() { + return fontTypeList; + } + + /** + * @return the fontTypeListValue + */ + public String getFontTypeListValue() { + return fontTypeListValue; + } + + /** + * @param fontTypeListValue the fontTypeListValue to set + */ + public void setFontTypeListValue(String fontTypeListValue) { + this.fontTypeListValue = fontTypeListValue; + } + + /** + * @return the applet_height + */ + public String getApplet_height() { + return applet_height; + } + + /** + * @param applet_height the applet_height to set + */ + public void setApplet_height(String applet_height) { + this.applet_height = applet_height; + } + + /** + * @return the applet_width + */ + public String getApplet_width() { + return applet_width; + } + + /** + * @param applet_width the applet_width to set + */ + public void setApplet_width(String applet_width) { + this.applet_width = applet_width; + } + + /** + * @return the bkuSelectionFileUpload + */ + public List getBkuSelectionFileUpload() { + return bkuSelectionFileUpload; + } + + /** + * @param bkuSelectionFileUpload the bkuSelectionFileUpload to set + */ + public void setBkuSelectionFileUpload(List bkuSelectionFileUpload) { + this.bkuSelectionFileUpload = bkuSelectionFileUpload; + } + + /** + * @return the bkuSelectionFileUploadContentType + */ + public List getBkuSelectionFileUploadContentType() { + return bkuSelectionFileUploadContentType; + } + + /** + * @param bkuSelectionFileUploadContentType the + * bkuSelectionFileUploadContentType to + * set + */ + public void setBkuSelectionFileUploadContentType( + List bkuSelectionFileUploadContentType) { + this.bkuSelectionFileUploadContentType = bkuSelectionFileUploadContentType; + } + + /** + * @return the bkuSelectionFileUploadFileName + */ + public List getBkuSelectionFileUploadFileName() { + return bkuSelectionFileUploadFileName; + } + + /** + * @param bkuSelectionFileUploadFileName the bkuSelectionFileUploadFileName to + * set + */ + public void setBkuSelectionFileUploadFileName( + List bkuSelectionFileUploadFileName) { + this.bkuSelectionFileUploadFileName = bkuSelectionFileUploadFileName; + } + + /** + * @return the sendAssertionFileUpload + */ + public List getSendAssertionFileUpload() { + return sendAssertionFileUpload; + } + + /** + * @param sendAssertionFileUpload the sendAssertionFileUpload to set + */ + public void setSendAssertionFileUpload(List sendAssertionFileUpload) { + this.sendAssertionFileUpload = sendAssertionFileUpload; + } + + /** + * @return the sendAssertionFileUploadContentType + */ + public List getSendAssertionFileUploadContentType() { + return sendAssertionFileUploadContentType; + } + + /** + * @param sendAssertionFileUploadContentType the + * sendAssertionFileUploadContentType + * to set + */ + public void setSendAssertionFileUploadContentType( + List sendAssertionFileUploadContentType) { + this.sendAssertionFileUploadContentType = sendAssertionFileUploadContentType; + } + + /** + * @return the sendAssertionFileUploadFileName + */ + public List getSendAssertionFileUploadFileName() { + return sendAssertionFileUploadFileName; + } + + /** + * @param sendAssertionFileUploadFileName the sendAssertionFileUploadFileName to + * set + */ + public void setSendAssertionFileUploadFileName( + List sendAssertionFileUploadFileName) { + this.sendAssertionFileUploadFileName = sendAssertionFileUploadFileName; + } + + /** + * @return the deleteBKUTemplate + */ + public boolean isDeleteBKUTemplate() { + return deleteBKUTemplate; + } + + /** + * @param deleteBKUTemplate the deleteBKUTemplate to set + */ + public void setDeleteBKUTemplate(boolean deleteBKUTemplate) { + this.deleteBKUTemplate = deleteBKUTemplate; + } + + /** + * @return the deleteSendAssertionTemplate + */ + public boolean isDeleteSendAssertionTemplate() { + return deleteSendAssertionTemplate; + } + + /** + * @param deleteSendAssertionTemplate the deleteSendAssertionTemplate to set + */ + public void setDeleteSendAssertionTemplate(boolean deleteSendAssertionTemplate) { + this.deleteSendAssertionTemplate = deleteSendAssertionTemplate; + } + + /** + * @return the aditionalAuthBlockText + */ + public String getAditionalAuthBlockText() { + return aditionalAuthBlockText; + } + + /** + * @param aditionalAuthBlockText the aditionalAuthBlockText to set + */ + public void setAditionalAuthBlockText(String aditionalAuthBlockText) { + this.aditionalAuthBlockText = aditionalAuthBlockText; + } + + /** + * @return the isHideBPKAuthBlock + */ + public boolean isHideBPKAuthBlock() { + return isHideBPKAuthBlock; + } + + /** + * @param isHideBPKAuthBlock the isHideBPKAuthBlock to set + */ + public void setHideBPKAuthBlock(boolean isHideBPKAuthBlock) { + this.isHideBPKAuthBlock = isHideBPKAuthBlock; + } + + /** + * @return the map + */ + public Map getFormMap() { + return map; + } + + /** + * @return the saml2PostBindingTemplate + */ + public String getSaml2PostBindingTemplate() { + return saml2PostBindingTemplate; + } + + /** + * @param saml2PostBindingTemplate the saml2PostBindingTemplate to set + */ + public void setSaml2PostBindingTemplate(String saml2PostBindingTemplate) { + this.saml2PostBindingTemplate = saml2PostBindingTemplate; + } + + /** + * @return the mandateServiceSelectionTemplate + */ + public String getMandateServiceSelectionTemplate() { + return mandateServiceSelectionTemplate; + } + + /** + * @param mandateServiceSelectionTemplate the mandateServiceSelectionTemplate to + * set + */ + public void setMandateServiceSelectionTemplate(String mandateServiceSelectionTemplate) { + this.mandateServiceSelectionTemplate = mandateServiceSelectionTemplate; + } - /** - * @return the header_FrontColor - */ - public String getHeader_FrontColor() { - return header_FrontColor; - } - - - /** - * @param header_FrontColor the header_FrontColor to set - */ - public void setHeader_FrontColor(String header_FrontColor) { - this.header_FrontColor = header_FrontColor; - } - - - /** - * @return the header_BackGroundColor - */ - public String getHeader_BackGroundColor() { - return header_BackGroundColor; - } - - - /** - * @param header_BackGroundColor the header_BackGroundColor to set - */ - public void setHeader_BackGroundColor(String header_BackGroundColor) { - this.header_BackGroundColor = header_BackGroundColor; - } - - - /** - * @return the header_text - */ - public String getHeader_text() { - return header_text; - } - - - /** - * @param header_text the header_text to set - */ - public void setHeader_text(String header_text) { - this.header_text = header_text; - } - - - /** - * @return the button_BackGroundColor - */ - public String getButton_BackGroundColor() { - return button_BackGroundColor; - } - - - /** - * @param button_BackGroundColor the button_BackGroundColor to set - */ - public void setButton_BackGroundColor(String button_BackGroundColor) { - this.button_BackGroundColor = button_BackGroundColor; - } - - - /** - * @return the button_BackGroundColorFocus - */ - public String getButton_BackGroundColorFocus() { - return button_BackGroundColorFocus; - } - - - /** - * @param button_BackGroundColorFocus the button_BackGroundColorFocus to set - */ - public void setButton_BackGroundColorFocus(String button_BackGroundColorFocus) { - this.button_BackGroundColorFocus = button_BackGroundColorFocus; - } - - - /** - * @return the button_FrontColor - */ - public String getButton_FrontColor() { - return button_FrontColor; - } - - - /** - * @param button_FrontColor the button_FrontColor to set - */ - public void setButton_FrontColor(String button_FrontColor) { - this.button_FrontColor = button_FrontColor; - } - - - /** - * @return the appletRedirectTarget - */ - public String getAppletRedirectTarget() { - return appletRedirectTarget; - } - - /** - * @param appletRedirectTarget the appletRedirectTarget to set - */ - public void setAppletRedirectTarget(String appletRedirectTarget) { - this.appletRedirectTarget = appletRedirectTarget; - } - - - /** - * @return the appletredirecttargetlist - */ - public List getAppletRedirectTargetList() { - return appletRedirectTargetList; - } - - /** - * @return the fontTypeList - */ - public List getFontTypeList() { - return fontTypeList; - } - - /** - * @return the fontTypeListValue - */ - public String getFontTypeListValue() { - return fontTypeListValue; - } - - /** - * @param fontTypeListValue the fontTypeListValue to set - */ - public void setFontTypeListValue(String fontTypeListValue) { - this.fontTypeListValue = fontTypeListValue; - } - - /** - * @return the applet_height - */ - public String getApplet_height() { - return applet_height; - } - - /** - * @param applet_height the applet_height to set - */ - public void setApplet_height(String applet_height) { - this.applet_height = applet_height; - } - - /** - * @return the applet_width - */ - public String getApplet_width() { - return applet_width; - } - - /** - * @param applet_width the applet_width to set - */ - public void setApplet_width(String applet_width) { - this.applet_width = applet_width; - } - - - - /** - * @return the bkuSelectionFileUpload - */ - public List getBkuSelectionFileUpload() { - return bkuSelectionFileUpload; - } - - - /** - * @param bkuSelectionFileUpload the bkuSelectionFileUpload to set - */ - public void setBkuSelectionFileUpload(List bkuSelectionFileUpload) { - this.bkuSelectionFileUpload = bkuSelectionFileUpload; - } - - - /** - * @return the bkuSelectionFileUploadContentType - */ - public List getBkuSelectionFileUploadContentType() { - return bkuSelectionFileUploadContentType; - } - - - /** - * @param bkuSelectionFileUploadContentType the bkuSelectionFileUploadContentType to set - */ - public void setBkuSelectionFileUploadContentType( - List bkuSelectionFileUploadContentType) { - this.bkuSelectionFileUploadContentType = bkuSelectionFileUploadContentType; - } - - - /** - * @return the bkuSelectionFileUploadFileName - */ - public List getBkuSelectionFileUploadFileName() { - return bkuSelectionFileUploadFileName; - } - - - /** - * @param bkuSelectionFileUploadFileName the bkuSelectionFileUploadFileName to set - */ - public void setBkuSelectionFileUploadFileName( - List bkuSelectionFileUploadFileName) { - this.bkuSelectionFileUploadFileName = bkuSelectionFileUploadFileName; - } - - - /** - * @return the sendAssertionFileUpload - */ - public List getSendAssertionFileUpload() { - return sendAssertionFileUpload; - } - - - /** - * @param sendAssertionFileUpload the sendAssertionFileUpload to set - */ - public void setSendAssertionFileUpload(List sendAssertionFileUpload) { - this.sendAssertionFileUpload = sendAssertionFileUpload; - } - - - /** - * @return the sendAssertionFileUploadContentType - */ - public List getSendAssertionFileUploadContentType() { - return sendAssertionFileUploadContentType; - } - - - /** - * @param sendAssertionFileUploadContentType the sendAssertionFileUploadContentType to set - */ - public void setSendAssertionFileUploadContentType( - List sendAssertionFileUploadContentType) { - this.sendAssertionFileUploadContentType = sendAssertionFileUploadContentType; - } - - - /** - * @return the sendAssertionFileUploadFileName - */ - public List getSendAssertionFileUploadFileName() { - return sendAssertionFileUploadFileName; - } - - - /** - * @param sendAssertionFileUploadFileName the sendAssertionFileUploadFileName to set - */ - public void setSendAssertionFileUploadFileName( - List sendAssertionFileUploadFileName) { - this.sendAssertionFileUploadFileName = sendAssertionFileUploadFileName; - } - - - /** - * @return the deleteBKUTemplate - */ - public boolean isDeleteBKUTemplate() { - return deleteBKUTemplate; - } - - - /** - * @param deleteBKUTemplate the deleteBKUTemplate to set - */ - public void setDeleteBKUTemplate(boolean deleteBKUTemplate) { - this.deleteBKUTemplate = deleteBKUTemplate; - } - - - /** - * @return the deleteSendAssertionTemplate - */ - public boolean isDeleteSendAssertionTemplate() { - return deleteSendAssertionTemplate; - } - - - /** - * @param deleteSendAssertionTemplate the deleteSendAssertionTemplate to set - */ - public void setDeleteSendAssertionTemplate(boolean deleteSendAssertionTemplate) { - this.deleteSendAssertionTemplate = deleteSendAssertionTemplate; - } - - /** - * @return the aditionalAuthBlockText - */ - public String getAditionalAuthBlockText() { - return aditionalAuthBlockText; - } - - /** - * @param aditionalAuthBlockText the aditionalAuthBlockText to set - */ - public void setAditionalAuthBlockText(String aditionalAuthBlockText) { - this.aditionalAuthBlockText = aditionalAuthBlockText; - } - - /** - * @return the isHideBPKAuthBlock - */ - public boolean isHideBPKAuthBlock() { - return isHideBPKAuthBlock; - } - - /** - * @param isHideBPKAuthBlock the isHideBPKAuthBlock to set - */ - public void setHideBPKAuthBlock(boolean isHideBPKAuthBlock) { - this.isHideBPKAuthBlock = isHideBPKAuthBlock; - } - - /** - * @return the map - */ - public Map getFormMap() { - return map; - } - - /** - * @return the saml2PostBindingTemplate - */ - public String getSaml2PostBindingTemplate() { - return saml2PostBindingTemplate; - } - - /** - * @param saml2PostBindingTemplate the saml2PostBindingTemplate to set - */ - public void setSaml2PostBindingTemplate(String saml2PostBindingTemplate) { - this.saml2PostBindingTemplate = saml2PostBindingTemplate; - } - - /** - * @return the mandateServiceSelectionTemplate - */ - public String getMandateServiceSelectionTemplate() { - return mandateServiceSelectionTemplate; - } - - /** - * @param mandateServiceSelectionTemplate the mandateServiceSelectionTemplate to set - */ - public void setMandateServiceSelectionTemplate(String mandateServiceSelectionTemplate) { - this.mandateServiceSelectionTemplate = mandateServiceSelectionTemplate; - } - - - } diff --git a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/data/GeneralMOAIDConfig.java b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/data/GeneralMOAIDConfig.java index 3929238f6..e7b4bfa3b 100644 --- a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/data/GeneralMOAIDConfig.java +++ b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/data/GeneralMOAIDConfig.java @@ -63,434 +63,444 @@ import at.gv.egovernment.moa.util.MiscUtil; public class GeneralMOAIDConfig { - public static final long DEFAULTTIMEOUTASSERTION = 120; //sec - public static final long DEFAULTTIMEOUTMOASESSIONCREATED = 1200; //sec - public static final long DEFAULTTIMEOUTMOASESSIONUPDATED = 2700; //sec - - public static final String LINE_DELIMITER = ";"; - - private String alternativeSourceID = null; + public static final long DEFAULTTIMEOUTASSERTION = 120; // sec + public static final long DEFAULTTIMEOUTMOASESSIONCREATED = 1200; // sec + public static final long DEFAULTTIMEOUTMOASESSIONUPDATED = 2700; // sec + + public static final String LINE_DELIMITER = ";"; + + private String alternativeSourceID = null; // private String certStoreDirectory = null; - private boolean trustmanagerrevocationcheck = true; - - private String timeoutAssertion = String.valueOf(DEFAULTTIMEOUTASSERTION); - private String timeoutMOASessionCreated = String.valueOf(DEFAULTTIMEOUTMOASESSIONCREATED); - private String timeoutMOASessionUpdated = String.valueOf(DEFAULTTIMEOUTMOASESSIONUPDATED); - - private String moaspssURL = null; - private String moaspssAuthTrustProfile = null; - private String moaspssAuthTransformations = ""; - private List authTransformList = null; - private String moaspssIdlTrustProfile = null; - - private String moaspssIdlTrustProfileTest = null; - private String moaspssAuthTrustProfileTest = null; - - private String mandateURL = null; - private String szrgwURL = null; - private String elgaMandateServiceURL = null; - private String eidSystemServiceURL = null; - - private boolean protocolActiveSAML1 = false; - private boolean protocolActivePVP21 = true; - private boolean protocolActiveOAuth = true; - - private boolean legacy_saml1 = false; - private boolean legacy_pvp2 = false; - - private String saml1SourceID = null; - - private String pvp2IssuerName = null; - private String pvp2OrgName = null; - private String pvp2OrgDisplayName = null; - private String pvp2OrgURL = null; - private ContactForm pvp2Contact = null; - - private List fileUpload = null; - private List fileUploadContentType; - private List fileUploadFileName = new ArrayList(); - private Map secLayerTransformation = null; - - private String ssoTarget = null; - private String ssoFriendlyName = null; - private String ssoSpecialText = null; - private String ssoIdentificationNumber = null; - - private String defaultchainigmode = null; - private static Map chainigmodelist; - - private String trustedCACerts = null; - - - private String defaultBKUOnline = ""; - private String defaultBKULocal = "https://127.0.0.1:3496/https-security-layer-request"; - private String defaultBKUHandy = "https://www.handy-signatur.at/mobile/https-security-layer-request/default.aspx"; - - private String SLRequestTemplateOnline = "SLTemplates/template_onlineBKU.html"; - private String SLRequestTemplateLocal = "SLTemplates/template_handyBKU.html"; - private String SLRequestTemplateHandy = "SLTemplates/template_handyBKU.html"; - - private String publicURLPrefix = null; - private boolean virtualPublicURLPrefixEnabled = false; - - private boolean moaidMode = false; - - public GeneralMOAIDConfig() { - try { - this.moaidMode = ConfigurationProvider.getInstance().isMOAIDMode(); - } catch (ConfigurationException e) { - e.printStackTrace(); - - } - - chainigmodelist = new HashMap(); - ChainingModeType[] values = ChainingModeType.values(); - for (int i=0; i authBlockTrans = dbconfig.getAuthComponentGeneral().getSecurityLayer().getTransformsInfo(); - - if (authBlockTrans != null && !authBlockTrans.isEmpty()) { - if (secLayerTransformation == null) - secLayerTransformation = new HashMap(); - for (TransformsInfoType el : authBlockTrans) - secLayerTransformation.put(el.getFilename(), el.getTransformation()); - - } - } - - } catch (Exception e) { - - } - - } - - public void parse(MOAIDConfiguration config) { - - if (config != null) { - AuthComponentGeneral auth = config.getAuthComponentGeneral(); - - //get ELGA mandate service URLs from configuration - if (MiscUtil.isNotEmpty(config.getEidSystemServiceURLs())) { - if (KeyValueUtils.isCSVValueString(config.getEidSystemServiceURLs())) - eidSystemServiceURL = KeyValueUtils.normalizeCSVValueString(config.getEidSystemServiceURLs()); - - else { - if (config.getEidSystemServiceURLs().contains(KeyValueUtils.CSV_DELIMITER)) { - //remove trailing comma if exist - eidSystemServiceURL = config.getEidSystemServiceURLs().substring(0, - config.getEidSystemServiceURLs().indexOf(KeyValueUtils.CSV_DELIMITER)); - - } else - eidSystemServiceURL = config.getEidSystemServiceURLs(); - - } - } - - - //get ELGA mandate service URLs from configuration - if (MiscUtil.isNotEmpty(config.getElgaMandateServiceURLs())) { - if (KeyValueUtils.isCSVValueString(config.getElgaMandateServiceURLs())) - elgaMandateServiceURL = KeyValueUtils.normalizeCSVValueString(config.getElgaMandateServiceURLs()); - - else { - if (config.getElgaMandateServiceURLs().contains(KeyValueUtils.CSV_DELIMITER)) { - //remove trailing comma if exist - elgaMandateServiceURL = config.getElgaMandateServiceURLs().substring(0, - config.getElgaMandateServiceURLs().indexOf(KeyValueUtils.CSV_DELIMITER)); - - } else - elgaMandateServiceURL = config.getElgaMandateServiceURLs(); - - } - } - - - - if (auth != null) { - - GeneralConfiguration authgen = auth.getGeneralConfiguration(); - if (authgen != null) { - alternativeSourceID = authgen.getAlternativeSourceID(); - //certStoreDirectory = authgen.getCertStoreDirectory(); - if (authgen.isTrustManagerRevocationChecking() != null) - trustmanagerrevocationcheck = authgen.isTrustManagerRevocationChecking(); - - virtualPublicURLPrefixEnabled = - KeyValueUtils.isCSVValueString(authgen.getPublicURLPreFix()); - - if (virtualPublicURLPrefixEnabled) { - //format CSV values with newlines - publicURLPrefix = KeyValueUtils.normalizeCSVValueString( - authgen.getPublicURLPreFix()); - - } else { - String tmp = authgen.getPublicURLPreFix(); - if (tmp.contains(KeyValueUtils.CSV_DELIMITER)) { - //remove trailing comma if exist - publicURLPrefix = tmp.substring(0, - tmp.indexOf(KeyValueUtils.CSV_DELIMITER)); - - } else - publicURLPrefix = tmp; - } - - TimeOuts timeouts = authgen.getTimeOuts(); - if (timeouts != null) { - - if(timeouts.getAssertion() != null) - timeoutAssertion = String.valueOf(timeouts.getAssertion().longValue()); - if(timeouts.getMOASessionCreated() != null) - timeoutMOASessionCreated = String.valueOf(timeouts.getMOASessionCreated().longValue()); - if(timeouts.getMOASessionUpdated() != null) - timeoutMOASessionUpdated = String.valueOf(timeouts.getMOASessionUpdated().longValue()); - - } - - - //deactive STORK - if (isMoaidMode()) { - ForeignIdentities foreign = auth.getForeignIdentities(); - if (foreign != null) { - ConnectionParameterClientAuthType connect_foreign = foreign.getConnectionParameter(); - if (connect_foreign != null) { - if (MiscUtil.isNotEmpty(connect_foreign.getURL())) { - if (KeyValueUtils.isCSVValueString(connect_foreign.getURL())) - szrgwURL = KeyValueUtils.normalizeCSVValueString(connect_foreign.getURL()); - - else { - if (connect_foreign.getURL().contains(KeyValueUtils.CSV_DELIMITER)) { - //remove trailing comma if exist - szrgwURL = connect_foreign.getURL().substring(0, - connect_foreign.getURL().indexOf(KeyValueUtils.CSV_DELIMITER)); - - } else - szrgwURL = connect_foreign.getURL(); - - } - - } - } - - STORK stork = foreign.getSTORK(); - if (stork != null) { - //TODO: add Stork config - - } - } - } - - } - - if (isMoaidMode()) { - MOASP moaspss = auth.getMOASP(); - if (moaspss != null) { - ConnectionParameterClientAuthType con = moaspss.getConnectionParameter(); - if (con != null) - moaspssURL = con.getURL(); - - VerifyAuthBlock authblock = moaspss.getVerifyAuthBlock(); - if (authblock != null) { - moaspssAuthTrustProfile = authblock.getTrustProfileID(); - moaspssAuthTrustProfileTest = authblock.getTestTrustProfileID(); - - List list = authblock.getVerifyTransformsInfoProfileID(); - if (list.size() == 1) - moaspssAuthTransformations += list.get(0); - else { - for (String el : list) - moaspssAuthTransformations += el + LINE_DELIMITER + "\n"; - } - } - - VerifyIdentityLink idl = moaspss.getVerifyIdentityLink(); - if (idl != null) { - moaspssIdlTrustProfile = idl.getTrustProfileID(); - moaspssIdlTrustProfileTest = idl.getTestTrustProfileID(); - } - } - - OnlineMandates mandates = auth.getOnlineMandates(); - if (mandates != null) { - ConnectionParameterClientAuthType con = mandates.getConnectionParameter(); - if (con != null) { - if (MiscUtil.isNotEmpty(con.getURL())) { - if (KeyValueUtils.isCSVValueString(con.getURL())) - mandateURL = KeyValueUtils.normalizeCSVValueString(con.getURL()); - - else { - if (con.getURL().contains(KeyValueUtils.CSV_DELIMITER)) { - //remove trailing comma if exist - mandateURL = con.getURL().substring(0, - con.getURL().indexOf(KeyValueUtils.CSV_DELIMITER)); - - } else - mandateURL = con.getURL(); - - } - - } - - } - } - } - - Protocols protocols = auth.getProtocols(); - if (protocols != null) { - LegacyAllowed legacy = protocols.getLegacyAllowed(); - - if (legacy != null) { - List list = legacy.getProtocolName(); - if (list.contains(Constants.MOA_CONFIG_PROTOCOL_SAML1)) - legacy_saml1 = true; - - if (list.contains(Constants.MOA_CONFIG_PROTOCOL_PVP2)) - legacy_pvp2 = true; - } - - SAML1 saml1 = protocols.getSAML1(); - if (saml1 != null) { - protocolActiveSAML1 = saml1.isIsActive(); - saml1SourceID = saml1.getSourceID(); - - //TODO: could removed in a later version - if (MiscUtil.isEmpty(saml1SourceID) && MiscUtil.isNotEmpty(alternativeSourceID)) - saml1SourceID = alternativeSourceID; - - } - - if (isMoaidMode()) { - OAuth oauth = protocols.getOAuth(); - if (oauth != null) { - protocolActiveOAuth = oauth.isIsActive(); - - } - - } - - PVP2 pvp2 = protocols.getPVP2(); - if (pvp2 != null) { - - protocolActivePVP21 = pvp2.isIsActive(); - - //INFO: only for backup - if (MiscUtil.isEmpty(publicURLPrefix)) - publicURLPrefix = pvp2.getPublicURLPrefix(); - - pvp2IssuerName = pvp2.getIssuerName(); - - List con = pvp2.getContact(); - - //TODO: change to support more contacts - if (con != null && con.size() > 0) { - pvp2Contact = new ContactForm(con.get(0)); - - } - - Organization org = pvp2.getOrganization(); - if (org != null) { - pvp2OrgDisplayName = org.getDisplayName(); - pvp2OrgName = org.getName(); - pvp2OrgURL = org.getURL(); - } - } - - } - - if (isMoaidMode()) { - SecurityLayer seclayer = auth.getSecurityLayer(); - if (seclayer != null) { - List list = seclayer.getTransformsInfo(); - - for (TransformsInfoType el : list) { - fileUploadFileName.add(el.getFilename()); - } - } - - SSO sso = auth.getSSO(); - if (sso != null) { - ssoFriendlyName = sso.getFriendlyName(); - - // IdentificationNumber idl = sso.getIdentificationNumber(); - // if (idl != null) - // ssoIdentificationNumber = idl.getValue(); - - //INFO: only for backup - if (MiscUtil.isEmpty(publicURLPrefix)) - publicURLPrefix = sso.getPublicURL(); - - ssoSpecialText = sso.getSpecialText(); - - if (MiscUtil.isNotEmpty(sso.getTarget()) && - sso.getTarget().startsWith(Constants.PREFIX_WPBK)) { - ssoTarget = sso.getTarget().substring(Constants.PREFIX_WPBK.length()). - replace("+", ""); - - } else - ssoTarget = sso.getTarget(); - - } - } - - ChainingModes modes = config.getChainingModes(); - if (modes != null) { - ChainingModeType defaultmode = modes.getSystemDefaultMode(); - if (defaultmode != null) { - - defaultchainigmode = defaultmode.value(); - - } - - List trustanchor = modes.getTrustAnchor(); - if (trustanchor != null) { - //TODO: set addional trust anchors!!!! - } - } - - DefaultBKUs defaultbkus = config.getDefaultBKUs(); - if (defaultbkus != null) { - defaultBKUHandy = defaultbkus.getHandyBKU(); - defaultBKULocal = defaultbkus.getLocalBKU(); - defaultBKUOnline = defaultbkus.getOnlineBKU(); - } - - SLRequestTemplates slreq = config.getSLRequestTemplates(); - if (slreq != null) { - SLRequestTemplateHandy = slreq.getHandyBKU(); - SLRequestTemplateLocal = slreq.getLocalBKU(); - SLRequestTemplateOnline = slreq.getOnlineBKU(); - } - - } - - trustedCACerts = config.getTrustedCACertificates(); - - - - } - } - - /** - * @return the szrgwURL - */ - public String getSzrgwURL() { - return szrgwURL; - } - - /** - * @param szrgwURL the szrgwURL to set - */ - public void setSzrgwURL(String szrgwURL) { - if (MiscUtil.isNotEmpty(szrgwURL)) - this.szrgwURL = KeyValueUtils.removeAllNewlineFromString(szrgwURL); - else - this.szrgwURL = szrgwURL; - } + private boolean trustmanagerrevocationcheck = true; + + private String timeoutAssertion = String.valueOf(DEFAULTTIMEOUTASSERTION); + private String timeoutMOASessionCreated = String.valueOf(DEFAULTTIMEOUTMOASESSIONCREATED); + private String timeoutMOASessionUpdated = String.valueOf(DEFAULTTIMEOUTMOASESSIONUPDATED); + + private String moaspssURL = null; + private String moaspssAuthTrustProfile = null; + private String moaspssAuthTransformations = ""; + private List authTransformList = null; + private String moaspssIdlTrustProfile = null; + + private String moaspssIdlTrustProfileTest = null; + private String moaspssAuthTrustProfileTest = null; + + private String mandateURL = null; + private String szrgwURL = null; + private String elgaMandateServiceURL = null; + private String eidSystemServiceURL = null; + + private boolean protocolActiveSAML1 = false; + private boolean protocolActivePVP21 = true; + private boolean protocolActiveOAuth = true; + + private boolean legacy_saml1 = false; + private boolean legacy_pvp2 = false; + + private String saml1SourceID = null; + + private String pvp2IssuerName = null; + private String pvp2OrgName = null; + private String pvp2OrgDisplayName = null; + private String pvp2OrgURL = null; + private ContactForm pvp2Contact = null; + + private List fileUpload = null; + private List fileUploadContentType; + private List fileUploadFileName = new ArrayList<>(); + private Map secLayerTransformation = null; + + private String ssoTarget = null; + private String ssoFriendlyName = null; + private String ssoSpecialText = null; + private String ssoIdentificationNumber = null; + + private String defaultchainigmode = null; + private static Map chainigmodelist; + + private String trustedCACerts = null; + + private String defaultBKUOnline = ""; + private String defaultBKULocal = "https://127.0.0.1:3496/https-security-layer-request"; + private String defaultBKUHandy = + "https://www.handy-signatur.at/mobile/https-security-layer-request/default.aspx"; + + private String SLRequestTemplateOnline = "SLTemplates/template_onlineBKU.html"; + private String SLRequestTemplateLocal = "SLTemplates/template_handyBKU.html"; + private String SLRequestTemplateHandy = "SLTemplates/template_handyBKU.html"; + + private String publicURLPrefix = null; + private boolean virtualPublicURLPrefixEnabled = false; + + private boolean moaidMode = false; + + public GeneralMOAIDConfig() { + try { + this.moaidMode = ConfigurationProvider.getInstance().isMOAIDMode(); + } catch (final ConfigurationException e) { + e.printStackTrace(); + + } + + chainigmodelist = new HashMap<>(); + final ChainingModeType[] values = ChainingModeType.values(); + for (final ChainingModeType value : values) { + chainigmodelist.put(value.value(), value.value()); + } + + try { + final ConfigurationProvider config = ConfigurationProvider.getInstance(); + if (config != null) { + final MOAIDConfiguration dbconfig = config.getDbRead().getMOAIDConfiguration(); + final List authBlockTrans = dbconfig.getAuthComponentGeneral().getSecurityLayer() + .getTransformsInfo(); + + if (authBlockTrans != null && !authBlockTrans.isEmpty()) { + if (secLayerTransformation == null) { + secLayerTransformation = new HashMap<>(); + } + for (final TransformsInfoType el : authBlockTrans) { + secLayerTransformation.put(el.getFilename(), el.getTransformation()); + } + + } + } + + } catch (final Exception e) { + + } + + } + + public void parse(MOAIDConfiguration config) { + + if (config != null) { + final AuthComponentGeneral auth = config.getAuthComponentGeneral(); + + // get ELGA mandate service URLs from configuration + if (MiscUtil.isNotEmpty(config.getEidSystemServiceURLs())) { + if (KeyValueUtils.isCSVValueString(config.getEidSystemServiceURLs())) { + eidSystemServiceURL = KeyValueUtils.normalizeCSVValueString(config.getEidSystemServiceURLs()); + } else { + if (config.getEidSystemServiceURLs().contains(KeyValueUtils.CSV_DELIMITER)) { + // remove trailing comma if exist + eidSystemServiceURL = config.getEidSystemServiceURLs().substring(0, + config.getEidSystemServiceURLs().indexOf(KeyValueUtils.CSV_DELIMITER)); + + } else { + eidSystemServiceURL = config.getEidSystemServiceURLs(); + } + + } + } + + // get ELGA mandate service URLs from configuration + if (MiscUtil.isNotEmpty(config.getElgaMandateServiceURLs())) { + if (KeyValueUtils.isCSVValueString(config.getElgaMandateServiceURLs())) { + elgaMandateServiceURL = KeyValueUtils.normalizeCSVValueString(config.getElgaMandateServiceURLs()); + } else { + if (config.getElgaMandateServiceURLs().contains(KeyValueUtils.CSV_DELIMITER)) { + // remove trailing comma if exist + elgaMandateServiceURL = config.getElgaMandateServiceURLs().substring(0, + config.getElgaMandateServiceURLs().indexOf(KeyValueUtils.CSV_DELIMITER)); + + } else { + elgaMandateServiceURL = config.getElgaMandateServiceURLs(); + } + + } + } + + if (auth != null) { + + final GeneralConfiguration authgen = auth.getGeneralConfiguration(); + if (authgen != null) { + alternativeSourceID = authgen.getAlternativeSourceID(); + // certStoreDirectory = authgen.getCertStoreDirectory(); + if (authgen.isTrustManagerRevocationChecking() != null) { + trustmanagerrevocationcheck = authgen.isTrustManagerRevocationChecking(); + } + + virtualPublicURLPrefixEnabled = + KeyValueUtils.isCSVValueString(authgen.getPublicURLPreFix()); + + if (virtualPublicURLPrefixEnabled) { + // format CSV values with newlines + publicURLPrefix = KeyValueUtils.normalizeCSVValueString( + authgen.getPublicURLPreFix()); + + } else { + final String tmp = authgen.getPublicURLPreFix(); + if (tmp.contains(KeyValueUtils.CSV_DELIMITER)) { + // remove trailing comma if exist + publicURLPrefix = tmp.substring(0, + tmp.indexOf(KeyValueUtils.CSV_DELIMITER)); + + } else { + publicURLPrefix = tmp; + } + } + + final TimeOuts timeouts = authgen.getTimeOuts(); + if (timeouts != null) { + + if (timeouts.getAssertion() != null) { + timeoutAssertion = String.valueOf(timeouts.getAssertion().longValue()); + } + if (timeouts.getMOASessionCreated() != null) { + timeoutMOASessionCreated = String.valueOf(timeouts.getMOASessionCreated().longValue()); + } + if (timeouts.getMOASessionUpdated() != null) { + timeoutMOASessionUpdated = String.valueOf(timeouts.getMOASessionUpdated().longValue()); + } + + } + + // deactive STORK + if (isMoaidMode()) { + final ForeignIdentities foreign = auth.getForeignIdentities(); + if (foreign != null) { + final ConnectionParameterClientAuthType connect_foreign = foreign.getConnectionParameter(); + if (connect_foreign != null) { + if (MiscUtil.isNotEmpty(connect_foreign.getURL())) { + if (KeyValueUtils.isCSVValueString(connect_foreign.getURL())) { + szrgwURL = KeyValueUtils.normalizeCSVValueString(connect_foreign.getURL()); + } else { + if (connect_foreign.getURL().contains(KeyValueUtils.CSV_DELIMITER)) { + // remove trailing comma if exist + szrgwURL = connect_foreign.getURL().substring(0, + connect_foreign.getURL().indexOf(KeyValueUtils.CSV_DELIMITER)); + + } else { + szrgwURL = connect_foreign.getURL(); + } + + } + + } + } + + final STORK stork = foreign.getSTORK(); + if (stork != null) { + // TODO: add Stork config + + } + } + } + + } + + if (isMoaidMode()) { + final MOASP moaspss = auth.getMOASP(); + if (moaspss != null) { + final ConnectionParameterClientAuthType con = moaspss.getConnectionParameter(); + if (con != null) { + moaspssURL = con.getURL(); + } + + final VerifyAuthBlock authblock = moaspss.getVerifyAuthBlock(); + if (authblock != null) { + moaspssAuthTrustProfile = authblock.getTrustProfileID(); + moaspssAuthTrustProfileTest = authblock.getTestTrustProfileID(); + + final List list = authblock.getVerifyTransformsInfoProfileID(); + if (list.size() == 1) { + moaspssAuthTransformations += list.get(0); + } else { + for (final String el : list) { + moaspssAuthTransformations += el + LINE_DELIMITER + "\n"; + } + } + } + + final VerifyIdentityLink idl = moaspss.getVerifyIdentityLink(); + if (idl != null) { + moaspssIdlTrustProfile = idl.getTrustProfileID(); + moaspssIdlTrustProfileTest = idl.getTestTrustProfileID(); + } + } + + final OnlineMandates mandates = auth.getOnlineMandates(); + if (mandates != null) { + final ConnectionParameterClientAuthType con = mandates.getConnectionParameter(); + if (con != null) { + if (MiscUtil.isNotEmpty(con.getURL())) { + if (KeyValueUtils.isCSVValueString(con.getURL())) { + mandateURL = KeyValueUtils.normalizeCSVValueString(con.getURL()); + } else { + if (con.getURL().contains(KeyValueUtils.CSV_DELIMITER)) { + // remove trailing comma if exist + mandateURL = con.getURL().substring(0, + con.getURL().indexOf(KeyValueUtils.CSV_DELIMITER)); + + } else { + mandateURL = con.getURL(); + } + + } + + } + + } + } + } + + final Protocols protocols = auth.getProtocols(); + if (protocols != null) { + final LegacyAllowed legacy = protocols.getLegacyAllowed(); + + if (legacy != null) { + final List list = legacy.getProtocolName(); + if (list.contains(Constants.MOA_CONFIG_PROTOCOL_SAML1)) { + legacy_saml1 = true; + } + + if (list.contains(Constants.MOA_CONFIG_PROTOCOL_PVP2)) { + legacy_pvp2 = true; + } + } + + final SAML1 saml1 = protocols.getSAML1(); + if (saml1 != null) { + protocolActiveSAML1 = saml1.isIsActive(); + saml1SourceID = saml1.getSourceID(); + + // TODO: could removed in a later version + if (MiscUtil.isEmpty(saml1SourceID) && MiscUtil.isNotEmpty(alternativeSourceID)) { + saml1SourceID = alternativeSourceID; + } + + } + + if (isMoaidMode()) { + final OAuth oauth = protocols.getOAuth(); + if (oauth != null) { + protocolActiveOAuth = oauth.isIsActive(); + + } + + } + + final PVP2 pvp2 = protocols.getPVP2(); + if (pvp2 != null) { + + protocolActivePVP21 = pvp2.isIsActive(); + + // INFO: only for backup + if (MiscUtil.isEmpty(publicURLPrefix)) { + publicURLPrefix = pvp2.getPublicURLPrefix(); + } + + pvp2IssuerName = pvp2.getIssuerName(); + + final List con = pvp2.getContact(); + + // TODO: change to support more contacts + if (con != null && con.size() > 0) { + pvp2Contact = new ContactForm(con.get(0)); + + } + + final Organization org = pvp2.getOrganization(); + if (org != null) { + pvp2OrgDisplayName = org.getDisplayName(); + pvp2OrgName = org.getName(); + pvp2OrgURL = org.getURL(); + } + } + + } + + if (isMoaidMode()) { + final SecurityLayer seclayer = auth.getSecurityLayer(); + if (seclayer != null) { + final List list = seclayer.getTransformsInfo(); + + for (final TransformsInfoType el : list) { + fileUploadFileName.add(el.getFilename()); + } + } + + final SSO sso = auth.getSSO(); + if (sso != null) { + ssoFriendlyName = sso.getFriendlyName(); + + // IdentificationNumber idl = sso.getIdentificationNumber(); + // if (idl != null) + // ssoIdentificationNumber = idl.getValue(); + + // INFO: only for backup + if (MiscUtil.isEmpty(publicURLPrefix)) { + publicURLPrefix = sso.getPublicURL(); + } + + ssoSpecialText = sso.getSpecialText(); + + if (MiscUtil.isNotEmpty(sso.getTarget()) && + sso.getTarget().startsWith(Constants.PREFIX_WPBK)) { + ssoTarget = sso.getTarget().substring(Constants.PREFIX_WPBK.length()).replace("+", ""); + + } else { + ssoTarget = sso.getTarget(); + } + + } + } + + final ChainingModes modes = config.getChainingModes(); + if (modes != null) { + final ChainingModeType defaultmode = modes.getSystemDefaultMode(); + if (defaultmode != null) { + + defaultchainigmode = defaultmode.value(); + + } + + final List trustanchor = modes.getTrustAnchor(); + if (trustanchor != null) { + // TODO: set addional trust anchors!!!! + } + } + + final DefaultBKUs defaultbkus = config.getDefaultBKUs(); + if (defaultbkus != null) { + defaultBKUHandy = defaultbkus.getHandyBKU(); + defaultBKULocal = defaultbkus.getLocalBKU(); + defaultBKUOnline = defaultbkus.getOnlineBKU(); + } + + final SLRequestTemplates slreq = config.getSLRequestTemplates(); + if (slreq != null) { + SLRequestTemplateHandy = slreq.getHandyBKU(); + SLRequestTemplateLocal = slreq.getLocalBKU(); + SLRequestTemplateOnline = slreq.getOnlineBKU(); + } + + } + + trustedCACerts = config.getTrustedCACertificates(); + + } + } + + /** + * @return the szrgwURL + */ + public String getSzrgwURL() { + return szrgwURL; + } + + /** + * @param szrgwURL the szrgwURL to set + */ + public void setSzrgwURL(String szrgwURL) { + if (MiscUtil.isNotEmpty(szrgwURL)) { + this.szrgwURL = KeyValueUtils.removeAllNewlineFromString(szrgwURL); + } else { + this.szrgwURL = szrgwURL; + } + } // /** // * @return the certStoreDirectory @@ -506,662 +516,665 @@ public class GeneralMOAIDConfig { // this.certStoreDirectory = certStoreDirectory; // } - /** - * @return the timeoutAssertion - */ - public String getTimeoutAssertion() { - return timeoutAssertion; - } - - /** - * @param timeoutAssertion the timeoutAssertion to set - */ - public void setTimeoutAssertion(String timeoutAssertion) { - this.timeoutAssertion = timeoutAssertion; - } - - /** - * @return the timeoutMOASessionCreated - */ - public String getTimeoutMOASessionCreated() { - return timeoutMOASessionCreated; - } - - /** - * @param timeoutMOASessionCreated the timeoutMOASessionCreated to set - */ - public void setTimeoutMOASessionCreated(String timeoutMOASessionCreated) { - this.timeoutMOASessionCreated = timeoutMOASessionCreated; - } - - /** - * @return the timeoutMOASessionUpdated - */ - public String getTimeoutMOASessionUpdated() { - return timeoutMOASessionUpdated; - } - - /** - * @param timeoutMOASessionUpdated the timeoutMOASessionUpdated to set - */ - public void setTimeoutMOASessionUpdated(String timeoutMOASessionUpdated) { - this.timeoutMOASessionUpdated = timeoutMOASessionUpdated; - } - - /** - * @return the moaspssURL - */ - public String getMoaspssURL() { - return moaspssURL; - } - - /** - * @param moaspssURL the moaspssURL to set - */ - public void setMoaspssURL(String moaspssURL) { - this.moaspssURL = moaspssURL; - } - - /** - * @return the moaspssAuthTrustProfile - */ - public String getMoaspssAuthTrustProfile() { - return moaspssAuthTrustProfile; - } - - /** - * @param moaspssAuthTrustProfile the moaspssAuthTrustProfile to set - */ - public void setMoaspssAuthTrustProfile(String moaspssAuthTrustProfile) { - this.moaspssAuthTrustProfile = moaspssAuthTrustProfile; - } - - /** - * @return the moaspssAuthTransformations - */ - public String getMoaspssAuthTransformations() { - return moaspssAuthTransformations; - } - - /** - * @param moaspssAuthTransformations the moaspssAuthTransformations to set - */ - public void setMoaspssAuthTransformations(String moaspssAuthTransformations) { - this.moaspssAuthTransformations = moaspssAuthTransformations; - } - - /** - * @return the moaspssIdlTrustProfile - */ - public String getMoaspssIdlTrustProfile() { - return moaspssIdlTrustProfile; - } - - /** - * @param moaspssIdlTrustProfile the moaspssIdlTrustProfile to set - */ - public void setMoaspssIdlTrustProfile(String moaspssIdlTrustProfile) { - this.moaspssIdlTrustProfile = moaspssIdlTrustProfile; - } - - /** - * @return the mandateURL - */ - public String getMandateURL() { - return mandateURL; - } - - /** - * @param mandateURL the mandateURL to set - */ - public void setMandateURL(String mandateURL) { - if (MiscUtil.isNotEmpty(mandateURL)) - this.mandateURL = KeyValueUtils.removeAllNewlineFromString(mandateURL); - else - this.mandateURL = mandateURL; - } - - /** - * @return the legacy_saml1 - */ - public boolean isLegacy_saml1() { - return legacy_saml1; - } - - /** - * @param legacy_saml1 the legacy_saml1 to set - */ - public void setLegacy_saml1(boolean legacy_saml1) { - this.legacy_saml1 = legacy_saml1; - } - - /** - * @return the legacy_pvp2 - */ - public boolean isLegacy_pvp2() { - return legacy_pvp2; - } - - /** - * @param legacy_pvp2 the legacy_pvp2 to set - */ - public void setLegacy_pvp2(boolean legacy_pvp2) { - this.legacy_pvp2 = legacy_pvp2; - } - - /** - * @return the pvp2IssuerName - */ - public String getPvp2IssuerName() { - return pvp2IssuerName; - } - - /** - * @param pvp2IssuerName the pvp2IssuerName to set - */ - public void setPvp2IssuerName(String pvp2IssuerName) { - this.pvp2IssuerName = pvp2IssuerName; - } - - /** - * @return the pvp2OrgName - */ - public String getPvp2OrgName() { - return pvp2OrgName; - } - - /** - * @param pvp2OrgName the pvp2OrgName to set - */ - public void setPvp2OrgName(String pvp2OrgName) { - this.pvp2OrgName = pvp2OrgName; - } - - /** - * @return the pvp2OrgDisplayName - */ - public String getPvp2OrgDisplayName() { - return pvp2OrgDisplayName; - } - - /** - * @param pvp2OrgDisplayName the pvp2OrgDisplayName to set - */ - public void setPvp2OrgDisplayName(String pvp2OrgDisplayName) { - this.pvp2OrgDisplayName = pvp2OrgDisplayName; - } - - /** - * @return the pvp2OrgURL - */ - public String getPvp2OrgURL() { - return pvp2OrgURL; - } - - /** - * @param pvp2OrgURL the pvp2OrgURL to set - */ - public void setPvp2OrgURL(String pvp2OrgURL) { - this.pvp2OrgURL = pvp2OrgURL; - } - - /** - * @return the pvp2Contact - */ - public ContactForm getPvp2Contact() { - return pvp2Contact; - } - - /** - * @param pvp2Contact the pvp2Contact to set - */ - public void setPvp2Contact(ContactForm pvp2Contact) { - this.pvp2Contact = pvp2Contact; - } - - /** - * @return the fileUpload - */ - public List getFileUpload() { - return fileUpload; - } - - /** - * @param fileUpload the fileUpload to set - */ - public void setFileUpload(List fileUpload) { - this.fileUpload = fileUpload; - } - - /** - * @return the fileUploadContentType - */ - public List getFileUploadContentType() { - return fileUploadContentType; - } - - /** - * @param fileUploadContentType the fileUploadContentType to set - */ - public void setFileUploadContentType(List fileUploadContentType) { - this.fileUploadContentType = fileUploadContentType; - } - - /** - * @return the fileUploadFileName - */ - public List getFileUploadFileName() { - return fileUploadFileName; - } - - /** - * @param fileUploadFileName the fileUploadFileName to set - */ - public void setFileUploadFileName(List fileUploadFileName) { - this.fileUploadFileName = fileUploadFileName; - } - - /** - * @return the ssoTarget - */ - public String getSsoTarget() { - return ssoTarget; - } - - /** - * @param ssoTarget the ssoTarget to set - */ - public void setSsoTarget(String ssoTarget) { - this.ssoTarget = ssoTarget; - } - - /** - * @return the ssoFriendlyName - */ - public String getSsoFriendlyName() { - return ssoFriendlyName; - } - - /** - * @param ssoFriendlyName the ssoFriendlyName to set - */ - public void setSsoFriendlyName(String ssoFriendlyName) { - this.ssoFriendlyName = ssoFriendlyName; - } - - /** - * @return the ssoSpecialText - */ - public String getSsoSpecialText() { - return ssoSpecialText; - } - - /** - * @param ssoSpecialText the ssoSpecialText to set - */ - public void setSsoSpecialText(String ssoSpecialText) { - this.ssoSpecialText = ssoSpecialText; - } - - /** - * @return the ssoIdentificationNumber - */ - public String getSsoIdentificationNumber() { - return ssoIdentificationNumber; - } - - /** - * @param ssoIdentificationNumber the ssoIdentificationNumber to set - */ - public void setSsoIdentificationNumber(String ssoIdentificationNumber) { - this.ssoIdentificationNumber = ssoIdentificationNumber; - } - - /** - * @return the defaultchainigmode - */ - public String getDefaultchainigmode() { - return defaultchainigmode; - } - - /** - * @param defaultchainigmode the defaultchainigmode to set - */ - public void setDefaultchainigmode(String defaultchainigmode) { - this.defaultchainigmode = defaultchainigmode; - } - - /** - * @return the defaultBKUOnline - */ - public String getDefaultBKUOnline() { - return defaultBKUOnline; - } - - /** - * @param defaultBKUOnline the defaultBKUOnline to set - */ - public void setDefaultBKUOnline(String defaultBKUOnline) { - this.defaultBKUOnline = defaultBKUOnline; - } - - /** - * @return the defaultBKULocal - */ - public String getDefaultBKULocal() { - return defaultBKULocal; - } - - /** - * @param defaultBKULocal the defaultBKULocal to set - */ - public void setDefaultBKULocal(String defaultBKULocal) { - this.defaultBKULocal = defaultBKULocal; - } - - /** - * @return the defaultBKUHandy - */ - public String getDefaultBKUHandy() { - return defaultBKUHandy; - } - - /** - * @param defaultBKUHandy the defaultBKUHandy to set - */ - public void setDefaultBKUHandy(String defaultBKUHandy) { - this.defaultBKUHandy = defaultBKUHandy; - } - - /** - * @return the sLRequestTemplateOnline - */ - public String getSLRequestTemplateOnline() { - return SLRequestTemplateOnline; - } - - /** - * @param sLRequestTemplateOnline the sLRequestTemplateOnline to set - */ - public void setSLRequestTemplateOnline(String sLRequestTemplateOnline) { - SLRequestTemplateOnline = sLRequestTemplateOnline; - } - - /** - * @return the sLRequestTemplateLocal - */ - public String getSLRequestTemplateLocal() { - return SLRequestTemplateLocal; - } - - /** - * @param sLRequestTemplateLocal the sLRequestTemplateLocal to set - */ - public void setSLRequestTemplateLocal(String sLRequestTemplateLocal) { - SLRequestTemplateLocal = sLRequestTemplateLocal; - } - - /** - * @return the sLRequestTemplateHandy - */ - public String getSLRequestTemplateHandy() { - return SLRequestTemplateHandy; - } - - /** - * @param sLRequestTemplateHandy the sLRequestTemplateHandy to set - */ - public void setSLRequestTemplateHandy(String sLRequestTemplateHandy) { - SLRequestTemplateHandy = sLRequestTemplateHandy; - } - - /** - * @return the trustmanagerrevocationcheck - */ - public boolean isTrustmanagerrevocationcheck() { - return trustmanagerrevocationcheck; - } - - /** - * @param trustmanagerrevocationcheck the trustmanagerrevocationcheck to set - */ - public void setTrustmanagerrevocationcheck(boolean trustmanagerrevocationcheck) { - this.trustmanagerrevocationcheck = trustmanagerrevocationcheck; - } - - /** - * @return the trustedCACerts - */ - public String getTrustedCACerts() { - return trustedCACerts; - } - - /** - * @param trustedCACerts the trustedCACerts to set - */ - public void setTrustedCACerts(String trustedCACerts) { - this.trustedCACerts = trustedCACerts; - } - - /** - * @return the chainigmodelist - */ - public Map getChainigmodelist() { - return chainigmodelist; - } - - /** - * @param chainigmodelist the chainigmodelist to set - */ - public void setChainigmodelist(Map chainigmodelist) { - GeneralMOAIDConfig.chainigmodelist = chainigmodelist; - } - - /** - * @return the secLayerTransformation - */ - public Map getSecLayerTransformation() { - - return secLayerTransformation; - } - - /** - * @param secLayerTransformation the secLayerTransformation to set - */ - public void setSecLayerTransformation(Map secLayerTransformation) { - this.secLayerTransformation = secLayerTransformation; - } - - /** - * @return the authTransformList - */ - public List getAuthTransformList() { - return authTransformList; - } - - /** - * @param authTransformList the authTransformList to set - */ - public void setAuthTransformList(List authTransformList) { - this.authTransformList = authTransformList; - } - - - - - public void setFileUpload(File fileUpload) { - if (this.fileUpload == null) - this.fileUpload = new ArrayList(); - this.fileUpload.add(fileUpload); - } - - public void setFileUploadContentType(String fileUploadContentType) { - if (this.fileUploadContentType == null) - this.fileUploadContentType = new ArrayList(); - this.fileUploadContentType.add(fileUploadContentType); - } - - public void setFileUploadFileName(String fileUploadFileName) { - if (this.fileUploadFileName == null) - this.fileUploadFileName = new ArrayList(); - this.fileUploadFileName.add(fileUploadFileName); - } - - /** - * @return the protocolActiveSAML1 - */ - public boolean isProtocolActiveSAML1() { - return protocolActiveSAML1; - } - - /** - * @param protocolActiveSAML1 the protocolActiveSAML1 to set - */ - public void setProtocolActiveSAML1(boolean protocolActiveSAML1) { - this.protocolActiveSAML1 = protocolActiveSAML1; - } - - /** - * @return the protocolActivePVP21 - */ - public boolean isProtocolActivePVP21() { - return protocolActivePVP21; - } - - /** - * @param protocolActivePVP21 the protocolActivePVP21 to set - */ - public void setProtocolActivePVP21(boolean protocolActivePVP21) { - this.protocolActivePVP21 = protocolActivePVP21; - } - - /** - * @return the protocolActiveOAuth - */ - public boolean isProtocolActiveOAuth() { - return protocolActiveOAuth; - } - - /** - * @param protocolActiveOAuth the protocolActiveOAuth to set - */ - public void setProtocolActiveOAuth(boolean protocolActiveOAuth) { - this.protocolActiveOAuth = protocolActiveOAuth; - } - - /** - * @return the saml1SourceID - */ - public String getSaml1SourceID() { - return saml1SourceID; - } - - /** - * @param saml1SourceID the saml1SourceID to set - */ - public void setSaml1SourceID(String saml1SourceID) { - this.saml1SourceID = saml1SourceID; - } - - /** - * @return the publicURLPrefix - */ - public String getPublicURLPrefix() { - return publicURLPrefix; - } - - /** - * @param publicURLPrefix the publicURLPrefix to set - */ - public void setPublicURLPrefix(String publicURLPrefix) { - if (MiscUtil.isNotEmpty(publicURLPrefix)) - this.publicURLPrefix = - KeyValueUtils.removeAllNewlineFromString(publicURLPrefix); - else - this.publicURLPrefix = publicURLPrefix; - - } - - /** - * @return the moaspssIdlTrustProfileTest - */ - public String getMoaspssIdlTrustProfileTest() { - return moaspssIdlTrustProfileTest; - } - - /** - * @param moaspssIdlTrustProfileTest the moaspssIdlTrustProfileTest to set - */ - public void setMoaspssIdlTrustProfileTest(String moaspssIdlTrustProfileTest) { - this.moaspssIdlTrustProfileTest = moaspssIdlTrustProfileTest; - } - - /** - * @return the moaspssAuthTrustProfileTest - */ - public String getMoaspssAuthTrustProfileTest() { - return moaspssAuthTrustProfileTest; - } - - /** - * @param moaspssAuthTrustProfileTest the moaspssAuthTrustProfileTest to set - */ - public void setMoaspssAuthTrustProfileTest(String moaspssAuthTrustProfileTest) { - this.moaspssAuthTrustProfileTest = moaspssAuthTrustProfileTest; - } - - /** - * @return the virtualPublicURLPrefixEnabled - */ - public boolean isVirtualPublicURLPrefixEnabled() { - return virtualPublicURLPrefixEnabled; - } - - /** - * @param virtualPublicURLPrefixEnabled the virtualPublicURLPrefixEnabled to set - */ - public void setVirtualPublicURLPrefixEnabled( - boolean virtualPublicURLPrefixEnabled) { - this.virtualPublicURLPrefixEnabled = virtualPublicURLPrefixEnabled; - } - - /** - * @return the elgaMandateServiceURL - */ - public String getElgaMandateServiceURL() { - return elgaMandateServiceURL; - } - - /** - * @param elgaMandateServiceURL the elgaMandateServiceURL to set - */ - public void setElgaMandateServiceURL(String elgaMandateServiceURL) { - if (MiscUtil.isNotEmpty(elgaMandateServiceURL)) - this.elgaMandateServiceURL = KeyValueUtils.removeAllNewlineFromString(elgaMandateServiceURL); - else - this.elgaMandateServiceURL = elgaMandateServiceURL; - } - - /** - * @return the eidSystemServiceURL - */ - public String getEidSystemServiceURL() { - return eidSystemServiceURL; - } - - public boolean isMoaidMode() { - return moaidMode; - } - - /** - * @param eidSystemServiceURL the E-ID Service URL to set - */ - public void setEidSystemServiceURL(String eidSystemServiceURL) { - if (MiscUtil.isNotEmpty(eidSystemServiceURL)) - this.eidSystemServiceURL = KeyValueUtils.removeAllNewlineFromString(eidSystemServiceURL); - else - this.eidSystemServiceURL = eidSystemServiceURL; - } - - + /** + * @return the timeoutAssertion + */ + public String getTimeoutAssertion() { + return timeoutAssertion; + } + + /** + * @param timeoutAssertion the timeoutAssertion to set + */ + public void setTimeoutAssertion(String timeoutAssertion) { + this.timeoutAssertion = timeoutAssertion; + } + + /** + * @return the timeoutMOASessionCreated + */ + public String getTimeoutMOASessionCreated() { + return timeoutMOASessionCreated; + } + + /** + * @param timeoutMOASessionCreated the timeoutMOASessionCreated to set + */ + public void setTimeoutMOASessionCreated(String timeoutMOASessionCreated) { + this.timeoutMOASessionCreated = timeoutMOASessionCreated; + } + + /** + * @return the timeoutMOASessionUpdated + */ + public String getTimeoutMOASessionUpdated() { + return timeoutMOASessionUpdated; + } + + /** + * @param timeoutMOASessionUpdated the timeoutMOASessionUpdated to set + */ + public void setTimeoutMOASessionUpdated(String timeoutMOASessionUpdated) { + this.timeoutMOASessionUpdated = timeoutMOASessionUpdated; + } + + /** + * @return the moaspssURL + */ + public String getMoaspssURL() { + return moaspssURL; + } + + /** + * @param moaspssURL the moaspssURL to set + */ + public void setMoaspssURL(String moaspssURL) { + this.moaspssURL = moaspssURL; + } + + /** + * @return the moaspssAuthTrustProfile + */ + public String getMoaspssAuthTrustProfile() { + return moaspssAuthTrustProfile; + } + + /** + * @param moaspssAuthTrustProfile the moaspssAuthTrustProfile to set + */ + public void setMoaspssAuthTrustProfile(String moaspssAuthTrustProfile) { + this.moaspssAuthTrustProfile = moaspssAuthTrustProfile; + } + + /** + * @return the moaspssAuthTransformations + */ + public String getMoaspssAuthTransformations() { + return moaspssAuthTransformations; + } + + /** + * @param moaspssAuthTransformations the moaspssAuthTransformations to set + */ + public void setMoaspssAuthTransformations(String moaspssAuthTransformations) { + this.moaspssAuthTransformations = moaspssAuthTransformations; + } + + /** + * @return the moaspssIdlTrustProfile + */ + public String getMoaspssIdlTrustProfile() { + return moaspssIdlTrustProfile; + } + + /** + * @param moaspssIdlTrustProfile the moaspssIdlTrustProfile to set + */ + public void setMoaspssIdlTrustProfile(String moaspssIdlTrustProfile) { + this.moaspssIdlTrustProfile = moaspssIdlTrustProfile; + } + + /** + * @return the mandateURL + */ + public String getMandateURL() { + return mandateURL; + } + + /** + * @param mandateURL the mandateURL to set + */ + public void setMandateURL(String mandateURL) { + if (MiscUtil.isNotEmpty(mandateURL)) { + this.mandateURL = KeyValueUtils.removeAllNewlineFromString(mandateURL); + } else { + this.mandateURL = mandateURL; + } + } + + /** + * @return the legacy_saml1 + */ + public boolean isLegacy_saml1() { + return legacy_saml1; + } + + /** + * @param legacy_saml1 the legacy_saml1 to set + */ + public void setLegacy_saml1(boolean legacy_saml1) { + this.legacy_saml1 = legacy_saml1; + } + + /** + * @return the legacy_pvp2 + */ + public boolean isLegacy_pvp2() { + return legacy_pvp2; + } + + /** + * @param legacy_pvp2 the legacy_pvp2 to set + */ + public void setLegacy_pvp2(boolean legacy_pvp2) { + this.legacy_pvp2 = legacy_pvp2; + } + + /** + * @return the pvp2IssuerName + */ + public String getPvp2IssuerName() { + return pvp2IssuerName; + } + + /** + * @param pvp2IssuerName the pvp2IssuerName to set + */ + public void setPvp2IssuerName(String pvp2IssuerName) { + this.pvp2IssuerName = pvp2IssuerName; + } + + /** + * @return the pvp2OrgName + */ + public String getPvp2OrgName() { + return pvp2OrgName; + } + + /** + * @param pvp2OrgName the pvp2OrgName to set + */ + public void setPvp2OrgName(String pvp2OrgName) { + this.pvp2OrgName = pvp2OrgName; + } + + /** + * @return the pvp2OrgDisplayName + */ + public String getPvp2OrgDisplayName() { + return pvp2OrgDisplayName; + } + + /** + * @param pvp2OrgDisplayName the pvp2OrgDisplayName to set + */ + public void setPvp2OrgDisplayName(String pvp2OrgDisplayName) { + this.pvp2OrgDisplayName = pvp2OrgDisplayName; + } + + /** + * @return the pvp2OrgURL + */ + public String getPvp2OrgURL() { + return pvp2OrgURL; + } + + /** + * @param pvp2OrgURL the pvp2OrgURL to set + */ + public void setPvp2OrgURL(String pvp2OrgURL) { + this.pvp2OrgURL = pvp2OrgURL; + } + + /** + * @return the pvp2Contact + */ + public ContactForm getPvp2Contact() { + return pvp2Contact; + } + + /** + * @param pvp2Contact the pvp2Contact to set + */ + public void setPvp2Contact(ContactForm pvp2Contact) { + this.pvp2Contact = pvp2Contact; + } + + /** + * @return the fileUpload + */ + public List getFileUpload() { + return fileUpload; + } + + /** + * @param fileUpload the fileUpload to set + */ + public void setFileUpload(List fileUpload) { + this.fileUpload = fileUpload; + } + + /** + * @return the fileUploadContentType + */ + public List getFileUploadContentType() { + return fileUploadContentType; + } + + /** + * @param fileUploadContentType the fileUploadContentType to set + */ + public void setFileUploadContentType(List fileUploadContentType) { + this.fileUploadContentType = fileUploadContentType; + } + + /** + * @return the fileUploadFileName + */ + public List getFileUploadFileName() { + return fileUploadFileName; + } + + /** + * @param fileUploadFileName the fileUploadFileName to set + */ + public void setFileUploadFileName(List fileUploadFileName) { + this.fileUploadFileName = fileUploadFileName; + } + + /** + * @return the ssoTarget + */ + public String getSsoTarget() { + return ssoTarget; + } + + /** + * @param ssoTarget the ssoTarget to set + */ + public void setSsoTarget(String ssoTarget) { + this.ssoTarget = ssoTarget; + } + + /** + * @return the ssoFriendlyName + */ + public String getSsoFriendlyName() { + return ssoFriendlyName; + } + + /** + * @param ssoFriendlyName the ssoFriendlyName to set + */ + public void setSsoFriendlyName(String ssoFriendlyName) { + this.ssoFriendlyName = ssoFriendlyName; + } + + /** + * @return the ssoSpecialText + */ + public String getSsoSpecialText() { + return ssoSpecialText; + } + + /** + * @param ssoSpecialText the ssoSpecialText to set + */ + public void setSsoSpecialText(String ssoSpecialText) { + this.ssoSpecialText = ssoSpecialText; + } + + /** + * @return the ssoIdentificationNumber + */ + public String getSsoIdentificationNumber() { + return ssoIdentificationNumber; + } + + /** + * @param ssoIdentificationNumber the ssoIdentificationNumber to set + */ + public void setSsoIdentificationNumber(String ssoIdentificationNumber) { + this.ssoIdentificationNumber = ssoIdentificationNumber; + } + + /** + * @return the defaultchainigmode + */ + public String getDefaultchainigmode() { + return defaultchainigmode; + } + + /** + * @param defaultchainigmode the defaultchainigmode to set + */ + public void setDefaultchainigmode(String defaultchainigmode) { + this.defaultchainigmode = defaultchainigmode; + } + + /** + * @return the defaultBKUOnline + */ + public String getDefaultBKUOnline() { + return defaultBKUOnline; + } + + /** + * @param defaultBKUOnline the defaultBKUOnline to set + */ + public void setDefaultBKUOnline(String defaultBKUOnline) { + this.defaultBKUOnline = defaultBKUOnline; + } + + /** + * @return the defaultBKULocal + */ + public String getDefaultBKULocal() { + return defaultBKULocal; + } + + /** + * @param defaultBKULocal the defaultBKULocal to set + */ + public void setDefaultBKULocal(String defaultBKULocal) { + this.defaultBKULocal = defaultBKULocal; + } + + /** + * @return the defaultBKUHandy + */ + public String getDefaultBKUHandy() { + return defaultBKUHandy; + } + + /** + * @param defaultBKUHandy the defaultBKUHandy to set + */ + public void setDefaultBKUHandy(String defaultBKUHandy) { + this.defaultBKUHandy = defaultBKUHandy; + } + + /** + * @return the sLRequestTemplateOnline + */ + public String getSLRequestTemplateOnline() { + return SLRequestTemplateOnline; + } + + /** + * @param sLRequestTemplateOnline the sLRequestTemplateOnline to set + */ + public void setSLRequestTemplateOnline(String sLRequestTemplateOnline) { + SLRequestTemplateOnline = sLRequestTemplateOnline; + } + + /** + * @return the sLRequestTemplateLocal + */ + public String getSLRequestTemplateLocal() { + return SLRequestTemplateLocal; + } + + /** + * @param sLRequestTemplateLocal the sLRequestTemplateLocal to set + */ + public void setSLRequestTemplateLocal(String sLRequestTemplateLocal) { + SLRequestTemplateLocal = sLRequestTemplateLocal; + } + + /** + * @return the sLRequestTemplateHandy + */ + public String getSLRequestTemplateHandy() { + return SLRequestTemplateHandy; + } + + /** + * @param sLRequestTemplateHandy the sLRequestTemplateHandy to set + */ + public void setSLRequestTemplateHandy(String sLRequestTemplateHandy) { + SLRequestTemplateHandy = sLRequestTemplateHandy; + } + + /** + * @return the trustmanagerrevocationcheck + */ + public boolean isTrustmanagerrevocationcheck() { + return trustmanagerrevocationcheck; + } + + /** + * @param trustmanagerrevocationcheck the trustmanagerrevocationcheck to set + */ + public void setTrustmanagerrevocationcheck(boolean trustmanagerrevocationcheck) { + this.trustmanagerrevocationcheck = trustmanagerrevocationcheck; + } + + /** + * @return the trustedCACerts + */ + public String getTrustedCACerts() { + return trustedCACerts; + } + + /** + * @param trustedCACerts the trustedCACerts to set + */ + public void setTrustedCACerts(String trustedCACerts) { + this.trustedCACerts = trustedCACerts; + } + + /** + * @return the chainigmodelist + */ + public Map getChainigmodelist() { + return chainigmodelist; + } + + /** + * @param chainigmodelist the chainigmodelist to set + */ + public void setChainigmodelist(Map chainigmodelist) { + GeneralMOAIDConfig.chainigmodelist = chainigmodelist; + } + + /** + * @return the secLayerTransformation + */ + public Map getSecLayerTransformation() { + + return secLayerTransformation; + } + + /** + * @param secLayerTransformation the secLayerTransformation to set + */ + public void setSecLayerTransformation(Map secLayerTransformation) { + this.secLayerTransformation = secLayerTransformation; + } + + /** + * @return the authTransformList + */ + public List getAuthTransformList() { + return authTransformList; + } + + /** + * @param authTransformList the authTransformList to set + */ + public void setAuthTransformList(List authTransformList) { + this.authTransformList = authTransformList; + } + + public void setFileUpload(File fileUpload) { + if (this.fileUpload == null) { + this.fileUpload = new ArrayList<>(); + } + this.fileUpload.add(fileUpload); + } + + public void setFileUploadContentType(String fileUploadContentType) { + if (this.fileUploadContentType == null) { + this.fileUploadContentType = new ArrayList<>(); + } + this.fileUploadContentType.add(fileUploadContentType); + } + + public void setFileUploadFileName(String fileUploadFileName) { + if (this.fileUploadFileName == null) { + this.fileUploadFileName = new ArrayList<>(); + } + this.fileUploadFileName.add(fileUploadFileName); + } + + /** + * @return the protocolActiveSAML1 + */ + public boolean isProtocolActiveSAML1() { + return protocolActiveSAML1; + } + + /** + * @param protocolActiveSAML1 the protocolActiveSAML1 to set + */ + public void setProtocolActiveSAML1(boolean protocolActiveSAML1) { + this.protocolActiveSAML1 = protocolActiveSAML1; + } + + /** + * @return the protocolActivePVP21 + */ + public boolean isProtocolActivePVP21() { + return protocolActivePVP21; + } + + /** + * @param protocolActivePVP21 the protocolActivePVP21 to set + */ + public void setProtocolActivePVP21(boolean protocolActivePVP21) { + this.protocolActivePVP21 = protocolActivePVP21; + } + + /** + * @return the protocolActiveOAuth + */ + public boolean isProtocolActiveOAuth() { + return protocolActiveOAuth; + } + + /** + * @param protocolActiveOAuth the protocolActiveOAuth to set + */ + public void setProtocolActiveOAuth(boolean protocolActiveOAuth) { + this.protocolActiveOAuth = protocolActiveOAuth; + } + + /** + * @return the saml1SourceID + */ + public String getSaml1SourceID() { + return saml1SourceID; + } + + /** + * @param saml1SourceID the saml1SourceID to set + */ + public void setSaml1SourceID(String saml1SourceID) { + this.saml1SourceID = saml1SourceID; + } + + /** + * @return the publicURLPrefix + */ + public String getPublicURLPrefix() { + return publicURLPrefix; + } + + /** + * @param publicURLPrefix the publicURLPrefix to set + */ + public void setPublicURLPrefix(String publicURLPrefix) { + if (MiscUtil.isNotEmpty(publicURLPrefix)) { + this.publicURLPrefix = + KeyValueUtils.removeAllNewlineFromString(publicURLPrefix); + } else { + this.publicURLPrefix = publicURLPrefix; + } + + } + + /** + * @return the moaspssIdlTrustProfileTest + */ + public String getMoaspssIdlTrustProfileTest() { + return moaspssIdlTrustProfileTest; + } + + /** + * @param moaspssIdlTrustProfileTest the moaspssIdlTrustProfileTest to set + */ + public void setMoaspssIdlTrustProfileTest(String moaspssIdlTrustProfileTest) { + this.moaspssIdlTrustProfileTest = moaspssIdlTrustProfileTest; + } + + /** + * @return the moaspssAuthTrustProfileTest + */ + public String getMoaspssAuthTrustProfileTest() { + return moaspssAuthTrustProfileTest; + } + + /** + * @param moaspssAuthTrustProfileTest the moaspssAuthTrustProfileTest to set + */ + public void setMoaspssAuthTrustProfileTest(String moaspssAuthTrustProfileTest) { + this.moaspssAuthTrustProfileTest = moaspssAuthTrustProfileTest; + } + + /** + * @return the virtualPublicURLPrefixEnabled + */ + public boolean isVirtualPublicURLPrefixEnabled() { + return virtualPublicURLPrefixEnabled; + } + + /** + * @param virtualPublicURLPrefixEnabled the virtualPublicURLPrefixEnabled to set + */ + public void setVirtualPublicURLPrefixEnabled( + boolean virtualPublicURLPrefixEnabled) { + this.virtualPublicURLPrefixEnabled = virtualPublicURLPrefixEnabled; + } + + /** + * @return the elgaMandateServiceURL + */ + public String getElgaMandateServiceURL() { + return elgaMandateServiceURL; + } + + /** + * @param elgaMandateServiceURL the elgaMandateServiceURL to set + */ + public void setElgaMandateServiceURL(String elgaMandateServiceURL) { + if (MiscUtil.isNotEmpty(elgaMandateServiceURL)) { + this.elgaMandateServiceURL = KeyValueUtils.removeAllNewlineFromString(elgaMandateServiceURL); + } else { + this.elgaMandateServiceURL = elgaMandateServiceURL; + } + } + + /** + * @return the eidSystemServiceURL + */ + public String getEidSystemServiceURL() { + return eidSystemServiceURL; + } + + public boolean isMoaidMode() { + return moaidMode; + } + + /** + * @param eidSystemServiceURL the E-ID Service URL to set + */ + public void setEidSystemServiceURL(String eidSystemServiceURL) { + if (MiscUtil.isNotEmpty(eidSystemServiceURL)) { + this.eidSystemServiceURL = KeyValueUtils.removeAllNewlineFromString(eidSystemServiceURL); + } else { + this.eidSystemServiceURL = eidSystemServiceURL; + } + } + } diff --git a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/data/GeneralStorkConfig.java b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/data/GeneralStorkConfig.java index b5c996c72..c833372c9 100644 --- a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/data/GeneralStorkConfig.java +++ b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/data/GeneralStorkConfig.java @@ -25,8 +25,6 @@ package at.gv.egovernment.moa.id.configuration.data; import java.util.ArrayList; import java.util.List; -import org.apache.log4j.Logger; - import at.gv.egovernment.moa.id.commons.MOAIDConstants; import at.gv.egovernment.moa.id.commons.db.dao.config.deprecated.AuthComponentGeneral; import at.gv.egovernment.moa.id.commons.db.dao.config.deprecated.CPEPS; @@ -36,141 +34,147 @@ import at.gv.egovernment.moa.id.commons.db.dao.config.deprecated.STORK; import at.gv.egovernment.moa.id.commons.db.dao.config.deprecated.StorkAttribute; import at.gv.egovernment.moa.id.config.webgui.exception.ConfigurationException; import at.gv.egovernment.moa.id.configuration.config.ConfigurationProvider; +import lombok.extern.slf4j.Slf4j; +@Slf4j public class GeneralStorkConfig { - private List cpepslist; - private List attributes; - private String qaa; - private static final Logger log = Logger.getLogger(GeneralStorkConfig.class); - - private MOAIDConfiguration dbconfig = null; - - /** - * - */ - public GeneralStorkConfig() { - try { - dbconfig = ConfigurationProvider.getInstance().getDbRead().getMOAIDConfiguration(); - - } catch (ConfigurationException e) { - log.error("MOA-ID-Configuration initialization FAILED.", e); - - } - - } - - public void parse(MOAIDConfiguration config) { - log.info("Initializing general Stork config"); - - cpepslist = new ArrayList(); - attributes = new ArrayList(); - - if (config != null) { - AuthComponentGeneral auth = config.getAuthComponentGeneral(); - - if (auth != null) { - ForeignIdentities foreign = auth.getForeignIdentities(); - - if (foreign != null) { - STORK stork = foreign.getSTORK(); - - if (stork != null) { - // deep clone all the things - // to foreclose lazyloading session timeouts - if (stork.getCPEPS() != null) { - for(CPEPS current : stork.getCPEPS()) { - cpepslist.add(current); - } - } - - List tmp = stork.getAttributes(); - if(null != tmp) { - - for(StorkAttribute current : tmp) - attributes.add(current); - } - - try { - qaa = stork.getGeneral_eIDAS_LOA(); - - } catch(NullPointerException e) { - qaa = MOAIDConstants.eIDAS_LOA_HIGH; - } - } - - } - } - } - - if (cpepslist.isEmpty()) { - CPEPS defaultCPEPS = new CPEPS(); - defaultCPEPS.setCountryCode("CC"); - defaultCPEPS.setURL("http://"); - defaultCPEPS.setSupportsXMLSignature(true); - cpepslist.add(defaultCPEPS ); - - } - if(attributes.isEmpty()) - attributes.add(new StorkAttribute()); - } - - public List getAllowedLoALevels() { - return MOAIDConstants.ALLOWED_eIDAS_LOA; - } - - public List getRawCPEPSList() { - return cpepslist; + private List cpepslist; + private List attributes; + private String qaa; + + private MOAIDConfiguration dbconfig = null; + + /** + * + */ + public GeneralStorkConfig() { + try { + dbconfig = ConfigurationProvider.getInstance().getDbRead().getMOAIDConfiguration(); + + } catch (final ConfigurationException e) { + log.error("MOA-ID-Configuration initialization FAILED.", e); + + } + + } + + public void parse(MOAIDConfiguration config) { + log.info("Initializing general Stork config"); + + cpepslist = new ArrayList<>(); + attributes = new ArrayList<>(); + + if (config != null) { + final AuthComponentGeneral auth = config.getAuthComponentGeneral(); + + if (auth != null) { + final ForeignIdentities foreign = auth.getForeignIdentities(); + + if (foreign != null) { + final STORK stork = foreign.getSTORK(); + + if (stork != null) { + // deep clone all the things + // to foreclose lazyloading session timeouts + if (stork.getCPEPS() != null) { + for (final CPEPS current : stork.getCPEPS()) { + cpepslist.add(current); + } + } + + final List tmp = stork.getAttributes(); + if (null != tmp) { + + for (final StorkAttribute current : tmp) { + attributes.add(current); + } + } + + try { + qaa = stork.getGeneral_eIDAS_LOA(); + + } catch (final NullPointerException e) { + qaa = MOAIDConstants.eIDAS_LOA_HIGH; + } + } + + } + } } - - public List getCpepslist() { - if (null == cpepslist) - return null; - - //MOAIDConfiguration dbconfig = ConfigurationDBRead.getMOAIDConfiguration(); - - try { - List cpepss = dbconfig.getAuthComponentGeneral().getForeignIdentities().getSTORK().getCPEPS(); - - if (cpepss != null) { - // make CountryCode "readonly" - for (CPEPS newone : cpepslist) { - for (CPEPS current : cpepss) { - if (null != newone) - if (current.getHjid().equals(newone.getHjid())) { - newone.setCountryCode(current.getCountryCode()); - break; - } - } - } - } - - return cpepslist; - - } catch (NullPointerException e) { - return null; - - } - - } - - public void setCpepslist(List list) { - cpepslist = list; - } - - public List getAttributes() { - return attributes; - } - - public void setAttributes(List attributes) { - this.attributes = attributes; - } - - public String getDefaultQaa() { - return qaa; - } - - public void setDefaultQaa(String qaa) { - this.qaa = qaa; - } + + if (cpepslist.isEmpty()) { + final CPEPS defaultCPEPS = new CPEPS(); + defaultCPEPS.setCountryCode("CC"); + defaultCPEPS.setURL("http://"); + defaultCPEPS.setSupportsXMLSignature(true); + cpepslist.add(defaultCPEPS); + + } + if (attributes.isEmpty()) { + attributes.add(new StorkAttribute()); + } + } + + public List getAllowedLoALevels() { + return MOAIDConstants.ALLOWED_eIDAS_LOA; + } + + public List getRawCPEPSList() { + return cpepslist; + } + + public List getCpepslist() { + if (null == cpepslist) { + return null; + } + + // MOAIDConfiguration dbconfig = ConfigurationDBRead.getMOAIDConfiguration(); + + try { + final List cpepss = dbconfig.getAuthComponentGeneral().getForeignIdentities().getSTORK() + .getCPEPS(); + + if (cpepss != null) { + // make CountryCode "readonly" + for (final CPEPS newone : cpepslist) { + for (final CPEPS current : cpepss) { + if (null != newone) { + if (current.getHjid().equals(newone.getHjid())) { + newone.setCountryCode(current.getCountryCode()); + break; + } + } + } + } + } + + return cpepslist; + + } catch (final NullPointerException e) { + return null; + + } + + } + + public void setCpepslist(List list) { + cpepslist = list; + } + + public List getAttributes() { + return attributes; + } + + public void setAttributes(List attributes) { + this.attributes = attributes; + } + + public String getDefaultQaa() { + return qaa; + } + + public void setDefaultQaa(String qaa) { + this.qaa = qaa; + } } diff --git a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/data/OAListElement.java b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/data/OAListElement.java index 28eba9f34..c7de7e369 100644 --- a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/data/OAListElement.java +++ b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/data/OAListElement.java @@ -23,92 +23,103 @@ package at.gv.egovernment.moa.id.configuration.data; public class OAListElement { - - public enum ServiceType {OA, VIDP, IDP, GWAY} - - private long dataBaseID; - private String oaIdentifier; - private String oaFriendlyName; - private String oaType; - private boolean isActive; - private ServiceType serviceType; - - /** - * - */ - public OAListElement(ServiceType type) { - this.serviceType = type; - } - - - /** - * @return the dataBaseID - */ - public long getDataBaseID() { - return dataBaseID; - } - /** - * @param dataBaseID the dataBaseID to set - */ - public void setDataBaseID(long dataBaseID) { - this.dataBaseID = dataBaseID; - } - /** - * @return the oaIdentifier - */ - public String getOaIdentifier() { - return oaIdentifier; - } - /** - * @param oaIdentifier the oaIdentifier to set - */ - public void setOaIdentifier(String oaIdentifier) { - this.oaIdentifier = oaIdentifier; - } - /** - * @return the oaFriendlyName - */ - public String getOaFriendlyName() { - return oaFriendlyName; - } - /** - * @param oaFriendlyName the oaFriendlyName to set - */ - public void setOaFriendlyName(String oaFriendlyName) { - this.oaFriendlyName = oaFriendlyName; - } - /** - * @return the oaType - */ - public String getOaType() { - return oaType; - } - /** - * @param oaType the oaType to set - */ - public void setOaType(String oaType) { - this.oaType = oaType; - } - /** - * @return the isActive - */ - public boolean isActive() { - return isActive; - } - /** - * @param isActive the isActive to set - */ - public void setActive(boolean isActive) { - this.isActive = isActive; - } - - public String getIsActive(){ - return String.valueOf(isActive); - } - /** - * @return the serviceType - */ - public String getServiceType() { - return serviceType.name(); - } + + public enum ServiceType { + OA, VIDP, IDP, GWAY + } + + private long dataBaseID; + private String oaIdentifier; + private String oaFriendlyName; + private String oaType; + private boolean isActive; + private final ServiceType serviceType; + + /** + * + */ + public OAListElement(ServiceType type) { + this.serviceType = type; + } + + /** + * @return the dataBaseID + */ + public long getDataBaseID() { + return dataBaseID; + } + + /** + * @param dataBaseID the dataBaseID to set + */ + public void setDataBaseID(long dataBaseID) { + this.dataBaseID = dataBaseID; + } + + /** + * @return the oaIdentifier + */ + public String getOaIdentifier() { + return oaIdentifier; + } + + /** + * @param oaIdentifier the oaIdentifier to set + */ + public void setOaIdentifier(String oaIdentifier) { + this.oaIdentifier = oaIdentifier; + } + + /** + * @return the oaFriendlyName + */ + public String getOaFriendlyName() { + return oaFriendlyName; + } + + /** + * @param oaFriendlyName the oaFriendlyName to set + */ + public void setOaFriendlyName(String oaFriendlyName) { + this.oaFriendlyName = oaFriendlyName; + } + + /** + * @return the oaType + */ + public String getOaType() { + return oaType; + } + + /** + * @param oaType the oaType to set + */ + public void setOaType(String oaType) { + this.oaType = oaType; + } + + /** + * @return the isActive + */ + public boolean isActive() { + return isActive; + } + + /** + * @param isActive the isActive to set + */ + public void setActive(boolean isActive) { + this.isActive = isActive; + } + + public String getIsActive() { + return String.valueOf(isActive); + } + + /** + * @return the serviceType + */ + public String getServiceType() { + return serviceType.name(); + } } diff --git a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/data/StorkAttributes.java b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/data/StorkAttributes.java index a1bcf4aa4..af4548779 100644 --- a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/data/StorkAttributes.java +++ b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/data/StorkAttributes.java @@ -24,27 +24,25 @@ package at.gv.egovernment.moa.id.configuration.data; public class StorkAttributes { + public AttributValues eIdentifier; - public AttributValues eIdentifier; - - - public void parse() { - eIdentifier = AttributValues.MANDATORY; - } - - - public enum AttributValues { - MANDATORY, OPTIONAL, NOT; - - public String getValue() { - if (this == MANDATORY) - return MANDATORY.name(); - if (this == OPTIONAL) - return OPTIONAL.name(); - else - return NOT.name(); - } - } - -} + public void parse() { + eIdentifier = AttributValues.MANDATORY; + } + + public enum AttributValues { + MANDATORY, OPTIONAL, NOT; + public String getValue() { + if (this == MANDATORY) { + return MANDATORY.name(); + } + if (this == OPTIONAL) { + return OPTIONAL.name(); + } else { + return NOT.name(); + } + } + } + +} diff --git a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/data/UserDatabaseFrom.java b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/data/UserDatabaseFrom.java index 8f4746d69..8f94fa642 100644 --- a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/data/UserDatabaseFrom.java +++ b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/data/UserDatabaseFrom.java @@ -26,328 +26,310 @@ import at.gv.egovernment.moa.id.commons.db.dao.config.UserDatabase; import at.gv.egovernment.moa.util.MiscUtil; public class UserDatabaseFrom { - - private String bpk; - private String familyName; - private String givenName; - private String institut; - private String mail; - private String phone; - private String username; - private String password; - private String password_second; - private boolean active = false; - private boolean admin = false; - private boolean passwordActive; - private boolean isusernamepasswordallowed = false; - private boolean isadminrequest = true; - private boolean ismandateuser = false; - private boolean isPVPGenerated; - private String userID = null; - - public UserDatabaseFrom() { - - } - - public UserDatabaseFrom(UserDatabase db) { - bpk = db.getBpk(); - familyName = db.getFamilyname(); - givenName = db.getGivenname(); - institut = db.getInstitut(); - mail = db.getMail(); - phone = db.getPhone(); - username = db.getUsername(); - - if (MiscUtil.isNotEmpty(db.getPassword())) - passwordActive = true; - else - passwordActive = false; - - active = db.isIsActive(); - admin = db.isIsAdmin(); - - if (db.isIsUsernamePasswordAllowed() != null) - isusernamepasswordallowed = db.isIsUsernamePasswordAllowed(); - else - isusernamepasswordallowed = true; - - if (db.isIsAdminRequest() != null) - isadminrequest = db.isIsAdminRequest(); - else - isadminrequest = false; - - if (db.isIsMandateUser() != null) - ismandateuser = db.isIsMandateUser(); - else - ismandateuser = false; - - if (db.isIsPVP2Generated() != null) - isPVPGenerated = db.isIsPVP2Generated(); - else - isPVPGenerated = false; - - userID = String.valueOf(db.getHjid()); - } - - - /** - * @return the bpk - */ - public String getBpk() { - return bpk; - } - - - /** - * @param bpk the bpk to set - */ - public void setBpk(String bpk) { - this.bpk = bpk; - } - - - /** - * @return the familyName - */ - public String getFamilyName() { - return familyName; - } - - - /** - * @param familyName the familyName to set - */ - public void setFamilyName(String familyName) { - this.familyName = familyName; - } - - - /** - * @return the givenName - */ - public String getGivenName() { - return givenName; - } - - - /** - * @param givenName the givenName to set - */ - public void setGivenName(String givenName) { - this.givenName = givenName; - } - - - /** - * @return the institut - */ - public String getInstitut() { - return institut; - } - - - /** - * @param institut the institut to set - */ - public void setInstitut(String institut) { - this.institut = institut; - } - - - /** - * @return the mail - */ - public String getMail() { - return mail; - } - - - /** - * @param mail the mail to set - */ - public void setMail(String mail) { - this.mail = mail; - } - - - /** - * @return the phone - */ - public String getPhone() { - return phone; - } - - - /** - * @param phone the phone to set - */ - public void setPhone(String phone) { - this.phone = phone; - } - - - /** - * @return the username - */ - public String getUsername() { - return username; - } - - - /** - * @param username the username to set - */ - public void setUsername(String username) { - this.username = username; - } - - - /** - * @return the password - */ - public String getPassword() { - return password; - } - - - /** - * @param password the password to set - */ - public void setPassword(String password) { - this.password = password; - } - - - /** - * @return the active - */ - public boolean isActive() { - return active; - } - - - /** - * @param active the active to set - */ - public void setActive(boolean active) { - this.active = active; - } - - - /** - * @return the admin - */ - public boolean isAdmin() { - return admin; - } - - - /** - * @param admin the admin to set - */ - public void setAdmin(boolean admin) { - this.admin = admin; - } - - - /** - * @return the passwordActive - */ - public boolean isPasswordActive() { - return passwordActive; - } - - - /** - * @param passwordActive the passwordActive to set - */ - public void setPasswordActive(boolean passwordActive) { - this.passwordActive = passwordActive; - } - - /** - * @return the userID - */ - public String getUserID() { - return userID; - } - - /** - * @param userID the userID to set - */ - public void setUserID(String userID) { - this.userID = userID; - } - - /** - * @return the password_second - */ - public String getPassword_second() { - return password_second; - } - - /** - * @param password_second the password_second to set - */ - public void setPassword_second(String password_second) { - this.password_second = password_second; - } - - /** - * @return the isusernamepasswordallowed - */ - public boolean isIsusernamepasswordallowed() { - return isusernamepasswordallowed; - } - - /** - * @param isusernamepasswordallowed the isusernamepasswordallowed to set - */ - public void setIsusernamepasswordallowed(boolean isusernamepasswordallowed) { - this.isusernamepasswordallowed = isusernamepasswordallowed; - } - - /** - * @return the ismandateuser - */ - public boolean isIsmandateuser() { - return ismandateuser; - } - - - /** - * @param ismandateuser the ismandateuser to set - */ - public void setIsmandateuser(boolean ismandateuser) { - this.ismandateuser = ismandateuser; - } - - /** - * @return the isadminrequest - */ - public boolean isIsadminrequest() { - return isadminrequest; - } - - /** - * @param isadminrequest the isadminrequest to set - */ - public void setIsadminrequest(boolean isadminrequest) { - this.isadminrequest = isadminrequest; - } - - /** - * @return the isPVPGenerated - */ - public boolean isPVPGenerated() { - return isPVPGenerated; - } - - /** - * @param isPVPGenerated the isPVPGenerated to set - */ - public void setPVPGenerated(boolean isPVPGenerated) { - this.isPVPGenerated = isPVPGenerated; - } - + + private String bpk; + private String familyName; + private String givenName; + private String institut; + private String mail; + private String phone; + private String username; + private String password; + private String password_second; + private boolean active = false; + private boolean admin = false; + private boolean passwordActive; + private boolean isusernamepasswordallowed = false; + private boolean isadminrequest = true; + private boolean ismandateuser = false; + private boolean isPVPGenerated; + private String userID = null; + + public UserDatabaseFrom() { + + } + + public UserDatabaseFrom(UserDatabase db) { + bpk = db.getBpk(); + familyName = db.getFamilyname(); + givenName = db.getGivenname(); + institut = db.getInstitut(); + mail = db.getMail(); + phone = db.getPhone(); + username = db.getUsername(); + + if (MiscUtil.isNotEmpty(db.getPassword())) { + passwordActive = true; + } else { + passwordActive = false; + } + + active = db.isIsActive(); + admin = db.isIsAdmin(); + + if (db.isIsUsernamePasswordAllowed() != null) { + isusernamepasswordallowed = db.isIsUsernamePasswordAllowed(); + } else { + isusernamepasswordallowed = true; + } + + if (db.isIsAdminRequest() != null) { + isadminrequest = db.isIsAdminRequest(); + } else { + isadminrequest = false; + } + + if (db.isIsMandateUser() != null) { + ismandateuser = db.isIsMandateUser(); + } else { + ismandateuser = false; + } + + if (db.isIsPVP2Generated() != null) { + isPVPGenerated = db.isIsPVP2Generated(); + } else { + isPVPGenerated = false; + } + + userID = String.valueOf(db.getHjid()); + } + + /** + * @return the bpk + */ + public String getBpk() { + return bpk; + } + + /** + * @param bpk the bpk to set + */ + public void setBpk(String bpk) { + this.bpk = bpk; + } + + /** + * @return the familyName + */ + public String getFamilyName() { + return familyName; + } + + /** + * @param familyName the familyName to set + */ + public void setFamilyName(String familyName) { + this.familyName = familyName; + } + + /** + * @return the givenName + */ + public String getGivenName() { + return givenName; + } + + /** + * @param givenName the givenName to set + */ + public void setGivenName(String givenName) { + this.givenName = givenName; + } + + /** + * @return the institut + */ + public String getInstitut() { + return institut; + } + + /** + * @param institut the institut to set + */ + public void setInstitut(String institut) { + this.institut = institut; + } + + /** + * @return the mail + */ + public String getMail() { + return mail; + } + + /** + * @param mail the mail to set + */ + public void setMail(String mail) { + this.mail = mail; + } + + /** + * @return the phone + */ + public String getPhone() { + return phone; + } + + /** + * @param phone the phone to set + */ + public void setPhone(String phone) { + this.phone = phone; + } + + /** + * @return the username + */ + public String getUsername() { + return username; + } + + /** + * @param username the username to set + */ + public void setUsername(String username) { + this.username = username; + } + + /** + * @return the password + */ + public String getPassword() { + return password; + } + + /** + * @param password the password to set + */ + public void setPassword(String password) { + this.password = password; + } + + /** + * @return the active + */ + public boolean isActive() { + return active; + } + + /** + * @param active the active to set + */ + public void setActive(boolean active) { + this.active = active; + } + + /** + * @return the admin + */ + public boolean isAdmin() { + return admin; + } + + /** + * @param admin the admin to set + */ + public void setAdmin(boolean admin) { + this.admin = admin; + } + + /** + * @return the passwordActive + */ + public boolean isPasswordActive() { + return passwordActive; + } + + /** + * @param passwordActive the passwordActive to set + */ + public void setPasswordActive(boolean passwordActive) { + this.passwordActive = passwordActive; + } + + /** + * @return the userID + */ + public String getUserID() { + return userID; + } + + /** + * @param userID the userID to set + */ + public void setUserID(String userID) { + this.userID = userID; + } + + /** + * @return the password_second + */ + public String getPassword_second() { + return password_second; + } + + /** + * @param password_second the password_second to set + */ + public void setPassword_second(String password_second) { + this.password_second = password_second; + } + + /** + * @return the isusernamepasswordallowed + */ + public boolean isIsusernamepasswordallowed() { + return isusernamepasswordallowed; + } + + /** + * @param isusernamepasswordallowed the isusernamepasswordallowed to set + */ + public void setIsusernamepasswordallowed(boolean isusernamepasswordallowed) { + this.isusernamepasswordallowed = isusernamepasswordallowed; + } + + /** + * @return the ismandateuser + */ + public boolean isIsmandateuser() { + return ismandateuser; + } + + /** + * @param ismandateuser the ismandateuser to set + */ + public void setIsmandateuser(boolean ismandateuser) { + this.ismandateuser = ismandateuser; + } + + /** + * @return the isadminrequest + */ + public boolean isIsadminrequest() { + return isadminrequest; + } + + /** + * @param isadminrequest the isadminrequest to set + */ + public void setIsadminrequest(boolean isadminrequest) { + this.isadminrequest = isadminrequest; + } + + /** + * @return the isPVPGenerated + */ + public boolean isPVPGenerated() { + return isPVPGenerated; + } + + /** + * @param isPVPGenerated the isPVPGenerated to set + */ + public void setPVPGenerated(boolean isPVPGenerated) { + this.isPVPGenerated = isPVPGenerated; + } + } diff --git a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/data/oa/AttributeHelper.java b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/data/oa/AttributeHelper.java index 63c82037f..c2344e059 100644 --- a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/data/oa/AttributeHelper.java +++ b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/data/oa/AttributeHelper.java @@ -4,61 +4,61 @@ import at.gv.egovernment.moa.id.commons.db.dao.config.deprecated.OAStorkAttribut import at.gv.egovernment.moa.id.commons.db.dao.config.deprecated.StorkAttribute; public class AttributeHelper { - private boolean isUsed = false; - private String name; - private boolean mandatory; - private boolean readonly; + private boolean isUsed = false; + private String name; + private boolean mandatory; + private boolean readonly; - public AttributeHelper() { - // TODO Auto-generated constructor stub - } + public AttributeHelper() { + // TODO Auto-generated constructor stub + } - public AttributeHelper(OAStorkAttribute attribute) { - isUsed = true; - name = attribute.getName(); - mandatory = attribute.isMandatory(); - } + public AttributeHelper(OAStorkAttribute attribute) { + isUsed = true; + name = attribute.getName(); + mandatory = attribute.isMandatory(); + } - public AttributeHelper(StorkAttribute attribute) { - name = attribute.getName(); - mandatory = false; - if (attribute.isMandatory()==null) { // TODO check details - attribute.setMandatory(false); - } else { - readonly = attribute.isMandatory(); - } - isUsed = readonly; - } + public AttributeHelper(StorkAttribute attribute) { + name = attribute.getName(); + mandatory = false; + if (attribute.isMandatory() == null) { // TODO check details + attribute.setMandatory(false); + } else { + readonly = attribute.isMandatory(); + } + isUsed = readonly; + } - public boolean isUsed() { - return isUsed; - } + public boolean isUsed() { + return isUsed; + } - public void setUsed(boolean used) { - isUsed = used; - } + public void setUsed(boolean used) { + isUsed = used; + } - public String getName() { - return name; - } + public String getName() { + return name; + } - public void setName(String newname) { - name = newname; - } + public void setName(String newname) { + name = newname; + } - public boolean isMandatory() { - return mandatory; - } + public boolean isMandatory() { + return mandatory; + } - public void setMandatory(boolean value) { - mandatory = value; - } + public void setMandatory(boolean value) { + mandatory = value; + } - public boolean isReadOnly() { - return readonly; - } + public boolean isReadOnly() { + return readonly; + } - public void setReadOnly(boolean value) { - // we do not allow setting the readonly field - } + public void setReadOnly(boolean value) { + // we do not allow setting the readonly field + } } \ No newline at end of file diff --git a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/data/oa/IOnlineApplicationData.java b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/data/oa/IOnlineApplicationData.java index 8195c993d..0ba3ed36c 100644 --- a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/data/oa/IOnlineApplicationData.java +++ b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/data/oa/IOnlineApplicationData.java @@ -34,31 +34,34 @@ import at.gv.egovernment.moa.id.configuration.auth.AuthenticatedUser; * */ public interface IOnlineApplicationData { - - public String getName(); - - /** - * Parse OnlineApplication database object to formData - * @param dbOAConfig - * @return List of Errors - */ - public List parse(OnlineApplication dbOA, AuthenticatedUser authUser, HttpServletRequest request); - - /** - * Store formData to OnlineApplication database object - * @param dboa: Database data object - * @param authUser - * @param request: - * @return Error description - */ - public String store(OnlineApplication dbOA, AuthenticatedUser authUser, HttpServletRequest request); - - /** - * Validate formData - * @param general - * @param request - * @return - */ - public List validate(OAGeneralConfig general, AuthenticatedUser authUser, HttpServletRequest request); + + String getName(); + + /** + * Parse OnlineApplication database object to formData + * + * @param dbOAConfig + * @return List of Errors + */ + List parse(OnlineApplication dbOA, AuthenticatedUser authUser, HttpServletRequest request); + + /** + * Store formData to OnlineApplication database object + * + * @param dboa: Database data object + * @param authUser + * @param request: + * @return Error description + */ + String store(OnlineApplication dbOA, AuthenticatedUser authUser, HttpServletRequest request); + + /** + * Validate formData + * + * @param general + * @param request + * @return + */ + List validate(OAGeneralConfig general, AuthenticatedUser authUser, HttpServletRequest request); } diff --git a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/data/oa/OAAuthenticationData.java b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/data/oa/OAAuthenticationData.java index b3db074a2..b3f0620f0 100644 --- a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/data/oa/OAAuthenticationData.java +++ b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/data/oa/OAAuthenticationData.java @@ -29,8 +29,6 @@ import java.util.Map; import javax.servlet.http.HttpServletRequest; -import org.apache.log4j.Logger; - import at.gv.egiz.eaaf.core.impl.utils.KeyValueUtils; import at.gv.egovernment.moa.id.commons.db.dao.config.deprecated.AuthComponentOA; import at.gv.egovernment.moa.id.commons.db.dao.config.deprecated.BKUURLS; @@ -47,105 +45,105 @@ import at.gv.egovernment.moa.id.configuration.auth.AuthenticatedUser; import at.gv.egovernment.moa.id.configuration.config.ConfigurationProvider; import at.gv.egovernment.moa.id.configuration.validation.oa.OAAuthenticationDataValidation; import at.gv.egovernment.moa.util.MiscUtil; +import lombok.extern.slf4j.Slf4j; /** * @author tlenz * */ +@Slf4j public class OAAuthenticationData implements IOnlineApplicationData { - private static final Logger log = Logger.getLogger(OAAuthenticationData.class); - - private String bkuOnlineURL = null; - private String bkuHandyURL = null; - private String bkuLocalURL = null; - - private String mandateProfiles = null; - private boolean useMandates = false; - - private List misServicesList = new ArrayList(); - private List elgaServicesList = new ArrayList(); - private List szrgwServicesList = new ArrayList(); - private List eidServicesList = new ArrayList(); - private String misServiceSelected = null; - private String elgaServiceSelected = null; - private String szrgwServiceSelected = null; - private String eidServiceSelected = null; - - private boolean calculateHPI = false; - - private String keyBoxIdentifier = null; - private static Map keyBoxIdentifierList; - - private boolean legacy = false; - List SLTemplates = null; - - private Map transformations; - - private boolean enableTestCredentials = false; - private List testCredentialOIDs = null; - private boolean useTestIDLValidationTrustStore = false; - private boolean useTestAuthblockValidationTrustStore = false; - - - //SL2.0 - private boolean sl20Active = false; - private String sl20EndPoints = null; - - private boolean isMoaidMode = false; - - /** - * @param isMoaidMode - * - */ - public OAAuthenticationData() { - try { - this.isMoaidMode = ConfigurationProvider.getInstance().isMOAIDMode(); - } catch (ConfigurationException e) { - e.printStackTrace(); - - } - - keyBoxIdentifierList = new HashMap(); - MOAKeyBoxSelector[] values = MOAKeyBoxSelector.values(); - for (int i=0; i misServicesList = new ArrayList<>(); + private List elgaServicesList = new ArrayList<>(); + private List szrgwServicesList = new ArrayList<>(); + private List eidServicesList = new ArrayList<>(); + private String misServiceSelected = null; + private String elgaServiceSelected = null; + private String szrgwServiceSelected = null; + private String eidServiceSelected = null; + + private boolean calculateHPI = false; + + private String keyBoxIdentifier = null; + private static Map keyBoxIdentifierList; + + private boolean legacy = false; + List SLTemplates = null; + + private Map transformations; + + private boolean enableTestCredentials = false; + private List testCredentialOIDs = null; + private boolean useTestIDLValidationTrustStore = false; + private boolean useTestAuthblockValidationTrustStore = false; + + // SL2.0 + private boolean sl20Active = false; + private String sl20EndPoints = null; + + private boolean isMoaidMode = false; + + /** + * @param isMoaidMode + * + */ + public OAAuthenticationData() { + try { + this.isMoaidMode = ConfigurationProvider.getInstance().isMOAIDMode(); + } catch (final ConfigurationException e) { + e.printStackTrace(); + + } + + keyBoxIdentifierList = new HashMap<>(); + final MOAKeyBoxSelector[] values = MOAKeyBoxSelector.values(); + for (final MOAKeyBoxSelector value : values) { + keyBoxIdentifierList.put(value.value(), value.value()); + } + + keyBoxIdentifier = MOAKeyBoxSelector.SECURE_SIGNATURE_KEYPAIR.value(); + + try { + final MOAIDConfiguration dbconfig = ConfigurationProvider.getInstance().getDbRead() + .getMOAIDConfiguration(); + + if (this.isMoaidMode) { + try { + elgaServicesList = KeyValueUtils.getListOfCSVValues(dbconfig.getElgaMandateServiceURLs()); + misServicesList = KeyValueUtils.getListOfCSVValues( + dbconfig.getAuthComponentGeneral().getOnlineMandates().getConnectionParameter().getURL()); + } catch (final NullPointerException e) { + } + + try { + szrgwServicesList = KeyValueUtils.getListOfCSVValues( + dbconfig.getAuthComponentGeneral().getForeignIdentities().getConnectionParameter().getURL()); + } catch (final NullPointerException e) { + } + + } + + try { + eidServicesList = KeyValueUtils.getListOfCSVValues(dbconfig.getEidSystemServiceURLs()); + } catch (final NullPointerException e) { + } + + } catch (final ConfigurationException e) { + log.error("MOA-ID-Configuration initialization FAILED.", e); + + } + // bkuLocalURL = Constants.DEFAULT_LOCALBKU_URL; // bkuHandyURL = Constants.DEFAULT_HANDYBKU_URL; -// +// // MOAIDConfiguration moaidconfig = ConfigurationDBRead.getMOAIDConfiguration(); // if (moaidconfig != null) { // DefaultBKUs defaultbkus = moaidconfig.getDefaultBKUs(); @@ -155,34 +153,43 @@ public class OAAuthenticationData implements IOnlineApplicationData { // setBkuOnlineURL(defaultbkus.getOnlineBKU()); // } // } - } - - /* (non-Javadoc) - * @see at.gv.egovernment.moa.id.configuration.data.oa.IOnlineApplicationData#getName() - */ - @Override - public String getName() { - return "OAAuthenticationData"; - } - - /* (non-Javadoc) - * @see at.gv.egovernment.moa.id.configuration.data.oa.IOnlineApplicationData#parse(at.gv.egovernment.moa.id.commons.db.dao.config.OnlineApplication, javax.servlet.http.HttpServletRequest) - */ - @Override - public List parse(OnlineApplication dbOA, AuthenticatedUser authUser, HttpServletRequest request) { - keyBoxIdentifier = dbOA.getKeyBoxIdentifier().value(); - - szrgwServiceSelected = dbOA.getSelectedSZRGWServiceURL(); - eidServiceSelected = dbOA.getSelectedEIDServiceURL(); - - AuthComponentOA oaauth = dbOA.getAuthComponentOA(); - if (oaauth != null) { - BKUURLS bkuurls = oaauth.getBKUURLS(); - - String defaulthandy = ""; - String defaultlocal = ""; - String defaultonline = ""; - + } + + /* + * (non-Javadoc) + * + * @see + * at.gv.egovernment.moa.id.configuration.data.oa.IOnlineApplicationData#getName + * () + */ + @Override + public String getName() { + return "OAAuthenticationData"; + } + + /* + * (non-Javadoc) + * + * @see + * at.gv.egovernment.moa.id.configuration.data.oa.IOnlineApplicationData#parse( + * at.gv.egovernment.moa.id.commons.db.dao.config.OnlineApplication, + * javax.servlet.http.HttpServletRequest) + */ + @Override + public List parse(OnlineApplication dbOA, AuthenticatedUser authUser, HttpServletRequest request) { + keyBoxIdentifier = dbOA.getKeyBoxIdentifier().value(); + + szrgwServiceSelected = dbOA.getSelectedSZRGWServiceURL(); + eidServiceSelected = dbOA.getSelectedEIDServiceURL(); + + final AuthComponentOA oaauth = dbOA.getAuthComponentOA(); + if (oaauth != null) { + final BKUURLS bkuurls = oaauth.getBKUURLS(); + + final String defaulthandy = ""; + final String defaultlocal = ""; + final String defaultonline = ""; + // MOAIDConfiguration dbconfig = ConfigurationDBRead.getMOAIDConfiguration(); // if (dbconfig != null) { // DefaultBKUs defaultbkus = dbconfig.getDefaultBKUs(); @@ -192,674 +199,685 @@ public class OAAuthenticationData implements IOnlineApplicationData { // defaultonline = defaultbkus.getOnlineBKU(); // } // } - - if (bkuurls != null) { - - if (MiscUtil.isEmpty(bkuurls.getHandyBKU())) - bkuHandyURL = defaulthandy; - else - bkuHandyURL = bkuurls.getHandyBKU(); - - if (MiscUtil.isEmpty(bkuurls.getLocalBKU())) - bkuLocalURL = defaultlocal; - else - bkuLocalURL = bkuurls.getLocalBKU(); - - if (MiscUtil.isEmpty(bkuurls.getOnlineBKU())) - bkuOnlineURL = defaultonline; - else - bkuOnlineURL = bkuurls.getOnlineBKU(); - } - - Mandates mandates = oaauth.getMandates(); - if (mandates != null) { - - mandateProfiles = null; - - List profileList = mandates.getProfileName(); - for (String el : profileList) { - if (mandateProfiles == null) - mandateProfiles = el; - - else - mandateProfiles += "," + el; - } - - //TODO: only for RC1 - if (MiscUtil.isNotEmpty(mandates.getProfiles())) { - if (mandateProfiles == null) - mandateProfiles = mandates.getProfiles(); - - else - mandateProfiles += "," + mandates.getProfiles(); - - } - - if (mandateProfiles != null) - useMandates = true; - - else - useMandates = false; - - misServiceSelected = mandates.getSelectedMISServiceURL(); - elgaServiceSelected = mandates.getSelecteELGAServiceURL(); - - } - - TemplatesType templates = oaauth.getTemplates(); - if (templates != null) { - List templatetype = templates.getTemplate(); - - if (templatetype != null) { - if (SLTemplates == null) { - SLTemplates = new ArrayList(); - } - - for (TemplateType el : templatetype) { - SLTemplates.add(el.getURL()); - } - } - } - - if (SLTemplates != null && SLTemplates.size() > 0) - legacy = true; - - List transforminfos = oaauth.getTransformsInfo(); - transformations = new HashMap(); - for (TransformsInfoType el : transforminfos) { - transformations.put(el.getFilename(), el.getTransformation()); - } - } - - if (oaauth.getTestCredentials() != null) { - enableTestCredentials = oaauth.getTestCredentials().isEnableTestCredentials(); - testCredentialOIDs = new ArrayList(); - testCredentialOIDs.addAll(oaauth.getTestCredentials().getCredentialOID()); - - useTestAuthblockValidationTrustStore = oaauth.getTestCredentials().isUseTestAuthBlockTrustStore(); - useTestIDLValidationTrustStore = oaauth.getTestCredentials().isUseTestIDLTrustStore(); - } - - //parse SL2.0 information - if (oaauth.isSl20Active()) { - //parse SL2.0 endpoint information - if (oaauth.getSl20EndPoints() != null) { - if (KeyValueUtils.isCSVValueString(oaauth.getSl20EndPoints())) - sl20EndPoints = KeyValueUtils.normalizeCSVValueString(oaauth.getSl20EndPoints()); - - else { - if (oaauth.getSl20EndPoints().contains(KeyValueUtils.CSV_DELIMITER)) { - //remove trailing comma if exist - sl20EndPoints = oaauth.getSl20EndPoints().substring(0, - oaauth.getSl20EndPoints().indexOf(KeyValueUtils.CSV_DELIMITER)); - - } else - sl20EndPoints = oaauth.getSl20EndPoints(); - - } - } - sl20Active = oaauth.isSl20Active(); - - } - - - return null; - - } - - /* (non-Javadoc) - * @see at.gv.egovernment.moa.id.configuration.data.oa.IOnlineApplicationData#store(at.gv.egovernment.moa.id.commons.db.dao.config.OnlineApplication, at.gv.egovernment.moa.id.configuration.auth.AuthenticatedUser, javax.servlet.http.HttpServletRequest) - */ - @Override - public String store(OnlineApplication dbOA, AuthenticatedUser authUser, - HttpServletRequest request) { - AuthComponentOA authoa = dbOA.getAuthComponentOA(); - if (authoa == null) { - authoa = new AuthComponentOA(); - dbOA.setAuthComponentOA(authoa); + + if (bkuurls != null) { + + if (MiscUtil.isEmpty(bkuurls.getHandyBKU())) { + bkuHandyURL = defaulthandy; + } else { + bkuHandyURL = bkuurls.getHandyBKU(); + } + + if (MiscUtil.isEmpty(bkuurls.getLocalBKU())) { + bkuLocalURL = defaultlocal; + } else { + bkuLocalURL = bkuurls.getLocalBKU(); + } + + if (MiscUtil.isEmpty(bkuurls.getOnlineBKU())) { + bkuOnlineURL = defaultonline; + } else { + bkuOnlineURL = bkuurls.getOnlineBKU(); + } + } + + final Mandates mandates = oaauth.getMandates(); + if (mandates != null) { + + mandateProfiles = null; + + final List profileList = mandates.getProfileName(); + for (final String el : profileList) { + if (mandateProfiles == null) { + mandateProfiles = el; + } else { + mandateProfiles += "," + el; + } + } + + // TODO: only for RC1 + if (MiscUtil.isNotEmpty(mandates.getProfiles())) { + if (mandateProfiles == null) { + mandateProfiles = mandates.getProfiles(); + } else { + mandateProfiles += "," + mandates.getProfiles(); + } + + } + + if (mandateProfiles != null) { + useMandates = true; + } else { + useMandates = false; + } + + misServiceSelected = mandates.getSelectedMISServiceURL(); + elgaServiceSelected = mandates.getSelecteELGAServiceURL(); + + } + + final TemplatesType templates = oaauth.getTemplates(); + if (templates != null) { + final List templatetype = templates.getTemplate(); + + if (templatetype != null) { + if (SLTemplates == null) { + SLTemplates = new ArrayList<>(); + } + + for (final TemplateType el : templatetype) { + SLTemplates.add(el.getURL()); + } } - - dbOA.setCalculateHPI(isCalculateHPI()); - - if (MiscUtil.isNotEmpty(getSzrgwServiceSelected())) - dbOA.setSelectedSZRGWServiceURL(getSzrgwServiceSelected()); - - - if (MiscUtil.isNotEmpty(getEidServiceSelected())) - dbOA.setSelectedEIDServiceURL(getEidServiceSelected()); - - if (authUser.isAdmin()) { - - //store BKU-URLs - BKUURLS bkuruls = new BKUURLS(); - authoa.setBKUURLS(bkuruls); - bkuruls.setHandyBKU(getBkuHandyURL()); - bkuruls.setLocalBKU(getBkuLocalURL()); - bkuruls.setOnlineBKU(getBkuOnlineURL()); - - //store SecurtiyLayerTemplates - TemplatesType templates = authoa.getTemplates(); - if (templates == null) { - templates = new TemplatesType(); - authoa.setTemplates(templates); - } - List template = templates.getTemplate(); - if (isLegacy()) { - - if (template == null) - template = new ArrayList(); - else - template.clear(); - - if (MiscUtil.isNotEmpty(getSLTemplateURL1())) { - TemplateType el = new TemplateType(); - el.setURL(getSLTemplateURL1()); - template.add(el); - } else - template.add(new TemplateType()); - if (MiscUtil.isNotEmpty(getSLTemplateURL2())) { - TemplateType el = new TemplateType(); - el.setURL(getSLTemplateURL2()); - template.add(el); - } else - template.add(new TemplateType()); - if (MiscUtil.isNotEmpty(getSLTemplateURL3())) { - TemplateType el = new TemplateType(); - el.setURL(getSLTemplateURL3()); - template.add(el); - } else - template.add(new TemplateType()); - - } else { - if (template != null && template.size() > 0) template.clear(); - } - - - //store keyBox Identifier - dbOA.setKeyBoxIdentifier(MOAKeyBoxSelector.fromValue(getKeyBoxIdentifier())); + } + + if (SLTemplates != null && SLTemplates.size() > 0) { + legacy = true; + } + + final List transforminfos = oaauth.getTransformsInfo(); + transformations = new HashMap<>(); + for (final TransformsInfoType el : transforminfos) { + transformations.put(el.getFilename(), el.getTransformation()); + } + } + + if (oaauth.getTestCredentials() != null) { + enableTestCredentials = oaauth.getTestCredentials().isEnableTestCredentials(); + testCredentialOIDs = new ArrayList<>(); + testCredentialOIDs.addAll(oaauth.getTestCredentials().getCredentialOID()); + + useTestAuthblockValidationTrustStore = oaauth.getTestCredentials().isUseTestAuthBlockTrustStore(); + useTestIDLValidationTrustStore = oaauth.getTestCredentials().isUseTestIDLTrustStore(); + } + + // parse SL2.0 information + if (oaauth.isSl20Active()) { + // parse SL2.0 endpoint information + if (oaauth.getSl20EndPoints() != null) { + if (KeyValueUtils.isCSVValueString(oaauth.getSl20EndPoints())) { + sl20EndPoints = KeyValueUtils.normalizeCSVValueString(oaauth.getSl20EndPoints()); } else { - if (dbOA.isIsNew()) dbOA.setKeyBoxIdentifier(MOAKeyBoxSelector.SECURE_SIGNATURE_KEYPAIR); + if (oaauth.getSl20EndPoints().contains(KeyValueUtils.CSV_DELIMITER)) { + // remove trailing comma if exist + sl20EndPoints = oaauth.getSl20EndPoints().substring(0, + oaauth.getSl20EndPoints().indexOf(KeyValueUtils.CSV_DELIMITER)); + + } else { + sl20EndPoints = oaauth.getSl20EndPoints(); + } + } - - Mandates mandates = new Mandates(); - if (isUseMandates()) { - - String[] profileList = getMandateProfiles().split(","); - - List dbProfiles = mandates.getProfileName(); - if (dbProfiles == null) { - dbProfiles = new ArrayList(); - mandates.setProfileName(dbProfiles); - - } - - for (String el: profileList) - dbProfiles.add(el.trim()); - - mandates.setProfiles(null); - - if (MiscUtil.isNotEmpty(getMisServiceSelected())) - mandates.setSelectedMISServiceURL(getMisServiceSelected()); - - if (MiscUtil.isNotEmpty(getElgaServiceSelected())) - mandates.setSelecteELGAServiceURL(getElgaServiceSelected()); - + } + sl20Active = oaauth.isSl20Active(); + + } + + return null; + + } + + /* + * (non-Javadoc) + * + * @see + * at.gv.egovernment.moa.id.configuration.data.oa.IOnlineApplicationData#store( + * at.gv.egovernment.moa.id.commons.db.dao.config.OnlineApplication, + * at.gv.egovernment.moa.id.configuration.auth.AuthenticatedUser, + * javax.servlet.http.HttpServletRequest) + */ + @Override + public String store(OnlineApplication dbOA, AuthenticatedUser authUser, + HttpServletRequest request) { + AuthComponentOA authoa = dbOA.getAuthComponentOA(); + if (authoa == null) { + authoa = new AuthComponentOA(); + dbOA.setAuthComponentOA(authoa); + } + + dbOA.setCalculateHPI(isCalculateHPI()); + + if (MiscUtil.isNotEmpty(getSzrgwServiceSelected())) { + dbOA.setSelectedSZRGWServiceURL(getSzrgwServiceSelected()); + } + + if (MiscUtil.isNotEmpty(getEidServiceSelected())) { + dbOA.setSelectedEIDServiceURL(getEidServiceSelected()); + } + + if (authUser.isAdmin()) { + + // store BKU-URLs + final BKUURLS bkuruls = new BKUURLS(); + authoa.setBKUURLS(bkuruls); + bkuruls.setHandyBKU(getBkuHandyURL()); + bkuruls.setLocalBKU(getBkuLocalURL()); + bkuruls.setOnlineBKU(getBkuOnlineURL()); + + // store SecurtiyLayerTemplates + TemplatesType templates = authoa.getTemplates(); + if (templates == null) { + templates = new TemplatesType(); + authoa.setTemplates(templates); + } + List template = templates.getTemplate(); + if (isLegacy()) { + + if (template == null) { + template = new ArrayList<>(); } else { - mandates.setProfiles(null); - mandates.getProfileName().clear(); - + template.clear(); } - authoa.setMandates(mandates); - // set default transformation if it is empty - List transformsInfo = authoa.getTransformsInfo(); - if (transformsInfo == null) { - // TODO: set OA specific transformation if it is required + if (MiscUtil.isNotEmpty(getSLTemplateURL1())) { + final TemplateType el = new TemplateType(); + el.setURL(getSLTemplateURL1()); + template.add(el); + } else { + template.add(new TemplateType()); + } + if (MiscUtil.isNotEmpty(getSLTemplateURL2())) { + final TemplateType el = new TemplateType(); + el.setURL(getSLTemplateURL2()); + template.add(el); + } else { + template.add(new TemplateType()); + } + if (MiscUtil.isNotEmpty(getSLTemplateURL3())) { + final TemplateType el = new TemplateType(); + el.setURL(getSLTemplateURL3()); + template.add(el); + } else { + template.add(new TemplateType()); + } + } else { + if (template != null && template.size() > 0) { + template.clear(); } - - if (enableTestCredentials) { - TestCredentials testing = authoa.getTestCredentials(); + } + + // store keyBox Identifier + dbOA.setKeyBoxIdentifier(MOAKeyBoxSelector.fromValue(getKeyBoxIdentifier())); + } else { + if (dbOA.isIsNew()) { + dbOA.setKeyBoxIdentifier(MOAKeyBoxSelector.SECURE_SIGNATURE_KEYPAIR); + } + } + + final Mandates mandates = new Mandates(); + if (isUseMandates()) { + + final String[] profileList = getMandateProfiles().split(","); + + List dbProfiles = mandates.getProfileName(); + if (dbProfiles == null) { + dbProfiles = new ArrayList<>(); + mandates.setProfileName(dbProfiles); + + } + + for (final String el : profileList) { + dbProfiles.add(el.trim()); + } + + mandates.setProfiles(null); + + if (MiscUtil.isNotEmpty(getMisServiceSelected())) { + mandates.setSelectedMISServiceURL(getMisServiceSelected()); + } + + if (MiscUtil.isNotEmpty(getElgaServiceSelected())) { + mandates.setSelecteELGAServiceURL(getElgaServiceSelected()); + } + + } else { + mandates.setProfiles(null); + mandates.getProfileName().clear(); + + } + authoa.setMandates(mandates); + + // set default transformation if it is empty + final List transformsInfo = authoa.getTransformsInfo(); + if (transformsInfo == null) { + // TODO: set OA specific transformation if it is required + + } + + if (enableTestCredentials) { + TestCredentials testing = authoa.getTestCredentials(); // if (testing != null) // ConfigurationDBUtils.delete(testing); - testing = new TestCredentials(); - authoa.setTestCredentials(testing); - testing.setEnableTestCredentials(enableTestCredentials); - testing.setCredentialOID(testCredentialOIDs); - + testing = new TestCredentials(); + authoa.setTestCredentials(testing); + testing.setEnableTestCredentials(enableTestCredentials); + testing.setCredentialOID(testCredentialOIDs); + + } else { + final TestCredentials testing = authoa.getTestCredentials(); + if (testing != null) { + testing.setEnableTestCredentials(false); + } + + } + + TestCredentials testing = authoa.getTestCredentials(); + if (testing == null) { + testing = new TestCredentials(); + authoa.setTestCredentials(testing); + + } + testing.setUseTestAuthBlockTrustStore(useTestAuthblockValidationTrustStore); + testing.setUseTestIDLTrustStore(useTestIDLValidationTrustStore); + + // store SL2.0 information + authoa.setSl20Active(isSl20Active()); + authoa.setSl20EndPoints(getSl20EndPoints()); + + return null; + } + + /* + * (non-Javadoc) + * + * @see at.gv.egovernment.moa.id.configuration.data.oa.IOnlineApplicationData# + * validate(at.gv.egovernment.moa.id.configuration.data.oa.OAGeneralConfig, + * at.gv.egovernment.moa.id.configuration.auth.AuthenticatedUser, + * javax.servlet.http.HttpServletRequest) + */ + @Override + public List validate(OAGeneralConfig general, + AuthenticatedUser authUser, HttpServletRequest request) { + return new OAAuthenticationDataValidation().validate(this, authUser.isAdmin(), request); + } + + /** + * @return the bkuOnlineURL + */ + public String getBkuOnlineURL() { + return bkuOnlineURL; + } + + /** + * @param bkuOnlineURL the bkuOnlineURL to set + */ + public void setBkuOnlineURL(String bkuOnlineURL) { + this.bkuOnlineURL = bkuOnlineURL; + } + + /** + * @return the bkuHandyURL + */ + public String getBkuHandyURL() { + return bkuHandyURL; + } + + /** + * @param bkuHandyURL the bkuHandyURL to set + */ + public void setBkuHandyURL(String bkuHandyURL) { + this.bkuHandyURL = bkuHandyURL; + } + + /** + * @return the bkuLocalURL + */ + public String getBkuLocalURL() { + return bkuLocalURL; + } + + /** + * @param bkuLocalURL the bkuLocalURL to set + */ + public void setBkuLocalURL(String bkuLocalURL) { + this.bkuLocalURL = bkuLocalURL; + } + + /** + * @return the mandateProfiles + */ + public String getMandateProfiles() { + return mandateProfiles; + } + + /** + * @param mandateProfiles the mandateProfiles to set + */ + public void setMandateProfiles(String mandateProfiles) { + this.mandateProfiles = mandateProfiles; + } + + /** + * @return the useMandates + */ + public boolean isUseMandates() { + return useMandates; + } + + /** + * @param useMandates the useMandates to set + */ + public void setUseMandates(boolean useMandates) { + this.useMandates = useMandates; + } + + /** + * @return the calculateHPI + */ + public boolean isCalculateHPI() { + return calculateHPI; + } + + /** + * @param calculateHPI the calculateHPI to set + */ + public void setCalculateHPI(boolean calculateHPI) { + this.calculateHPI = calculateHPI; + } + + /** + * @return the keyBoxIdentifier + */ + public String getKeyBoxIdentifier() { + return keyBoxIdentifier; + } + + /** + * @param keyBoxIdentifier the keyBoxIdentifier to set + */ + public void setKeyBoxIdentifier(String keyBoxIdentifier) { + this.keyBoxIdentifier = keyBoxIdentifier; + } + + /** + * @return the keyBoxIdentifierList + */ + public Map getKeyBoxIdentifierList() { + return keyBoxIdentifierList; + } + + /** + * @return the legacy + */ + public boolean isLegacy() { + return legacy; + } + + /** + * @param legacy the legacy to set + */ + public void setLegacy(boolean legacy) { + this.legacy = legacy; + } + + /** + * @return the transformations + */ + public Map getTransformations() { + return transformations; + } + + /** + * @param transformations the transformations to set + */ + public void setTransformations(Map transformations) { + this.transformations = transformations; + } + + /** + * @return the sLTemplates + */ + public List getSLTemplates() { + return SLTemplates; + } + + /** + * @return the sLTemplateURL1 + */ + public String getSLTemplateURL1() { + if (SLTemplates != null && SLTemplates.size() > 0) { + return SLTemplates.get(0); + } else { + return null; + } + } + + /** + * @param sLTemplateURL1 the sLTemplateURL1 to set + */ + public void setSLTemplateURL1(String sLTemplateURL1) { + if (SLTemplates == null) { + SLTemplates = new ArrayList<>(); + } + SLTemplates.add(sLTemplateURL1); + } + + /** + * @return the sLTemplateURL2 + */ + public String getSLTemplateURL2() { + if (SLTemplates != null && SLTemplates.size() > 1) { + return SLTemplates.get(1); + } else { + return null; + } + } + + /** + * @param sLTemplateURL2 the sLTemplateURL2 to set + */ + public void setSLTemplateURL2(String sLTemplateURL2) { + if (SLTemplates == null) { + SLTemplates = new ArrayList<>(); + } + SLTemplates.add(sLTemplateURL2); + } + + /** + * @return the sLTemplateURL3 + */ + public String getSLTemplateURL3() { + if (SLTemplates != null && SLTemplates.size() > 2) { + return SLTemplates.get(2); + } else { + return null; + } + } + + /** + * @param sLTemplateURL3 the sLTemplateURL3 to set + */ + public void setSLTemplateURL3(String sLTemplateURL3) { + if (SLTemplates == null) { + SLTemplates = new ArrayList<>(); + } + SLTemplates.add(sLTemplateURL3); + } + + /** + * @return the enableTestCredentials + */ + public boolean isEnableTestCredentials() { + return enableTestCredentials; + } + + /** + * @param enableTestCredentials the enableTestCredentials to set + */ + public void setEnableTestCredentials(boolean enableTestCredentials) { + this.enableTestCredentials = enableTestCredentials; + } + + /** + * @return the testCredentialOIDs + */ + public String getTestCredentialOIDs() { + String value = null; + if (testCredentialOIDs != null) { + for (final String el : testCredentialOIDs) { + if (value == null) { + value = el; } else { - TestCredentials testing = authoa.getTestCredentials(); - if (testing != null) { - testing.setEnableTestCredentials(false); - } - + value += "," + el; } - - TestCredentials testing = authoa.getTestCredentials(); - if (testing == null) { - testing = new TestCredentials(); - authoa.setTestCredentials(testing); - - } - testing.setUseTestAuthBlockTrustStore(useTestAuthblockValidationTrustStore); - testing.setUseTestIDLTrustStore(useTestIDLValidationTrustStore); - - - //store SL2.0 information - authoa.setSl20Active(isSl20Active()); - authoa.setSl20EndPoints(getSl20EndPoints()); - - return null; - } - - /* (non-Javadoc) - * @see at.gv.egovernment.moa.id.configuration.data.oa.IOnlineApplicationData#validate(at.gv.egovernment.moa.id.configuration.data.oa.OAGeneralConfig, at.gv.egovernment.moa.id.configuration.auth.AuthenticatedUser, javax.servlet.http.HttpServletRequest) - */ - @Override - public List validate(OAGeneralConfig general, - AuthenticatedUser authUser, HttpServletRequest request) { - return new OAAuthenticationDataValidation().validate(this, authUser.isAdmin(), request); - } - - - /** - * @return the bkuOnlineURL - */ - public String getBkuOnlineURL() { - return bkuOnlineURL; - } - - - /** - * @param bkuOnlineURL the bkuOnlineURL to set - */ - public void setBkuOnlineURL(String bkuOnlineURL) { - this.bkuOnlineURL = bkuOnlineURL; - } - - - /** - * @return the bkuHandyURL - */ - public String getBkuHandyURL() { - return bkuHandyURL; - } - - - /** - * @param bkuHandyURL the bkuHandyURL to set - */ - public void setBkuHandyURL(String bkuHandyURL) { - this.bkuHandyURL = bkuHandyURL; - } - - - /** - * @return the bkuLocalURL - */ - public String getBkuLocalURL() { - return bkuLocalURL; - } - - - /** - * @param bkuLocalURL the bkuLocalURL to set - */ - public void setBkuLocalURL(String bkuLocalURL) { - this.bkuLocalURL = bkuLocalURL; - } - - - /** - * @return the mandateProfiles - */ - public String getMandateProfiles() { - return mandateProfiles; - } - - - /** - * @param mandateProfiles the mandateProfiles to set - */ - public void setMandateProfiles(String mandateProfiles) { - this.mandateProfiles = mandateProfiles; - } - - - /** - * @return the useMandates - */ - public boolean isUseMandates() { - return useMandates; - } - - - /** - * @param useMandates the useMandates to set - */ - public void setUseMandates(boolean useMandates) { - this.useMandates = useMandates; - } - - - /** - * @return the calculateHPI - */ - public boolean isCalculateHPI() { - return calculateHPI; - } - - - /** - * @param calculateHPI the calculateHPI to set - */ - public void setCalculateHPI(boolean calculateHPI) { - this.calculateHPI = calculateHPI; - } - - - /** - * @return the keyBoxIdentifier - */ - public String getKeyBoxIdentifier() { - return keyBoxIdentifier; - } - - - /** - * @param keyBoxIdentifier the keyBoxIdentifier to set - */ - public void setKeyBoxIdentifier(String keyBoxIdentifier) { - this.keyBoxIdentifier = keyBoxIdentifier; - } - - - /** - * @return the keyBoxIdentifierList - */ - public Map getKeyBoxIdentifierList() { - return keyBoxIdentifierList; - } - - - /** - * @return the legacy - */ - public boolean isLegacy() { - return legacy; - } - - - /** - * @param legacy the legacy to set - */ - public void setLegacy(boolean legacy) { - this.legacy = legacy; - } - - - /** - * @return the transformations - */ - public Map getTransformations() { - return transformations; - } - - - /** - * @param transformations the transformations to set - */ - public void setTransformations(Map transformations) { - this.transformations = transformations; - } - - - /** - * @return the sLTemplates - */ - public List getSLTemplates() { - return SLTemplates; - } - - /** - * @return the sLTemplateURL1 - */ - public String getSLTemplateURL1() { - if (SLTemplates != null && SLTemplates.size() > 0) - return SLTemplates.get(0); - else - return null; - } - - - /** - * @param sLTemplateURL1 the sLTemplateURL1 to set - */ - public void setSLTemplateURL1(String sLTemplateURL1) { - if (SLTemplates == null) - SLTemplates = new ArrayList(); - SLTemplates.add(sLTemplateURL1); - } - - - /** - * @return the sLTemplateURL2 - */ - public String getSLTemplateURL2() { - if (SLTemplates != null && SLTemplates.size() > 1) - return SLTemplates.get(1); - else - return null; - } - - - /** - * @param sLTemplateURL2 the sLTemplateURL2 to set - */ - public void setSLTemplateURL2(String sLTemplateURL2) { - if (SLTemplates == null) - SLTemplates = new ArrayList(); - SLTemplates.add(sLTemplateURL2); - } - - - /** - * @return the sLTemplateURL3 - */ - public String getSLTemplateURL3() { - if (SLTemplates != null && SLTemplates.size() > 2) - return SLTemplates.get(2); - else - return null; - } - - - /** - * @param sLTemplateURL3 the sLTemplateURL3 to set - */ - public void setSLTemplateURL3(String sLTemplateURL3) { - if (SLTemplates == null) - SLTemplates = new ArrayList(); - SLTemplates.add(sLTemplateURL3); - } - - /** - * @return the enableTestCredentials - */ - public boolean isEnableTestCredentials() { - return enableTestCredentials; - } - - /** - * @param enableTestCredentials the enableTestCredentials to set - */ - public void setEnableTestCredentials(boolean enableTestCredentials) { - this.enableTestCredentials = enableTestCredentials; - } - - /** - * @return the testCredentialOIDs - */ - public String getTestCredentialOIDs() { - String value = null; - if (testCredentialOIDs != null) { - for (String el : testCredentialOIDs) { - if (value == null) - value = el; - else - value += "," + el; - - } - } - - return value; - } - - public List getTestCredialOIDList() { - return this.testCredentialOIDs; - } - - /** - * @param testCredentialOIDs the testCredentialOIDs to set - */ - public void setTestCredentialOIDs(String testCredentialOIDs) { - if (MiscUtil.isNotEmpty(testCredentialOIDs)) { - String[] oidList = testCredentialOIDs.split(","); - - this.testCredentialOIDs = new ArrayList(); - for (int i=0; i getMisServicesList() { - return misServicesList; - } - - /** - * @return the elgaServicesList - */ - public List getElgaServicesList() { - return elgaServicesList; - } - - /** - * @return the szrgwServicesList - */ - public List getSzrgwServicesList() { - return szrgwServicesList; - } - - public List getEidServicesList() { - return eidServicesList; - } - - public String getEidServiceSelected() { - return eidServiceSelected; - } - - public void setEidServiceSelected(String eidServiceSelected) { - this.eidServiceSelected = eidServiceSelected; - } - - public boolean isSl20Active() { - return sl20Active; - } - - public void setSl20Active(boolean sl20Active) { - this.sl20Active = sl20Active; - } - - public String getSl20EndPoints() { - return sl20EndPoints; - } - - public void setSl20EndPoints(String sl20EndPoints) { - if (MiscUtil.isNotEmpty(sl20EndPoints)) - this.sl20EndPoints = - KeyValueUtils.removeAllNewlineFromString(sl20EndPoints); - else - this.sl20EndPoints = sl20EndPoints; - } - - public boolean isMoaidMode() { - return isMoaidMode; - } - + + } + } + + return value; + } + + public List getTestCredialOIDList() { + return this.testCredentialOIDs; + } + + /** + * @param testCredentialOIDs the testCredentialOIDs to set + */ + public void setTestCredentialOIDs(String testCredentialOIDs) { + if (MiscUtil.isNotEmpty(testCredentialOIDs)) { + final String[] oidList = testCredentialOIDs.split(","); + + this.testCredentialOIDs = new ArrayList<>(); + for (final String element : oidList) { + this.testCredentialOIDs.add(element.trim()); + } + } + } + + /** + * @return the useTestIDLValidationTrustStore + */ + public boolean isUseTestIDLValidationTrustStore() { + return useTestIDLValidationTrustStore; + } + + /** + * @param useTestIDLValidationTrustStore the useTestIDLValidationTrustStore to + * set + */ + public void setUseTestIDLValidationTrustStore( + boolean useTestIDLValidationTrustStore) { + this.useTestIDLValidationTrustStore = useTestIDLValidationTrustStore; + } + + /** + * @return the useTestAuthblockValidationTrustStore + */ + public boolean isUseTestAuthblockValidationTrustStore() { + return useTestAuthblockValidationTrustStore; + } + + /** + * @param useTestAuthblockValidationTrustStore the + * useTestAuthblockValidationTrustStore + * to set + */ + public void setUseTestAuthblockValidationTrustStore( + boolean useTestAuthblockValidationTrustStore) { + this.useTestAuthblockValidationTrustStore = useTestAuthblockValidationTrustStore; + } + + /** + * @return the misServiceSelected + */ + public String getMisServiceSelected() { + return misServiceSelected; + } + + /** + * @param misServiceSelected the misServiceSelected to set + */ + public void setMisServiceSelected(String misServiceSelected) { + this.misServiceSelected = misServiceSelected; + } + + /** + * @return the elgaServiceSelected + */ + public String getElgaServiceSelected() { + return elgaServiceSelected; + } + + /** + * @param elgaServiceSelected the elgaServiceSelected to set + */ + public void setElgaServiceSelected(String elgaServiceSelected) { + this.elgaServiceSelected = elgaServiceSelected; + } + + /** + * @return the szrgwServiceSelected + */ + public String getSzrgwServiceSelected() { + return szrgwServiceSelected; + } + + /** + * @param szrgwServiceSelected the szrgwServiceSelected to set + */ + public void setSzrgwServiceSelected(String szrgwServiceSelected) { + this.szrgwServiceSelected = szrgwServiceSelected; + } + + /** + * @return the misServicesList + */ + public List getMisServicesList() { + return misServicesList; + } + + /** + * @return the elgaServicesList + */ + public List getElgaServicesList() { + return elgaServicesList; + } + + /** + * @return the szrgwServicesList + */ + public List getSzrgwServicesList() { + return szrgwServicesList; + } + + public List getEidServicesList() { + return eidServicesList; + } + + public String getEidServiceSelected() { + return eidServiceSelected; + } + + public void setEidServiceSelected(String eidServiceSelected) { + this.eidServiceSelected = eidServiceSelected; + } + + public boolean isSl20Active() { + return sl20Active; + } + + public void setSl20Active(boolean sl20Active) { + this.sl20Active = sl20Active; + } + + public String getSl20EndPoints() { + return sl20EndPoints; + } + + public void setSl20EndPoints(String sl20EndPoints) { + if (MiscUtil.isNotEmpty(sl20EndPoints)) { + this.sl20EndPoints = + KeyValueUtils.removeAllNewlineFromString(sl20EndPoints); + } else { + this.sl20EndPoints = sl20EndPoints; + } + } + + public boolean isMoaidMode() { + return isMoaidMode; + } + } diff --git a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/data/oa/OABPKEncryption.java b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/data/oa/OABPKEncryption.java index bac69cf34..1f4d842ca 100644 --- a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/data/oa/OABPKEncryption.java +++ b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/data/oa/OABPKEncryption.java @@ -33,7 +33,6 @@ import javax.servlet.http.HttpServletRequest; import javax.servlet.http.HttpSession; import org.apache.commons.lang.SerializationUtils; -import org.apache.log4j.Logger; import at.gv.egovernment.moa.id.auth.exception.BuildException; import at.gv.egovernment.moa.id.commons.api.data.BPKDecryptionParameters; @@ -49,322 +48,342 @@ import at.gv.egovernment.moa.id.configuration.utils.ConfigurationEncryptionUtils import at.gv.egovernment.moa.id.configuration.validation.oa.OAFileUploadValidation; import at.gv.egovernment.moa.id.data.EncryptedData; import at.gv.egovernment.moa.util.MiscUtil; +import lombok.extern.slf4j.Slf4j; /** * @author tlenz * */ +@Slf4j public class OABPKEncryption implements IOnlineApplicationData { - private static final Logger log = Logger.getLogger(OABPKEncryption.class); - - private static final String MODULENAME = "bPKEncryptionDecryption"; - - private String keyStorePassword = null; - private String keyAlias = null; - private String keyPassword = null; - - private Map keyStoreForm = new HashMap(); - - private List keyStoreFileUpload = null; - private List keyStoreFileUploadContentType = null; - private List keyStoreFileUploadFileName = new ArrayList();; - private boolean deletekeyStore = false; - private boolean validationError = false; - - - /* (non-Javadoc) - * @see at.gv.egovernment.moa.id.configuration.data.oa.IOnlineApplicationData#getName() - */ - @Override - public String getName() { - // TODO Auto-generated method stub - return MODULENAME; - } - - /* (non-Javadoc) - * @see at.gv.egovernment.moa.id.configuration.data.oa.IOnlineApplicationData#parse(at.gv.egovernment.moa.id.commons.db.dao.config.OnlineApplication, at.gv.egovernment.moa.id.configuration.auth.AuthenticatedUser, javax.servlet.http.HttpServletRequest) - */ - @Override - public List parse(OnlineApplication dbOA, - AuthenticatedUser authUser, HttpServletRequest request) { - AuthComponentOA oaAuth = dbOA.getAuthComponentOA(); - if (oaAuth != null) { - EncBPKInformation bPKEncDec = oaAuth.getEncBPKInformation(); - if (bPKEncDec != null) { - BPKDecryption bPKDec = bPKEncDec.getBPKDecryption(); - if (bPKDec != null) { - keyAlias = bPKDec.getKeyAlias(); - if (bPKDec.getKeyStoreFileName() != null) - keyStoreFileUploadFileName.add(bPKDec.getKeyStoreFileName()); - - } - } - } - - return null; - } - - /* (non-Javadoc) - * @see at.gv.egovernment.moa.id.configuration.data.oa.IOnlineApplicationData#store(at.gv.egovernment.moa.id.commons.db.dao.config.OnlineApplication, at.gv.egovernment.moa.id.configuration.auth.AuthenticatedUser, javax.servlet.http.HttpServletRequest) - */ - @Override - public String store(OnlineApplication dbOA, AuthenticatedUser authUser, - HttpServletRequest request) { - AuthComponentOA oaAuth = dbOA.getAuthComponentOA(); - if (oaAuth == null) { - oaAuth = new AuthComponentOA(); - dbOA.setAuthComponentOA(oaAuth); - - } - EncBPKInformation bPKEncDec = oaAuth.getEncBPKInformation(); - if (bPKEncDec == null) { - bPKEncDec = new EncBPKInformation(); - oaAuth.setEncBPKInformation(bPKEncDec); - - } - - BPKDecryption bPKDec = bPKEncDec.getBPKDecryption(); - if (bPKDec == null) { - bPKDec = new BPKDecryption(); - bPKEncDec.setBPKDecryption(bPKDec); - } - - if (isDeletekeyStore()) { - bPKDec.setIv(null); - bPKDec.setKeyAlias(null); - bPKDec.setKeyInformation(null); - bPKDec.setKeyStoreFileName(null); - - } - - BPKDecryptionParameters keyInfo = new BPKDecryptionParameters(); - if (keyStoreForm != null && keyStoreForm.size() > 0) { - keyInfo.setKeyAlias(keyAlias); - keyInfo.setKeyPassword(keyPassword); - keyInfo.setKeyStorePassword(keyStorePassword); - - Iterator interator = keyStoreForm.keySet().iterator(); - bPKDec.setKeyStoreFileName(interator.next()); - bPKDec.setKeyAlias(keyAlias); - keyInfo.setKeyStore(keyStoreForm.get( - bPKDec.getKeyStoreFileName())); - - //encrypt key information - byte[] serKeyInfo = SerializationUtils.serialize(keyInfo); - try { - EncryptedData encryptkeyInfo = ConfigurationEncryptionUtils.getInstance().encrypt(serKeyInfo); - bPKDec.setIv(encryptkeyInfo.getIv()); - bPKDec.setKeyInformation(encryptkeyInfo.getEncData()); - - } catch (BuildException e) { - log.error("Configuration encryption FAILED.", e); - return LanguageHelper.getErrorString("error.general.text", request); - - } - } - - request.getSession().setAttribute(Constants.SESSION_BPKENCRYPTIONDECRYPTION, null); - - return null; - } - - /* (non-Javadoc) - * @see at.gv.egovernment.moa.id.configuration.data.oa.IOnlineApplicationData#validate(at.gv.egovernment.moa.id.configuration.data.oa.OAGeneralConfig, at.gv.egovernment.moa.id.configuration.auth.AuthenticatedUser, javax.servlet.http.HttpServletRequest) - */ - @Override - public List validate(OAGeneralConfig general, - AuthenticatedUser authUser, HttpServletRequest request) { - HttpSession session = request.getSession(); - List errors = new ArrayList(); - - String check = null; - - OAFileUploadValidation valiator_fileUpload = new OAFileUploadValidation(); - //validate BKU-selection template - List templateError = valiator_fileUpload.validate(getKeyStoreFileUploadFileName() - , getKeyStoreFileUpload(), "validation.bPKDec.keyStore", keyStoreForm, request); - if (templateError != null && templateError.size() == 0) { - if (keyStoreForm != null && keyStoreForm.size() > 0) { - session.setAttribute(Constants.SESSION_BPKENCRYPTIONDECRYPTION, keyStoreForm); - - } else - keyStoreForm = (Map) session.getAttribute(Constants.SESSION_BPKENCRYPTIONDECRYPTION); - - } else { - errors.addAll(templateError); + private static final String MODULENAME = "bPKEncryptionDecryption"; + + private String keyStorePassword = null; + private String keyAlias = null; + private String keyPassword = null; + + private Map keyStoreForm = new HashMap<>(); + + private List keyStoreFileUpload = null; + private List keyStoreFileUploadContentType = null; + private List keyStoreFileUploadFileName = new ArrayList<>(); + private boolean deletekeyStore = false; + private boolean validationError = false; + + /* + * (non-Javadoc) + * + * @see + * at.gv.egovernment.moa.id.configuration.data.oa.IOnlineApplicationData#getName + * () + */ + @Override + public String getName() { + // TODO Auto-generated method stub + return MODULENAME; + } + + /* + * (non-Javadoc) + * + * @see + * at.gv.egovernment.moa.id.configuration.data.oa.IOnlineApplicationData#parse( + * at.gv.egovernment.moa.id.commons.db.dao.config.OnlineApplication, + * at.gv.egovernment.moa.id.configuration.auth.AuthenticatedUser, + * javax.servlet.http.HttpServletRequest) + */ + @Override + public List parse(OnlineApplication dbOA, + AuthenticatedUser authUser, HttpServletRequest request) { + final AuthComponentOA oaAuth = dbOA.getAuthComponentOA(); + if (oaAuth != null) { + final EncBPKInformation bPKEncDec = oaAuth.getEncBPKInformation(); + if (bPKEncDec != null) { + final BPKDecryption bPKDec = bPKEncDec.getBPKDecryption(); + if (bPKDec != null) { + keyAlias = bPKDec.getKeyAlias(); + if (bPKDec.getKeyStoreFileName() != null) { + keyStoreFileUploadFileName.add(bPKDec.getKeyStoreFileName()); + } } - - if (keyStoreForm != null && keyStoreForm.size() > 0) { - check = getKeyStorePassword(); - if (MiscUtil.isEmpty(check)) { - log.info("bPK decryption keystore password is empty"); - errors.add(LanguageHelper.getErrorString("validation.bPKDec.keyStorePassword.empty", request)); - - } else { - if (ValidationHelper.containsNotValidCharacter(check, false)) { - log.warn("bPK decryption keystore password contains potentail XSS characters: " + check); - errors.add(LanguageHelper.getErrorString("validation.bPKDec.keyStorePassword.valid", - new Object[] {ValidationHelper.getNotValidCharacter(false)}, request )); - - } - } - - check = getKeyAlias(); - if (MiscUtil.isEmpty(check)) { - log.info("bPK decryption key alias is empty"); - errors.add(LanguageHelper.getErrorString("validation.bPKDec.keyAlias.empty", request)); - - } else { - if (ValidationHelper.containsNotValidCharacter(check, false)) { - log.warn("bPK decryption key alias contains potentail XSS characters: " + check); - errors.add(LanguageHelper.getErrorString("validation.bPKDec.keyAlias.valid", - new Object[] {ValidationHelper.getNotValidCharacter(false)}, request )); - - } - } - - check = getKeyPassword(); - if (MiscUtil.isNotEmpty(check)) { - if (ValidationHelper.containsNotValidCharacter(check, false)) { - log.warn("bPK decryption key password contains potentail XSS characters: " + check); - errors.add(LanguageHelper.getErrorString("validation.bPKDec.keyPassword.valid", - new Object[] {ValidationHelper.getNotValidCharacter(false)}, request )); - - } - } - - BPKDecryptionParameters keyInfo = new BPKDecryptionParameters(); - keyInfo.setKeyAlias(keyAlias); - keyInfo.setKeyPassword(keyPassword); - keyInfo.setKeyStorePassword(keyStorePassword); - Iterator interator = keyStoreForm.keySet().iterator(); - String fileName = interator.next(); - keyInfo.setKeyStore(keyStoreForm.get(fileName)); - if (keyInfo.getPrivateKey() == null) { - log.info("Open keyStore FAILED."); - errors.add(LanguageHelper.getErrorString("validation.bPKDec.keyStore.file.valid", request)); - - } + } + } + + return null; + } + + /* + * (non-Javadoc) + * + * @see + * at.gv.egovernment.moa.id.configuration.data.oa.IOnlineApplicationData#store( + * at.gv.egovernment.moa.id.commons.db.dao.config.OnlineApplication, + * at.gv.egovernment.moa.id.configuration.auth.AuthenticatedUser, + * javax.servlet.http.HttpServletRequest) + */ + @Override + public String store(OnlineApplication dbOA, AuthenticatedUser authUser, + HttpServletRequest request) { + AuthComponentOA oaAuth = dbOA.getAuthComponentOA(); + if (oaAuth == null) { + oaAuth = new AuthComponentOA(); + dbOA.setAuthComponentOA(oaAuth); + + } + EncBPKInformation bPKEncDec = oaAuth.getEncBPKInformation(); + if (bPKEncDec == null) { + bPKEncDec = new EncBPKInformation(); + oaAuth.setEncBPKInformation(bPKEncDec); + + } + + BPKDecryption bPKDec = bPKEncDec.getBPKDecryption(); + if (bPKDec == null) { + bPKDec = new BPKDecryption(); + bPKEncDec.setBPKDecryption(bPKDec); + } + + if (isDeletekeyStore()) { + bPKDec.setIv(null); + bPKDec.setKeyAlias(null); + bPKDec.setKeyInformation(null); + bPKDec.setKeyStoreFileName(null); + + } + + final BPKDecryptionParameters keyInfo = new BPKDecryptionParameters(); + if (keyStoreForm != null && keyStoreForm.size() > 0) { + keyInfo.setKeyAlias(keyAlias); + keyInfo.setKeyPassword(keyPassword); + keyInfo.setKeyStorePassword(keyStorePassword); + + final Iterator interator = keyStoreForm.keySet().iterator(); + bPKDec.setKeyStoreFileName(interator.next()); + bPKDec.setKeyAlias(keyAlias); + keyInfo.setKeyStore(keyStoreForm.get( + bPKDec.getKeyStoreFileName())); + + // encrypt key information + final byte[] serKeyInfo = SerializationUtils.serialize(keyInfo); + try { + final EncryptedData encryptkeyInfo = ConfigurationEncryptionUtils.getInstance().encrypt(serKeyInfo); + bPKDec.setIv(encryptkeyInfo.getIv()); + bPKDec.setKeyInformation(encryptkeyInfo.getEncData()); + + } catch (final BuildException e) { + log.error("Configuration encryption FAILED.", e); + return LanguageHelper.getErrorString("error.general.text", request); + + } + } + + request.getSession().setAttribute(Constants.SESSION_BPKENCRYPTIONDECRYPTION, null); + + return null; + } + + /* + * (non-Javadoc) + * + * @see at.gv.egovernment.moa.id.configuration.data.oa.IOnlineApplicationData# + * validate(at.gv.egovernment.moa.id.configuration.data.oa.OAGeneralConfig, + * at.gv.egovernment.moa.id.configuration.auth.AuthenticatedUser, + * javax.servlet.http.HttpServletRequest) + */ + @Override + public List validate(OAGeneralConfig general, + AuthenticatedUser authUser, HttpServletRequest request) { + final HttpSession session = request.getSession(); + final List errors = new ArrayList<>(); + + String check = null; + + final OAFileUploadValidation valiator_fileUpload = new OAFileUploadValidation(); + // validate BKU-selection template + final List templateError = valiator_fileUpload.validate(getKeyStoreFileUploadFileName(), + getKeyStoreFileUpload(), "validation.bPKDec.keyStore", keyStoreForm, request); + if (templateError != null && templateError.size() == 0) { + if (keyStoreForm != null && keyStoreForm.size() > 0) { + session.setAttribute(Constants.SESSION_BPKENCRYPTIONDECRYPTION, keyStoreForm); + + } else { + keyStoreForm = (Map) session.getAttribute(Constants.SESSION_BPKENCRYPTIONDECRYPTION); + } + + } else { + errors.addAll(templateError); + + } + + if (keyStoreForm != null && keyStoreForm.size() > 0) { + check = getKeyStorePassword(); + if (MiscUtil.isEmpty(check)) { + log.info("bPK decryption keystore password is empty"); + errors.add(LanguageHelper.getErrorString("validation.bPKDec.keyStorePassword.empty", request)); + + } else { + if (ValidationHelper.containsNotValidCharacter(check, false)) { + log.warn("bPK decryption keystore password contains potentail XSS characters: " + check); + errors.add(LanguageHelper.getErrorString("validation.bPKDec.keyStorePassword.valid", + new Object[] { ValidationHelper.getNotValidCharacter(false) }, request)); + } - - if (errors.size() > 0) { - validationError = true; - + } + + check = getKeyAlias(); + if (MiscUtil.isEmpty(check)) { + log.info("bPK decryption key alias is empty"); + errors.add(LanguageHelper.getErrorString("validation.bPKDec.keyAlias.empty", request)); + + } else { + if (ValidationHelper.containsNotValidCharacter(check, false)) { + log.warn("bPK decryption key alias contains potentail XSS characters: " + check); + errors.add(LanguageHelper.getErrorString("validation.bPKDec.keyAlias.valid", + new Object[] { ValidationHelper.getNotValidCharacter(false) }, request)); + } - - return errors; - - } - - /** - * @return the keyStorePassword - */ - public String getKeyStorePassword() { - return keyStorePassword; - } - - /** - * @param keyStorePassword the keyStorePassword to set - */ - public void setKeyStorePassword(String keyStorePassword) { - this.keyStorePassword = keyStorePassword; - } - - /** - * @return the keyAlias - */ - public String getKeyAlias() { - return keyAlias; - } - - /** - * @param keyAlias the keyAlias to set - */ - public void setKeyAlias(String keyAlias) { - this.keyAlias = keyAlias; - } - - /** - * @return the keyPassword - */ - public String getKeyPassword() { - return keyPassword; - } - - /** - * @param keyPassword the keyPassword to set - */ - public void setKeyPassword(String keyPassword) { - this.keyPassword = keyPassword; - } - - /** - * @return the keyStoreFileUpload - */ - public List getKeyStoreFileUpload() { - return keyStoreFileUpload; - } - - /** - * @param keyStoreFileUpload the keyStoreFileUpload to set - */ - public void setKeyStoreFileUpload(List keyStoreFileUpload) { - this.keyStoreFileUpload = keyStoreFileUpload; - } - - /** - * @return the keyStoreFileUploadContentType - */ - public List getKeyStoreFileUploadContentType() { - return keyStoreFileUploadContentType; - } - - /** - * @param keyStoreFileUploadContentType the keyStoreFileUploadContentType to set - */ - public void setKeyStoreFileUploadContentType( - List keyStoreFileUploadContentType) { - this.keyStoreFileUploadContentType = keyStoreFileUploadContentType; - } - - /** - * @return the keyStoreFileUploadFileName - */ - public List getKeyStoreFileUploadFileName() { - return keyStoreFileUploadFileName; - } - - /** - * @param keyStoreFileUploadFileName the keyStoreFileUploadFileName to set - */ - public void setKeyStoreFileUploadFileName( - List keyStoreFileUploadFileName) { - this.keyStoreFileUploadFileName = keyStoreFileUploadFileName; - } - - /** - * @return the deletekeyStore - */ - public boolean isDeletekeyStore() { - return deletekeyStore; - } - - /** - * @param deletekeyStore the deletekeyStore to set - */ - public void setDeletekeyStore(boolean deletekeyStore) { - this.deletekeyStore = deletekeyStore; - } - - /** - * @return the validationError - */ - public boolean isValidationError() { - return validationError; - } - - + } + + check = getKeyPassword(); + if (MiscUtil.isNotEmpty(check)) { + if (ValidationHelper.containsNotValidCharacter(check, false)) { + log.warn("bPK decryption key password contains potentail XSS characters: " + check); + errors.add(LanguageHelper.getErrorString("validation.bPKDec.keyPassword.valid", + new Object[] { ValidationHelper.getNotValidCharacter(false) }, request)); + + } + } + + final BPKDecryptionParameters keyInfo = new BPKDecryptionParameters(); + keyInfo.setKeyAlias(keyAlias); + keyInfo.setKeyPassword(keyPassword); + keyInfo.setKeyStorePassword(keyStorePassword); + final Iterator interator = keyStoreForm.keySet().iterator(); + final String fileName = interator.next(); + keyInfo.setKeyStore(keyStoreForm.get(fileName)); + if (keyInfo.getPrivateKey() == null) { + log.info("Open keyStore FAILED."); + errors.add(LanguageHelper.getErrorString("validation.bPKDec.keyStore.file.valid", request)); + + } + } + + if (errors.size() > 0) { + validationError = true; + + } + + return errors; + + } + + /** + * @return the keyStorePassword + */ + public String getKeyStorePassword() { + return keyStorePassword; + } + + /** + * @param keyStorePassword the keyStorePassword to set + */ + public void setKeyStorePassword(String keyStorePassword) { + this.keyStorePassword = keyStorePassword; + } + + /** + * @return the keyAlias + */ + public String getKeyAlias() { + return keyAlias; + } + + /** + * @param keyAlias the keyAlias to set + */ + public void setKeyAlias(String keyAlias) { + this.keyAlias = keyAlias; + } + + /** + * @return the keyPassword + */ + public String getKeyPassword() { + return keyPassword; + } + + /** + * @param keyPassword the keyPassword to set + */ + public void setKeyPassword(String keyPassword) { + this.keyPassword = keyPassword; + } + + /** + * @return the keyStoreFileUpload + */ + public List getKeyStoreFileUpload() { + return keyStoreFileUpload; + } + + /** + * @param keyStoreFileUpload the keyStoreFileUpload to set + */ + public void setKeyStoreFileUpload(List keyStoreFileUpload) { + this.keyStoreFileUpload = keyStoreFileUpload; + } + + /** + * @return the keyStoreFileUploadContentType + */ + public List getKeyStoreFileUploadContentType() { + return keyStoreFileUploadContentType; + } + + /** + * @param keyStoreFileUploadContentType the keyStoreFileUploadContentType to set + */ + public void setKeyStoreFileUploadContentType( + List keyStoreFileUploadContentType) { + this.keyStoreFileUploadContentType = keyStoreFileUploadContentType; + } + + /** + * @return the keyStoreFileUploadFileName + */ + public List getKeyStoreFileUploadFileName() { + return keyStoreFileUploadFileName; + } + + /** + * @param keyStoreFileUploadFileName the keyStoreFileUploadFileName to set + */ + public void setKeyStoreFileUploadFileName( + List keyStoreFileUploadFileName) { + this.keyStoreFileUploadFileName = keyStoreFileUploadFileName; + } + + /** + * @return the deletekeyStore + */ + public boolean isDeletekeyStore() { + return deletekeyStore; + } + + /** + * @param deletekeyStore the deletekeyStore to set + */ + public void setDeletekeyStore(boolean deletekeyStore) { + this.deletekeyStore = deletekeyStore; + } + + /** + * @return the validationError + */ + public boolean isValidationError() { + return validationError; + } } diff --git a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/data/oa/OAGeneralConfig.java b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/data/oa/OAGeneralConfig.java index c51513193..45a3dba1b 100644 --- a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/data/oa/OAGeneralConfig.java +++ b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/data/oa/OAGeneralConfig.java @@ -27,8 +27,6 @@ import java.util.List; import javax.servlet.http.HttpServletRequest; -import org.apache.log4j.Logger; - import at.gv.egovernment.moa.id.commons.db.dao.config.deprecated.AuthComponentOA; import at.gv.egovernment.moa.id.commons.db.dao.config.deprecated.OnlineApplication; import at.gv.egovernment.moa.id.commons.validation.ValidationHelper; @@ -36,130 +34,151 @@ import at.gv.egovernment.moa.id.configuration.Constants; import at.gv.egovernment.moa.id.configuration.auth.AuthenticatedUser; import at.gv.egovernment.moa.id.configuration.helper.LanguageHelper; import at.gv.egovernment.moa.util.MiscUtil; - - -public class OAGeneralConfig implements IOnlineApplicationData{ - private static final Logger log = Logger.getLogger(OAGeneralConfig.class); - - private boolean isActive = false; - - private String identifier = null; - private String friendlyName = null; - private boolean businessService = false; - - - /* (non-Javadoc) - * @see at.gv.egovernment.moa.id.configuration.data.oa.IOnlineApplicationData#getName() - */ - @Override - public String getName() { - return "OAGeneralInformation"; - } - - /* (non-Javadoc) - * @see at.gv.egovernment.moa.id.configuration.data.oa.IOnlineApplicationData#parse(at.gv.egovernment.moa.id.commons.db.dao.config.OnlineApplication, javax.servlet.http.HttpServletRequest) - */ - @Override - public List parse(OnlineApplication dbOAConfig, AuthenticatedUser authUser, HttpServletRequest request) { - isActive = dbOAConfig.isIsActive(); - - friendlyName = dbOAConfig.getFriendlyName(); - identifier = dbOAConfig.getPublicURLPrefix(); - - if (dbOAConfig.getType().equals(Constants.MOA_CONFIG_BUSINESSSERVICE)) - businessService = true; - else - businessService = false; - - return null; - } - - - /* (non-Javadoc) - * @see at.gv.egovernment.moa.id.configuration.data.oa.IOnlineApplicationData#store(at.gv.egovernment.moa.id.commons.db.dao.config.OnlineApplication, at.gv.egovernment.moa.id.configuration.auth.AuthenticatedUser, javax.servlet.http.HttpServletRequest) - */ - @Override - public String store(OnlineApplication dbOA, AuthenticatedUser authUser, - HttpServletRequest request) { - AuthComponentOA authoa = dbOA.getAuthComponentOA(); - if (authoa == null) { - authoa = new AuthComponentOA(); - dbOA.setAuthComponentOA(authoa); - } - - if (authUser.isAdmin()) dbOA.setIsActive(isActive()); - - dbOA.setPublicURLPrefix(getIdentifier()); - dbOA.setFriendlyName(getFriendlyName()); - - if (isBusinessService() || authUser.isOnlyBusinessService()) { - dbOA.setType(Constants.MOA_CONFIG_BUSINESSSERVICE); - - } else { - dbOA.setType(null); - } - - return null; - - } - - - /* (non-Javadoc) - * @see at.gv.egovernment.moa.id.configuration.data.oa.IOnlineApplicationData#validate(at.gv.egovernment.moa.id.configuration.data.oa.OAGeneralConfig, at.gv.egovernment.moa.id.configuration.auth.AuthenticatedUser, javax.servlet.http.HttpServletRequest) - */ - @Override - public List validate(OAGeneralConfig general, - AuthenticatedUser authUser, HttpServletRequest request) { - - List errors = new ArrayList(); - String check; - - //check OA FriendlyName - check = getFriendlyName(); - if (MiscUtil.isNotEmpty(check)) { - if (ValidationHelper.containsNotValidCharacter(check, false)) { - log.warn("OAFriendlyName contains potentail XSS characters: " + check); - errors.add(LanguageHelper.getErrorString("validation.general.oafriendlyname.valid", - new Object[] {ValidationHelper.getNotValidCharacter(false)}, request )); - } - } else { - log.info("OA friendlyName is empty"); - errors.add(LanguageHelper.getErrorString("validation.general.oafriendlyname.empty", request)); - } - - return errors; - - } - - public boolean isBusinessService() { - return businessService; - } - - public void setBusinessService(boolean businessService) { - this.businessService = businessService; - } - - public String getIdentifier() { - return identifier; - } - - public void setIdentifier(String identifier) { - this.identifier = identifier; - } - - public String getFriendlyName() { - return friendlyName; - } - - public void setFriendlyName(String friendlyName) { - this.friendlyName = friendlyName; - } - - public boolean isActive() { - return isActive; - } - - public void setActive(boolean isActive) { - this.isActive = isActive; - } +import lombok.extern.slf4j.Slf4j; + +@Slf4j +public class OAGeneralConfig implements IOnlineApplicationData { + + private boolean isActive = false; + + private String identifier = null; + private String friendlyName = null; + private boolean businessService = false; + + /* + * (non-Javadoc) + * + * @see + * at.gv.egovernment.moa.id.configuration.data.oa.IOnlineApplicationData#getName + * () + */ + @Override + public String getName() { + return "OAGeneralInformation"; + } + + /* + * (non-Javadoc) + * + * @see + * at.gv.egovernment.moa.id.configuration.data.oa.IOnlineApplicationData#parse( + * at.gv.egovernment.moa.id.commons.db.dao.config.OnlineApplication, + * javax.servlet.http.HttpServletRequest) + */ + @Override + public List parse(OnlineApplication dbOAConfig, AuthenticatedUser authUser, + HttpServletRequest request) { + isActive = dbOAConfig.isIsActive(); + + friendlyName = dbOAConfig.getFriendlyName(); + identifier = dbOAConfig.getPublicURLPrefix(); + + if (dbOAConfig.getType().equals(Constants.MOA_CONFIG_BUSINESSSERVICE)) { + businessService = true; + } else { + businessService = false; + } + + return null; + } + + /* + * (non-Javadoc) + * + * @see + * at.gv.egovernment.moa.id.configuration.data.oa.IOnlineApplicationData#store( + * at.gv.egovernment.moa.id.commons.db.dao.config.OnlineApplication, + * at.gv.egovernment.moa.id.configuration.auth.AuthenticatedUser, + * javax.servlet.http.HttpServletRequest) + */ + @Override + public String store(OnlineApplication dbOA, AuthenticatedUser authUser, + HttpServletRequest request) { + AuthComponentOA authoa = dbOA.getAuthComponentOA(); + if (authoa == null) { + authoa = new AuthComponentOA(); + dbOA.setAuthComponentOA(authoa); + } + + if (authUser.isAdmin()) { + dbOA.setIsActive(isActive()); + } + + dbOA.setPublicURLPrefix(getIdentifier()); + dbOA.setFriendlyName(getFriendlyName()); + + if (isBusinessService() || authUser.isOnlyBusinessService()) { + dbOA.setType(Constants.MOA_CONFIG_BUSINESSSERVICE); + + } else { + dbOA.setType(null); + } + + return null; + + } + + /* + * (non-Javadoc) + * + * @see at.gv.egovernment.moa.id.configuration.data.oa.IOnlineApplicationData# + * validate(at.gv.egovernment.moa.id.configuration.data.oa.OAGeneralConfig, + * at.gv.egovernment.moa.id.configuration.auth.AuthenticatedUser, + * javax.servlet.http.HttpServletRequest) + */ + @Override + public List validate(OAGeneralConfig general, + AuthenticatedUser authUser, HttpServletRequest request) { + + final List errors = new ArrayList<>(); + String check; + + // check OA FriendlyName + check = getFriendlyName(); + if (MiscUtil.isNotEmpty(check)) { + if (ValidationHelper.containsNotValidCharacter(check, false)) { + log.warn("OAFriendlyName contains potentail XSS characters: " + check); + errors.add(LanguageHelper.getErrorString("validation.general.oafriendlyname.valid", + new Object[] { ValidationHelper.getNotValidCharacter(false) }, request)); + } + } else { + log.info("OA friendlyName is empty"); + errors.add(LanguageHelper.getErrorString("validation.general.oafriendlyname.empty", request)); + } + + return errors; + + } + + public boolean isBusinessService() { + return businessService; + } + + public void setBusinessService(boolean businessService) { + this.businessService = businessService; + } + + public String getIdentifier() { + return identifier; + } + + public void setIdentifier(String identifier) { + this.identifier = identifier; + } + + public String getFriendlyName() { + return friendlyName; + } + + public void setFriendlyName(String friendlyName) { + this.friendlyName = friendlyName; + } + + public boolean isActive() { + return isActive; + } + + public void setActive(boolean isActive) { + this.isActive = isActive; + } } diff --git a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/data/oa/OAMOAIDPInterfederationConfig.java b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/data/oa/OAMOAIDPInterfederationConfig.java index a4d71f0ed..ef5658ca4 100644 --- a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/data/oa/OAMOAIDPInterfederationConfig.java +++ b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/data/oa/OAMOAIDPInterfederationConfig.java @@ -27,194 +27,212 @@ import java.util.List; import javax.servlet.http.HttpServletRequest; -import org.apache.log4j.Logger; - import at.gv.egovernment.moa.id.commons.db.dao.config.deprecated.InterfederationIDPType; import at.gv.egovernment.moa.id.commons.db.dao.config.deprecated.OnlineApplication; import at.gv.egovernment.moa.id.commons.validation.ValidationHelper; import at.gv.egovernment.moa.id.configuration.auth.AuthenticatedUser; import at.gv.egovernment.moa.id.configuration.helper.LanguageHelper; import at.gv.egovernment.moa.util.MiscUtil; +import lombok.extern.slf4j.Slf4j; /** * @author tlenz * */ +@Slf4j public class OAMOAIDPInterfederationConfig implements IOnlineApplicationData { - private static final Logger log = Logger.getLogger(OAMOAIDPInterfederationConfig.class); - - private String queryURL; - private Boolean inboundSSO = true; - private Boolean outboundSSO = true; - private Boolean storeSSOSession = true; - private Boolean passiveRequest = true; - private Boolean localAuthOnError = true; - - /* (non-Javadoc) - * @see at.gv.egovernment.moa.id.configuration.data.oa.IOnlineApplicationData#getName() - */ - @Override - public String getName() { - return "MOAIDPInterfederation"; - } - - /* (non-Javadoc) - * @see at.gv.egovernment.moa.id.configuration.data.oa.IOnlineApplicationData#parse(at.gv.egovernment.moa.id.commons.db.dao.config.OnlineApplication, at.gv.egovernment.moa.id.configuration.auth.AuthenticatedUser, javax.servlet.http.HttpServletRequest) - */ - @Override - public List parse(OnlineApplication dbOA, - AuthenticatedUser authUser, HttpServletRequest request) { - - InterfederationIDPType moaIDP = dbOA.getInterfederationIDP(); - if (moaIDP != null) { - this.queryURL = moaIDP.getAttributeQueryURL(); - this.inboundSSO = moaIDP.isInboundSSO(); - this.outboundSSO = moaIDP.isOutboundSSO(); - this.storeSSOSession = moaIDP.isStoreSSOSession(); - this.localAuthOnError = moaIDP.isPerformLocalAuthenticationOnError(); - this.passiveRequest = moaIDP.isPerformPassivRequest(); - } - - return null; - } - - /* (non-Javadoc) - * @see at.gv.egovernment.moa.id.configuration.data.oa.IOnlineApplicationData#store(at.gv.egovernment.moa.id.commons.db.dao.config.OnlineApplication, at.gv.egovernment.moa.id.configuration.auth.AuthenticatedUser, javax.servlet.http.HttpServletRequest) - */ - @Override - public String store(OnlineApplication dbOA, AuthenticatedUser authUser, - HttpServletRequest request) { - - if (authUser.isAdmin()) { - dbOA.setIsInterfederationIDP(true); - - InterfederationIDPType moaIDP = dbOA.getInterfederationIDP(); - if (moaIDP == null) { - moaIDP = new InterfederationIDPType(); - dbOA.setInterfederationIDP(moaIDP); - } - - moaIDP.setAttributeQueryURL(queryURL); - moaIDP.setInboundSSO(inboundSSO); - moaIDP.setOutboundSSO(outboundSSO); - moaIDP.setStoreSSOSession(storeSSOSession); - moaIDP.setPerformLocalAuthenticationOnError(localAuthOnError); - moaIDP.setPerformPassivRequest(passiveRequest); - - } - return null; - } - - /* (non-Javadoc) - * @see at.gv.egovernment.moa.id.configuration.data.oa.IOnlineApplicationData#validate(at.gv.egovernment.moa.id.configuration.data.oa.OAGeneralConfig, at.gv.egovernment.moa.id.configuration.auth.AuthenticatedUser, javax.servlet.http.HttpServletRequest) - */ - @Override - public List validate(OAGeneralConfig general, - AuthenticatedUser authUser, HttpServletRequest request) { - - List errors = new ArrayList(); - - if (MiscUtil.isNotEmpty(queryURL)) { - if (!ValidationHelper.validateURL(queryURL)) { - log.info("AttributeQuery URL is not valid"); - errors.add(LanguageHelper.getErrorString("validation.interfederation.moaidp.queryurl.valid", request)); - - } - } - + private String queryURL; + private Boolean inboundSSO = true; + private Boolean outboundSSO = true; + private Boolean storeSSOSession = true; + private Boolean passiveRequest = true; + private Boolean localAuthOnError = true; + + /* + * (non-Javadoc) + * + * @see + * at.gv.egovernment.moa.id.configuration.data.oa.IOnlineApplicationData#getName + * () + */ + @Override + public String getName() { + return "MOAIDPInterfederation"; + } + + /* + * (non-Javadoc) + * + * @see + * at.gv.egovernment.moa.id.configuration.data.oa.IOnlineApplicationData#parse( + * at.gv.egovernment.moa.id.commons.db.dao.config.OnlineApplication, + * at.gv.egovernment.moa.id.configuration.auth.AuthenticatedUser, + * javax.servlet.http.HttpServletRequest) + */ + @Override + public List parse(OnlineApplication dbOA, + AuthenticatedUser authUser, HttpServletRequest request) { + + final InterfederationIDPType moaIDP = dbOA.getInterfederationIDP(); + if (moaIDP != null) { + this.queryURL = moaIDP.getAttributeQueryURL(); + this.inboundSSO = moaIDP.isInboundSSO(); + this.outboundSSO = moaIDP.isOutboundSSO(); + this.storeSSOSession = moaIDP.isStoreSSOSession(); + this.localAuthOnError = moaIDP.isPerformLocalAuthenticationOnError(); + this.passiveRequest = moaIDP.isPerformPassivRequest(); + } + + return null; + } + + /* + * (non-Javadoc) + * + * @see + * at.gv.egovernment.moa.id.configuration.data.oa.IOnlineApplicationData#store( + * at.gv.egovernment.moa.id.commons.db.dao.config.OnlineApplication, + * at.gv.egovernment.moa.id.configuration.auth.AuthenticatedUser, + * javax.servlet.http.HttpServletRequest) + */ + @Override + public String store(OnlineApplication dbOA, AuthenticatedUser authUser, + HttpServletRequest request) { + + if (authUser.isAdmin()) { + dbOA.setIsInterfederationIDP(true); + + InterfederationIDPType moaIDP = dbOA.getInterfederationIDP(); + if (moaIDP == null) { + moaIDP = new InterfederationIDPType(); + dbOA.setInterfederationIDP(moaIDP); + } + + moaIDP.setAttributeQueryURL(queryURL); + moaIDP.setInboundSSO(inboundSSO); + moaIDP.setOutboundSSO(outboundSSO); + moaIDP.setStoreSSOSession(storeSSOSession); + moaIDP.setPerformLocalAuthenticationOnError(localAuthOnError); + moaIDP.setPerformPassivRequest(passiveRequest); + + } + return null; + } + + /* + * (non-Javadoc) + * + * @see at.gv.egovernment.moa.id.configuration.data.oa.IOnlineApplicationData# + * validate(at.gv.egovernment.moa.id.configuration.data.oa.OAGeneralConfig, + * at.gv.egovernment.moa.id.configuration.auth.AuthenticatedUser, + * javax.servlet.http.HttpServletRequest) + */ + @Override + public List validate(OAGeneralConfig general, + AuthenticatedUser authUser, HttpServletRequest request) { + + final List errors = new ArrayList<>(); + + if (MiscUtil.isNotEmpty(queryURL)) { + if (!ValidationHelper.validateURL(queryURL)) { + log.info("AttributeQuery URL is not valid"); + errors.add(LanguageHelper.getErrorString("validation.interfederation.moaidp.queryurl.valid", + request)); + + } + } + // if (inboundSSO && MiscUtil.isEmpty(queryURL)) { // log.info("Inbound Single Sign-On requires AttributQueryURL configuration."); // errors.add(LanguageHelper.getErrorString("validation.interfederation.moaidp.queryurl.empty", request)); // } - - return errors; - } - - /** - * @return the queryURL - */ - public String getQueryURL() { - return queryURL; - } - - /** - * @param queryURL the queryURL to set - */ - public void setQueryURL(String queryURL) { - this.queryURL = queryURL; - } - - /** - * @return the inboundSSO - */ - public boolean isInboundSSO() { - return inboundSSO.booleanValue(); - } - - /** - * @param inboundSSO the inboundSSO to set - */ - public void setInboundSSO(boolean inboundSSO) { - this.inboundSSO = inboundSSO; - } - - /** - * @return the outboundSSO - */ - public boolean isOutboundSSO() { - return outboundSSO.booleanValue(); - } - - /** - * @param outboundSSO the outboundSSO to set - */ - public void setOutboundSSO(boolean outboundSSO) { - this.outboundSSO = outboundSSO; - } - - /** - * @return the storeSSOSession - */ - public boolean isStoreSSOSession() { - return storeSSOSession.booleanValue(); - } - - /** - * @param storeSSOSession the storeSSOSession to set - */ - public void setStoreSSOSession(boolean storeSSOSession) { - this.storeSSOSession = storeSSOSession; - } - - /** - * @return the passiveRequest - */ - public boolean isPassiveRequest() { - return passiveRequest.booleanValue(); - } - - /** - * @param passiveRequest the passiveRequest to set - */ - public void setPassiveRequest(boolean passiveRequest) { - this.passiveRequest = passiveRequest; - } - - /** - * @return the localAuthOnError - */ - public boolean isLocalAuthOnError() { - return localAuthOnError.booleanValue(); - } - - /** - * @param localAuthOnError the localAuthOnError to set - */ - public void setLocalAuthOnError(boolean localAuthOnError) { - this.localAuthOnError = localAuthOnError; - } - - + + return errors; + } + + /** + * @return the queryURL + */ + public String getQueryURL() { + return queryURL; + } + + /** + * @param queryURL the queryURL to set + */ + public void setQueryURL(String queryURL) { + this.queryURL = queryURL; + } + + /** + * @return the inboundSSO + */ + public boolean isInboundSSO() { + return inboundSSO.booleanValue(); + } + + /** + * @param inboundSSO the inboundSSO to set + */ + public void setInboundSSO(boolean inboundSSO) { + this.inboundSSO = inboundSSO; + } + + /** + * @return the outboundSSO + */ + public boolean isOutboundSSO() { + return outboundSSO.booleanValue(); + } + + /** + * @param outboundSSO the outboundSSO to set + */ + public void setOutboundSSO(boolean outboundSSO) { + this.outboundSSO = outboundSSO; + } + + /** + * @return the storeSSOSession + */ + public boolean isStoreSSOSession() { + return storeSSOSession.booleanValue(); + } + + /** + * @param storeSSOSession the storeSSOSession to set + */ + public void setStoreSSOSession(boolean storeSSOSession) { + this.storeSSOSession = storeSSOSession; + } + + /** + * @return the passiveRequest + */ + public boolean isPassiveRequest() { + return passiveRequest.booleanValue(); + } + + /** + * @param passiveRequest the passiveRequest to set + */ + public void setPassiveRequest(boolean passiveRequest) { + this.passiveRequest = passiveRequest; + } + + /** + * @return the localAuthOnError + */ + public boolean isLocalAuthOnError() { + return localAuthOnError.booleanValue(); + } + + /** + * @param localAuthOnError the localAuthOnError to set + */ + public void setLocalAuthOnError(boolean localAuthOnError) { + this.localAuthOnError = localAuthOnError; + } } diff --git a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/data/oa/OAOAuth20Config.java b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/data/oa/OAOAuth20Config.java index ce50c847a..bae37b531 100644 --- a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/data/oa/OAOAuth20Config.java +++ b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/data/oa/OAOAuth20Config.java @@ -30,7 +30,6 @@ import javax.servlet.http.HttpServletRequest; import javax.servlet.http.HttpSession; import org.apache.commons.lang.StringUtils; -import org.apache.log4j.Logger; import at.gv.egovernment.moa.id.commons.db.dao.config.deprecated.AuthComponentOA; import at.gv.egovernment.moa.id.commons.db.dao.config.deprecated.OAOAUTH20; @@ -40,132 +39,150 @@ import at.gv.egovernment.moa.id.configuration.auth.AuthenticatedUser; import at.gv.egovernment.moa.id.configuration.helper.LanguageHelper; import at.gv.egovernment.moa.id.configuration.validation.oa.OAOAUTH20ConfigValidation; import at.gv.egovernment.moa.id.protocols.oauth20.OAuth20Util; +import lombok.extern.slf4j.Slf4j; -public class OAOAuth20Config implements IOnlineApplicationData{ - - private final Logger log = Logger.getLogger(OAOAuth20Config.class); - - private String clientId = null; - private String clientSecret = null; - private String redirectUri = null; - - public OAOAuth20Config() { - this.generateClientSecret(); - - } - - /* (non-Javadoc) - * @see at.gv.egovernment.moa.id.configuration.data.oa.IOnlineApplicationData#getName() - */ - @Override - public String getName() { - return "OAOpenIDConnect"; - } - - public List parse(OnlineApplication dbOAConfig, AuthenticatedUser authUser, HttpServletRequest request) { - List errors = new ArrayList(); - - HttpSession session = request.getSession(); - - AuthComponentOA authdata = dbOAConfig.getAuthComponentOA(); - if (authdata != null) { - // set client id to public url prefix - this.clientId = dbOAConfig.getPublicURLPrefix(); - - OAOAUTH20 config = authdata.getOAOAUTH20(); - - if (config != null) { - // validate secret - if (StringUtils.isNotEmpty(config.getOAuthClientSecret())) { - this.clientSecret = config.getOAuthClientSecret(); - } else { - this.generateClientSecret(); - } - - // validate redirectUri - if (StringUtils.isNotEmpty(config.getOAuthRedirectUri()) && OAuth20Util.isUrl(config.getOAuthRedirectUri())) { - this.redirectUri = config.getOAuthRedirectUri(); - } else { - errors.add(LanguageHelper.getErrorString("error.oa.oauth.redirecturi", request)); - } - } else { - this.generateClientSecret(); - } - } - - session.setAttribute(Constants.SESSION_OAUTH20SECRET, this.getClientSecret()); - - return null; - } - - - /* (non-Javadoc) - * @see at.gv.egovernment.moa.id.configuration.data.oa.IOnlineApplicationData#validate(at.gv.egovernment.moa.id.configuration.data.oa.OAGeneralConfig, at.gv.egovernment.moa.id.configuration.auth.AuthenticatedUser, javax.servlet.http.HttpServletRequest) - */ - @Override - public List validate(OAGeneralConfig general, - AuthenticatedUser authUser, HttpServletRequest request) { - return new OAOAUTH20ConfigValidation().validate(this, request); - - } - - /* (non-Javadoc) - * @see at.gv.egovernment.moa.id.configuration.data.oa.IOnlineApplicationData#store(at.gv.egovernment.moa.id.commons.db.dao.config.OnlineApplication, at.gv.egovernment.moa.id.configuration.auth.AuthenticatedUser, javax.servlet.http.HttpServletRequest) - */ - @Override - public String store(OnlineApplication dbOA, AuthenticatedUser authUser, - HttpServletRequest request) { - AuthComponentOA authoa = dbOA.getAuthComponentOA(); - if (authoa == null) { - authoa = new AuthComponentOA(); - dbOA.setAuthComponentOA(authoa); +@Slf4j +public class OAOAuth20Config implements IOnlineApplicationData { + + private String clientId = null; + private String clientSecret = null; + private String redirectUri = null; + + public OAOAuth20Config() { + this.generateClientSecret(); + + } + + /* + * (non-Javadoc) + * + * @see + * at.gv.egovernment.moa.id.configuration.data.oa.IOnlineApplicationData#getName + * () + */ + @Override + public String getName() { + return "OAOpenIDConnect"; + } + + @Override + public List parse(OnlineApplication dbOAConfig, AuthenticatedUser authUser, + HttpServletRequest request) { + final List errors = new ArrayList<>(); + + final HttpSession session = request.getSession(); + + final AuthComponentOA authdata = dbOAConfig.getAuthComponentOA(); + if (authdata != null) { + // set client id to public url prefix + this.clientId = dbOAConfig.getPublicURLPrefix(); + + final OAOAUTH20 config = authdata.getOAOAUTH20(); + + if (config != null) { + // validate secret + if (StringUtils.isNotEmpty(config.getOAuthClientSecret())) { + this.clientSecret = config.getOAuthClientSecret(); + } else { + this.generateClientSecret(); } - - log.debug("Saving OAuth 2.0 configuration:"); - OAOAUTH20 oaOAuth20 = authoa.getOAOAUTH20(); - if (oaOAuth20 == null) { - oaOAuth20 = new OAOAUTH20(); - authoa.setOAOAUTH20(oaOAuth20); + + // validate redirectUri + if (StringUtils.isNotEmpty(config.getOAuthRedirectUri()) && OAuth20Util.isUrl(config + .getOAuthRedirectUri())) { + this.redirectUri = config.getOAuthRedirectUri(); + } else { + errors.add(LanguageHelper.getErrorString("error.oa.oauth.redirecturi", request)); } + } else { + this.generateClientSecret(); + } + } + + session.setAttribute(Constants.SESSION_OAUTH20SECRET, this.getClientSecret()); + + return null; + } + + /* + * (non-Javadoc) + * + * @see at.gv.egovernment.moa.id.configuration.data.oa.IOnlineApplicationData# + * validate(at.gv.egovernment.moa.id.configuration.data.oa.OAGeneralConfig, + * at.gv.egovernment.moa.id.configuration.auth.AuthenticatedUser, + * javax.servlet.http.HttpServletRequest) + */ + @Override + public List validate(OAGeneralConfig general, + AuthenticatedUser authUser, HttpServletRequest request) { + return new OAOAUTH20ConfigValidation().validate(this, request); + + } + + /* + * (non-Javadoc) + * + * @see + * at.gv.egovernment.moa.id.configuration.data.oa.IOnlineApplicationData#store( + * at.gv.egovernment.moa.id.commons.db.dao.config.OnlineApplication, + * at.gv.egovernment.moa.id.configuration.auth.AuthenticatedUser, + * javax.servlet.http.HttpServletRequest) + */ + @Override + public String store(OnlineApplication dbOA, AuthenticatedUser authUser, + HttpServletRequest request) { + AuthComponentOA authoa = dbOA.getAuthComponentOA(); + if (authoa == null) { + authoa = new AuthComponentOA(); + dbOA.setAuthComponentOA(authoa); + } + + log.debug("Saving OAuth 2.0 configuration:"); + OAOAUTH20 oaOAuth20 = authoa.getOAOAUTH20(); + if (oaOAuth20 == null) { + oaOAuth20 = new OAOAUTH20(); + authoa.setOAOAUTH20(oaOAuth20); + } + + oaOAuth20.setOAuthClientId(dbOA.getPublicURLPrefix()); + // oaOAuth20.setOAuthClientSecret(oauth20OA.getClientSecret()); + oaOAuth20.setOAuthRedirectUri(getRedirectUri()); + log.debug("client id: " + getClientId()); + log.debug("client secret: " + getClientSecret()); + log.debug("redirect uri:" + getRedirectUri()); + + oaOAuth20.setOAuthClientSecret((String) request.getSession().getAttribute( + Constants.SESSION_OAUTH20SECRET)); + request.getSession().setAttribute(Constants.SESSION_OAUTH20SECRET, null); + + return null; + } + + public String getClientId() { + return clientId; + } + + public void setClientId(String clientId) { + this.clientId = clientId; + } + + public String getClientSecret() { + return clientSecret; + } + + public void setClientSecret(String clientSecret) { + this.clientSecret = clientSecret; + } + + public String getRedirectUri() { + return redirectUri; + } + + public void setRedirectUri(String redirectUri) { + this.redirectUri = redirectUri; + } - oaOAuth20.setOAuthClientId(dbOA.getPublicURLPrefix()); - // oaOAuth20.setOAuthClientSecret(oauth20OA.getClientSecret()); - oaOAuth20.setOAuthRedirectUri(getRedirectUri()); - log.debug("client id: " + getClientId()); - log.debug("client secret: " + getClientSecret()); - log.debug("redirect uri:" + getRedirectUri()); - - oaOAuth20.setOAuthClientSecret((String) request.getSession().getAttribute(Constants.SESSION_OAUTH20SECRET)); - request.getSession().setAttribute(Constants.SESSION_OAUTH20SECRET, null); - - return null; - } - - public String getClientId() { - return clientId; - } - - public void setClientId(String clientId) { - this.clientId = clientId; - } - - public String getClientSecret() { - return clientSecret; - } - - public void setClientSecret(String clientSecret) { - this.clientSecret = clientSecret; - } - - public String getRedirectUri() { - return redirectUri; - } - - public void setRedirectUri(String redirectUri) { - this.redirectUri = redirectUri; - } - - public void generateClientSecret() { - this.clientSecret = UUID.randomUUID().toString(); - } + public void generateClientSecret() { + this.clientSecret = UUID.randomUUID().toString(); + } } diff --git a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/data/oa/OAPVP2Config.java b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/data/oa/OAPVP2Config.java index 4be1a81de..008617e76 100644 --- a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/data/oa/OAPVP2Config.java +++ b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/data/oa/OAPVP2Config.java @@ -32,228 +32,247 @@ import java.util.List; import javax.servlet.http.HttpServletRequest; -import org.apache.log4j.Logger; - -import iaik.x509.X509Certificate; import at.gv.egovernment.moa.id.commons.config.MOAIDConfigurationConstants; import at.gv.egovernment.moa.id.commons.db.dao.config.deprecated.AuthComponentOA; import at.gv.egovernment.moa.id.commons.db.dao.config.deprecated.OAPVP2; import at.gv.egovernment.moa.id.commons.db.dao.config.deprecated.OnlineApplication; import at.gv.egovernment.moa.id.configuration.auth.AuthenticatedUser; -import at.gv.egovernment.moa.id.configuration.config.ConfigurationProvider; import at.gv.egovernment.moa.id.configuration.helper.LanguageHelper; import at.gv.egovernment.moa.id.configuration.validation.oa.OAPVP2ConfigValidation; import at.gv.egovernment.moa.util.Base64Utils; import at.gv.egovernment.moa.util.MiscUtil; +import iaik.x509.X509Certificate; +import lombok.extern.slf4j.Slf4j; -public class OAPVP2Config implements IOnlineApplicationData{ - - private final Logger log = Logger.getLogger(OAPVP2Config.class); - - private boolean reLoad = false; - - private String metaDataURL = null; - private String certificateDN = null; - - private File fileUpload = null; - private String fileUploadContentType; - private String fileUploadFileName; - - private byte[] storedCert = null; - - public OAPVP2Config() { - } - - /* (non-Javadoc) - * @see at.gv.egovernment.moa.id.configuration.data.oa.IOnlineApplicationData#getName() - */ - @Override - public String getName() { - return "OAPVP2"; - } - - /* (non-Javadoc) - * @see at.gv.egovernment.moa.id.configuration.data.oa.IOnlineApplicationData#store(at.gv.egovernment.moa.id.commons.db.dao.config.OnlineApplication, at.gv.egovernment.moa.id.configuration.auth.AuthenticatedUser) - */ - @Override - public String store(OnlineApplication dboa, AuthenticatedUser authUser, HttpServletRequest request) { - AuthComponentOA authoa = dboa.getAuthComponentOA(); - if (authoa == null) { - authoa = new AuthComponentOA(); - dboa.setAuthComponentOA(authoa); - } - OAPVP2 pvp2 = authoa.getOAPVP2(); - if (pvp2 == null) { - pvp2 = new OAPVP2(); - authoa.setOAPVP2(pvp2); - } +@Slf4j +public class OAPVP2Config implements IOnlineApplicationData { + + private boolean reLoad = false; + + private String metaDataURL = null; + private String certificateDN = null; + + private File fileUpload = null; + private String fileUploadContentType; + private String fileUploadFileName; + + private byte[] storedCert = null; + + public OAPVP2Config() { + } + + /* + * (non-Javadoc) + * + * @see + * at.gv.egovernment.moa.id.configuration.data.oa.IOnlineApplicationData#getName + * () + */ + @Override + public String getName() { + return "OAPVP2"; + } + + /* + * (non-Javadoc) + * + * @see + * at.gv.egovernment.moa.id.configuration.data.oa.IOnlineApplicationData#store( + * at.gv.egovernment.moa.id.commons.db.dao.config.OnlineApplication, + * at.gv.egovernment.moa.id.configuration.auth.AuthenticatedUser) + */ + @Override + public String store(OnlineApplication dboa, AuthenticatedUser authUser, HttpServletRequest request) { + AuthComponentOA authoa = dboa.getAuthComponentOA(); + if (authoa == null) { + authoa = new AuthComponentOA(); + dboa.setAuthComponentOA(authoa); + } + OAPVP2 pvp2 = authoa.getOAPVP2(); + if (pvp2 == null) { + pvp2 = new OAPVP2(); + authoa.setOAPVP2(pvp2); + } + + try { + + if (getFileUpload() != null) { + pvp2.setCertificate(getCertificate()); + setReLoad(true); + + } else if (storedCert != null) { + pvp2.setCertificate(storedCert); + } + + } catch (final CertificateException e) { + log.info("Uploaded Certificate can not be found", e); + return LanguageHelper.getErrorString("validation.pvp2.certificate.notfound", request); + } catch (final IOException e) { + log.info("Uploaded Certificate can not be parsed", e); + return LanguageHelper.getErrorString("validation.pvp2.certificate.format", request); + } + + if (getMetaDataURL() != null && + !getMetaDataURL().equals(pvp2.getMetadataURL())) { + setReLoad(true); + } + pvp2.setMetadataURL(getMetaDataURL()); + + if (isReLoad()) { + pvp2.setUpdateRequiredItem(new Date()); + } + + return null; + + } + + /* + * (non-Javadoc) + * + * @see at.gv.egovernment.moa.id.configuration.data.oa.IOnlineApplicationData# + * validate(at.gv.egovernment.moa.id.configuration.data.oa.OAGeneralConfig, + * at.gv.egovernment.moa.id.configuration.auth.AuthenticatedUser, + * javax.servlet.http.HttpServletRequest) + */ + @Override + public List validate(OAGeneralConfig general, + AuthenticatedUser authUser, HttpServletRequest request) { + return new OAPVP2ConfigValidation().validate(this, general.getIdentifier(), request); + } - try { - - if (getFileUpload() != null) { - pvp2.setCertificate(getCertificate()); - setReLoad(true); - - } else if (storedCert != null) - pvp2.setCertificate(storedCert); - - } catch (CertificateException e) { - log.info("Uploaded Certificate can not be found", e); - return LanguageHelper.getErrorString("validation.pvp2.certificate.notfound", request); - } catch (IOException e) { - log.info("Uploaded Certificate can not be parsed", e); - return LanguageHelper.getErrorString("validation.pvp2.certificate.format", request); + /* + * (non-Javadoc) + * + * @see + * at.gv.egovernment.moa.id.configuration.data.oa.IOnlineApplicationData#parse( + * at.gv.egovernment.moa.id.commons.db.dao.config.OnlineApplication) + */ + @Override + public List parse(OnlineApplication dbOAConfig, AuthenticatedUser authUser, + HttpServletRequest request) { + final List errors = new ArrayList<>(); + + final AuthComponentOA authdata = dbOAConfig.getAuthComponentOA(); + if (authdata != null) { + final OAPVP2 pvp2 = authdata.getOAPVP2(); + if (pvp2 != null) { + metaDataURL = pvp2.getMetadataURL(); + + if (pvp2.getCertificate() != null && + !new String(pvp2.getCertificate()).equals(MOAIDConfigurationConstants.WEBGUI_EMPTY_ELEMENT)) { + try { + // byte[] cert = pvp2.getCertificate(); + final byte[] cert = Base64Utils.decode(new String(pvp2.getCertificate()), false); + if (MiscUtil.isNotEmpty(cert)) { + final X509Certificate x509 = new X509Certificate(cert); + certificateDN = x509.getSubjectDN().getName(); + } + } catch (final CertificateException e) { + try { + final byte[] cert = pvp2.getCertificate(); + if (MiscUtil.isNotEmpty(cert)) { + final X509Certificate x509 = new X509Certificate(cert); + certificateDN = x509.getSubjectDN().getName(); + } + + } catch (final CertificateException e1) { + log.warn("PVP2 certificate can not be loaded from Online-Applikation with ID " + dbOAConfig + .getPublicURLPrefix(), e1); + errors.add(LanguageHelper.getErrorString("error.oa.pvp2.certificate", request)); + + } + + } catch (final IOException e) { + log.warn("PVP2 certificate can not be loaded from Online-Applikation with ID " + dbOAConfig + .getPublicURLPrefix()); + errors.add(LanguageHelper.getErrorString("error.oa.pvp2.certificate", request)); + } } + } + } + return errors; + } - if (getMetaDataURL() != null && - !getMetaDataURL().equals(pvp2.getMetadataURL())) - setReLoad(true); - pvp2.setMetadataURL(getMetaDataURL()); - - if (isReLoad()) - pvp2.setUpdateRequiredItem(new Date()); - - return null; - - } - - - /* (non-Javadoc) - * @see at.gv.egovernment.moa.id.configuration.data.oa.IOnlineApplicationData#validate(at.gv.egovernment.moa.id.configuration.data.oa.OAGeneralConfig, at.gv.egovernment.moa.id.configuration.auth.AuthenticatedUser, javax.servlet.http.HttpServletRequest) - */ - @Override - public List validate(OAGeneralConfig general, - AuthenticatedUser authUser, HttpServletRequest request) { - return new OAPVP2ConfigValidation().validate(this, general.getIdentifier(), request); - } - - /* (non-Javadoc) - * @see at.gv.egovernment.moa.id.configuration.data.oa.IOnlineApplicationData#parse(at.gv.egovernment.moa.id.commons.db.dao.config.OnlineApplication) - */ - @Override - public List parse(OnlineApplication dbOAConfig, AuthenticatedUser authUser, HttpServletRequest request) { - List errors = new ArrayList(); - - AuthComponentOA authdata = dbOAConfig.getAuthComponentOA(); - if (authdata != null) { - OAPVP2 pvp2 = authdata.getOAPVP2(); - if (pvp2 != null) { - metaDataURL = pvp2.getMetadataURL(); - - if (pvp2.getCertificate() != null && - !(new String(pvp2.getCertificate())).equals(MOAIDConfigurationConstants.WEBGUI_EMPTY_ELEMENT)) { - try { - //byte[] cert = pvp2.getCertificate(); - byte[] cert = Base64Utils.decode(new String(pvp2.getCertificate()), false); - if (MiscUtil.isNotEmpty(cert)) { - X509Certificate x509 = new X509Certificate(cert); - certificateDN = x509.getSubjectDN().getName(); - } - } catch (CertificateException e) { - try { - byte[] cert = pvp2.getCertificate(); - if (MiscUtil.isNotEmpty(cert)) { - X509Certificate x509 = new X509Certificate(cert); - certificateDN = x509.getSubjectDN().getName(); - } - - } catch (CertificateException e1) { - log.warn("PVP2 certificate can not be loaded from Online-Applikation with ID " + dbOAConfig.getPublicURLPrefix(), e1); - errors.add(LanguageHelper.getErrorString("error.oa.pvp2.certificate", request)); - - } - - } catch (IOException e) { - log.warn("PVP2 certificate can not be loaded from Online-Applikation with ID " + dbOAConfig.getPublicURLPrefix()); - errors.add(LanguageHelper.getErrorString("error.oa.pvp2.certificate", request)); - } - } - } - } - return errors; - } - - public byte[] getCertificate() throws CertificateException, IOException { - - FileInputStream filestream = new FileInputStream(fileUpload); - X509Certificate x509 = new X509Certificate(filestream); - return x509.getEncoded(); - } - - public void setStoredCert(byte[] storedCert) { - this.storedCert = storedCert; - } - - public String getMetaDataURL() { - return metaDataURL; - } - public void setMetaDataURL(String metaDataURL) { - this.metaDataURL = metaDataURL; - } - - /** - * @return the certificateDN - */ - public String getCertificateDN() { - return certificateDN; - } - - /** - * @return the fileUpLoad - */ - public File getFileUpload() { - return fileUpload; - } - - /** - * @param fileUpLoad the fileUpLoad to set - */ - public void setFileUpload(File fileUpload) { - this.fileUpload = fileUpload; - } - - /** - * @return the fileUploadContentType - */ - public String getFileUploadContentType() { - return fileUploadContentType; - } - - /** - * @param fileUploadContentType the fileUploadContentType to set - */ - public void setFileUploadContentType(String fileUploadContentType) { - this.fileUploadContentType = fileUploadContentType; - } - - /** - * @return the fileUploadFileName - */ - public String getFileUploadFileName() { - return fileUploadFileName; - } - - /** - * @param fileUploadFileName the fileUploadFileName to set - */ - public void setFileUploadFileName(String fileUploadFileName) { - this.fileUploadFileName = fileUploadFileName; - } - - /** - * @return the reLoad - */ - public boolean isReLoad() { - return reLoad; - } - - /** - * @param reLoad the reLoad to set - */ - public void setReLoad(boolean reLoad) { - this.reLoad = reLoad; - } - -} + public byte[] getCertificate() throws CertificateException, IOException { + + final FileInputStream filestream = new FileInputStream(fileUpload); + final X509Certificate x509 = new X509Certificate(filestream); + return x509.getEncoded(); + } + + public void setStoredCert(byte[] storedCert) { + this.storedCert = storedCert; + } + + public String getMetaDataURL() { + return metaDataURL; + } + + public void setMetaDataURL(String metaDataURL) { + this.metaDataURL = metaDataURL; + } + /** + * @return the certificateDN + */ + public String getCertificateDN() { + return certificateDN; + } + /** + * @return the fileUpLoad + */ + public File getFileUpload() { + return fileUpload; + } + + /** + * @param fileUpLoad the fileUpLoad to set + */ + public void setFileUpload(File fileUpload) { + this.fileUpload = fileUpload; + } + + /** + * @return the fileUploadContentType + */ + public String getFileUploadContentType() { + return fileUploadContentType; + } + + /** + * @param fileUploadContentType the fileUploadContentType to set + */ + public void setFileUploadContentType(String fileUploadContentType) { + this.fileUploadContentType = fileUploadContentType; + } + + /** + * @return the fileUploadFileName + */ + public String getFileUploadFileName() { + return fileUploadFileName; + } + + /** + * @param fileUploadFileName the fileUploadFileName to set + */ + public void setFileUploadFileName(String fileUploadFileName) { + this.fileUploadFileName = fileUploadFileName; + } + + /** + * @return the reLoad + */ + public boolean isReLoad() { + return reLoad; + } + + /** + * @param reLoad the reLoad to set + */ + public void setReLoad(boolean reLoad) { + this.reLoad = reLoad; + } + +} diff --git a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/data/oa/OARevisionsLogData.java b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/data/oa/OARevisionsLogData.java index 18bebf9d8..76fd31ccd 100644 --- a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/data/oa/OARevisionsLogData.java +++ b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/data/oa/OARevisionsLogData.java @@ -39,113 +39,134 @@ import at.gv.egovernment.moa.util.MiscUtil; */ public class OARevisionsLogData implements IOnlineApplicationData { - private boolean active = false; - private String eventCodes = null; - - /* (non-Javadoc) - * @see at.gv.egovernment.moa.id.configuration.data.oa.IOnlineApplicationData#getName() - */ - @Override - public String getName() { - return "OARevisionsLogging"; - } - - /* (non-Javadoc) - * @see at.gv.egovernment.moa.id.configuration.data.oa.IOnlineApplicationData#parse(at.gv.egovernment.moa.id.commons.db.dao.config.deprecated.OnlineApplication, at.gv.egovernment.moa.id.configuration.auth.AuthenticatedUser, javax.servlet.http.HttpServletRequest) - */ - @Override - public List parse(OnlineApplication dbOA, - AuthenticatedUser authUser, HttpServletRequest request) { - - if (dbOA.getIsRevisionsLogActive() != null) - active = dbOA.getIsRevisionsLogActive(); - - if (MiscUtil.isNotEmpty(dbOA.getEventCodes())) - eventCodes = dbOA.getEventCodes(); - - return null; - - } - - /* (non-Javadoc) - * @see at.gv.egovernment.moa.id.configuration.data.oa.IOnlineApplicationData#store(at.gv.egovernment.moa.id.commons.db.dao.config.deprecated.OnlineApplication, at.gv.egovernment.moa.id.configuration.auth.AuthenticatedUser, javax.servlet.http.HttpServletRequest) - */ - @Override - public String store(OnlineApplication dbOA, AuthenticatedUser authUser, - HttpServletRequest request) { - - dbOA.setIsRevisionsLogActive(active); - - if (MiscUtil.isNotEmpty(eventCodes)) { - dbOA.setEventCodes(KeyValueUtils.normalizeCSVValueString(eventCodes)); - - } - - return null; - } - - /* (non-Javadoc) - * @see at.gv.egovernment.moa.id.configuration.data.oa.IOnlineApplicationData#validate(at.gv.egovernment.moa.id.configuration.data.oa.OAGeneralConfig, at.gv.egovernment.moa.id.configuration.auth.AuthenticatedUser, javax.servlet.http.HttpServletRequest) - */ - @Override - public List validate(OAGeneralConfig general, - AuthenticatedUser authUser, HttpServletRequest request) { - List errors = new ArrayList(); - - if (active && MiscUtil.isEmpty(eventCodes)) { - errors.add(LanguageHelper.getErrorString( - "error.oa.reversion.log.enabled")); - - } - - if (MiscUtil.isNotEmpty(eventCodes)) { - String[] codes = eventCodes.split(","); - for (String el: codes) { - try { - Integer.parseInt(el.trim()); - - } catch (NumberFormatException e) { - errors.add(LanguageHelper.getErrorString( - "error.oa.reversion.log.eventcodes")); - break; - - } - - } - - } - - return errors; - } - - /** - * @return the active - */ - public boolean isActive() { - return active; - } - - /** - * @param active the active to set - */ - public void setActive(boolean active) { - this.active = active; - } - - /** - * @return the eventCodes - */ - public String getEventCodes() { - return eventCodes; - } - - /** - * @param eventCodes the eventCodes to set - */ - public void setEventCodes(String eventCodes) { - this.eventCodes = eventCodes; - } - - + private boolean active = false; + private String eventCodes = null; + + /* + * (non-Javadoc) + * + * @see + * at.gv.egovernment.moa.id.configuration.data.oa.IOnlineApplicationData#getName + * () + */ + @Override + public String getName() { + return "OARevisionsLogging"; + } + + /* + * (non-Javadoc) + * + * @see + * at.gv.egovernment.moa.id.configuration.data.oa.IOnlineApplicationData#parse( + * at.gv.egovernment.moa.id.commons.db.dao.config.deprecated.OnlineApplication, + * at.gv.egovernment.moa.id.configuration.auth.AuthenticatedUser, + * javax.servlet.http.HttpServletRequest) + */ + @Override + public List parse(OnlineApplication dbOA, + AuthenticatedUser authUser, HttpServletRequest request) { + + if (dbOA.getIsRevisionsLogActive() != null) { + active = dbOA.getIsRevisionsLogActive(); + } + + if (MiscUtil.isNotEmpty(dbOA.getEventCodes())) { + eventCodes = dbOA.getEventCodes(); + } + + return null; + + } + + /* + * (non-Javadoc) + * + * @see + * at.gv.egovernment.moa.id.configuration.data.oa.IOnlineApplicationData#store( + * at.gv.egovernment.moa.id.commons.db.dao.config.deprecated.OnlineApplication, + * at.gv.egovernment.moa.id.configuration.auth.AuthenticatedUser, + * javax.servlet.http.HttpServletRequest) + */ + @Override + public String store(OnlineApplication dbOA, AuthenticatedUser authUser, + HttpServletRequest request) { + + dbOA.setIsRevisionsLogActive(active); + + if (MiscUtil.isNotEmpty(eventCodes)) { + dbOA.setEventCodes(KeyValueUtils.normalizeCSVValueString(eventCodes)); + + } + + return null; + } + + /* + * (non-Javadoc) + * + * @see at.gv.egovernment.moa.id.configuration.data.oa.IOnlineApplicationData# + * validate(at.gv.egovernment.moa.id.configuration.data.oa.OAGeneralConfig, + * at.gv.egovernment.moa.id.configuration.auth.AuthenticatedUser, + * javax.servlet.http.HttpServletRequest) + */ + @Override + public List validate(OAGeneralConfig general, + AuthenticatedUser authUser, HttpServletRequest request) { + final List errors = new ArrayList<>(); + + if (active && MiscUtil.isEmpty(eventCodes)) { + errors.add(LanguageHelper.getErrorString( + "error.oa.reversion.log.enabled")); + + } + + if (MiscUtil.isNotEmpty(eventCodes)) { + final String[] codes = eventCodes.split(","); + for (final String el : codes) { + try { + Integer.parseInt(el.trim()); + + } catch (final NumberFormatException e) { + errors.add(LanguageHelper.getErrorString( + "error.oa.reversion.log.eventcodes")); + break; + + } + + } + + } + + return errors; + } + + /** + * @return the active + */ + public boolean isActive() { + return active; + } + + /** + * @param active the active to set + */ + public void setActive(boolean active) { + this.active = active; + } + + /** + * @return the eventCodes + */ + public String getEventCodes() { + return eventCodes; + } + + /** + * @param eventCodes the eventCodes to set + */ + public void setEventCodes(String eventCodes) { + this.eventCodes = eventCodes; + } } diff --git a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/data/oa/OASAML1Config.java b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/data/oa/OASAML1Config.java index 2922231b3..f1ee853ae 100644 --- a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/data/oa/OASAML1Config.java +++ b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/data/oa/OASAML1Config.java @@ -33,178 +33,213 @@ import at.gv.egovernment.moa.id.commons.db.dao.config.deprecated.OnlineApplicati import at.gv.egovernment.moa.id.configuration.auth.AuthenticatedUser; import at.gv.egovernment.moa.id.configuration.validation.oa.OASAML1ConfigValidation; -public class OASAML1Config implements IOnlineApplicationData{ - - private Boolean isActive = false; - private Boolean provideStammZahl = false; - private Boolean provideAuthBlock = false; - private Boolean provideIdentityLink = false; - private Boolean provideCertificate = false; - private Boolean provideFullMandateData = false; - private Boolean useCondition = false; - private Boolean provideAllErrors = true; - private int conditionLength = -1; - - - public OASAML1Config() { - } - - /* (non-Javadoc) - * @see at.gv.egovernment.moa.id.configuration.data.oa.IOnlineApplicationData#getName() - */ - @Override - public String getName() { - return "OASAML1"; - } - - /* (non-Javadoc) - * @see at.gv.egovernment.moa.id.configuration.data.oa.IOnlineApplicationData#parse(at.gv.egovernment.moa.id.commons.db.dao.config.OnlineApplication, javax.servlet.http.HttpServletRequest) - */ - @Override - public List parse(OnlineApplication dbOA, AuthenticatedUser authUser, HttpServletRequest request) { - AuthComponentOA authdata = dbOA.getAuthComponentOA(); - if (authdata != null) { - OASAML1 saml1 = authdata.getOASAML1(); - if (saml1 != null) { - provideAuthBlock = saml1.isProvideAUTHBlock(); - provideCertificate = saml1.isProvideCertificate(); - provideFullMandateData = saml1.isProvideFullMandatorData(); - provideIdentityLink = saml1.isProvideIdentityLink(); - provideStammZahl = saml1.isProvideStammzahl(); - - if (saml1.isProvideAllErrors() != null) - provideAllErrors = saml1.isProvideAllErrors(); - - if (saml1.isUseCondition() != null) - useCondition = saml1.isUseCondition(); - - if (saml1.getConditionLength() != null) - conditionLength = saml1.getConditionLength().intValue(); - - if (saml1.isIsActive() != null) - isActive = saml1.isIsActive(); - } - } - return null; - } - - /* (non-Javadoc) - * @see at.gv.egovernment.moa.id.configuration.data.oa.IOnlineApplicationData#validate(at.gv.egovernment.moa.id.configuration.data.oa.OAGeneralConfig, at.gv.egovernment.moa.id.configuration.auth.AuthenticatedUser, javax.servlet.http.HttpServletRequest) - */ - @Override - public List validate(OAGeneralConfig general, - AuthenticatedUser authUser, HttpServletRequest request) { - return new OASAML1ConfigValidation().validate(this, general, request); - } - - /* (non-Javadoc) - * @see at.gv.egovernment.moa.id.configuration.data.oa.IOnlineApplicationData#store(at.gv.egovernment.moa.id.commons.db.dao.config.OnlineApplication, at.gv.egovernment.moa.id.configuration.auth.AuthenticatedUser, javax.servlet.http.HttpServletRequest) - */ - @Override - public String store(OnlineApplication dbOA, AuthenticatedUser authUser, HttpServletRequest request) { - AuthComponentOA authoa = dbOA.getAuthComponentOA(); - if (authoa == null) { - authoa = new AuthComponentOA(); - dbOA.setAuthComponentOA(authoa); - } - - OASAML1 saml1 = authoa.getOASAML1(); - if (saml1 == null) { - saml1 = new OASAML1(); - authoa.setOASAML1(saml1); - saml1.setIsActive(false); - } - - if (authUser.isAdmin()) { - saml1.setIsActive(isActive()); - } - - if (saml1.isIsActive() != null && saml1.isIsActive()) { - saml1.setProvideAUTHBlock(isProvideAuthBlock()); - saml1.setProvideCertificate(isProvideCertificate()); - saml1.setProvideFullMandatorData(isProvideFullMandateData()); - saml1.setProvideIdentityLink(isProvideIdentityLink()); - saml1.setProvideStammzahl(isProvideStammZahl()); - saml1.setUseCondition(isUseCondition()); - saml1.setProvideAllErrors(provideAllErrors); - saml1.setConditionLength(BigInteger.valueOf(getConditionLength())); - // TODO: set sourceID - // saml1.setSourceID(""); - } - - return null; - } - - public boolean isProvideStammZahl() { - return provideStammZahl; - } - public void setProvideStammZahl(boolean provideStammZahl) { - this.provideStammZahl = provideStammZahl; - } - public boolean isProvideAuthBlock() { - return provideAuthBlock; - } - public void setProvideAuthBlock(boolean provideAuthBlock) { - this.provideAuthBlock = provideAuthBlock; - } - public boolean isProvideIdentityLink() { - return provideIdentityLink; - } - public void setProvideIdentityLink(boolean provideIdentityLink) { - this.provideIdentityLink = provideIdentityLink; - } - public boolean isProvideCertificate() { - return provideCertificate; - } - public void setProvideCertificate(boolean provideCertificate) { - this.provideCertificate = provideCertificate; - } - public boolean isProvideFullMandateData() { - return provideFullMandateData; - } - public void setProvideFullMandateData(boolean provideFullMandateData) { - this.provideFullMandateData = provideFullMandateData; - } - public boolean isUseCondition() { - return useCondition; - } - public void setUseCondition(boolean useCondition) { - this.useCondition = useCondition; - } - public int getConditionLength() { - return conditionLength; - } - public void setConditionLength(int conditionLength) { - this.conditionLength = conditionLength; - } - - /** - * @return the isActive - */ - public boolean isActive() { - return isActive; - } - - /** - * @param isActive the isActive to set - */ - public void setActive(boolean isActive) { - this.isActive = isActive; - } - - /** - * @return the provideAllErrors - */ - public Boolean getProvideAllErrors() { - return provideAllErrors; - } - - /** - * @param provideAllErrors the provideAllErrors to set - */ - public void setProvideAllErrors(Boolean provideAllErrors) { - this.provideAllErrors = provideAllErrors; - } - - +public class OASAML1Config implements IOnlineApplicationData { + + private Boolean isActive = false; + private Boolean provideStammZahl = false; + private Boolean provideAuthBlock = false; + private Boolean provideIdentityLink = false; + private Boolean provideCertificate = false; + private Boolean provideFullMandateData = false; + private Boolean useCondition = false; + private Boolean provideAllErrors = true; + private int conditionLength = -1; + + public OASAML1Config() { + } + + /* + * (non-Javadoc) + * + * @see + * at.gv.egovernment.moa.id.configuration.data.oa.IOnlineApplicationData#getName + * () + */ + @Override + public String getName() { + return "OASAML1"; + } + + /* + * (non-Javadoc) + * + * @see + * at.gv.egovernment.moa.id.configuration.data.oa.IOnlineApplicationData#parse( + * at.gv.egovernment.moa.id.commons.db.dao.config.OnlineApplication, + * javax.servlet.http.HttpServletRequest) + */ + @Override + public List parse(OnlineApplication dbOA, AuthenticatedUser authUser, HttpServletRequest request) { + final AuthComponentOA authdata = dbOA.getAuthComponentOA(); + if (authdata != null) { + final OASAML1 saml1 = authdata.getOASAML1(); + if (saml1 != null) { + provideAuthBlock = saml1.isProvideAUTHBlock(); + provideCertificate = saml1.isProvideCertificate(); + provideFullMandateData = saml1.isProvideFullMandatorData(); + provideIdentityLink = saml1.isProvideIdentityLink(); + provideStammZahl = saml1.isProvideStammzahl(); + + if (saml1.isProvideAllErrors() != null) { + provideAllErrors = saml1.isProvideAllErrors(); + } + + if (saml1.isUseCondition() != null) { + useCondition = saml1.isUseCondition(); + } + + if (saml1.getConditionLength() != null) { + conditionLength = saml1.getConditionLength().intValue(); + } + + if (saml1.isIsActive() != null) { + isActive = saml1.isIsActive(); + } + } + } + return null; + } + + /* + * (non-Javadoc) + * + * @see at.gv.egovernment.moa.id.configuration.data.oa.IOnlineApplicationData# + * validate(at.gv.egovernment.moa.id.configuration.data.oa.OAGeneralConfig, + * at.gv.egovernment.moa.id.configuration.auth.AuthenticatedUser, + * javax.servlet.http.HttpServletRequest) + */ + @Override + public List validate(OAGeneralConfig general, + AuthenticatedUser authUser, HttpServletRequest request) { + return new OASAML1ConfigValidation().validate(this, general, request); + } + + /* + * (non-Javadoc) + * + * @see + * at.gv.egovernment.moa.id.configuration.data.oa.IOnlineApplicationData#store( + * at.gv.egovernment.moa.id.commons.db.dao.config.OnlineApplication, + * at.gv.egovernment.moa.id.configuration.auth.AuthenticatedUser, + * javax.servlet.http.HttpServletRequest) + */ + @Override + public String store(OnlineApplication dbOA, AuthenticatedUser authUser, HttpServletRequest request) { + AuthComponentOA authoa = dbOA.getAuthComponentOA(); + if (authoa == null) { + authoa = new AuthComponentOA(); + dbOA.setAuthComponentOA(authoa); + } + + OASAML1 saml1 = authoa.getOASAML1(); + if (saml1 == null) { + saml1 = new OASAML1(); + authoa.setOASAML1(saml1); + saml1.setIsActive(false); + } + + if (authUser.isAdmin()) { + saml1.setIsActive(isActive()); + } + + if (saml1.isIsActive() != null && saml1.isIsActive()) { + saml1.setProvideAUTHBlock(isProvideAuthBlock()); + saml1.setProvideCertificate(isProvideCertificate()); + saml1.setProvideFullMandatorData(isProvideFullMandateData()); + saml1.setProvideIdentityLink(isProvideIdentityLink()); + saml1.setProvideStammzahl(isProvideStammZahl()); + saml1.setUseCondition(isUseCondition()); + saml1.setProvideAllErrors(provideAllErrors); + saml1.setConditionLength(BigInteger.valueOf(getConditionLength())); + // TODO: set sourceID + // saml1.setSourceID(""); + } + + return null; + } + + public boolean isProvideStammZahl() { + return provideStammZahl; + } + + public void setProvideStammZahl(boolean provideStammZahl) { + this.provideStammZahl = provideStammZahl; + } + + public boolean isProvideAuthBlock() { + return provideAuthBlock; + } + + public void setProvideAuthBlock(boolean provideAuthBlock) { + this.provideAuthBlock = provideAuthBlock; + } + + public boolean isProvideIdentityLink() { + return provideIdentityLink; + } + + public void setProvideIdentityLink(boolean provideIdentityLink) { + this.provideIdentityLink = provideIdentityLink; + } + + public boolean isProvideCertificate() { + return provideCertificate; + } + + public void setProvideCertificate(boolean provideCertificate) { + this.provideCertificate = provideCertificate; + } + + public boolean isProvideFullMandateData() { + return provideFullMandateData; + } + + public void setProvideFullMandateData(boolean provideFullMandateData) { + this.provideFullMandateData = provideFullMandateData; + } + + public boolean isUseCondition() { + return useCondition; + } + + public void setUseCondition(boolean useCondition) { + this.useCondition = useCondition; + } + + public int getConditionLength() { + return conditionLength; + } + + public void setConditionLength(int conditionLength) { + this.conditionLength = conditionLength; + } + + /** + * @return the isActive + */ + public boolean isActive() { + return isActive; + } + + /** + * @param isActive the isActive to set + */ + public void setActive(boolean isActive) { + this.isActive = isActive; + } + + /** + * @return the provideAllErrors + */ + public Boolean getProvideAllErrors() { + return provideAllErrors; + } + + /** + * @param provideAllErrors the provideAllErrors to set + */ + public void setProvideAllErrors(Boolean provideAllErrors) { + this.provideAllErrors = provideAllErrors; + } + } diff --git a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/data/oa/OASSOConfig.java b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/data/oa/OASSOConfig.java index 1baefe4b8..ed0f1c278 100644 --- a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/data/oa/OASSOConfig.java +++ b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/data/oa/OASSOConfig.java @@ -32,88 +32,104 @@ import at.gv.egovernment.moa.id.commons.db.dao.config.deprecated.OnlineApplicati import at.gv.egovernment.moa.id.configuration.auth.AuthenticatedUser; import at.gv.egovernment.moa.id.configuration.validation.oa.OASSOConfigValidation; -public class OASSOConfig implements IOnlineApplicationData{ - - private boolean useSSO = false; - private boolean showAuthDataFrame = true; - private String singleLogOutURL = null; - - public OASSOConfig() { - - } - - /* (non-Javadoc) - * @see at.gv.egovernment.moa.id.configuration.data.oa.IOnlineApplicationData#getName() - */ - @Override - public String getName() { - return "OASingleSignOn"; - } - - public List parse(OnlineApplication dbOAConfig, AuthenticatedUser authUser, HttpServletRequest request) { - AuthComponentOA authdata = dbOAConfig.getAuthComponentOA(); - if (authdata != null) { - OASSO ssoconfig = authdata.getOASSO(); - if(ssoconfig != null) { - useSSO = ssoconfig.isUseSSO(); - showAuthDataFrame = ssoconfig.isAuthDataFrame(); - singleLogOutURL = ssoconfig.getSingleLogOutURL(); - } - } - - return null; - } - - - /* (non-Javadoc) - * @see at.gv.egovernment.moa.id.configuration.data.oa.IOnlineApplicationData#validate(at.gv.egovernment.moa.id.configuration.data.oa.OAGeneralConfig, javax.servlet.http.HttpServletRequest) - */ - @Override - public List validate(OAGeneralConfig general, AuthenticatedUser authUser, - HttpServletRequest request) { - return new OASSOConfigValidation().validate(this, authUser.isAdmin(), request); - } - - public String store(OnlineApplication dboa, AuthenticatedUser authUser, HttpServletRequest request) { - - AuthComponentOA authoa = dboa.getAuthComponentOA(); - if (authoa == null) { - authoa = new AuthComponentOA(); - dboa.setAuthComponentOA(authoa); - } - - OASSO sso = authoa.getOASSO(); - if (sso == null) { - sso = new OASSO(); - authoa.setOASSO(sso); - sso.setAuthDataFrame(true); - } - sso.setUseSSO(this.useSSO); - - if (authUser.isAdmin()) - sso.setAuthDataFrame(this.showAuthDataFrame); - - sso.setSingleLogOutURL(this.singleLogOutURL); - - return null; - } - - public boolean isUseSSO() { - return useSSO; - } - public void setUseSSO(boolean useSSO) { - this.useSSO = useSSO; - } - public boolean isShowAuthDataFrame() { - return showAuthDataFrame; - } - public void setShowAuthDataFrame(boolean showAuthDataFrame) { - this.showAuthDataFrame = showAuthDataFrame; - } - public String getSingleLogOutURL() { - return singleLogOutURL; - } - public void setSingleLogOutURL(String singleLogOutURL) { - this.singleLogOutURL = singleLogOutURL; - } +public class OASSOConfig implements IOnlineApplicationData { + + private boolean useSSO = false; + private boolean showAuthDataFrame = true; + private String singleLogOutURL = null; + + public OASSOConfig() { + + } + + /* + * (non-Javadoc) + * + * @see + * at.gv.egovernment.moa.id.configuration.data.oa.IOnlineApplicationData#getName + * () + */ + @Override + public String getName() { + return "OASingleSignOn"; + } + + @Override + public List parse(OnlineApplication dbOAConfig, AuthenticatedUser authUser, + HttpServletRequest request) { + final AuthComponentOA authdata = dbOAConfig.getAuthComponentOA(); + if (authdata != null) { + final OASSO ssoconfig = authdata.getOASSO(); + if (ssoconfig != null) { + useSSO = ssoconfig.isUseSSO(); + showAuthDataFrame = ssoconfig.isAuthDataFrame(); + singleLogOutURL = ssoconfig.getSingleLogOutURL(); + } + } + + return null; + } + + /* + * (non-Javadoc) + * + * @see at.gv.egovernment.moa.id.configuration.data.oa.IOnlineApplicationData# + * validate(at.gv.egovernment.moa.id.configuration.data.oa.OAGeneralConfig, + * javax.servlet.http.HttpServletRequest) + */ + @Override + public List validate(OAGeneralConfig general, AuthenticatedUser authUser, + HttpServletRequest request) { + return new OASSOConfigValidation().validate(this, authUser.isAdmin(), request); + } + + @Override + public String store(OnlineApplication dboa, AuthenticatedUser authUser, HttpServletRequest request) { + + AuthComponentOA authoa = dboa.getAuthComponentOA(); + if (authoa == null) { + authoa = new AuthComponentOA(); + dboa.setAuthComponentOA(authoa); + } + + OASSO sso = authoa.getOASSO(); + if (sso == null) { + sso = new OASSO(); + authoa.setOASSO(sso); + sso.setAuthDataFrame(true); + } + sso.setUseSSO(this.useSSO); + + if (authUser.isAdmin()) { + sso.setAuthDataFrame(this.showAuthDataFrame); + } + + sso.setSingleLogOutURL(this.singleLogOutURL); + + return null; + } + + public boolean isUseSSO() { + return useSSO; + } + + public void setUseSSO(boolean useSSO) { + this.useSSO = useSSO; + } + + public boolean isShowAuthDataFrame() { + return showAuthDataFrame; + } + + public void setShowAuthDataFrame(boolean showAuthDataFrame) { + this.showAuthDataFrame = showAuthDataFrame; + } + + public String getSingleLogOutURL() { + return singleLogOutURL; + } + + public void setSingleLogOutURL(String singleLogOutURL) { + this.singleLogOutURL = singleLogOutURL; + } } diff --git a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/data/oa/OASTORKConfig.java b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/data/oa/OASTORKConfig.java index fb096a2a0..82ef9d1d1 100644 --- a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/data/oa/OASTORKConfig.java +++ b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/data/oa/OASTORKConfig.java @@ -27,8 +27,6 @@ import java.util.List; import javax.servlet.http.HttpServletRequest; -import org.apache.log4j.Logger; - import at.gv.egovernment.moa.id.commons.MOAIDConstants; import at.gv.egovernment.moa.id.commons.db.dao.config.deprecated.AttributeProviderPlugin; import at.gv.egovernment.moa.id.commons.db.dao.config.deprecated.AuthComponentOA; @@ -44,306 +42,331 @@ import at.gv.egovernment.moa.id.configuration.config.ConfigurationProvider; import at.gv.egovernment.moa.id.configuration.validation.oa.OASTORKConfigValidation; import at.gv.egovernment.moa.util.MiscUtil; //import at.gv.egovernment.moa.id.protocols.stork2.AttributeProviderFactory; +import lombok.extern.slf4j.Slf4j; + +@Slf4j +public class OASTORKConfig implements IOnlineApplicationData { + + private boolean isStorkLogonEnabled = false; + private String qaa; + + private List attributes = null; + + /* + * VIDP settings below + */ + private boolean vidpEnabled = false; + private List attributeProviderPlugins = new ArrayList<>(); + private boolean requireConsent = false; + private final List citizenCountries; + private List enabledCitizenCountries; + + private MOAIDConfiguration dbconfig = null; + + public OASTORKConfig() { + // fetch available citizen countries + citizenCountries = new ArrayList<>(); + try { + dbconfig = ConfigurationProvider.getInstance().getDbRead().getMOAIDConfiguration(); + + for (final CPEPS current : dbconfig.getAuthComponentGeneral().getForeignIdentities().getSTORK() + .getCPEPS()) { + citizenCountries.add(current.getCountryCode()); + } + + } catch (final NullPointerException e) { + + } catch (final ConfigurationException e) { + log.error("MOA-ID-Configuration initialization FAILED.", e); + + } + + } + + /* + * (non-Javadoc) + * + * @see + * at.gv.egovernment.moa.id.configuration.data.oa.IOnlineApplicationData#getName + * () + */ + @Override + public String getName() { + return "OASTORK2"; + } + + /** + * Parses the OA config for stork entities. + * + * @param dbOAConfig the db oa config + */ + @Override + public List parse(OnlineApplication dbOAConfig, AuthenticatedUser authUser, + HttpServletRequest request) { + final AuthComponentOA authdata = dbOAConfig.getAuthComponentOA(); + if (authdata != null) { + final OASTORK config = authdata.getOASTORK(); + if (config != null) { + setStorkLogonEnabled(config.isStorkLogonEnabled()); + + try { + setQaa(config.geteIDAS_LOA()); + } catch (final NullPointerException e) { + // if there is no configuration available for the OA, get the default qaa level + try { + setQaa(dbconfig.getAuthComponentGeneral().getForeignIdentities().getSTORK() + .getGeneral_eIDAS_LOA()); + + } catch (final NullPointerException e1) { + setQaa(MOAIDConstants.eIDAS_LOA_HIGH); + + } + } + + enabledCitizenCountries = new ArrayList<>(); + if (config.getCPEPS() != null) { + for (final CPEPS current : config.getCPEPS()) { + enabledCitizenCountries.add(current.getCountryCode()); + } + } -public class OASTORKConfig implements IOnlineApplicationData{ - - private static final Logger log = Logger.getLogger(OASTORKConfig.class); - - private boolean isStorkLogonEnabled = false; - private String qaa; - - private List attributes = null; - - /* - * VIDP settings below - */ - private boolean vidpEnabled = false; - private List attributeProviderPlugins = new ArrayList(); - private boolean requireConsent = false; - private List citizenCountries; - private List enabledCitizenCountries; - - private MOAIDConfiguration dbconfig = null; - - public OASTORKConfig() { - // fetch available citizen countries - citizenCountries = new ArrayList(); - try { - dbconfig = ConfigurationProvider.getInstance().getDbRead().getMOAIDConfiguration(); - - - for(CPEPS current : dbconfig.getAuthComponentGeneral().getForeignIdentities().getSTORK().getCPEPS()) { - citizenCountries.add(current.getCountryCode()); - } - - }catch (NullPointerException e) { - - } catch (ConfigurationException e) { - log.error("MOA-ID-Configuration initialization FAILED.", e); - - } - - } - - - /* (non-Javadoc) - * @see at.gv.egovernment.moa.id.configuration.data.oa.IOnlineApplicationData#getName() - */ - @Override - public String getName() { - return "OASTORK2"; - } - - /** - * Parses the OA config for stork entities. - * - * @param dbOAConfig - * the db oa config - */ - public List parse(OnlineApplication dbOAConfig, AuthenticatedUser authUser, HttpServletRequest request) { - AuthComponentOA authdata = dbOAConfig.getAuthComponentOA(); - if (authdata != null) { - OASTORK config = authdata.getOASTORK(); - if(config != null) { - setStorkLogonEnabled(config.isStorkLogonEnabled()); - - try { - setQaa(config.geteIDAS_LOA()); - } catch(NullPointerException e) { - // if there is no configuration available for the OA, get the default qaa level - try { - setQaa(dbconfig.getAuthComponentGeneral().getForeignIdentities().getSTORK().getGeneral_eIDAS_LOA()); - - } catch (NullPointerException e1) { - setQaa(MOAIDConstants.eIDAS_LOA_HIGH); - - } - } - - - enabledCitizenCountries = new ArrayList(); - if (config.getCPEPS() != null) { - for(CPEPS current : config.getCPEPS()) - enabledCitizenCountries.add(current.getCountryCode()); - } - - // prepare attribute helper list - attributes = new ArrayList(); - try { - try { - for(StorkAttribute current : dbconfig.getAuthComponentGeneral().getForeignIdentities().getSTORK().getAttributes()) { - AttributeHelper tmp = null; - - if (config.getOAAttributes() != null) { - for(OAStorkAttribute sepp : config.getOAAttributes()) - if(sepp.getName() != null && sepp.getName().equals(current.getName())) - tmp = new AttributeHelper(sepp); - } - - if(null == tmp) - tmp = new AttributeHelper(current); - - attributes.add(tmp); - } - - } catch (NullPointerException ex) { - - } - - // fetch vidp config - if (config.isVidpEnabled() != null) - setVidpEnabled(config.isVidpEnabled()); - else - setVidpEnabled(false); - - if (config.isRequireConsent() != null) - setRequireConsent(config.isRequireConsent()); - else - setRequireConsent(false); - - attributeProviderPlugins = config.getAttributeProviders(); - // - if no attribute providers are configured, add a dummy - // TODO this is a dirty hack since we have to have one entry to - // clone from in the web form. Happens when time is short. - // Sorry. - if (attributeProviderPlugins == null || attributeProviderPlugins.isEmpty()) - attributeProviderPlugins.add(new AttributeProviderPlugin()); - } catch (NullPointerException ex) { - log.error("Nullpointerexception encountered in Configurationinterface", ex); + // prepare attribute helper list + attributes = new ArrayList<>(); + try { + try { + for (final StorkAttribute current : dbconfig.getAuthComponentGeneral().getForeignIdentities() + .getSTORK().getAttributes()) { + AttributeHelper tmp = null; + + if (config.getOAAttributes() != null) { + for (final OAStorkAttribute sepp : config.getOAAttributes()) { + if (sepp.getName() != null && sepp.getName().equals(current.getName())) { + tmp = new AttributeHelper(sepp); + } } - } - } - - return null; - } - - - /* (non-Javadoc) - * @see at.gv.egovernment.moa.id.configuration.data.oa.IOnlineApplicationData#validate(at.gv.egovernment.moa.id.configuration.data.oa.OAGeneralConfig, javax.servlet.http.HttpServletRequest) - */ - @Override - public List validate(OAGeneralConfig general, AuthenticatedUser authUser, - HttpServletRequest request) { - return new OASTORKConfigValidation().validate(this, request); - } - - /* (non-Javadoc) - * @see at.gv.egovernment.moa.id.configuration.data.oa.IOnlineApplicationData#store(at.gv.egovernment.moa.id.commons.db.dao.config.OnlineApplication, at.gv.egovernment.moa.id.configuration.auth.AuthenticatedUser, javax.servlet.http.HttpServletRequest) - */ - @Override - public String store(OnlineApplication dbOA, AuthenticatedUser authUser, - HttpServletRequest request) { - AuthComponentOA authoa = dbOA.getAuthComponentOA(); - if (authoa == null) { - authoa = new AuthComponentOA(); - dbOA.setAuthComponentOA(authoa); + } + + if (null == tmp) { + tmp = new AttributeHelper(current); + } + + attributes.add(tmp); + } + + } catch (final NullPointerException ex) { + + } + + // fetch vidp config + if (config.isVidpEnabled() != null) { + setVidpEnabled(config.isVidpEnabled()); + } else { + setVidpEnabled(false); + } + + if (config.isRequireConsent() != null) { + setRequireConsent(config.isRequireConsent()); + } else { + setRequireConsent(false); + } + + attributeProviderPlugins = config.getAttributeProviders(); + // - if no attribute providers are configured, add a dummy + // TODO this is a dirty hack since we have to have one entry to + // clone from in the web form. Happens when time is short. + // Sorry. + if (attributeProviderPlugins == null || attributeProviderPlugins.isEmpty()) { + attributeProviderPlugins.add(new AttributeProviderPlugin()); + } + } catch (final NullPointerException ex) { + log.error("Nullpointerexception encountered in Configurationinterface", ex); } - - // fetch stork configuration from database model - OASTORK stork = authoa.getOASTORK(); - if (stork == null) { - // if there is none, create a new one with default values. - stork = new OASTORK(); - authoa.setOASTORK(stork); - stork.setStorkLogonEnabled(false); + } + } + + return null; + } + + /* + * (non-Javadoc) + * + * @see at.gv.egovernment.moa.id.configuration.data.oa.IOnlineApplicationData# + * validate(at.gv.egovernment.moa.id.configuration.data.oa.OAGeneralConfig, + * javax.servlet.http.HttpServletRequest) + */ + @Override + public List validate(OAGeneralConfig general, AuthenticatedUser authUser, + HttpServletRequest request) { + return new OASTORKConfigValidation().validate(this, request); + } + + /* + * (non-Javadoc) + * + * @see + * at.gv.egovernment.moa.id.configuration.data.oa.IOnlineApplicationData#store( + * at.gv.egovernment.moa.id.commons.db.dao.config.OnlineApplication, + * at.gv.egovernment.moa.id.configuration.auth.AuthenticatedUser, + * javax.servlet.http.HttpServletRequest) + */ + @Override + public String store(OnlineApplication dbOA, AuthenticatedUser authUser, + HttpServletRequest request) { + AuthComponentOA authoa = dbOA.getAuthComponentOA(); + if (authoa == null) { + authoa = new AuthComponentOA(); + dbOA.setAuthComponentOA(authoa); + } + + // fetch stork configuration from database model + OASTORK stork = authoa.getOASTORK(); + if (stork == null) { + // if there is none, create a new one with default values. + stork = new OASTORK(); + authoa.setOASTORK(stork); + stork.setStorkLogonEnabled(false); + } + // transfer the incoming data to the database model + stork.setStorkLogonEnabled(isStorkLogonEnabled()); + stork.seteIDAS_LOA(getQaa()); + stork.setOAAttributes(getAttributes()); + stork.setVidpEnabled(isVidpEnabled()); + stork.setRequireConsent(isRequireConsent()); + stork.setAttributeProviders(getAttributeProviderPlugins()); + stork.setCPEPS(getEnabledCPEPS()); + + return null; + + } + + public boolean isStorkLogonEnabled() { + return isStorkLogonEnabled; + } + + public void setStorkLogonEnabled(boolean enabled) { + this.isStorkLogonEnabled = enabled; + } + + public String getQaa() { + return qaa; + } + + public void setQaa(String qaa) { + this.qaa = qaa; + } + + public List getAttributes() { + final List result = new ArrayList<>(); + + if (null == getHelperAttributes()) { + return result; + } + + for (final AttributeHelper current : getHelperAttributes()) { + List generalConfStorkAttr = null; + try { + generalConfStorkAttr = dbconfig.getAuthComponentGeneral().getForeignIdentities().getSTORK() + .getAttributes(); + + } catch (final NullPointerException e) { + log.trace("No STORK attributes in 'General Configuration'"); + + } + + if (generalConfStorkAttr != null) { + for (final StorkAttribute currentAttribute : generalConfStorkAttr) { + if (MiscUtil.isNotEmpty(currentAttribute.getName()) && + currentAttribute.getName().equals(current.getName())) { + if (current.isUsed() || currentAttribute.isMandatory()) { + final OAStorkAttribute tmp = new OAStorkAttribute(); + tmp.setName(current.getName()); + tmp.setMandatory(current.isMandatory()); + result.add(tmp); + + } + break; + } } - // transfer the incoming data to the database model - stork.setStorkLogonEnabled(isStorkLogonEnabled()); - stork.seteIDAS_LOA(getQaa()); - stork.setOAAttributes(getAttributes()); - stork.setVidpEnabled(isVidpEnabled()); - stork.setRequireConsent(isRequireConsent()); - stork.setAttributeProviders(getAttributeProviderPlugins()); - stork.setCPEPS(getEnabledCPEPS()); - - return null; - - } - - public boolean isStorkLogonEnabled() { - return isStorkLogonEnabled; - } - - public void setStorkLogonEnabled(boolean enabled) { - this.isStorkLogonEnabled = enabled; - } - - public String getQaa() { - return qaa; - } - - public void setQaa(String qaa) { - this.qaa = qaa; - } - - public List getAttributes() { - List result = new ArrayList(); - - if(null == getHelperAttributes()) - return result; - - for(AttributeHelper current : getHelperAttributes()) { - List generalConfStorkAttr = null; - try { - generalConfStorkAttr = dbconfig.getAuthComponentGeneral().getForeignIdentities().getSTORK().getAttributes(); - - } catch (NullPointerException e) { - log.trace("No STORK attributes in 'General Configuration'"); - - } - - if (generalConfStorkAttr != null) { - for(StorkAttribute currentAttribute : generalConfStorkAttr) - if(MiscUtil.isNotEmpty(currentAttribute.getName()) && - currentAttribute.getName().equals(current.getName())) { - if(current.isUsed() || currentAttribute.isMandatory()) { - OAStorkAttribute tmp = new OAStorkAttribute(); - tmp.setName(current.getName()); - tmp.setMandatory(current.isMandatory()); - result.add(tmp); - - } - break; - } - } - } - - return result; - } - - public List getHelperAttributes() { - return attributes; - } - - public void setHelperAttributes(List attributes) { - this.attributes = attributes; - } - - public List getAvailableCitizenCountries() { - return citizenCountries; - } - - - public List getAllowedLoALevels() { - return MOAIDConstants.ALLOWED_eIDAS_LOA; - } - - public List getEnabledCitizenCountries() { - return enabledCitizenCountries; - } - - public void setEnabledCitizenCountries(List update) { - enabledCitizenCountries = update; - } - - public List getEnabledCPEPS() { - if (enabledCitizenCountries != null) { - List result = new ArrayList(); - - try { - for(CPEPS current : dbconfig.getAuthComponentGeneral().getForeignIdentities().getSTORK().getCPEPS()) { - if(enabledCitizenCountries.contains(current.getCountryCode())) - result.add(current); - } - - } catch (NullPointerException e){ - - } - return result; - } - - return null; - - } - - public List getAvailableAttributeProviderPlugins() { - //TODO: remove in final version - - return new ArrayList(); - //return AttributeProviderFactory.getAvailablePlugins(); - } - - public List getAttributeProviderPlugins() { - return attributeProviderPlugins; - } - - public void setAttributeProviderPlugins(List update) { - attributeProviderPlugins = update; - } - - public boolean isVidpEnabled() { - return vidpEnabled; - } - - public void setVidpEnabled(boolean update) { - vidpEnabled = update; - } - - public boolean isRequireConsent() { - return requireConsent; - } - - public void setRequireConsent(boolean update) { - requireConsent = update; - } + } + } + + return result; + } + + public List getHelperAttributes() { + return attributes; + } + + public void setHelperAttributes(List attributes) { + this.attributes = attributes; + } + + public List getAvailableCitizenCountries() { + return citizenCountries; + } + + public List getAllowedLoALevels() { + return MOAIDConstants.ALLOWED_eIDAS_LOA; + } + + public List getEnabledCitizenCountries() { + return enabledCitizenCountries; + } + + public void setEnabledCitizenCountries(List update) { + enabledCitizenCountries = update; + } + + public List getEnabledCPEPS() { + if (enabledCitizenCountries != null) { + final List result = new ArrayList<>(); + + try { + for (final CPEPS current : dbconfig.getAuthComponentGeneral().getForeignIdentities().getSTORK() + .getCPEPS()) { + if (enabledCitizenCountries.contains(current.getCountryCode())) { + result.add(current); + } + } + + } catch (final NullPointerException e) { + + } + return result; + } + + return null; + + } + + public List getAvailableAttributeProviderPlugins() { + // TODO: remove in final version + + return new ArrayList<>(); + // return AttributeProviderFactory.getAvailablePlugins(); + } + + public List getAttributeProviderPlugins() { + return attributeProviderPlugins; + } + + public void setAttributeProviderPlugins(List update) { + attributeProviderPlugins = update; + } + + public boolean isVidpEnabled() { + return vidpEnabled; + } + + public void setVidpEnabled(boolean update) { + vidpEnabled = update; + } + + public boolean isRequireConsent() { + return requireConsent; + } + + public void setRequireConsent(boolean update) { + requireConsent = update; + } } diff --git a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/data/oa/OATargetConfiguration.java b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/data/oa/OATargetConfiguration.java index 84516c73f..be1b937f0 100644 --- a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/data/oa/OATargetConfiguration.java +++ b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/data/oa/OATargetConfiguration.java @@ -43,464 +43,473 @@ import at.gv.egovernment.moa.util.MiscUtil; */ public class OATargetConfiguration implements IOnlineApplicationData { - private boolean deaktivededBusinessService = false; - - private boolean subTargetSet = false; - - private String target = null; - private String target_subsector = null; - private String target_admin = null; - private static List targetList = null; - private String targetFriendlyName = null; - private boolean isAdminTarget = false; - - private String identificationNumber = null; - private String identificationType = null; - private static List identificationTypeList = null; - - private String foreignbPKTargets = null; - private String additionalbPKTargets = null; - private boolean eidDemoActive = false; + private boolean deaktivededBusinessService = false; + + private boolean subTargetSet = false; + + private String target = null; + private String target_subsector = null; + private String target_admin = null; + private static List targetList = null; + private String targetFriendlyName = null; + private boolean isAdminTarget = false; + + private String identificationNumber = null; + private String identificationType = null; + private static List identificationTypeList = null; + + private String foreignbPKTargets = null; + private String additionalbPKTargets = null; + private boolean eidDemoActive = false; private boolean eidProxyActive = false; - - public OATargetConfiguration() { - targetList = TargetValidator.getListOfTargets(); - target = ""; - - identificationTypeList = Arrays.asList( - Constants.IDENIFICATIONTYPE_FN, - Constants.IDENIFICATIONTYPE_ZVR, - Constants.IDENIFICATIONTYPE_ERSB, - Constants.IDENIFICATIONTYPE_STORK, - Constants.IDENIFICATIONTYPE_EIDAS); - } - - - /* (non-Javadoc) - * @see at.gv.egovernment.moa.id.configuration.data.oa.IOnlineApplicationData#getName() - */ - @Override - public String getName() { - return "OATargetConfig"; - } - - /* (non-Javadoc) - * @see at.gv.egovernment.moa.id.configuration.data.oa.IOnlineApplicationData#parse(at.gv.egovernment.moa.id.commons.db.dao.config.OnlineApplication, at.gv.egovernment.moa.id.configuration.auth.AuthenticatedUser, javax.servlet.http.HttpServletRequest) - */ - @Override - public List parse(OnlineApplication dbOA, - AuthenticatedUser authUser, HttpServletRequest request) { - String target_full = dbOA.getTarget(); - if (MiscUtil.isNotEmpty(target_full)) { - if (TargetValidator.isValidTarget(target_full)) { - target = target_full; - - } else { - String[] target_split = target_full.split("-"); - - if (TargetValidator.isValidTarget(target_split[0])) { - target = target_split[0]; - if (target_split.length > 1) { - target_subsector = target_split[1]; - subTargetSet = true; - } - - } else { - target = ""; - target_subsector = null; - target_admin = target_full; - isAdminTarget = true; - } - } - targetFriendlyName = dbOA.getTargetFriendlyName(); - } - - AuthComponentOA oaauth = dbOA.getAuthComponentOA(); - if (oaauth != null) { - - IdentificationNumber idnumber = oaauth.getIdentificationNumber(); - if (idnumber != null) { - String number = idnumber.getValue(); - if (MiscUtil.isNotEmpty(number)) { - String[] split = number.split("\\+"); - - if (Constants.PREFIX_WPBK.startsWith(split[0]) && split.length >= 2) { - identificationType = split[1]; - identificationNumber = split[2]; - - } else if (Constants.PREFIX_EIDAS.startsWith(split[0]) && split.length >= 2) { - //identificationType = split[1]; // setting at as iden category ? - identificationType = Constants.IDENIFICATIONTYPE_EIDAS; - identificationNumber = split[1] + "+" + split[2]; // setting sp country as ident type -> sp ident - - } else if (Constants.PREFIX_STORK.startsWith(split[0]) && split.length >= 2) { - //identificationType = split[1]; // setting at as iden category ? - identificationType = Constants.IDENIFICATIONTYPE_STORK; - identificationNumber = split[2]; // setting sp country as ident type -> sp ident - } - } - - if (authUser.isOnlyBusinessService()) { - deaktivededBusinessService = authUser.isOnlyBusinessService(); - - identificationType = authUser.getBusinessServiceType(); - identificationNumber = authUser.getBusinessServiceNumber(); - - } - - } - } - - - //parse foreign bPK sector list - if (dbOA.getForeignbPKTargetList() != null) { - if (KeyValueUtils.isCSVValueString(dbOA.getForeignbPKTargetList())) - foreignbPKTargets = KeyValueUtils.normalizeCSVValueString(dbOA.getForeignbPKTargetList()); - - else { - if (dbOA.getForeignbPKTargetList().contains(KeyValueUtils.CSV_DELIMITER)) { - //remove trailing comma if exist - foreignbPKTargets = dbOA.getForeignbPKTargetList().substring(0, - dbOA.getForeignbPKTargetList().indexOf(KeyValueUtils.CSV_DELIMITER)); - - } else - foreignbPKTargets = dbOA.getForeignbPKTargetList(); - - } - } - - //parse additional bPK sector list - if (dbOA.getAdditionalbPKTargetList() != null) { - if (KeyValueUtils.isCSVValueString(dbOA.getAdditionalbPKTargetList())) - additionalbPKTargets = KeyValueUtils.normalizeCSVValueString(dbOA.getAdditionalbPKTargetList()); - - else { - if (dbOA.getAdditionalbPKTargetList().contains(KeyValueUtils.CSV_DELIMITER)) { - //remove trailing comma if exist - additionalbPKTargets = dbOA.getAdditionalbPKTargetList().substring(0, - dbOA.getAdditionalbPKTargetList().indexOf(KeyValueUtils.CSV_DELIMITER)); - - } else - additionalbPKTargets = dbOA.getAdditionalbPKTargetList(); - - } - } - - //parse 'Austrian eID mode' flag - eidDemoActive = dbOA.getIseIDDemoModeActive(); - eidProxyActive = dbOA.getIseIDProxyModeActive(); - - return null; - } - - /* (non-Javadoc) - * @see at.gv.egovernment.moa.id.configuration.data.oa.IOnlineApplicationData#store(at.gv.egovernment.moa.id.commons.db.dao.config.OnlineApplication, at.gv.egovernment.moa.id.configuration.auth.AuthenticatedUser, javax.servlet.http.HttpServletRequest) - */ - @Override - public String store(OnlineApplication dbOA, AuthenticatedUser authUser, - HttpServletRequest request) { - - AuthComponentOA authoa = dbOA.getAuthComponentOA(); - if (authoa == null) { - authoa = new AuthComponentOA(); - dbOA.setAuthComponentOA(authoa); + + public OATargetConfiguration() { + targetList = TargetValidator.getListOfTargets(); + target = ""; + + identificationTypeList = Arrays.asList( + Constants.IDENIFICATIONTYPE_FN, + Constants.IDENIFICATIONTYPE_ZVR, + Constants.IDENIFICATIONTYPE_ERSB, + Constants.IDENIFICATIONTYPE_STORK, + Constants.IDENIFICATIONTYPE_EIDAS); + } + + /* + * (non-Javadoc) + * + * @see + * at.gv.egovernment.moa.id.configuration.data.oa.IOnlineApplicationData#getName + * () + */ + @Override + public String getName() { + return "OATargetConfig"; + } + + /* + * (non-Javadoc) + * + * @see + * at.gv.egovernment.moa.id.configuration.data.oa.IOnlineApplicationData#parse( + * at.gv.egovernment.moa.id.commons.db.dao.config.OnlineApplication, + * at.gv.egovernment.moa.id.configuration.auth.AuthenticatedUser, + * javax.servlet.http.HttpServletRequest) + */ + @Override + public List parse(OnlineApplication dbOA, + AuthenticatedUser authUser, HttpServletRequest request) { + final String target_full = dbOA.getTarget(); + if (MiscUtil.isNotEmpty(target_full)) { + if (TargetValidator.isValidTarget(target_full)) { + target = target_full; + + } else { + final String[] target_split = target_full.split("-"); + + if (TargetValidator.isValidTarget(target_split[0])) { + target = target_split[0]; + if (target_split.length > 1) { + target_subsector = target_split[1]; + subTargetSet = true; + } + + } else { + target = ""; + target_subsector = null; + target_admin = target_full; + isAdminTarget = true; + } + } + targetFriendlyName = dbOA.getTargetFriendlyName(); + } + + final AuthComponentOA oaauth = dbOA.getAuthComponentOA(); + if (oaauth != null) { + + final IdentificationNumber idnumber = oaauth.getIdentificationNumber(); + if (idnumber != null) { + final String number = idnumber.getValue(); + if (MiscUtil.isNotEmpty(number)) { + final String[] split = number.split("\\+"); + + if (Constants.PREFIX_WPBK.startsWith(split[0]) && split.length >= 2) { + identificationType = split[1]; + identificationNumber = split[2]; + + } else if (Constants.PREFIX_EIDAS.startsWith(split[0]) && split.length >= 2) { + // identificationType = split[1]; // setting at as iden category ? + identificationType = Constants.IDENIFICATIONTYPE_EIDAS; + identificationNumber = split[1] + "+" + split[2]; // setting sp country as ident type -> sp ident + + } else if (Constants.PREFIX_STORK.startsWith(split[0]) && split.length >= 2) { + // identificationType = split[1]; // setting at as iden category ? + identificationType = Constants.IDENIFICATIONTYPE_STORK; + identificationNumber = split[2]; // setting sp country as ident type -> sp ident + } } - - if (isBusinessService(dbOA) || authUser.isOnlyBusinessService()) { - - dbOA.setType(Constants.MOA_CONFIG_BUSINESSSERVICE); - - String num = null; - if (authUser.isOnlyBusinessService()) { - deaktivededBusinessService = authUser.isOnlyBusinessService(); - num = authUser.getBusinessServiceType() + authUser.getBusinessServiceNumber(); - - } else { - - num = getIdentificationNumber().replaceAll(" ", ""); - if (num.startsWith(Constants.IDENIFICATIONTYPE_FN)) { - num = num.substring(Constants.IDENIFICATIONTYPE_FN.length()); - - num = at.gv.egovernment.moa.util.StringUtils.deleteLeadingZeros(num); - - /*Fixme: - * Company numbers had to be padded with '0' on left site - * But this bugfix can not be activated, because this would - * change all bPKs for company numbers. - * - * Change this in case of new bPK generation algorithms - */ - // num = StringUtils.leftPad(num, 7, '0'); - } - - if (num.startsWith(Constants.IDENIFICATIONTYPE_ZVR)) - num = num.substring(Constants.IDENIFICATIONTYPE_ZVR.length()); - - if (num.startsWith(Constants.IDENIFICATIONTYPE_ERSB)) - num = num.substring(Constants.IDENIFICATIONTYPE_ERSB.length()); - } - - IdentificationNumber idnumber = authoa.getIdentificationNumber(); - if (idnumber == null) - idnumber = new IdentificationNumber(); - - if (getIdentificationType().equals(Constants.IDENIFICATIONTYPE_EIDAS)) { - idnumber.setValue(Constants.PREFIX_EIDAS + num); - idnumber.setType(Constants.BUSINESSSERVICENAMES.get(getIdentificationType())); - - } else if (getIdentificationType().equals(Constants.IDENIFICATIONTYPE_STORK)) { - idnumber.setValue(Constants.PREFIX_STORK + "AT" + "+" + num); - idnumber.setType(Constants.BUSINESSSERVICENAMES.get(getIdentificationType())); - } else { - idnumber.setValue(Constants.PREFIX_WPBK + getIdentificationType() + "+" + num); - idnumber.setType(Constants.BUSINESSSERVICENAMES.get(getIdentificationType())); - } - - authoa.setIdentificationNumber(idnumber); + + if (authUser.isOnlyBusinessService()) { + deaktivededBusinessService = authUser.isOnlyBusinessService(); + + identificationType = authUser.getBusinessServiceType(); + identificationNumber = authUser.getBusinessServiceNumber(); + + } + + } + } + + // parse foreign bPK sector list + if (dbOA.getForeignbPKTargetList() != null) { + if (KeyValueUtils.isCSVValueString(dbOA.getForeignbPKTargetList())) { + foreignbPKTargets = KeyValueUtils.normalizeCSVValueString(dbOA.getForeignbPKTargetList()); + } else { + if (dbOA.getForeignbPKTargetList().contains(KeyValueUtils.CSV_DELIMITER)) { + // remove trailing comma if exist + foreignbPKTargets = dbOA.getForeignbPKTargetList().substring(0, + dbOA.getForeignbPKTargetList().indexOf(KeyValueUtils.CSV_DELIMITER)); } else { - dbOA.setType(null); + foreignbPKTargets = dbOA.getForeignbPKTargetList(); + } + + } + } - if (authUser.isAdmin()) { - if (MiscUtil.isNotEmpty(getTarget_admin()) && isAdminTarget()) { - dbOA.setTarget(getTarget_admin()); - dbOA.setTargetFriendlyName(getTargetFriendlyName()); + // parse additional bPK sector list + if (dbOA.getAdditionalbPKTargetList() != null) { + if (KeyValueUtils.isCSVValueString(dbOA.getAdditionalbPKTargetList())) { + additionalbPKTargets = KeyValueUtils.normalizeCSVValueString(dbOA.getAdditionalbPKTargetList()); + } else { + if (dbOA.getAdditionalbPKTargetList().contains(KeyValueUtils.CSV_DELIMITER)) { + // remove trailing comma if exist + additionalbPKTargets = dbOA.getAdditionalbPKTargetList().substring(0, + dbOA.getAdditionalbPKTargetList().indexOf(KeyValueUtils.CSV_DELIMITER)); - } else { + } else { + additionalbPKTargets = dbOA.getAdditionalbPKTargetList(); + } - String target = getTarget(); + } + } - if (MiscUtil.isNotEmpty(getTarget_subsector()) && subTargetSet) - dbOA.setTarget(target + "-" + getTarget_subsector()); - else - dbOA.setTarget(target); + // parse 'Austrian eID mode' flag + eidDemoActive = dbOA.getIseIDDemoModeActive(); + eidProxyActive = dbOA.getIseIDProxyModeActive(); + + return null; + } + + /* + * (non-Javadoc) + * + * @see + * at.gv.egovernment.moa.id.configuration.data.oa.IOnlineApplicationData#store( + * at.gv.egovernment.moa.id.commons.db.dao.config.OnlineApplication, + * at.gv.egovernment.moa.id.configuration.auth.AuthenticatedUser, + * javax.servlet.http.HttpServletRequest) + */ + @Override + public String store(OnlineApplication dbOA, AuthenticatedUser authUser, + HttpServletRequest request) { + + AuthComponentOA authoa = dbOA.getAuthComponentOA(); + if (authoa == null) { + authoa = new AuthComponentOA(); + dbOA.setAuthComponentOA(authoa); + } - String targetname = TargetValidator.getTargetFriendlyName(target); - if (MiscUtil.isNotEmpty(targetname)) dbOA.setTargetFriendlyName(targetname); + if (isBusinessService(dbOA) || authUser.isOnlyBusinessService()) { - } + dbOA.setType(Constants.MOA_CONFIG_BUSINESSSERVICE); - } else { + String num = null; + if (authUser.isOnlyBusinessService()) { + deaktivededBusinessService = authUser.isOnlyBusinessService(); + num = authUser.getBusinessServiceType() + authUser.getBusinessServiceNumber(); - if (MiscUtil.isNotEmpty(getTarget())) { + } else { - String target = getTarget(); + num = getIdentificationNumber().replaceAll(" ", ""); + if (num.startsWith(Constants.IDENIFICATIONTYPE_FN)) { + num = num.substring(Constants.IDENIFICATIONTYPE_FN.length()); - if (MiscUtil.isNotEmpty(getTarget_subsector()) && subTargetSet) - dbOA.setTarget(target + "-" + getTarget_subsector()); + num = at.gv.egovernment.moa.util.StringUtils.deleteLeadingZeros(num); - else - dbOA.setTarget(target); + /* + * Fixme: Company numbers had to be padded with '0' on left site But this bugfix + * can not be activated, because this would change all bPKs for company numbers. + * + * Change this in case of new bPK generation algorithms + */ + // num = StringUtils.leftPad(num, 7, '0'); + } - String targetname = TargetValidator.getTargetFriendlyName(target); - if (MiscUtil.isNotEmpty(targetname)) dbOA.setTargetFriendlyName(targetname); + if (num.startsWith(Constants.IDENIFICATIONTYPE_ZVR)) { + num = num.substring(Constants.IDENIFICATIONTYPE_ZVR.length()); + } - } - } + if (num.startsWith(Constants.IDENIFICATIONTYPE_ERSB)) { + num = num.substring(Constants.IDENIFICATIONTYPE_ERSB.length()); } - - dbOA.setForeignbPKTargetList(getForeignbPKTargets()); - dbOA.setAdditionalbPKTargetList(getAdditionalbPKTargets()); - dbOA.setIseIDDemoModeActive(isEidDemoActive()); - dbOA.setIseIDProxyModeActive(isEidProxyActive()); - - return null; - } - - /** - * @return - */ - private boolean isBusinessService(OnlineApplication dbOA) { - if (dbOA.getType().equals(Constants.MOA_CONFIG_BUSINESSSERVICE)) - return true; - else - return false; - } - - - /* (non-Javadoc) - * @see at.gv.egovernment.moa.id.configuration.data.oa.IOnlineApplicationData#validate(at.gv.egovernment.moa.id.configuration.data.oa.OAGeneralConfig, at.gv.egovernment.moa.id.configuration.auth.AuthenticatedUser, javax.servlet.http.HttpServletRequest) - */ - @Override - public List validate(OAGeneralConfig general, - AuthenticatedUser authUser, HttpServletRequest request) { - return new OATargetConfigValidation().validate(this, authUser.isAdmin(), general, request); - } - - public String getTarget() { - return target; - } - - public void setTarget(String target) { - this.target = target; - } - - public String getTargetFriendlyName() { - return targetFriendlyName; - } - - public void setTargetFriendlyName(String targetFriendlyName) { - this.targetFriendlyName = targetFriendlyName; - } - - public String getIdentificationNumber() { - return identificationNumber; - } - - public void setIdentificationNumber(String identificationNumber) { - this.identificationNumber = identificationNumber; - } - - public String getIdentificationType() { - return identificationType; - } - - public void setIdentificationType(String identificationType) { - this.identificationType = identificationType; - } - - /** - * @return the target_subsector - */ - public String getTarget_subsector() { - return target_subsector; - } - - - /** - * @param target_subsector the target_subsector to set - */ - public void setTarget_subsector(String target_subsector) { - this.target_subsector = target_subsector; - } - - - /** - * @return the target_admin - */ - public String getTarget_admin() { - return target_admin; - } - - - /** - * @param target_admin the target_admin to set - */ - public void setTarget_admin(String target_admin) { - this.target_admin = target_admin; - } - - - /** - * @return the targetList - */ - public List getTargetList() { - return targetList; - } - - - /** - * @return the identificationTypeList - */ - public List getIdentificationTypeList() { - return identificationTypeList; - } - - - /** - * @return the isAdminTarget - */ - public boolean isAdminTarget() { - return isAdminTarget; - } - - - /** - * @param isAdminTarget the isAdminTarget to set - */ - public void setAdminTarget(boolean isAdminTarget) { - this.isAdminTarget = isAdminTarget; - } - - /** - * @return the deaktivededBusinessService - */ - public boolean isDeaktivededBusinessService() { - return deaktivededBusinessService; - } + } + IdentificationNumber idnumber = authoa.getIdentificationNumber(); + if (idnumber == null) { + idnumber = new IdentificationNumber(); + } - /** - * @param deaktivededBusinessService the deaktivededBusinessService to set - */ - public void setDeaktivededBusinessService(boolean deaktivededBusinessService) { - this.deaktivededBusinessService = deaktivededBusinessService; - } + if (getIdentificationType().equals(Constants.IDENIFICATIONTYPE_EIDAS)) { + idnumber.setValue(Constants.PREFIX_EIDAS + num); + idnumber.setType(Constants.BUSINESSSERVICENAMES.get(getIdentificationType())); + } else if (getIdentificationType().equals(Constants.IDENIFICATIONTYPE_STORK)) { + idnumber.setValue(Constants.PREFIX_STORK + "AT" + "+" + num); + idnumber.setType(Constants.BUSINESSSERVICENAMES.get(getIdentificationType())); + } else { + idnumber.setValue(Constants.PREFIX_WPBK + getIdentificationType() + "+" + num); + idnumber.setType(Constants.BUSINESSSERVICENAMES.get(getIdentificationType())); + } - /** - * @return the subTargetSet - */ - public boolean isSubTargetSet() { - return subTargetSet; - } + authoa.setIdentificationNumber(idnumber); + } else { + dbOA.setType(null); - /** - * @param subTargetSet the subTargetSet to set - */ - public void setSubTargetSet(boolean subTargetSet) { - this.subTargetSet = subTargetSet; - } + if (authUser.isAdmin()) { + if (MiscUtil.isNotEmpty(getTarget_admin()) && isAdminTarget()) { + dbOA.setTarget(getTarget_admin()); + dbOA.setTargetFriendlyName(getTargetFriendlyName()); + } else { - public String getForeignbPKTargets() { - return foreignbPKTargets; - } + final String target = getTarget(); + if (MiscUtil.isNotEmpty(getTarget_subsector()) && subTargetSet) { + dbOA.setTarget(target + "-" + getTarget_subsector()); + } else { + dbOA.setTarget(target); + } - public void setForeignbPKTargets(String foreignbPKTargets) { - if (MiscUtil.isNotEmpty(foreignbPKTargets)) - this.foreignbPKTargets = - KeyValueUtils.removeAllNewlineFromString(foreignbPKTargets); - else - this.foreignbPKTargets = foreignbPKTargets; - } + final String targetname = TargetValidator.getTargetFriendlyName(target); + if (MiscUtil.isNotEmpty(targetname)) { + dbOA.setTargetFriendlyName(targetname); + } + } + + } else { + + if (MiscUtil.isNotEmpty(getTarget())) { - public String getAdditionalbPKTargets() { - return additionalbPKTargets; - } + final String target = getTarget(); + if (MiscUtil.isNotEmpty(getTarget_subsector()) && subTargetSet) { + dbOA.setTarget(target + "-" + getTarget_subsector()); + } else { + dbOA.setTarget(target); + } - public void setAdditionalbPKTargets(String additionalbPKTargets) { - if (MiscUtil.isNotEmpty(additionalbPKTargets)) - this.additionalbPKTargets = - KeyValueUtils.removeAllNewlineFromString(additionalbPKTargets); - else - this.additionalbPKTargets = additionalbPKTargets; + final String targetname = TargetValidator.getTargetFriendlyName(target); + if (MiscUtil.isNotEmpty(targetname)) { + dbOA.setTargetFriendlyName(targetname); + } - } + } + } + } + + dbOA.setForeignbPKTargetList(getForeignbPKTargets()); + dbOA.setAdditionalbPKTargetList(getAdditionalbPKTargets()); + dbOA.setIseIDDemoModeActive(isEidDemoActive()); + dbOA.setIseIDProxyModeActive(isEidProxyActive()); + + return null; + } + + /** + * @return + */ + private boolean isBusinessService(OnlineApplication dbOA) { + if (dbOA.getType().equals(Constants.MOA_CONFIG_BUSINESSSERVICE)) { + return true; + } else { + return false; + } + } + + /* + * (non-Javadoc) + * + * @see at.gv.egovernment.moa.id.configuration.data.oa.IOnlineApplicationData# + * validate(at.gv.egovernment.moa.id.configuration.data.oa.OAGeneralConfig, + * at.gv.egovernment.moa.id.configuration.auth.AuthenticatedUser, + * javax.servlet.http.HttpServletRequest) + */ + @Override + public List validate(OAGeneralConfig general, + AuthenticatedUser authUser, HttpServletRequest request) { + return new OATargetConfigValidation().validate(this, authUser.isAdmin(), general, request); + } + + public String getTarget() { + return target; + } + + public void setTarget(String target) { + this.target = target; + } + + public String getTargetFriendlyName() { + return targetFriendlyName; + } + + public void setTargetFriendlyName(String targetFriendlyName) { + this.targetFriendlyName = targetFriendlyName; + } + + public String getIdentificationNumber() { + return identificationNumber; + } + + public void setIdentificationNumber(String identificationNumber) { + this.identificationNumber = identificationNumber; + } + + public String getIdentificationType() { + return identificationType; + } + + public void setIdentificationType(String identificationType) { + this.identificationType = identificationType; + } + + /** + * @return the target_subsector + */ + public String getTarget_subsector() { + return target_subsector; + } + + /** + * @param target_subsector the target_subsector to set + */ + public void setTarget_subsector(String target_subsector) { + this.target_subsector = target_subsector; + } + + /** + * @return the target_admin + */ + public String getTarget_admin() { + return target_admin; + } + + /** + * @param target_admin the target_admin to set + */ + public void setTarget_admin(String target_admin) { + this.target_admin = target_admin; + } + + /** + * @return the targetList + */ + public List getTargetList() { + return targetList; + } + + /** + * @return the identificationTypeList + */ + public List getIdentificationTypeList() { + return identificationTypeList; + } + + /** + * @return the isAdminTarget + */ + public boolean isAdminTarget() { + return isAdminTarget; + } + + /** + * @param isAdminTarget the isAdminTarget to set + */ + public void setAdminTarget(boolean isAdminTarget) { + this.isAdminTarget = isAdminTarget; + } + + /** + * @return the deaktivededBusinessService + */ + public boolean isDeaktivededBusinessService() { + return deaktivededBusinessService; + } + + /** + * @param deaktivededBusinessService the deaktivededBusinessService to set + */ + public void setDeaktivededBusinessService(boolean deaktivededBusinessService) { + this.deaktivededBusinessService = deaktivededBusinessService; + } + + /** + * @return the subTargetSet + */ + public boolean isSubTargetSet() { + return subTargetSet; + } + + /** + * @param subTargetSet the subTargetSet to set + */ + public void setSubTargetSet(boolean subTargetSet) { + this.subTargetSet = subTargetSet; + } + + public String getForeignbPKTargets() { + return foreignbPKTargets; + } + + public void setForeignbPKTargets(String foreignbPKTargets) { + if (MiscUtil.isNotEmpty(foreignbPKTargets)) { + this.foreignbPKTargets = + KeyValueUtils.removeAllNewlineFromString(foreignbPKTargets); + } else { + this.foreignbPKTargets = foreignbPKTargets; + } + } + + public String getAdditionalbPKTargets() { + return additionalbPKTargets; + } + + public void setAdditionalbPKTargets(String additionalbPKTargets) { + if (MiscUtil.isNotEmpty(additionalbPKTargets)) { + this.additionalbPKTargets = + KeyValueUtils.removeAllNewlineFromString(additionalbPKTargets); + } else { + this.additionalbPKTargets = additionalbPKTargets; + } + } - public boolean isEidDemoActive() { - return eidDemoActive; - } + public boolean isEidDemoActive() { + return eidDemoActive; + } + public void setEidDemoActive(boolean eidDemoActive) { + this.eidDemoActive = eidDemoActive; + } - public void setEidDemoActive(boolean eidDemoActive) { - this.eidDemoActive = eidDemoActive; - } - - public boolean isEidProxyActive() { - return eidProxyActive; - } + public boolean isEidProxyActive() { + return eidProxyActive; + } + public void setEidProxyActive(boolean eidProxyActive) { + this.eidProxyActive = eidProxyActive; + } - public void setEidProxyActive(boolean eidProxyActive) { - this.eidProxyActive = eidProxyActive; - } - - - } diff --git a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/data/oa/PVPGatewayInterfederationConfig.java b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/data/oa/PVPGatewayInterfederationConfig.java index e27c55c90..29598a679 100644 --- a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/data/oa/PVPGatewayInterfederationConfig.java +++ b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/data/oa/PVPGatewayInterfederationConfig.java @@ -27,110 +27,128 @@ import java.util.List; import javax.servlet.http.HttpServletRequest; -import org.apache.log4j.Logger; - import at.gv.egovernment.moa.id.commons.db.dao.config.deprecated.InterfederationGatewayType; -import at.gv.egovernment.moa.id.commons.db.dao.config.deprecated.InterfederationIDPType; import at.gv.egovernment.moa.id.commons.db.dao.config.deprecated.OnlineApplication; import at.gv.egovernment.moa.id.commons.validation.ValidationHelper; import at.gv.egovernment.moa.id.configuration.Constants; import at.gv.egovernment.moa.id.configuration.auth.AuthenticatedUser; import at.gv.egovernment.moa.id.configuration.helper.LanguageHelper; import at.gv.egovernment.moa.util.MiscUtil; +import lombok.extern.slf4j.Slf4j; /** * @author tlenz * */ +@Slf4j public class PVPGatewayInterfederationConfig implements IOnlineApplicationData { - private static final Logger log = Logger.getLogger(PVPGatewayInterfederationConfig.class); - - private String entityID = null; - - /* (non-Javadoc) - * @see at.gv.egovernment.moa.id.configuration.data.oa.IOnlineApplicationData#getName() - */ - @Override - public String getName() { - return "PVPGatewayInterfederation"; - } - - /* (non-Javadoc) - * @see at.gv.egovernment.moa.id.configuration.data.oa.IOnlineApplicationData#parse(at.gv.egovernment.moa.id.commons.db.dao.config.OnlineApplication, at.gv.egovernment.moa.id.configuration.auth.AuthenticatedUser, javax.servlet.http.HttpServletRequest) - */ - @Override - public List parse(OnlineApplication dbOA, - AuthenticatedUser authUser, HttpServletRequest request) { - - InterfederationGatewayType gateway = dbOA.getInterfederationGateway(); - if (gateway != null) { - this.entityID = gateway.getForwardIDPIdentifier(); - - } - - return null; - } - - /* (non-Javadoc) - * @see at.gv.egovernment.moa.id.configuration.data.oa.IOnlineApplicationData#store(at.gv.egovernment.moa.id.commons.db.dao.config.OnlineApplication, at.gv.egovernment.moa.id.configuration.auth.AuthenticatedUser, javax.servlet.http.HttpServletRequest) - */ - @Override - public String store(OnlineApplication dbOA, AuthenticatedUser authUser, - HttpServletRequest request) { - - if (authUser.isAdmin()) { - dbOA.setIsInterfederationGateway(true); - - InterfederationGatewayType gateway = dbOA.getInterfederationGateway(); - if (gateway == null) { - gateway = new InterfederationGatewayType(); - dbOA.setInterfederationGateway(gateway); - } - - gateway.setForwardIDPIdentifier(entityID); - } - - dbOA.setType(Constants.MOA_CONFIG_BUSINESSSERVICE); - return null; - } - - /* (non-Javadoc) - * @see at.gv.egovernment.moa.id.configuration.data.oa.IOnlineApplicationData#validate(at.gv.egovernment.moa.id.configuration.data.oa.OAGeneralConfig, at.gv.egovernment.moa.id.configuration.auth.AuthenticatedUser, javax.servlet.http.HttpServletRequest) - */ - @Override - public List validate(OAGeneralConfig general, - AuthenticatedUser authUser, HttpServletRequest request) { - - List errors = new ArrayList(); - - if (MiscUtil.isNotEmpty(entityID)) { - if (!ValidationHelper.validateURL(entityID)) { - log.info("PVP gateway EntityID is not valid"); - errors.add(LanguageHelper.getErrorString("validation.interfederation.gateway.entityID.valid", request)); - - } - - } else - errors.add(LanguageHelper.getErrorString("validation.interfederation.gateway.entityID.empty", request)); - - return errors; - } - - /** - * @return the entityID - */ - public String getEntityID() { - return entityID; - } - - /** - * @param entityID the entityID to set - */ - public void setEntityID(String entityID) { - this.entityID = entityID; - } - - - + private String entityID = null; + + /* + * (non-Javadoc) + * + * @see + * at.gv.egovernment.moa.id.configuration.data.oa.IOnlineApplicationData#getName + * () + */ + @Override + public String getName() { + return "PVPGatewayInterfederation"; + } + + /* + * (non-Javadoc) + * + * @see + * at.gv.egovernment.moa.id.configuration.data.oa.IOnlineApplicationData#parse( + * at.gv.egovernment.moa.id.commons.db.dao.config.OnlineApplication, + * at.gv.egovernment.moa.id.configuration.auth.AuthenticatedUser, + * javax.servlet.http.HttpServletRequest) + */ + @Override + public List parse(OnlineApplication dbOA, + AuthenticatedUser authUser, HttpServletRequest request) { + + final InterfederationGatewayType gateway = dbOA.getInterfederationGateway(); + if (gateway != null) { + this.entityID = gateway.getForwardIDPIdentifier(); + + } + + return null; + } + + /* + * (non-Javadoc) + * + * @see + * at.gv.egovernment.moa.id.configuration.data.oa.IOnlineApplicationData#store( + * at.gv.egovernment.moa.id.commons.db.dao.config.OnlineApplication, + * at.gv.egovernment.moa.id.configuration.auth.AuthenticatedUser, + * javax.servlet.http.HttpServletRequest) + */ + @Override + public String store(OnlineApplication dbOA, AuthenticatedUser authUser, + HttpServletRequest request) { + + if (authUser.isAdmin()) { + dbOA.setIsInterfederationGateway(true); + + InterfederationGatewayType gateway = dbOA.getInterfederationGateway(); + if (gateway == null) { + gateway = new InterfederationGatewayType(); + dbOA.setInterfederationGateway(gateway); + } + + gateway.setForwardIDPIdentifier(entityID); + } + + dbOA.setType(Constants.MOA_CONFIG_BUSINESSSERVICE); + return null; + } + + /* + * (non-Javadoc) + * + * @see at.gv.egovernment.moa.id.configuration.data.oa.IOnlineApplicationData# + * validate(at.gv.egovernment.moa.id.configuration.data.oa.OAGeneralConfig, + * at.gv.egovernment.moa.id.configuration.auth.AuthenticatedUser, + * javax.servlet.http.HttpServletRequest) + */ + @Override + public List validate(OAGeneralConfig general, + AuthenticatedUser authUser, HttpServletRequest request) { + + final List errors = new ArrayList<>(); + + if (MiscUtil.isNotEmpty(entityID)) { + if (!ValidationHelper.validateURL(entityID)) { + log.info("PVP gateway EntityID is not valid"); + errors.add(LanguageHelper.getErrorString("validation.interfederation.gateway.entityID.valid", + request)); + + } + + } else { + errors.add(LanguageHelper.getErrorString("validation.interfederation.gateway.entityID.empty", request)); + } + + return errors; + } + + /** + * @return the entityID + */ + public String getEntityID() { + return entityID; + } + + /** + * @param entityID the entityID to set + */ + public void setEntityID(String entityID) { + this.entityID = entityID; + } + } diff --git a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/filter/AuthenticationFilter.java b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/filter/AuthenticationFilter.java index c69998fa2..8b50437cb 100644 --- a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/filter/AuthenticationFilter.java +++ b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/filter/AuthenticationFilter.java @@ -40,8 +40,6 @@ import javax.servlet.http.HttpServletResponse; import javax.servlet.http.HttpSession; import org.apache.commons.lang.StringUtils; -import org.apache.log4j.Logger; - import at.gv.egovernment.moa.id.config.webgui.exception.ConfigurationException; import at.gv.egovernment.moa.id.configuration.Constants; import at.gv.egovernment.moa.id.configuration.auth.AuthenticatedUser; @@ -50,10 +48,10 @@ import at.gv.egovernment.moa.id.configuration.config.ConfigurationProvider; import at.gv.egovernment.moa.util.MiscUtil; import at.gv.util.ToStringUtil; import at.gv.util.WebAppUtil; +import lombok.extern.slf4j.Slf4j; +@Slf4j public class AuthenticationFilter implements Filter{ - - private final Logger log = Logger.getLogger(AuthenticationFilter.class); private static ConfigurationProvider config; diff --git a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/filter/EncodingFilter.java b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/filter/EncodingFilter.java index 71f9536ae..6c4ecf3ae 100644 --- a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/filter/EncodingFilter.java +++ b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/filter/EncodingFilter.java @@ -11,11 +11,13 @@ import javax.servlet.ServletResponse; import org.apache.commons.lang.StringUtils; import org.apache.commons.lang.builder.ToStringBuilder; -import org.apache.log4j.Logger; + +import lombok.extern.slf4j.Slf4j; /** * @author Thomas Knall */ +@Slf4j public class EncodingFilter implements javax.servlet.Filter { private static final String SERVLET_INIT_PARAM_ENCODING = "encoding"; @@ -30,8 +32,6 @@ public class EncodingFilter implements javax.servlet.Filter { private static final boolean DEFAULT_FORCE_REQUEST_ENCODING_VALUE = true; private static final boolean DEFAULT_SET_RESPONSE_ENCODING_VALUE = false; private static final boolean DEFAULT_FORCE_RESPONSE_ENCODING_VALUE = false; - - private Logger log = Logger.getLogger(getClass().getName()); private String encoding = null; diff --git a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/helper/AuthenticationHelper.java b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/helper/AuthenticationHelper.java index 4d47d8d96..25cf87aa9 100644 --- a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/helper/AuthenticationHelper.java +++ b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/helper/AuthenticationHelper.java @@ -29,29 +29,27 @@ import javax.crypto.SecretKeyFactory; import javax.crypto.spec.PBEKeySpec; import javax.crypto.spec.SecretKeySpec; -import org.apache.log4j.Logger; - import at.gv.egovernment.moa.util.Base64Utils; +import lombok.extern.slf4j.Slf4j; +@Slf4j public class AuthenticationHelper { - - private static final Logger log = Logger.getLogger(AuthenticationHelper.class); - - public static String generateKeyFormPassword(String password) { - SecretKeyFactory factory; - - try { - factory = SecretKeyFactory.getInstance("PBKDF2WithHmacSHA1"); - KeySpec spec = new PBEKeySpec(password.toCharArray(), "TestSALT".getBytes(), 1024, 128); - SecretKey tmp = factory.generateSecret(spec); - SecretKeySpec secret = new SecretKeySpec(tmp.getEncoded(), "AES"); - return Base64Utils.encode(secret.getEncoded()); - - } catch (Exception e) { - log.info("Key generation form password failed."); - return null; - } - - } + + public static String generateKeyFormPassword(String password) { + SecretKeyFactory factory; + + try { + factory = SecretKeyFactory.getInstance("PBKDF2WithHmacSHA1"); + final KeySpec spec = new PBEKeySpec(password.toCharArray(), "TestSALT".getBytes(), 1024, 128); + final SecretKey tmp = factory.generateSecret(spec); + final SecretKeySpec secret = new SecretKeySpec(tmp.getEncoded(), "AES"); + return Base64Utils.encode(secret.getEncoded()); + + } catch (final Exception e) { + log.info("Key generation form password failed."); + return null; + } + + } } diff --git a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/helper/DateTimeHelper.java b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/helper/DateTimeHelper.java index eed4aa32f..a6c8b93b1 100644 --- a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/helper/DateTimeHelper.java +++ b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/helper/DateTimeHelper.java @@ -26,34 +26,32 @@ import java.text.ParseException; import java.text.SimpleDateFormat; import java.util.Date; -import org.apache.log4j.Logger; - import at.gv.egovernment.moa.util.MiscUtil; +import lombok.extern.slf4j.Slf4j; +@Slf4j public class DateTimeHelper { - private static final Logger log = Logger.getLogger(DateTimeHelper.class); - - private static final String DATETIMEPATTERN = "dd.MM.yyy HH:mm"; - - public static String getDateTime(Date date) { - SimpleDateFormat f = new SimpleDateFormat(DATETIMEPATTERN); - return f.format(date); - } - - public static Date parseDateTime(String date) { - SimpleDateFormat f = new SimpleDateFormat(DATETIMEPATTERN); - - if (MiscUtil.isNotEmpty(date)) { - - try { - return f.parse(date); - - } catch (ParseException e) { - log.warn("Parse DATETIME String " + date + " failed", e); - - } - } - return null; - } + private static final String DATETIMEPATTERN = "dd.MM.yyy HH:mm"; + + public static String getDateTime(Date date) { + final SimpleDateFormat f = new SimpleDateFormat(DATETIMEPATTERN); + return f.format(date); + } + + public static Date parseDateTime(String date) { + final SimpleDateFormat f = new SimpleDateFormat(DATETIMEPATTERN); + + if (MiscUtil.isNotEmpty(date)) { + + try { + return f.parse(date); + + } catch (final ParseException e) { + log.warn("Parse DATETIME String " + date + " failed", e); + + } + } + return null; + } } diff --git a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/helper/FormDataHelper.java b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/helper/FormDataHelper.java index b4afcb5f2..406acf001 100644 --- a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/helper/FormDataHelper.java +++ b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/helper/FormDataHelper.java @@ -26,77 +26,76 @@ import java.util.ArrayList; import java.util.Date; import java.util.List; -import at.gv.egovernment.moa.id.commons.db.dao.config.deprecated.OnlineApplication; import at.gv.egovernment.moa.id.commons.db.dao.config.UserDatabase; +import at.gv.egovernment.moa.id.commons.db.dao.config.deprecated.OnlineApplication; import at.gv.egovernment.moa.id.configuration.auth.AuthenticatedUser; import at.gv.egovernment.moa.id.configuration.data.OAListElement; import at.gv.egovernment.moa.id.configuration.data.OAListElement.ServiceType; public class FormDataHelper { - public static ArrayList populateFormWithInderfederationIDPs(List dbOAs) { - - ArrayList formOAs = new ArrayList(); - - for (OnlineApplication dboa : dbOAs) { - - if (dboa.isIsInterfederationIDP()!= null && dboa.isIsInterfederationIDP()) - formOAs.add(addOAFormListElement(dboa, ServiceType.IDP)); - - else if (dboa.isIsInterfederationGateway()!= null && dboa.isIsInterfederationGateway()) - formOAs.add(addOAFormListElement(dboa, ServiceType.GWAY)); - - else if (dboa.getAuthComponentOA().getOASTORK() != null - && dboa.getAuthComponentOA().getOASTORK().isVidpEnabled() != null - && dboa.getAuthComponentOA().getOASTORK().isVidpEnabled()) - formOAs.add(addOAFormListElement(dboa, ServiceType.VIDP)); - } - return formOAs; - } - - public static ArrayList populateFormWithOAs(List dbOAs) { - - ArrayList formOAs = new ArrayList(); - - for (OnlineApplication dboa : dbOAs) { - - if ( !((dboa.isIsInterfederationIDP() != null && dboa.isIsInterfederationIDP()) || - (dboa.isIsInterfederationGateway() != null && dboa.isIsInterfederationGateway()) || - (dboa.getAuthComponentOA().getOASTORK() != null - && dboa.getAuthComponentOA().getOASTORK().isVidpEnabled() != null - && dboa.getAuthComponentOA().getOASTORK().isVidpEnabled()) || - (dboa.isIsInterfederationGateway() != null && dboa.isIsInterfederationGateway() ))) { - formOAs.add(addOAFormListElement(dboa, ServiceType.OA)); - } - } - return formOAs; - } - - private static OAListElement addOAFormListElement(OnlineApplication dboa, ServiceType type) { - OAListElement listoa = new OAListElement(type); - listoa.setActive(dboa.isIsActive()); - listoa.setDataBaseID(dboa.getHjid()); - listoa.setOaFriendlyName(dboa.getFriendlyName()); - listoa.setOaIdentifier(dboa.getPublicURLPrefix()); - listoa.setOaType(dboa.getType()); - return listoa; - } - - public static ArrayList addFormUsers(List dbuserlist) { - ArrayList userlist = new ArrayList(); - - for (UserDatabase dbuser : dbuserlist) { - - boolean ismandate = false; - if (dbuser.isIsMandateUser() != null) - ismandate = dbuser.isIsMandateUser(); - - userlist.add(new AuthenticatedUser(dbuser, - dbuser.isIsActive(), - ismandate, - false, null, null, new Date()) - ); - } - return userlist; - } + public static ArrayList populateFormWithInderfederationIDPs(List dbOAs) { + + final ArrayList formOAs = new ArrayList<>(); + + for (final OnlineApplication dboa : dbOAs) { + + if (dboa.isIsInterfederationIDP() != null && dboa.isIsInterfederationIDP()) { + formOAs.add(addOAFormListElement(dboa, ServiceType.IDP)); + } else if (dboa.isIsInterfederationGateway() != null && dboa.isIsInterfederationGateway()) { + formOAs.add(addOAFormListElement(dboa, ServiceType.GWAY)); + } else if (dboa.getAuthComponentOA().getOASTORK() != null + && dboa.getAuthComponentOA().getOASTORK().isVidpEnabled() != null + && dboa.getAuthComponentOA().getOASTORK().isVidpEnabled()) { + formOAs.add(addOAFormListElement(dboa, ServiceType.VIDP)); + } + } + return formOAs; + } + + public static ArrayList populateFormWithOAs(List dbOAs) { + + final ArrayList formOAs = new ArrayList<>(); + + for (final OnlineApplication dboa : dbOAs) { + + if (!(dboa.isIsInterfederationIDP() != null && dboa.isIsInterfederationIDP() || + dboa.isIsInterfederationGateway() != null && dboa.isIsInterfederationGateway() || + dboa.getAuthComponentOA().getOASTORK() != null + && dboa.getAuthComponentOA().getOASTORK().isVidpEnabled() != null + && dboa.getAuthComponentOA().getOASTORK().isVidpEnabled() || + dboa.isIsInterfederationGateway() != null && dboa.isIsInterfederationGateway())) { + formOAs.add(addOAFormListElement(dboa, ServiceType.OA)); + } + } + return formOAs; + } + + private static OAListElement addOAFormListElement(OnlineApplication dboa, ServiceType type) { + final OAListElement listoa = new OAListElement(type); + listoa.setActive(dboa.isIsActive()); + listoa.setDataBaseID(dboa.getHjid()); + listoa.setOaFriendlyName(dboa.getFriendlyName()); + listoa.setOaIdentifier(dboa.getPublicURLPrefix()); + listoa.setOaType(dboa.getType()); + return listoa; + } + + public static ArrayList addFormUsers(List dbuserlist) { + final ArrayList userlist = new ArrayList<>(); + + for (final UserDatabase dbuser : dbuserlist) { + + boolean ismandate = false; + if (dbuser.isIsMandateUser() != null) { + ismandate = dbuser.isIsMandateUser(); + } + + userlist.add(new AuthenticatedUser(dbuser, + dbuser.isIsActive(), + ismandate, + false, null, null, new Date())); + } + return userlist; + } } diff --git a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/helper/LanguageHelper.java b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/helper/LanguageHelper.java index 29ab75b3e..d4f4d2129 100644 --- a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/helper/LanguageHelper.java +++ b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/helper/LanguageHelper.java @@ -22,81 +22,73 @@ *******************************************************************************/ package at.gv.egovernment.moa.id.configuration.helper; +import java.text.MessageFormat; +import java.util.Locale; +import java.util.ResourceBundle; + +import javax.servlet.http.HttpServletRequest; import at.gv.egovernment.moa.id.config.webgui.exception.ConfigurationException; import at.gv.egovernment.moa.id.configuration.Constants; import at.gv.egovernment.moa.id.configuration.config.ConfigurationProvider; -import at.gv.egovernment.moa.util.MiscUtil; +import lombok.extern.slf4j.Slf4j; -import javax.servlet.http.HttpServletRequest; -import java.text.MessageFormat; -import java.util.Locale; -import java.util.ResourceBundle; +@Slf4j +public class LanguageHelper { + private static String errorLanguage(String code, Locale locale) { + return ResourceBundle.getBundle("applicationResources", locale).getString(code); -import org.apache.log4j.Logger; + } + private static String guiLanguage(String code, Locale locale) { + return ResourceBundle.getBundle("applicationResources", locale).getString(code); -public class LanguageHelper { + } - private static Logger log = Logger.getLogger(LanguageHelper.class); - - private static String errorLanguage(String code, Locale locale) { - return ResourceBundle.getBundle("applicationResources", locale).getString(code); - - } + public static String getGUIString(String code, HttpServletRequest request) { + return guiLanguage(code, getLangFromRequest(request)); + } - private static String guiLanguage(String code, Locale locale) { - return ResourceBundle.getBundle("applicationResources", locale).getString(code); - - } + public static String getErrorString(String code, HttpServletRequest request) { + return errorLanguage(code, getLangFromRequest(request)); + } - public static String getGUIString(String code, HttpServletRequest request) { - return guiLanguage(code, getLangFromRequest(request)); - } + public static String getGUIString(String code, String parameter, HttpServletRequest request) { + return MessageFormat.format(getGUIString(code, request), parameter); + } + public static String getErrorString(String code, Object[] parameter, HttpServletRequest request) { - public static String getErrorString(String code, HttpServletRequest request) { - return errorLanguage(code, getLangFromRequest(request)); - } + return MessageFormat.format(getGUIString(code, request), parameter); + } - public static String getGUIString(String code, String parameter, HttpServletRequest request) { - return MessageFormat.format(getGUIString(code, request), parameter); - } + private static Locale getLangFromRequest(HttpServletRequest request) { + + Locale defaultLanguage = Locale.forLanguageTag("de"); - public static String getErrorString(String code, Object[] parameter, HttpServletRequest request) { + try { + final ConfigurationProvider configurationProvider = ConfigurationProvider.getInstance(); + defaultLanguage = Locale.forLanguageTag(configurationProvider.getDefaultLanguage()); - return MessageFormat.format(getGUIString(code, request), parameter); + } catch (final ConfigurationException e) { + log.error("Configuration exception while getting ConfigurationProvider instance", e); } - - private static Locale getLangFromRequest(HttpServletRequest request) { - - Locale defaultLanguage = Locale.forLanguageTag("de"); - - try { - ConfigurationProvider configurationProvider = ConfigurationProvider.getInstance(); - defaultLanguage = Locale.forLanguageTag(configurationProvider.getDefaultLanguage()); - - } catch (ConfigurationException e) { - log.error("Configuration exception while getting ConfigurationProvider instance", e); - } - - - if (request == null) { - return defaultLanguage; - - } else { - Object obj = request.getSession().getAttribute(Constants.SESSION_I18n); - - if (obj != null && obj instanceof Locale) { - return (Locale) obj; - - } else - return defaultLanguage; - - } - + if (request == null) { + return defaultLanguage; + + } else { + final Object obj = request.getSession().getAttribute(Constants.SESSION_I18n); + + if (obj != null && obj instanceof Locale) { + return (Locale) obj; + + } else { + return defaultLanguage; + } + } -} + } +} diff --git a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/helper/MailHelper.java b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/helper/MailHelper.java index 8f3b8f479..5d1f663a9 100644 --- a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/helper/MailHelper.java +++ b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/helper/MailHelper.java @@ -41,7 +41,6 @@ import javax.mail.internet.MimeMessage; import javax.mail.internet.MimeMultipart; import org.apache.commons.io.IOUtils; -import org.apache.log4j.Logger; import at.gv.egiz.eaaf.core.impl.utils.FileUtils; import at.gv.egovernment.moa.id.commons.db.dao.config.UserDatabase; @@ -49,207 +48,213 @@ import at.gv.egovernment.moa.id.config.webgui.exception.ConfigurationException; import at.gv.egovernment.moa.id.configuration.Constants; import at.gv.egovernment.moa.id.configuration.config.ConfigurationProvider; import at.gv.egovernment.moa.util.MiscUtil; +import lombok.extern.slf4j.Slf4j; +@Slf4j public class MailHelper { - private static final Logger log = Logger.getLogger(MailHelper.class); - - private static final String PATTERN_GIVENNAME = "#GIVENNAME#"; - private static final String PATTERN_FAMILYNAME = "#FAMILYNAME#"; - private static final String PATTERN_URL = "#MANDATE_SERVICE_LINK#"; - private static final String PATTERN_DATE = "#TODAY_DATE#"; - private static final String PATTERN_OPENOAS = "#NUMBER_OAS#"; - private static final String PATTERN_OPENUSERS = "#NUMBER_USERSS#"; - private static final String PATTERN_OANAME = "#OANAME#"; - - public static void sendUserMailAddressVerification(UserDatabase userdb) throws ConfigurationException { - - ConfigurationProvider config = ConfigurationProvider.getInstance(); - String templateurl = config.getMailUserAcountVerificationTemplate(); - - String template = readTemplateFromURL(templateurl, config.getConfigRootDir()); - - if (userdb.isIsMandateUser() != null && userdb.isIsMandateUser()) { - template = template.replace(PATTERN_GIVENNAME, userdb.getInstitut()); - template = template.replace(PATTERN_FAMILYNAME, ""); - - } else { - template = template.replace(PATTERN_GIVENNAME, userdb.getGivenname()); - template = template.replace(PATTERN_FAMILYNAME, userdb.getFamilyname()); - } - - SimpleDateFormat dateformat = new SimpleDateFormat("dd.MM.yyyy"); - template = template.replace(PATTERN_DATE, dateformat.format(new Date())); - - String verificationURL = config.getPublicUrlPreFix(null); - - if (!verificationURL.endsWith("/")) - verificationURL = verificationURL + "/"; - - verificationURL = verificationURL + Constants.SERVLET_ACCOUNTVERIFICATION + - "?" + Constants.REQUEST_USERREQUESTTOKKEN + - "=" + userdb.getUserRequestTokken(); - template = template.replace(PATTERN_URL, verificationURL); - - sendMail(config, config.getMailUserAcountVerificationSubject(), - userdb.getMail(), template); - - } - - public static void sendAdminMail(int numOpenOAs, int numOpenUsers) throws ConfigurationException { - ConfigurationProvider config = ConfigurationProvider.getInstance(); - String templateurl = config.getMailAdminTemplate(); - - String template = readTemplateFromURL(templateurl, config.getConfigRootDir()); - template = template.replace(PATTERN_OPENOAS, String.valueOf(numOpenOAs)); - template = template.replace(PATTERN_OPENUSERS, String.valueOf(numOpenUsers)); - - SimpleDateFormat dateformat = new SimpleDateFormat("dd.MM.yyyy"); - template = template.replace(PATTERN_DATE, dateformat.format(new Date())); - - sendMail(config, config.getMailAdminSubject(), config.getMailAdminAddress(), template); - - } - - public static void sendUserAccountActivationMail(String givenname, String familyname, String institut, String mailurl) throws ConfigurationException { - ConfigurationProvider config = ConfigurationProvider.getInstance(); - String templateurl = config.getMailUserAcountActivationTemplate(); - - String template = readTemplateFromURL(templateurl, config.getConfigRootDir()); - if (MiscUtil.isNotEmpty(institut)) { - template = template.replace(PATTERN_GIVENNAME, institut); - template = template.replace(PATTERN_FAMILYNAME, ""); - - } else { - template = template.replace(PATTERN_GIVENNAME, givenname); - template = template.replace(PATTERN_FAMILYNAME, familyname); - } - - - SimpleDateFormat dateformat = new SimpleDateFormat("dd.MM.yyyy"); - template = template.replace(PATTERN_DATE, dateformat.format(new Date())); - - String verificationURL = config.getPublicUrlPreFix(null); - if (!verificationURL.endsWith("/")) - verificationURL = verificationURL + "/"; - - template = template.replace(PATTERN_URL, verificationURL); - - sendMail(config, config.getMailUserAcountActivationSubject(), - mailurl, template); - } - - public static void sendUserOnlineApplicationActivationMail(String givenname, String familyname, String institut, String oaname, String mailurl) throws ConfigurationException { - ConfigurationProvider config = ConfigurationProvider.getInstance(); - String templateurl = config.getMailOAActivationTemplate(); - - String template = readTemplateFromURL(templateurl, config.getConfigRootDir()); - if (MiscUtil.isNotEmpty(institut)) { - template = template.replace(PATTERN_GIVENNAME, institut); - template = template.replace(PATTERN_FAMILYNAME, ""); - - } else { - template = template.replace(PATTERN_GIVENNAME, givenname); - template = template.replace(PATTERN_FAMILYNAME, familyname); - } - - template = template.replace(PATTERN_OANAME, oaname); - - SimpleDateFormat dateformat = new SimpleDateFormat("dd.MM.yyyy"); - template = template.replace(PATTERN_DATE, dateformat.format(new Date())); - - String verificationURL = config.getPublicUrlPreFix(null); - if (!verificationURL.endsWith("/")) - verificationURL = verificationURL + "/"; - - template = template.replace(PATTERN_URL, verificationURL); - - sendMail(config, config.getMailOAActivationSubject(), - mailurl, template); - } - - public static void sendUserAccountRevocationMail(UserDatabase userdb) throws ConfigurationException { - ConfigurationProvider config = ConfigurationProvider.getInstance(); - String templateurl = config.getMailUserAcountRevocationTemplate(); - - String template = readTemplateFromURL(templateurl, config.getConfigRootDir()); - - if (userdb.isIsMandateUser() != null && userdb.isIsMandateUser()) { - template = template.replace(PATTERN_GIVENNAME, userdb.getInstitut()); - template = template.replace(PATTERN_FAMILYNAME, ""); - - } else { - template = template.replace(PATTERN_GIVENNAME, userdb.getGivenname()); - template = template.replace(PATTERN_FAMILYNAME, userdb.getFamilyname()); - } - - SimpleDateFormat dateformat = new SimpleDateFormat("dd.MM.yyyy"); - template = template.replace(PATTERN_DATE, dateformat.format(new Date())); - - sendMail(config, config.getMailUserAcountActivationSubject(), - userdb.getMail(), template); - } - - private static String readTemplateFromURL(String templateurl, String rootDir) throws ConfigurationException { - InputStream input; - try { - - URL keystoreURL = new URL(FileUtils.makeAbsoluteURL(templateurl, rootDir)); - input = keystoreURL.openStream(); - StringWriter writer = new StringWriter(); - IOUtils.copy(input, writer); - input.close(); - return writer.toString(); - - } catch (Exception e) { - log.warn("Mailtemplate can not be read from source" + templateurl); - throw new ConfigurationException("Mailtemplate can not be read from source" + templateurl); - - } - } - - private static void sendMail(ConfigurationProvider config, String subject, String recipient, String content) throws ConfigurationException { - try { - log.debug("Sending mail."); - MiscUtil.assertNotNull(subject, "subject"); - MiscUtil.assertNotNull(recipient, "recipient"); - MiscUtil.assertNotNull(content, "content"); - - Properties props = new Properties(); - props.setProperty("mail.transport.protocol", "smtp"); - props.setProperty("mail.host", config.getSMTPMailHost()); - log.trace("Mail host: " + config.getSMTPMailHost()); - if (config.getSMTPMailPort() != null) { - log.trace("Mail port: " + config.getSMTPMailPort()); - props.setProperty("mail.port", config.getSMTPMailPort()); - } - if (config.getSMTPMailUsername() != null) { - log.trace("Mail user: " + config.getSMTPMailUsername()); - props.setProperty("mail.user", config.getSMTPMailUsername()); - } - if (config.getSMTPMailPassword() != null) { - log.trace("Mail password: " + config.getSMTPMailPassword()); - props.setProperty("mail.password", config.getSMTPMailPassword()); - } - - Session mailSession = Session.getDefaultInstance(props, null); - Transport transport = mailSession.getTransport(); - - MimeMessage message = new MimeMessage(mailSession); - message.setSubject(subject); - log.trace("Mail from: " + config.getMailFromName() + "/" + config.getMailFromAddress()); - message.setFrom(new InternetAddress(config.getMailFromAddress(), config.getMailFromName())); - log.trace("Recipient: " + recipient); - message.addRecipient(Message.RecipientType.TO, new InternetAddress(recipient)); - - log.trace("Creating multipart content of mail."); - MimeMultipart multipart = new MimeMultipart("related"); - - log.trace("Adding first part (html)"); - BodyPart messageBodyPart = new MimeBodyPart(); - messageBodyPart.setContent(content, "text/html; charset=ISO-8859-15"); - multipart.addBodyPart(messageBodyPart); - + private static final String PATTERN_GIVENNAME = "#GIVENNAME#"; + private static final String PATTERN_FAMILYNAME = "#FAMILYNAME#"; + private static final String PATTERN_URL = "#MANDATE_SERVICE_LINK#"; + private static final String PATTERN_DATE = "#TODAY_DATE#"; + private static final String PATTERN_OPENOAS = "#NUMBER_OAS#"; + private static final String PATTERN_OPENUSERS = "#NUMBER_USERSS#"; + private static final String PATTERN_OANAME = "#OANAME#"; + + public static void sendUserMailAddressVerification(UserDatabase userdb) throws ConfigurationException { + + final ConfigurationProvider config = ConfigurationProvider.getInstance(); + final String templateurl = config.getMailUserAcountVerificationTemplate(); + + String template = readTemplateFromURL(templateurl, config.getConfigRootDir()); + + if (userdb.isIsMandateUser() != null && userdb.isIsMandateUser()) { + template = template.replace(PATTERN_GIVENNAME, userdb.getInstitut()); + template = template.replace(PATTERN_FAMILYNAME, ""); + + } else { + template = template.replace(PATTERN_GIVENNAME, userdb.getGivenname()); + template = template.replace(PATTERN_FAMILYNAME, userdb.getFamilyname()); + } + + final SimpleDateFormat dateformat = new SimpleDateFormat("dd.MM.yyyy"); + template = template.replace(PATTERN_DATE, dateformat.format(new Date())); + + String verificationURL = config.getPublicUrlPreFix(null); + + if (!verificationURL.endsWith("/")) { + verificationURL = verificationURL + "/"; + } + + verificationURL = verificationURL + Constants.SERVLET_ACCOUNTVERIFICATION + + "?" + Constants.REQUEST_USERREQUESTTOKKEN + + "=" + userdb.getUserRequestTokken(); + template = template.replace(PATTERN_URL, verificationURL); + + sendMail(config, config.getMailUserAcountVerificationSubject(), + userdb.getMail(), template); + + } + + public static void sendAdminMail(int numOpenOAs, int numOpenUsers) throws ConfigurationException { + final ConfigurationProvider config = ConfigurationProvider.getInstance(); + final String templateurl = config.getMailAdminTemplate(); + + String template = readTemplateFromURL(templateurl, config.getConfigRootDir()); + template = template.replace(PATTERN_OPENOAS, String.valueOf(numOpenOAs)); + template = template.replace(PATTERN_OPENUSERS, String.valueOf(numOpenUsers)); + + final SimpleDateFormat dateformat = new SimpleDateFormat("dd.MM.yyyy"); + template = template.replace(PATTERN_DATE, dateformat.format(new Date())); + + sendMail(config, config.getMailAdminSubject(), config.getMailAdminAddress(), template); + + } + + public static void sendUserAccountActivationMail(String givenname, String familyname, String institut, + String mailurl) throws ConfigurationException { + final ConfigurationProvider config = ConfigurationProvider.getInstance(); + final String templateurl = config.getMailUserAcountActivationTemplate(); + + String template = readTemplateFromURL(templateurl, config.getConfigRootDir()); + if (MiscUtil.isNotEmpty(institut)) { + template = template.replace(PATTERN_GIVENNAME, institut); + template = template.replace(PATTERN_FAMILYNAME, ""); + + } else { + template = template.replace(PATTERN_GIVENNAME, givenname); + template = template.replace(PATTERN_FAMILYNAME, familyname); + } + + final SimpleDateFormat dateformat = new SimpleDateFormat("dd.MM.yyyy"); + template = template.replace(PATTERN_DATE, dateformat.format(new Date())); + + String verificationURL = config.getPublicUrlPreFix(null); + if (!verificationURL.endsWith("/")) { + verificationURL = verificationURL + "/"; + } + + template = template.replace(PATTERN_URL, verificationURL); + + sendMail(config, config.getMailUserAcountActivationSubject(), + mailurl, template); + } + + public static void sendUserOnlineApplicationActivationMail(String givenname, String familyname, + String institut, String oaname, String mailurl) throws ConfigurationException { + final ConfigurationProvider config = ConfigurationProvider.getInstance(); + final String templateurl = config.getMailOAActivationTemplate(); + + String template = readTemplateFromURL(templateurl, config.getConfigRootDir()); + if (MiscUtil.isNotEmpty(institut)) { + template = template.replace(PATTERN_GIVENNAME, institut); + template = template.replace(PATTERN_FAMILYNAME, ""); + + } else { + template = template.replace(PATTERN_GIVENNAME, givenname); + template = template.replace(PATTERN_FAMILYNAME, familyname); + } + + template = template.replace(PATTERN_OANAME, oaname); + + final SimpleDateFormat dateformat = new SimpleDateFormat("dd.MM.yyyy"); + template = template.replace(PATTERN_DATE, dateformat.format(new Date())); + + String verificationURL = config.getPublicUrlPreFix(null); + if (!verificationURL.endsWith("/")) { + verificationURL = verificationURL + "/"; + } + + template = template.replace(PATTERN_URL, verificationURL); + + sendMail(config, config.getMailOAActivationSubject(), + mailurl, template); + } + + public static void sendUserAccountRevocationMail(UserDatabase userdb) throws ConfigurationException { + final ConfigurationProvider config = ConfigurationProvider.getInstance(); + final String templateurl = config.getMailUserAcountRevocationTemplate(); + + String template = readTemplateFromURL(templateurl, config.getConfigRootDir()); + + if (userdb.isIsMandateUser() != null && userdb.isIsMandateUser()) { + template = template.replace(PATTERN_GIVENNAME, userdb.getInstitut()); + template = template.replace(PATTERN_FAMILYNAME, ""); + + } else { + template = template.replace(PATTERN_GIVENNAME, userdb.getGivenname()); + template = template.replace(PATTERN_FAMILYNAME, userdb.getFamilyname()); + } + + final SimpleDateFormat dateformat = new SimpleDateFormat("dd.MM.yyyy"); + template = template.replace(PATTERN_DATE, dateformat.format(new Date())); + + sendMail(config, config.getMailUserAcountActivationSubject(), + userdb.getMail(), template); + } + + private static String readTemplateFromURL(String templateurl, String rootDir) + throws ConfigurationException { + InputStream input; + try { + + final URL keystoreURL = new URL(FileUtils.makeAbsoluteURL(templateurl, rootDir)); + input = keystoreURL.openStream(); + final StringWriter writer = new StringWriter(); + IOUtils.copy(input, writer); + input.close(); + return writer.toString(); + + } catch (final Exception e) { + log.warn("Mailtemplate can not be read from source" + templateurl); + throw new ConfigurationException("Mailtemplate can not be read from source" + templateurl); + + } + } + + private static void sendMail(ConfigurationProvider config, String subject, String recipient, String content) + throws ConfigurationException { + try { + log.debug("Sending mail."); + MiscUtil.assertNotNull(subject, "subject"); + MiscUtil.assertNotNull(recipient, "recipient"); + MiscUtil.assertNotNull(content, "content"); + + final Properties props = new Properties(); + props.setProperty("mail.transport.protocol", "smtp"); + props.setProperty("mail.host", config.getSMTPMailHost()); + log.trace("Mail host: " + config.getSMTPMailHost()); + if (config.getSMTPMailPort() != null) { + log.trace("Mail port: " + config.getSMTPMailPort()); + props.setProperty("mail.port", config.getSMTPMailPort()); + } + if (config.getSMTPMailUsername() != null) { + log.trace("Mail user: " + config.getSMTPMailUsername()); + props.setProperty("mail.user", config.getSMTPMailUsername()); + } + if (config.getSMTPMailPassword() != null) { + log.trace("Mail password: " + config.getSMTPMailPassword()); + props.setProperty("mail.password", config.getSMTPMailPassword()); + } + + final Session mailSession = Session.getDefaultInstance(props, null); + final Transport transport = mailSession.getTransport(); + + final MimeMessage message = new MimeMessage(mailSession); + message.setSubject(subject); + log.trace("Mail from: " + config.getMailFromName() + "/" + config.getMailFromAddress()); + message.setFrom(new InternetAddress(config.getMailFromAddress(), config.getMailFromName())); + log.trace("Recipient: " + recipient); + message.addRecipient(Message.RecipientType.TO, new InternetAddress(recipient)); + + log.trace("Creating multipart content of mail."); + final MimeMultipart multipart = new MimeMultipart("related"); + + log.trace("Adding first part (html)"); + final BodyPart messageBodyPart = new MimeBodyPart(); + messageBodyPart.setContent(content, "text/html; charset=ISO-8859-15"); + multipart.addBodyPart(messageBodyPart); + // log.trace("Adding mail images"); // messageBodyPart = new MimeBodyPart(); // for (Image image : images) { @@ -257,20 +262,20 @@ public class MailHelper { // messageBodyPart.setHeader("Content-ID", "<" + image.getContentId() + ">"); // multipart.addBodyPart(messageBodyPart); // } - - message.setContent(multipart); - transport.connect(); - log.trace("Sending mail message."); - transport.sendMessage(message, message.getRecipients(Message.RecipientType.TO)); - log.trace("Successfully sent."); - transport.close(); - - } catch(MessagingException e) { - throw new ConfigurationException(e); - - } catch (UnsupportedEncodingException e) { - throw new ConfigurationException(e); - - } - } + + message.setContent(multipart); + transport.connect(); + log.trace("Sending mail message."); + transport.sendMessage(message, message.getRecipients(Message.RecipientType.TO)); + log.trace("Successfully sent."); + transport.close(); + + } catch (final MessagingException e) { + throw new ConfigurationException(e); + + } catch (final UnsupportedEncodingException e) { + throw new ConfigurationException(e); + + } + } } diff --git a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/helper/StringHelper.java b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/helper/StringHelper.java index 53afa59a0..be4cab9d7 100644 --- a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/helper/StringHelper.java +++ b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/helper/StringHelper.java @@ -26,37 +26,35 @@ import java.io.UnsupportedEncodingException; public class StringHelper { - public static String formatText(String strGivenText) - { - StringBuffer sbFormattedText = new StringBuffer(strGivenText); - - for(int i=0; i formList; - protected long oaid = -1; - - private String oaidobj; - private boolean newOA; - private boolean isMetaDataRefreshRequired = false; - - private InputStream stream = null; - - - - /** - * - */ - public BasicOAAction() { - super(); - - formList = new LinkedHashMap(); - - OAGeneralConfig generalOA = new OAGeneralConfig(); - formList.put(generalOA.getName(), generalOA); - - } - - protected OnlineApplication populateOnlineApplicationFromRequest() throws BasicOAActionException{ - if (!ValidationHelper.validateOAID(oaidobj)) { - throw new BasicOAActionException( - LanguageHelper.getErrorString("errors.edit.oa.oaid", request), - Constants.STRUTS_ERROR); - + private static final long serialVersionUID = 5676123696807646246L; + + protected LinkedHashMap formList; + protected long oaid = -1; + + private String oaidobj; + private boolean newOA; + private boolean isMetaDataRefreshRequired = false; + + private InputStream stream = null; + + /** + * + */ + public BasicOAAction() { + super(); + + formList = new LinkedHashMap<>(); + + final OAGeneralConfig generalOA = new OAGeneralConfig(); + formList.put(generalOA.getName(), generalOA); + + } + + protected OnlineApplication populateOnlineApplicationFromRequest() throws BasicOAActionException { + if (!ValidationHelper.validateOAID(oaidobj)) { + throw new BasicOAActionException( + LanguageHelper.getErrorString("errors.edit.oa.oaid", request), + Constants.STRUTS_ERROR); + + } + oaid = Long.valueOf(oaidobj); + + UserDatabase userdb = null; + OnlineApplication onlineapplication = null; + + if (authUser.isAdmin()) { + onlineapplication = configuration.getDbRead().getOnlineApplication(oaid); + } else { + userdb = configuration.getUserManagement().getUserWithID(authUser.getUserID()); + + if (!authUser.isAdmin() && userdb.isIsMailAddressVerified() != null && !userdb + .isIsMailAddressVerified()) { + log.info("Online-Applikation managemant disabled. Mail address is not verified."); + throw new BasicOAActionException( + LanguageHelper.getErrorString("error.editoa.mailverification", request), + Constants.STRUTS_SUCCESS); + + } + + // TODO: change to direct Database operation + final List oas = userdb.getOnlineApplication(); + for (final String oa : oas) { + if (oa.equals(oaid)) { + onlineapplication = configuration.getDbRead().getOnlineApplication(oaid); + break; } - oaid = Long.valueOf(oaidobj); + } + if (onlineapplication == null) { + throw new BasicOAActionException( + LanguageHelper.getErrorString("errors.edit.oa.oaid", request), + Constants.STRUTS_ERROR); + } + } - UserDatabase userdb = null; - OnlineApplication onlineapplication = null; + return onlineapplication; - if (authUser.isAdmin()) - onlineapplication = configuration.getDbRead().getOnlineApplication(oaid); + } - else { - userdb = configuration.getUserManagement().getUserWithID(authUser.getUserID()); + protected void populateBasicNewOnlineApplicationInformation() { + session.setAttribute(Constants.SESSION_OAID, null); - if (!authUser.isAdmin() && userdb.isIsMailAddressVerified() != null && !userdb.isIsMailAddressVerified()) { - log.info("Online-Applikation managemant disabled. Mail address is not verified."); - throw new BasicOAActionException( - LanguageHelper.getErrorString("error.editoa.mailverification", request), - Constants.STRUTS_SUCCESS); + setNewOA(true); - } + formID = Random.nextRandom(); + session.setAttribute(Constants.SESSION_FORMID, formID); + session.setAttribute(Constants.SESSION_BKUFORMPREVIEW, null); + } - // TODO: change to direct Database operation - List oas = userdb.getOnlineApplication(); - for (String oa : oas) { - if (oa.equals(oaid)) { - onlineapplication = configuration.getDbRead().getOnlineApplication(oaid); - break; - } - } - if (onlineapplication == null) { - throw new BasicOAActionException( - LanguageHelper.getErrorString("errors.edit.oa.oaid", request), - Constants.STRUTS_ERROR); - } + protected OnlineApplication postProcessSaveOnlineApplication(OnlineApplication onlineapplication, + boolean persistOA) throws BasicOAActionException { + if (onlineapplication == null) { + onlineapplication = new OnlineApplication(); + onlineapplication.setIsNew(true); + onlineapplication.setIsActive(false); + + if (!authUser.isAdmin()) { + onlineapplication.setIsAdminRequired(true); + + } else { + isMetaDataRefreshRequired = true; + } + + } else { + onlineapplication.setIsNew(false); + if (!authUser.isAdmin() && !onlineapplication.getPublicURLPrefix().equals(getGeneralOA() + .getIdentifier())) { + + onlineapplication.setIsAdminRequired(true); + onlineapplication.setIsActive(false); + log.info("User with ID " + authUser.getUserID() + + " change OA-PublicURLPrefix. Reaktivation is required."); + } + + } + + if (onlineapplication.isIsAdminRequired() == null + || authUser.isAdmin() && getGeneralOA().isActive() && onlineapplication.isIsAdminRequired()) { + + onlineapplication.setIsAdminRequired(false); + isMetaDataRefreshRequired = true; + + UserDatabase userdb = null; + if (onlineapplication.getHjid() != null) { + userdb = configuration.getUserManagement().getUsersWithOADBID(onlineapplication.getHjid()); + } + + if (userdb != null && !userdb.isIsAdmin()) { + try { + MailHelper.sendUserOnlineApplicationActivationMail(userdb.getGivenname(), userdb.getFamilyname(), + userdb.getInstitut(), onlineapplication.getPublicURLPrefix(), userdb.getMail()); + } catch (final ConfigurationException e) { + log.warn("Sending Mail to User " + userdb.getMail() + " failed", e); } - - return onlineapplication; - - } - - protected void populateBasicNewOnlineApplicationInformation() { - session.setAttribute(Constants.SESSION_OAID, null); - - setNewOA(true); - - formID = Random.nextRandom(); - session.setAttribute(Constants.SESSION_FORMID, formID); - session.setAttribute(Constants.SESSION_BKUFORMPREVIEW, null); + } + } + + // save OA configuration + final String error = saveOAConfigToDatabase(onlineapplication, persistOA); + if (MiscUtil.isNotEmpty(error)) { + log.warn("OA configuration can not be stored!"); + addActionError(error); + + formID = Random.nextRandom(); + session.setAttribute(Constants.SESSION_FORMID, formID); + + throw new BasicOAActionException(error, Constants.STRUTS_ERROR_VALIDATION); } - - protected OnlineApplication postProcessSaveOnlineApplication(OnlineApplication onlineapplication, boolean persistOA) throws BasicOAActionException { - if (onlineapplication == null) { - onlineapplication = new OnlineApplication(); - onlineapplication.setIsNew(true); - onlineapplication.setIsActive(false); - - if (!authUser.isAdmin()) { - onlineapplication.setIsAdminRequired(true); - - } else - isMetaDataRefreshRequired = true; - - } else { - onlineapplication.setIsNew(false); - if (!authUser.isAdmin() && !onlineapplication.getPublicURLPrefix().equals(getGeneralOA().getIdentifier())) { - - onlineapplication.setIsAdminRequired(true); - onlineapplication.setIsActive(false); - log.info("User with ID " + authUser.getUserID() + " change OA-PublicURLPrefix. Reaktivation is required."); - } - - } - - if ((onlineapplication.isIsAdminRequired() == null) - || (authUser.isAdmin() && getGeneralOA().isActive() && onlineapplication.isIsAdminRequired())) { - - onlineapplication.setIsAdminRequired(false); - isMetaDataRefreshRequired = true; - - UserDatabase userdb = null; - if (onlineapplication.getHjid() != null) - userdb = configuration.getUserManagement().getUsersWithOADBID(onlineapplication.getHjid()); - - if (userdb != null && !userdb.isIsAdmin()) { - try { - MailHelper.sendUserOnlineApplicationActivationMail(userdb.getGivenname(), userdb.getFamilyname(), - userdb.getInstitut(), onlineapplication.getPublicURLPrefix(), userdb.getMail()); - } catch (ConfigurationException e) { - log.warn("Sending Mail to User " + userdb.getMail() + " failed", e); - } - } - } - - //save OA configuration - String error = saveOAConfigToDatabase(onlineapplication, persistOA); - if (MiscUtil.isNotEmpty(error)) { - log.warn("OA configuration can not be stored!"); - addActionError(error); - - formID = Random.nextRandom(); - session.setAttribute(Constants.SESSION_FORMID, formID); - - throw new BasicOAActionException(error, Constants.STRUTS_ERROR_VALIDATION); - } // //set metadata reload flag if reload is required -// +// // if (getPvp2OA() != null && getPvp2OA().getMetaDataURL() != null) { // // try { @@ -234,290 +237,302 @@ public class BasicOAAction extends BasicAction { // } // // } - - return onlineapplication; - } - - protected OnlineApplication preProcessSaveOnlineApplication() throws BasicOAActionException { - try { - Object formidobj = session.getAttribute(Constants.SESSION_FORMID); - if (formidobj != null && formidobj instanceof String) { - String formid = (String) formidobj; - if (!formid.equals(formID)) { - throw new BasicOAActionException( - "FormIDs does not match. Some suspect Form is received from user " + authUser.getFamilyName() - + authUser.getGivenName() + authUser.getUserID(), - Constants.STRUTS_ERROR); - } - } else { - throw new BasicOAActionException( - "FormIDs does not match. Some suspect Form is received from user " + authUser.getFamilyName() - + authUser.getGivenName() + authUser.getUserID(), - Constants.STRUTS_ERROR); - - } - session.setAttribute(Constants.SESSION_FORMID, null); - - UserDatabase userdb = configuration.getUserManagement().getUserWithID(authUser.getUserID()); - if (!authUser.isAdmin() && userdb.isIsMailAddressVerified() != null && !userdb.isIsMailAddressVerified()) { - log.info("Online-Applikation managemant disabled. Mail address is not verified."); - throw new BasicOAActionException( - LanguageHelper.getErrorString("error.editoa.mailverification", request), - Constants.STRUTS_SUCCESS); - } - - OnlineApplication onlineapplication = null; - - Long oaid = getOAIDFromSession(); - - // valid DBID and check entry - OAGeneralConfig oaGeneralForm = ((OAGeneralConfig)formList.get(new OAGeneralConfig().getName())); - String oaidentifier = oaGeneralForm.getIdentifier(); - if (MiscUtil.isEmpty(oaidentifier)) { - log.info("Empty OA identifier"); - throw new BasicOAActionException( - LanguageHelper.getErrorString("validation.general.oaidentifier.empty", request), - Constants.STRUTS_ERROR_VALIDATION); - - } else { - - if (!ValidationHelper.validateURL(oaidentifier)) { - log.warn("OnlineapplikationIdentifier is not a valid URL: " + oaidentifier); - throw new BasicOAActionException( - LanguageHelper.getErrorString("validation.general.oaidentifier.valid", - new Object[]{ValidationHelper.getNotValidOAIdentifierCharacters()}, request), - Constants.STRUTS_ERROR_VALIDATION); - - } else { - - if (oaid == -1) { - List oaList = configuration.getDbRead().getAllOnlineApplications(); - - if (oaList != null) { - for (OnlineApplication el : oaList) { - if (el.getPublicURLPrefix().startsWith(oaidentifier) ) - onlineapplication = el; - - } - } - - if (onlineapplication == null) { - onlineapplication = configuration.getDbRead().getOnlineApplication(oaidentifier); - - } - - if (onlineapplication != null) { - log.info("The OAIdentifier is not unique"); - throw new BasicOAActionException( - LanguageHelper.getErrorString( - "validation.general.oaidentifier.notunique", - new Object[]{onlineapplication.getPublicURLPrefix()}, - request), - Constants.STRUTS_ERROR_VALIDATION); - - } else - setNewOA(true); - - } else { - onlineapplication = configuration.getDbRead().getOnlineApplication(oaid); - if (!oaidentifier.equals(onlineapplication.getPublicURLPrefix())) { - - OnlineApplication dbOA = null; - List oaList = configuration.getDbRead().getAllOnlineApplications(); - for (OnlineApplication el : oaList) { - if (el.getPublicURLPrefix().startsWith(oaidentifier) ) - dbOA = el; - - } - if (dbOA == null) - dbOA = configuration.getDbRead().getOnlineApplication(oaidentifier); - - if ( (dbOA != null && !dbOA.getHjid().equals(oaid))) { - log.info("The OAIdentifier is not unique"); - throw new BasicOAActionException( - LanguageHelper.getErrorString( - "validation.general.oaidentifier.notunique", - new Object[]{dbOA.getPublicURLPrefix()}, - request), - Constants.STRUTS_ERROR_VALIDATION); - - } - } - } - } - } - - return onlineapplication; - - } catch (BasicOAActionException e) { - formID = Random.nextRandom(); - session.setAttribute(Constants.SESSION_FORMID, formID); - - throw e; - } - - } - - protected Long getOAIDFromSession() throws BasicOAActionException { - Object oadbid = request.getSession().getAttribute(Constants.SESSION_OAID); - Long oaid = (long) -1; - - if (oadbid != null) { - try { - oaid = (Long) oadbid; - if (oaid < 0 || oaid > Long.MAX_VALUE) { - throw new BasicOAActionException( - LanguageHelper.getErrorString("errors.edit.oa.oaid", request), - Constants.STRUTS_ERROR); + + return onlineapplication; + } + + protected OnlineApplication preProcessSaveOnlineApplication() throws BasicOAActionException { + try { + final Object formidobj = session.getAttribute(Constants.SESSION_FORMID); + if (formidobj != null && formidobj instanceof String) { + final String formid = (String) formidobj; + if (!formid.equals(formID)) { + throw new BasicOAActionException( + "FormIDs does not match. Some suspect Form is received from user " + authUser.getFamilyName() + + authUser.getGivenName() + authUser.getUserID(), + Constants.STRUTS_ERROR); + } + } else { + throw new BasicOAActionException( + "FormIDs does not match. Some suspect Form is received from user " + authUser.getFamilyName() + + authUser.getGivenName() + authUser.getUserID(), + Constants.STRUTS_ERROR); + + } + session.setAttribute(Constants.SESSION_FORMID, null); + + final UserDatabase userdb = configuration.getUserManagement().getUserWithID(authUser.getUserID()); + if (!authUser.isAdmin() && userdb.isIsMailAddressVerified() != null && !userdb + .isIsMailAddressVerified()) { + log.info("Online-Applikation managemant disabled. Mail address is not verified."); + throw new BasicOAActionException( + LanguageHelper.getErrorString("error.editoa.mailverification", request), + Constants.STRUTS_SUCCESS); + } + + OnlineApplication onlineapplication = null; + + final Long oaid = getOAIDFromSession(); + + // valid DBID and check entry + final OAGeneralConfig oaGeneralForm = (OAGeneralConfig) formList.get(new OAGeneralConfig().getName()); + final String oaidentifier = oaGeneralForm.getIdentifier(); + if (MiscUtil.isEmpty(oaidentifier)) { + log.info("Empty OA identifier"); + throw new BasicOAActionException( + LanguageHelper.getErrorString("validation.general.oaidentifier.empty", request), + Constants.STRUTS_ERROR_VALIDATION); + + } else { + + if (!ValidationHelper.validateURL(oaidentifier)) { + log.warn("OnlineapplikationIdentifier is not a valid URL: " + oaidentifier); + throw new BasicOAActionException( + LanguageHelper.getErrorString("validation.general.oaidentifier.valid", + new Object[] { ValidationHelper.getNotValidOAIdentifierCharacters() }, request), + Constants.STRUTS_ERROR_VALIDATION); + + } else { + + if (oaid == -1) { + final List oaList = configuration.getDbRead().getAllOnlineApplications(); + + if (oaList != null) { + for (final OnlineApplication el : oaList) { + if (el.getPublicURLPrefix().startsWith(oaidentifier)) { + onlineapplication = el; } - } catch (Throwable t) { - throw new BasicOAActionException( - LanguageHelper.getErrorString("errors.edit.oa.oaid", request), - Constants.STRUTS_ERROR); + } + } + + if (onlineapplication == null) { + onlineapplication = configuration.getDbRead().getOnlineApplication(oaidentifier); + } + + if (onlineapplication != null) { + log.info("The OAIdentifier is not unique"); + throw new BasicOAActionException( + LanguageHelper.getErrorString( + "validation.general.oaidentifier.notunique", + new Object[] { onlineapplication.getPublicURLPrefix() }, + request), + Constants.STRUTS_ERROR_VALIDATION); + + } else { + setNewOA(true); + } + + } else { + onlineapplication = configuration.getDbRead().getOnlineApplication(oaid); + if (!oaidentifier.equals(onlineapplication.getPublicURLPrefix())) { + + OnlineApplication dbOA = null; + final List oaList = configuration.getDbRead().getAllOnlineApplications(); + for (final OnlineApplication el : oaList) { + if (el.getPublicURLPrefix().startsWith(oaidentifier)) { + dbOA = el; + } + + } + if (dbOA == null) { + dbOA = configuration.getDbRead().getOnlineApplication(oaidentifier); + } + + if (dbOA != null && !dbOA.getHjid().equals(oaid)) { + log.info("The OAIdentifier is not unique"); + throw new BasicOAActionException( + LanguageHelper.getErrorString( + "validation.general.oaidentifier.notunique", + new Object[] { dbOA.getPublicURLPrefix() }, + request), + Constants.STRUTS_ERROR_VALIDATION); + + } + } + } } - - return oaid; + } + + return onlineapplication; + + } catch (final BasicOAActionException e) { + formID = Random.nextRandom(); + session.setAttribute(Constants.SESSION_FORMID, formID); + + throw e; } - - protected String preProcessDeleteOnlineApplication() throws BasicOAActionException { - try { - Object formidobj = session.getAttribute(Constants.SESSION_FORMID); - if (formidobj != null && formidobj instanceof String) { - String formid = (String) formidobj; - if (!formid.equals(formID)) { - log.warn("FormIDs does not match. Some suspect Form is received from user " + authUser.getFamilyName() - + authUser.getGivenName() + authUser.getUserID()); - throw new BasicOAActionException( - "FormIDs does not match. Some suspect Form is received from user " + authUser.getFamilyName() - + authUser.getGivenName() + authUser.getUserID(), - Constants.STRUTS_ERROR); - - } - } else { - log.warn("FormIDs does not match. Some suspect Form is received from user " + authUser.getFamilyName() - + authUser.getGivenName() + authUser.getUserID()); - throw new BasicOAActionException( - "FormIDs does not match. Some suspect Form is received from user " + authUser.getFamilyName() - + authUser.getGivenName() + authUser.getUserID(), - Constants.STRUTS_ERROR); - } - session.setAttribute(Constants.SESSION_FORMID, null); - - UserDatabase userdb = configuration.getUserManagement().getUserWithID(authUser.getUserID()); - if (!authUser.isAdmin() && userdb.isIsMailAddressVerified() != null && !userdb.isIsMailAddressVerified()) { - log.info("Online-Applikation managemant disabled. Mail address is not verified."); - throw new BasicOAActionException( - LanguageHelper.getErrorString("error.editoa.mailverification", request), - Constants.STRUTS_SUCCESS); - - } - - String oaidentifier = getGeneralOA().getIdentifier(); - if (MiscUtil.isEmpty(oaidentifier)) { - log.info("Empty OA identifier"); - formID = Random.nextRandom(); - session.setAttribute(Constants.SESSION_FORMID, formID); - - throw new BasicOAActionException( - LanguageHelper.getErrorString("validation.general.oaidentifier.empty", request), - Constants.STRUTS_ERROR_VALIDATION); - - } else { - if (ValidationHelper.isValidOAIdentifier(oaidentifier)) { - log.warn("IdentificationNumber contains potentail XSS characters: " + oaidentifier); - formID = Random.nextRandom(); - session.setAttribute(Constants.SESSION_FORMID, formID); - - throw new BasicOAActionException( - LanguageHelper.getErrorString("validation.general.oaidentifier.valid", - new Object[]{ValidationHelper.getNotValidOAIdentifierCharacters()}, request), - Constants.STRUTS_ERROR_VALIDATION); - } - } - - return oaidentifier; - - } catch (BasicOAActionException e) { - formID = Random.nextRandom(); - session.setAttribute(Constants.SESSION_FORMID, formID); - - throw e; - } + + } + + protected Long getOAIDFromSession() throws BasicOAActionException { + final Object oadbid = request.getSession().getAttribute(Constants.SESSION_OAID); + Long oaid = (long) -1; + + if (oadbid != null) { + try { + oaid = (Long) oadbid; + if (oaid < 0 || oaid > Long.MAX_VALUE) { + throw new BasicOAActionException( + LanguageHelper.getErrorString("errors.edit.oa.oaid", request), + Constants.STRUTS_ERROR); + } + + } catch (final Throwable t) { + throw new BasicOAActionException( + LanguageHelper.getErrorString("errors.edit.oa.oaid", request), + Constants.STRUTS_ERROR); + } } - - private String saveOAConfigToDatabase(OnlineApplication dboa, boolean persistOA) { - - for (IOnlineApplicationData form : formList.values()) - form.store(dboa, authUser, request); - - try { - if (dboa.isIsNew()) { - if (!authUser.isAdmin()) { - UserDatabase user = configuration.getUserManagement().getUserWithID(authUser.getUserID()); - List useroas = user.getOnlineApplication(); - if (useroas == null) useroas = new ArrayList(); + return oaid; + } + + protected String preProcessDeleteOnlineApplication() throws BasicOAActionException { + try { + final Object formidobj = session.getAttribute(Constants.SESSION_FORMID); + if (formidobj != null && formidobj instanceof String) { + final String formid = (String) formidobj; + if (!formid.equals(formID)) { + log.warn("FormIDs does not match. Some suspect Form is received from user " + authUser + .getFamilyName() + + authUser.getGivenName() + authUser.getUserID()); + throw new BasicOAActionException( + "FormIDs does not match. Some suspect Form is received from user " + authUser.getFamilyName() + + authUser.getGivenName() + authUser.getUserID(), + Constants.STRUTS_ERROR); - useroas.add(String.valueOf(dboa.getHjid())); - configuration.getUserManagement().saveOrUpdate(user); - - } else { - if (persistOA) - save(dboa); - - } - - } else - if (persistOA) - save(dboa); - - } catch (MOADatabaseException e) { - log.warn("Online-Application can not be stored.", e); - return LanguageHelper.getErrorString("error.db.oa.store", request); } + } else { + log.warn("FormIDs does not match. Some suspect Form is received from user " + authUser.getFamilyName() + + authUser.getGivenName() + authUser.getUserID()); + throw new BasicOAActionException( + "FormIDs does not match. Some suspect Form is received from user " + authUser.getFamilyName() + + authUser.getGivenName() + authUser.getUserID(), + Constants.STRUTS_ERROR); + } + session.setAttribute(Constants.SESSION_FORMID, null); + + final UserDatabase userdb = configuration.getUserManagement().getUserWithID(authUser.getUserID()); + if (!authUser.isAdmin() && userdb.isIsMailAddressVerified() != null && !userdb + .isIsMailAddressVerified()) { + log.info("Online-Applikation managemant disabled. Mail address is not verified."); + throw new BasicOAActionException( + LanguageHelper.getErrorString("error.editoa.mailverification", request), + Constants.STRUTS_SUCCESS); + + } + + final String oaidentifier = getGeneralOA().getIdentifier(); + if (MiscUtil.isEmpty(oaidentifier)) { + log.info("Empty OA identifier"); + formID = Random.nextRandom(); + session.setAttribute(Constants.SESSION_FORMID, formID); + + throw new BasicOAActionException( + LanguageHelper.getErrorString("validation.general.oaidentifier.empty", request), + Constants.STRUTS_ERROR_VALIDATION); - return null; + } else { + if (ValidationHelper.isValidOAIdentifier(oaidentifier)) { + log.warn("IdentificationNumber contains potentail XSS characters: " + oaidentifier); + formID = Random.nextRandom(); + session.setAttribute(Constants.SESSION_FORMID, formID); + + throw new BasicOAActionException( + LanguageHelper.getErrorString("validation.general.oaidentifier.valid", + new Object[] { ValidationHelper.getNotValidOAIdentifierCharacters() }, request), + Constants.STRUTS_ERROR_VALIDATION); + } + } + + return oaidentifier; + + } catch (final BasicOAActionException e) { + formID = Random.nextRandom(); + session.setAttribute(Constants.SESSION_FORMID, formID); + + throw e; + } + } + + private String saveOAConfigToDatabase(OnlineApplication dboa, boolean persistOA) { + + for (final IOnlineApplicationData form : formList.values()) { + form.store(dboa, authUser, request); } - - protected void save(OnlineApplication oa) throws MOADatabaseException { - try { - STORK storkConfig = null; - try { - MOAIDConfiguration moaidConfig = - ConfigurationProvider.getInstance().getDbRead().getMOAIDConfiguration(); - - storkConfig = moaidConfig.getAuthComponentGeneral().getForeignIdentities().getSTORK(); - - } catch (Exception e) { - - } - - log.debug("JaxB to Key/Value configuration transformation started ..."); - Map keyValueConfig = - ConfigurationMigrationUtils.convertHyberJaxBOnlineApplicationToKeyValue(oa, storkConfig); - - log.debug("JaxB to Key/Value configuration transformation finished. Start Key/Value storage process ..."); - - String serviceIdentifier = keyValueConfig.get(MOAIDConfigurationConstants.PREFIX_SERVICES); - if (MiscUtil.isEmpty(serviceIdentifier)) { - log.info("Use default ServiceIdentifier."); - serviceIdentifier = MOAIDConfigurationConstants.PREFIX_OA; - } - - if (oa.getHjid() == null) { - log.debug("No hjID -> find new Service ID ..."); - String hjID = configuration.getConfigModule().buildArrayIdentifier( - MOAIDConfigurationConstants.PREFIX_MOAID_SERVICES + "." + serviceIdentifier, 0, keyValueConfig); - log.debug("Find new hjID: " + hjID + " for service: " + oa.getPublicURLPrefix()); - oa.setHjid(Long.valueOf(hjID)); - - } else { - //TODO: work-around for old config tool and new key/value configuration - //see: NewConfigurationDBRead.java Line 81 + + try { + if (dboa.isIsNew()) { + if (!authUser.isAdmin()) { + final UserDatabase user = configuration.getUserManagement().getUserWithID(authUser.getUserID()); + + List useroas = user.getOnlineApplication(); + if (useroas == null) { + useroas = new ArrayList<>(); + } + + useroas.add(String.valueOf(dboa.getHjid())); + configuration.getUserManagement().saveOrUpdate(user); + + } else { + if (persistOA) { + save(dboa); + } + + } + + } else if (persistOA) { + save(dboa); + } + + } catch (final MOADatabaseException e) { + log.warn("Online-Application can not be stored.", e); + return LanguageHelper.getErrorString("error.db.oa.store", request); + } + + return null; + } + + protected void save(OnlineApplication oa) throws MOADatabaseException { + try { + STORK storkConfig = null; + try { + final MOAIDConfiguration moaidConfig = + ConfigurationProvider.getInstance().getDbRead().getMOAIDConfiguration(); + + storkConfig = moaidConfig.getAuthComponentGeneral().getForeignIdentities().getSTORK(); + + } catch (final Exception e) { + + } + + log.debug("JaxB to Key/Value configuration transformation started ..."); + final Map keyValueConfig = + ConfigurationMigrationUtils.convertHyberJaxBOnlineApplicationToKeyValue(oa, storkConfig); + + log.debug( + "JaxB to Key/Value configuration transformation finished. Start Key/Value storage process ..."); + + String serviceIdentifier = keyValueConfig.get(MOAIDConfigurationConstants.PREFIX_SERVICES); + if (MiscUtil.isEmpty(serviceIdentifier)) { + log.info("Use default ServiceIdentifier."); + serviceIdentifier = MOAIDConfigurationConstants.PREFIX_OA; + } + + if (oa.getHjid() == null) { + log.debug("No hjID -> find new Service ID ..."); + final String hjID = configuration.getConfigModule().buildArrayIdentifier( + MOAIDConfigurationConstants.PREFIX_MOAID_SERVICES + "." + serviceIdentifier, 0, keyValueConfig); + log.debug("Find new hjID: " + hjID + " for service: " + oa.getPublicURLPrefix()); + oa.setHjid(Long.valueOf(hjID)); + + } else { + // TODO: work-around for old config tool and new key/value configuration + // see: NewConfigurationDBRead.java Line 81 // if (oa.getHjid() > 1000000) { -// if (serviceIdentifier.equals(MOAIDConfigurationConstants.PREFIX_GATEWAY)) +// if (serviceIdentifier.equals(MOAIDConfigurationConstants.PREFIX_GATEWAY)) // oa.setHjid(oa.getHjid() - 1000000); // else if (serviceIdentifier.equals(MOAIDConfigurationConstants.PREFIX_IIDP)) // oa.setHjid(oa.getHjid() - 2000000); @@ -525,208 +540,210 @@ public class BasicOAAction extends BasicAction { // oa.setHjid(oa.getHjid() - 3000000); // else // log.warn("Inconsistent state found! Service Identifier for OA found but Hjid is > 1000000."); -// +// // } - - } - - Map absolutKeyValue = KeyValueUtils.makeKeysAbsolut( - keyValueConfig, - MOAIDConfigurationConstants.PREFIX_MOAID_SERVICES + "." + serviceIdentifier + "." + String.valueOf(oa.getHjid()), - MOAIDConfigurationConstants.PREFIX_MOAID_SERVICES); - - configuration.getConfigModule().storeChanges(absolutKeyValue, null, null); - - log.info("MOA-ID Service Key/Value configuration successfull stored."); - - - } catch (ConfigurationStorageException | at.gv.egiz.components.configuration.api.ConfigurationException e) { - log.warn("MOAID Configuration can not be stored in Database", e); - throw new MOADatabaseException(e.getMessage(), e); - - } - + + } + + final Map absolutKeyValue = KeyValueUtils.makeKeysAbsolut( + keyValueConfig, + MOAIDConfigurationConstants.PREFIX_MOAID_SERVICES + "." + serviceIdentifier + "." + String.valueOf( + oa.getHjid()), + MOAIDConfigurationConstants.PREFIX_MOAID_SERVICES); + + configuration.getConfigModule().storeChanges(absolutKeyValue, null, null); + + log.info("MOA-ID Service Key/Value configuration successfull stored."); + + } catch (ConfigurationStorageException + | at.gv.egiz.components.configuration.api.ConfigurationException e) { + log.warn("MOAID Configuration can not be stored in Database", e); + throw new MOADatabaseException(e.getMessage(), e); + } - - protected boolean delete(OnlineApplication onlineapplication) { - try { - log.debug("JaxB to Key/Value configuration transformation started ..."); - Map keyValueConfig = - ConfigurationMigrationUtils.convertHyberJaxBOnlineApplicationToKeyValue(onlineapplication, null); - - log.debug("JaxB to Key/Value configuration transformation finished. Start Key/Value storage process ..."); - - String serviceIdentifier = keyValueConfig.get(MOAIDConfigurationConstants.PREFIX_SERVICES); - if (MiscUtil.isEmpty(serviceIdentifier)) { - log.info("Use default ServiceIdentifier."); - serviceIdentifier = MOAIDConfigurationConstants.PREFIX_OA; - } - - String deleteServiceKey = - MOAIDConfigurationConstants.PREFIX_MOAID_SERVICES + "." + serviceIdentifier + "." + String.valueOf(onlineapplication.getHjid()) + ".*"; - - configuration.getConfigModule().storeChanges(null, null, Arrays.asList(new String[]{deleteServiceKey})); - - log.info("MOA-ID Service Key/Value configuration successfull stored."); - return true; - - } catch (ConfigurationStorageException e) { - log.warn("MOAID Configuration can not be stored in Database", e); - - } - - return false; - + + } + + protected boolean delete(OnlineApplication onlineapplication) { + try { + log.debug("JaxB to Key/Value configuration transformation started ..."); + final Map keyValueConfig = + ConfigurationMigrationUtils.convertHyberJaxBOnlineApplicationToKeyValue(onlineapplication, null); + + log.debug( + "JaxB to Key/Value configuration transformation finished. Start Key/Value storage process ..."); + + String serviceIdentifier = keyValueConfig.get(MOAIDConfigurationConstants.PREFIX_SERVICES); + if (MiscUtil.isEmpty(serviceIdentifier)) { + log.info("Use default ServiceIdentifier."); + serviceIdentifier = MOAIDConfigurationConstants.PREFIX_OA; + } + + final String deleteServiceKey = + MOAIDConfigurationConstants.PREFIX_MOAID_SERVICES + "." + serviceIdentifier + "." + String.valueOf( + onlineapplication.getHjid()) + ".*"; + + configuration.getConfigModule().storeChanges(null, null, Arrays.asList(new String[] { + deleteServiceKey })); + + log.info("MOA-ID Service Key/Value configuration successfull stored."); + return true; + + } catch (final ConfigurationStorageException e) { + log.warn("MOAID Configuration can not be stored in Database", e); + } - - public String bkuFramePreview() { - String preview = null; + return false; - try { - populateBasicInformations(); - - } catch (BasicActionException e) { - return Constants.STRUTS_ERROR; - - } - InputStream input = null; + } - try { - Object mapobj = session.getAttribute(Constants.SESSION_BKUFORMPREVIEW); - if (mapobj != null && mapobj instanceof Map) { - - ConfigurationProvider config = ConfigurationProvider.getInstance(); - String templateURL = config.getConfigRootDir() + ConfigurationProvider.HTMLTEMPLATE_DIR - + ConfigurationProvider.HTMLTEMPLATE_FILE; - - File file = new File(new URI(templateURL)); - input = new FileInputStream(file); - - String contextpath = config.getMOAIDInstanceURL(); - if (MiscUtil.isEmpty(contextpath)) { - log.info("NO MOA-ID instance URL configurated."); - input.close(); - throw new ConfigurationException("No MOA-ID instance configurated"); - - } - - //set parameters - Map params = (Map) mapobj; - params.put( - AbstractServiceProviderSpecificGUIFormBuilderConfiguration.PARAM_AUTHCONTEXT, - contextpath); - - request.setCharacterEncoding("UTF-8"); - String module = request.getParameter(Constants.REQUEST_FORMCUSTOM_MODULE); - String value = request.getParameter(Constants.REQUEST_FORMCUSTOM_VALUE); - - if (value != null) { - String[] query = URLDecoder.decode(request.getQueryString()).split("&"); - value = query[1].substring("value=".length()); - } + public String bkuFramePreview() { - synchronized (params) { - if (MiscUtil.isNotEmpty(module)) { - if (params.containsKey(module)) { - if (MiscUtil.isNotEmpty(value)) { - if (FormBuildUtils.PARAM_FONTFAMILY.contains(module) || FormBuildUtils.PARAM_HEADER_TEXT.contains(module) - || value.startsWith("#")) - params.put(module, value); - else - params.put(module, "#" + value); - - } else { - params.put(module, FormBuildUtils.getDefaultMap().get(module)); - } - } - } - } - - //write preview - VelocityEngine engine = VelocityProvider.getClassPathVelocityEngine(); - VelocityContext context = new VelocityContext(); - Iterator> interator = params.entrySet().iterator(); - while (interator.hasNext()) { - Entry el = interator.next(); - context.put(el.getKey(), el.getValue()); - - } - StringWriter writer = new StringWriter(); - engine.evaluate(context, writer, "BKUSelection_preview", - new BufferedReader(new InputStreamReader(input))); - stream = new ByteArrayInputStream(writer.toString().getBytes("UTF-8")); + String preview = null; - } else { - preview = LanguageHelper.getErrorString("error.bkuformpreview.notpossible", request); + try { + populateBasicInformations(); - } + } catch (final BasicActionException e) { + return Constants.STRUTS_ERROR; + + } + InputStream input = null; + + try { + final Object mapobj = session.getAttribute(Constants.SESSION_BKUFORMPREVIEW); + if (mapobj != null && mapobj instanceof Map) { + + final ConfigurationProvider config = ConfigurationProvider.getInstance(); + final String templateURL = config.getConfigRootDir() + ConfigurationProvider.HTMLTEMPLATE_DIR + + ConfigurationProvider.HTMLTEMPLATE_FILE; - } catch (Exception e) { - log.warn("BKUSelection Preview can not be generated.", e); - preview = LanguageHelper.getErrorString("error.bkuformpreview.notpossible", request); + final File file = new File(new URI(templateURL)); + input = new FileInputStream(file); + + final String contextpath = config.getMOAIDInstanceURL(); + if (MiscUtil.isEmpty(contextpath)) { + log.info("NO MOA-ID instance URL configurated."); + input.close(); + throw new ConfigurationException("No MOA-ID instance configurated"); } - if (stream == null && MiscUtil.isNotEmpty(preview)) { - try { - stream = new ByteArrayInputStream(preview.getBytes("UTF-8")); - - } catch (UnsupportedEncodingException e) { - e.printStackTrace(); - - } + // set parameters + final Map params = (Map) mapobj; + params.put( + AbstractGUIFormBuilderConfiguration.PARAM_AUTHCONTEXT, + contextpath); + + request.setCharacterEncoding("UTF-8"); + final String module = request.getParameter(Constants.REQUEST_FORMCUSTOM_MODULE); + String value = request.getParameter(Constants.REQUEST_FORMCUSTOM_VALUE); + + if (value != null) { + final String[] query = URLDecoder.decode(request.getQueryString()).split("&"); + value = query[1].substring("value=".length()); } - - - return Constants.STRUTS_SUCCESS; - } - - - /** - * @param oaidobj the oaidobj to set - */ - public void setOaidobj(String oaidobj) { - this.oaidobj = oaidobj; - } - - /** - * @return the newOA - */ - public boolean isNewOA() { - return newOA; - } - /** - * @param newOA the newOA to set - */ - public void setNewOA(boolean newOA) { - this.newOA = newOA; - } - - public OAGeneralConfig getGeneralOA() { - return (OAGeneralConfig) formList.get(new OAGeneralConfig().getName()); - } + synchronized (params) { + if (MiscUtil.isNotEmpty(module)) { + if (params.containsKey(module)) { + if (MiscUtil.isNotEmpty(value)) { + if (FormBuildUtils.PARAM_FONTFAMILY.contains(module) || FormBuildUtils.PARAM_HEADER_TEXT + .contains(module) + || value.startsWith("#")) { + params.put(module, value); + } else { + params.put(module, "#" + value); + } - public void setGeneralOA(OAGeneralConfig generalOA) { - formList.put(generalOA.getName(), generalOA); - } - - - public OAPVP2Config getPvp2OA() { - return (OAPVP2Config) formList.get(new OAPVP2Config().getName()); - } + } else { + params.put(module, FormBuildUtils.getDefaultMap().get(module)); + } + } + } + } + + // write preview + final VelocityEngine engine = VelocityProvider.getClassPathVelocityEngine(); + final VelocityContext context = new VelocityContext(); + final Iterator> interator = params.entrySet().iterator(); + while (interator.hasNext()) { + final Entry el = interator.next(); + context.put(el.getKey(), el.getValue()); + + } + final StringWriter writer = new StringWriter(); + engine.evaluate(context, writer, "BKUSelection_preview", + new BufferedReader(new InputStreamReader(input))); + stream = new ByteArrayInputStream(writer.toString().getBytes("UTF-8")); + + } else { + preview = LanguageHelper.getErrorString("error.bkuformpreview.notpossible", request); + + } + + } catch (final Exception e) { + log.warn("BKUSelection Preview can not be generated.", e); + preview = LanguageHelper.getErrorString("error.bkuformpreview.notpossible", request); - public void setPvp2OA(OAPVP2Config pvp2oa) { - formList.put(pvp2oa.getName(), pvp2oa); } - /** - * @return the stream - */ - public InputStream getStream() { - return stream; - } + if (stream == null && MiscUtil.isNotEmpty(preview)) { + try { + stream = new ByteArrayInputStream(preview.getBytes("UTF-8")); + + } catch (final UnsupportedEncodingException e) { + e.printStackTrace(); + + } + } + return Constants.STRUTS_SUCCESS; + } + + /** + * @param oaidobj the oaidobj to set + */ + public void setOaidobj(String oaidobj) { + this.oaidobj = oaidobj; + } + + /** + * @return the newOA + */ + public boolean isNewOA() { + return newOA; + } + + /** + * @param newOA the newOA to set + */ + public void setNewOA(boolean newOA) { + this.newOA = newOA; + } + + public OAGeneralConfig getGeneralOA() { + return (OAGeneralConfig) formList.get(new OAGeneralConfig().getName()); + } + + public void setGeneralOA(OAGeneralConfig generalOA) { + formList.put(generalOA.getName(), generalOA); + } + + public OAPVP2Config getPvp2OA() { + return (OAPVP2Config) formList.get(new OAPVP2Config().getName()); + } + + public void setPvp2OA(OAPVP2Config pvp2oa) { + formList.put(pvp2oa.getName(), pvp2oa); + } + + /** + * @return the stream + */ + public InputStream getStream() { + return stream; + } } diff --git a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/struts/action/EditGeneralConfigAction.java b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/struts/action/EditGeneralConfigAction.java index 8e057db0f..0992d7f1a 100644 --- a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/struts/action/EditGeneralConfigAction.java +++ b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/struts/action/EditGeneralConfigAction.java @@ -30,7 +30,6 @@ import java.util.Map; import java.util.Set; import org.apache.commons.lang3.StringUtils; -import org.apache.log4j.Logger; import at.gv.egiz.components.configuration.meta.api.ConfigurationStorageException; import at.gv.egiz.eaaf.core.impl.utils.KeyValueUtils; @@ -76,164 +75,160 @@ import at.gv.egovernment.moa.id.configuration.helper.StringHelper; import at.gv.egovernment.moa.id.configuration.validation.moaconfig.MOAConfigValidator; import at.gv.egovernment.moa.id.configuration.validation.moaconfig.StorkConfigValidator; import at.gv.egovernment.moa.util.MiscUtil; +import lombok.extern.slf4j.Slf4j; - +@Slf4j public class EditGeneralConfigAction extends BasicAction { - - private static final Logger log = Logger.getLogger(EditGeneralConfigAction.class); - private static final long serialVersionUID = 1L; - - private GeneralMOAIDConfig moaconfig; - private GeneralStorkConfig storkconfig; - - private String formID; - - public String loadConfig() { - try { - populateBasicInformations(); - - - } catch (BasicActionException e) { - return Constants.STRUTS_ERROR; - - } - - if (authUser.isAdmin()) { - - - MOAIDConfiguration dbconfig = configuration.getDbRead().getMOAIDConfiguration(); - - moaconfig = new GeneralMOAIDConfig(); - moaconfig.parse(dbconfig); - if (moaconfig == null) { - log.error("MOA configuration is null"); - } - if (moaconfig.isMoaidMode()) { - storkconfig = new GeneralStorkConfig(); - storkconfig.parse(dbconfig); - if (storkconfig == null) { - log.error("Stork configuration is null"); - } - } + private static final long serialVersionUID = 1L; + + private GeneralMOAIDConfig moaconfig; + private GeneralStorkConfig storkconfig; + + private String formID; + + public String loadConfig() { + try { + populateBasicInformations(); + + } catch (final BasicActionException e) { + return Constants.STRUTS_ERROR; + + } + + if (authUser.isAdmin()) { + + final MOAIDConfiguration dbconfig = configuration.getDbRead().getMOAIDConfiguration(); + + moaconfig = new GeneralMOAIDConfig(); + moaconfig.parse(dbconfig); + if (moaconfig == null) { + log.error("MOA configuration is null"); + } + + if (moaconfig.isMoaidMode()) { + storkconfig = new GeneralStorkConfig(); + storkconfig.parse(dbconfig); + if (storkconfig == null) { + log.error("Stork configuration is null"); + } + } + + formID = Random.nextRandom(); + session.setAttribute(Constants.SESSION_FORMID, formID); + + return Constants.STRUTS_SUCCESS; + + } else { + addActionError(LanguageHelper.getErrorString("errors.notallowed", request)); + return Constants.STRUTS_NOTALLOWED; + } + } + + public String saveConfig() { + try { + populateBasicInformations(); + + } catch (final BasicActionException e) { + return Constants.STRUTS_ERROR; + + } + + final Object formidobj = session.getAttribute(Constants.SESSION_FORMID); + if (formidobj != null && formidobj instanceof String) { + final String formid = (String) formidobj; + if (!formid.equals(formID)) { + log.warn("FormIDs does not match. Some suspect Form is received from user " + + authUser.getFamilyName() + authUser.getGivenName() + authUser.getUserID()); + return Constants.STRUTS_ERROR; + } + } else { + log.warn("FormIDs does not match. Some suspect Form is received from user " + + authUser.getFamilyName() + authUser.getGivenName() + authUser.getUserID()); + return Constants.STRUTS_ERROR; + } + session.setAttribute(Constants.SESSION_FORMID, null); + + boolean isMoaidMode = false; + try { + isMoaidMode = ConfigurationProvider.getInstance().isMOAIDMode(); + } catch (final ConfigurationException e) { + log.warn("Can NOT load configuration. Set 'moaidmode' to 'false'", e); + } + + if (authUser.isAdmin()) { + + final MOAConfigValidator validator = new MOAConfigValidator(); + + final List errors = validator.validate(moaconfig, request, isMoaidMode); + + if (isMoaidMode) { + errors.addAll(new StorkConfigValidator().validate(storkconfig, request)); + } + + if (errors.size() > 0) { + log.info("General MOA-ID configuration has some errors."); + for (final String el : errors) { + addActionError(el); + } + + if (moaconfig.getSecLayerTransformation() != null) { + session.setAttribute(Constants.SESSION_SLTRANSFORMATION, moaconfig.getSecLayerTransformation()); + } + + formID = Random.nextRandom(); + session.setAttribute(Constants.SESSION_FORMID, formID); + + return Constants.STRUTS_ERROR_VALIDATION; + + } else { + if (moaconfig.getSecLayerTransformation() == null && + session.getAttribute(Constants.SESSION_SLTRANSFORMATION) != null && + session.getAttribute(Constants.SESSION_SLTRANSFORMATION) instanceof Map) { + moaconfig.setSecLayerTransformation((Map) session.getAttribute( + Constants.SESSION_SLTRANSFORMATION)); + + } + } + + final String error = saveFormToDatabase(isMoaidMode); + if (error != null) { + log.warn("General MOA-ID config can not be stored in Database"); + + // set new formID + formID = Random.nextRandom(); + session.setAttribute(Constants.SESSION_FORMID, formID); + + addActionError(error); + return Constants.STRUTS_ERROR_VALIDATION; + } + + session.setAttribute(Constants.SESSION_SLTRANSFORMATION, null); + + } else { + addActionError(LanguageHelper.getErrorString("errors.notallowed", request)); + return Constants.STRUTS_NOTALLOWED; + } + + addActionMessage(LanguageHelper.getGUIString("webpages.moaconfig.save.success", request)); + return Constants.STRUTS_SUCCESS; + } + + public String back() { + try { + populateBasicInformations(); + + } catch (final BasicActionException e) { + return Constants.STRUTS_ERROR; + + } + + return Constants.STRUTS_SUCCESS; + } - - - formID = Random.nextRandom(); - session.setAttribute(Constants.SESSION_FORMID, formID); - - return Constants.STRUTS_SUCCESS; - - } else { - addActionError(LanguageHelper.getErrorString("errors.notallowed", request)); - return Constants.STRUTS_NOTALLOWED; - } - } - - public String saveConfig() { - try { - populateBasicInformations(); - - } catch (BasicActionException e) { - return Constants.STRUTS_ERROR; - - } - - Object formidobj = session.getAttribute(Constants.SESSION_FORMID); - if (formidobj != null && formidobj instanceof String) { - String formid = (String) formidobj; - if (!formid.equals(formID)) { - log.warn("FormIDs does not match. Some suspect Form is received from user " - + authUser.getFamilyName() + authUser.getGivenName() + authUser.getUserID()); - return Constants.STRUTS_ERROR; - } - } else { - log.warn("FormIDs does not match. Some suspect Form is received from user " - + authUser.getFamilyName() + authUser.getGivenName() + authUser.getUserID()); - return Constants.STRUTS_ERROR; - } - session.setAttribute(Constants.SESSION_FORMID, null); - - boolean isMoaidMode = false; - try { - isMoaidMode = ConfigurationProvider.getInstance().isMOAIDMode(); - } catch (ConfigurationException e) { - log.warn("Can NOT load configuration. Set 'moaidmode' to 'false'", e); - } - - if (authUser.isAdmin()) { - - MOAConfigValidator validator = new MOAConfigValidator(); - - List errors = validator.validate(moaconfig, request, isMoaidMode); - - if (isMoaidMode) - errors.addAll(new StorkConfigValidator().validate(storkconfig, request)); - - if (errors.size() > 0) { - log.info("General MOA-ID configuration has some errors."); - for (String el : errors) - addActionError(el); - - if (moaconfig.getSecLayerTransformation() != null) { - session.setAttribute(Constants.SESSION_SLTRANSFORMATION, moaconfig.getSecLayerTransformation()); - } - - formID = Random.nextRandom(); - session.setAttribute(Constants.SESSION_FORMID, formID); - - return Constants.STRUTS_ERROR_VALIDATION; - - } else { - if (moaconfig.getSecLayerTransformation() == null && - session.getAttribute(Constants.SESSION_SLTRANSFORMATION) != null && - session.getAttribute(Constants.SESSION_SLTRANSFORMATION) instanceof Map ) { - moaconfig.setSecLayerTransformation((Map) - session.getAttribute(Constants.SESSION_SLTRANSFORMATION)); - - } - } - - String error = saveFormToDatabase(isMoaidMode); - if (error != null) { - log.warn("General MOA-ID config can not be stored in Database"); - - //set new formID - formID = Random.nextRandom(); - session.setAttribute(Constants.SESSION_FORMID, formID); - - addActionError(error); - return Constants.STRUTS_ERROR_VALIDATION; - } - - session.setAttribute(Constants.SESSION_SLTRANSFORMATION, null); - - } else { - addActionError(LanguageHelper.getErrorString("errors.notallowed", request)); - return Constants.STRUTS_NOTALLOWED; - } - - - addActionMessage(LanguageHelper.getGUIString("webpages.moaconfig.save.success", request)); - return Constants.STRUTS_SUCCESS; - } - - public String back() { - try { - populateBasicInformations(); - - - } catch (BasicActionException e) { - return Constants.STRUTS_ERROR; - - } - - return Constants.STRUTS_SUCCESS; - } - - private String saveFormToDatabase(boolean isMoaidMode) { - - log.debug("Saving form to database"); + private String saveFormToDatabase(boolean isMoaidMode) { + + log.debug("Saving form to database"); // log.error("Saving form to db"); // log.info("SV frm db"); @@ -244,630 +239,649 @@ public class EditGeneralConfigAction extends BasicAction { // log.error(" SES PARAM: " + obj.toString()); // } - try { - log.error(" ASSERTION " + moaconfig.getTimeoutAssertion()); - } catch (Exception ex) { - ex.printStackTrace(); - } - - MOAIDConfiguration dbconfig = configuration.getDbRead().getMOAIDConfiguration(); - if (dbconfig == null) - dbconfig = new MOAIDConfiguration(); - - - AuthComponentGeneral dbauth = dbconfig.getAuthComponentGeneral(); - if (dbauth == null) { - dbauth = new AuthComponentGeneral(); - dbconfig.setAuthComponentGeneral(dbauth); - } - - GeneralConfiguration dbauthgeneral = dbauth.getGeneralConfiguration(); - if (dbauthgeneral == null) { - dbauthgeneral = new GeneralConfiguration(); - dbauth.setGeneralConfiguration(dbauthgeneral); - } - + try { + log.error(" ASSERTION " + moaconfig.getTimeoutAssertion()); + } catch (final Exception ex) { + ex.printStackTrace(); + } + + MOAIDConfiguration dbconfig = configuration.getDbRead().getMOAIDConfiguration(); + if (dbconfig == null) { + dbconfig = new MOAIDConfiguration(); + } + + AuthComponentGeneral dbauth = dbconfig.getAuthComponentGeneral(); + if (dbauth == null) { + dbauth = new AuthComponentGeneral(); + dbconfig.setAuthComponentGeneral(dbauth); + } + + GeneralConfiguration dbauthgeneral = dbauth.getGeneralConfiguration(); + if (dbauthgeneral == null) { + dbauthgeneral = new GeneralConfiguration(); + dbauth.setGeneralConfiguration(dbauthgeneral); + } + // GeneralConfiguration oldauthgeneral = null; // if (oldauth != null) // oldauthgeneral = oldauth.getGeneralConfiguration(); - - //set Public URL Prefix - String pubURLPrefix = moaconfig.getPublicURLPrefix(); - if (moaconfig.isVirtualPublicURLPrefixEnabled()) { - dbauthgeneral.setPublicURLPreFix( - KeyValueUtils.normalizeCSVValueString(pubURLPrefix)); - - } else { - if (pubURLPrefix.contains(KeyValueUtils.CSV_DELIMITER)) { - dbauthgeneral.setPublicURLPreFix( - pubURLPrefix.trim().substring(0, - pubURLPrefix.indexOf(KeyValueUtils.CSV_DELIMITER))); - - } else - dbauthgeneral.setPublicURLPreFix( - StringUtils.chomp(pubURLPrefix.trim())); - - } - - dbauthgeneral.setVirtualPublicURLPrefixEnabled( - moaconfig.isVirtualPublicURLPrefixEnabled()); - - + + // set Public URL Prefix + final String pubURLPrefix = moaconfig.getPublicURLPrefix(); + if (moaconfig.isVirtualPublicURLPrefixEnabled()) { + dbauthgeneral.setPublicURLPreFix( + KeyValueUtils.normalizeCSVValueString(pubURLPrefix)); + + } else { + if (pubURLPrefix.contains(KeyValueUtils.CSV_DELIMITER)) { + dbauthgeneral.setPublicURLPreFix( + pubURLPrefix.trim().substring(0, + pubURLPrefix.indexOf(KeyValueUtils.CSV_DELIMITER))); + + } else { + dbauthgeneral.setPublicURLPreFix( + StringUtils.chomp(pubURLPrefix.trim())); + } + + } + + dbauthgeneral.setVirtualPublicURLPrefixEnabled( + moaconfig.isVirtualPublicURLPrefixEnabled()); + // if (MiscUtil.isNotEmpty(moaconfig.getAlternativeSourceID())) // dbauthgeneral.setAlternativeSourceID(moaconfig.getAlternativeSourceID()); // else { // if (oldauthgeneral != null) // dbauthgeneral.setAlternativeSourceID(oldauthgeneral.getAlternativeSourceID()); // } - + // if (MiscUtil.isNotEmpty(moaconfig.getCertStoreDirectory())) // dbauthgeneral.setCertStoreDirectory(moaconfig.getCertStoreDirectory()); - - TimeOuts dbtimeouts = dbauthgeneral.getTimeOuts(); - if (dbtimeouts == null) { - dbtimeouts = new TimeOuts(); - dbauthgeneral.setTimeOuts(dbtimeouts); - } - if (MiscUtil.isEmpty(moaconfig.getTimeoutAssertion())) - dbtimeouts.setAssertion(BigInteger.valueOf(GeneralMOAIDConfig.DEFAULTTIMEOUTASSERTION)); - else - dbtimeouts.setAssertion(new BigInteger(moaconfig.getTimeoutAssertion())); - - if (MiscUtil.isEmpty(moaconfig.getTimeoutMOASessionCreated())) - dbtimeouts.setMOASessionCreated(BigInteger.valueOf(GeneralMOAIDConfig.DEFAULTTIMEOUTMOASESSIONCREATED)); - else - dbtimeouts.setMOASessionCreated(new BigInteger(moaconfig.getTimeoutMOASessionCreated())); - - if (MiscUtil.isEmpty(moaconfig.getTimeoutMOASessionUpdated())) - dbtimeouts.setMOASessionUpdated(BigInteger.valueOf(GeneralMOAIDConfig.DEFAULTTIMEOUTMOASESSIONUPDATED)); - else - dbtimeouts.setMOASessionUpdated(new BigInteger(moaconfig.getTimeoutMOASessionUpdated())); - - dbauthgeneral.setTrustManagerRevocationChecking(moaconfig.isTrustmanagerrevocationcheck()); - - - - Protocols dbprotocols = dbauth.getProtocols(); - if (dbprotocols == null) { - dbprotocols = new Protocols(); - dbauth.setProtocols(dbprotocols); - } - LegacyAllowed legprot = dbprotocols.getLegacyAllowed(); - if (legprot == null) { - legprot = new LegacyAllowed(); - dbprotocols.setLegacyAllowed(legprot); - } - - List el = legprot.getProtocolName(); - if (el == null) { - el = new ArrayList(); - legprot.setProtocolName(el); - - } - - //Workaround for DB cleaning is only needed for one or the releases (insert in 2.1.1) - if (el.size() > 2) - el.clear(); - - if (el.contains(Constants.MOA_CONFIG_PROTOCOL_PVP2)) { - if (!moaconfig.isLegacy_pvp2()) - el.remove(Constants.MOA_CONFIG_PROTOCOL_PVP2); - - } else { - if (moaconfig.isLegacy_pvp2()) - el.add(Constants.MOA_CONFIG_PROTOCOL_PVP2); - } - - if (el.contains(Constants.MOA_CONFIG_PROTOCOL_SAML1)) { - if (!moaconfig.isLegacy_saml1()) - el.remove(Constants.MOA_CONFIG_PROTOCOL_SAML1); - - } else { - if (moaconfig.isLegacy_saml1()) - el.add(Constants.MOA_CONFIG_PROTOCOL_SAML1); - } - - SAML1 saml1= dbprotocols.getSAML1(); - if (saml1 == null) { - saml1 = new SAML1(); - dbprotocols.setSAML1(saml1); - } - saml1.setIsActive(moaconfig.isProtocolActiveSAML1()); - - if (MiscUtil.isNotEmpty(moaconfig.getSaml1SourceID())) { - saml1.setSourceID(moaconfig.getSaml1SourceID()); - - } else { - if (MiscUtil.isNotEmpty(saml1.getSourceID())) - saml1.setSourceID(moaconfig.getSaml1SourceID()); - - } - - - OAuth oauth= dbprotocols.getOAuth(); - if (oauth == null) { - oauth = new OAuth(); - dbprotocols.setOAuth(oauth); - } - - PVP2 pvp2 = dbprotocols.getPVP2(); - if (pvp2 == null) { - pvp2 = new PVP2(); - dbprotocols.setPVP2(pvp2); - } - - if (isMoaidMode) { - oauth.setIsActive(moaconfig.isProtocolActiveOAuth()); - pvp2.setIsActive(moaconfig.isProtocolActivePVP21()); - - } - - if (MiscUtil.isNotEmpty(moaconfig.getPvp2IssuerName())) - pvp2.setIssuerName(moaconfig.getPvp2IssuerName()); + + TimeOuts dbtimeouts = dbauthgeneral.getTimeOuts(); + if (dbtimeouts == null) { + dbtimeouts = new TimeOuts(); + dbauthgeneral.setTimeOuts(dbtimeouts); + } + if (MiscUtil.isEmpty(moaconfig.getTimeoutAssertion())) { + dbtimeouts.setAssertion(BigInteger.valueOf(GeneralMOAIDConfig.DEFAULTTIMEOUTASSERTION)); + } else { + dbtimeouts.setAssertion(new BigInteger(moaconfig.getTimeoutAssertion())); + } + + if (MiscUtil.isEmpty(moaconfig.getTimeoutMOASessionCreated())) { + dbtimeouts.setMOASessionCreated(BigInteger.valueOf(GeneralMOAIDConfig.DEFAULTTIMEOUTMOASESSIONCREATED)); + } else { + dbtimeouts.setMOASessionCreated(new BigInteger(moaconfig.getTimeoutMOASessionCreated())); + } + + if (MiscUtil.isEmpty(moaconfig.getTimeoutMOASessionUpdated())) { + dbtimeouts.setMOASessionUpdated(BigInteger.valueOf(GeneralMOAIDConfig.DEFAULTTIMEOUTMOASESSIONUPDATED)); + } else { + dbtimeouts.setMOASessionUpdated(new BigInteger(moaconfig.getTimeoutMOASessionUpdated())); + } + + dbauthgeneral.setTrustManagerRevocationChecking(moaconfig.isTrustmanagerrevocationcheck()); + + Protocols dbprotocols = dbauth.getProtocols(); + if (dbprotocols == null) { + dbprotocols = new Protocols(); + dbauth.setProtocols(dbprotocols); + } + LegacyAllowed legprot = dbprotocols.getLegacyAllowed(); + if (legprot == null) { + legprot = new LegacyAllowed(); + dbprotocols.setLegacyAllowed(legprot); + } + + List el = legprot.getProtocolName(); + if (el == null) { + el = new ArrayList<>(); + legprot.setProtocolName(el); + + } + + // Workaround for DB cleaning is only needed for one or the releases (insert in + // 2.1.1) + if (el.size() > 2) { + el.clear(); + } + + if (el.contains(Constants.MOA_CONFIG_PROTOCOL_PVP2)) { + if (!moaconfig.isLegacy_pvp2()) { + el.remove(Constants.MOA_CONFIG_PROTOCOL_PVP2); + } + + } else { + if (moaconfig.isLegacy_pvp2()) { + el.add(Constants.MOA_CONFIG_PROTOCOL_PVP2); + } + } + + if (el.contains(Constants.MOA_CONFIG_PROTOCOL_SAML1)) { + if (!moaconfig.isLegacy_saml1()) { + el.remove(Constants.MOA_CONFIG_PROTOCOL_SAML1); + } + + } else { + if (moaconfig.isLegacy_saml1()) { + el.add(Constants.MOA_CONFIG_PROTOCOL_SAML1); + } + } + + SAML1 saml1 = dbprotocols.getSAML1(); + if (saml1 == null) { + saml1 = new SAML1(); + dbprotocols.setSAML1(saml1); + } + saml1.setIsActive(moaconfig.isProtocolActiveSAML1()); + + if (MiscUtil.isNotEmpty(moaconfig.getSaml1SourceID())) { + saml1.setSourceID(moaconfig.getSaml1SourceID()); + + } else { + if (MiscUtil.isNotEmpty(saml1.getSourceID())) { + saml1.setSourceID(moaconfig.getSaml1SourceID()); + } + + } + + OAuth oauth = dbprotocols.getOAuth(); + if (oauth == null) { + oauth = new OAuth(); + dbprotocols.setOAuth(oauth); + } + + PVP2 pvp2 = dbprotocols.getPVP2(); + if (pvp2 == null) { + pvp2 = new PVP2(); + dbprotocols.setPVP2(pvp2); + } + + if (isMoaidMode) { + oauth.setIsActive(moaconfig.isProtocolActiveOAuth()); + pvp2.setIsActive(moaconfig.isProtocolActivePVP21()); + + } + + if (MiscUtil.isNotEmpty(moaconfig.getPvp2IssuerName())) { + pvp2.setIssuerName(moaconfig.getPvp2IssuerName()); // if (MiscUtil.isNotEmpty(moaconfig.getPvp2PublicUrlPrefix())) // pvp2.setPublicURLPrefix(moaconfig.getPvp2PublicUrlPrefix()); - - Organization pvp2org = pvp2.getOrganization(); - if (pvp2org == null) { - pvp2org = new Organization(); - pvp2.setOrganization(pvp2org); - } - if (MiscUtil.isNotEmpty(moaconfig.getPvp2OrgDisplayName())) - pvp2org.setDisplayName(StringHelper.getUTF8String( - moaconfig.getPvp2OrgDisplayName())); - if (MiscUtil.isNotEmpty(moaconfig.getPvp2OrgName())) - pvp2org.setName(StringHelper.getUTF8String(moaconfig.getPvp2OrgName())); - if (MiscUtil.isNotEmpty(moaconfig.getPvp2OrgURL())) - pvp2org.setURL(moaconfig.getPvp2OrgURL()); - - List pvp2cont = pvp2.getContact(); - if (pvp2cont == null) { - pvp2cont = new ArrayList(); - pvp2.setContact(pvp2cont); - } - - if (pvp2cont.size() == 0) { - Contact cont = new Contact(); - pvp2cont.add(cont); - } - - Contact cont = pvp2cont.get(0); - if (MiscUtil.isNotEmpty(moaconfig.getPvp2Contact().getCompany())) - cont.setCompany(StringHelper.getUTF8String( - moaconfig.getPvp2Contact().getCompany())); - - if (MiscUtil.isNotEmpty(moaconfig.getPvp2Contact().getGivenname())) - cont.setGivenName(StringHelper.getUTF8String( - moaconfig.getPvp2Contact().getGivenname())); - - if (cont.getMail() != null && cont.getMail().size() > 0) - cont.getMail().set(0, moaconfig.getPvp2Contact().getMail()); - else - cont.setMail(Arrays.asList(moaconfig.getPvp2Contact().getMail())); - - if (cont.getPhone() != null && cont.getPhone().size() > 0) - cont.getPhone().set(0, moaconfig.getPvp2Contact().getPhone()); - else - cont.setPhone(Arrays.asList(moaconfig.getPvp2Contact().getPhone())); - - cont.setSurName(StringHelper.getUTF8String(moaconfig.getPvp2Contact().getSurname())); - if (MiscUtil.isNotEmpty(moaconfig.getPvp2Contact().getType())) - cont.setType(moaconfig.getPvp2Contact().getType()); - - - ChainingModes dbchainingmodes = dbconfig.getChainingModes(); - if (dbchainingmodes == null) { - dbchainingmodes = new ChainingModes(); - dbconfig.setChainingModes(dbchainingmodes); - } - - dbchainingmodes.setSystemDefaultMode( - ChainingModeType.fromValue("pkix")); - - - if (isMoaidMode) { - SSO dbsso = dbauth.getSSO(); - if (dbsso == null) { - dbsso = new SSO(); - dbauth.setSSO(dbsso); - } - - if (MiscUtil.isNotEmpty(moaconfig.getSsoFriendlyName())) - dbsso.setFriendlyName(StringHelper.getUTF8String( - moaconfig.getSsoFriendlyName())); - if (MiscUtil.isNotEmpty(moaconfig.getSsoSpecialText())) - dbsso.setSpecialText(StringHelper.getUTF8String( - moaconfig.getSsoSpecialText())); - // if (MiscUtil.isNotEmpty(moaconfig.getSsoPublicUrl())) - // dbsso.setPublicURL(moaconfig.getSsoPublicUrl()); - - if (MiscUtil.isNotEmpty(moaconfig.getSsoTarget())) { - - if (!ValidationHelper.isValidAdminTarget(moaconfig.getSsoTarget())) { - String num = moaconfig.getSsoTarget().replaceAll(" ", ""); - String pre = null; - if (num.startsWith(Constants.IDENIFICATIONTYPE_FN)) { - num = num.substring(Constants.IDENIFICATIONTYPE_FN.length()); - - num = at.gv.egovernment.moa.util.StringUtils.deleteLeadingZeros(num); - pre = Constants.IDENIFICATIONTYPE_FN; - } - - if (num.startsWith(Constants.IDENIFICATIONTYPE_ZVR)) { - num = num.substring(Constants.IDENIFICATIONTYPE_ZVR.length()); - pre = Constants.IDENIFICATIONTYPE_ZVR; - } - - if (num.startsWith(Constants.IDENIFICATIONTYPE_ERSB)){ - num = num.substring(Constants.IDENIFICATIONTYPE_ERSB.length()); - pre = Constants.IDENIFICATIONTYPE_ERSB; - } - - dbsso.setTarget(Constants.PREFIX_WPBK + pre + "+" + num); - - } else { - dbsso.setTarget(moaconfig.getSsoTarget()); - - } - } - // if (MiscUtil.isNotEmpty(moaconfig.getSsoIdentificationNumber())) { - // IdentificationNumber ssoid = dbsso.getIdentificationNumber(); - // if (ssoid == null) { - // ssoid = new IdentificationNumber(); - // dbsso.setIdentificationNumber(ssoid); - // } - // ssoid.setValue(moaconfig.getSsoIdentificationNumber()); - // } - - DefaultBKUs dbbkus = dbconfig.getDefaultBKUs(); - - if (dbbkus == null) { - dbbkus = new DefaultBKUs(); - dbconfig.setDefaultBKUs(dbbkus); - } - - if (MiscUtil.isNotEmpty(moaconfig.getDefaultBKUHandy())) - dbbkus.setHandyBKU(moaconfig.getDefaultBKUHandy()); - else - dbbkus.setHandyBKU(new String()); - - if (MiscUtil.isNotEmpty(moaconfig.getDefaultBKUOnline())) - dbbkus.setOnlineBKU(moaconfig.getDefaultBKUOnline()); - else - dbbkus.setOnlineBKU(new String()); - - if (MiscUtil.isNotEmpty(moaconfig.getDefaultBKULocal())) - dbbkus.setLocalBKU(moaconfig.getDefaultBKULocal()); - else - dbbkus.setLocalBKU(new String()); - - - - IdentityLinkSigners idlsigners = dbauth.getIdentityLinkSigners(); - if (idlsigners == null) { - idlsigners = new IdentityLinkSigners(); - dbauth.setIdentityLinkSigners(idlsigners); - } - - ForeignIdentities dbforeign = dbauth.getForeignIdentities(); - if (dbforeign == null) { - dbforeign = new ForeignIdentities(); - dbauth.setForeignIdentities(dbforeign); - } - - if (MiscUtil.isNotEmpty(moaconfig.getSzrgwURL())) { - ConnectionParameterClientAuthType forcon = dbforeign.getConnectionParameter(); - if (forcon == null) { - forcon = new ConnectionParameterClientAuthType(); - dbforeign.setConnectionParameter(forcon); - } - - if (KeyValueUtils.isCSVValueString(moaconfig.getSzrgwURL())) - forcon.setURL(KeyValueUtils.normalizeCSVValueString(moaconfig.getSzrgwURL())); - - else { - if (moaconfig.getSzrgwURL().contains(KeyValueUtils.CSV_DELIMITER)) - forcon.setURL( - moaconfig.getSzrgwURL().trim().substring(0, - moaconfig.getSzrgwURL().indexOf(KeyValueUtils.CSV_DELIMITER))); - - else - forcon.setURL( - StringUtils.chomp(moaconfig.getSzrgwURL().trim())); - - } - - } - - ForeignIdentities foreign = dbauth.getForeignIdentities(); - if (foreign != null) { - STORK stork = foreign.getSTORK(); - if (stork == null) { - stork = new STORK(); - foreign.setSTORK(stork); - - } - - try { - log.error("QAAAA " + storkconfig.getDefaultQaa()); - stork.setGeneral_eIDAS_LOA(storkconfig.getDefaultQaa()); - - if (storkconfig.getAttributes() != null) { - List dbStorkAttr = new ArrayList(); - stork.setAttributes(dbStorkAttr); - - - for (StorkAttribute attr : storkconfig.getAttributes()) { - if (attr != null && MiscUtil.isNotEmpty(attr.getName())) - dbStorkAttr.add(attr); - - else - log.info("Remove null or empty STORK attribute"); - } - - } else - stork.setAttributes((List) (new ArrayList())); - - if (storkconfig.getCpepslist() != null) { - List dbStorkCPEPS = new ArrayList(); - stork.setCPEPS(dbStorkCPEPS); - - for (CPEPS cpeps : storkconfig.getCpepslist()) { - if (cpeps != null && MiscUtil.isNotEmpty(cpeps.getURL()) && - MiscUtil.isNotEmpty(cpeps.getCountryCode())) { - - if (cpeps.getCountryCode().equals("CC") && - cpeps.getURL().equals("http://")) - log.info("Remove dummy STORK CPEPS entry."); - - else - dbStorkCPEPS.add(cpeps); - - } else - log.info("Remove null or emtpy STORK CPEPS configuration"); - } - - } else - stork.setCPEPS((List) (new ArrayList())); - - } catch (Exception e) { - e.printStackTrace(); - - } - - try{ - log.info("CPEPS LIST: " + storkconfig.getCpepslist().size() ); - log.trace("CPEPS 1:" + storkconfig.getCpepslist().get(0).getCountryCode() +storkconfig.getCpepslist().get(0).getURL()); - - } catch (Exception ex) { - log.info("CPEPS LIST is null"); - - } - } - - //write MIS Mandate-Service URLs - if (MiscUtil.isNotEmpty(moaconfig.getMandateURL())) { - OnlineMandates dbmandate = dbauth.getOnlineMandates(); - if (dbmandate == null) { - dbmandate = new OnlineMandates(); - dbauth.setOnlineMandates(dbmandate); - } - ConnectionParameterClientAuthType dbmandateconnection = dbmandate.getConnectionParameter(); - - if (dbmandateconnection == null) { - dbmandateconnection = new ConnectionParameterClientAuthType(); - dbmandate.setConnectionParameter(dbmandateconnection); - } - - if (KeyValueUtils.isCSVValueString(moaconfig.getMandateURL())) - dbmandateconnection.setURL(KeyValueUtils.normalizeCSVValueString(moaconfig.getMandateURL())); - - else { - if (moaconfig.getMandateURL().contains(KeyValueUtils.CSV_DELIMITER)) - dbmandateconnection.setURL( - moaconfig.getMandateURL().trim().substring(0, - moaconfig.getMandateURL().indexOf(KeyValueUtils.CSV_DELIMITER))); - - else - dbmandateconnection.setURL( - StringUtils.chomp(moaconfig.getMandateURL().trim())); - - } - } - - //write ELGA Mandate-Service URLs - if (MiscUtil.isNotEmpty(moaconfig.getElgaMandateServiceURL())) { - if (KeyValueUtils.isCSVValueString(moaconfig.getElgaMandateServiceURL())) - dbconfig.setElgaMandateServiceURLs(KeyValueUtils.normalizeCSVValueString(moaconfig.getElgaMandateServiceURL())); - - else { - if (moaconfig.getElgaMandateServiceURL().contains(KeyValueUtils.CSV_DELIMITER)) - dbconfig.setElgaMandateServiceURLs( - moaconfig.getElgaMandateServiceURL().trim().substring(0, - moaconfig.getElgaMandateServiceURL().indexOf(KeyValueUtils.CSV_DELIMITER))); - - else - dbconfig.setElgaMandateServiceURLs( - StringUtils.chomp(moaconfig.getElgaMandateServiceURL().trim())); - - } - } else - dbconfig.setElgaMandateServiceURLs(null); - } - - - //write E-ID System URLs - if (MiscUtil.isNotEmpty(moaconfig.getEidSystemServiceURL())) { - if (KeyValueUtils.isCSVValueString(moaconfig.getEidSystemServiceURL())) - dbconfig.setEidSystemServiceURLs(KeyValueUtils.normalizeCSVValueString(moaconfig.getEidSystemServiceURL())); - - else { - if (moaconfig.getEidSystemServiceURL().contains(KeyValueUtils.CSV_DELIMITER)) - dbconfig.setEidSystemServiceURLs( - moaconfig.getEidSystemServiceURL().trim().substring(0, - moaconfig.getEidSystemServiceURL().indexOf(KeyValueUtils.CSV_DELIMITER))); - - else - dbconfig.setEidSystemServiceURLs( - StringUtils.chomp(moaconfig.getEidSystemServiceURL().trim())); - - } - - } else - dbconfig.setEidSystemServiceURLs(null); - - - if (isMoaidMode) { - MOASP dbmoasp = dbauth.getMOASP(); - if (dbmoasp == null) { - dbmoasp = new MOASP(); - dbauth.setMOASP(dbmoasp); - } - if (MiscUtil.isNotEmpty(moaconfig.getMoaspssURL())) { - ConnectionParameterClientAuthType moaspcon = dbmoasp.getConnectionParameter(); - if (moaspcon == null) { - moaspcon = new ConnectionParameterClientAuthType(); - dbmoasp.setConnectionParameter(moaspcon); - } - moaspcon.setURL(moaconfig.getMoaspssURL()); - } - VerifyIdentityLink moaidl = dbmoasp.getVerifyIdentityLink(); - if (moaidl == null) { - moaidl = new VerifyIdentityLink(); - dbmoasp.setVerifyIdentityLink(moaidl); - } - moaidl.setTrustProfileID(moaconfig.getMoaspssIdlTrustProfile()); - moaidl.setTestTrustProfileID(moaconfig.getMoaspssIdlTrustProfileTest()); - - VerifyAuthBlock moaauth = dbmoasp.getVerifyAuthBlock(); - if (moaauth == null) { - moaauth = new VerifyAuthBlock(); - dbmoasp.setVerifyAuthBlock(moaauth); - } - moaauth.setTrustProfileID(moaconfig.getMoaspssAuthTrustProfile()); - moaauth.setTestTrustProfileID(moaconfig.getMoaspssAuthTrustProfileTest()); - - if (moaauth.getVerifyTransformsInfoProfileID() != null && - moaauth.getVerifyTransformsInfoProfileID().size() > 0) - moaauth.getVerifyTransformsInfoProfileID().set(0, moaconfig.getAuthTransformList().get(0)); - - else { - if (moaauth.getVerifyTransformsInfoProfileID() == null) { - moaauth.setVerifyTransformsInfoProfileID(new ArrayList()); - - } - moaauth.getVerifyTransformsInfoProfileID().add(moaconfig.getAuthTransformList().get(0)); - } - - SecurityLayer seclayertrans = dbauth.getSecurityLayer(); - if (seclayertrans == null) { - seclayertrans = new SecurityLayer(); - dbauth.setSecurityLayer(seclayertrans); - } - List trans = new ArrayList(); - Map moatrans = moaconfig.getSecLayerTransformation(); - if (moatrans != null) { - Set keys = moatrans.keySet(); - for (String key : keys) { - TransformsInfoType elem = new TransformsInfoType(); - elem.setFilename(key); - elem.setTransformation(moatrans.get(key)); - trans.add(elem); - } - } - if (trans.size() > 0) - seclayertrans.setTransformsInfo(trans); - - - SLRequestTemplates slrequesttempl = dbconfig.getSLRequestTemplates(); - if (slrequesttempl == null) { - slrequesttempl = new SLRequestTemplates(); - dbconfig.setSLRequestTemplates(slrequesttempl); - } - if (MiscUtil.isNotEmpty(moaconfig.getSLRequestTemplateHandy())) - slrequesttempl.setHandyBKU(moaconfig.getSLRequestTemplateHandy()); - if (MiscUtil.isNotEmpty(moaconfig.getSLRequestTemplateLocal())) - slrequesttempl.setLocalBKU(moaconfig.getSLRequestTemplateLocal()); - if (MiscUtil.isNotEmpty(moaconfig.getSLRequestTemplateOnline())) - slrequesttempl.setOnlineBKU(moaconfig.getSLRequestTemplateOnline()); - - } - - if (MiscUtil.isNotEmpty(moaconfig.getTrustedCACerts())) - dbconfig.setTrustedCACertificates(moaconfig.getTrustedCACerts()); - - //save config - try { - log.debug("JaxB to Key/Value configuration transformation started ..."); - Map keyValueConfig = - ConfigurationMigrationUtils.convertHyberJaxBMOAIDConfigToKeyValue(dbconfig); - - log.debug("JaxB to Key/Value configuration transformation finished. Start Key/Value storage process ..."); - - configuration.getConfigModule().storeChanges(keyValueConfig, null, null); - - log.info("General MOA-ID Key/Value configuration successfull stored."); - - - } catch (ConfigurationStorageException e) { - log.warn("MOAID Configuration can not be stored in Database", e); - return LanguageHelper.getErrorString("error.db.oa.store", request); - - } finally { - - - } - - return null; - } - - /** - * @return the moaconfig - */ - public GeneralMOAIDConfig getMoaconfig() { - return moaconfig; - } - - /** - * @param moaconfig the moaconfig to set - */ - public void setMoaconfig(GeneralMOAIDConfig moaconfig) { - this.moaconfig = moaconfig; - } - - /** - * Gets the storkconfig. - * - * @return the storkconfig - */ - public GeneralStorkConfig getStorkconfig() { - return storkconfig; - } - - /** - * Sets the storkconfig. - * - * @param storkconfig the new storkconfig - */ - public void setStorkconfig(GeneralStorkConfig storkconfig) { - this.storkconfig = storkconfig; - } - - /** - * @return the formID - */ - public String getFormID() { - return formID; - } - - /** - * @param formID the formID to set - */ - public void setFormID(String formID) { - this.formID = formID; - } - - - + } + + Organization pvp2org = pvp2.getOrganization(); + if (pvp2org == null) { + pvp2org = new Organization(); + pvp2.setOrganization(pvp2org); + } + if (MiscUtil.isNotEmpty(moaconfig.getPvp2OrgDisplayName())) { + pvp2org.setDisplayName(StringHelper.getUTF8String( + moaconfig.getPvp2OrgDisplayName())); + } + if (MiscUtil.isNotEmpty(moaconfig.getPvp2OrgName())) { + pvp2org.setName(StringHelper.getUTF8String(moaconfig.getPvp2OrgName())); + } + if (MiscUtil.isNotEmpty(moaconfig.getPvp2OrgURL())) { + pvp2org.setURL(moaconfig.getPvp2OrgURL()); + } + + List pvp2cont = pvp2.getContact(); + if (pvp2cont == null) { + pvp2cont = new ArrayList<>(); + pvp2.setContact(pvp2cont); + } + + if (pvp2cont.size() == 0) { + final Contact cont = new Contact(); + pvp2cont.add(cont); + } + + final Contact cont = pvp2cont.get(0); + if (MiscUtil.isNotEmpty(moaconfig.getPvp2Contact().getCompany())) { + cont.setCompany(StringHelper.getUTF8String( + moaconfig.getPvp2Contact().getCompany())); + } + + if (MiscUtil.isNotEmpty(moaconfig.getPvp2Contact().getGivenname())) { + cont.setGivenName(StringHelper.getUTF8String( + moaconfig.getPvp2Contact().getGivenname())); + } + + if (cont.getMail() != null && cont.getMail().size() > 0) { + cont.getMail().set(0, moaconfig.getPvp2Contact().getMail()); + } else { + cont.setMail(Arrays.asList(moaconfig.getPvp2Contact().getMail())); + } + + if (cont.getPhone() != null && cont.getPhone().size() > 0) { + cont.getPhone().set(0, moaconfig.getPvp2Contact().getPhone()); + } else { + cont.setPhone(Arrays.asList(moaconfig.getPvp2Contact().getPhone())); + } + + cont.setSurName(StringHelper.getUTF8String(moaconfig.getPvp2Contact().getSurname())); + if (MiscUtil.isNotEmpty(moaconfig.getPvp2Contact().getType())) { + cont.setType(moaconfig.getPvp2Contact().getType()); + } + + ChainingModes dbchainingmodes = dbconfig.getChainingModes(); + if (dbchainingmodes == null) { + dbchainingmodes = new ChainingModes(); + dbconfig.setChainingModes(dbchainingmodes); + } + + dbchainingmodes.setSystemDefaultMode( + ChainingModeType.fromValue("pkix")); + + if (isMoaidMode) { + SSO dbsso = dbauth.getSSO(); + if (dbsso == null) { + dbsso = new SSO(); + dbauth.setSSO(dbsso); + } + + if (MiscUtil.isNotEmpty(moaconfig.getSsoFriendlyName())) { + dbsso.setFriendlyName(StringHelper.getUTF8String( + moaconfig.getSsoFriendlyName())); + } + if (MiscUtil.isNotEmpty(moaconfig.getSsoSpecialText())) { + dbsso.setSpecialText(StringHelper.getUTF8String( + moaconfig.getSsoSpecialText())); + // if (MiscUtil.isNotEmpty(moaconfig.getSsoPublicUrl())) + // dbsso.setPublicURL(moaconfig.getSsoPublicUrl()); + } + + if (MiscUtil.isNotEmpty(moaconfig.getSsoTarget())) { + + if (!ValidationHelper.isValidAdminTarget(moaconfig.getSsoTarget())) { + String num = moaconfig.getSsoTarget().replaceAll(" ", ""); + String pre = null; + if (num.startsWith(Constants.IDENIFICATIONTYPE_FN)) { + num = num.substring(Constants.IDENIFICATIONTYPE_FN.length()); + + num = at.gv.egovernment.moa.util.StringUtils.deleteLeadingZeros(num); + pre = Constants.IDENIFICATIONTYPE_FN; + } + + if (num.startsWith(Constants.IDENIFICATIONTYPE_ZVR)) { + num = num.substring(Constants.IDENIFICATIONTYPE_ZVR.length()); + pre = Constants.IDENIFICATIONTYPE_ZVR; + } + + if (num.startsWith(Constants.IDENIFICATIONTYPE_ERSB)) { + num = num.substring(Constants.IDENIFICATIONTYPE_ERSB.length()); + pre = Constants.IDENIFICATIONTYPE_ERSB; + } + + dbsso.setTarget(Constants.PREFIX_WPBK + pre + "+" + num); + + } else { + dbsso.setTarget(moaconfig.getSsoTarget()); + + } + } + // if (MiscUtil.isNotEmpty(moaconfig.getSsoIdentificationNumber())) { + // IdentificationNumber ssoid = dbsso.getIdentificationNumber(); + // if (ssoid == null) { + // ssoid = new IdentificationNumber(); + // dbsso.setIdentificationNumber(ssoid); + // } + // ssoid.setValue(moaconfig.getSsoIdentificationNumber()); + // } + + DefaultBKUs dbbkus = dbconfig.getDefaultBKUs(); + + if (dbbkus == null) { + dbbkus = new DefaultBKUs(); + dbconfig.setDefaultBKUs(dbbkus); + } + + if (MiscUtil.isNotEmpty(moaconfig.getDefaultBKUHandy())) { + dbbkus.setHandyBKU(moaconfig.getDefaultBKUHandy()); + } else { + dbbkus.setHandyBKU(new String()); + } + + if (MiscUtil.isNotEmpty(moaconfig.getDefaultBKUOnline())) { + dbbkus.setOnlineBKU(moaconfig.getDefaultBKUOnline()); + } else { + dbbkus.setOnlineBKU(new String()); + } + + if (MiscUtil.isNotEmpty(moaconfig.getDefaultBKULocal())) { + dbbkus.setLocalBKU(moaconfig.getDefaultBKULocal()); + } else { + dbbkus.setLocalBKU(new String()); + } + + IdentityLinkSigners idlsigners = dbauth.getIdentityLinkSigners(); + if (idlsigners == null) { + idlsigners = new IdentityLinkSigners(); + dbauth.setIdentityLinkSigners(idlsigners); + } + + ForeignIdentities dbforeign = dbauth.getForeignIdentities(); + if (dbforeign == null) { + dbforeign = new ForeignIdentities(); + dbauth.setForeignIdentities(dbforeign); + } + + if (MiscUtil.isNotEmpty(moaconfig.getSzrgwURL())) { + ConnectionParameterClientAuthType forcon = dbforeign.getConnectionParameter(); + if (forcon == null) { + forcon = new ConnectionParameterClientAuthType(); + dbforeign.setConnectionParameter(forcon); + } + + if (KeyValueUtils.isCSVValueString(moaconfig.getSzrgwURL())) { + forcon.setURL(KeyValueUtils.normalizeCSVValueString(moaconfig.getSzrgwURL())); + } else { + if (moaconfig.getSzrgwURL().contains(KeyValueUtils.CSV_DELIMITER)) { + forcon.setURL( + moaconfig.getSzrgwURL().trim().substring(0, + moaconfig.getSzrgwURL().indexOf(KeyValueUtils.CSV_DELIMITER))); + } else { + forcon.setURL( + StringUtils.chomp(moaconfig.getSzrgwURL().trim())); + } + + } + + } + + final ForeignIdentities foreign = dbauth.getForeignIdentities(); + if (foreign != null) { + STORK stork = foreign.getSTORK(); + if (stork == null) { + stork = new STORK(); + foreign.setSTORK(stork); + + } + + try { + log.error("QAAAA " + storkconfig.getDefaultQaa()); + stork.setGeneral_eIDAS_LOA(storkconfig.getDefaultQaa()); + + if (storkconfig.getAttributes() != null) { + final List dbStorkAttr = new ArrayList<>(); + stork.setAttributes(dbStorkAttr); + + for (final StorkAttribute attr : storkconfig.getAttributes()) { + if (attr != null && MiscUtil.isNotEmpty(attr.getName())) { + dbStorkAttr.add(attr); + } else { + log.info("Remove null or empty STORK attribute"); + } + } + + } else { + stork.setAttributes(new ArrayList()); + } + + if (storkconfig.getCpepslist() != null) { + final List dbStorkCPEPS = new ArrayList<>(); + stork.setCPEPS(dbStorkCPEPS); + + for (final CPEPS cpeps : storkconfig.getCpepslist()) { + if (cpeps != null && MiscUtil.isNotEmpty(cpeps.getURL()) && + MiscUtil.isNotEmpty(cpeps.getCountryCode())) { + + if (cpeps.getCountryCode().equals("CC") && + cpeps.getURL().equals("http://")) { + log.info("Remove dummy STORK CPEPS entry."); + } else { + dbStorkCPEPS.add(cpeps); + } + + } else { + log.info("Remove null or emtpy STORK CPEPS configuration"); + } + } + + } else { + stork.setCPEPS(new ArrayList()); + } + + } catch (final Exception e) { + e.printStackTrace(); + + } + + try { + log.info("CPEPS LIST: " + storkconfig.getCpepslist().size()); + log.trace("CPEPS 1:" + storkconfig.getCpepslist().get(0).getCountryCode() + storkconfig + .getCpepslist().get(0).getURL()); + + } catch (final Exception ex) { + log.info("CPEPS LIST is null"); + + } + } + + // write MIS Mandate-Service URLs + if (MiscUtil.isNotEmpty(moaconfig.getMandateURL())) { + OnlineMandates dbmandate = dbauth.getOnlineMandates(); + if (dbmandate == null) { + dbmandate = new OnlineMandates(); + dbauth.setOnlineMandates(dbmandate); + } + ConnectionParameterClientAuthType dbmandateconnection = dbmandate.getConnectionParameter(); + + if (dbmandateconnection == null) { + dbmandateconnection = new ConnectionParameterClientAuthType(); + dbmandate.setConnectionParameter(dbmandateconnection); + } + + if (KeyValueUtils.isCSVValueString(moaconfig.getMandateURL())) { + dbmandateconnection.setURL(KeyValueUtils.normalizeCSVValueString(moaconfig.getMandateURL())); + } else { + if (moaconfig.getMandateURL().contains(KeyValueUtils.CSV_DELIMITER)) { + dbmandateconnection.setURL( + moaconfig.getMandateURL().trim().substring(0, + moaconfig.getMandateURL().indexOf(KeyValueUtils.CSV_DELIMITER))); + } else { + dbmandateconnection.setURL( + StringUtils.chomp(moaconfig.getMandateURL().trim())); + } + + } + } + + // write ELGA Mandate-Service URLs + if (MiscUtil.isNotEmpty(moaconfig.getElgaMandateServiceURL())) { + if (KeyValueUtils.isCSVValueString(moaconfig.getElgaMandateServiceURL())) { + dbconfig.setElgaMandateServiceURLs(KeyValueUtils.normalizeCSVValueString(moaconfig + .getElgaMandateServiceURL())); + } else { + if (moaconfig.getElgaMandateServiceURL().contains(KeyValueUtils.CSV_DELIMITER)) { + dbconfig.setElgaMandateServiceURLs( + moaconfig.getElgaMandateServiceURL().trim().substring(0, + moaconfig.getElgaMandateServiceURL().indexOf(KeyValueUtils.CSV_DELIMITER))); + } else { + dbconfig.setElgaMandateServiceURLs( + StringUtils.chomp(moaconfig.getElgaMandateServiceURL().trim())); + } + + } + } else { + dbconfig.setElgaMandateServiceURLs(null); + } + } + + // write E-ID System URLs + if (MiscUtil.isNotEmpty(moaconfig.getEidSystemServiceURL())) { + if (KeyValueUtils.isCSVValueString(moaconfig.getEidSystemServiceURL())) { + dbconfig.setEidSystemServiceURLs(KeyValueUtils.normalizeCSVValueString(moaconfig + .getEidSystemServiceURL())); + } else { + if (moaconfig.getEidSystemServiceURL().contains(KeyValueUtils.CSV_DELIMITER)) { + dbconfig.setEidSystemServiceURLs( + moaconfig.getEidSystemServiceURL().trim().substring(0, + moaconfig.getEidSystemServiceURL().indexOf(KeyValueUtils.CSV_DELIMITER))); + } else { + dbconfig.setEidSystemServiceURLs( + StringUtils.chomp(moaconfig.getEidSystemServiceURL().trim())); + } + + } + + } else { + dbconfig.setEidSystemServiceURLs(null); + } + + if (isMoaidMode) { + MOASP dbmoasp = dbauth.getMOASP(); + if (dbmoasp == null) { + dbmoasp = new MOASP(); + dbauth.setMOASP(dbmoasp); + } + if (MiscUtil.isNotEmpty(moaconfig.getMoaspssURL())) { + ConnectionParameterClientAuthType moaspcon = dbmoasp.getConnectionParameter(); + if (moaspcon == null) { + moaspcon = new ConnectionParameterClientAuthType(); + dbmoasp.setConnectionParameter(moaspcon); + } + moaspcon.setURL(moaconfig.getMoaspssURL()); + } + VerifyIdentityLink moaidl = dbmoasp.getVerifyIdentityLink(); + if (moaidl == null) { + moaidl = new VerifyIdentityLink(); + dbmoasp.setVerifyIdentityLink(moaidl); + } + moaidl.setTrustProfileID(moaconfig.getMoaspssIdlTrustProfile()); + moaidl.setTestTrustProfileID(moaconfig.getMoaspssIdlTrustProfileTest()); + + VerifyAuthBlock moaauth = dbmoasp.getVerifyAuthBlock(); + if (moaauth == null) { + moaauth = new VerifyAuthBlock(); + dbmoasp.setVerifyAuthBlock(moaauth); + } + moaauth.setTrustProfileID(moaconfig.getMoaspssAuthTrustProfile()); + moaauth.setTestTrustProfileID(moaconfig.getMoaspssAuthTrustProfileTest()); + + if (moaauth.getVerifyTransformsInfoProfileID() != null && + moaauth.getVerifyTransformsInfoProfileID().size() > 0) { + moaauth.getVerifyTransformsInfoProfileID().set(0, moaconfig.getAuthTransformList().get(0)); + } else { + if (moaauth.getVerifyTransformsInfoProfileID() == null) { + moaauth.setVerifyTransformsInfoProfileID(new ArrayList()); + + } + moaauth.getVerifyTransformsInfoProfileID().add(moaconfig.getAuthTransformList().get(0)); + } + + SecurityLayer seclayertrans = dbauth.getSecurityLayer(); + if (seclayertrans == null) { + seclayertrans = new SecurityLayer(); + dbauth.setSecurityLayer(seclayertrans); + } + final List trans = new ArrayList<>(); + final Map moatrans = moaconfig.getSecLayerTransformation(); + if (moatrans != null) { + final Set keys = moatrans.keySet(); + for (final String key : keys) { + final TransformsInfoType elem = new TransformsInfoType(); + elem.setFilename(key); + elem.setTransformation(moatrans.get(key)); + trans.add(elem); + } + } + if (trans.size() > 0) { + seclayertrans.setTransformsInfo(trans); + } + + SLRequestTemplates slrequesttempl = dbconfig.getSLRequestTemplates(); + if (slrequesttempl == null) { + slrequesttempl = new SLRequestTemplates(); + dbconfig.setSLRequestTemplates(slrequesttempl); + } + if (MiscUtil.isNotEmpty(moaconfig.getSLRequestTemplateHandy())) { + slrequesttempl.setHandyBKU(moaconfig.getSLRequestTemplateHandy()); + } + if (MiscUtil.isNotEmpty(moaconfig.getSLRequestTemplateLocal())) { + slrequesttempl.setLocalBKU(moaconfig.getSLRequestTemplateLocal()); + } + if (MiscUtil.isNotEmpty(moaconfig.getSLRequestTemplateOnline())) { + slrequesttempl.setOnlineBKU(moaconfig.getSLRequestTemplateOnline()); + } + + } + + if (MiscUtil.isNotEmpty(moaconfig.getTrustedCACerts())) { + dbconfig.setTrustedCACertificates(moaconfig.getTrustedCACerts()); + } + + // save config + try { + log.debug("JaxB to Key/Value configuration transformation started ..."); + final Map keyValueConfig = + ConfigurationMigrationUtils.convertHyberJaxBMOAIDConfigToKeyValue(dbconfig); + + log.debug( + "JaxB to Key/Value configuration transformation finished. Start Key/Value storage process ..."); + + configuration.getConfigModule().storeChanges(keyValueConfig, null, null); + + log.info("General MOA-ID Key/Value configuration successfull stored."); + + } catch (final ConfigurationStorageException e) { + log.warn("MOAID Configuration can not be stored in Database", e); + return LanguageHelper.getErrorString("error.db.oa.store", request); + + } finally { + + } + + return null; + } + + /** + * @return the moaconfig + */ + public GeneralMOAIDConfig getMoaconfig() { + return moaconfig; + } + + /** + * @param moaconfig the moaconfig to set + */ + public void setMoaconfig(GeneralMOAIDConfig moaconfig) { + this.moaconfig = moaconfig; + } + + /** + * Gets the storkconfig. + * + * @return the storkconfig + */ + public GeneralStorkConfig getStorkconfig() { + return storkconfig; + } + + /** + * Sets the storkconfig. + * + * @param storkconfig the new storkconfig + */ + public void setStorkconfig(GeneralStorkConfig storkconfig) { + this.storkconfig = storkconfig; + } + + /** + * @return the formID + */ + @Override + public String getFormID() { + return formID; + } + + /** + * @param formID the formID to set + */ + @Override + public void setFormID(String formID) { + this.formID = formID; + } } diff --git a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/struts/action/EditOAAction.java b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/struts/action/EditOAAction.java index 31126d14f..1ad6e7d6b 100644 --- a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/struts/action/EditOAAction.java +++ b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/struts/action/EditOAAction.java @@ -27,8 +27,6 @@ import java.util.HashMap; import java.util.List; import java.util.Map; -import org.apache.log4j.Logger; - import at.gv.egiz.eaaf.core.impl.utils.Random; import at.gv.egovernment.moa.id.auth.frontend.utils.FormBuildUtils; import at.gv.egovernment.moa.id.commons.db.dao.config.UserDatabase; @@ -53,505 +51,512 @@ import at.gv.egovernment.moa.id.configuration.exception.BasicActionException; import at.gv.egovernment.moa.id.configuration.exception.BasicOAActionException; import at.gv.egovernment.moa.id.configuration.helper.LanguageHelper; import at.gv.egovernment.moa.id.configuration.helper.MailHelper; +import lombok.extern.slf4j.Slf4j; +@Slf4j public class EditOAAction extends BasicOAAction { - private final Logger log = Logger.getLogger(EditOAAction.class); - private static final long serialVersionUID = 1L; - - private String nextPage; - - public EditOAAction() { - super(); - - OATargetConfiguration oaTarget = new OATargetConfiguration(); - formList.put(oaTarget.getName(), oaTarget); - - OAAuthenticationData authOA = new OAAuthenticationData(); - formList.put(authOA.getName(), authOA); - - OASAML1Config saml1OA = new OASAML1Config(); - formList.put(saml1OA.getName(), saml1OA); - - if (isMoaidMode) { - OABPKEncryption bPKEncDec = new OABPKEncryption(); - formList.put(bPKEncDec.getName(), bPKEncDec); - - OASSOConfig ssoOA = new OASSOConfig(); - formList.put(ssoOA.getName(), ssoOA); - - OAPVP2Config pvp2OA = new OAPVP2Config(); - formList.put(pvp2OA.getName(), pvp2OA); - - OAOAuth20Config oauth20OA = new OAOAuth20Config(); - formList.put(oauth20OA.getName(), oauth20OA); - - OASTORKConfig storkOA = new OASTORKConfig(); - formList.put(storkOA.getName(), storkOA); - - Map map = new HashMap(); - map.putAll(FormBuildUtils.getDefaultMap()); - FormularCustomization formOA = new FormularCustomization(map); - formList.put(formOA.getName(), formOA); - - OARevisionsLogData revisOA = new OARevisionsLogData(); - formList.put(revisOA.getName(), revisOA); - } - - } - - // STRUTS actions - public String inital() { - try { - populateBasicInformations(); - - OnlineApplication onlineapplication = populateOnlineApplicationFromRequest(); - - if (onlineapplication == null) { - addActionError(LanguageHelper.getErrorString( - "errors.listOAs.noOA", request)); - return Constants.STRUTS_SUCCESS; - } - - List errors = new ArrayList(); - for (IOnlineApplicationData form : formList.values()) { - List error = form.parse(onlineapplication, authUser, - request); - if (error != null) - errors.addAll(error); - } - if (errors.size() > 0) { - for (String el : errors) - addActionError(el); - } - - setNewOA(false); - - formID = Random.nextRandom(); - session.setAttribute(Constants.SESSION_FORMID, formID); - session.setAttribute(Constants.SESSION_OAID, oaid); - - return Constants.STRUTS_OA_EDIT; - - } catch (BasicActionException e) { - return Constants.STRUTS_ERROR; - - } catch (BasicOAActionException e) { - addActionError(e.getStrutsError()); - return e.getStrutsReturnValue(); - - } finally { - - } - } - - public String newOA() { - log.debug("insert new Online-Application"); - - try { - populateBasicInformations(); - - populateBasicNewOnlineApplicationInformation(); - - // prepare attribute helper list - ArrayList attributes = new ArrayList(); - - try { - for (StorkAttribute current : configuration.getDbRead() - .getMOAIDConfiguration().getAuthComponentGeneral() - .getForeignIdentities().getSTORK().getAttributes()) - attributes.add(new AttributeHelper(current)); - - - } catch (NullPointerException e) { - - } - - if (getStorkOA() != null) - getStorkOA().setHelperAttributes(attributes); - - UserDatabase userdb = configuration.getUserManagement().getUserWithID(authUser - .getUserID()); - - if (!authUser.isAdmin() && userdb.isIsMailAddressVerified() != null - && !userdb.isIsMailAddressVerified()) { - log.info("Online-Applikation managemant disabled. Mail address is not verified."); - addActionError(LanguageHelper.getErrorString( - "error.editoa.mailverification", request)); - return Constants.STRUTS_SUCCESS; - } - - if (formList.get(new OAOAuth20Config().getName()) != null) - session.setAttribute( - Constants.SESSION_OAUTH20SECRET, - ((OAOAuth20Config) formList.get(new OAOAuth20Config().getName())) - .getClientSecret()); - - if (getFormOA() != null) - session.setAttribute(Constants.SESSION_BKUFORMPREVIEW, getFormOA().getFormMap()); - - - nextPage = Constants.STRUTS_RETURNAREA_VALUES.main.name(); - - return Constants.STRUTS_OA_EDIT; - - } catch (BasicActionException e) { - return Constants.STRUTS_ERROR; - - } finally { - - } - } - - public String saveOA() { - - OnlineApplication onlineapplication = null; - - try { - populateBasicInformations(); - onlineapplication = preProcessSaveOnlineApplication(); - - List errors = new ArrayList(); - - // validate forms - for (IOnlineApplicationData form : formList.values()) - errors.addAll(form.validate(getGeneralOA(), authUser, request)); - - // Do not allow SSO in combination with special BKUSelection features - if (getSsoOA() != null && getSsoOA().isUseSSO() - && (getFormOA() != null && getFormOA().isOnlyMandateAllowed() || !getFormOA() - .isShowMandateLoginButton())) { - log.warn("Special BKUSelection features can not be used in combination with SSO"); - errors.add(LanguageHelper.getErrorString( - "validation.general.bkuselection.specialfeatures.valid", - request)); - } - - if (errors.size() > 0) { - log.info("OAConfiguration with ID " - + getGeneralOA().getIdentifier() + " has some errors."); - for (String el : errors) - addActionError(el); - - formID = Random.nextRandom(); - session.setAttribute(Constants.SESSION_FORMID, formID); - return Constants.STRUTS_ERROR_VALIDATION; - - } else { - try { - onlineapplication = postProcessSaveOnlineApplication(onlineapplication, true); - - } catch (BasicOAActionException e) { - addActionError(e.getStrutsError()); - return e.getStrutsReturnValue(); - } - - } - - Object nextPageAttr = session - .getAttribute(Constants.SESSION_RETURNAREA); - if (nextPageAttr != null && nextPageAttr instanceof String) { - nextPage = (String) nextPageAttr; - session.setAttribute(Constants.SESSION_RETURNAREA, null); - - } else { - nextPage = Constants.STRUTS_RETURNAREA_VALUES.main.name(); - } - - if (onlineapplication.isIsAdminRequired()) { - int numoas = 0; - int numusers = 0; - - List openOAs = configuration.getDbRead() - .getAllNewOnlineApplications(); - if (openOAs != null) - numoas = openOAs.size(); - - List openUsers = configuration.getUserManagement().getAllNewUsers(); - if (openUsers != null) - numusers = openUsers.size(); - try { - - addActionMessage(LanguageHelper.getGUIString( - "webpages.oaconfig.success.admin", getGeneralOA() - .getIdentifier(), request)); - - if (numusers > 0 || numoas > 0) - MailHelper.sendAdminMail(numoas, numusers); - - } catch (ConfigurationException e) { - log.warn("Sending Mail to Admin failed.", e); - } - - } else - addActionMessage(LanguageHelper.getGUIString( - "webpages.oaconfig.success", - getGeneralOA().getIdentifier(), request)); - - // remove session attributes - session.setAttribute(Constants.SESSION_OAID, null); - session.removeAttribute(Constants.SESSION_BKUSELECTIONTEMPLATE); - session.removeAttribute(Constants.SESSION_SENDASSERTIONTEMPLATE); - - return Constants.STRUTS_SUCCESS; - - } catch (BasicActionException e) { - return Constants.STRUTS_ERROR; - - } catch (BasicOAActionException e) { - addActionError(e.getStrutsError()); - return e.getStrutsReturnValue(); - - } finally { - - } - } - - public String cancleAndBackOA() { - try { - populateBasicInformations(); - - Object nextPageAttr = session - .getAttribute(Constants.SESSION_RETURNAREA); - if (nextPageAttr != null && nextPageAttr instanceof String) { - nextPage = (String) nextPageAttr; - session.setAttribute(Constants.SESSION_RETURNAREA, null); - - } else { - nextPage = Constants.STRUTS_RETURNAREA_VALUES.main.name(); - } - - session.setAttribute(Constants.SESSION_OAID, null); - - addActionMessage(LanguageHelper.getGUIString( - "webpages.oaconfig.cancle", getGeneralOA().getIdentifier(), - request)); - - return Constants.STRUTS_SUCCESS; - - } catch (BasicActionException e) { - return Constants.STRUTS_ERROR; - - } finally { - - } - } - - public String deleteOA() { - String oaidentifier = null; - try { - populateBasicInformations(); - - Object nextPageAttr = session - .getAttribute(Constants.SESSION_RETURNAREA); - if (nextPageAttr != null && nextPageAttr instanceof String) { - nextPage = (String) nextPageAttr; - - } else { - nextPage = Constants.STRUTS_RETURNAREA_VALUES.main.name(); - } - - oaidentifier = preProcessDeleteOnlineApplication(); - List onlineapplications = configuration.getDbRead() - .getOnlineApplications(oaidentifier); - - Long oaid = getOAIDFromSession(); - - OnlineApplication onlineapplication = null; - - if (onlineapplications != null && onlineapplications.size() > 1) { - log.info("Found more then one OA with PublicURLPrefix in configuration. " - + "Select OA with DB Id ..."); - - for (OnlineApplication oa : onlineapplications) { - if (oa.getHjid().equals(oaid)) { - if (onlineapplication == null) - onlineapplication = oa; - - else { - log.error("Found more then one OA with same PublicURLPrefix and same DBID."); - new BasicOAActionException( - "Found more then one OA with same PublicURLPrefix and same DBID.", - Constants.STRUTS_SUCCESS); - - } - } - } - - } else if (onlineapplications != null && onlineapplications.size() == 1) - onlineapplication = onlineapplications.get(0); - - request.getSession().setAttribute(Constants.SESSION_OAID, null); - + private static final long serialVersionUID = 1L; + + private String nextPage; + + public EditOAAction() { + super(); + + final OATargetConfiguration oaTarget = new OATargetConfiguration(); + formList.put(oaTarget.getName(), oaTarget); + + final OAAuthenticationData authOA = new OAAuthenticationData(); + formList.put(authOA.getName(), authOA); + + final OASAML1Config saml1OA = new OASAML1Config(); + formList.put(saml1OA.getName(), saml1OA); + + if (isMoaidMode) { + final OABPKEncryption bPKEncDec = new OABPKEncryption(); + formList.put(bPKEncDec.getName(), bPKEncDec); + + final OASSOConfig ssoOA = new OASSOConfig(); + formList.put(ssoOA.getName(), ssoOA); + + final OAPVP2Config pvp2OA = new OAPVP2Config(); + formList.put(pvp2OA.getName(), pvp2OA); + + final OAOAuth20Config oauth20OA = new OAOAuth20Config(); + formList.put(oauth20OA.getName(), oauth20OA); + + final OASTORKConfig storkOA = new OASTORKConfig(); + formList.put(storkOA.getName(), storkOA); + + final Map map = new HashMap<>(); + map.putAll(FormBuildUtils.getDefaultMap()); + final FormularCustomization formOA = new FormularCustomization(map); + formList.put(formOA.getName(), formOA); + + final OARevisionsLogData revisOA = new OARevisionsLogData(); + formList.put(revisOA.getName(), revisOA); + } + + } + + // STRUTS actions + public String inital() { + try { + populateBasicInformations(); + + final OnlineApplication onlineapplication = populateOnlineApplicationFromRequest(); + + if (onlineapplication == null) { + addActionError(LanguageHelper.getErrorString( + "errors.listOAs.noOA", request)); + return Constants.STRUTS_SUCCESS; + } + + final List errors = new ArrayList<>(); + for (final IOnlineApplicationData form : formList.values()) { + final List error = form.parse(onlineapplication, authUser, + request); + if (error != null) { + errors.addAll(error); + } + } + if (errors.size() > 0) { + for (final String el : errors) { + addActionError(el); + } + } + + setNewOA(false); + + formID = Random.nextRandom(); + session.setAttribute(Constants.SESSION_FORMID, formID); + session.setAttribute(Constants.SESSION_OAID, oaid); + + return Constants.STRUTS_OA_EDIT; + + } catch (final BasicActionException e) { + return Constants.STRUTS_ERROR; + + } catch (final BasicOAActionException e) { + addActionError(e.getStrutsError()); + return e.getStrutsReturnValue(); + + } finally { + + } + } + + public String newOA() { + log.debug("insert new Online-Application"); + + try { + populateBasicInformations(); + + populateBasicNewOnlineApplicationInformation(); + + // prepare attribute helper list + final ArrayList attributes = new ArrayList<>(); + + try { + for (final StorkAttribute current : configuration.getDbRead() + .getMOAIDConfiguration().getAuthComponentGeneral() + .getForeignIdentities().getSTORK().getAttributes()) { + attributes.add(new AttributeHelper(current)); + } + + } catch (final NullPointerException e) { + + } + + if (getStorkOA() != null) { + getStorkOA().setHelperAttributes(attributes); + } + + final UserDatabase userdb = configuration.getUserManagement().getUserWithID(authUser + .getUserID()); + + if (!authUser.isAdmin() && userdb.isIsMailAddressVerified() != null + && !userdb.isIsMailAddressVerified()) { + log.info("Online-Applikation managemant disabled. Mail address is not verified."); + addActionError(LanguageHelper.getErrorString( + "error.editoa.mailverification", request)); + return Constants.STRUTS_SUCCESS; + } + + if (formList.get(new OAOAuth20Config().getName()) != null) { + session.setAttribute( + Constants.SESSION_OAUTH20SECRET, + ((OAOAuth20Config) formList.get(new OAOAuth20Config().getName())) + .getClientSecret()); + } + + if (getFormOA() != null) { + session.setAttribute(Constants.SESSION_BKUFORMPREVIEW, getFormOA().getFormMap()); + } + + nextPage = Constants.STRUTS_RETURNAREA_VALUES.main.name(); + + return Constants.STRUTS_OA_EDIT; + + } catch (final BasicActionException e) { + return Constants.STRUTS_ERROR; + + } finally { + + } + } + + public String saveOA() { + + OnlineApplication onlineapplication = null; + + try { + populateBasicInformations(); + onlineapplication = preProcessSaveOnlineApplication(); + + final List errors = new ArrayList<>(); + + // validate forms + for (final IOnlineApplicationData form : formList.values()) { + errors.addAll(form.validate(getGeneralOA(), authUser, request)); + } + + // Do not allow SSO in combination with special BKUSelection features + if (getSsoOA() != null && getSsoOA().isUseSSO() + && (getFormOA() != null && getFormOA().isOnlyMandateAllowed() || !getFormOA() + .isShowMandateLoginButton())) { + log.warn("Special BKUSelection features can not be used in combination with SSO"); + errors.add(LanguageHelper.getErrorString( + "validation.general.bkuselection.specialfeatures.valid", + request)); + } + + if (errors.size() > 0) { + log.info("OAConfiguration with ID " + + getGeneralOA().getIdentifier() + " has some errors."); + for (final String el : errors) { + addActionError(el); + } + + formID = Random.nextRandom(); + session.setAttribute(Constants.SESSION_FORMID, formID); + return Constants.STRUTS_ERROR_VALIDATION; + + } else { + try { + onlineapplication = postProcessSaveOnlineApplication(onlineapplication, true); + + } catch (final BasicOAActionException e) { + addActionError(e.getStrutsError()); + return e.getStrutsReturnValue(); + } + + } + + final Object nextPageAttr = session + .getAttribute(Constants.SESSION_RETURNAREA); + if (nextPageAttr != null && nextPageAttr instanceof String) { + nextPage = (String) nextPageAttr; + session.setAttribute(Constants.SESSION_RETURNAREA, null); + + } else { + nextPage = Constants.STRUTS_RETURNAREA_VALUES.main.name(); + } + + if (onlineapplication.isIsAdminRequired()) { + int numoas = 0; + int numusers = 0; + + final List openOAs = configuration.getDbRead() + .getAllNewOnlineApplications(); + if (openOAs != null) { + numoas = openOAs.size(); + } + + final List openUsers = configuration.getUserManagement().getAllNewUsers(); + if (openUsers != null) { + numusers = openUsers.size(); + } + try { + + addActionMessage(LanguageHelper.getGUIString( + "webpages.oaconfig.success.admin", getGeneralOA() + .getIdentifier(), request)); + + if (numusers > 0 || numoas > 0) { + MailHelper.sendAdminMail(numoas, numusers); + } + + } catch (final ConfigurationException e) { + log.warn("Sending Mail to Admin failed.", e); + } + + } else { + addActionMessage(LanguageHelper.getGUIString( + "webpages.oaconfig.success", + getGeneralOA().getIdentifier(), request)); + } + + // remove session attributes + session.setAttribute(Constants.SESSION_OAID, null); + session.removeAttribute(Constants.SESSION_BKUSELECTIONTEMPLATE); + session.removeAttribute(Constants.SESSION_SENDASSERTIONTEMPLATE); + + return Constants.STRUTS_SUCCESS; + + } catch (final BasicActionException e) { + return Constants.STRUTS_ERROR; + + } catch (final BasicOAActionException e) { + addActionError(e.getStrutsError()); + return e.getStrutsReturnValue(); + + } finally { + + } + } + + public String cancleAndBackOA() { + try { + populateBasicInformations(); + + final Object nextPageAttr = session + .getAttribute(Constants.SESSION_RETURNAREA); + if (nextPageAttr != null && nextPageAttr instanceof String) { + nextPage = (String) nextPageAttr; + session.setAttribute(Constants.SESSION_RETURNAREA, null); + + } else { + nextPage = Constants.STRUTS_RETURNAREA_VALUES.main.name(); + } + + session.setAttribute(Constants.SESSION_OAID, null); + + addActionMessage(LanguageHelper.getGUIString( + "webpages.oaconfig.cancle", getGeneralOA().getIdentifier(), + request)); + + return Constants.STRUTS_SUCCESS; + + } catch (final BasicActionException e) { + return Constants.STRUTS_ERROR; + + } finally { + + } + } + + public String deleteOA() { + String oaidentifier = null; + try { + populateBasicInformations(); + + final Object nextPageAttr = session + .getAttribute(Constants.SESSION_RETURNAREA); + if (nextPageAttr != null && nextPageAttr instanceof String) { + nextPage = (String) nextPageAttr; + + } else { + nextPage = Constants.STRUTS_RETURNAREA_VALUES.main.name(); + } + + oaidentifier = preProcessDeleteOnlineApplication(); + final List onlineapplications = configuration.getDbRead() + .getOnlineApplications(oaidentifier); + + final Long oaid = getOAIDFromSession(); + + OnlineApplication onlineapplication = null; + + if (onlineapplications != null && onlineapplications.size() > 1) { + log.info("Found more then one OA with PublicURLPrefix in configuration. " + + "Select OA with DB Id ..."); + + for (final OnlineApplication oa : onlineapplications) { + if (oa.getHjid().equals(oaid)) { + if (onlineapplication == null) { + onlineapplication = oa; + } else { + log.error("Found more then one OA with same PublicURLPrefix and same DBID."); + new BasicOAActionException( + "Found more then one OA with same PublicURLPrefix and same DBID.", + Constants.STRUTS_SUCCESS); + + } + } + } + + } else if (onlineapplications != null && onlineapplications.size() == 1) { + onlineapplication = onlineapplications.get(0); + } + + request.getSession().setAttribute(Constants.SESSION_OAID, null); + // try { // if (MiscUtil.isNotEmpty(onlineapplication.getAuthComponentOA() // .getOAPVP2().getMetadataURL())) { -// +// // MOAIDConfiguration moaconfig = configuration.getDbRead() // .getMOAIDConfiguration(); // moaconfig.setPvp2RefreshItem(new Date()); // ConfigurationDBUtils.saveOrUpdate(moaconfig); -// +// // } -// } catch (NullPointerException e) { +// } catch (NullPointerException e) { // log.debug("Found no MetadataURL in OA-Databaseconfig"); -// +// // } catch (Throwable e) { // log.info("Set metadata refresh flag FAILED.", e); // } - - if (onlineapplication != null && delete(onlineapplication)) { - - if (!authUser.isAdmin()) { - UserDatabase user = configuration.getUserManagement().getUserWithID(authUser - .getUserID()); - List useroas = user.getOnlineApplication(); - - for (String oa : useroas) { - if (oa.equals(onlineapplication.getHjid())) { - useroas.remove(oa); - } - } - - try { - configuration.getUserManagement().saveOrUpdate(user); - - } catch (MOADatabaseException e) { - log.warn("User information can not be updated in database", - e); - addActionError(LanguageHelper.getGUIString( - "error.db.oa.store", request)); - return Constants.STRUTS_ERROR; - } - } - - addActionMessage(LanguageHelper.getGUIString( - "webpages.oaconfig.delete.message", oaidentifier, request)); - - return Constants.STRUTS_SUCCESS; - - } else { - addActionError(LanguageHelper.getGUIString( - "webpages.oaconfig.delete.error", oaidentifier, request)); - return Constants.STRUTS_SUCCESS; - } - - } catch (BasicActionException e) { - return Constants.STRUTS_ERROR; - - } catch (BasicOAActionException e) { - addActionError(e.getStrutsError()); - return e.getStrutsReturnValue(); - - } finally { - - } - - } - - public OAAuthenticationData getAuthOA() { - return (OAAuthenticationData) formList.get(new OAAuthenticationData() - .getName()); - } - - public void setAuthOA(OAAuthenticationData generalOA) { - formList.put(generalOA.getName(), generalOA); - } - - public OASAML1Config getSaml1OA() { - return (OASAML1Config) formList.get(new OASAML1Config().getName()); - } - - public void setSaml1OA(OASAML1Config saml1oa) { - formList.put(saml1oa.getName(), saml1oa); - } - - public OASSOConfig getSsoOA() { - return (OASSOConfig) formList.get(new OASSOConfig().getName()); - } - - public void setSsoOA(OASSOConfig ssoOA) { - formList.put(ssoOA.getName(), ssoOA); - } - - public OASTORKConfig getStorkOA() { - return (OASTORKConfig) formList.get(new OASTORKConfig().getName()); - } - - public void setStorkOA(OASTORKConfig storkOA) { - formList.put(storkOA.getName(), storkOA); - } - - - public OARevisionsLogData getRevisionsLogOA() { - return (OARevisionsLogData) formList.get(new OARevisionsLogData().getName()); - } - - public void setRevisionsLogOA(OARevisionsLogData storkOA) { - formList.put(storkOA.getName(), storkOA); - } - - - /** - * @return the nextPage - */ - public String getNextPage() { - return nextPage; - } - - /** - * @return the formOA - */ - public FormularCustomization getFormOA() { - return (FormularCustomization) formList.get(new FormularCustomization( - null).getName()); - } - - /** - * @param formOA - * the formOA to set - */ - public void setFormOA(FormularCustomization formOA) { - formList.put(formOA.getName(), formOA); - } - - public OAOAuth20Config getOauth20OA() { - return (OAOAuth20Config) formList.get(new OAOAuth20Config().getName()); - } - - public void setOauth20OA(OAOAuth20Config oauth20OA) { - formList.put(oauth20OA.getName(), oauth20OA); - } - - /** - * @return the formOA - */ - public OATargetConfiguration getTargetConfig() { - return (OATargetConfiguration) formList.get(new OATargetConfiguration() - .getName()); - } - - /** - * @param formOA - * the formOA to set - */ - public void setTargetConfig(OATargetConfiguration formOA) { - formList.put(formOA.getName(), formOA); - } - - /** - * @return the bPK encryption/decryption form - */ - public OABPKEncryption getBPKEncDecr() { - return (OABPKEncryption) formList.get(new OABPKEncryption().getName()); - } - - /** - * @param bPK encryption/decryption form - * the bPK encryption/decryption form to set - */ - public void setBPKEncDecr(OABPKEncryption formOA) { - formList.put(formOA.getName(), formOA); - } - + + if (onlineapplication != null && delete(onlineapplication)) { + + if (!authUser.isAdmin()) { + final UserDatabase user = configuration.getUserManagement().getUserWithID(authUser + .getUserID()); + final List useroas = user.getOnlineApplication(); + + for (final String oa : useroas) { + if (oa.equals(onlineapplication.getHjid())) { + useroas.remove(oa); + } + } + + try { + configuration.getUserManagement().saveOrUpdate(user); + + } catch (final MOADatabaseException e) { + log.warn("User information can not be updated in database", + e); + addActionError(LanguageHelper.getGUIString( + "error.db.oa.store", request)); + return Constants.STRUTS_ERROR; + } + } + + addActionMessage(LanguageHelper.getGUIString( + "webpages.oaconfig.delete.message", oaidentifier, request)); + + return Constants.STRUTS_SUCCESS; + + } else { + addActionError(LanguageHelper.getGUIString( + "webpages.oaconfig.delete.error", oaidentifier, request)); + return Constants.STRUTS_SUCCESS; + } + + } catch (final BasicActionException e) { + return Constants.STRUTS_ERROR; + + } catch (final BasicOAActionException e) { + addActionError(e.getStrutsError()); + return e.getStrutsReturnValue(); + + } finally { + + } + + } + + public OAAuthenticationData getAuthOA() { + return (OAAuthenticationData) formList.get(new OAAuthenticationData() + .getName()); + } + + public void setAuthOA(OAAuthenticationData generalOA) { + formList.put(generalOA.getName(), generalOA); + } + + public OASAML1Config getSaml1OA() { + return (OASAML1Config) formList.get(new OASAML1Config().getName()); + } + + public void setSaml1OA(OASAML1Config saml1oa) { + formList.put(saml1oa.getName(), saml1oa); + } + + public OASSOConfig getSsoOA() { + return (OASSOConfig) formList.get(new OASSOConfig().getName()); + } + + public void setSsoOA(OASSOConfig ssoOA) { + formList.put(ssoOA.getName(), ssoOA); + } + + public OASTORKConfig getStorkOA() { + return (OASTORKConfig) formList.get(new OASTORKConfig().getName()); + } + + public void setStorkOA(OASTORKConfig storkOA) { + formList.put(storkOA.getName(), storkOA); + } + + public OARevisionsLogData getRevisionsLogOA() { + return (OARevisionsLogData) formList.get(new OARevisionsLogData().getName()); + } + + public void setRevisionsLogOA(OARevisionsLogData storkOA) { + formList.put(storkOA.getName(), storkOA); + } + + /** + * @return the nextPage + */ + public String getNextPage() { + return nextPage; + } + + /** + * @return the formOA + */ + public FormularCustomization getFormOA() { + return (FormularCustomization) formList.get(new FormularCustomization( + null).getName()); + } + + /** + * @param formOA the formOA to set + */ + public void setFormOA(FormularCustomization formOA) { + formList.put(formOA.getName(), formOA); + } + + public OAOAuth20Config getOauth20OA() { + return (OAOAuth20Config) formList.get(new OAOAuth20Config().getName()); + } + + public void setOauth20OA(OAOAuth20Config oauth20OA) { + formList.put(oauth20OA.getName(), oauth20OA); + } + + /** + * @return the formOA + */ + public OATargetConfiguration getTargetConfig() { + return (OATargetConfiguration) formList.get(new OATargetConfiguration() + .getName()); + } + + /** + * @param formOA the formOA to set + */ + public void setTargetConfig(OATargetConfiguration formOA) { + formList.put(formOA.getName(), formOA); + } + + /** + * @return the bPK encryption/decryption form + */ + public OABPKEncryption getBPKEncDecr() { + return (OABPKEncryption) formList.get(new OABPKEncryption().getName()); + } + + /** + * @param bPK encryption/decryption form the bPK encryption/decryption form to + * set + */ + public void setBPKEncDecr(OABPKEncryption formOA) { + formList.put(formOA.getName(), formOA); + } + } diff --git a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/struts/action/IDPGatewayAction.java b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/struts/action/IDPGatewayAction.java index e238c6d37..6a6cf1d27 100644 --- a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/struts/action/IDPGatewayAction.java +++ b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/struts/action/IDPGatewayAction.java @@ -25,8 +25,6 @@ package at.gv.egovernment.moa.id.configuration.struts.action; import java.util.LinkedHashMap; import at.gv.egovernment.moa.id.configuration.data.oa.IOnlineApplicationData; -import at.gv.egovernment.moa.id.configuration.data.oa.OAMOAIDPInterfederationConfig; -import at.gv.egovernment.moa.id.configuration.data.oa.OAPVP2Config; import at.gv.egovernment.moa.id.configuration.data.oa.PVPGatewayInterfederationConfig; /** @@ -35,22 +33,22 @@ import at.gv.egovernment.moa.id.configuration.data.oa.PVPGatewayInterfederationC */ public class IDPGatewayAction extends InterfederationIDPAction { - private static final long serialVersionUID = -2047128481980413334L; - - public IDPGatewayAction() { - super(); - formList.putAll(buildIDPGatewayFormList()); - } - - public static LinkedHashMap buildIDPGatewayFormList() { - - LinkedHashMap forms = - new LinkedHashMap(); - - PVPGatewayInterfederationConfig pvpGatewayconfig = new PVPGatewayInterfederationConfig(); - forms.put(pvpGatewayconfig.getName(), pvpGatewayconfig); - - return forms; - } + private static final long serialVersionUID = -2047128481980413334L; + + public IDPGatewayAction() { + super(); + formList.putAll(buildIDPGatewayFormList()); + } + + public static LinkedHashMap buildIDPGatewayFormList() { + + final LinkedHashMap forms = + new LinkedHashMap<>(); + + final PVPGatewayInterfederationConfig pvpGatewayconfig = new PVPGatewayInterfederationConfig(); + forms.put(pvpGatewayconfig.getName(), pvpGatewayconfig); + + return forms; + } } diff --git a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/struts/action/ImportExportAction.java b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/struts/action/ImportExportAction.java index d72505c0f..e2458a6a5 100644 --- a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/struts/action/ImportExportAction.java +++ b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/struts/action/ImportExportAction.java @@ -38,7 +38,6 @@ import javax.xml.bind.JAXBContext; import javax.xml.bind.JAXBException; import javax.xml.bind.Unmarshaller; -import org.apache.log4j.Logger; import org.springframework.beans.BeansException; import at.gv.egiz.components.configuration.api.Configuration; @@ -52,472 +51,468 @@ import at.gv.egovernment.moa.id.configuration.config.ConfigurationProvider; import at.gv.egovernment.moa.id.configuration.exception.BasicActionException; import at.gv.egovernment.moa.id.configuration.helper.LanguageHelper; import at.gv.egovernment.moa.util.MiscUtil; +import lombok.extern.slf4j.Slf4j; +@Slf4j public class ImportExportAction extends BasicAction { - - private static final Logger log = Logger.getLogger(ImportExportAction.class); - private static final long serialVersionUID = 1L; - - private String formID; - private File fileUpload = null; - private String fileUploadContentType = null; - private String fileUploadFileName = null; - - private InputStream fileInputStream; - - public String init() { - try { - populateBasicInformations(); - - } catch (BasicActionException e) { - return Constants.STRUTS_ERROR; - - } - - if (authUser.isAdmin()) { - - formID = Random.nextRandom(); - session.setAttribute(Constants.SESSION_FORMID, formID); - - return Constants.STRUTS_SUCCESS; - - } else { - log.info("No access to Import/Export for User with ID" + authUser.getUserID()); - addActionError(LanguageHelper.getErrorString("errors.notallowed", request)); - return Constants.STRUTS_NOTALLOWED; - } - } - - public String importLegacyConfig() throws ConfigurationException { - try { - populateBasicInformations(); - - } catch (BasicActionException e) { - return Constants.STRUTS_ERROR; - - } - - Object formidobj = session.getAttribute(Constants.SESSION_FORMID); - if (formidobj != null && formidobj instanceof String) { - String formid = (String) formidobj; - if (!formid.equals(formID)) { - log.warn("FormIDs does not match. Some suspect Form is received from user " - + authUser.getFamilyName() + authUser.getGivenName() + authUser.getUserID()); - return Constants.STRUTS_ERROR; - } - } else { - log.warn("FormIDs does not match. Some suspect Form is received from user " - + authUser.getFamilyName() + authUser.getGivenName() + authUser.getUserID()); - return Constants.STRUTS_ERROR; - } - session.setAttribute(Constants.SESSION_FORMID, null); - - if (authUser.isAdmin()) { - - //load legacy config if it is configured - - if (fileUpload == null) { - addActionError(LanguageHelper.getErrorString("errors.importexport.nofile", request)); - - formID = Random.nextRandom(); - session.setAttribute(Constants.SESSION_FORMID, formID); - return Constants.STRUTS_ERROR_VALIDATION; - } - - Properties result = null; - - try { - log.warn("WARNING! The legacy import deletes the hole old config"); - - InputStream inStream = new FileInputStream(fileUpload); - // get config from xml file - JAXBContext jc = JAXBContext.newInstance("at.gv.egovernment.moa.id.commons.db.dao.config.deprecated"); - Unmarshaller m = jc.createUnmarshaller(); - MOAIDConfiguration config = (MOAIDConfiguration) m.unmarshal(inStream); - - // serialize config to JSON properties - result = ConfigurationUtil.moaIdConfigToJsonProperties(config); - - if (result == null || result.isEmpty()) { - log.info("Legacy configuration has is empty"); - addActionError(LanguageHelper.getErrorString("errors.importexport.legacyimport", new Object[] {"Empty Configuratiobn"}, request)); - - formID = Random.nextRandom(); - session.setAttribute(Constants.SESSION_FORMID, formID); - return Constants.STRUTS_ERROR_VALIDATION; - - } - - } catch (JAXBException | FileNotFoundException e) { - log.info("Legacy configuration has an Import Error", e); - addActionError(LanguageHelper.getErrorString("errors.importexport.legacyimport", new Object[] {e.getMessage()}, request)); - - formID = Random.nextRandom(); - session.setAttribute(Constants.SESSION_FORMID, formID); - return Constants.STRUTS_ERROR_VALIDATION; - - } - - try { - //check if XML config should be use - log.warn("WARNING! MOA-ID 2.0 is started with XML configuration. This setup overstrike the actual configuration in the Database!"); - - Configuration dbConfiguration = - (Configuration) ConfigurationProvider.getInstance().getContext().getBean("moaidconfig"); - - if (dbConfiguration == null) { - log.warn("Open Database connection FAILED."); - addActionError("Open Database connection FAILED."); - - formID = Random.nextRandom(); - session.setAttribute(Constants.SESSION_FORMID, formID); - return Constants.STRUTS_ERROR_VALIDATION; - - } - - boolean isOverwriteData = true; - - List keys = Arrays.asList(dbConfiguration.getConfigurationIds()); - - if (keys == null) { - log.info("Configuration is not readable."); - throw new MOADatabaseException("Configuration is not readable."); - } - - if (isOverwriteData) { - // remove existing entries - for (String key : keys) { - dbConfiguration.deleteIds(key); - } - } - - Enumeration propertyNames = result.propertyNames(); - - while (propertyNames.hasMoreElements()) { - String key = (String) propertyNames.nextElement(); - String json = result.getProperty(key); - - dbConfiguration.setStringValue(key, json); - } - - } catch (ConfigurationException | MOADatabaseException | at.gv.egiz.components.configuration.api.ConfigurationException e1) { - log.warn("General MOA-ID config can not be stored in Database", e1); - addActionError(e1.getMessage()); - - formID = Random.nextRandom(); - session.setAttribute(Constants.SESSION_FORMID, formID); - return Constants.STRUTS_ERROR_VALIDATION; - - } - - finally { - - } - - //set new formID - formID = Random.nextRandom(); - session.setAttribute(Constants.SESSION_FORMID, formID); - - log.info("Legacy Configuration load is completed."); - addActionMessage(LanguageHelper.getGUIString("webpages.inportexport.success", request)); - return Constants.STRUTS_SUCCESS; - - } else { - log.info("No access to Import/Export for User with ID" + authUser.getUserID()); - addActionError(LanguageHelper.getErrorString("errors.notallowed", request)); - return Constants.STRUTS_NOTALLOWED; - } - } - - public String downloadXMLConfig() { - try { - populateBasicInformations(); - - } catch (BasicActionException e) { - return Constants.STRUTS_ERROR; - - } - - Object formidobj = session.getAttribute(Constants.SESSION_FORMID); - if (formidobj != null && formidobj instanceof String) { - String formid = (String) formidobj; - if (!formid.equals(formID)) { - log.warn("FormIDs does not match. Some suspect Form is received from user " - + authUser.getFamilyName() + authUser.getGivenName() + authUser.getUserID()); - return Constants.STRUTS_ERROR; - } - } else { - log.warn("FormIDs does not match. Some suspect Form is received from user " - + authUser.getFamilyName() + authUser.getGivenName() + authUser.getUserID()); - return Constants.STRUTS_ERROR; - } - session.setAttribute(Constants.SESSION_FORMID, null); - - if (authUser.isAdmin()) { - - log.info("Write MOA-ID 3.x config"); - try { - - Configuration dbConfiguration = - (Configuration) ConfigurationProvider.getInstance().getContext().getBean("moaidconfig"); - - if (dbConfiguration == null) { - log.warn("Open Database connection FAILED."); - addActionError("Open Database connection FAILED."); - - formID = Random.nextRandom(); - session.setAttribute(Constants.SESSION_FORMID, formID); - return Constants.STRUTS_ERROR_VALIDATION; - - } - - Properties result = new Properties(); - String[] allConfigIDs = dbConfiguration.getConfigurationIds(); - for (String key : allConfigIDs) { - String value = dbConfiguration.getStringValue(key); - if (MiscUtil.isNotEmpty(value)) { - result.put(key, value); - log.debug("Put key: " + key + " with value: " + value + " to property file."); - - } else - log.info("Leave key: " + key + " Reason: Value is null or empty"); - - } - - - if (result.isEmpty()) { - log.info("No MOA-ID 3.x configruation available"); - addActionError(LanguageHelper.getErrorString("errors.importexport.export.noconfig", request)); - - formID = Random.nextRandom(); - session.setAttribute(Constants.SESSION_FORMID, formID); - return Constants.STRUTS_ERROR_VALIDATION; - } - - ByteArrayOutputStream output = new ByteArrayOutputStream(); - result.store(output, null); - fileInputStream = new ByteArrayInputStream(output.toByteArray()); - - } catch (IOException | at.gv.egiz.components.configuration.api.ConfigurationException e) { - log.info("MOA-ID 3.x configruation could not be exported into file.", e); - addActionError(LanguageHelper.getErrorString("errors.importexport.export", - new Object[]{e.getMessage()}, request)); - - formID = Random.nextRandom(); - session.setAttribute(Constants.SESSION_FORMID, formID); - return Constants.STRUTS_ERROR_VALIDATION; - - } catch (ConfigurationException | BeansException e) { - log.warn("Open Database connection FAILED."); - addActionError("Open Database connection FAILED."); - - formID = Random.nextRandom(); - session.setAttribute(Constants.SESSION_FORMID, formID); - return Constants.STRUTS_ERROR_VALIDATION; - } - - finally { - - } - - - //set new formID - formID = Random.nextRandom(); - session.setAttribute(Constants.SESSION_FORMID, formID); - - return Constants.STRUTS_SUCCESS; - } else { - log.info("No access to Import/Export for User with ID" + authUser.getUserID()); - addActionError(LanguageHelper.getErrorString("errors.notallowed", request)); - return Constants.STRUTS_NOTALLOWED; - } - } - - - public String importXMLConfig() { - try { - populateBasicInformations(); - - } catch (BasicActionException e) { - return Constants.STRUTS_ERROR; - - } - - Object formidobj = session.getAttribute(Constants.SESSION_FORMID); - if (formidobj != null && formidobj instanceof String) { - String formid = (String) formidobj; - if (!formid.equals(formID)) { - log.warn("FormIDs does not match. Some suspect Form is received from user " - + authUser.getFamilyName() + authUser.getGivenName() + authUser.getUserID()); - return Constants.STRUTS_ERROR; - } - } else { - log.warn("FormIDs does not match. Some suspect Form is received from user " - + authUser.getFamilyName() + authUser.getGivenName() + authUser.getUserID()); - return Constants.STRUTS_ERROR; - } - - session.setAttribute(Constants.SESSION_FORMID, null); - - if (authUser.isAdmin()) { - - if (fileUpload == null) { - addActionError(LanguageHelper.getErrorString("errors.importexport.nofile", request)); - - formID = Random.nextRandom(); - session.setAttribute(Constants.SESSION_FORMID, formID); - - return Constants.STRUTS_ERROR_VALIDATION; - } - - log.info("Load configuration from MOA-ID 3.x XML configuration"); - - try { - - Properties inProperties = new Properties(); - inProperties.load(new FileInputStream(fileUpload)); - - //check if XML config should be use - log.warn("WARNING! MOA-ID 2.0 is started with XML configuration. This setup overstrike the actual configuration in the Database!"); - - Configuration dbConfiguration = - (Configuration) ConfigurationProvider.getInstance().getContext().getBean("moaidconfig"); - - if (dbConfiguration == null) { - log.warn("Open Database connection FAILED."); - addActionError("Open Database connection FAILED."); - - formID = Random.nextRandom(); - session.setAttribute(Constants.SESSION_FORMID, formID); - return Constants.STRUTS_ERROR_VALIDATION; - - } - - boolean isOverwriteData = true; - - List keys = Arrays.asList(dbConfiguration.getConfigurationIds()); - - if (keys == null) { - log.info("Configuration is not readable."); - throw new MOADatabaseException("Configuration is not readable."); - } - - if (isOverwriteData) { - // remove existing entries - for (String key : keys) { - dbConfiguration.deleteIds(key); - } - } - - Enumeration propertyNames = inProperties.propertyNames(); - - while (propertyNames.hasMoreElements()) { - String key = (String) propertyNames.nextElement(); - String json = inProperties.getProperty(key); - - dbConfiguration.setStringValue(key, json); - } - - } catch (Exception e) { - log.warn("MOA-ID XML configuration can not be loaded from File.", e); - addActionError(LanguageHelper.getErrorString("errors.importexport.import", - new Object[]{e.getMessage()}, request)); - - formID = Random.nextRandom(); - session.setAttribute(Constants.SESSION_FORMID, formID); - return Constants.STRUTS_ERROR_VALIDATION; - - } - - finally { - - } - - //set new formID - formID = Random.nextRandom(); - session.setAttribute(Constants.SESSION_FORMID, formID); - - log.info("XML Configuration load is completed."); - addActionMessage(LanguageHelper.getGUIString("webpages.inportexport.success", request)); - return Constants.STRUTS_SUCCESS; - - } else { - log.info("No access to Import/Export for User with ID" + authUser.getUserID()); - addActionError(LanguageHelper.getErrorString("errors.notallowed", request)); - return Constants.STRUTS_NOTALLOWED; - } - - } - - /** - * @return the fileUpload - */ - public File getFileUpload() { - return fileUpload; - } - - - - /** - * @param fileUpload the fileUpload to set - */ - public void setFileUpload(File fileUpload) { - this.fileUpload = fileUpload; - } - - - - /** - * @return the fileUploadContentType - */ - public String getFileUploadContentType() { - return fileUploadContentType; - } - - - - /** - * @param fileUploadContentType the fileUploadContentType to set - */ - public void setFileUploadContentType(String fileUploadContentType) { - this.fileUploadContentType = fileUploadContentType; - } - - - - /** - * @return the fileUploadFileName - */ - public String getFileUploadFileName() { - return fileUploadFileName; - } - - - - /** - * @param fileUploadFileName the fileUploadFileName to set - */ - public void setFileUploadFileName(String fileUploadFileName) { - this.fileUploadFileName = fileUploadFileName; - } - - - public InputStream getFileInputStream() { - return fileInputStream; - } - - /** - * @return the formID - */ - public String getFormID() { - return formID; - } - - /** - * @param formID the formID to set - */ - public void setFormID(String formID) { - this.formID = formID; - } - + + private static final long serialVersionUID = 1L; + + private String formID; + private File fileUpload = null; + private String fileUploadContentType = null; + private String fileUploadFileName = null; + + private InputStream fileInputStream; + + public String init() { + try { + populateBasicInformations(); + + } catch (final BasicActionException e) { + return Constants.STRUTS_ERROR; + + } + + if (authUser.isAdmin()) { + + formID = Random.nextRandom(); + session.setAttribute(Constants.SESSION_FORMID, formID); + + return Constants.STRUTS_SUCCESS; + + } else { + log.info("No access to Import/Export for User with ID" + authUser.getUserID()); + addActionError(LanguageHelper.getErrorString("errors.notallowed", request)); + return Constants.STRUTS_NOTALLOWED; + } + } + + public String importLegacyConfig() throws ConfigurationException { + try { + populateBasicInformations(); + + } catch (final BasicActionException e) { + return Constants.STRUTS_ERROR; + + } + + final Object formidobj = session.getAttribute(Constants.SESSION_FORMID); + if (formidobj != null && formidobj instanceof String) { + final String formid = (String) formidobj; + if (!formid.equals(formID)) { + log.warn("FormIDs does not match. Some suspect Form is received from user " + + authUser.getFamilyName() + authUser.getGivenName() + authUser.getUserID()); + return Constants.STRUTS_ERROR; + } + } else { + log.warn("FormIDs does not match. Some suspect Form is received from user " + + authUser.getFamilyName() + authUser.getGivenName() + authUser.getUserID()); + return Constants.STRUTS_ERROR; + } + session.setAttribute(Constants.SESSION_FORMID, null); + + if (authUser.isAdmin()) { + + // load legacy config if it is configured + + if (fileUpload == null) { + addActionError(LanguageHelper.getErrorString("errors.importexport.nofile", request)); + + formID = Random.nextRandom(); + session.setAttribute(Constants.SESSION_FORMID, formID); + return Constants.STRUTS_ERROR_VALIDATION; + } + + Properties result = null; + + try { + log.warn("WARNING! The legacy import deletes the hole old config"); + + final InputStream inStream = new FileInputStream(fileUpload); + // get config from xml file + final JAXBContext jc = JAXBContext.newInstance( + "at.gv.egovernment.moa.id.commons.db.dao.config.deprecated"); + final Unmarshaller m = jc.createUnmarshaller(); + final MOAIDConfiguration config = (MOAIDConfiguration) m.unmarshal(inStream); + + // serialize config to JSON properties + result = ConfigurationUtil.moaIdConfigToJsonProperties(config); + + if (result == null || result.isEmpty()) { + log.info("Legacy configuration has is empty"); + addActionError(LanguageHelper.getErrorString("errors.importexport.legacyimport", new Object[] { + "Empty Configuratiobn" }, request)); + + formID = Random.nextRandom(); + session.setAttribute(Constants.SESSION_FORMID, formID); + return Constants.STRUTS_ERROR_VALIDATION; + + } + + } catch (JAXBException | FileNotFoundException e) { + log.info("Legacy configuration has an Import Error", e); + addActionError(LanguageHelper.getErrorString("errors.importexport.legacyimport", new Object[] { e + .getMessage() }, request)); + + formID = Random.nextRandom(); + session.setAttribute(Constants.SESSION_FORMID, formID); + return Constants.STRUTS_ERROR_VALIDATION; + + } + + try { + // check if XML config should be use + log.warn( + "WARNING! MOA-ID 2.0 is started with XML configuration. This setup overstrike the actual configuration in the Database!"); + + final Configuration dbConfiguration = + (Configuration) ConfigurationProvider.getInstance().getContext().getBean("moaidconfig"); + + if (dbConfiguration == null) { + log.warn("Open Database connection FAILED."); + addActionError("Open Database connection FAILED."); + + formID = Random.nextRandom(); + session.setAttribute(Constants.SESSION_FORMID, formID); + return Constants.STRUTS_ERROR_VALIDATION; + + } + + final boolean isOverwriteData = true; + + final List keys = Arrays.asList(dbConfiguration.getConfigurationIds()); + + if (keys == null) { + log.info("Configuration is not readable."); + throw new MOADatabaseException("Configuration is not readable."); + } + + if (isOverwriteData) { + // remove existing entries + for (final String key : keys) { + dbConfiguration.deleteIds(key); + } + } + + final Enumeration propertyNames = result.propertyNames(); + + while (propertyNames.hasMoreElements()) { + final String key = (String) propertyNames.nextElement(); + final String json = result.getProperty(key); + + dbConfiguration.setStringValue(key, json); + } + + } catch (ConfigurationException | MOADatabaseException + | at.gv.egiz.components.configuration.api.ConfigurationException e1) { + log.warn("General MOA-ID config can not be stored in Database", e1); + addActionError(e1.getMessage()); + + formID = Random.nextRandom(); + session.setAttribute(Constants.SESSION_FORMID, formID); + return Constants.STRUTS_ERROR_VALIDATION; + + } + + finally { + + } + + // set new formID + formID = Random.nextRandom(); + session.setAttribute(Constants.SESSION_FORMID, formID); + + log.info("Legacy Configuration load is completed."); + addActionMessage(LanguageHelper.getGUIString("webpages.inportexport.success", request)); + return Constants.STRUTS_SUCCESS; + + } else { + log.info("No access to Import/Export for User with ID" + authUser.getUserID()); + addActionError(LanguageHelper.getErrorString("errors.notallowed", request)); + return Constants.STRUTS_NOTALLOWED; + } + } + + public String downloadXMLConfig() { + try { + populateBasicInformations(); + + } catch (final BasicActionException e) { + return Constants.STRUTS_ERROR; + + } + + final Object formidobj = session.getAttribute(Constants.SESSION_FORMID); + if (formidobj != null && formidobj instanceof String) { + final String formid = (String) formidobj; + if (!formid.equals(formID)) { + log.warn("FormIDs does not match. Some suspect Form is received from user " + + authUser.getFamilyName() + authUser.getGivenName() + authUser.getUserID()); + return Constants.STRUTS_ERROR; + } + } else { + log.warn("FormIDs does not match. Some suspect Form is received from user " + + authUser.getFamilyName() + authUser.getGivenName() + authUser.getUserID()); + return Constants.STRUTS_ERROR; + } + session.setAttribute(Constants.SESSION_FORMID, null); + + if (authUser.isAdmin()) { + + log.info("Write MOA-ID 3.x config"); + try { + + final Configuration dbConfiguration = + (Configuration) ConfigurationProvider.getInstance().getContext().getBean("moaidconfig"); + + if (dbConfiguration == null) { + log.warn("Open Database connection FAILED."); + addActionError("Open Database connection FAILED."); + + formID = Random.nextRandom(); + session.setAttribute(Constants.SESSION_FORMID, formID); + return Constants.STRUTS_ERROR_VALIDATION; + + } + + final Properties result = new Properties(); + final String[] allConfigIDs = dbConfiguration.getConfigurationIds(); + for (final String key : allConfigIDs) { + final String value = dbConfiguration.getStringValue(key); + if (MiscUtil.isNotEmpty(value)) { + result.put(key, value); + log.debug("Put key: " + key + " with value: " + value + " to property file."); + + } else { + log.info("Leave key: " + key + " Reason: Value is null or empty"); + } + + } + + if (result.isEmpty()) { + log.info("No MOA-ID 3.x configruation available"); + addActionError(LanguageHelper.getErrorString("errors.importexport.export.noconfig", request)); + + formID = Random.nextRandom(); + session.setAttribute(Constants.SESSION_FORMID, formID); + return Constants.STRUTS_ERROR_VALIDATION; + } + + final ByteArrayOutputStream output = new ByteArrayOutputStream(); + result.store(output, null); + fileInputStream = new ByteArrayInputStream(output.toByteArray()); + + } catch (IOException | at.gv.egiz.components.configuration.api.ConfigurationException e) { + log.info("MOA-ID 3.x configruation could not be exported into file.", e); + addActionError(LanguageHelper.getErrorString("errors.importexport.export", + new Object[] { e.getMessage() }, request)); + + formID = Random.nextRandom(); + session.setAttribute(Constants.SESSION_FORMID, formID); + return Constants.STRUTS_ERROR_VALIDATION; + + } catch (ConfigurationException | BeansException e) { + log.warn("Open Database connection FAILED."); + addActionError("Open Database connection FAILED."); + + formID = Random.nextRandom(); + session.setAttribute(Constants.SESSION_FORMID, formID); + return Constants.STRUTS_ERROR_VALIDATION; + } + + finally { + + } + + // set new formID + formID = Random.nextRandom(); + session.setAttribute(Constants.SESSION_FORMID, formID); + + return Constants.STRUTS_SUCCESS; + } else { + log.info("No access to Import/Export for User with ID" + authUser.getUserID()); + addActionError(LanguageHelper.getErrorString("errors.notallowed", request)); + return Constants.STRUTS_NOTALLOWED; + } + } + + public String importXMLConfig() { + try { + populateBasicInformations(); + + } catch (final BasicActionException e) { + return Constants.STRUTS_ERROR; + + } + + final Object formidobj = session.getAttribute(Constants.SESSION_FORMID); + if (formidobj != null && formidobj instanceof String) { + final String formid = (String) formidobj; + if (!formid.equals(formID)) { + log.warn("FormIDs does not match. Some suspect Form is received from user " + + authUser.getFamilyName() + authUser.getGivenName() + authUser.getUserID()); + return Constants.STRUTS_ERROR; + } + } else { + log.warn("FormIDs does not match. Some suspect Form is received from user " + + authUser.getFamilyName() + authUser.getGivenName() + authUser.getUserID()); + return Constants.STRUTS_ERROR; + } + + session.setAttribute(Constants.SESSION_FORMID, null); + + if (authUser.isAdmin()) { + + if (fileUpload == null) { + addActionError(LanguageHelper.getErrorString("errors.importexport.nofile", request)); + + formID = Random.nextRandom(); + session.setAttribute(Constants.SESSION_FORMID, formID); + + return Constants.STRUTS_ERROR_VALIDATION; + } + + log.info("Load configuration from MOA-ID 3.x XML configuration"); + + try { + + final Properties inProperties = new Properties(); + inProperties.load(new FileInputStream(fileUpload)); + + // check if XML config should be use + log.warn( + "WARNING! MOA-ID 2.0 is started with XML configuration. This setup overstrike the actual configuration in the Database!"); + + final Configuration dbConfiguration = + (Configuration) ConfigurationProvider.getInstance().getContext().getBean("moaidconfig"); + + if (dbConfiguration == null) { + log.warn("Open Database connection FAILED."); + addActionError("Open Database connection FAILED."); + + formID = Random.nextRandom(); + session.setAttribute(Constants.SESSION_FORMID, formID); + return Constants.STRUTS_ERROR_VALIDATION; + + } + + final boolean isOverwriteData = true; + + final List keys = Arrays.asList(dbConfiguration.getConfigurationIds()); + + if (keys == null) { + log.info("Configuration is not readable."); + throw new MOADatabaseException("Configuration is not readable."); + } + + if (isOverwriteData) { + // remove existing entries + for (final String key : keys) { + dbConfiguration.deleteIds(key); + } + } + + final Enumeration propertyNames = inProperties.propertyNames(); + + while (propertyNames.hasMoreElements()) { + final String key = (String) propertyNames.nextElement(); + final String json = inProperties.getProperty(key); + + dbConfiguration.setStringValue(key, json); + } + + } catch (final Exception e) { + log.warn("MOA-ID XML configuration can not be loaded from File.", e); + addActionError(LanguageHelper.getErrorString("errors.importexport.import", + new Object[] { e.getMessage() }, request)); + + formID = Random.nextRandom(); + session.setAttribute(Constants.SESSION_FORMID, formID); + return Constants.STRUTS_ERROR_VALIDATION; + + } + + finally { + + } + + // set new formID + formID = Random.nextRandom(); + session.setAttribute(Constants.SESSION_FORMID, formID); + + log.info("XML Configuration load is completed."); + addActionMessage(LanguageHelper.getGUIString("webpages.inportexport.success", request)); + return Constants.STRUTS_SUCCESS; + + } else { + log.info("No access to Import/Export for User with ID" + authUser.getUserID()); + addActionError(LanguageHelper.getErrorString("errors.notallowed", request)); + return Constants.STRUTS_NOTALLOWED; + } + + } + + /** + * @return the fileUpload + */ + public File getFileUpload() { + return fileUpload; + } + + /** + * @param fileUpload the fileUpload to set + */ + public void setFileUpload(File fileUpload) { + this.fileUpload = fileUpload; + } + + /** + * @return the fileUploadContentType + */ + public String getFileUploadContentType() { + return fileUploadContentType; + } + + /** + * @param fileUploadContentType the fileUploadContentType to set + */ + public void setFileUploadContentType(String fileUploadContentType) { + this.fileUploadContentType = fileUploadContentType; + } + + /** + * @return the fileUploadFileName + */ + public String getFileUploadFileName() { + return fileUploadFileName; + } + + /** + * @param fileUploadFileName the fileUploadFileName to set + */ + public void setFileUploadFileName(String fileUploadFileName) { + this.fileUploadFileName = fileUploadFileName; + } + + public InputStream getFileInputStream() { + return fileInputStream; + } + + /** + * @return the formID + */ + @Override + public String getFormID() { + return formID; + } + + /** + * @param formID the formID to set + */ + @Override + public void setFormID(String formID) { + this.formID = formID; + } + } diff --git a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/struts/action/IndexAction.java b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/struts/action/IndexAction.java index 6f9d233b1..666785e24 100644 --- a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/struts/action/IndexAction.java +++ b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/struts/action/IndexAction.java @@ -35,7 +35,6 @@ import javax.servlet.http.HttpServletRequest; import javax.servlet.http.HttpSession; import org.apache.commons.lang.StringEscapeUtils; -import org.apache.log4j.Logger; import org.joda.time.DateTime; import org.opensaml.common.SAMLObject; import org.opensaml.common.binding.BasicSAMLMessageContext; @@ -78,817 +77,837 @@ import at.gv.egovernment.moa.id.configuration.helper.DateTimeHelper; import at.gv.egovernment.moa.id.configuration.helper.LanguageHelper; import at.gv.egovernment.moa.id.configuration.helper.MailHelper; import at.gv.egovernment.moa.util.MiscUtil; +import lombok.extern.slf4j.Slf4j; +@Slf4j public class IndexAction extends BasicAction { - - /** - * @throws ConfigurationException - */ - - private static final long serialVersionUID = -2781497863862504896L; - - private static final Logger log = Logger.getLogger(IndexAction.class); - - private String password; - private String username; - private UserDatabaseFrom user = null; - private String formID; - - private String ssologouturl; - - private boolean pvp2LoginActiv = false; - - public IndexAction() throws BasicActionException { - super(); - } - - public String start() { - try { - populateBasicInformations(); - - } catch (BasicActionException e) { - return Constants.STRUTS_ERROR; - - } - - pvp2LoginActiv = configuration.isPVP2LoginActive(); - - if (session.getAttribute(Constants.SESSION_I18n) == null) - session.setAttribute(Constants.SESSION_I18n, - Locale.forLanguageTag(configuration.getDefaultLanguage())); - - if (configuration.isLoginDeaktivated()) { - return "loginWithOutAuth"; - - } else { - return Constants.STRUTS_SUCCESS; - - } - } - - public String authenticate() { - - try { - populateBasicInformations(); - - } catch (BasicActionException e) { - return Constants.STRUTS_ERROR; - - } - - pvp2LoginActiv = configuration.isPVP2LoginActive(); - - String key = null; - - if (MiscUtil.isNotEmpty(username)) { - if (ValidationHelper.containsNotValidCharacter(username, false)) { - log.warn("Username contains potentail XSS characters: " + StringEscapeUtils.escapeHtml(username)); - addActionError(LanguageHelper.getErrorString("validation.edituser.username.valid", - new Object[] {ValidationHelper.getNotValidCharacter(false)}, request )); - return Constants.STRUTS_ERROR; - } - } else { - log.warn("Username is empty"); - addActionError(LanguageHelper.getErrorString("validation.edituser.username.empty", request)); - return Constants.STRUTS_ERROR; - } - - if (MiscUtil.isEmpty(password)) { - log.warn("Password is empty"); - addActionError(LanguageHelper.getErrorString("validation.edituser.password.empty", request)); - return Constants.STRUTS_ERROR; - - } else { - key = AuthenticationHelper.generateKeyFormPassword(password); - if (key == null) { - addActionError(LanguageHelper.getErrorString("validation.edituser.password.valid", request)); - return Constants.STRUTS_ERROR; - } - } - - - UserDatabase dbuser = configuration.getUserManagement().getUserWithUserName(username); - if (dbuser == null) { - log.warn("Unknown Username"); - addActionError(LanguageHelper.getErrorString("webpages.index.login.notallowed", request)); - return Constants.STRUTS_ERROR; - - } else { - //TODO: maybe remove this default value in a later version - if (dbuser.isIsUsernamePasswordAllowed() == null) - dbuser.setIsUsernamePasswordAllowed(true); - - if (!dbuser.isIsActive() || !dbuser.isIsUsernamePasswordAllowed()) { - log.warn("Username " + StringEscapeUtils.escapeHtml(dbuser.getUsername()) + " is not active or Username/Password login is not allowed"); - addActionError(LanguageHelper.getErrorString("webpages.index.login.notallowed", request)); - return Constants.STRUTS_ERROR; - } - - if (!dbuser.getPassword().equals(key)) { - log.warn("Username " + StringEscapeUtils.escapeHtml(dbuser.getUsername()) + " use a false password"); - addActionError(LanguageHelper.getErrorString("webpages.index.login.notallowed", request)); - return Constants.STRUTS_ERROR; - } - - //TODO: maybe remove this default value in a later version - boolean ismandateuser = false; - if (dbuser.isIsMandateUser() != null) - ismandateuser = dbuser.isIsMandateUser(); - - int sessionTimeOut = session.getMaxInactiveInterval(); - Date sessionExpired = new Date(new Date().getTime() + - (sessionTimeOut * Constants.ONE_MINUTE_IN_MILLIS)); - - AuthenticatedUser authuser = new AuthenticatedUser(dbuser, - true, - ismandateuser, - false, - dbuser.getHjid()+"dbID", - "username/password", - sessionExpired); - - //store user as authenticated user - AuthenticationManager authManager = AuthenticationManager.getInstance(); - authManager.setActiveUser(authuser); - - Date date = DateTimeHelper.parseDateTime(dbuser.getLastLogin()); - if (date != null) - authuser.setLastLogin(date);; - - dbuser.setLastLogin(DateTimeHelper.getDateTime(new Date())); - - try { - configuration.getUserManagement().saveOrUpdate(dbuser); - - } catch (MOADatabaseException e) { - log.warn("UserDatabase communicaton error", e); - addActionError(LanguageHelper.getErrorString("error.login", request)); - return Constants.STRUTS_ERROR; - } - finally { - } - - HttpSession session = generateNewJSession(request); - session.setAttribute(Constants.SESSION_AUTH, authuser); - - return Constants.STRUTS_SUCCESS; - } - } - - public String pvp2login() { - - try { - populateBasicInformations(); - - } catch (BasicActionException e) { - return Constants.STRUTS_ERROR; - - } - - String method = request.getMethod(); - if (session == null) { - log.info("NO HTTP Session"); - return Constants.STRUTS_ERROR; - } - - String authID = (String) session.getAttribute(Constants.SESSION_PVP2REQUESTID); - session.setAttribute(Constants.SESSION_PVP2REQUESTID, null); - - if (method.equals("POST")) { - - try { - pvp2LoginActiv = configuration.isPVP2LoginActive(); - - //Decode with HttpPost Binding - HTTPPostDecoder decode = new HTTPPostDecoder(new BasicParserPool()); - BasicSAMLMessageContext messageContext = new BasicSAMLMessageContext(); - messageContext - .setInboundMessageTransport(new HttpServletRequestAdapter( - request)); - decode.decode(messageContext); - - Response samlResponse = (Response) messageContext.getInboundMessage(); - - //ckeck InResponseTo matchs requestID - if (MiscUtil.isEmpty(authID)) { - log.info("NO AuthRequestID"); - return Constants.STRUTS_ERROR; - } - - if (!authID.equals(samlResponse.getInResponseTo())) { - log.warn("PVPRequestID does not match PVP2 Assertion ID!"); - return Constants.STRUTS_ERROR; - - } - - //check response destination - String serviceURL = configuration.getPublicUrlPreFix(request); - if (!serviceURL.endsWith("/")) - serviceURL = serviceURL + "/"; - - String responseDestination = samlResponse.getDestination(); - if (MiscUtil.isEmpty(responseDestination) || - !responseDestination.equals(serviceURL + Constants.SERVLET_PVP2ASSERTION)) { - log.warn("PVPResponse destination does not match requested destination"); - return Constants.STRUTS_ERROR; - } - - //check if response is signed - Signature sign = samlResponse.getSignature(); - if (sign == null) { - log.info("Only http POST Requests can be used"); - addActionError(LanguageHelper.getErrorString("error.login", request)); - return Constants.STRUTS_ERROR; - } - - //validate signature - PVP2Utils.validateSignature(samlResponse, configuration); - - log.info("PVP2 Assertion is valid"); - - if (samlResponse.getStatus().getStatusCode().getValue().equals(StatusCode.SUCCESS_URI)) { - - List saml2assertions = new ArrayList(); - - //check encrypted Assertion - List encryAssertionList = samlResponse.getEncryptedAssertions(); - if (encryAssertionList != null && encryAssertionList.size() > 0) { - //decrypt assertions - - log.debug("Found encryped assertion. Start decryption ..."); - - KeyStore keyStore = configuration.getPVP2KeyStore(); - - X509Credential authDecCredential = new KeyStoreX509CredentialAdapter( - keyStore, - configuration.getPVP2KeystoreAuthRequestEncryptionKeyAlias(), - configuration.getPVP2KeystoreAuthRequestEncryptionKeyPassword().toCharArray()); - - - StaticKeyInfoCredentialResolver skicr = - new StaticKeyInfoCredentialResolver(authDecCredential); - - ChainingEncryptedKeyResolver encryptedKeyResolver = new ChainingEncryptedKeyResolver(); - encryptedKeyResolver.getResolverChain().add( new InlineEncryptedKeyResolver() ); - encryptedKeyResolver.getResolverChain().add( new EncryptedElementTypeEncryptedKeyResolver() ); - encryptedKeyResolver.getResolverChain().add( new SimpleRetrievalMethodEncryptedKeyResolver() ); - - Decrypter samlDecrypter = - new Decrypter(null, skicr, encryptedKeyResolver); - - for (EncryptedAssertion encAssertion : encryAssertionList) { - saml2assertions.add(samlDecrypter.decrypt(encAssertion)); - - } - - log.debug("Assertion decryption finished. "); - - } else { - saml2assertions = samlResponse.getAssertions(); - - } - - for (org.opensaml.saml2.core.Assertion saml2assertion : saml2assertions) { - - Conditions conditions = saml2assertion.getConditions(); - DateTime notbefore = conditions.getNotBefore(); - DateTime notafter = conditions.getNotOnOrAfter(); - if ( notbefore.isAfterNow() || notafter.isBeforeNow() ) { - log.warn("PVP2 Assertion is out of Date"); - return Constants.STRUTS_ERROR; - - } - - Subject subject = saml2assertion.getSubject(); - if (subject == null) { - log.warn("Assertion has no Subject element"); - return Constants.STRUTS_ERROR; - - } - - NameID nameID = subject.getNameID(); - if (nameID == null) { - log.warn("No NameID element in PVP2 assertion!"); - return Constants.STRUTS_ERROR; - } - - String bpkwbpk = nameID.getNameQualifier() + "+" + nameID.getValue(); - - int sessionTimeOut = session.getMaxInactiveInterval(); - Date sessionExpired = new Date(new Date().getTime() + - (sessionTimeOut * Constants.ONE_MINUTE_IN_MILLIS)); - - //search user - UserDatabase dbuser = configuration.getUserManagement().getUserWithUserBPKWBPK(bpkwbpk); - if (dbuser == null) { - log.info("No user found with bpk/wbpk " + bpkwbpk); - - //read PVP2 assertion attributes; - user = new UserDatabaseFrom(); - user.setActive(false); - user.setAdmin(false); - user.setBpk(bpkwbpk); - user.setIsusernamepasswordallowed(false); - user.setIsmandateuser(false); - user.setPVPGenerated(true); - - //loop through the nodes to get what we want - List attributeStatements = saml2assertion.getAttributeStatements(); - for (int i = 0; i < attributeStatements.size(); i++) - { - List attributes = attributeStatements.get(i).getAttributes(); - for (int x = 0; x < attributes.size(); x++) - { - String strAttributeName = attributes.get(x).getDOM().getAttribute("Name"); - - if (strAttributeName.equals(PVPAttributeDefinitions.PRINCIPAL_NAME_NAME)) { - user.setFamilyName(attributes.get(x).getAttributeValues().get(0).getDOM().getFirstChild().getNodeValue()); - } - - if (strAttributeName.equals(PVPAttributeDefinitions.GIVEN_NAME_NAME)) { - user.setGivenName(attributes.get(x).getAttributeValues().get(0).getDOM().getFirstChild().getNodeValue()); - } - - if (strAttributeName.equals(PVPAttributeDefinitions.MANDATE_TYPE_NAME)) { - user.setIsmandateuser(true); - } - - if (strAttributeName.equals(PVPAttributeDefinitions.MANDATE_LEG_PER_FULL_NAME_NAME)) { - user.setInstitut(attributes.get(x).getAttributeValues().get(0).getDOM().getFirstChild().getNodeValue()); - } - } - } - - //create AuthUser data element - authUser = AuthenticatedUser.generateUserRequestUser(user, - nameID.getValue(), - nameID.getFormat(), - sessionExpired); - - //store user as authenticated user - AuthenticationManager authManager = AuthenticationManager.getInstance(); - authManager.setActiveUser(authUser); - - //set Random value - formID = Random.nextRandom(); - session.setAttribute(Constants.SESSION_FORMID, formID); - session.setAttribute(Constants.SESSION_FORM, user); - session.setAttribute(Constants.SESSION_AUTH, authUser); - - - return Constants.STRUTS_NEWUSER; - - } else { - if (!dbuser.isIsActive()) { - - if (!dbuser.isIsMailAddressVerified()) { - - formID = Random.nextRandom(); - session.setAttribute(Constants.SESSION_FORMID, formID); - - user = new UserDatabaseFrom(dbuser); - authUser = new AuthenticatedUser(dbuser, - false, - dbuser.isIsMandateUser(), - true, - nameID.getValue(), - nameID.getFormat(), - sessionExpired); - - //store user as authenticated user - AuthenticationManager authManager = AuthenticationManager.getInstance(); - authManager.setActiveUser(authUser); - - session.setAttribute(Constants.SESSION_FORM, user); - session.setAttribute(Constants.SESSION_AUTH, authUser); - - return Constants.STRUTS_NEWUSER; - - } - - log.info("User with bpk/wbpk " + bpkwbpk + " is not active"); - addActionError(LanguageHelper.getErrorString("webpages.index.username.notactive", request)); - return Constants.STRUTS_ERROR; - } - - //TODO: maybe remove this default value in a later version - boolean ismandateuser = false; - if (dbuser.isIsMandateUser() != null) - ismandateuser = dbuser.isIsMandateUser(); - - authUser = new AuthenticatedUser(dbuser, true, - ismandateuser, - true, - nameID.getValue(), - nameID.getFormat(), - sessionExpired); - - //store user as authenticated user - AuthenticationManager authManager = AuthenticationManager.getInstance(); - authManager.setActiveUser(authUser); - - Date date = DateTimeHelper.parseDateTime(dbuser.getLastLogin()); - if (date != null) - authUser.setLastLogin(date);; - - dbuser.setLastLogin(DateTimeHelper.getDateTime(new Date())); - - try { - configuration.getUserManagement().saveOrUpdate(dbuser); - - } catch (MOADatabaseException e) { - log.warn("UserDatabase communicaton error", e); - addActionError(LanguageHelper.getErrorString("error.login", request)); - return Constants.STRUTS_ERROR; - } - finally { - } - - HttpSession newsession = generateNewJSession(request); - newsession.setAttribute(Constants.SESSION_AUTH, authUser); - return Constants.STRUTS_SUCCESS; - - } - } - - log.info("PVP2 Assertion was maybe not well formed, because no Assertion element could be found."); - addActionError(LanguageHelper.getErrorString("error.login.internal", request)); - return Constants.STRUTS_ERROR; - - } else { - log.info("Receive Error Assertion."); - addActionError(LanguageHelper.getErrorString("error.login", request)); - return Constants.STRUTS_ERROR; - } - - } catch (Exception e) { - log.warn("An internal error occurs.", e); - addActionError(LanguageHelper.getErrorString("error.login.internal", request)); - return Constants.STRUTS_ERROR; - } - - } else { - log.info("Only http POST Requests can be used"); - addActionError(LanguageHelper.getErrorString("error.login.internal", request)); - return Constants.STRUTS_ERROR; - } - } - - public String requestNewUser() { - - try { - populateBasicInformations(); - - } catch (BasicActionException e) { - return Constants.STRUTS_ERROR; - - } - - if (session == null) { - log.warn("No active Session found"); - return Constants.STRUTS_ERROR; - } - - Object formidobj = session.getAttribute(Constants.SESSION_FORMID); - if (formidobj != null && formidobj instanceof String) { - String formid = (String) formidobj; - if (!formid.equals(formID)) { - log.warn("FormIDs does not match. Some suspect Form is received from user " - + authUser.getFamilyName() + authUser.getGivenName() + authUser.getUserID()); - return Constants.STRUTS_ERROR; - } - } else { - log.warn("FormIDs does not match. Some suspect Form is received from user " - + authUser.getFamilyName() + authUser.getGivenName() + authUser.getUserID()); - return Constants.STRUTS_ERROR; - } - session.setAttribute(Constants.SESSION_FORMID, null); - - Object sessionformobj = session.getAttribute(Constants.SESSION_FORM); - if (sessionformobj != null && sessionformobj instanceof UserDatabaseFrom) { - UserDatabaseFrom sessionform = (UserDatabaseFrom) sessionformobj; - - Object authUserObj = session.getAttribute(Constants.SESSION_AUTH); - authUser = (AuthenticatedUser) authUserObj; - - if (user == null) { - log.warn("No form transmited"); - return Constants.STRUTS_ERROR; - } - - //get UserID - String useridobj = user.getUserID(); - long userID = -1; - if (MiscUtil.isEmpty(useridobj)) { - userID = -1; - - } else { - if (!ValidationHelper.validateOAID(useridobj)){ - log.warn("User with ID " + authUser.getUserID() - + " would access UserDatabase ID " + useridobj); - addActionError(LanguageHelper.getErrorString("errors.edit.user.notallowed", request)); - return Constants.STRUTS_ERROR; - } - userID = Long.valueOf(useridobj); - } - - String check; - if (!sessionform.isIsmandateuser()) { - check = user.getInstitut(); - if (MiscUtil.isNotEmpty(check)) { - if (ValidationHelper.containsNotValidCharacter(check, false)) { - log.warn("Organisation contains potentail XSS characters: " + StringEscapeUtils.escapeHtml(check)); - addActionError(LanguageHelper.getErrorString("validation.edituser.institut.valid", - new Object[] {ValidationHelper.getNotValidCharacter(false)}, request )); - } - } else { - log.warn("Organisation is empty"); - addActionError(LanguageHelper.getErrorString("validation.edituser.institut.empty", request)); - } - } - - check = user.getMail(); - if (MiscUtil.isNotEmpty(check)) { - if (!ValidationHelper.isEmailAddressFormat(check)) { - log.warn("Mailaddress is not valid: " + StringEscapeUtils.escapeHtml(check)); - addActionError(LanguageHelper.getErrorString("validation.edituser.mail.valid", - new Object[] {ValidationHelper.getNotValidCharacter(false)}, request )); - } - } else { - log.warn("Mailaddress is empty"); - addActionError(LanguageHelper.getErrorString("validation.edituser.mail.empty", request)); - } - - check = user.getPhone(); - if (MiscUtil.isNotEmpty(check)) { - if (!ValidationHelper.validatePhoneNumber(check)) { - log.warn("No valid Phone Number: " + StringEscapeUtils.escapeHtml(check)); - addActionError(LanguageHelper.getErrorString("validation.edituser.phone.valid", - new Object[] {ValidationHelper.getNotValidCharacter(false)}, request )); - } - } else { - log.warn("Phonenumber is empty"); - addActionError(LanguageHelper.getErrorString("validation.edituser.phone.empty", request)); - } - - if (hasActionErrors()) { - log.info("Some form errors found. Send user back to form"); - - user.setPVPGenerated(true); - user.setFamilyName(sessionform.getFamilyName()); - user.setGivenName(sessionform.getGivenName()); - user.setIsmandateuser(sessionform.isIsmandateuser()); - user.setBpk(sessionform.getBpk()); - - if (sessionform.isIsmandateuser()) - user.setInstitut(sessionform.getInstitut()); - - formID = Random.nextRandom(); - session.setAttribute(Constants.SESSION_FORMID, formID); - - return Constants.STRUTS_NEWUSER; - } - - UserDatabase dbuser; - - if (userID < 0) { - dbuser = new UserDatabase(); - dbuser.setBpk(sessionform.getBpk()); - dbuser.setFamilyname(sessionform.getFamilyName()); - dbuser.setGivenname(sessionform.getGivenName()); - - if (sessionform.isIsmandateuser()) - dbuser.setInstitut(sessionform.getInstitut()); - else - dbuser.setInstitut(user.getInstitut()); - - dbuser.setIsPVP2Generated(true); - dbuser.setLastLogin(DateTimeHelper.getDateTime(new Date())); - dbuser.setIsActive(false); - dbuser.setIsAdmin(false); - dbuser.setIsMandateUser(sessionform.isIsmandateuser()); - dbuser.setIsUsernamePasswordAllowed(false); - - } else - dbuser = configuration.getUserManagement().getUserWithID(userID); - - dbuser.setMail(user.getMail()); - dbuser.setPhone(user.getPhone()); - dbuser.setIsAdminRequest(true); - dbuser.setIsMailAddressVerified(false); - dbuser.setUserRequestTokken(Random.nextRandom()); - - try { - configuration.getUserManagement().saveOrUpdate(dbuser); - - MailHelper.sendUserMailAddressVerification(dbuser); - - } catch (MOADatabaseException e) { - log.warn("New UserRequest can not be stored in database", e); - return Constants.STRUTS_ERROR; - - } catch (ConfigurationException e) { - log.warn("Sending of mailaddress verification mail failed.", e); - addActionError(LanguageHelper.getErrorString("error.mail.send", request)); - return Constants.STRUTS_NEWUSER; - } - - finally { - session.setAttribute(Constants.SESSION_FORM, null); - session.setAttribute(Constants.SESSION_AUTH, null); - } - - addActionMessage(LanguageHelper.getGUIString("webpages.edituser.changemailaddress.verify", request)); - - session.invalidate(); - - return Constants.STRUTS_SUCCESS; - - } else { - log.warn("No SessionForm found"); - return Constants.STRUTS_ERROR; - } - - } - - public String mailAddressVerification() { - - try { - populateBasicInformations(); - - } catch (BasicActionException e) { - return Constants.STRUTS_ERROR; - - } - - String userrequesttokken = request.getParameter(Constants.REQUEST_USERREQUESTTOKKEN); - if (MiscUtil.isNotEmpty(userrequesttokken)) { - - userrequesttokken = StringEscapeUtils.escapeHtml(userrequesttokken); - - try { - Long.parseLong(userrequesttokken); - - } catch (NumberFormatException e) { - log.warn("Verificationtokken has no number format."); - return Constants.STRUTS_ERROR; - } - - UserDatabase dbuser = configuration.getUserManagement().getNewUserWithTokken(userrequesttokken); - if (dbuser != null) { - dbuser.setUserRequestTokken(null); - dbuser.setIsMailAddressVerified(true); - - if (dbuser.isIsActive()) - dbuser.setIsAdminRequest(false); - - try { - configuration.getUserManagement().saveOrUpdate(dbuser); - - int numoas = 0; - int numusers = 0; - - List openOAs = configuration.getDbRead().getAllNewOnlineApplications(); - if (openOAs != null) - numoas = openOAs.size(); - - List openUsers = configuration.getUserManagement().getAllNewUsers(); - if (openUsers != null) - numusers = openUsers.size(); - - if (numusers > 0 || numoas > 0) - MailHelper.sendAdminMail(numoas, numusers); - - } catch (MOADatabaseException e) { - log.warn("Userinformation can not be stored in Database.", e); - addActionError(LanguageHelper.getErrorString("error.mail.verification", request)); - - } catch (ConfigurationException e) { - log.warn("Send mail to admin failed.", e); - } - - finally { - } - - addActionMessage(LanguageHelper.getGUIString("validation.newuser.mailaddress", request)); - return Constants.STRUTS_SUCCESS; - } - } - - return Constants.STRUTS_ERROR; - } - - public String logout() { - HttpSession session = request.getSession(false); - - if (session != null) { - if (MiscUtil.isNotEmpty((String)session.getAttribute(Constants.SESSION_SLOSUCCESS))) - addActionMessage((String)session.getAttribute(Constants.SESSION_SLOSUCCESS)); - - if (MiscUtil.isNotEmpty((String)session.getAttribute(Constants.SESSION_SLOERROR))) - addActionError((String)session.getAttribute(Constants.SESSION_SLOERROR)); - - session.invalidate(); - - } - - return Constants.STRUTS_SUCCESS; - } - - private HttpSession generateNewJSession(HttpServletRequest request) { - HttpSession session = request.getSession(false); - - if (session != null) { - - HashMap attributes = new HashMap(); - - Enumeration enames = session.getAttributeNames(); - while (enames.hasMoreElements()) { - String name = enames.nextElement(); - if (!name.equals("JSESSIONID")) - attributes.put(name, session.getAttribute( name)); - } - session.invalidate(); - - session = request.getSession(true); - for (Entry et : attributes.entrySet()) - session.setAttribute( et.getKey(), et.getValue()); - - } else - session = request.getSession(true); - - return session; - } - - /** - * @return the password - */ - public String getPassword() { - return password; - } - - /** - * @param password the password to set - */ - public void setPassword(String password) { - this.password = password; - } - - /** - * @return the username - */ - public String getUsername() { - return username; - } - - /** - * @param username the username to set - */ - public void setUsername(String username) { - this.username = username; - } - - /** - * @return the user - */ - public UserDatabaseFrom getUser() { - return user; - } - - /** - * @param user the user to set - */ - public void setUser(UserDatabaseFrom user) { - this.user = user; - } - - /** - * @return the ssologouturl - */ - public String getSsologouturl() { - return ssologouturl; - } - - /** - * @return the formID - */ - public String getFormID() { - return formID; - } - - /** - * @param formID the formID to set - */ - public void setFormID(String formID) { - this.formID = formID; - } - - /** - * @return the pvp2LoginActiv - */ - public boolean isPvp2LoginActiv() { - return pvp2LoginActiv; - } - - + + /** + * @throws ConfigurationException + */ + + private static final long serialVersionUID = -2781497863862504896L; + + private String password; + private String username; + private UserDatabaseFrom user = null; + private String formID; + + private String ssologouturl; + + private boolean pvp2LoginActiv = false; + + public IndexAction() throws BasicActionException { + super(); + } + + public String start() { + try { + populateBasicInformations(); + + } catch (final BasicActionException e) { + return Constants.STRUTS_ERROR; + + } + + pvp2LoginActiv = configuration.isPVP2LoginActive(); + + if (session.getAttribute(Constants.SESSION_I18n) == null) { + session.setAttribute(Constants.SESSION_I18n, + Locale.forLanguageTag(configuration.getDefaultLanguage())); + } + + if (configuration.isLoginDeaktivated()) { + return "loginWithOutAuth"; + + } else { + return Constants.STRUTS_SUCCESS; + + } + } + + public String authenticate() { + + try { + populateBasicInformations(); + + } catch (final BasicActionException e) { + return Constants.STRUTS_ERROR; + + } + + pvp2LoginActiv = configuration.isPVP2LoginActive(); + + String key = null; + + if (MiscUtil.isNotEmpty(username)) { + if (ValidationHelper.containsNotValidCharacter(username, false)) { + log.warn("Username contains potentail XSS characters: " + StringEscapeUtils.escapeHtml(username)); + addActionError(LanguageHelper.getErrorString("validation.edituser.username.valid", + new Object[] { ValidationHelper.getNotValidCharacter(false) }, request)); + return Constants.STRUTS_ERROR; + } + } else { + log.warn("Username is empty"); + addActionError(LanguageHelper.getErrorString("validation.edituser.username.empty", request)); + return Constants.STRUTS_ERROR; + } + + if (MiscUtil.isEmpty(password)) { + log.warn("Password is empty"); + addActionError(LanguageHelper.getErrorString("validation.edituser.password.empty", request)); + return Constants.STRUTS_ERROR; + + } else { + key = AuthenticationHelper.generateKeyFormPassword(password); + if (key == null) { + addActionError(LanguageHelper.getErrorString("validation.edituser.password.valid", request)); + return Constants.STRUTS_ERROR; + } + } + + final UserDatabase dbuser = configuration.getUserManagement().getUserWithUserName(username); + if (dbuser == null) { + log.warn("Unknown Username"); + addActionError(LanguageHelper.getErrorString("webpages.index.login.notallowed", request)); + return Constants.STRUTS_ERROR; + + } else { + // TODO: maybe remove this default value in a later version + if (dbuser.isIsUsernamePasswordAllowed() == null) { + dbuser.setIsUsernamePasswordAllowed(true); + } + + if (!dbuser.isIsActive() || !dbuser.isIsUsernamePasswordAllowed()) { + log.warn("Username " + StringEscapeUtils.escapeHtml(dbuser.getUsername()) + + " is not active or Username/Password login is not allowed"); + addActionError(LanguageHelper.getErrorString("webpages.index.login.notallowed", request)); + return Constants.STRUTS_ERROR; + } + + if (!dbuser.getPassword().equals(key)) { + log.warn("Username " + StringEscapeUtils.escapeHtml(dbuser.getUsername()) + " use a false password"); + addActionError(LanguageHelper.getErrorString("webpages.index.login.notallowed", request)); + return Constants.STRUTS_ERROR; + } + + // TODO: maybe remove this default value in a later version + boolean ismandateuser = false; + if (dbuser.isIsMandateUser() != null) { + ismandateuser = dbuser.isIsMandateUser(); + } + + final int sessionTimeOut = session.getMaxInactiveInterval(); + final Date sessionExpired = new Date(new Date().getTime() + + sessionTimeOut * Constants.ONE_MINUTE_IN_MILLIS); + + final AuthenticatedUser authuser = new AuthenticatedUser(dbuser, + true, + ismandateuser, + false, + dbuser.getHjid() + "dbID", + "username/password", + sessionExpired); + + // store user as authenticated user + final AuthenticationManager authManager = AuthenticationManager.getInstance(); + authManager.setActiveUser(authuser); + + final Date date = DateTimeHelper.parseDateTime(dbuser.getLastLogin()); + if (date != null) { + authuser.setLastLogin(date); + } + + dbuser.setLastLogin(DateTimeHelper.getDateTime(new Date())); + + try { + configuration.getUserManagement().saveOrUpdate(dbuser); + + } catch (final MOADatabaseException e) { + log.warn("UserDatabase communicaton error", e); + addActionError(LanguageHelper.getErrorString("error.login", request)); + return Constants.STRUTS_ERROR; + } finally { + } + + final HttpSession session = generateNewJSession(request); + session.setAttribute(Constants.SESSION_AUTH, authuser); + + return Constants.STRUTS_SUCCESS; + } + } + + public String pvp2login() { + + try { + populateBasicInformations(); + + } catch (final BasicActionException e) { + return Constants.STRUTS_ERROR; + + } + + final String method = request.getMethod(); + if (session == null) { + log.info("NO HTTP Session"); + return Constants.STRUTS_ERROR; + } + + final String authID = (String) session.getAttribute(Constants.SESSION_PVP2REQUESTID); + session.setAttribute(Constants.SESSION_PVP2REQUESTID, null); + + if (method.equals("POST")) { + + try { + pvp2LoginActiv = configuration.isPVP2LoginActive(); + + // Decode with HttpPost Binding + final HTTPPostDecoder decode = new HTTPPostDecoder(new BasicParserPool()); + final BasicSAMLMessageContext messageContext = + new BasicSAMLMessageContext<>(); + messageContext + .setInboundMessageTransport(new HttpServletRequestAdapter( + request)); + decode.decode(messageContext); + + final Response samlResponse = (Response) messageContext.getInboundMessage(); + + // ckeck InResponseTo matchs requestID + if (MiscUtil.isEmpty(authID)) { + log.info("NO AuthRequestID"); + return Constants.STRUTS_ERROR; + } + + if (!authID.equals(samlResponse.getInResponseTo())) { + log.warn("PVPRequestID does not match PVP2 Assertion ID!"); + return Constants.STRUTS_ERROR; + + } + + // check response destination + String serviceURL = configuration.getPublicUrlPreFix(request); + if (!serviceURL.endsWith("/")) { + serviceURL = serviceURL + "/"; + } + + final String responseDestination = samlResponse.getDestination(); + if (MiscUtil.isEmpty(responseDestination) || + !responseDestination.equals(serviceURL + Constants.SERVLET_PVP2ASSERTION)) { + log.warn("PVPResponse destination does not match requested destination"); + return Constants.STRUTS_ERROR; + } + + // check if response is signed + final Signature sign = samlResponse.getSignature(); + if (sign == null) { + log.info("Only http POST Requests can be used"); + addActionError(LanguageHelper.getErrorString("error.login", request)); + return Constants.STRUTS_ERROR; + } + + // validate signature + PVP2Utils.validateSignature(samlResponse, configuration); + + log.info("PVP2 Assertion is valid"); + + if (samlResponse.getStatus().getStatusCode().getValue().equals(StatusCode.SUCCESS_URI)) { + + List saml2assertions = + new ArrayList<>(); + + // check encrypted Assertion + final List encryAssertionList = samlResponse.getEncryptedAssertions(); + if (encryAssertionList != null && encryAssertionList.size() > 0) { + // decrypt assertions + + log.debug("Found encryped assertion. Start decryption ..."); + + final KeyStore keyStore = configuration.getPVP2KeyStore(); + + final X509Credential authDecCredential = new KeyStoreX509CredentialAdapter( + keyStore, + configuration.getPVP2KeystoreAuthRequestEncryptionKeyAlias(), + configuration.getPVP2KeystoreAuthRequestEncryptionKeyPassword().toCharArray()); + + final StaticKeyInfoCredentialResolver skicr = + new StaticKeyInfoCredentialResolver(authDecCredential); + + final ChainingEncryptedKeyResolver encryptedKeyResolver = new ChainingEncryptedKeyResolver(); + encryptedKeyResolver.getResolverChain().add(new InlineEncryptedKeyResolver()); + encryptedKeyResolver.getResolverChain().add(new EncryptedElementTypeEncryptedKeyResolver()); + encryptedKeyResolver.getResolverChain().add(new SimpleRetrievalMethodEncryptedKeyResolver()); + + final Decrypter samlDecrypter = + new Decrypter(null, skicr, encryptedKeyResolver); + + for (final EncryptedAssertion encAssertion : encryAssertionList) { + saml2assertions.add(samlDecrypter.decrypt(encAssertion)); + + } + + log.debug("Assertion decryption finished. "); + + } else { + saml2assertions = samlResponse.getAssertions(); + + } + + for (final org.opensaml.saml2.core.Assertion saml2assertion : saml2assertions) { + + final Conditions conditions = saml2assertion.getConditions(); + final DateTime notbefore = conditions.getNotBefore(); + final DateTime notafter = conditions.getNotOnOrAfter(); + if (notbefore.isAfterNow() || notafter.isBeforeNow()) { + log.warn("PVP2 Assertion is out of Date"); + return Constants.STRUTS_ERROR; + + } + + final Subject subject = saml2assertion.getSubject(); + if (subject == null) { + log.warn("Assertion has no Subject element"); + return Constants.STRUTS_ERROR; + + } + + final NameID nameID = subject.getNameID(); + if (nameID == null) { + log.warn("No NameID element in PVP2 assertion!"); + return Constants.STRUTS_ERROR; + } + + final String bpkwbpk = nameID.getNameQualifier() + "+" + nameID.getValue(); + + final int sessionTimeOut = session.getMaxInactiveInterval(); + final Date sessionExpired = new Date(new Date().getTime() + + sessionTimeOut * Constants.ONE_MINUTE_IN_MILLIS); + + // search user + final UserDatabase dbuser = configuration.getUserManagement().getUserWithUserBPKWBPK(bpkwbpk); + if (dbuser == null) { + log.info("No user found with bpk/wbpk " + bpkwbpk); + + // read PVP2 assertion attributes; + user = new UserDatabaseFrom(); + user.setActive(false); + user.setAdmin(false); + user.setBpk(bpkwbpk); + user.setIsusernamepasswordallowed(false); + user.setIsmandateuser(false); + user.setPVPGenerated(true); + + // loop through the nodes to get what we want + final List attributeStatements = saml2assertion.getAttributeStatements(); + for (final AttributeStatement attributeStatement : attributeStatements) { + final List attributes = attributeStatement.getAttributes(); + for (final Attribute attribute : attributes) { + final String strAttributeName = attribute.getDOM().getAttribute("Name"); + + if (strAttributeName.equals(PVPAttributeDefinitions.PRINCIPAL_NAME_NAME)) { + user.setFamilyName(attribute.getAttributeValues().get(0).getDOM().getFirstChild() + .getNodeValue()); + } + + if (strAttributeName.equals(PVPAttributeDefinitions.GIVEN_NAME_NAME)) { + user.setGivenName(attribute.getAttributeValues().get(0).getDOM().getFirstChild() + .getNodeValue()); + } + + if (strAttributeName.equals(PVPAttributeDefinitions.MANDATE_TYPE_NAME)) { + user.setIsmandateuser(true); + } + + if (strAttributeName.equals(PVPAttributeDefinitions.MANDATE_LEG_PER_FULL_NAME_NAME)) { + user.setInstitut(attribute.getAttributeValues().get(0).getDOM().getFirstChild() + .getNodeValue()); + } + } + } + + // create AuthUser data element + authUser = AuthenticatedUser.generateUserRequestUser(user, + nameID.getValue(), + nameID.getFormat(), + sessionExpired); + + // store user as authenticated user + final AuthenticationManager authManager = AuthenticationManager.getInstance(); + authManager.setActiveUser(authUser); + + // set Random value + formID = Random.nextRandom(); + session.setAttribute(Constants.SESSION_FORMID, formID); + session.setAttribute(Constants.SESSION_FORM, user); + session.setAttribute(Constants.SESSION_AUTH, authUser); + + return Constants.STRUTS_NEWUSER; + + } else { + if (!dbuser.isIsActive()) { + + if (!dbuser.isIsMailAddressVerified()) { + + formID = Random.nextRandom(); + session.setAttribute(Constants.SESSION_FORMID, formID); + + user = new UserDatabaseFrom(dbuser); + authUser = new AuthenticatedUser(dbuser, + false, + dbuser.isIsMandateUser(), + true, + nameID.getValue(), + nameID.getFormat(), + sessionExpired); + + // store user as authenticated user + final AuthenticationManager authManager = AuthenticationManager.getInstance(); + authManager.setActiveUser(authUser); + + session.setAttribute(Constants.SESSION_FORM, user); + session.setAttribute(Constants.SESSION_AUTH, authUser); + + return Constants.STRUTS_NEWUSER; + + } + + log.info("User with bpk/wbpk " + bpkwbpk + " is not active"); + addActionError(LanguageHelper.getErrorString("webpages.index.username.notactive", request)); + return Constants.STRUTS_ERROR; + } + + // TODO: maybe remove this default value in a later version + boolean ismandateuser = false; + if (dbuser.isIsMandateUser() != null) { + ismandateuser = dbuser.isIsMandateUser(); + } + + authUser = new AuthenticatedUser(dbuser, true, + ismandateuser, + true, + nameID.getValue(), + nameID.getFormat(), + sessionExpired); + + // store user as authenticated user + final AuthenticationManager authManager = AuthenticationManager.getInstance(); + authManager.setActiveUser(authUser); + + final Date date = DateTimeHelper.parseDateTime(dbuser.getLastLogin()); + if (date != null) { + authUser.setLastLogin(date); + } + + dbuser.setLastLogin(DateTimeHelper.getDateTime(new Date())); + + try { + configuration.getUserManagement().saveOrUpdate(dbuser); + + } catch (final MOADatabaseException e) { + log.warn("UserDatabase communicaton error", e); + addActionError(LanguageHelper.getErrorString("error.login", request)); + return Constants.STRUTS_ERROR; + } finally { + } + + final HttpSession newsession = generateNewJSession(request); + newsession.setAttribute(Constants.SESSION_AUTH, authUser); + return Constants.STRUTS_SUCCESS; + + } + } + + log.info("PVP2 Assertion was maybe not well formed, because no Assertion element could be found."); + addActionError(LanguageHelper.getErrorString("error.login.internal", request)); + return Constants.STRUTS_ERROR; + + } else { + log.info("Receive Error Assertion."); + addActionError(LanguageHelper.getErrorString("error.login", request)); + return Constants.STRUTS_ERROR; + } + + } catch (final Exception e) { + log.warn("An internal error occurs.", e); + addActionError(LanguageHelper.getErrorString("error.login.internal", request)); + return Constants.STRUTS_ERROR; + } + + } else { + log.info("Only http POST Requests can be used"); + addActionError(LanguageHelper.getErrorString("error.login.internal", request)); + return Constants.STRUTS_ERROR; + } + } + + public String requestNewUser() { + + try { + populateBasicInformations(); + + } catch (final BasicActionException e) { + return Constants.STRUTS_ERROR; + + } + + if (session == null) { + log.warn("No active Session found"); + return Constants.STRUTS_ERROR; + } + + final Object formidobj = session.getAttribute(Constants.SESSION_FORMID); + if (formidobj != null && formidobj instanceof String) { + final String formid = (String) formidobj; + if (!formid.equals(formID)) { + log.warn("FormIDs does not match. Some suspect Form is received from user " + + authUser.getFamilyName() + authUser.getGivenName() + authUser.getUserID()); + return Constants.STRUTS_ERROR; + } + } else { + log.warn("FormIDs does not match. Some suspect Form is received from user " + + authUser.getFamilyName() + authUser.getGivenName() + authUser.getUserID()); + return Constants.STRUTS_ERROR; + } + session.setAttribute(Constants.SESSION_FORMID, null); + + final Object sessionformobj = session.getAttribute(Constants.SESSION_FORM); + if (sessionformobj != null && sessionformobj instanceof UserDatabaseFrom) { + final UserDatabaseFrom sessionform = (UserDatabaseFrom) sessionformobj; + + final Object authUserObj = session.getAttribute(Constants.SESSION_AUTH); + authUser = (AuthenticatedUser) authUserObj; + + if (user == null) { + log.warn("No form transmited"); + return Constants.STRUTS_ERROR; + } + + // get UserID + final String useridobj = user.getUserID(); + long userID = -1; + if (MiscUtil.isEmpty(useridobj)) { + userID = -1; + + } else { + if (!ValidationHelper.validateOAID(useridobj)) { + log.warn("User with ID " + authUser.getUserID() + + " would access UserDatabase ID " + useridobj); + addActionError(LanguageHelper.getErrorString("errors.edit.user.notallowed", request)); + return Constants.STRUTS_ERROR; + } + userID = Long.valueOf(useridobj); + } + + String check; + if (!sessionform.isIsmandateuser()) { + check = user.getInstitut(); + if (MiscUtil.isNotEmpty(check)) { + if (ValidationHelper.containsNotValidCharacter(check, false)) { + log.warn("Organisation contains potentail XSS characters: " + StringEscapeUtils.escapeHtml( + check)); + addActionError(LanguageHelper.getErrorString("validation.edituser.institut.valid", + new Object[] { ValidationHelper.getNotValidCharacter(false) }, request)); + } + } else { + log.warn("Organisation is empty"); + addActionError(LanguageHelper.getErrorString("validation.edituser.institut.empty", request)); + } + } + + check = user.getMail(); + if (MiscUtil.isNotEmpty(check)) { + if (!ValidationHelper.isEmailAddressFormat(check)) { + log.warn("Mailaddress is not valid: " + StringEscapeUtils.escapeHtml(check)); + addActionError(LanguageHelper.getErrorString("validation.edituser.mail.valid", + new Object[] { ValidationHelper.getNotValidCharacter(false) }, request)); + } + } else { + log.warn("Mailaddress is empty"); + addActionError(LanguageHelper.getErrorString("validation.edituser.mail.empty", request)); + } + + check = user.getPhone(); + if (MiscUtil.isNotEmpty(check)) { + if (!ValidationHelper.validatePhoneNumber(check)) { + log.warn("No valid Phone Number: " + StringEscapeUtils.escapeHtml(check)); + addActionError(LanguageHelper.getErrorString("validation.edituser.phone.valid", + new Object[] { ValidationHelper.getNotValidCharacter(false) }, request)); + } + } else { + log.warn("Phonenumber is empty"); + addActionError(LanguageHelper.getErrorString("validation.edituser.phone.empty", request)); + } + + if (hasActionErrors()) { + log.info("Some form errors found. Send user back to form"); + + user.setPVPGenerated(true); + user.setFamilyName(sessionform.getFamilyName()); + user.setGivenName(sessionform.getGivenName()); + user.setIsmandateuser(sessionform.isIsmandateuser()); + user.setBpk(sessionform.getBpk()); + + if (sessionform.isIsmandateuser()) { + user.setInstitut(sessionform.getInstitut()); + } + + formID = Random.nextRandom(); + session.setAttribute(Constants.SESSION_FORMID, formID); + + return Constants.STRUTS_NEWUSER; + } + + UserDatabase dbuser; + + if (userID < 0) { + dbuser = new UserDatabase(); + dbuser.setBpk(sessionform.getBpk()); + dbuser.setFamilyname(sessionform.getFamilyName()); + dbuser.setGivenname(sessionform.getGivenName()); + + if (sessionform.isIsmandateuser()) { + dbuser.setInstitut(sessionform.getInstitut()); + } else { + dbuser.setInstitut(user.getInstitut()); + } + + dbuser.setIsPVP2Generated(true); + dbuser.setLastLogin(DateTimeHelper.getDateTime(new Date())); + dbuser.setIsActive(false); + dbuser.setIsAdmin(false); + dbuser.setIsMandateUser(sessionform.isIsmandateuser()); + dbuser.setIsUsernamePasswordAllowed(false); + + } else { + dbuser = configuration.getUserManagement().getUserWithID(userID); + } + + dbuser.setMail(user.getMail()); + dbuser.setPhone(user.getPhone()); + dbuser.setIsAdminRequest(true); + dbuser.setIsMailAddressVerified(false); + dbuser.setUserRequestTokken(Random.nextRandom()); + + try { + configuration.getUserManagement().saveOrUpdate(dbuser); + + MailHelper.sendUserMailAddressVerification(dbuser); + + } catch (final MOADatabaseException e) { + log.warn("New UserRequest can not be stored in database", e); + return Constants.STRUTS_ERROR; + + } catch (final ConfigurationException e) { + log.warn("Sending of mailaddress verification mail failed.", e); + addActionError(LanguageHelper.getErrorString("error.mail.send", request)); + return Constants.STRUTS_NEWUSER; + } + + finally { + session.setAttribute(Constants.SESSION_FORM, null); + session.setAttribute(Constants.SESSION_AUTH, null); + } + + addActionMessage(LanguageHelper.getGUIString("webpages.edituser.changemailaddress.verify", request)); + + session.invalidate(); + + return Constants.STRUTS_SUCCESS; + + } else { + log.warn("No SessionForm found"); + return Constants.STRUTS_ERROR; + } + + } + + public String mailAddressVerification() { + + try { + populateBasicInformations(); + + } catch (final BasicActionException e) { + return Constants.STRUTS_ERROR; + + } + + String userrequesttokken = request.getParameter(Constants.REQUEST_USERREQUESTTOKKEN); + if (MiscUtil.isNotEmpty(userrequesttokken)) { + + userrequesttokken = StringEscapeUtils.escapeHtml(userrequesttokken); + + try { + Long.parseLong(userrequesttokken); + + } catch (final NumberFormatException e) { + log.warn("Verificationtokken has no number format."); + return Constants.STRUTS_ERROR; + } + + final UserDatabase dbuser = configuration.getUserManagement().getNewUserWithTokken(userrequesttokken); + if (dbuser != null) { + dbuser.setUserRequestTokken(null); + dbuser.setIsMailAddressVerified(true); + + if (dbuser.isIsActive()) { + dbuser.setIsAdminRequest(false); + } + + try { + configuration.getUserManagement().saveOrUpdate(dbuser); + + int numoas = 0; + int numusers = 0; + + final List openOAs = configuration.getDbRead().getAllNewOnlineApplications(); + if (openOAs != null) { + numoas = openOAs.size(); + } + + final List openUsers = configuration.getUserManagement().getAllNewUsers(); + if (openUsers != null) { + numusers = openUsers.size(); + } + + if (numusers > 0 || numoas > 0) { + MailHelper.sendAdminMail(numoas, numusers); + } + + } catch (final MOADatabaseException e) { + log.warn("Userinformation can not be stored in Database.", e); + addActionError(LanguageHelper.getErrorString("error.mail.verification", request)); + + } catch (final ConfigurationException e) { + log.warn("Send mail to admin failed.", e); + } + + finally { + } + + addActionMessage(LanguageHelper.getGUIString("validation.newuser.mailaddress", request)); + return Constants.STRUTS_SUCCESS; + } + } + + return Constants.STRUTS_ERROR; + } + + public String logout() { + final HttpSession session = request.getSession(false); + + if (session != null) { + if (MiscUtil.isNotEmpty((String) session.getAttribute(Constants.SESSION_SLOSUCCESS))) { + addActionMessage((String) session.getAttribute(Constants.SESSION_SLOSUCCESS)); + } + + if (MiscUtil.isNotEmpty((String) session.getAttribute(Constants.SESSION_SLOERROR))) { + addActionError((String) session.getAttribute(Constants.SESSION_SLOERROR)); + } + + session.invalidate(); + + } + + return Constants.STRUTS_SUCCESS; + } + + private HttpSession generateNewJSession(HttpServletRequest request) { + HttpSession session = request.getSession(false); + + if (session != null) { + + final HashMap attributes = new HashMap<>(); + + final Enumeration enames = session.getAttributeNames(); + while (enames.hasMoreElements()) { + final String name = enames.nextElement(); + if (!name.equals("JSESSIONID")) { + attributes.put(name, session.getAttribute(name)); + } + } + session.invalidate(); + + session = request.getSession(true); + for (final Entry et : attributes.entrySet()) { + session.setAttribute(et.getKey(), et.getValue()); + } + + } else { + session = request.getSession(true); + } + + return session; + } + + /** + * @return the password + */ + public String getPassword() { + return password; + } + + /** + * @param password the password to set + */ + public void setPassword(String password) { + this.password = password; + } + + /** + * @return the username + */ + public String getUsername() { + return username; + } + + /** + * @param username the username to set + */ + public void setUsername(String username) { + this.username = username; + } + + /** + * @return the user + */ + public UserDatabaseFrom getUser() { + return user; + } + + /** + * @param user the user to set + */ + public void setUser(UserDatabaseFrom user) { + this.user = user; + } + + /** + * @return the ssologouturl + */ + public String getSsologouturl() { + return ssologouturl; + } + + /** + * @return the formID + */ + @Override + public String getFormID() { + return formID; + } + + /** + * @param formID the formID to set + */ + @Override + public void setFormID(String formID) { + this.formID = formID; + } + + /** + * @return the pvp2LoginActiv + */ + public boolean isPvp2LoginActiv() { + return pvp2LoginActiv; + } + } diff --git a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/struts/action/InterfederationIDPAction.java b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/struts/action/InterfederationIDPAction.java index 180f32235..3918dfc16 100644 --- a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/struts/action/InterfederationIDPAction.java +++ b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/struts/action/InterfederationIDPAction.java @@ -25,8 +25,6 @@ package at.gv.egovernment.moa.id.configuration.struts.action; import java.util.ArrayList; import java.util.List; -import org.apache.log4j.Logger; - import at.gv.egiz.eaaf.core.impl.utils.Random; import at.gv.egovernment.moa.id.commons.db.dao.config.deprecated.AttributeProviderPlugin; import at.gv.egovernment.moa.id.commons.db.dao.config.deprecated.IdentificationNumber; @@ -46,438 +44,444 @@ import at.gv.egovernment.moa.id.configuration.exception.BasicActionException; import at.gv.egovernment.moa.id.configuration.exception.BasicOAActionException; import at.gv.egovernment.moa.id.configuration.helper.FormDataHelper; import at.gv.egovernment.moa.id.configuration.helper.LanguageHelper; +import lombok.extern.slf4j.Slf4j; /** * @author tlenz * */ +@Slf4j public class InterfederationIDPAction extends BasicOAAction { - private static final Logger log = Logger.getLogger(InterfederationIDPAction.class); - private static final long serialVersionUID = 2879192135387083131L; - - public static final String STRUTS_IDP_VIDP = "-VIDP"; - public static final String STRUTS_IDP_MOA = "-MOAIDP"; - public static final String STRUTS_IDP_GATEWAY = "-IDPGATEWAY"; - - private List formOAs; - - private String interfederationType; - - public InterfederationIDPAction() { - super(); - - } - - public String listAllIDPs() { - try { - populateBasicInformations(); - - if (authUser.isAdmin()) { - List dbOAs = configuration.getDbRead().getAllOnlineApplications(); - - if (dbOAs == null || dbOAs.size() == 0) { - addActionError(LanguageHelper.getErrorString("errors.listOAs.noOA", request)); - - } else { - formOAs = FormDataHelper.populateFormWithInderfederationIDPs(dbOAs); - } - - session.setAttribute(Constants.SESSION_RETURNAREA, - Constants.STRUTS_RETURNAREA_VALUES.main.name()); - - return Constants.STRUTS_SUCCESS; - - } else { - log.warn("User with ID " + authUser.getUserID() + " not allowed to manage interfederation IDPs."); - addActionError(LanguageHelper.getErrorString("errors.notallowed", request)); - return Constants.STRUTS_NOTALLOWED; - } - - } catch (BasicActionException e) { - return Constants.STRUTS_ERROR; - - } finally { - - } - } - - public String newIDP() { - log.debug("insert new interfederation IDP"); - - try { - populateBasicInformations(); - - if (!authUser.isAdmin()) { - log.warn("User with ID " + authUser.getUserID() + " not allowed to manage interfederation IDPs."); - addActionError(LanguageHelper.getErrorString("errors.notallowed", request)); - return Constants.STRUTS_NOTALLOWED; - } - - populateBasicNewOnlineApplicationInformation(); - - if (STRUTS_IDP_MOA.equals(interfederationType)) { - formList.putAll(MOAIDPAction.buildMOAIDPFormList()); - - } else if (STRUTS_IDP_GATEWAY.equals(interfederationType)) { - formList.putAll(IDPGatewayAction.buildIDPGatewayFormList()); - - } else if (STRUTS_IDP_VIDP.equals(interfederationType)) { - formList.putAll(VIDPAction.buildVIDPFormList()); - getStorkOA().setVidpEnabled(true); - getStorkOA().getAttributeProviderPlugins().add(new AttributeProviderPlugin()); - session.setAttribute(Constants.SESSION_BKUFORMPREVIEW, getFormOA().getFormMap()); - - } else { - log.warn("Unkown interfederation IDP type"); - addActionError("Unkown interfederation IDP type"); - return Constants.STRUTS_ERROR; - } - - - - } catch (BasicActionException e) { - return Constants.STRUTS_ERROR; - - } finally { - - } - - return Constants.STRUTS_OA_EDIT + interfederationType; - - } - - public String loadIDPInformation() { - try { - populateBasicInformations(); - - if (!authUser.isAdmin()) { - log.warn("User with ID " + authUser.getUserID() + " not allowed to manage interfederation IDPs."); - addActionError(LanguageHelper.getErrorString("errors.notallowed", request)); - return Constants.STRUTS_NOTALLOWED; - } - - OnlineApplication oa = populateOnlineApplicationFromRequest(); - - if (oa.isIsInterfederationIDP() != null - && oa.isIsInterfederationIDP()) { - - formList.putAll(MOAIDPAction.buildMOAIDPFormList()); - interfederationType = STRUTS_IDP_MOA; - - } else if (oa.getAuthComponentOA().getOASTORK() != null - && oa.getAuthComponentOA().getOASTORK().isVidpEnabled() != null - && oa.getAuthComponentOA().getOASTORK().isVidpEnabled()) { - - formList.putAll(VIDPAction.buildVIDPFormList()); - if (getStorkOA().getAttributeProviderPlugins() == null || - getStorkOA().getAttributeProviderPlugins().size() == 0) - getStorkOA().getAttributeProviderPlugins().add(new AttributeProviderPlugin()); - interfederationType = STRUTS_IDP_VIDP; - - } else if (oa.isIsInterfederationGateway() != null && oa.isIsInterfederationGateway()) { - formList.putAll(IDPGatewayAction.buildIDPGatewayFormList()); - interfederationType = STRUTS_IDP_GATEWAY; - - } else { - log.warn("Requested application is not an interfederation IDP."); - return Constants.STRUTS_NOTALLOWED; - } - - parseOAToForm(oa); - return Constants.STRUTS_SUCCESS + interfederationType; - - - } catch (BasicActionException e) { - return Constants.STRUTS_ERROR; - - } catch (BasicOAActionException e) { - addActionError(e.getStrutsError()); - return e.getStrutsReturnValue(); - - } finally { - - } - } - - public String saveIDP() { - - OnlineApplication onlineapplication= null; - - try { - populateBasicInformations(); - - if (!authUser.isAdmin()) { - log.warn("User with ID " + authUser.getUserID() + " not allowed to manage interfederation IDPs."); - addActionError(LanguageHelper.getErrorString("errors.notallowed", request)); - return Constants.STRUTS_NOTALLOWED; - } - - onlineapplication = preProcessSaveOnlineApplication(); - - if ( onlineapplication != null && - !((onlineapplication.isIsInterfederationIDP() != null && onlineapplication.isIsInterfederationIDP()) || - (onlineapplication.isIsInterfederationGateway() != null && onlineapplication.isIsInterfederationGateway()) || - (onlineapplication.getAuthComponentOA().getOASTORK() != null - && onlineapplication.getAuthComponentOA().getOASTORK().isVidpEnabled() != null - && onlineapplication.getAuthComponentOA().getOASTORK().isVidpEnabled()))) { - log.warn("IDP which should be stored is not of type interfederation IDP."); - addActionError("IDP which should be stored is not of type MOA-ID interfederation IDP."); - return Constants.STRUTS_ERROR; - - } - - List errors = new ArrayList(); - - //validate forms - for (IOnlineApplicationData form : formList.values()) - errors.addAll(form.validate(getGeneralOA(), authUser, request)); - - - if (getPvp2OA() != null) { - boolean publicServiceAllowed = ValidationHelper.isPublicServiceAllowed(getPvp2OA().getMetaDataURL()); - if (!publicServiceAllowed && !getGeneralOA().isBusinessService()) { - log.info("Metadata URL " + getPvp2OA().getMetaDataURL() + " does not allow PublicService."); - errors.add(LanguageHelper.getErrorString("validation.interfederation.moaidp.metadataurl.publicservice", - new Object[] {getPvp2OA().getMetaDataURL()}, request )); - getGeneralOA().setBusinessService(true); - - } - } - - - if (errors.size() > 0) { - log.info("IDP-Configuration with ID " + getGeneralOA().getIdentifier() + " has some errors."); - for (String el : errors) - addActionError(el); - - formID = Random.nextRandom(); - session.setAttribute(Constants.SESSION_FORMID, formID); - return Constants.STRUTS_ERROR_VALIDATION; - - } else { - onlineapplication = postProcessSaveOnlineApplication(onlineapplication, - !(this instanceof MOAIDPAction)); - - //set default Target interfederated nameID caluclation - if (getPvp2OA() != null) { - if (getGeneralOA().isBusinessService()) { - IdentificationNumber businessID = onlineapplication.getAuthComponentOA().getIdentificationNumber(); - if (businessID == null) { - businessID = new IdentificationNumber(); - onlineapplication.getAuthComponentOA().setIdentificationNumber(businessID); - } - businessID.setValue(Constants.PREFIX_WPBK + "MOA-IDP+MOA-IDP"); - } else - onlineapplication.setTarget("MOA-IDP"); - - try { - save(onlineapplication); - - } catch (MOADatabaseException e) { - log.warn("Online-Application can not be stored.", e); - return LanguageHelper.getErrorString("error.db.oa.store", request); - } - } - } - - //remove session attributes - session.setAttribute(Constants.SESSION_OAID, null); - - addActionMessage(LanguageHelper.getGUIString("webpages.idp.success", getGeneralOA().getIdentifier(), request)); - return Constants.STRUTS_SUCCESS; - - - } catch (BasicActionException e) { - return Constants.STRUTS_ERROR; - - } catch (BasicOAActionException e) { - addActionError(e.getStrutsError()); - return e.getStrutsReturnValue(); - - } finally { - - } - } - - public String cancleAndBackIDP() { - try { - populateBasicInformations(); - - if (!authUser.isAdmin()) { - log.warn("User with ID " + authUser.getUserID() + " not allowed to manage interfederation IDPs."); - addActionError(LanguageHelper.getErrorString("errors.notallowed", request)); - return Constants.STRUTS_NOTALLOWED; - } - - session.setAttribute(Constants.SESSION_OAID, null); - addActionMessage(LanguageHelper.getGUIString("webpages.idp.cancle", getGeneralOA().getIdentifier(), request)); - - return Constants.STRUTS_SUCCESS; - - } catch (BasicActionException e) { - return Constants.STRUTS_ERROR; - - } finally { - - } - } - - public String deleteIDP() { - String oaidentifier = null; - try { - populateBasicInformations(); - - if (!authUser.isAdmin()) { - log.warn("User with ID " + authUser.getUserID() + " not allowed to manage interfederation IDPs."); - addActionError(LanguageHelper.getErrorString("errors.notallowed", request)); - return Constants.STRUTS_NOTALLOWED; - } - - oaidentifier = preProcessDeleteOnlineApplication(); - - session.setAttribute(Constants.SESSION_OAID, null); - OnlineApplication onlineapplication = configuration.getDbRead().getOnlineApplication(oaidentifier); - + + private static final long serialVersionUID = 2879192135387083131L; + + public static final String STRUTS_IDP_VIDP = "-VIDP"; + public static final String STRUTS_IDP_MOA = "-MOAIDP"; + public static final String STRUTS_IDP_GATEWAY = "-IDPGATEWAY"; + + private List formOAs; + + private String interfederationType; + + public InterfederationIDPAction() { + super(); + + } + + public String listAllIDPs() { + try { + populateBasicInformations(); + + if (authUser.isAdmin()) { + final List dbOAs = configuration.getDbRead().getAllOnlineApplications(); + + if (dbOAs == null || dbOAs.size() == 0) { + addActionError(LanguageHelper.getErrorString("errors.listOAs.noOA", request)); + + } else { + formOAs = FormDataHelper.populateFormWithInderfederationIDPs(dbOAs); + } + + session.setAttribute(Constants.SESSION_RETURNAREA, + Constants.STRUTS_RETURNAREA_VALUES.main.name()); + + return Constants.STRUTS_SUCCESS; + + } else { + log.warn("User with ID " + authUser.getUserID() + " not allowed to manage interfederation IDPs."); + addActionError(LanguageHelper.getErrorString("errors.notallowed", request)); + return Constants.STRUTS_NOTALLOWED; + } + + } catch (final BasicActionException e) { + return Constants.STRUTS_ERROR; + + } finally { + + } + } + + public String newIDP() { + log.debug("insert new interfederation IDP"); + + try { + populateBasicInformations(); + + if (!authUser.isAdmin()) { + log.warn("User with ID " + authUser.getUserID() + " not allowed to manage interfederation IDPs."); + addActionError(LanguageHelper.getErrorString("errors.notallowed", request)); + return Constants.STRUTS_NOTALLOWED; + } + + populateBasicNewOnlineApplicationInformation(); + + if (STRUTS_IDP_MOA.equals(interfederationType)) { + formList.putAll(MOAIDPAction.buildMOAIDPFormList()); + + } else if (STRUTS_IDP_GATEWAY.equals(interfederationType)) { + formList.putAll(IDPGatewayAction.buildIDPGatewayFormList()); + + } else if (STRUTS_IDP_VIDP.equals(interfederationType)) { + formList.putAll(VIDPAction.buildVIDPFormList()); + getStorkOA().setVidpEnabled(true); + getStorkOA().getAttributeProviderPlugins().add(new AttributeProviderPlugin()); + session.setAttribute(Constants.SESSION_BKUFORMPREVIEW, getFormOA().getFormMap()); + + } else { + log.warn("Unkown interfederation IDP type"); + addActionError("Unkown interfederation IDP type"); + return Constants.STRUTS_ERROR; + } + + } catch (final BasicActionException e) { + return Constants.STRUTS_ERROR; + + } finally { + + } + + return Constants.STRUTS_OA_EDIT + interfederationType; + + } + + public String loadIDPInformation() { + try { + populateBasicInformations(); + + if (!authUser.isAdmin()) { + log.warn("User with ID " + authUser.getUserID() + " not allowed to manage interfederation IDPs."); + addActionError(LanguageHelper.getErrorString("errors.notallowed", request)); + return Constants.STRUTS_NOTALLOWED; + } + + final OnlineApplication oa = populateOnlineApplicationFromRequest(); + + if (oa.isIsInterfederationIDP() != null + && oa.isIsInterfederationIDP()) { + + formList.putAll(MOAIDPAction.buildMOAIDPFormList()); + interfederationType = STRUTS_IDP_MOA; + + } else if (oa.getAuthComponentOA().getOASTORK() != null + && oa.getAuthComponentOA().getOASTORK().isVidpEnabled() != null + && oa.getAuthComponentOA().getOASTORK().isVidpEnabled()) { + + formList.putAll(VIDPAction.buildVIDPFormList()); + if (getStorkOA().getAttributeProviderPlugins() == null || + getStorkOA().getAttributeProviderPlugins().size() == 0) { + getStorkOA().getAttributeProviderPlugins().add(new AttributeProviderPlugin()); + } + interfederationType = STRUTS_IDP_VIDP; + + } else if (oa.isIsInterfederationGateway() != null && oa.isIsInterfederationGateway()) { + formList.putAll(IDPGatewayAction.buildIDPGatewayFormList()); + interfederationType = STRUTS_IDP_GATEWAY; + + } else { + log.warn("Requested application is not an interfederation IDP."); + return Constants.STRUTS_NOTALLOWED; + } + + parseOAToForm(oa); + return Constants.STRUTS_SUCCESS + interfederationType; + + } catch (final BasicActionException e) { + return Constants.STRUTS_ERROR; + + } catch (final BasicOAActionException e) { + addActionError(e.getStrutsError()); + return e.getStrutsReturnValue(); + + } finally { + + } + } + + public String saveIDP() { + + OnlineApplication onlineapplication = null; + + try { + populateBasicInformations(); + + if (!authUser.isAdmin()) { + log.warn("User with ID " + authUser.getUserID() + " not allowed to manage interfederation IDPs."); + addActionError(LanguageHelper.getErrorString("errors.notallowed", request)); + return Constants.STRUTS_NOTALLOWED; + } + + onlineapplication = preProcessSaveOnlineApplication(); + + if (onlineapplication != null && + !(onlineapplication.isIsInterfederationIDP() != null && onlineapplication.isIsInterfederationIDP() + || + onlineapplication.isIsInterfederationGateway() != null && onlineapplication + .isIsInterfederationGateway() || + onlineapplication.getAuthComponentOA().getOASTORK() != null + && onlineapplication.getAuthComponentOA().getOASTORK().isVidpEnabled() != null + && onlineapplication.getAuthComponentOA().getOASTORK().isVidpEnabled())) { + log.warn("IDP which should be stored is not of type interfederation IDP."); + addActionError("IDP which should be stored is not of type MOA-ID interfederation IDP."); + return Constants.STRUTS_ERROR; + + } + + final List errors = new ArrayList<>(); + + // validate forms + for (final IOnlineApplicationData form : formList.values()) { + errors.addAll(form.validate(getGeneralOA(), authUser, request)); + } + + if (getPvp2OA() != null) { + final boolean publicServiceAllowed = ValidationHelper.isPublicServiceAllowed(getPvp2OA() + .getMetaDataURL()); + if (!publicServiceAllowed && !getGeneralOA().isBusinessService()) { + log.info("Metadata URL " + getPvp2OA().getMetaDataURL() + " does not allow PublicService."); + errors.add(LanguageHelper.getErrorString( + "validation.interfederation.moaidp.metadataurl.publicservice", + new Object[] { getPvp2OA().getMetaDataURL() }, request)); + getGeneralOA().setBusinessService(true); + + } + } + + if (errors.size() > 0) { + log.info("IDP-Configuration with ID " + getGeneralOA().getIdentifier() + " has some errors."); + for (final String el : errors) { + addActionError(el); + } + + formID = Random.nextRandom(); + session.setAttribute(Constants.SESSION_FORMID, formID); + return Constants.STRUTS_ERROR_VALIDATION; + + } else { + onlineapplication = postProcessSaveOnlineApplication(onlineapplication, + !(this instanceof MOAIDPAction)); + + // set default Target interfederated nameID caluclation + if (getPvp2OA() != null) { + if (getGeneralOA().isBusinessService()) { + IdentificationNumber businessID = onlineapplication.getAuthComponentOA() + .getIdentificationNumber(); + if (businessID == null) { + businessID = new IdentificationNumber(); + onlineapplication.getAuthComponentOA().setIdentificationNumber(businessID); + } + businessID.setValue(Constants.PREFIX_WPBK + "MOA-IDP+MOA-IDP"); + } else { + onlineapplication.setTarget("MOA-IDP"); + } + + try { + save(onlineapplication); + + } catch (final MOADatabaseException e) { + log.warn("Online-Application can not be stored.", e); + return LanguageHelper.getErrorString("error.db.oa.store", request); + } + } + } + + // remove session attributes + session.setAttribute(Constants.SESSION_OAID, null); + + addActionMessage(LanguageHelper.getGUIString("webpages.idp.success", getGeneralOA().getIdentifier(), + request)); + return Constants.STRUTS_SUCCESS; + + } catch (final BasicActionException e) { + return Constants.STRUTS_ERROR; + + } catch (final BasicOAActionException e) { + addActionError(e.getStrutsError()); + return e.getStrutsReturnValue(); + + } finally { + + } + } + + public String cancleAndBackIDP() { + try { + populateBasicInformations(); + + if (!authUser.isAdmin()) { + log.warn("User with ID " + authUser.getUserID() + " not allowed to manage interfederation IDPs."); + addActionError(LanguageHelper.getErrorString("errors.notallowed", request)); + return Constants.STRUTS_NOTALLOWED; + } + + session.setAttribute(Constants.SESSION_OAID, null); + addActionMessage(LanguageHelper.getGUIString("webpages.idp.cancle", getGeneralOA().getIdentifier(), + request)); + + return Constants.STRUTS_SUCCESS; + + } catch (final BasicActionException e) { + return Constants.STRUTS_ERROR; + + } finally { + + } + } + + public String deleteIDP() { + String oaidentifier = null; + try { + populateBasicInformations(); + + if (!authUser.isAdmin()) { + log.warn("User with ID " + authUser.getUserID() + " not allowed to manage interfederation IDPs."); + addActionError(LanguageHelper.getErrorString("errors.notallowed", request)); + return Constants.STRUTS_NOTALLOWED; + } + + oaidentifier = preProcessDeleteOnlineApplication(); + + session.setAttribute(Constants.SESSION_OAID, null); + final OnlineApplication onlineapplication = configuration.getDbRead().getOnlineApplication( + oaidentifier); + // try { // if (onlineapplication.getAuthComponentOA().getOAPVP2() != null && // MiscUtil.isNotEmpty(onlineapplication.getAuthComponentOA().getOAPVP2().getMetadataURL())) { // MOAIDConfiguration moaconfig = configuration.getDbRead().getMOAIDConfiguration(); // moaconfig.setPvp2RefreshItem(new Date()); // ConfigurationDBUtils.saveOrUpdate(moaconfig); -// +// // } // } catch (Throwable e) { // log.info("Found no MetadataURL in OA-Databaseconfig!", e); // } - - if (delete(onlineapplication)) { - addActionMessage(LanguageHelper.getGUIString("webpages.oaconfig.delete.message", oaidentifier, request)); - return Constants.STRUTS_SUCCESS; - - } else { - addActionError(LanguageHelper.getGUIString("webpages.oaconfig.delete.error", oaidentifier, request)); - return Constants.STRUTS_SUCCESS; - } - - } catch (BasicActionException e) { - return Constants.STRUTS_ERROR; - - } catch (BasicOAActionException e) { - addActionError(e.getStrutsError()); - return e.getStrutsReturnValue(); - - } finally { - - } - - } - - /** - * @param oa - */ - private void parseOAToForm(OnlineApplication oa) { - List errors = new ArrayList(); - for (IOnlineApplicationData form : formList.values()) { - List error = form.parse(oa, authUser, request); - if (error != null) - errors.addAll(error); - } - if (errors.size() > 0) { - for (String el : errors) - addActionError(el); - } - setNewOA(false); - + if (delete(onlineapplication)) { + addActionMessage(LanguageHelper.getGUIString("webpages.oaconfig.delete.message", oaidentifier, + request)); + return Constants.STRUTS_SUCCESS; - formID = Random.nextRandom(); - session.setAttribute(Constants.SESSION_FORMID, formID); - session.setAttribute(Constants.SESSION_OAID, oaid); - } - - /** - * @return the formOAs - */ - public List getFormOAs() { - return formOAs; - } - - public OAMOAIDPInterfederationConfig getMoaIDP() { - return (OAMOAIDPInterfederationConfig) formList.get(new OAMOAIDPInterfederationConfig().getName()); - } + } else { + addActionError(LanguageHelper.getGUIString("webpages.oaconfig.delete.error", oaidentifier, request)); + return Constants.STRUTS_SUCCESS; + } - public void setMoaIDP(OAMOAIDPInterfederationConfig pvp2oa) { - formList.put(pvp2oa.getName(), pvp2oa); - } + } catch (final BasicActionException e) { + return Constants.STRUTS_ERROR; - public PVPGatewayInterfederationConfig getPVPGateway() { - return (PVPGatewayInterfederationConfig) formList.get(new PVPGatewayInterfederationConfig().getName()); - } - - public void setPVPGateway(PVPGatewayInterfederationConfig val) { - formList.put(val.getName(), val); - } - - /** - * @return the formOA - */ - public OATargetConfiguration getTargetConfig() { - return (OATargetConfiguration) formList.get(new OATargetConfiguration().getName()); - } + } catch (final BasicOAActionException e) { + addActionError(e.getStrutsError()); + return e.getStrutsReturnValue(); - /** - * @param formOA the formOA to set - */ - public void setTargetConfig(OATargetConfiguration formOA) { - formList.put(formOA.getName(), formOA); - } - - /** - * @return the formOA - */ - public FormularCustomization getFormOA() { - return (FormularCustomization) formList.get(new FormularCustomization(null).getName()); - } + } finally { - /** - * @param formOA the formOA to set - */ - public void setFormOA(FormularCustomization formOA) { - formList.put(formOA.getName(), formOA); - } - - public OASTORKConfig getStorkOA() { - return (OASTORKConfig) formList.get(new OASTORKConfig().getName()); } - public void setStorkOA(OASTORKConfig storkOA) { - formList.put(storkOA.getName(), storkOA); + } + + /** + * @param oa + */ + private void parseOAToForm(OnlineApplication oa) { + final List errors = new ArrayList<>(); + for (final IOnlineApplicationData form : formList.values()) { + final List error = form.parse(oa, authUser, request); + if (error != null) { + errors.addAll(error); + } } - - - public OAAuthenticationData getAuthOA() { - return (OAAuthenticationData) formList.get(new OAAuthenticationData().getName()); + if (errors.size() > 0) { + for (final String el : errors) { + addActionError(el); + } } - public void setAuthOA(OAAuthenticationData generalOA) { - formList.put(generalOA.getName(), generalOA); - } - - - /** - * @return the interfederationType - */ - public String getInterfederationType() { - return interfederationType; - } - - /** - * @param interfederationType the interfederationType to set - */ - public void setInterfederationType(String interfederationType) { - this.interfederationType = interfederationType; - } - - - + setNewOA(false); + + formID = Random.nextRandom(); + session.setAttribute(Constants.SESSION_FORMID, formID); + session.setAttribute(Constants.SESSION_OAID, oaid); + } + + /** + * @return the formOAs + */ + public List getFormOAs() { + return formOAs; + } + + public OAMOAIDPInterfederationConfig getMoaIDP() { + return (OAMOAIDPInterfederationConfig) formList.get(new OAMOAIDPInterfederationConfig().getName()); + } + + public void setMoaIDP(OAMOAIDPInterfederationConfig pvp2oa) { + formList.put(pvp2oa.getName(), pvp2oa); + } + + public PVPGatewayInterfederationConfig getPVPGateway() { + return (PVPGatewayInterfederationConfig) formList.get(new PVPGatewayInterfederationConfig().getName()); + } + + public void setPVPGateway(PVPGatewayInterfederationConfig val) { + formList.put(val.getName(), val); + } + + /** + * @return the formOA + */ + public OATargetConfiguration getTargetConfig() { + return (OATargetConfiguration) formList.get(new OATargetConfiguration().getName()); + } + + /** + * @param formOA the formOA to set + */ + public void setTargetConfig(OATargetConfiguration formOA) { + formList.put(formOA.getName(), formOA); + } + + /** + * @return the formOA + */ + public FormularCustomization getFormOA() { + return (FormularCustomization) formList.get(new FormularCustomization(null).getName()); + } + + /** + * @param formOA the formOA to set + */ + public void setFormOA(FormularCustomization formOA) { + formList.put(formOA.getName(), formOA); + } + + public OASTORKConfig getStorkOA() { + return (OASTORKConfig) formList.get(new OASTORKConfig().getName()); + } + + public void setStorkOA(OASTORKConfig storkOA) { + formList.put(storkOA.getName(), storkOA); + } + + public OAAuthenticationData getAuthOA() { + return (OAAuthenticationData) formList.get(new OAAuthenticationData().getName()); + } + + public void setAuthOA(OAAuthenticationData generalOA) { + formList.put(generalOA.getName(), generalOA); + } + + /** + * @return the interfederationType + */ + public String getInterfederationType() { + return interfederationType; + } + + /** + * @param interfederationType the interfederationType to set + */ + public void setInterfederationType(String interfederationType) { + this.interfederationType = interfederationType; + } + } diff --git a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/struts/action/ListOAsAction.java b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/struts/action/ListOAsAction.java index ca018d5b0..11be61bb6 100644 --- a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/struts/action/ListOAsAction.java +++ b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/struts/action/ListOAsAction.java @@ -25,179 +25,162 @@ package at.gv.egovernment.moa.id.configuration.struts.action; import java.util.ArrayList; import java.util.List; -import javax.servlet.http.HttpServletRequest; -import javax.servlet.http.HttpServletResponse; -import javax.servlet.http.HttpSession; - -import org.apache.log4j.Logger; -import org.apache.struts2.interceptor.ServletRequestAware; -import org.apache.struts2.interceptor.ServletResponseAware; - -import com.opensymphony.xwork2.ActionSupport; - -import at.gv.egovernment.moa.id.commons.db.dao.config.deprecated.OnlineApplication; import at.gv.egovernment.moa.id.commons.db.dao.config.UserDatabase; +import at.gv.egovernment.moa.id.commons.db.dao.config.deprecated.OnlineApplication; import at.gv.egovernment.moa.id.commons.validation.ValidationHelper; import at.gv.egovernment.moa.id.config.webgui.exception.ConfigurationException; import at.gv.egovernment.moa.id.configuration.Constants; -import at.gv.egovernment.moa.id.configuration.auth.AuthenticatedUser; import at.gv.egovernment.moa.id.configuration.data.OAListElement; import at.gv.egovernment.moa.id.configuration.exception.BasicActionException; import at.gv.egovernment.moa.id.configuration.helper.FormDataHelper; import at.gv.egovernment.moa.id.configuration.helper.LanguageHelper; import at.gv.egovernment.moa.util.MiscUtil; +import lombok.extern.slf4j.Slf4j; +@Slf4j public class ListOAsAction extends BasicAction { - - private final Logger log = Logger.getLogger(ListOAsAction.class); - - private static final long serialVersionUID = 1L; - - private List formOAs; - private String friendlyname; - - public ListOAsAction() throws ConfigurationException { + + private static final long serialVersionUID = 1L; + + private List formOAs; + private String friendlyname; + + public ListOAsAction() throws ConfigurationException { // configuration = ConfigurationProvider.getInstance(); - } - - - public String listAllOnlineAppliactions() { - try { - populateBasicInformations(); - - } catch (BasicActionException e) { - return Constants.STRUTS_ERROR; - - } - - List dbOAs = null; - - if (authUser.isAdmin()) { - dbOAs = configuration.getDbRead().getAllOnlineApplications(); - - } else { - UserDatabase authUserDB = configuration.getUserManagement().getUserWithID(authUser.getUserID()); - - if (authUserDB != null) { - for (String el : authUserDB.getOnlineApplication()) { - dbOAs.add(configuration.getDbRead().getOnlineApplication(Long.valueOf(el))); - - } - } - } - - if (dbOAs == null || dbOAs.size() == 0) { - addActionError(LanguageHelper.getErrorString("errors.listOAs.noOA", request)); - - } else { - formOAs = FormDataHelper.populateFormWithOAs(dbOAs); - } - - session.setAttribute(Constants.SESSION_RETURNAREA, - Constants.STRUTS_RETURNAREA_VALUES.main.name()); - - - return Constants.STRUTS_SUCCESS; - } - - public String searchOAInit() { - - try { - populateBasicInformations(); - - } catch (BasicActionException e) { - return Constants.STRUTS_ERROR; - - } - - formOAs = null; - friendlyname = ""; - - return Constants.STRUTS_SUCCESS; - - } - - public String searchOA() { - try { - populateBasicInformations(); - - } catch (BasicActionException e) { - return Constants.STRUTS_ERROR; - - } - - if (MiscUtil.isEmpty(friendlyname)) { - log.info("SearchOA textfield is empty"); - addActionError(LanguageHelper.getErrorString("validation.general.oafriendlyname.empty", request)); - return Constants.STRUTS_SUCCESS; - - } else { - if (ValidationHelper.containsNotValidCharacter(friendlyname, false)) { - log.warn("SearchOA textfield contains potential XSS characters"); - addActionError(LanguageHelper.getErrorString("validation.general.oafriendlyname.valid", - new Object[] {ValidationHelper.getNotValidCharacter(false)}, request)); - return Constants.STRUTS_SUCCESS; - } - } - - List dbOAs = null; - - if (authUser.isAdmin()) { - dbOAs = configuration.getDbRead().searchOnlineApplications(friendlyname); - - } else { - UserDatabase authUserDB = configuration.getUserManagement().getUserWithID(authUser.getUserID()); - if (authUserDB != null) { - List alldbOAs = authUserDB.getOnlineApplication(); - - dbOAs = new ArrayList(); - - for (String el : alldbOAs) { - OnlineApplication oa = configuration.getDbRead().getOnlineApplication(Long.valueOf(el)); - - if (oa.getPublicURLPrefix() - .toLowerCase().indexOf(friendlyname.toLowerCase()) > -1) - dbOAs.add(oa); - } - } - } - - if (dbOAs == null || dbOAs.size() == 0) { - log.debug("No IDPs found with Identifier " + friendlyname); - addActionError(LanguageHelper.getErrorString("errors.listOAs.noOA", request)); - - } else { - formOAs = FormDataHelper.populateFormWithOAs(dbOAs); - - } - - - return Constants.STRUTS_SUCCESS; - } - - /** - * @return the formOAs - */ - public List getFormOAs() { - return formOAs; - } - - - /** - * @return the friendlyname - */ - public String getFriendlyname() { - return friendlyname; - } - - - /** - * @param friendlyname the friendlyname to set - */ - public void setFriendlyname(String friendlyname) { - this.friendlyname = friendlyname; - } - - + } + + public String listAllOnlineAppliactions() { + try { + populateBasicInformations(); + + } catch (final BasicActionException e) { + return Constants.STRUTS_ERROR; + + } + + List dbOAs = null; + + if (authUser.isAdmin()) { + dbOAs = configuration.getDbRead().getAllOnlineApplications(); + + } else { + final UserDatabase authUserDB = configuration.getUserManagement().getUserWithID(authUser.getUserID()); + + if (authUserDB != null) { + for (final String el : authUserDB.getOnlineApplication()) { + dbOAs.add(configuration.getDbRead().getOnlineApplication(Long.valueOf(el))); + + } + } + } + + if (dbOAs == null || dbOAs.size() == 0) { + addActionError(LanguageHelper.getErrorString("errors.listOAs.noOA", request)); + + } else { + formOAs = FormDataHelper.populateFormWithOAs(dbOAs); + } + + session.setAttribute(Constants.SESSION_RETURNAREA, + Constants.STRUTS_RETURNAREA_VALUES.main.name()); + + return Constants.STRUTS_SUCCESS; + } + + public String searchOAInit() { + + try { + populateBasicInformations(); + + } catch (final BasicActionException e) { + return Constants.STRUTS_ERROR; + + } + + formOAs = null; + friendlyname = ""; + + return Constants.STRUTS_SUCCESS; + + } + + public String searchOA() { + try { + populateBasicInformations(); + + } catch (final BasicActionException e) { + return Constants.STRUTS_ERROR; + + } + + if (MiscUtil.isEmpty(friendlyname)) { + log.info("SearchOA textfield is empty"); + addActionError(LanguageHelper.getErrorString("validation.general.oafriendlyname.empty", request)); + return Constants.STRUTS_SUCCESS; + + } else { + if (ValidationHelper.containsNotValidCharacter(friendlyname, false)) { + log.warn("SearchOA textfield contains potential XSS characters"); + addActionError(LanguageHelper.getErrorString("validation.general.oafriendlyname.valid", + new Object[] { ValidationHelper.getNotValidCharacter(false) }, request)); + return Constants.STRUTS_SUCCESS; + } + } + + List dbOAs = null; + + if (authUser.isAdmin()) { + dbOAs = configuration.getDbRead().searchOnlineApplications(friendlyname); + + } else { + final UserDatabase authUserDB = configuration.getUserManagement().getUserWithID(authUser.getUserID()); + if (authUserDB != null) { + final List alldbOAs = authUserDB.getOnlineApplication(); + + dbOAs = new ArrayList<>(); + + for (final String el : alldbOAs) { + final OnlineApplication oa = configuration.getDbRead().getOnlineApplication(Long.valueOf(el)); + + if (oa.getPublicURLPrefix() + .toLowerCase().indexOf(friendlyname.toLowerCase()) > -1) { + dbOAs.add(oa); + } + } + } + } + + if (dbOAs == null || dbOAs.size() == 0) { + log.debug("No IDPs found with Identifier " + friendlyname); + addActionError(LanguageHelper.getErrorString("errors.listOAs.noOA", request)); + + } else { + formOAs = FormDataHelper.populateFormWithOAs(dbOAs); + + } + + return Constants.STRUTS_SUCCESS; + } + + /** + * @return the formOAs + */ + public List getFormOAs() { + return formOAs; + } + + /** + * @return the friendlyname + */ + public String getFriendlyname() { + return friendlyname; + } + + /** + * @param friendlyname the friendlyname to set + */ + public void setFriendlyname(String friendlyname) { + this.friendlyname = friendlyname; + } } diff --git a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/struts/action/MOAIDPAction.java b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/struts/action/MOAIDPAction.java index 8c04a382a..ce3af689d 100644 --- a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/struts/action/MOAIDPAction.java +++ b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/struts/action/MOAIDPAction.java @@ -34,26 +34,25 @@ import at.gv.egovernment.moa.id.configuration.data.oa.OAPVP2Config; */ public class MOAIDPAction extends InterfederationIDPAction { - private static final long serialVersionUID = -2047128481980413334L; - - public MOAIDPAction() { - super(); - formList.putAll(buildMOAIDPFormList()); - } - - public static LinkedHashMap buildMOAIDPFormList() { - - LinkedHashMap forms = - new LinkedHashMap(); - - - OAPVP2Config pvp2OA = new OAPVP2Config(); - forms.put(pvp2OA.getName(), pvp2OA); - - OAMOAIDPInterfederationConfig moaidp = new OAMOAIDPInterfederationConfig(); - forms.put(moaidp.getName(), moaidp); - - return forms; - } + private static final long serialVersionUID = -2047128481980413334L; + + public MOAIDPAction() { + super(); + formList.putAll(buildMOAIDPFormList()); + } + + public static LinkedHashMap buildMOAIDPFormList() { + + final LinkedHashMap forms = + new LinkedHashMap<>(); + + final OAPVP2Config pvp2OA = new OAPVP2Config(); + forms.put(pvp2OA.getName(), pvp2OA); + + final OAMOAIDPInterfederationConfig moaidp = new OAMOAIDPInterfederationConfig(); + forms.put(moaidp.getName(), moaidp); + + return forms; + } } diff --git a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/struts/action/MainAction.java b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/struts/action/MainAction.java index ea6f17fc7..785eb583a 100644 --- a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/struts/action/MainAction.java +++ b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/struts/action/MainAction.java @@ -22,41 +22,41 @@ *******************************************************************************/ package at.gv.egovernment.moa.id.configuration.struts.action; -import org.apache.log4j.Logger; - import at.gv.egovernment.moa.id.configuration.Constants; import at.gv.egovernment.moa.id.configuration.exception.BasicActionException; +import lombok.extern.slf4j.Slf4j; +@Slf4j public class MainAction extends BasicAction { - - private static final long serialVersionUID = 221178766809263908L; - - private static final Logger log = Logger.getLogger(MainAction.class); - - public String changeLanguage() { - - return Constants.STRUTS_SUCCESS; - } - - public String generateMainFrame() { - - try { - populateBasicInformations(); - - } catch (BasicActionException e) { - return Constants.STRUTS_ERROR; - - } - - if (hasActionMessages()) - setActionMessages(getActionMessages()); - - if (hasActionErrors()) - setActionErrors(getActionErrors()); - - session.setAttribute(Constants.SESSION_RETURNAREA, null); - - return Constants.STRUTS_SUCCESS; - } - + + private static final long serialVersionUID = 221178766809263908L; + + public String changeLanguage() { + + return Constants.STRUTS_SUCCESS; + } + + public String generateMainFrame() { + + try { + populateBasicInformations(); + + } catch (final BasicActionException e) { + return Constants.STRUTS_ERROR; + + } + + if (hasActionMessages()) { + setActionMessages(getActionMessages()); + } + + if (hasActionErrors()) { + setActionErrors(getActionErrors()); + } + + session.setAttribute(Constants.SESSION_RETURNAREA, null); + + return Constants.STRUTS_SUCCESS; + } + } diff --git a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/struts/action/OpenAdminRequestsAction.java b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/struts/action/OpenAdminRequestsAction.java index 26d4e13ab..e1965e951 100644 --- a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/struts/action/OpenAdminRequestsAction.java +++ b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/struts/action/OpenAdminRequestsAction.java @@ -24,81 +24,68 @@ package at.gv.egovernment.moa.id.configuration.struts.action; import java.util.List; -import javax.servlet.http.HttpServletRequest; -import javax.servlet.http.HttpServletResponse; -import javax.servlet.http.HttpSession; - -import org.apache.log4j.Logger; -import org.apache.struts2.interceptor.ServletRequestAware; -import org.apache.struts2.interceptor.ServletResponseAware; - -import at.gv.egovernment.moa.id.commons.db.dao.config.deprecated.OnlineApplication; import at.gv.egovernment.moa.id.commons.db.dao.config.UserDatabase; +import at.gv.egovernment.moa.id.commons.db.dao.config.deprecated.OnlineApplication; import at.gv.egovernment.moa.id.configuration.Constants; import at.gv.egovernment.moa.id.configuration.auth.AuthenticatedUser; import at.gv.egovernment.moa.id.configuration.data.OAListElement; import at.gv.egovernment.moa.id.configuration.exception.BasicActionException; import at.gv.egovernment.moa.id.configuration.helper.FormDataHelper; +import lombok.extern.slf4j.Slf4j; -import com.opensymphony.xwork2.ActionSupport; - +@Slf4j public class OpenAdminRequestsAction extends BasicAction { - - private static final Logger log = Logger.getLogger(OpenAdminRequestsAction.class); - - private static final long serialVersionUID = 1L; - - private List formOAs = null; - private List userlist = null; - - - public String init() { - - try { - populateBasicInformations(); - - } catch (BasicActionException e) { - return Constants.STRUTS_ERROR; - - } - - if (authUser.isAdmin()) { - - List dbOAs = configuration.getDbRead().getAllNewOnlineApplications(); - if (dbOAs != null) { - formOAs = FormDataHelper.populateFormWithOAs(dbOAs); - } - - List dbUsers = configuration.getUserManagement().getAllNewUsers(); - if (dbUsers != null){ - userlist = FormDataHelper.addFormUsers(dbUsers); - } - - session.setAttribute(Constants.SESSION_RETURNAREA, - Constants.STRUTS_RETURNAREA_VALUES.adminRequestsInit.name()); - - return Constants.STRUTS_SUCCESS; - } else { - log.info("Access to OpenAdminRequest area is not allowed for user with ID" + authUser.getUserID()); - return Constants.STRUTS_NOTALLOWED; - } - - } - - - /** - * @return the formOAs - */ - public List getFormOAs() { - return formOAs; - } - - - /** - * @return the userlist - */ - public List getUserlist() { - return userlist; - } - + + private static final long serialVersionUID = 1L; + + private List formOAs = null; + private List userlist = null; + + public String init() { + + try { + populateBasicInformations(); + + } catch (final BasicActionException e) { + return Constants.STRUTS_ERROR; + + } + + if (authUser.isAdmin()) { + + final List dbOAs = configuration.getDbRead().getAllNewOnlineApplications(); + if (dbOAs != null) { + formOAs = FormDataHelper.populateFormWithOAs(dbOAs); + } + + final List dbUsers = configuration.getUserManagement().getAllNewUsers(); + if (dbUsers != null) { + userlist = FormDataHelper.addFormUsers(dbUsers); + } + + session.setAttribute(Constants.SESSION_RETURNAREA, + Constants.STRUTS_RETURNAREA_VALUES.adminRequestsInit.name()); + + return Constants.STRUTS_SUCCESS; + } else { + log.info("Access to OpenAdminRequest area is not allowed for user with ID" + authUser.getUserID()); + return Constants.STRUTS_NOTALLOWED; + } + + } + + /** + * @return the formOAs + */ + public List getFormOAs() { + return formOAs; + } + + /** + * @return the userlist + */ + public List getUserlist() { + return userlist; + } + } diff --git a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/struts/action/UserManagementAction.java b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/struts/action/UserManagementAction.java index 26afb0205..6a60b6816 100644 --- a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/struts/action/UserManagementAction.java +++ b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/struts/action/UserManagementAction.java @@ -26,14 +26,6 @@ import java.io.ByteArrayInputStream; import java.io.InputStream; import java.util.List; -import javax.servlet.http.HttpServletRequest; -import javax.servlet.http.HttpServletResponse; -import javax.servlet.http.HttpSession; - -import org.apache.log4j.Logger; -import org.apache.struts2.interceptor.ServletRequestAware; -import org.apache.struts2.interceptor.ServletResponseAware; - import at.gv.egiz.eaaf.core.impl.utils.Random; import at.gv.egovernment.moa.id.commons.db.dao.config.UserDatabase; import at.gv.egovernment.moa.id.commons.db.ex.MOADatabaseException; @@ -49,564 +41,570 @@ import at.gv.egovernment.moa.id.configuration.helper.LanguageHelper; import at.gv.egovernment.moa.id.configuration.helper.MailHelper; import at.gv.egovernment.moa.id.configuration.validation.UserDatabaseFormValidator; import at.gv.egovernment.moa.util.MiscUtil; +import lombok.extern.slf4j.Slf4j; -import com.opensymphony.xwork2.ActionSupport; - +@Slf4j public class UserManagementAction extends BasicAction { - - private static final Logger log = Logger.getLogger(UserManagementAction.class); - - private static final long serialVersionUID = 1L; - - private List userlist = null; - private UserDatabaseFrom user = null; - - private String useridobj = null; - private static boolean newUser = false; - private InputStream stream; - private String nextPage; - private String formID; - - public String init() { - try { - populateBasicInformations(); - - } catch (BasicActionException e) { - return Constants.STRUTS_ERROR; - - } - - if (session == null) { - log.info("No http Session found."); - return Constants.STRUTS_ERROR; - } - - if (authUser.isAdmin()) { - - log.info("Show NewserRequests"); - - log.info("Show UserList"); - - List dbuserlist = configuration.getUserManagement().getAllUsers(); - - if (dbuserlist != null) { - userlist = FormDataHelper.addFormUsers(dbuserlist); - } - - session.setAttribute(Constants.SESSION_RETURNAREA, - Constants.STRUTS_RETURNAREA_VALUES.usermanagementInit.name()); - - return Constants.STRUTS_SUCCESS; - - } else { - log.info("User with ID " + authUser.getUserID() + " is not admin. Show only EditUser Frame"); - UserDatabase dbuser = configuration.getUserManagement().getUserWithID(authUser.getUserID()); - if (dbuser == null) { - return Constants.STRUTS_REAUTHENTICATE; - } - user = new UserDatabaseFrom(dbuser); - - session.setAttribute(Constants.SESSION_RETURNAREA, - Constants.STRUTS_RETURNAREA_VALUES.main.name()); - - formID = Random.nextRandom(); - session.setAttribute(Constants.SESSION_FORMID, formID); - - return Constants.STRUTS_NOTALLOWED; - } - } - - public String createuser() { - try { - populateBasicInformations(); - - } catch (BasicActionException e) { - return Constants.STRUTS_ERROR; - - } - - nextPage = Constants.STRUTS_RETURNAREA_VALUES.usermanagementInit.name(); - - if (authUser.isAdmin()) { - - user = new UserDatabaseFrom(); - - newUser = true; - - formID = Random.nextRandom(); - session.setAttribute(Constants.SESSION_FORMID, formID); - return Constants.STRUTS_SUCCESS; - - } else { - return Constants.STRUTS_NOTALLOWED; - } - } - - public String edituser() { - try { - populateBasicInformations(); - - } catch (BasicActionException e) { - return Constants.STRUTS_ERROR; - - } - - Object nextPageAttr = session.getAttribute(Constants.SESSION_RETURNAREA); - if (nextPageAttr != null && nextPageAttr instanceof String - && MiscUtil.isNotEmpty((String)nextPageAttr) ) { - nextPage = (String) nextPageAttr; - - } else { - nextPage = Constants.STRUTS_RETURNAREA_VALUES.usermanagementInit.name(); - } - - formID = Random.nextRandom(); - session.setAttribute(Constants.SESSION_FORMID, formID); - - if (authUser.isAdmin()) { - long userid = -1; - - if (!ValidationHelper.validateOAID(useridobj)) { - addActionError(LanguageHelper.getErrorString("errors.edit.user.userid", request)); - return Constants.STRUTS_ERROR; - } - userid = Long.valueOf(useridobj); - - UserDatabase dbuser = configuration.getUserManagement().getUserWithID(userid); - if (dbuser == null) { - log.info("No User with ID " + userid + " in Database");; - addActionError(LanguageHelper.getErrorString("errors.edit.user.userid", request)); - return Constants.STRUTS_ERROR; - } - user = new UserDatabaseFrom(dbuser); - - newUser = false; - - return Constants.STRUTS_SUCCESS; - - } else { - log.info("User with ID " + authUser.getUserID() + " is not admin. Show his own EditUser Frame"); - UserDatabase dbuser = configuration.getUserManagement().getUserWithID(authUser.getUserID()); - user = new UserDatabaseFrom(dbuser); - return Constants.STRUTS_SUCCESS; - } - } - - public String saveuser() { - try { - populateBasicInformations(); - - } catch (BasicActionException e) { - return Constants.STRUTS_ERROR; - - } - - Object formidobj = session.getAttribute(Constants.SESSION_FORMID); - if (formidobj != null && formidobj instanceof String) { - String formid = (String) formidobj; - if (!formid.equals(formID)) { - log.warn("FormIDs does not match. Some suspect Form is received from user " - + authUser.getFamilyName() + authUser.getGivenName() + authUser.getUserID()); - return Constants.STRUTS_ERROR; - } - } else { - log.warn("FormIDs does not match. Some suspect Form is received from user " - + authUser.getFamilyName() + authUser.getGivenName() + authUser.getUserID()); - return Constants.STRUTS_ERROR; - } - session.setAttribute(Constants.SESSION_FORMID, null); - - String useridobj = user.getUserID(); - long userID = -1; - if (MiscUtil.isEmpty(useridobj)) { - userID = -1; - - } else { - if (!ValidationHelper.validateOAID(useridobj)){ - log.warn("User with ID " + authUser.getUserID() - + " would access UserDatabase ID " + useridobj); - addActionError(LanguageHelper.getErrorString("errors.edit.user.notallowed", request)); - return Constants.STRUTS_ERROR; - } - userID = Long.valueOf(useridobj); - } - - UserDatabase dbuser = configuration.getUserManagement().getUserWithID(userID); - - if( dbuser == null) { - dbuser = new UserDatabase(); - dbuser.setIsMandateUser(false); - dbuser.setIsAdminRequest(false); - dbuser.setIsPVP2Generated(false); - dbuser.setUserRequestTokken(null); - dbuser.setIsMailAddressVerified(false); - dbuser.setUsername(user.getUsername()); - } - - List errors; - UserDatabaseFormValidator validator = new UserDatabaseFormValidator(); - - boolean ispvp2 = false; - boolean ismandate = false; - if (dbuser.isIsPVP2Generated() != null) - ispvp2 = dbuser.isIsPVP2Generated(); - - if (dbuser.isIsMandateUser() != null) - ismandate = dbuser.isIsMandateUser(); - - errors = validator.validate(user, userID, ispvp2, ismandate, request); - - if (errors.size() > 0) { - log.info("UserDataForm has some erros."); - for (String el : errors) - addActionError(el); - user.setPassword(""); - - if (MiscUtil.isEmpty(user.getUsername())) - newUser = true; - - user.setIsmandateuser(ismandate); - user.setPVPGenerated(ispvp2); - if (dbuser.isIsUsernamePasswordAllowed() != null) - user.setIsusernamepasswordallowed(dbuser.isIsUsernamePasswordAllowed()); - - formID = Random.nextRandom(); - session.setAttribute(Constants.SESSION_FORMID, formID); - - return Constants.STRUTS_ERROR_VALIDATION; - } - - if (!authUser.isAdmin()) { - if (authUser.getUserID() != userID) { - log.warn("User with ID " + authUser.getUserID() - + " would access UserDatabase Entry " + user.getUsername()); - addActionError(LanguageHelper.getErrorString("errors.edit.user.notallowed", request)); - return Constants.STRUTS_ERROR; - } - - } - - if (!user.getMail().equals(dbuser.getMail()) && !authUser.isAdmin()) { - dbuser.setIsMailAddressVerified(false); - dbuser.setUserRequestTokken(Random.nextRandom()); - - try { - MailHelper.sendUserMailAddressVerification(dbuser); - addActionMessage(LanguageHelper.getGUIString("webpages.edituser.changemailaddress.verify", request)); - - } catch (ConfigurationException e) { - log.warn("Sending of mailaddress verification mail failed.", e); - addActionError(LanguageHelper.getErrorString("error.mail.send", request)); - } - } - - Object nextPageAttr = session.getAttribute(Constants.SESSION_RETURNAREA); - if (nextPageAttr != null && nextPageAttr instanceof String - && MiscUtil.isNotEmpty((String)nextPageAttr) ) { - nextPage = (String) nextPageAttr; - - if (nextPage.equals(Constants.STRUTS_RETURNAREA_VALUES.adminRequestsInit.name()) && - user.isActive()) { - dbuser.setIsAdminRequest(false); - try { - if (dbuser.isIsMandateUser()) - MailHelper.sendUserAccountActivationMail(dbuser.getGivenname(), dbuser.getFamilyname(), - dbuser.getInstitut(), user.getMail()); - else - MailHelper.sendUserAccountActivationMail(dbuser.getGivenname(), dbuser.getFamilyname(), - null, user.getMail()); - - } catch (ConfigurationException e) { - log.warn("Send UserAccountActivation mail failed", e); - } - } - session.setAttribute(Constants.SESSION_RETURNAREA, null); - - } else { - nextPage = Constants.STRUTS_RETURNAREA_VALUES.usermanagementInit.name(); - } - - String error = saveFormToDB(dbuser); - - if (error != null) { - log.warn("UserData can not be stored in Database"); - addActionError(error); - return Constants.STRUTS_SUCCESS; - } - - return Constants.STRUTS_SUCCESS; - } - - public String deleteuser() { - try { - populateBasicInformations(); - - } catch (BasicActionException e) { - return Constants.STRUTS_ERROR; - - } - - Object formidobj = session.getAttribute(Constants.SESSION_FORMID); - if (formidobj != null && formidobj instanceof String) { - String formid = (String) formidobj; - if (!formid.equals(formID)) { - log.warn("FormIDs does not match. Some suspect Form is received from user " - + authUser.getFamilyName() + authUser.getGivenName() + authUser.getUserID()); - return Constants.STRUTS_ERROR; - } - } else { - log.warn("FormIDs does not match. Some suspect Form is received from user " - + authUser.getFamilyName() + authUser.getGivenName() + authUser.getUserID()); - return Constants.STRUTS_ERROR; - } - session.setAttribute(Constants.SESSION_FORMID, null); - - String useridobj = user.getUserID(); - long userID = -1; - if (MiscUtil.isEmpty(useridobj)) { - userID = -1; - - } else { - if (!ValidationHelper.validateOAID(useridobj)){ - log.warn("User with ID " + authUser.getUserID() - + " would access UserDatabase ID " + useridobj); - addActionError(LanguageHelper.getErrorString("errors.edit.user.notallowed", request)); - return Constants.STRUTS_ERROR; - } - userID = Long.valueOf(useridobj); - } - - if (!authUser.isAdmin()) { - if (authUser.getUserID() != userID) { - log.warn("User with ID " + authUser.getUserID() - + " would access UserDatabase Entry " + user.getUsername()); - addActionError(LanguageHelper.getErrorString("errors.edit.user.notallowed", request)); - return Constants.STRUTS_ERROR; - } - } - - Object nextPageAttr = session.getAttribute(Constants.SESSION_RETURNAREA); - if (nextPageAttr != null && nextPageAttr instanceof String - && MiscUtil.isNotEmpty((String)nextPageAttr) ) { - nextPage = (String) nextPageAttr; - session.setAttribute(Constants.SESSION_RETURNAREA, null); - - } else { - nextPage = Constants.STRUTS_RETURNAREA_VALUES.usermanagementInit.name(); - } - - UserDatabase dbuser = configuration.getUserManagement().getUserWithID(userID); - if (dbuser != null) { - dbuser.setOaIDs(null); - - try { - configuration.getUserManagement().saveOrUpdate(dbuser); - configuration.getUserManagement().delete(dbuser); - - if (authUser.isAdmin()) { - MailHelper.sendUserAccountRevocationMail(dbuser); - } - - if (dbuser.getHjid().equals(String.valueOf(authUser.getUserID()))) { - return Constants.STRUTS_REAUTHENTICATE; - } - - } catch (MOADatabaseException e) { - log.warn("UserData can not be deleted from Database", e); - addActionError(e.getMessage()); - return Constants.STRUTS_SUCCESS; - - } catch (ConfigurationException e) { - log.warn("Information mail sending failed.", e); - addActionError(e.getMessage()); - return Constants.STRUTS_SUCCESS; - } - - finally { - } - } - - - return Constants.STRUTS_SUCCESS; - } - - public String sendVerificationMail () { - try { - populateBasicInformations(); - - } catch (BasicActionException e) { - return Constants.STRUTS_ERROR; - - } - - String message = LanguageHelper.getErrorString("error.mail.send", request); - - if (authUser != null) { - UserDatabase dbuser = configuration.getUserManagement().getUserWithID(authUser.getUserID()); - - if (dbuser != null) { - dbuser.setIsMailAddressVerified(false); - dbuser.setUserRequestTokken(Random.nextRandom()); - - try { - configuration.getUserManagement().saveOrUpdate(dbuser); - - MailHelper.sendUserMailAddressVerification(dbuser); - - message = LanguageHelper.getErrorString("webpages.edituser.verify.mail.message", request); - - } catch (ConfigurationException e) { - log.warn("Sending of mailaddress verification mail failed.", e); - message = LanguageHelper.getErrorString("error.mail.send", request); - - } catch (MOADatabaseException e) { - log.warn("Access UserInformationDatabase failed.", e); - } - } - } - - stream = new ByteArrayInputStream(message.getBytes()); - - return SUCCESS; - } - - private String saveFormToDB(UserDatabase dbuser) { - - dbuser.setMail(user.getMail()); - dbuser.setPhone(user.getPhone()); - - if (authUser.isAdmin() || dbuser.isIsUsernamePasswordAllowed()) { - dbuser.setIsUsernamePasswordAllowed(user.isIsusernamepasswordallowed()); - - if (authUser.isAdmin()) { - dbuser.setIsActive(user.isActive()); - dbuser.setIsAdmin(user.isAdmin()); - - } - } - - if (dbuser.isIsPVP2Generated() == null || !dbuser.isIsPVP2Generated()) { - dbuser.setFamilyname(user.getFamilyName()); - dbuser.setGivenname(user.getGivenName()); - dbuser.setInstitut(user.getInstitut()); - - if (authUser.isAdmin()) { - dbuser.setBpk(user.getBpk()); - if ( user.getBpk().startsWith(Constants.IDENIFICATIONTYPE_BASEID - + "X" + Constants.IDENIFICATIONTYPE_FN) || - user.getBpk().startsWith(Constants.IDENIFICATIONTYPE_BASEID - + "X" + Constants.IDENIFICATIONTYPE_ZVR) || - user.getBpk().startsWith(Constants.IDENIFICATIONTYPE_BASEID - + "X" + Constants.IDENIFICATIONTYPE_ERSB)) { - dbuser.setIsMandateUser(true); - } - } - - } else { - if (!dbuser.isIsMandateUser()) - dbuser.setInstitut(user.getInstitut()); - } - - if (dbuser.isIsUsernamePasswordAllowed()) { - - if (MiscUtil.isNotEmpty(user.getUsername()) && MiscUtil.isEmpty(dbuser.getUsername())) - dbuser.setUsername(user.getUsername()); - - if (MiscUtil.isNotEmpty(user.getPassword())) { - String key = AuthenticationHelper.generateKeyFormPassword(user.getPassword()); - if (key == null) { - return LanguageHelper.getErrorString("errors.edit.user.save", request); - } - dbuser.setPassword(key); - } - } - - try { - configuration.getUserManagement().saveOrUpdate(dbuser); - } catch (MOADatabaseException e) { - log.warn("User information can not be stored in Database.", e); - return LanguageHelper.getErrorString("errors.edit.user.save", request); - } - - return null; - } - - - /** - * @return the userlist - */ - public List getUserlist() { - return userlist; - } - - /** - * @param userlist the userlist to set - */ - public void setUserlist(List userlist) { - this.userlist = userlist; - } - - /** - * @return the user - */ - public UserDatabaseFrom getUser() { - return user; - } - - /** - * @param user the user to set - */ - public void setUser(UserDatabaseFrom user) { - this.user = user; - } - - /** - * @return the useridobj - */ - public String getUseridobj() { - return useridobj; - } - - /** - * @param useridobj the useridobj to set - */ - public void setUseridobj(String useridobj) { - this.useridobj = useridobj; - } - - /** - * @return the newUser - */ - public boolean isNewUser() { - return newUser; - } - - /** - * @return the nextPage - */ - public String getNextPage() { - return nextPage; - } - - /** - * @return the stream - */ - public InputStream getStream() { - return stream; - } - - /** - * @return the formID - */ - public String getFormID() { - return formID; - } - - /** - * @param formID the formID to set - */ - public void setFormID(String formID) { - this.formID = formID; - } - + + private static final long serialVersionUID = 1L; + + private List userlist = null; + private UserDatabaseFrom user = null; + + private String useridobj = null; + private static boolean newUser = false; + private InputStream stream; + private String nextPage; + private String formID; + + public String init() { + try { + populateBasicInformations(); + + } catch (final BasicActionException e) { + return Constants.STRUTS_ERROR; + + } + + if (session == null) { + log.info("No http Session found."); + return Constants.STRUTS_ERROR; + } + + if (authUser.isAdmin()) { + + log.info("Show NewserRequests"); + + log.info("Show UserList"); + + final List dbuserlist = configuration.getUserManagement().getAllUsers(); + + if (dbuserlist != null) { + userlist = FormDataHelper.addFormUsers(dbuserlist); + } + + session.setAttribute(Constants.SESSION_RETURNAREA, + Constants.STRUTS_RETURNAREA_VALUES.usermanagementInit.name()); + + return Constants.STRUTS_SUCCESS; + + } else { + log.info("User with ID " + authUser.getUserID() + " is not admin. Show only EditUser Frame"); + final UserDatabase dbuser = configuration.getUserManagement().getUserWithID(authUser.getUserID()); + if (dbuser == null) { + return Constants.STRUTS_REAUTHENTICATE; + } + user = new UserDatabaseFrom(dbuser); + + session.setAttribute(Constants.SESSION_RETURNAREA, + Constants.STRUTS_RETURNAREA_VALUES.main.name()); + + formID = Random.nextRandom(); + session.setAttribute(Constants.SESSION_FORMID, formID); + + return Constants.STRUTS_NOTALLOWED; + } + } + + public String createuser() { + try { + populateBasicInformations(); + + } catch (final BasicActionException e) { + return Constants.STRUTS_ERROR; + + } + + nextPage = Constants.STRUTS_RETURNAREA_VALUES.usermanagementInit.name(); + + if (authUser.isAdmin()) { + + user = new UserDatabaseFrom(); + + newUser = true; + + formID = Random.nextRandom(); + session.setAttribute(Constants.SESSION_FORMID, formID); + return Constants.STRUTS_SUCCESS; + + } else { + return Constants.STRUTS_NOTALLOWED; + } + } + + public String edituser() { + try { + populateBasicInformations(); + + } catch (final BasicActionException e) { + return Constants.STRUTS_ERROR; + + } + + final Object nextPageAttr = session.getAttribute(Constants.SESSION_RETURNAREA); + if (nextPageAttr != null && nextPageAttr instanceof String + && MiscUtil.isNotEmpty((String) nextPageAttr)) { + nextPage = (String) nextPageAttr; + + } else { + nextPage = Constants.STRUTS_RETURNAREA_VALUES.usermanagementInit.name(); + } + + formID = Random.nextRandom(); + session.setAttribute(Constants.SESSION_FORMID, formID); + + if (authUser.isAdmin()) { + long userid = -1; + + if (!ValidationHelper.validateOAID(useridobj)) { + addActionError(LanguageHelper.getErrorString("errors.edit.user.userid", request)); + return Constants.STRUTS_ERROR; + } + userid = Long.valueOf(useridobj); + + final UserDatabase dbuser = configuration.getUserManagement().getUserWithID(userid); + if (dbuser == null) { + log.info("No User with ID " + userid + " in Database"); + addActionError(LanguageHelper.getErrorString("errors.edit.user.userid", request)); + return Constants.STRUTS_ERROR; + } + user = new UserDatabaseFrom(dbuser); + + newUser = false; + + return Constants.STRUTS_SUCCESS; + + } else { + log.info("User with ID " + authUser.getUserID() + " is not admin. Show his own EditUser Frame"); + final UserDatabase dbuser = configuration.getUserManagement().getUserWithID(authUser.getUserID()); + user = new UserDatabaseFrom(dbuser); + return Constants.STRUTS_SUCCESS; + } + } + + public String saveuser() { + try { + populateBasicInformations(); + + } catch (final BasicActionException e) { + return Constants.STRUTS_ERROR; + + } + + final Object formidobj = session.getAttribute(Constants.SESSION_FORMID); + if (formidobj != null && formidobj instanceof String) { + final String formid = (String) formidobj; + if (!formid.equals(formID)) { + log.warn("FormIDs does not match. Some suspect Form is received from user " + + authUser.getFamilyName() + authUser.getGivenName() + authUser.getUserID()); + return Constants.STRUTS_ERROR; + } + } else { + log.warn("FormIDs does not match. Some suspect Form is received from user " + + authUser.getFamilyName() + authUser.getGivenName() + authUser.getUserID()); + return Constants.STRUTS_ERROR; + } + session.setAttribute(Constants.SESSION_FORMID, null); + + final String useridobj = user.getUserID(); + long userID = -1; + if (MiscUtil.isEmpty(useridobj)) { + userID = -1; + + } else { + if (!ValidationHelper.validateOAID(useridobj)) { + log.warn("User with ID " + authUser.getUserID() + + " would access UserDatabase ID " + useridobj); + addActionError(LanguageHelper.getErrorString("errors.edit.user.notallowed", request)); + return Constants.STRUTS_ERROR; + } + userID = Long.valueOf(useridobj); + } + + UserDatabase dbuser = configuration.getUserManagement().getUserWithID(userID); + + if (dbuser == null) { + dbuser = new UserDatabase(); + dbuser.setIsMandateUser(false); + dbuser.setIsAdminRequest(false); + dbuser.setIsPVP2Generated(false); + dbuser.setUserRequestTokken(null); + dbuser.setIsMailAddressVerified(false); + dbuser.setUsername(user.getUsername()); + } + + List errors; + final UserDatabaseFormValidator validator = new UserDatabaseFormValidator(); + + boolean ispvp2 = false; + boolean ismandate = false; + if (dbuser.isIsPVP2Generated() != null) { + ispvp2 = dbuser.isIsPVP2Generated(); + } + + if (dbuser.isIsMandateUser() != null) { + ismandate = dbuser.isIsMandateUser(); + } + + errors = validator.validate(user, userID, ispvp2, ismandate, request); + + if (errors.size() > 0) { + log.info("UserDataForm has some erros."); + for (final String el : errors) { + addActionError(el); + } + user.setPassword(""); + + if (MiscUtil.isEmpty(user.getUsername())) { + newUser = true; + } + + user.setIsmandateuser(ismandate); + user.setPVPGenerated(ispvp2); + if (dbuser.isIsUsernamePasswordAllowed() != null) { + user.setIsusernamepasswordallowed(dbuser.isIsUsernamePasswordAllowed()); + } + + formID = Random.nextRandom(); + session.setAttribute(Constants.SESSION_FORMID, formID); + + return Constants.STRUTS_ERROR_VALIDATION; + } + + if (!authUser.isAdmin()) { + if (authUser.getUserID() != userID) { + log.warn("User with ID " + authUser.getUserID() + + " would access UserDatabase Entry " + user.getUsername()); + addActionError(LanguageHelper.getErrorString("errors.edit.user.notallowed", request)); + return Constants.STRUTS_ERROR; + } + + } + + if (!user.getMail().equals(dbuser.getMail()) && !authUser.isAdmin()) { + dbuser.setIsMailAddressVerified(false); + dbuser.setUserRequestTokken(Random.nextRandom()); + + try { + MailHelper.sendUserMailAddressVerification(dbuser); + addActionMessage(LanguageHelper.getGUIString("webpages.edituser.changemailaddress.verify", request)); + + } catch (final ConfigurationException e) { + log.warn("Sending of mailaddress verification mail failed.", e); + addActionError(LanguageHelper.getErrorString("error.mail.send", request)); + } + } + + final Object nextPageAttr = session.getAttribute(Constants.SESSION_RETURNAREA); + if (nextPageAttr != null && nextPageAttr instanceof String + && MiscUtil.isNotEmpty((String) nextPageAttr)) { + nextPage = (String) nextPageAttr; + + if (nextPage.equals(Constants.STRUTS_RETURNAREA_VALUES.adminRequestsInit.name()) && + user.isActive()) { + dbuser.setIsAdminRequest(false); + try { + if (dbuser.isIsMandateUser()) { + MailHelper.sendUserAccountActivationMail(dbuser.getGivenname(), dbuser.getFamilyname(), + dbuser.getInstitut(), user.getMail()); + } else { + MailHelper.sendUserAccountActivationMail(dbuser.getGivenname(), dbuser.getFamilyname(), + null, user.getMail()); + } + + } catch (final ConfigurationException e) { + log.warn("Send UserAccountActivation mail failed", e); + } + } + session.setAttribute(Constants.SESSION_RETURNAREA, null); + + } else { + nextPage = Constants.STRUTS_RETURNAREA_VALUES.usermanagementInit.name(); + } + + final String error = saveFormToDB(dbuser); + + if (error != null) { + log.warn("UserData can not be stored in Database"); + addActionError(error); + return Constants.STRUTS_SUCCESS; + } + + return Constants.STRUTS_SUCCESS; + } + + public String deleteuser() { + try { + populateBasicInformations(); + + } catch (final BasicActionException e) { + return Constants.STRUTS_ERROR; + + } + + final Object formidobj = session.getAttribute(Constants.SESSION_FORMID); + if (formidobj != null && formidobj instanceof String) { + final String formid = (String) formidobj; + if (!formid.equals(formID)) { + log.warn("FormIDs does not match. Some suspect Form is received from user " + + authUser.getFamilyName() + authUser.getGivenName() + authUser.getUserID()); + return Constants.STRUTS_ERROR; + } + } else { + log.warn("FormIDs does not match. Some suspect Form is received from user " + + authUser.getFamilyName() + authUser.getGivenName() + authUser.getUserID()); + return Constants.STRUTS_ERROR; + } + session.setAttribute(Constants.SESSION_FORMID, null); + + final String useridobj = user.getUserID(); + long userID = -1; + if (MiscUtil.isEmpty(useridobj)) { + userID = -1; + + } else { + if (!ValidationHelper.validateOAID(useridobj)) { + log.warn("User with ID " + authUser.getUserID() + + " would access UserDatabase ID " + useridobj); + addActionError(LanguageHelper.getErrorString("errors.edit.user.notallowed", request)); + return Constants.STRUTS_ERROR; + } + userID = Long.valueOf(useridobj); + } + + if (!authUser.isAdmin()) { + if (authUser.getUserID() != userID) { + log.warn("User with ID " + authUser.getUserID() + + " would access UserDatabase Entry " + user.getUsername()); + addActionError(LanguageHelper.getErrorString("errors.edit.user.notallowed", request)); + return Constants.STRUTS_ERROR; + } + } + + final Object nextPageAttr = session.getAttribute(Constants.SESSION_RETURNAREA); + if (nextPageAttr != null && nextPageAttr instanceof String + && MiscUtil.isNotEmpty((String) nextPageAttr)) { + nextPage = (String) nextPageAttr; + session.setAttribute(Constants.SESSION_RETURNAREA, null); + + } else { + nextPage = Constants.STRUTS_RETURNAREA_VALUES.usermanagementInit.name(); + } + + final UserDatabase dbuser = configuration.getUserManagement().getUserWithID(userID); + if (dbuser != null) { + dbuser.setOaIDs(null); + + try { + configuration.getUserManagement().saveOrUpdate(dbuser); + configuration.getUserManagement().delete(dbuser); + + if (authUser.isAdmin()) { + MailHelper.sendUserAccountRevocationMail(dbuser); + } + + if (dbuser.getHjid().equals(String.valueOf(authUser.getUserID()))) { + return Constants.STRUTS_REAUTHENTICATE; + } + + } catch (final MOADatabaseException e) { + log.warn("UserData can not be deleted from Database", e); + addActionError(e.getMessage()); + return Constants.STRUTS_SUCCESS; + + } catch (final ConfigurationException e) { + log.warn("Information mail sending failed.", e); + addActionError(e.getMessage()); + return Constants.STRUTS_SUCCESS; + } + + finally { + } + } + + return Constants.STRUTS_SUCCESS; + } + + public String sendVerificationMail() { + try { + populateBasicInformations(); + + } catch (final BasicActionException e) { + return Constants.STRUTS_ERROR; + + } + + String message = LanguageHelper.getErrorString("error.mail.send", request); + + if (authUser != null) { + final UserDatabase dbuser = configuration.getUserManagement().getUserWithID(authUser.getUserID()); + + if (dbuser != null) { + dbuser.setIsMailAddressVerified(false); + dbuser.setUserRequestTokken(Random.nextRandom()); + + try { + configuration.getUserManagement().saveOrUpdate(dbuser); + + MailHelper.sendUserMailAddressVerification(dbuser); + + message = LanguageHelper.getErrorString("webpages.edituser.verify.mail.message", request); + + } catch (final ConfigurationException e) { + log.warn("Sending of mailaddress verification mail failed.", e); + message = LanguageHelper.getErrorString("error.mail.send", request); + + } catch (final MOADatabaseException e) { + log.warn("Access UserInformationDatabase failed.", e); + } + } + } + + stream = new ByteArrayInputStream(message.getBytes()); + + return SUCCESS; + } + + private String saveFormToDB(UserDatabase dbuser) { + + dbuser.setMail(user.getMail()); + dbuser.setPhone(user.getPhone()); + + if (authUser.isAdmin() || dbuser.isIsUsernamePasswordAllowed()) { + dbuser.setIsUsernamePasswordAllowed(user.isIsusernamepasswordallowed()); + + if (authUser.isAdmin()) { + dbuser.setIsActive(user.isActive()); + dbuser.setIsAdmin(user.isAdmin()); + + } + } + + if (dbuser.isIsPVP2Generated() == null || !dbuser.isIsPVP2Generated()) { + dbuser.setFamilyname(user.getFamilyName()); + dbuser.setGivenname(user.getGivenName()); + dbuser.setInstitut(user.getInstitut()); + + if (authUser.isAdmin()) { + dbuser.setBpk(user.getBpk()); + if (user.getBpk().startsWith(Constants.IDENIFICATIONTYPE_BASEID + + "X" + Constants.IDENIFICATIONTYPE_FN) || + user.getBpk().startsWith(Constants.IDENIFICATIONTYPE_BASEID + + "X" + Constants.IDENIFICATIONTYPE_ZVR) || + user.getBpk().startsWith(Constants.IDENIFICATIONTYPE_BASEID + + "X" + Constants.IDENIFICATIONTYPE_ERSB)) { + dbuser.setIsMandateUser(true); + } + } + + } else { + if (!dbuser.isIsMandateUser()) { + dbuser.setInstitut(user.getInstitut()); + } + } + + if (dbuser.isIsUsernamePasswordAllowed()) { + + if (MiscUtil.isNotEmpty(user.getUsername()) && MiscUtil.isEmpty(dbuser.getUsername())) { + dbuser.setUsername(user.getUsername()); + } + + if (MiscUtil.isNotEmpty(user.getPassword())) { + final String key = AuthenticationHelper.generateKeyFormPassword(user.getPassword()); + if (key == null) { + return LanguageHelper.getErrorString("errors.edit.user.save", request); + } + dbuser.setPassword(key); + } + } + + try { + configuration.getUserManagement().saveOrUpdate(dbuser); + } catch (final MOADatabaseException e) { + log.warn("User information can not be stored in Database.", e); + return LanguageHelper.getErrorString("errors.edit.user.save", request); + } + + return null; + } + + /** + * @return the userlist + */ + public List getUserlist() { + return userlist; + } + + /** + * @param userlist the userlist to set + */ + public void setUserlist(List userlist) { + this.userlist = userlist; + } + + /** + * @return the user + */ + public UserDatabaseFrom getUser() { + return user; + } + + /** + * @param user the user to set + */ + public void setUser(UserDatabaseFrom user) { + this.user = user; + } + + /** + * @return the useridobj + */ + public String getUseridobj() { + return useridobj; + } + + /** + * @param useridobj the useridobj to set + */ + public void setUseridobj(String useridobj) { + this.useridobj = useridobj; + } + + /** + * @return the newUser + */ + public boolean isNewUser() { + return newUser; + } + + /** + * @return the nextPage + */ + public String getNextPage() { + return nextPage; + } + + /** + * @return the stream + */ + public InputStream getStream() { + return stream; + } + + /** + * @return the formID + */ + @Override + public String getFormID() { + return formID; + } + + /** + * @param formID the formID to set + */ + @Override + public void setFormID(String formID) { + this.formID = formID; + } + } diff --git a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/struts/action/VIDPAction.java b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/struts/action/VIDPAction.java index c00eb46a5..5f03d89c1 100644 --- a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/struts/action/VIDPAction.java +++ b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/struts/action/VIDPAction.java @@ -39,37 +39,36 @@ import at.gv.egovernment.moa.id.configuration.data.oa.OATargetConfiguration; */ public class VIDPAction extends InterfederationIDPAction { - private static final long serialVersionUID = 1981465294474566533L; + private static final long serialVersionUID = 1981465294474566533L; + + public VIDPAction() { + super(); + formList.putAll(buildVIDPFormList()); + } + + /** + * @return + * + */ + public static LinkedHashMap buildVIDPFormList() { + final LinkedHashMap forms = + new LinkedHashMap<>(); + + final OATargetConfiguration oaTarget = new OATargetConfiguration(); + forms.put(oaTarget.getName(), oaTarget); + + final OAAuthenticationData authOA = new OAAuthenticationData(); + forms.put(authOA.getName(), authOA); + + final OASTORKConfig storkOA = new OASTORKConfig(); + forms.put(storkOA.getName(), storkOA); + + final Map map = new HashMap<>(); + map.putAll(FormBuildUtils.getDefaultMap()); + final FormularCustomization formOA = new FormularCustomization(map); + forms.put(formOA.getName(), formOA); + + return forms; + } - - public VIDPAction() { - super(); - formList.putAll(buildVIDPFormList()); - } - - /** - * @return - * - */ - public static LinkedHashMap buildVIDPFormList() { - LinkedHashMap forms = - new LinkedHashMap(); - - OATargetConfiguration oaTarget = new OATargetConfiguration(); - forms.put(oaTarget.getName(), oaTarget); - - OAAuthenticationData authOA = new OAAuthenticationData(); - forms.put(authOA.getName(), authOA); - - OASTORKConfig storkOA = new OASTORKConfig(); - forms.put(storkOA.getName(), storkOA); - - Map map = new HashMap(); - map.putAll(FormBuildUtils.getDefaultMap()); - FormularCustomization formOA = new FormularCustomization(map); - forms.put(formOA.getName(), formOA); - - return forms; - } - } diff --git a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/utils/ConfigurationEncryptionUtils.java b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/utils/ConfigurationEncryptionUtils.java index 08cd7c59d..e26e67196 100644 --- a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/utils/ConfigurationEncryptionUtils.java +++ b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/utils/ConfigurationEncryptionUtils.java @@ -33,47 +33,51 @@ import at.gv.egovernment.moa.logging.Logger; */ public class ConfigurationEncryptionUtils extends AbstractEncrytionUtil { - private static ConfigurationEncryptionUtils instance = null; - private static String key = null; - - public static ConfigurationEncryptionUtils getInstance() { - if (instance == null) { - try { - key = ConfigurationProvider.getInstance().getConfigurationEncryptionKey(); - instance = new ConfigurationEncryptionUtils(); - - } catch (Exception e) { - Logger.warn("MOAConfiguration encryption initialization FAILED.", e); - - } - } - return instance; - } - - /** - * @throws DatabaseEncryptionException - */ - public ConfigurationEncryptionUtils() throws DatabaseEncryptionException { - super(); - - } + private static ConfigurationEncryptionUtils instance = null; + private static String key = null; - /* (non-Javadoc) - * @see at.gv.egovernment.moa.id.util.AbstractEncrytionUtil#getSalt() - */ - @Override - protected String getSalt() { - return "Configuration-Salt"; - - } + public static ConfigurationEncryptionUtils getInstance() { + if (instance == null) { + try { + key = ConfigurationProvider.getInstance().getConfigurationEncryptionKey(); + instance = new ConfigurationEncryptionUtils(); - /* (non-Javadoc) - * @see at.gv.egovernment.moa.id.util.AbstractEncrytionUtil#getKey() - */ - @Override - protected String getKey() { - return key; - - } + } catch (final Exception e) { + Logger.warn("MOAConfiguration encryption initialization FAILED.", e); + + } + } + return instance; + } + + /** + * @throws DatabaseEncryptionException + */ + public ConfigurationEncryptionUtils() throws DatabaseEncryptionException { + super(); + + } + + /* + * (non-Javadoc) + * + * @see at.gv.egovernment.moa.id.util.AbstractEncrytionUtil#getSalt() + */ + @Override + protected String getSalt() { + return "Configuration-Salt"; + + } + + /* + * (non-Javadoc) + * + * @see at.gv.egovernment.moa.id.util.AbstractEncrytionUtil#getKey() + */ + @Override + protected String getKey() { + return key; + + } } diff --git a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/utils/SAML2Utils.java b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/utils/SAML2Utils.java index eca4c05ef..c4a9894ca 100644 --- a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/utils/SAML2Utils.java +++ b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/utils/SAML2Utils.java @@ -32,7 +32,6 @@ import javax.xml.parsers.DocumentBuilderFactory; import javax.xml.parsers.ParserConfigurationException; import javax.xml.transform.TransformerException; -import org.opensaml.Configuration; import org.opensaml.xml.XMLObject; import org.opensaml.xml.XMLObjectBuilder; import org.opensaml.xml.XMLObjectBuilderFactory; @@ -41,59 +40,59 @@ import org.opensaml.xml.io.MarshallingException; public class SAML2Utils { - static { - DocumentBuilderFactory factory = DocumentBuilderFactory.newInstance(); - factory.setNamespaceAware(true); - factory.setValidating(false); - try { - builder = factory.newDocumentBuilder(); - } catch (ParserConfigurationException e) { - // TODO Auto-generated catch block - e.printStackTrace(); - } - } + static { + final DocumentBuilderFactory factory = DocumentBuilderFactory.newInstance(); + factory.setNamespaceAware(true); + factory.setValidating(false); + try { + builder = factory.newDocumentBuilder(); + } catch (final ParserConfigurationException e) { + // TODO Auto-generated catch block + e.printStackTrace(); + } + } - private static DocumentBuilder builder; + private static DocumentBuilder builder; - public static T createSAMLObject(final Class clazz) { - try { + public static T createSAMLObject(final Class clazz) { + try { - XMLObjectBuilderFactory builderFactory = Configuration - .getBuilderFactory(); + final XMLObjectBuilderFactory builderFactory = org.opensaml.xml.Configuration + .getBuilderFactory(); - QName defaultElementName = (QName) clazz.getDeclaredField( - "DEFAULT_ELEMENT_NAME").get(null); - Map builder = builderFactory.getBuilders(); - Iterator it = builder.keySet().iterator(); + final QName defaultElementName = (QName) clazz.getDeclaredField( + "DEFAULT_ELEMENT_NAME").get(null); + final Map builder = builderFactory.getBuilders(); + final Iterator it = builder.keySet().iterator(); - while (it.hasNext()) { - QName qname = it.next(); - if (qname.equals(defaultElementName)) { - System.out.printf("Builder for: %s\n", qname.toString()); - } - } - XMLObjectBuilder xmlBuilder = builderFactory - .getBuilder(defaultElementName); - - T object = (T) xmlBuilder.buildObject(defaultElementName); - return object; - } catch (Throwable e) { - System.out.printf("Failed to create object for: %s\n", - clazz.toString()); - e.printStackTrace(); - return null; - } - } + while (it.hasNext()) { + final QName qname = it.next(); + if (qname.equals(defaultElementName)) { + System.out.printf("Builder for: %s\n", qname.toString()); + } + } + final XMLObjectBuilder xmlBuilder = builderFactory + .getBuilder(defaultElementName); + + final T object = (T) xmlBuilder.buildObject(defaultElementName); + return object; + } catch (final Throwable e) { + System.out.printf("Failed to create object for: %s\n", + clazz.toString()); + e.printStackTrace(); + return null; + } + } + + public static org.w3c.dom.Document asDOMDocument(XMLObject object) throws IOException, + MarshallingException, TransformerException { + final org.w3c.dom.Document document = builder.newDocument(); + final Marshaller out = org.opensaml.xml.Configuration.getMarshallerFactory().getMarshaller( + object); + out.marshall(object, document); + return document; + } - public static org.w3c.dom.Document asDOMDocument(XMLObject object) throws IOException, - MarshallingException, TransformerException { - org.w3c.dom.Document document = builder.newDocument(); - Marshaller out = Configuration.getMarshallerFactory().getMarshaller( - object); - out.marshall(object, document); - return document; - } - // public static SignatureTrustEngine getSignatureKnownKeysTrustEngine() throws ConfigurationException { // MetadataCredentialResolver resolver; // @@ -113,7 +112,5 @@ public class SAML2Utils { // return engine; // // } - - } diff --git a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/utils/UserRequestCleaner.java b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/utils/UserRequestCleaner.java index 5f55a61d5..a78de7362 100644 --- a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/utils/UserRequestCleaner.java +++ b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/utils/UserRequestCleaner.java @@ -26,68 +26,66 @@ import java.util.Calendar; import java.util.Date; import java.util.List; -import org.apache.log4j.Logger; - import at.gv.egovernment.moa.id.commons.db.dao.config.UserDatabase; import at.gv.egovernment.moa.id.config.webgui.exception.ConfigurationException; import at.gv.egovernment.moa.id.configuration.auth.AuthenticationManager; import at.gv.egovernment.moa.id.configuration.config.ConfigurationProvider; import at.gv.egovernment.moa.id.configuration.helper.DateTimeHelper; +import lombok.extern.slf4j.Slf4j; - +@Slf4j public class UserRequestCleaner implements Runnable { - private static final Logger log = Logger.getLogger(UserRequestCleaner.class); - - private static final long SESSION_CLEANUP_INTERVAL = 5 * 60; // 5 min - - public void run() { - while (true) { - try { - ConfigurationProvider config = ConfigurationProvider.getInstance(); - - //clean up user request storage - List userrequests = config.getUserManagement().getAllOpenUsersRequests(); - if (userrequests != null) { - Calendar cal = Calendar.getInstance(); - cal.add(Calendar.HOUR, config.getUserRequestCleanUpDelay()*-1); - Date cleanupdate = cal.getTime(); - - for(UserDatabase dbuser : userrequests) { - Date requestdate = DateTimeHelper.parseDateTime(dbuser.getLastLogin()); - - if (requestdate != null && requestdate.after(cleanupdate)) { - log.info("Remove UserRequest from Database"); - config.getUserManagement().delete(dbuser); - } - - } - } - - //clean up active user storage - AuthenticationManager.getInstance().removeAllUsersAfterTimeOut(); - - Thread.sleep(SESSION_CLEANUP_INTERVAL * 1000); - - } catch (ConfigurationException e) { - log.info("UserRequestCleaner can not load configuration", e); - - } catch (InterruptedException e) { - - } - } - } - - /** - * start the sessionCleaner - */ - public static void start() { - // start the session cleanup thread - Thread sessionCleaner = new Thread(new UserRequestCleaner()); - sessionCleaner.setName("UserRequestCleaner"); - sessionCleaner.setDaemon(true); - sessionCleaner.setPriority(Thread.MIN_PRIORITY); - sessionCleaner.start(); - } - + private static final long SESSION_CLEANUP_INTERVAL = 5 * 60; // 5 min + + @Override + public void run() { + while (true) { + try { + final ConfigurationProvider config = ConfigurationProvider.getInstance(); + + // clean up user request storage + final List userrequests = config.getUserManagement().getAllOpenUsersRequests(); + if (userrequests != null) { + final Calendar cal = Calendar.getInstance(); + cal.add(Calendar.HOUR, config.getUserRequestCleanUpDelay() * -1); + final Date cleanupdate = cal.getTime(); + + for (final UserDatabase dbuser : userrequests) { + final Date requestdate = DateTimeHelper.parseDateTime(dbuser.getLastLogin()); + + if (requestdate != null && requestdate.after(cleanupdate)) { + log.info("Remove UserRequest from Database"); + config.getUserManagement().delete(dbuser); + } + + } + } + + // clean up active user storage + AuthenticationManager.getInstance().removeAllUsersAfterTimeOut(); + + Thread.sleep(SESSION_CLEANUP_INTERVAL * 1000); + + } catch (final ConfigurationException e) { + log.info("UserRequestCleaner can not load configuration", e); + + } catch (final InterruptedException e) { + + } + } + } + + /** + * start the sessionCleaner + */ + public static void start() { + // start the session cleanup thread + final Thread sessionCleaner = new Thread(new UserRequestCleaner()); + sessionCleaner.setName("UserRequestCleaner"); + sessionCleaner.setDaemon(true); + sessionCleaner.setPriority(Thread.MIN_PRIORITY); + sessionCleaner.start(); + } + } diff --git a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/validation/CompanyNumberValidator.java b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/validation/CompanyNumberValidator.java index b96b1e4b0..cbba90a6b 100644 --- a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/validation/CompanyNumberValidator.java +++ b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/validation/CompanyNumberValidator.java @@ -28,51 +28,53 @@ import at.gv.egovernment.moa.id.configuration.Constants; public class CompanyNumberValidator implements IdentificationNumberValidator { - public boolean validate(String commercialRegisterNumber) { - - String normalizedNumber = commercialRegisterNumber.replaceAll(" ", ""); - if(normalizedNumber.startsWith(Constants.IDENIFICATIONTYPE_FN)) - normalizedNumber = normalizedNumber.substring(2); - - return checkCommercialRegisterNumber(normalizedNumber); - } + @Override + public boolean validate(String commercialRegisterNumber) { - private boolean checkCommercialRegisterNumber(String commercialRegisterNumber) { - if (commercialRegisterNumber == null) { - return false; - } - commercialRegisterNumber = StringUtils.leftPad(commercialRegisterNumber, 7, - '0'); - if (!commercialRegisterNumber.matches("\\d{6}[abdfghikmpstvwxzy]")) { - return false; - } - String digits = commercialRegisterNumber.substring(0, - commercialRegisterNumber.length() - 1); - char checkDigit = commercialRegisterNumber.charAt(commercialRegisterNumber - .length() - 1); - boolean result = calcCheckDigitFromCommercialRegisterNumber(digits) == checkDigit; - return result; - } + String normalizedNumber = commercialRegisterNumber.replaceAll(" ", ""); + if (normalizedNumber.startsWith(Constants.IDENIFICATIONTYPE_FN)) { + normalizedNumber = normalizedNumber.substring(2); + } - public static char calcCheckDigitFromCommercialRegisterNumber( - String commercialRegisterDigits) { - final int[] WEIGHT = { 6, 4, 14, 15, 10, 1 }; - final char[] CHECKDIGIT = { 'a', 'b', 'd', 'f', 'g', 'h', 'i', 'k', 'm', - 'p', 's', 't', 'v', 'w', 'x', 'y', 'z' }; - if (commercialRegisterDigits == null) { - throw new NullPointerException("Commercial register number missing."); - } - commercialRegisterDigits = StringUtils.leftPad(commercialRegisterDigits, 6, - '0'); - if (!commercialRegisterDigits.matches("\\d{6}")) { - throw new IllegalArgumentException( - "Invalid commercial register number provided."); - } - int sum = 0; - for (int i = 0; i < commercialRegisterDigits.length(); i++) { - int value = commercialRegisterDigits.charAt(i) - '0'; - sum += WEIGHT[i] * value; - } - return CHECKDIGIT[sum % 17]; - } + return checkCommercialRegisterNumber(normalizedNumber); + } + + private boolean checkCommercialRegisterNumber(String commercialRegisterNumber) { + if (commercialRegisterNumber == null) { + return false; + } + commercialRegisterNumber = StringUtils.leftPad(commercialRegisterNumber, 7, + '0'); + if (!commercialRegisterNumber.matches("\\d{6}[abdfghikmpstvwxzy]")) { + return false; + } + final String digits = commercialRegisterNumber.substring(0, + commercialRegisterNumber.length() - 1); + final char checkDigit = commercialRegisterNumber.charAt(commercialRegisterNumber + .length() - 1); + final boolean result = calcCheckDigitFromCommercialRegisterNumber(digits) == checkDigit; + return result; + } + + public static char calcCheckDigitFromCommercialRegisterNumber( + String commercialRegisterDigits) { + final int[] WEIGHT = { 6, 4, 14, 15, 10, 1 }; + final char[] CHECKDIGIT = { 'a', 'b', 'd', 'f', 'g', 'h', 'i', 'k', 'm', + 'p', 's', 't', 'v', 'w', 'x', 'y', 'z' }; + if (commercialRegisterDigits == null) { + throw new NullPointerException("Commercial register number missing."); + } + commercialRegisterDigits = StringUtils.leftPad(commercialRegisterDigits, 6, + '0'); + if (!commercialRegisterDigits.matches("\\d{6}")) { + throw new IllegalArgumentException( + "Invalid commercial register number provided."); + } + int sum = 0; + for (int i = 0; i < commercialRegisterDigits.length(); i++) { + final int value = commercialRegisterDigits.charAt(i) - '0'; + sum += WEIGHT[i] * value; + } + return CHECKDIGIT[sum % 17]; + } } diff --git a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/validation/FormularCustomizationValitator.java b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/validation/FormularCustomizationValitator.java index 4ef4bc762..318492e66 100644 --- a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/validation/FormularCustomizationValitator.java +++ b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/validation/FormularCustomizationValitator.java @@ -27,149 +27,155 @@ import java.util.List; import javax.servlet.http.HttpServletRequest; -import org.apache.log4j.Logger; - import at.gv.egovernment.moa.id.commons.validation.ValidationHelper; import at.gv.egovernment.moa.id.configuration.data.FormularCustomization; import at.gv.egovernment.moa.id.configuration.helper.LanguageHelper; import at.gv.egovernment.moa.util.MiscUtil; +import lombok.extern.slf4j.Slf4j; +@Slf4j public class FormularCustomizationValitator { - - private static final Logger log = Logger.getLogger(FormularCustomizationValitator.class); - - public List validate(FormularCustomization form, HttpServletRequest request) { - - List errors = new ArrayList(); - String check; - - if (form.isOnlyMandateAllowed() && !form.isShowMandateLoginButton()) { - log.warn("OnlyMandateAllowed in combination with hidden MandateLoginCheckbox is not possible."); - errors.add(LanguageHelper.getErrorString("validation.general.bkuselection.specialfeatures.combination", request)); - } - - check = form.getBackGroundColor(); - if (MiscUtil.isNotEmpty(check)) { - if (!check.startsWith("#")) - check = "#" + check; - - if (!ValidationHelper.isValidHexValue(check)) { - log.warn("BKUSelectionBackGroundColor is not a valid hex value " + check); - errors.add(LanguageHelper.getErrorString("validation.general.form.color.background", request)); - } - } - - check = form.getFrontColor(); - if (MiscUtil.isNotEmpty(check)) { - if (!check.startsWith("#")) - check = "#" + check; - - if (!ValidationHelper.isValidHexValue(check)) { - log.warn("BKUSelectionFrontColor is not a valid hex value " + check); - errors.add(LanguageHelper.getErrorString("validation.general.form.color.front", request)); - } - } - - check = form.getHeader_BackGroundColor(); - if (MiscUtil.isNotEmpty(check)) { - if (!check.startsWith("#")) - check = "#" + check; - - if (!ValidationHelper.isValidHexValue(check)) { - log.warn("HeaderBackGroundColor is not a valid hex value " + check); - errors.add(LanguageHelper.getErrorString("validation.general.form.header.color.back", request)); - } - } - - check = form.getHeader_FrontColor(); - if (MiscUtil.isNotEmpty(check)) { - if (!check.startsWith("#")) - check = "#" + check; - - if (!ValidationHelper.isValidHexValue(check)) { - log.warn("HeaderFrontColor is not a valid hex value " + check); - errors.add(LanguageHelper.getErrorString("validation.general.form.header.color.front", request)); - } - } - - check = form.getHeader_text(); - if (MiscUtil.isNotEmpty(check)) { - if (ValidationHelper.containsNotValidCharacter(check, false)) { - log.warn("HeaderText contains potentail XSS characters: " + check); - errors.add(LanguageHelper.getErrorString("validation.general.form.header.text", - new Object[] {ValidationHelper.getNotValidCharacter(false)}, request )); - } - } - - check = form.getButton_BackGroundColor(); - if (MiscUtil.isNotEmpty(check)) { - if (!check.startsWith("#")) - check = "#" + check; - - if (!ValidationHelper.isValidHexValue(check)) { - log.warn("ButtonBackGroundColor is not a valid hex value " + check); - errors.add(LanguageHelper.getErrorString("validation.general.form.button.color.back", request)); - } - } - - check = form.getButton_BackGroundColorFocus(); - if (MiscUtil.isNotEmpty(check)) { - if (!check.startsWith("#")) - check = "#" + check; - - if (!ValidationHelper.isValidHexValue(check)) { - log.warn("ButtonBackGroundColorFocus is not a valid hex value " + check); - errors.add(LanguageHelper.getErrorString("validation.general.form.button.color.back.focus", request)); - } - } - - check = form.getButton_FrontColor(); - if (MiscUtil.isNotEmpty(check)) { - if (!check.startsWith("#")) - check = "#" + check; - - if (!ValidationHelper.isValidHexValue(check)) { - log.warn("ButtonFrontColor is not a valid hex value " + check); - errors.add(LanguageHelper.getErrorString("validation.general.form.button.color.front", request)); - } - } - - check = form.getAppletRedirectTarget(); - if (MiscUtil.isNotEmpty(check)) { - if (!FormularCustomization.appletRedirectTargetList.contains(check)) { - log.warn("AppletRedirectTarget has not valid value " + check); - errors.add(LanguageHelper.getErrorString("validation.general.form.appletredirecttarget", request)); - } - } - - check = form.getFontType(); - if (MiscUtil.isNotEmpty(check)) { - if (ValidationHelper.containsNotValidCharacter(check, true)) { - log.warn("FontType contains potentail XSS characters: " + check); - errors.add(LanguageHelper.getErrorString("validation.general.form.fonttype", - new Object[] {ValidationHelper.getNotValidCharacter(true)}, request )); - } - } - - check = form.getApplet_height(); - if (MiscUtil.isNotEmpty(check)) { - if (!ValidationHelper.validateNumber(check)) { - log.warn("Applet height "+ check + " is no valid number"); - errors.add(LanguageHelper.getErrorString("validation.general.form.applet.height", - new Object[] {ValidationHelper.getNotValidCharacter(true)}, request )); - } - } - - check = form.getApplet_width(); - if (MiscUtil.isNotEmpty(check)) { - if (!ValidationHelper.validateNumber(check)) { - log.warn("Applet width "+ check + " is no valid number"); - errors.add(LanguageHelper.getErrorString("validation.general.form.applet.width", - new Object[] {ValidationHelper.getNotValidCharacter(true)}, request )); - } - } - - return errors; - - } + + public List validate(FormularCustomization form, HttpServletRequest request) { + + final List errors = new ArrayList<>(); + String check; + + if (form.isOnlyMandateAllowed() && !form.isShowMandateLoginButton()) { + log.warn("OnlyMandateAllowed in combination with hidden MandateLoginCheckbox is not possible."); + errors.add(LanguageHelper.getErrorString("validation.general.bkuselection.specialfeatures.combination", + request)); + } + + check = form.getBackGroundColor(); + if (MiscUtil.isNotEmpty(check)) { + if (!check.startsWith("#")) { + check = "#" + check; + } + + if (!ValidationHelper.isValidHexValue(check)) { + log.warn("BKUSelectionBackGroundColor is not a valid hex value " + check); + errors.add(LanguageHelper.getErrorString("validation.general.form.color.background", request)); + } + } + + check = form.getFrontColor(); + if (MiscUtil.isNotEmpty(check)) { + if (!check.startsWith("#")) { + check = "#" + check; + } + + if (!ValidationHelper.isValidHexValue(check)) { + log.warn("BKUSelectionFrontColor is not a valid hex value " + check); + errors.add(LanguageHelper.getErrorString("validation.general.form.color.front", request)); + } + } + + check = form.getHeader_BackGroundColor(); + if (MiscUtil.isNotEmpty(check)) { + if (!check.startsWith("#")) { + check = "#" + check; + } + + if (!ValidationHelper.isValidHexValue(check)) { + log.warn("HeaderBackGroundColor is not a valid hex value " + check); + errors.add(LanguageHelper.getErrorString("validation.general.form.header.color.back", request)); + } + } + + check = form.getHeader_FrontColor(); + if (MiscUtil.isNotEmpty(check)) { + if (!check.startsWith("#")) { + check = "#" + check; + } + + if (!ValidationHelper.isValidHexValue(check)) { + log.warn("HeaderFrontColor is not a valid hex value " + check); + errors.add(LanguageHelper.getErrorString("validation.general.form.header.color.front", request)); + } + } + + check = form.getHeader_text(); + if (MiscUtil.isNotEmpty(check)) { + if (ValidationHelper.containsNotValidCharacter(check, false)) { + log.warn("HeaderText contains potentail XSS characters: " + check); + errors.add(LanguageHelper.getErrorString("validation.general.form.header.text", + new Object[] { ValidationHelper.getNotValidCharacter(false) }, request)); + } + } + + check = form.getButton_BackGroundColor(); + if (MiscUtil.isNotEmpty(check)) { + if (!check.startsWith("#")) { + check = "#" + check; + } + + if (!ValidationHelper.isValidHexValue(check)) { + log.warn("ButtonBackGroundColor is not a valid hex value " + check); + errors.add(LanguageHelper.getErrorString("validation.general.form.button.color.back", request)); + } + } + + check = form.getButton_BackGroundColorFocus(); + if (MiscUtil.isNotEmpty(check)) { + if (!check.startsWith("#")) { + check = "#" + check; + } + + if (!ValidationHelper.isValidHexValue(check)) { + log.warn("ButtonBackGroundColorFocus is not a valid hex value " + check); + errors.add(LanguageHelper.getErrorString("validation.general.form.button.color.back.focus", request)); + } + } + + check = form.getButton_FrontColor(); + if (MiscUtil.isNotEmpty(check)) { + if (!check.startsWith("#")) { + check = "#" + check; + } + + if (!ValidationHelper.isValidHexValue(check)) { + log.warn("ButtonFrontColor is not a valid hex value " + check); + errors.add(LanguageHelper.getErrorString("validation.general.form.button.color.front", request)); + } + } + + check = form.getAppletRedirectTarget(); + if (MiscUtil.isNotEmpty(check)) { + if (!FormularCustomization.appletRedirectTargetList.contains(check)) { + log.warn("AppletRedirectTarget has not valid value " + check); + errors.add(LanguageHelper.getErrorString("validation.general.form.appletredirecttarget", request)); + } + } + + check = form.getFontType(); + if (MiscUtil.isNotEmpty(check)) { + if (ValidationHelper.containsNotValidCharacter(check, true)) { + log.warn("FontType contains potentail XSS characters: " + check); + errors.add(LanguageHelper.getErrorString("validation.general.form.fonttype", + new Object[] { ValidationHelper.getNotValidCharacter(true) }, request)); + } + } + + check = form.getApplet_height(); + if (MiscUtil.isNotEmpty(check)) { + if (!ValidationHelper.validateNumber(check)) { + log.warn("Applet height " + check + " is no valid number"); + errors.add(LanguageHelper.getErrorString("validation.general.form.applet.height", + new Object[] { ValidationHelper.getNotValidCharacter(true) }, request)); + } + } + + check = form.getApplet_width(); + if (MiscUtil.isNotEmpty(check)) { + if (!ValidationHelper.validateNumber(check)) { + log.warn("Applet width " + check + " is no valid number"); + errors.add(LanguageHelper.getErrorString("validation.general.form.applet.width", + new Object[] { ValidationHelper.getNotValidCharacter(true) }, request)); + } + } + + return errors; + + } } diff --git a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/validation/IdentificationNumberValidator.java b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/validation/IdentificationNumberValidator.java index d66c0da3a..84993f464 100644 --- a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/validation/IdentificationNumberValidator.java +++ b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/validation/IdentificationNumberValidator.java @@ -24,6 +24,6 @@ package at.gv.egovernment.moa.id.configuration.validation; public interface IdentificationNumberValidator { - boolean validate(String idNumber); - + boolean validate(String idNumber); + } diff --git a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/validation/UserDatabaseFormValidator.java b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/validation/UserDatabaseFormValidator.java index f0594c38d..13708c257 100644 --- a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/validation/UserDatabaseFormValidator.java +++ b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/validation/UserDatabaseFormValidator.java @@ -27,8 +27,6 @@ import java.util.List; import javax.servlet.http.HttpServletRequest; -import org.apache.log4j.Logger; - import at.gv.egovernment.moa.id.commons.db.dao.config.UserDatabase; import at.gv.egovernment.moa.id.commons.validation.ValidationHelper; import at.gv.egovernment.moa.id.config.webgui.exception.ConfigurationException; @@ -38,163 +36,161 @@ import at.gv.egovernment.moa.id.configuration.data.UserDatabaseFrom; import at.gv.egovernment.moa.id.configuration.helper.AuthenticationHelper; import at.gv.egovernment.moa.id.configuration.helper.LanguageHelper; import at.gv.egovernment.moa.util.MiscUtil; +import lombok.extern.slf4j.Slf4j; +@Slf4j public class UserDatabaseFormValidator { - private static final Logger log = Logger.getLogger(UserDatabaseFormValidator.class); - - public List validate(UserDatabaseFrom form, long userID, boolean isPVP2Generated, - boolean isMandateUser, HttpServletRequest request) { - List errors = new ArrayList(); - - String check = null; - FileBasedUserConfiguration newConfigRead = null; - try { - newConfigRead = ConfigurationProvider.getInstance().getUserManagement(); - - } catch (ConfigurationException e) { - log.error("MOA-ID-Configuration initialization FAILED.", e); - errors.add("Internal Server Error"); - return errors; - - } - - if (!isPVP2Generated) { - check = form.getGivenName(); - if (MiscUtil.isNotEmpty(check)) { - if (ValidationHelper.containsNotValidCharacter(check, false)) { - log.warn("GivenName contains potentail XSS characters: " + check); - errors.add(LanguageHelper.getErrorString("validation.edituser.givenname.valid", - new Object[] {ValidationHelper.getNotValidCharacter(false)}, request )); - } - } else { - log.warn("GivenName is empty"); - errors.add(LanguageHelper.getErrorString("validation.edituser.givenname.empty", request)); - } - - - check = form.getFamilyName(); - if (MiscUtil.isNotEmpty(check)) { - if (ValidationHelper.containsNotValidCharacter(check, false)) { - log.warn("FamilyName contains potentail XSS characters: " + check); - errors.add(LanguageHelper.getErrorString("validation.edituser.familyname.valid", - new Object[] {ValidationHelper.getNotValidCharacter(false)}, request )); - } - } else { - log.warn("FamilyName is empty"); - errors.add(LanguageHelper.getErrorString("validation.edituser.familyname.empty", request)); - } - } - - if (!isMandateUser) { - check = form.getInstitut(); - if (MiscUtil.isNotEmpty(check)) { - if (ValidationHelper.containsNotValidCharacter(check, false)) { - log.warn("Organisation contains potentail XSS characters: " + check); - errors.add(LanguageHelper.getErrorString("validation.edituser.institut.valid", - new Object[] {ValidationHelper.getNotValidCharacter(false)}, request )); - } - } else { - log.warn("Organisation is empty"); - errors.add(LanguageHelper.getErrorString("validation.edituser.institut.empty", request)); - } - } - - check = form.getMail(); - if (MiscUtil.isNotEmpty(check)) { - if (!ValidationHelper.isEmailAddressFormat(check)) { - log.warn("Mailaddress is not valid: " + check); - errors.add(LanguageHelper.getErrorString("validation.edituser.mail.valid", - new Object[] {ValidationHelper.getNotValidCharacter(false)}, request )); - } - } else { - log.warn("Mailaddress is empty"); - errors.add(LanguageHelper.getErrorString("validation.edituser.mail.empty", request)); - } - - check = form.getPhone(); - if (MiscUtil.isNotEmpty(check)) { - if (ValidationHelper.containsNotValidCharacter(check, false)) { - log.warn("Phonenumber contains potentail XSS characters: " + check); - errors.add(LanguageHelper.getErrorString("validation.edituser.phone.valid", - new Object[] {ValidationHelper.getNotValidCharacter(false)}, request )); - } - } else { - log.warn("Phonenumber is empty"); - errors.add(LanguageHelper.getErrorString("validation.edituser.phone.empty", request)); - } - - if (form.isIsusernamepasswordallowed()) { - check = form.getUsername(); - if (MiscUtil.isNotEmpty(check)) { - if (ValidationHelper.containsNotValidCharacter(check, false)) { - log.warn("Username contains potentail XSS characters: " + check); - errors.add(LanguageHelper.getErrorString("validation.edituser.username.valid", - new Object[] {ValidationHelper.getNotValidCharacter(false)}, request )); - - } else { - UserDatabase dbuser = newConfigRead.getUserWithUserName(check); - if (dbuser != null && !dbuser.getHjid().equals(String.valueOf(userID ))) { - log.warn("Username " + check + " exists in UserDatabase"); - errors.add(LanguageHelper.getErrorString("validation.edituser.username.duplicate", request)); - form.setUsername(""); - } - } - } else { - if (userID == -1) { - log.warn("Username is empty"); - errors.add(LanguageHelper.getErrorString("validation.edituser.username.empty", request)); - } else { - UserDatabase dbuser = newConfigRead.getUserWithID(userID); - if (dbuser == null) { - log.warn("Username is empty"); - errors.add(LanguageHelper.getErrorString("validation.edituser.username.empty", request)); - } else { - form.setUsername(dbuser.getUsername()); - } - } - } - - check = form.getPassword(); - - if (MiscUtil.isEmpty(check)) { - if (userID == -1) { - log.warn("Password is empty"); - errors.add(LanguageHelper.getErrorString("validation.edituser.password.empty", request)); - } else { - UserDatabase dbuser = newConfigRead.getUserWithID(userID); - if (dbuser == null || MiscUtil.isEmpty(dbuser.getPassword())) { - log.warn("Password is empty"); - errors.add(LanguageHelper.getErrorString("validation.edituser.password.empty", request)); - } - } - - } else { - - if (check.equals(form.getPassword_second())) { - - String key = AuthenticationHelper.generateKeyFormPassword(check); - if (key == null) { - errors.add(LanguageHelper.getErrorString("validation.edituser.password.valid", request)); - } - - } - else { - errors.add(LanguageHelper.getErrorString("validation.edituser.password.equal", request)); - } - } - } - - check = form.getBpk(); - if (MiscUtil.isNotEmpty(check)) { - if (ValidationHelper.isNotValidIdentityLinkSigner(check)) { - log.warn("BPK contains potentail XSS characters: " + check); - errors.add(LanguageHelper.getErrorString("validation.edituser.bpk.valid", - new Object[] {ValidationHelper.getNotValidIdentityLinkSignerCharacters()}, request )); - } - } - - return errors; - - } + public List validate(UserDatabaseFrom form, long userID, boolean isPVP2Generated, + boolean isMandateUser, HttpServletRequest request) { + final List errors = new ArrayList<>(); + + String check = null; + FileBasedUserConfiguration newConfigRead = null; + try { + newConfigRead = ConfigurationProvider.getInstance().getUserManagement(); + + } catch (final ConfigurationException e) { + log.error("MOA-ID-Configuration initialization FAILED.", e); + errors.add("Internal Server Error"); + return errors; + + } + + if (!isPVP2Generated) { + check = form.getGivenName(); + if (MiscUtil.isNotEmpty(check)) { + if (ValidationHelper.containsNotValidCharacter(check, false)) { + log.warn("GivenName contains potentail XSS characters: " + check); + errors.add(LanguageHelper.getErrorString("validation.edituser.givenname.valid", + new Object[] { ValidationHelper.getNotValidCharacter(false) }, request)); + } + } else { + log.warn("GivenName is empty"); + errors.add(LanguageHelper.getErrorString("validation.edituser.givenname.empty", request)); + } + + check = form.getFamilyName(); + if (MiscUtil.isNotEmpty(check)) { + if (ValidationHelper.containsNotValidCharacter(check, false)) { + log.warn("FamilyName contains potentail XSS characters: " + check); + errors.add(LanguageHelper.getErrorString("validation.edituser.familyname.valid", + new Object[] { ValidationHelper.getNotValidCharacter(false) }, request)); + } + } else { + log.warn("FamilyName is empty"); + errors.add(LanguageHelper.getErrorString("validation.edituser.familyname.empty", request)); + } + } + + if (!isMandateUser) { + check = form.getInstitut(); + if (MiscUtil.isNotEmpty(check)) { + if (ValidationHelper.containsNotValidCharacter(check, false)) { + log.warn("Organisation contains potentail XSS characters: " + check); + errors.add(LanguageHelper.getErrorString("validation.edituser.institut.valid", + new Object[] { ValidationHelper.getNotValidCharacter(false) }, request)); + } + } else { + log.warn("Organisation is empty"); + errors.add(LanguageHelper.getErrorString("validation.edituser.institut.empty", request)); + } + } + + check = form.getMail(); + if (MiscUtil.isNotEmpty(check)) { + if (!ValidationHelper.isEmailAddressFormat(check)) { + log.warn("Mailaddress is not valid: " + check); + errors.add(LanguageHelper.getErrorString("validation.edituser.mail.valid", + new Object[] { ValidationHelper.getNotValidCharacter(false) }, request)); + } + } else { + log.warn("Mailaddress is empty"); + errors.add(LanguageHelper.getErrorString("validation.edituser.mail.empty", request)); + } + + check = form.getPhone(); + if (MiscUtil.isNotEmpty(check)) { + if (ValidationHelper.containsNotValidCharacter(check, false)) { + log.warn("Phonenumber contains potentail XSS characters: " + check); + errors.add(LanguageHelper.getErrorString("validation.edituser.phone.valid", + new Object[] { ValidationHelper.getNotValidCharacter(false) }, request)); + } + } else { + log.warn("Phonenumber is empty"); + errors.add(LanguageHelper.getErrorString("validation.edituser.phone.empty", request)); + } + + if (form.isIsusernamepasswordallowed()) { + check = form.getUsername(); + if (MiscUtil.isNotEmpty(check)) { + if (ValidationHelper.containsNotValidCharacter(check, false)) { + log.warn("Username contains potentail XSS characters: " + check); + errors.add(LanguageHelper.getErrorString("validation.edituser.username.valid", + new Object[] { ValidationHelper.getNotValidCharacter(false) }, request)); + + } else { + final UserDatabase dbuser = newConfigRead.getUserWithUserName(check); + if (dbuser != null && !dbuser.getHjid().equals(String.valueOf(userID))) { + log.warn("Username " + check + " exists in UserDatabase"); + errors.add(LanguageHelper.getErrorString("validation.edituser.username.duplicate", request)); + form.setUsername(""); + } + } + } else { + if (userID == -1) { + log.warn("Username is empty"); + errors.add(LanguageHelper.getErrorString("validation.edituser.username.empty", request)); + } else { + final UserDatabase dbuser = newConfigRead.getUserWithID(userID); + if (dbuser == null) { + log.warn("Username is empty"); + errors.add(LanguageHelper.getErrorString("validation.edituser.username.empty", request)); + } else { + form.setUsername(dbuser.getUsername()); + } + } + } + + check = form.getPassword(); + + if (MiscUtil.isEmpty(check)) { + if (userID == -1) { + log.warn("Password is empty"); + errors.add(LanguageHelper.getErrorString("validation.edituser.password.empty", request)); + } else { + final UserDatabase dbuser = newConfigRead.getUserWithID(userID); + if (dbuser == null || MiscUtil.isEmpty(dbuser.getPassword())) { + log.warn("Password is empty"); + errors.add(LanguageHelper.getErrorString("validation.edituser.password.empty", request)); + } + } + + } else { + + if (check.equals(form.getPassword_second())) { + + final String key = AuthenticationHelper.generateKeyFormPassword(check); + if (key == null) { + errors.add(LanguageHelper.getErrorString("validation.edituser.password.valid", request)); + } + + } else { + errors.add(LanguageHelper.getErrorString("validation.edituser.password.equal", request)); + } + } + } + + check = form.getBpk(); + if (MiscUtil.isNotEmpty(check)) { + if (ValidationHelper.isNotValidIdentityLinkSigner(check)) { + log.warn("BPK contains potentail XSS characters: " + check); + errors.add(LanguageHelper.getErrorString("validation.edituser.bpk.valid", + new Object[] { ValidationHelper.getNotValidIdentityLinkSignerCharacters() }, request)); + } + } + + return errors; + + } } diff --git a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/validation/moaconfig/MOAConfigValidator.java b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/validation/moaconfig/MOAConfigValidator.java index 247004b75..62d53ab56 100644 --- a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/validation/moaconfig/MOAConfigValidator.java +++ b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/validation/moaconfig/MOAConfigValidator.java @@ -32,7 +32,6 @@ import java.util.List; import javax.servlet.http.HttpServletRequest; import org.apache.commons.lang3.StringUtils; -import org.apache.log4j.Logger; import at.gv.egovernment.moa.id.commons.validation.ValidationHelper; import at.gv.egovernment.moa.id.configuration.Constants; @@ -41,114 +40,115 @@ import at.gv.egovernment.moa.id.configuration.data.pvp2.ContactForm; import at.gv.egovernment.moa.id.configuration.helper.LanguageHelper; import at.gv.egovernment.moa.util.Base64Utils; import at.gv.egovernment.moa.util.MiscUtil; +import lombok.extern.slf4j.Slf4j; +@Slf4j public class MOAConfigValidator { - private static final Logger log = Logger.getLogger(MOAConfigValidator.class); - - public List validate(GeneralMOAIDConfig form, HttpServletRequest request, boolean isMOAIDMode) { - - List errors = new ArrayList(); - - log.debug("Validate general MOA configuration"); - - - String check = form.getSaml1SourceID(); - if (MiscUtil.isNotEmpty(check)) { - if (ValidationHelper.containsNotValidCharacter(check, false)) { - log.warn("SAML1 SourceID contains potentail XSS characters: " + check); - errors.add(LanguageHelper.getErrorString("validation.general.SAML1SourceID", - new Object[] {ValidationHelper.getNotValidCharacter(false)}, request )); - } - } - - check = form.getPublicURLPrefix(); - if (MiscUtil.isNotEmpty(check)) { - String[] publicURLPreFix = check.split(","); - if (form.isVirtualPublicURLPrefixEnabled()) { - for (String el : publicURLPreFix) { - if (!ValidationHelper.validateURL( - StringUtils.chomp(el.trim()))) { - log.info("Public URL Prefix " + el + " is not valid"); - errors.add(LanguageHelper.getErrorString("validation.general.publicURLprefix.valid", new Object[]{el}, request)); - } - } - - } else { - if (!ValidationHelper.validateURL( - StringUtils.chomp(publicURLPreFix[0].trim()))) { - log.info("Public URL Prefix " + publicURLPreFix[0] + " is not valid"); - errors.add(LanguageHelper.getErrorString("validation.general.publicURLprefix.valid", new Object[]{publicURLPreFix[0]}, request)); - - } - - } - } else { - log.info("PublicURL Prefix is empty."); - errors.add(LanguageHelper.getErrorString("validation.general.publicURLprefix.empty", request)); - } - - check = form.getTimeoutAssertion(); - if (MiscUtil.isNotEmpty(check)) { - if (!ValidationHelper.validateNumber(check)) { - log.warn("Assertion Timeout is no number " + check); - errors.add(LanguageHelper.getErrorString("validation.general.timeouts.assertion.valid", - new Object[] {ValidationHelper.getNotValidOAIdentifierCharacters()}, request )); - } - } - check = form.getTimeoutMOASessionCreated(); - if (MiscUtil.isNotEmpty(check)) { - if (!ValidationHelper.validateNumber(check)) { - log.warn("MOASessionCreated Timeout is no number " + check); - errors.add(LanguageHelper.getErrorString("validation.general.timeouts.moasessioncreated.valid", - new Object[] {ValidationHelper.getNotValidOAIdentifierCharacters()}, request )); - } - } - check = form.getTimeoutMOASessionUpdated(); - if (MiscUtil.isNotEmpty(check)) { - if (!ValidationHelper.validateNumber(check)) { - log.warn("MOASessionUpdated Timeout is no number " + check); - errors.add(LanguageHelper.getErrorString("validation.general.timeouts.moasessionupdated.valid", - new Object[] {ValidationHelper.getNotValidOAIdentifierCharacters()}, request )); - } - } - + public List validate(GeneralMOAIDConfig form, HttpServletRequest request, boolean isMOAIDMode) { + + final List errors = new ArrayList<>(); + + log.debug("Validate general MOA configuration"); + + String check = form.getSaml1SourceID(); + if (MiscUtil.isNotEmpty(check)) { + if (ValidationHelper.containsNotValidCharacter(check, false)) { + log.warn("SAML1 SourceID contains potentail XSS characters: " + check); + errors.add(LanguageHelper.getErrorString("validation.general.SAML1SourceID", + new Object[] { ValidationHelper.getNotValidCharacter(false) }, request)); + } + } + + check = form.getPublicURLPrefix(); + if (MiscUtil.isNotEmpty(check)) { + final String[] publicURLPreFix = check.split(","); + if (form.isVirtualPublicURLPrefixEnabled()) { + for (final String el : publicURLPreFix) { + if (!ValidationHelper.validateURL( + StringUtils.chomp(el.trim()))) { + log.info("Public URL Prefix " + el + " is not valid"); + errors.add(LanguageHelper.getErrorString("validation.general.publicURLprefix.valid", + new Object[] { el }, request)); + } + } + + } else { + if (!ValidationHelper.validateURL( + StringUtils.chomp(publicURLPreFix[0].trim()))) { + log.info("Public URL Prefix " + publicURLPreFix[0] + " is not valid"); + errors.add(LanguageHelper.getErrorString("validation.general.publicURLprefix.valid", new Object[] { + publicURLPreFix[0] }, request)); + + } + + } + } else { + log.info("PublicURL Prefix is empty."); + errors.add(LanguageHelper.getErrorString("validation.general.publicURLprefix.empty", request)); + } + + check = form.getTimeoutAssertion(); + if (MiscUtil.isNotEmpty(check)) { + if (!ValidationHelper.validateNumber(check)) { + log.warn("Assertion Timeout is no number " + check); + errors.add(LanguageHelper.getErrorString("validation.general.timeouts.assertion.valid", + new Object[] { ValidationHelper.getNotValidOAIdentifierCharacters() }, request)); + } + } + check = form.getTimeoutMOASessionCreated(); + if (MiscUtil.isNotEmpty(check)) { + if (!ValidationHelper.validateNumber(check)) { + log.warn("MOASessionCreated Timeout is no number " + check); + errors.add(LanguageHelper.getErrorString("validation.general.timeouts.moasessioncreated.valid", + new Object[] { ValidationHelper.getNotValidOAIdentifierCharacters() }, request)); + } + } + check = form.getTimeoutMOASessionUpdated(); + if (MiscUtil.isNotEmpty(check)) { + if (!ValidationHelper.validateNumber(check)) { + log.warn("MOASessionUpdated Timeout is no number " + check); + errors.add(LanguageHelper.getErrorString("validation.general.timeouts.moasessionupdated.valid", + new Object[] { ValidationHelper.getNotValidOAIdentifierCharacters() }, request)); + } + } + // check = form.getCertStoreDirectory(); // if (MiscUtil.isNotEmpty(check)) { // if (ValidationHelper.isValidOAIdentifier(check)) { // log.warn("CertStoreDirectory contains potentail XSS characters: " + check); -// errors.add(LanguageHelper.getErrorString("validation.general.certStoreDirectory.valid", +// errors.add(LanguageHelper.getErrorString("validation.general.certStoreDirectory.valid", // new Object[] {ValidationHelper.getNotValidOAIdentifierCharacters()}, request )); // } // } else { // log.info("CertStoreDirectory is empty."); // errors.add(LanguageHelper.getErrorString("validation.general.certStoreDirectory.empty", request)); // } - - check = form.getDefaultBKUHandy(); - if (MiscUtil.isNotEmpty(check) && isMOAIDMode) { - if (!ValidationHelper.validateURL(check)) { - log.info("Not valid Handy-BKU URL"); - errors.add(LanguageHelper.getErrorString("validation.general.bku.handy.valid", request)); - } - } - - check = form.getDefaultBKULocal(); - if (MiscUtil.isNotEmpty(check) && isMOAIDMode) { - if (!ValidationHelper.validateURL(check)) { - log.info("Not valid Online-BKU URL"); - errors.add(LanguageHelper.getErrorString("validation.general.bku.local.valid", request)); - } - } - - check = form.getDefaultBKUOnline(); - if (MiscUtil.isNotEmpty(check) && isMOAIDMode) { - if (!ValidationHelper.validateURL(check)) { - log.info("Not valid Online-BKU URL"); - errors.add(LanguageHelper.getErrorString("validation.general.bku.online.valid", request)); - } - } - + + check = form.getDefaultBKUHandy(); + if (MiscUtil.isNotEmpty(check) && isMOAIDMode) { + if (!ValidationHelper.validateURL(check)) { + log.info("Not valid Handy-BKU URL"); + errors.add(LanguageHelper.getErrorString("validation.general.bku.handy.valid", request)); + } + } + + check = form.getDefaultBKULocal(); + if (MiscUtil.isNotEmpty(check) && isMOAIDMode) { + if (!ValidationHelper.validateURL(check)) { + log.info("Not valid Online-BKU URL"); + errors.add(LanguageHelper.getErrorString("validation.general.bku.local.valid", request)); + } + } + + check = form.getDefaultBKUOnline(); + if (MiscUtil.isNotEmpty(check) && isMOAIDMode) { + if (!ValidationHelper.validateURL(check)) { + log.info("Not valid Online-BKU URL"); + errors.add(LanguageHelper.getErrorString("validation.general.bku.online.valid", request)); + } + } + // check = form.getDefaultchainigmode(); // if (MiscUtil.isEmpty(check)) { // log.info("Empty Defaultchainigmode"); @@ -160,166 +160,169 @@ public class MOAConfigValidator { // errors.add(LanguageHelper.getErrorString("validation.general.Defaultchainigmode.valid", request)); // } // } - - check = form.getMandateURL(); - if (MiscUtil.isNotEmpty(check) && isMOAIDMode) { - String[] misURLs = check.split(","); - for (String el : misURLs) { - if (MiscUtil.isNotEmpty(el) && !ValidationHelper.validateURL(StringUtils.chomp(el.trim()))) { - log.info("Not valid Online-Mandate Service URL"); - errors.add(LanguageHelper.getErrorString("validation.general.mandateservice.valid", - new Object[]{el}, request)); - } - } - } - - check = form.getElgaMandateServiceURL(); - if (MiscUtil.isNotEmpty(check) && isMOAIDMode) { - String[] elgaServiceURLs = check.split(","); - for (String el : elgaServiceURLs) { - if (MiscUtil.isNotEmpty(el) && !ValidationHelper.validateURL(StringUtils.chomp(el.trim()))) { - log.info("Not valid Online-Mandate Service URL"); - errors.add(LanguageHelper.getErrorString("validation.general.elga.mandateservice.valid", - new Object[]{el}, request)); - } - } - } - - check = form.getEidSystemServiceURL(); - if (MiscUtil.isNotEmpty(check)) { - String[] eidServiceURLs = check.split(","); - for (String el : eidServiceURLs) { - if (MiscUtil.isNotEmpty(el) && !ValidationHelper.validateURL(StringUtils.chomp(el.trim()))) { - log.info("Not valid E-ID System Service URL"); - errors.add(LanguageHelper.getErrorString("validation.general.eid.url.valid", - new Object[]{el}, request)); - } - } - } - - check = form.getMoaspssAuthTransformations(); - List authtranslist = new ArrayList(); - if (isMOAIDMode) { - if (MiscUtil.isEmpty(check)) { - log.info("Empty MoaspssAuthTransformation"); - errors.add(LanguageHelper.getErrorString("validation.general.moasp.auth.transformation.empty", request)); - } else { - - //is only required if more then one transformation is in use - // check = StringHelper.formatText(check); - // String[] list = check.split(GeneralMOAIDConfig.LINE_DELIMITER); - // int i=1; - // for(String el : list) { - // if (ValidationHelper.containsPotentialCSSCharacter(el, false)) { - // log.info("IdentityLinkSigners is not valid: " + el); - // errors.add(LanguageHelper.getErrorString("validation.general.moasp.auth.transformation.valid", - // new Object[] {i, ValidationHelper.getPotentialCSSCharacter(false)} )); - // - // } else { - // if (MiscUtil.isNotEmpty(el.trim())) - // authtranslist.add(el.trim()); - // } - // i++; - // } - authtranslist.add(check.trim()); - } - } - form.setAuthTransformList(authtranslist); - - if (isMOAIDMode) { - check = form.getMoaspssAuthTrustProfile(); - if (MiscUtil.isEmpty(check)) { - log.info("Empty MOA-SP/SS Authblock TrustProfile"); - errors.add(LanguageHelper.getErrorString("validation.general.moasp.auth.trustprofile.empty", request)); - } else { - if (ValidationHelper.containsNotValidCharacter(check, false)) { - log.info("Authblock TrustProfile is not valid: " +check); - errors.add(LanguageHelper.getErrorString("validation.general.moasp.auth.trustprofile.valid", - new Object[] {ValidationHelper.getNotValidCharacter(false)}, request )); - } - } - - check = form.getMoaspssIdlTrustProfile(); - if (MiscUtil.isEmpty(check)) { - log.info("Empty MOA-SP/SS IdentityLink TrustProfile"); - errors.add(LanguageHelper.getErrorString("validation.general.moasp.idl.trustprofile.empty", request)); - } else { - if (ValidationHelper.containsNotValidCharacter(check, false)) { - log.info("IdentityLink TrustProfile is not valid: " +check); - errors.add(LanguageHelper.getErrorString("validation.general.moasp.idl.trustprofile.valid", - new Object[] {ValidationHelper.getNotValidCharacter(false)}, request )); - } - } - - check = form.getMoaspssAuthTrustProfileTest(); - if (MiscUtil.isEmpty(check)) { - log.info("Empty MOA-SP/SS Test-Authblock TrustProfile"); - errors.add(LanguageHelper.getErrorString("validation.general.moasp.auth.trustprofile.test.empty", request)); - } else { - if (ValidationHelper.containsNotValidCharacter(check, false)) { - log.info("Test-Authblock TrustProfile is not valid: " +check); - errors.add(LanguageHelper.getErrorString("validation.general.moasp.auth.trustprofile.test.valid", - new Object[] {ValidationHelper.getNotValidCharacter(false)}, request )); - } - } - - check = form.getMoaspssIdlTrustProfileTest(); - if (MiscUtil.isEmpty(check)) { - log.info("Empty MOA-SP/SS Test-IdentityLink TrustProfile"); - errors.add(LanguageHelper.getErrorString("validation.general.moasp.idl.trustprofile.test.empty", request)); - } else { - if (ValidationHelper.containsNotValidCharacter(check, false)) { - log.info("Test-IdentityLink TrustProfile is not valid: " +check); - errors.add(LanguageHelper.getErrorString("validation.general.moasp.idl.trustprofile.test.valid", - new Object[] {ValidationHelper.getNotValidCharacter(false)}, request )); - } - } - - - check = form.getMoaspssURL(); - if (MiscUtil.isNotEmpty(check)) { - if (!ValidationHelper.validateURL(check)) { - log.info("Not valid MOA-SP/SS Service URL"); - errors.add(LanguageHelper.getErrorString("validation.general.moaspss.url.valid", request)); - } - } - } - - check = form.getPvp2IssuerName(); - if (MiscUtil.isNotEmpty(check)) { - if (ValidationHelper.containsNotValidCharacter(check, false)) { - log.info("PVP2 IssuerName is not valid: " + check); - errors.add(LanguageHelper.getErrorString("validation.general.protocol.pvp2.issuername.valid", - new Object[] {ValidationHelper.getNotValidCharacter(false)}, request )); - } - } - - check = form.getPvp2OrgDisplayName(); - if (MiscUtil.isNotEmpty(check)) { - if (ValidationHelper.containsNotValidCharacter(check, false)) { - log.info("PVP2 organisation display name is not valid: " + check); - errors.add(LanguageHelper.getErrorString("validation.general.protocol.pvp2.org.displayname.valid", - new Object[] {ValidationHelper.getNotValidCharacter(false)}, request )); - } - } - - check = form.getPvp2OrgName(); - if (MiscUtil.isNotEmpty(check)) { - if (ValidationHelper.containsNotValidCharacter(check, false)) { - log.info("PVP2 organisation name is not valid: " + check); - errors.add(LanguageHelper.getErrorString("validation.general.protocol.pvp2.org.name.valid", - new Object[] {ValidationHelper.getNotValidCharacter(false)}, request )); - } - } - - check = form.getPvp2OrgURL(); - if (MiscUtil.isNotEmpty(check)) { - if (!ValidationHelper.validateURL(check)) { - log.info("PVP2 organisation URL is not valid"); - errors.add(LanguageHelper.getErrorString("validation.general.protocol.pvp2.org.url.valid", request)); - } - } - + + check = form.getMandateURL(); + if (MiscUtil.isNotEmpty(check) && isMOAIDMode) { + final String[] misURLs = check.split(","); + for (final String el : misURLs) { + if (MiscUtil.isNotEmpty(el) && !ValidationHelper.validateURL(StringUtils.chomp(el.trim()))) { + log.info("Not valid Online-Mandate Service URL"); + errors.add(LanguageHelper.getErrorString("validation.general.mandateservice.valid", + new Object[] { el }, request)); + } + } + } + + check = form.getElgaMandateServiceURL(); + if (MiscUtil.isNotEmpty(check) && isMOAIDMode) { + final String[] elgaServiceURLs = check.split(","); + for (final String el : elgaServiceURLs) { + if (MiscUtil.isNotEmpty(el) && !ValidationHelper.validateURL(StringUtils.chomp(el.trim()))) { + log.info("Not valid Online-Mandate Service URL"); + errors.add(LanguageHelper.getErrorString("validation.general.elga.mandateservice.valid", + new Object[] { el }, request)); + } + } + } + + check = form.getEidSystemServiceURL(); + if (MiscUtil.isNotEmpty(check)) { + final String[] eidServiceURLs = check.split(","); + for (final String el : eidServiceURLs) { + if (MiscUtil.isNotEmpty(el) && !ValidationHelper.validateURL(StringUtils.chomp(el.trim()))) { + log.info("Not valid E-ID System Service URL"); + errors.add(LanguageHelper.getErrorString("validation.general.eid.url.valid", + new Object[] { el }, request)); + } + } + } + + check = form.getMoaspssAuthTransformations(); + final List authtranslist = new ArrayList<>(); + if (isMOAIDMode) { + if (MiscUtil.isEmpty(check)) { + log.info("Empty MoaspssAuthTransformation"); + errors.add(LanguageHelper.getErrorString("validation.general.moasp.auth.transformation.empty", + request)); + } else { + + // is only required if more then one transformation is in use + // check = StringHelper.formatText(check); + // String[] list = check.split(GeneralMOAIDConfig.LINE_DELIMITER); + // int i=1; + // for(String el : list) { + // if (ValidationHelper.containsPotentialCSSCharacter(el, false)) { + // log.info("IdentityLinkSigners is not valid: " + el); + // errors.add(LanguageHelper.getErrorString("validation.general.moasp.auth.transformation.valid", + // new Object[] {i, ValidationHelper.getPotentialCSSCharacter(false)} )); + // + // } else { + // if (MiscUtil.isNotEmpty(el.trim())) + // authtranslist.add(el.trim()); + // } + // i++; + // } + authtranslist.add(check.trim()); + } + } + form.setAuthTransformList(authtranslist); + + if (isMOAIDMode) { + check = form.getMoaspssAuthTrustProfile(); + if (MiscUtil.isEmpty(check)) { + log.info("Empty MOA-SP/SS Authblock TrustProfile"); + errors.add(LanguageHelper.getErrorString("validation.general.moasp.auth.trustprofile.empty", + request)); + } else { + if (ValidationHelper.containsNotValidCharacter(check, false)) { + log.info("Authblock TrustProfile is not valid: " + check); + errors.add(LanguageHelper.getErrorString("validation.general.moasp.auth.trustprofile.valid", + new Object[] { ValidationHelper.getNotValidCharacter(false) }, request)); + } + } + + check = form.getMoaspssIdlTrustProfile(); + if (MiscUtil.isEmpty(check)) { + log.info("Empty MOA-SP/SS IdentityLink TrustProfile"); + errors.add(LanguageHelper.getErrorString("validation.general.moasp.idl.trustprofile.empty", request)); + } else { + if (ValidationHelper.containsNotValidCharacter(check, false)) { + log.info("IdentityLink TrustProfile is not valid: " + check); + errors.add(LanguageHelper.getErrorString("validation.general.moasp.idl.trustprofile.valid", + new Object[] { ValidationHelper.getNotValidCharacter(false) }, request)); + } + } + + check = form.getMoaspssAuthTrustProfileTest(); + if (MiscUtil.isEmpty(check)) { + log.info("Empty MOA-SP/SS Test-Authblock TrustProfile"); + errors.add(LanguageHelper.getErrorString("validation.general.moasp.auth.trustprofile.test.empty", + request)); + } else { + if (ValidationHelper.containsNotValidCharacter(check, false)) { + log.info("Test-Authblock TrustProfile is not valid: " + check); + errors.add(LanguageHelper.getErrorString("validation.general.moasp.auth.trustprofile.test.valid", + new Object[] { ValidationHelper.getNotValidCharacter(false) }, request)); + } + } + + check = form.getMoaspssIdlTrustProfileTest(); + if (MiscUtil.isEmpty(check)) { + log.info("Empty MOA-SP/SS Test-IdentityLink TrustProfile"); + errors.add(LanguageHelper.getErrorString("validation.general.moasp.idl.trustprofile.test.empty", + request)); + } else { + if (ValidationHelper.containsNotValidCharacter(check, false)) { + log.info("Test-IdentityLink TrustProfile is not valid: " + check); + errors.add(LanguageHelper.getErrorString("validation.general.moasp.idl.trustprofile.test.valid", + new Object[] { ValidationHelper.getNotValidCharacter(false) }, request)); + } + } + + check = form.getMoaspssURL(); + if (MiscUtil.isNotEmpty(check)) { + if (!ValidationHelper.validateURL(check)) { + log.info("Not valid MOA-SP/SS Service URL"); + errors.add(LanguageHelper.getErrorString("validation.general.moaspss.url.valid", request)); + } + } + } + + check = form.getPvp2IssuerName(); + if (MiscUtil.isNotEmpty(check)) { + if (ValidationHelper.containsNotValidCharacter(check, false)) { + log.info("PVP2 IssuerName is not valid: " + check); + errors.add(LanguageHelper.getErrorString("validation.general.protocol.pvp2.issuername.valid", + new Object[] { ValidationHelper.getNotValidCharacter(false) }, request)); + } + } + + check = form.getPvp2OrgDisplayName(); + if (MiscUtil.isNotEmpty(check)) { + if (ValidationHelper.containsNotValidCharacter(check, false)) { + log.info("PVP2 organisation display name is not valid: " + check); + errors.add(LanguageHelper.getErrorString("validation.general.protocol.pvp2.org.displayname.valid", + new Object[] { ValidationHelper.getNotValidCharacter(false) }, request)); + } + } + + check = form.getPvp2OrgName(); + if (MiscUtil.isNotEmpty(check)) { + if (ValidationHelper.containsNotValidCharacter(check, false)) { + log.info("PVP2 organisation name is not valid: " + check); + errors.add(LanguageHelper.getErrorString("validation.general.protocol.pvp2.org.name.valid", + new Object[] { ValidationHelper.getNotValidCharacter(false) }, request)); + } + } + + check = form.getPvp2OrgURL(); + if (MiscUtil.isNotEmpty(check)) { + if (!ValidationHelper.validateURL(check)) { + log.info("PVP2 organisation URL is not valid"); + errors.add(LanguageHelper.getErrorString("validation.general.protocol.pvp2.org.url.valid", request)); + } + } + // check = form.getPvp2PublicUrlPrefix(); // if (MiscUtil.isNotEmpty(check)) { // if (!ValidationHelper.validateURL(check)) { @@ -327,175 +330,175 @@ public class MOAConfigValidator { // errors.add(LanguageHelper.getErrorString("validation.general.protocol.pvp2.serviceurl.valid")); // } // } - - if (isMOAIDMode) { - check = form.getSLRequestTemplateHandy(); - if (MiscUtil.isEmpty(check)) { - log.info("Empty SLRequestTemplate Handy-BKU"); - errors.add(LanguageHelper.getErrorString("validation.general.slrequest.handy.empty", request)); - } else { - if (ValidationHelper.isNotValidIdentityLinkSigner(check)) { - log.info("SLRequestTemplate Handy-BKU is not valid"); - errors.add(LanguageHelper.getErrorString("validation.general.slrequest.handy.valid", request)); - } - } - - check = form.getSLRequestTemplateLocal(); - if (MiscUtil.isEmpty(check)) { - log.info("Empty SLRequestTemplate local BKU"); - errors.add(LanguageHelper.getErrorString("validation.general.slrequest.local.empty", request)); - } else { - if (ValidationHelper.isNotValidIdentityLinkSigner(check)) { - log.info("SLRequestTemplate local BKU is not valid"); - errors.add(LanguageHelper.getErrorString("validation.general.slrequest.local.valid", request)); - } - } - - check = form.getSLRequestTemplateOnline(); - if (MiscUtil.isEmpty(check)) { - log.info("Empty SLRequestTemplate Online-BKU"); - errors.add(LanguageHelper.getErrorString("validation.general.slrequest.online.empty", request)); - } else { - if (ValidationHelper.isNotValidIdentityLinkSigner(check)) { - log.info("SLRequestTemplate Online-BKU is not valid"); - errors.add(LanguageHelper.getErrorString("validation.general.slrequest.online.valid", request)); - } - } - - check = form.getSsoFriendlyName(); - if (MiscUtil.isNotEmpty(check)) { - if (ValidationHelper.containsNotValidCharacter(check, false)) { - log.info("SSO friendlyname is not valid: " + check); - errors.add(LanguageHelper.getErrorString("validation.general.sso.friendlyname.valid", - new Object[] {ValidationHelper.getNotValidCharacter(false)}, request )); - } - } - - // check = form.getSsoIdentificationNumber(); - // if (MiscUtil.isNotEmpty(check)) { - // if (ValidationHelper.containsPotentialCSSCharacter(check, false)) { - // log.info("SSO IdentificationNumber is not valid: " + check); - // errors.add(LanguageHelper.getErrorString("validation.general.sso.identificationnumber.valid", - // new Object[] {ValidationHelper.getPotentialCSSCharacter(false)} )); - // } - // } - - // check = form.getSsoPublicUrl(); - // if (MiscUtil.isNotEmpty(check)) { - // if (!ValidationHelper.validateURL(check)) { - // log.info("SSO Public URL is not valid"); - // errors.add(LanguageHelper.getErrorString("validation.general.sso.publicurl.valid")); - // } - // } - - check = form.getSsoSpecialText(); - if (MiscUtil.isNotEmpty(check)) { - if (ValidationHelper.containsNotValidCharacter(check, true)) { - log.info("SSO SpecialText is not valid: " + check); - errors.add(LanguageHelper.getErrorString("validation.general.sso.specialauthtext.valid", - new Object[] {ValidationHelper.getNotValidCharacter(true)} , request)); - } - } - - check = form.getSsoTarget(); - if (MiscUtil.isEmpty(check)) { - log.info("Empty SSO Target"); - //errors.add(LanguageHelper.getErrorString("validation.general.sso.target.empty", request)); - - } else { - if (!ValidationHelper.isValidAdminTarget(check)) { - - if (ValidationHelper.containsNotValidCharacter(check, false)) { - log.warn("IdentificationNumber contains potentail XSS characters: " + check); - errors.add(LanguageHelper.getErrorString("validation.general.sso.target.valid", - new Object[] {ValidationHelper.getNotValidCharacter(false)}, request )); - } - - String num = check.replaceAll(" ", ""); - - if ( !(num.startsWith(Constants.IDENIFICATIONTYPE_FN) || - num.startsWith(Constants.IDENIFICATIONTYPE_ZVR) || - num.startsWith(Constants.IDENIFICATIONTYPE_ERSB) ) ) { - - log.info("Not valid SSO Target"); - errors.add(LanguageHelper.getErrorString("validation.general.sso.target.valid", request)); - } - - } - } - - check = form.getSzrgwURL(); - if (MiscUtil.isNotEmpty(check)) { - String[] szrGWServiceURLs = check.split(","); - for (String el : szrGWServiceURLs) { - if (MiscUtil.isNotEmpty(el) && !ValidationHelper.validateURL(StringUtils.chomp(el.trim()))) { - log.info("Not valid Online-Mandate Service URL"); - errors.add(LanguageHelper.getErrorString("validation.general.szrgw.url.valid", - new Object[]{el}, request)); - } - } - } - } - - check = form.getTrustedCACerts(); - if (MiscUtil.isEmpty(check)) { - log.info("Empty TrustCACerts Directory"); - errors.add(LanguageHelper.getErrorString("validation.general.trustedcacerts.empty", request)); - - } else { - if (ValidationHelper.isNotValidIdentityLinkSigner(check)) { - log.info("Not valid TrustCACerts Directory"); - errors.add(LanguageHelper.getErrorString("validation.general.trustedcacerts.valid", - new Object[] {ValidationHelper.getNotValidOAIdentifierCharacters()}, request )); - } - } - - - if (isMOAIDMode) { - if (form.getFileUploadFileName() != null && !form.getFileUploadFileName().isEmpty()) { - HashMap map = new HashMap(); - for (int i=0; i map = new HashMap<>(); + for (int i = 0; i < form.getFileUploadFileName().size(); i++) { + final String filename = form.getFileUploadFileName().get(i); + + if (MiscUtil.isNotEmpty(filename)) { + if (ValidationHelper.containsNotValidCharacter(filename, false)) { + log.info("SL Transformation Filename is not valid"); + errors.add(LanguageHelper.getErrorString("validation.general.slrequest.filename.valid", + request)); + + } else { + try { + final File file = form.getFileUpload().get(i); + final FileInputStream stream = new FileInputStream(file); + map.put(filename, Base64Utils.encode(stream).getBytes("UTF-8")); + + } catch (final IOException e) { + log.info("SecurtiyLayerTransformation with FileName " + + filename + " can not be loaded.", e); + errors.add(LanguageHelper.getErrorString("validation.general.slrequest.file.valid", + new Object[] { filename }, request)); + } + } + } + } + + form.setSecLayerTransformation(map); + + } else { + if (form.getSecLayerTransformation() == null) { + log.info("AuthBlock Transformation file is empty"); + errors.add(LanguageHelper.getErrorString("validation.general.slrequest.file.empty", request)); + + } + } + } + + final ContactForm contact = form.getPvp2Contact(); + if (contact != null) { + final PVP2ContactValidator pvp2validator = new PVP2ContactValidator(); + errors.addAll(pvp2validator.validate(contact, request)); + } + + return errors; + } } diff --git a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/validation/moaconfig/PVP2ContactValidator.java b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/validation/moaconfig/PVP2ContactValidator.java index f7edbee71..f6deb6b09 100644 --- a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/validation/moaconfig/PVP2ContactValidator.java +++ b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/validation/moaconfig/PVP2ContactValidator.java @@ -28,76 +28,76 @@ import java.util.List; import javax.servlet.http.HttpServletRequest; -import org.apache.log4j.Logger; - import at.gv.egovernment.moa.id.commons.validation.ValidationHelper; import at.gv.egovernment.moa.id.configuration.data.pvp2.ContactForm; import at.gv.egovernment.moa.id.configuration.helper.LanguageHelper; import at.gv.egovernment.moa.util.MiscUtil; +import lombok.extern.slf4j.Slf4j; - +@Slf4j public class PVP2ContactValidator { - public static final List AllowedTypes= Arrays.asList( - "technical", - "support", - "administrative", - "billing", - "other"); - - private static final Logger log = Logger.getLogger(PVP2ContactValidator.class); - - public Listvalidate(ContactForm contact, HttpServletRequest request) { - List errors = new ArrayList(); - - String check = contact.getCompany(); - if (MiscUtil.isNotEmpty(check)) { - if (ValidationHelper.containsNotValidCharacter(check, false)) { - log.info("PVP2 Contact: Company is not valid: " + check); - errors.add(LanguageHelper.getErrorString("validation.general.protocol.pvp2.contact.company.valid", - new Object[] {ValidationHelper.getNotValidCharacter(false)}, request )); - } - } - - check = contact.getGivenname(); - if (MiscUtil.isNotEmpty(check)) { - if (ValidationHelper.containsNotValidCharacter(check, false)) { - log.info("PVP2 Contact: GivenName is not valid: " + check); - errors.add(LanguageHelper.getErrorString("validation.general.protocol.pvp2.contact.givenname.valid", - new Object[] {ValidationHelper.getNotValidCharacter(false)}, request )); - } - } - - check = contact.getSurname(); - if (MiscUtil.isNotEmpty(check)) { - if (ValidationHelper.containsNotValidCharacter(check, false)) { - log.info("PVP2 Contact: SureName is not valid: " + check); - errors.add(LanguageHelper.getErrorString("validation.general.protocol.pvp2.contact.surename.valid", - new Object[] {ValidationHelper.getNotValidCharacter(false)}, request )); - } - } - - check = contact.getType(); - if (MiscUtil.isNotEmpty(check)) { - if (!AllowedTypes.contains(check)) { - errors.add(LanguageHelper.getErrorString("validation.general.protocol.pvp2.contact.type.valid", request)); - } - } - - check = contact.getMail(); - if (MiscUtil.isNotEmpty(check)) { - if (!ValidationHelper.isEmailAddressFormat(check)) { - errors.add(LanguageHelper.getErrorString("validation.general.protocol.pvp2.contact.mail.valid", request)); - } - } - - check = contact.getPhone(); - if (MiscUtil.isNotEmpty(check)) { - if (!ValidationHelper.validatePhoneNumber(check)) { - errors.add(LanguageHelper.getErrorString("validation.general.protocol.pvp2.contact.phone.valid", request)); - } - } - - return errors; - } + public static final List AllowedTypes = Arrays.asList( + "technical", + "support", + "administrative", + "billing", + "other"); + + public List validate(ContactForm contact, HttpServletRequest request) { + final List errors = new ArrayList<>(); + + String check = contact.getCompany(); + if (MiscUtil.isNotEmpty(check)) { + if (ValidationHelper.containsNotValidCharacter(check, false)) { + log.info("PVP2 Contact: Company is not valid: " + check); + errors.add(LanguageHelper.getErrorString("validation.general.protocol.pvp2.contact.company.valid", + new Object[] { ValidationHelper.getNotValidCharacter(false) }, request)); + } + } + + check = contact.getGivenname(); + if (MiscUtil.isNotEmpty(check)) { + if (ValidationHelper.containsNotValidCharacter(check, false)) { + log.info("PVP2 Contact: GivenName is not valid: " + check); + errors.add(LanguageHelper.getErrorString("validation.general.protocol.pvp2.contact.givenname.valid", + new Object[] { ValidationHelper.getNotValidCharacter(false) }, request)); + } + } + + check = contact.getSurname(); + if (MiscUtil.isNotEmpty(check)) { + if (ValidationHelper.containsNotValidCharacter(check, false)) { + log.info("PVP2 Contact: SureName is not valid: " + check); + errors.add(LanguageHelper.getErrorString("validation.general.protocol.pvp2.contact.surename.valid", + new Object[] { ValidationHelper.getNotValidCharacter(false) }, request)); + } + } + + check = contact.getType(); + if (MiscUtil.isNotEmpty(check)) { + if (!AllowedTypes.contains(check)) { + errors.add(LanguageHelper.getErrorString("validation.general.protocol.pvp2.contact.type.valid", + request)); + } + } + + check = contact.getMail(); + if (MiscUtil.isNotEmpty(check)) { + if (!ValidationHelper.isEmailAddressFormat(check)) { + errors.add(LanguageHelper.getErrorString("validation.general.protocol.pvp2.contact.mail.valid", + request)); + } + } + + check = contact.getPhone(); + if (MiscUtil.isNotEmpty(check)) { + if (!ValidationHelper.validatePhoneNumber(check)) { + errors.add(LanguageHelper.getErrorString("validation.general.protocol.pvp2.contact.phone.valid", + request)); + } + } + + return errors; + } } diff --git a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/validation/moaconfig/StorkConfigValidator.java b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/validation/moaconfig/StorkConfigValidator.java index 41fce8e60..088e377b4 100644 --- a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/validation/moaconfig/StorkConfigValidator.java +++ b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/validation/moaconfig/StorkConfigValidator.java @@ -5,8 +5,6 @@ import java.util.List; import javax.servlet.http.HttpServletRequest; -import org.apache.log4j.Logger; - import at.gv.egovernment.moa.id.commons.MOAIDConstants; import at.gv.egovernment.moa.id.commons.db.dao.config.deprecated.CPEPS; import at.gv.egovernment.moa.id.commons.db.dao.config.deprecated.StorkAttribute; @@ -14,108 +12,117 @@ import at.gv.egovernment.moa.id.commons.validation.ValidationHelper; import at.gv.egovernment.moa.id.configuration.data.GeneralStorkConfig; import at.gv.egovernment.moa.id.configuration.helper.LanguageHelper; import at.gv.egovernment.moa.util.MiscUtil; +import lombok.extern.slf4j.Slf4j; +@Slf4j public class StorkConfigValidator { - private static final Logger log = Logger.getLogger(StorkConfigValidator.class); + public List validate(GeneralStorkConfig form, HttpServletRequest request) { - public List validate(GeneralStorkConfig form, HttpServletRequest request) { + final List errors = new ArrayList<>(); - List errors = new ArrayList(); + log.debug("Validate general STORK configuration"); - log.debug("Validate general STORK configuration"); + // check peps list - // check peps list - // if (form.getCpepslist() != null) { // for(CPEPS current : form.getCpepslist()) { - if (form.getRawCPEPSList() != null) { - for(CPEPS current : form.getRawCPEPSList()) { - // if an existing record got deleted - if(null == current) - continue; - - // check country code - String check = current.getCountryCode(); - if (MiscUtil.isNotEmpty(check)) { - if (ValidationHelper.containsNotValidCharacter(check, false)) { - log.warn("CPEPS config countrycode contains potentail XSS characters: " + check); - errors.add(LanguageHelper.getErrorString("validation.stork.cpeps.cc", - new Object[] {ValidationHelper.getNotValidCharacter(false)}, request )); - } - if(!check.toLowerCase().matches("(^[a-z][a-z]$)|(^[a-z][a-z]-[a-z,0-9]*)")) { - log.warn("CPEPS config countrycode does not comply to ISO 3166-2 : " + check); - errors.add(LanguageHelper.getErrorString("validation.stork.cpeps.cc", - new Object[] {check}, request )); - } - - // check url - check = current.getURL(); - if (MiscUtil.isNotEmpty(check)) { - if (!ValidationHelper.validateURL(check)) { - log.info("CPEPS config URL is invalid : " + check); - errors.add(LanguageHelper.getErrorString("validation.stork.cpeps.url", request)); - } - } else { - log.warn("CPEPS config url is empty : " + check); - errors.add(LanguageHelper.getErrorString("validation.stork.cpeps.empty", - new Object[] {check}, request )); - } - - } else { - log.warn("CPEPS config countrycode is empty : " + check); + if (form.getRawCPEPSList() != null) { + for (final CPEPS current : form.getRawCPEPSList()) { + // if an existing record got deleted + if (null == current) { + continue; + } + + // check country code + String check = current.getCountryCode(); + if (MiscUtil.isNotEmpty(check)) { + if (ValidationHelper.containsNotValidCharacter(check, false)) { + log.warn("CPEPS config countrycode contains potentail XSS characters: " + check); + errors.add(LanguageHelper.getErrorString("validation.stork.cpeps.cc", + new Object[] { ValidationHelper.getNotValidCharacter(false) }, request)); + } + if (!check.toLowerCase().matches("(^[a-z][a-z]$)|(^[a-z][a-z]-[a-z,0-9]*)")) { + log.warn("CPEPS config countrycode does not comply to ISO 3166-2 : " + check); + errors.add(LanguageHelper.getErrorString("validation.stork.cpeps.cc", + new Object[] { check }, request)); + } + + // check url + check = current.getURL(); + if (MiscUtil.isNotEmpty(check)) { + if (!ValidationHelper.validateURL(check)) { + log.info("CPEPS config URL is invalid : " + check); + errors.add(LanguageHelper.getErrorString("validation.stork.cpeps.url", request)); + } + } else { + log.warn("CPEPS config url is empty : " + check); + errors.add(LanguageHelper.getErrorString("validation.stork.cpeps.empty", + new Object[] { check }, request)); + } + + } else { + log.warn("CPEPS config countrycode is empty : " + check); // errors.add(LanguageHelper.getErrorString("validation.stork.cpeps.empty", // new Object[] {check}, request )); - } - - } - - if (form.getCpepslist() != null) { - // ensure uniqueness of country code - for (CPEPS one : form.getCpepslist()) - for (CPEPS another : form.getCpepslist()) - if (null != one && null != another && one.getCountryCode() != null) - if (!one.equals(another) && one.getCountryCode().equals(another.getCountryCode())) { - errors.add(LanguageHelper.getErrorString("validation.stork.cpeps.duplicate", request)); - break; - } - } - } - - // check qaa - String qaa = form.getDefaultQaa(); - if (!MOAIDConstants.ALLOWED_eIDAS_LOA.contains(qaa)) { - log.warn("eIDAS LoA is not allowed : " + qaa); - errors.add(LanguageHelper.getErrorString("validation.stork.qaa.outofrange", - new Object[] {qaa}, request )); - } - - // check attributes - if (MiscUtil.isNotEmpty(form.getAttributes())) { - for(StorkAttribute check : form.getAttributes()) { - if (check != null && MiscUtil.isNotEmpty(check.getName())) { - String tmp = check.getName().replace("eidas/attributes/", ""); // since eIDaS attributes come with a "/", we need to exclude them from validation. TODO Or should we require the admin to escape them in the UI? - if (ValidationHelper.containsNotValidCharacter(tmp, true)) { - log.warn("default attributes contains potentail XSS characters: " + check); - errors.add(LanguageHelper.getErrorString("validation.stork.requestedattributes", - new Object[] {ValidationHelper.getNotValidCharacter(true)}, request )); - } - if(!tmp.toLowerCase().matches("^[A-Za-z]*$")) { - log.warn("default attributes do not match the requested format : " + check); - errors.add(LanguageHelper.getErrorString("validation.stork.requestedattributes", - new Object[] {check}, request )); - } - - } - } - - //TODO: STORK attributes check if no attribute is set + } + + } + + if (form.getCpepslist() != null) { + // ensure uniqueness of country code + for (final CPEPS one : form.getCpepslist()) { + for (final CPEPS another : form.getCpepslist()) { + if (null != one && null != another && one.getCountryCode() != null) { + if (!one.equals(another) && one.getCountryCode().equals(another.getCountryCode())) { + errors.add(LanguageHelper.getErrorString("validation.stork.cpeps.duplicate", request)); + break; + } + } + } + } + } + } + + // check qaa + final String qaa = form.getDefaultQaa(); + if (!MOAIDConstants.ALLOWED_eIDAS_LOA.contains(qaa)) { + log.warn("eIDAS LoA is not allowed : " + qaa); + errors.add(LanguageHelper.getErrorString("validation.stork.qaa.outofrange", + new Object[] { qaa }, request)); + } + + // check attributes + if (MiscUtil.isNotEmpty(form.getAttributes())) { + for (final StorkAttribute check : form.getAttributes()) { + if (check != null && MiscUtil.isNotEmpty(check.getName())) { + final String tmp = check.getName().replace("eidas/attributes/", ""); // since eIDaS attributes come + // with a "/", we need to + // exclude them from + // validation. TODO Or should + // we require the admin to + // escape them in the UI? + if (ValidationHelper.containsNotValidCharacter(tmp, true)) { + log.warn("default attributes contains potentail XSS characters: " + check); + errors.add(LanguageHelper.getErrorString("validation.stork.requestedattributes", + new Object[] { ValidationHelper.getNotValidCharacter(true) }, request)); + } + if (!tmp.toLowerCase().matches("^[A-Za-z]*$")) { + log.warn("default attributes do not match the requested format : " + check); + errors.add(LanguageHelper.getErrorString("validation.stork.requestedattributes", + new Object[] { check }, request)); + } + + } + } + + // TODO: STORK attributes check if no attribute is set // } else { // log.warn("no attributes specified"); // errors.add(LanguageHelper.getErrorString("validation.stork.attributes.empty", // new Object[] {} )); - } + } - return errors; - } + return errors; + } } diff --git a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/validation/oa/OAAuthenticationDataValidation.java b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/validation/oa/OAAuthenticationDataValidation.java index 5a31d8f47..9c5b145b8 100644 --- a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/validation/oa/OAAuthenticationDataValidation.java +++ b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/validation/oa/OAAuthenticationDataValidation.java @@ -28,233 +28,228 @@ import java.util.Map; import javax.servlet.http.HttpServletRequest; -import org.apache.log4j.Logger; - import at.gv.egiz.eaaf.core.impl.utils.KeyValueUtils; -import at.gv.egovernment.moa.id.commons.MOAIDAuthConstants; +import at.gv.egovernment.moa.id.commons.MOAIDConstants; import at.gv.egovernment.moa.id.commons.validation.ValidationHelper; import at.gv.egovernment.moa.id.configuration.data.oa.OAAuthenticationData; import at.gv.egovernment.moa.id.configuration.helper.LanguageHelper; import at.gv.egovernment.moa.util.MiscUtil; +import lombok.extern.slf4j.Slf4j; +@Slf4j public class OAAuthenticationDataValidation { - private static final Logger log = Logger.getLogger(OASSOConfigValidation.class); - - public List validate(OAAuthenticationData form, boolean isAdmin, HttpServletRequest request) { - - List errors = new ArrayList(); - String check; - - - - //Check BKU URLs - if (isAdmin) { - check =form.getBkuHandyURL(); - if (MiscUtil.isNotEmpty(check)) { + public List validate(OAAuthenticationData form, boolean isAdmin, HttpServletRequest request) { + + final List errors = new ArrayList<>(); + String check; + + // Check BKU URLs + if (isAdmin) { + check = form.getBkuHandyURL(); + if (MiscUtil.isNotEmpty(check)) { // log.info("Empty Handy-BKU URL"); // errors.add(LanguageHelper.getErrorString("validation.general.bku.handy.empty")); -// +// // } else { - if (!ValidationHelper.validateURL(check)) { - log.info("Not valid Handy-BKU URL"); - errors.add(LanguageHelper.getErrorString("validation.general.bku.handy.valid", request)); - } - } - - check =form.getBkuLocalURL(); - if (MiscUtil.isNotEmpty(check)) { + if (!ValidationHelper.validateURL(check)) { + log.info("Not valid Handy-BKU URL"); + errors.add(LanguageHelper.getErrorString("validation.general.bku.handy.valid", request)); + } + } + + check = form.getBkuLocalURL(); + if (MiscUtil.isNotEmpty(check)) { // log.info("Empty Local-BKU URL"); // errors.add(LanguageHelper.getErrorString("validation.general.bku.local.empty")); -// +// // } else { - if (!ValidationHelper.validateURL(check)) { - log.info("Not valid Online-BKU URL"); - errors.add(LanguageHelper.getErrorString("validation.general.bku.local.valid", request)); - } - } - - check =form.getBkuOnlineURL(); - if (MiscUtil.isNotEmpty(check)) { + if (!ValidationHelper.validateURL(check)) { + log.info("Not valid Online-BKU URL"); + errors.add(LanguageHelper.getErrorString("validation.general.bku.local.valid", request)); + } + } + + check = form.getBkuOnlineURL(); + if (MiscUtil.isNotEmpty(check)) { // log.info("Empty Online-BKU URL"); // errors.add(LanguageHelper.getErrorString("validation.general.bku.online.empty")); -// +// // } else { - if (!ValidationHelper.validateURL(check)) { - log.info("Not valid Online-BKU URL"); - errors.add(LanguageHelper.getErrorString("validation.general.bku.online.valid", request)); - } - } - } - - if (isAdmin) { - //check KeyBoxIdentifier - check = form.getKeyBoxIdentifier(); - if (MiscUtil.isEmpty(check)) { - log.info("Empty KeyBoxIdentifier"); - errors.add(LanguageHelper.getErrorString("validation.general.keyboxidentifier.empty", request)); - } else { - Map list = form.getKeyBoxIdentifierList(); - if (!list.containsKey(check)) { - log.info("Not valid KeyBoxIdentifier " + check); - errors.add(LanguageHelper.getErrorString("validation.general.keyboxidentifier.valid", request)); - } - } - - //check LegacyMode SLTemplates - if (form.isLegacy()) { - if (MiscUtil.isEmpty(form.getSLTemplateURL1()) && - MiscUtil.isEmpty(form.getSLTemplateURL2()) && - MiscUtil.isEmpty(form.getSLTemplateURL3()) ) { - log.info("Empty OA-specific SecurityLayer Templates"); - errors.add(LanguageHelper.getErrorString("validation.general.sltemplates.empty", request)); - - } else { - check = form.getSLTemplateURL1(); - if (MiscUtil.isNotEmpty(check) && - ValidationHelper.isNotValidIdentityLinkSigner(check) ) { - log.info("First OA-specific SecurityLayer Templates is not valid"); - errors.add(LanguageHelper.getErrorString("validation.general.sltemplate1.valid", request)); - } - check = form.getSLTemplateURL2(); - if (MiscUtil.isNotEmpty(check) && - ValidationHelper.isNotValidIdentityLinkSigner(check) ) { - log.info("Second OA-specific SecurityLayer Templates is not valid"); - errors.add(LanguageHelper.getErrorString("validation.general.sltemplate2.valid", request)); - } - check = form.getSLTemplateURL3(); - if (MiscUtil.isNotEmpty(check) && - ValidationHelper.isNotValidIdentityLinkSigner(check) ) { - log.info("Third OA-specific SecurityLayer Templates is not valid"); - errors.add(LanguageHelper.getErrorString("validation.general.sltemplate3.valid", request)); - } - } - } - } - - //check Mandate Profiles - check = form.getMandateProfiles(); - if (MiscUtil.isNotEmpty(check)) { - - if (!form.isUseMandates()) { - log.info("MandateProfiles configured but useMandates is false."); - errors.add(LanguageHelper.getErrorString("validation.general.mandate.usemandate", request)); - } - - if (ValidationHelper.containsNotValidCharacter(check, true)) { - log.warn("MandateProfiles contains potentail XSS characters: " + check); - errors.add(LanguageHelper.getErrorString("validation.general.mandate.profiles", - new Object[] {ValidationHelper.getNotValidCharacter(true)}, request )); - } - } - - check =form.getMisServiceSelected(); - if (MiscUtil.isNotEmpty(check)) { - if (!ValidationHelper.validateURL(check)) { - log.info("Not valid MIS Service URL"); - errors.add(LanguageHelper.getErrorString("validation.general.mandateservice.valid", - new Object[]{check}, request)); - } - } - - check =form.getElgaServiceSelected(); - if (MiscUtil.isNotEmpty(check)) { - if (!ValidationHelper.validateURL(check)) { - log.info("Not valid ELGA Service URL"); - errors.add(LanguageHelper.getErrorString("validation.general.elga.mandateservice.valid", - new Object[]{check}, request)); - } - } - - check =form.getSzrgwServiceSelected(); - if (MiscUtil.isNotEmpty(check)) { - if (!ValidationHelper.validateURL(check)) { - log.info("Not valid SZR-GW Service URL"); - errors.add(LanguageHelper.getErrorString("validation.general.szrgw.url.valid", - new Object[]{check}, request)); - } - } - - check =form.getEidServiceSelected(); - if (MiscUtil.isNotEmpty(check)) { - if (!ValidationHelper.validateURL(check)) { - log.info("Not valid E-ID Service URL"); - errors.add(LanguageHelper.getErrorString("validation.general.eid.url.valid", - new Object[]{check}, request)); - } - } - - if (form.isEnableTestCredentials() - && form.getTestCredialOIDList() != null && !form.getTestCredialOIDList().isEmpty()) { - for (String el : form.getTestCredialOIDList()) { - if (!el.startsWith(MOAIDAuthConstants.TESTCREDENTIALROOTOID)) { - log.warn("Test credential OID does not start with test credential root OID"); - errors.add(LanguageHelper.getErrorString("validation.general.testcredentials.oid.valid", - new Object[] {el}, request )); - } - } - - - } - - if (form.isSl20Active()) { - if (MiscUtil.isNotEmpty(form.getSl20EndPoints())) { - log.debug("Validate SL2.0 configuration ... "); - List sl20Endpoints = KeyValueUtils.getListOfCSVValues(form.getSl20EndPoints()); - if (sl20Endpoints.size() == 1) { - String value = sl20Endpoints.get(0); - - if (!value.startsWith(KeyValueUtils.DEFAULT_VALUE + KeyValueUtils.KEYVVALUEDELIMITER) && - value.contains(KeyValueUtils.KEYVVALUEDELIMITER)) { - log.warn("SL2.0 endpoint '" + value + "' has wrong format"); - errors.add(LanguageHelper.getErrorString("validation.general.sl20.endpoints.wrong", - new Object[] {value}, request )); - - } else if (!value.startsWith(KeyValueUtils.DEFAULT_VALUE + KeyValueUtils.KEYVVALUEDELIMITER) && - !value.contains(KeyValueUtils.KEYVVALUEDELIMITER) ) { - log.info("Find one SL2.0 endpoint without 'default='. Start update ... "); - form.setSl20EndPoints(KeyValueUtils.DEFAULT_VALUE + KeyValueUtils.KEYVVALUEDELIMITER + value); - - } - - } else { - boolean findDefault = false; - for (String el : sl20Endpoints) { - if (!el.contains(KeyValueUtils.KEYVVALUEDELIMITER)) { - log.warn("SL2.0 endpoint '" + el + "' has wrong format"); - errors.add(LanguageHelper.getErrorString("validation.general.sl20.endpoints.wrong", - new Object[] {el}, request )); - - } else { - if (el.startsWith(KeyValueUtils.DEFAULT_VALUE + KeyValueUtils.KEYVVALUEDELIMITER)) { - log.debug("Find default endpoint."); - findDefault = true; - - } else { - String firstPart = el.split(KeyValueUtils.KEYVVALUEDELIMITER)[0]; - try { - Integer.valueOf(firstPart); - - } catch (NumberFormatException e) { - log.warn("SL2.0 endpoint '" + el + "' has wrong format", e); - errors.add(LanguageHelper.getErrorString("validation.general.sl20.endpoints.wrong", - new Object[] {el}, request )); - - } - } - } - } - - if (!findDefault) { - log.warn("SL2.0 endpoints contains NO default endpoint"); - errors.add(LanguageHelper.getErrorString("validation.general.sl20.endpoints.default", - new Object[] {}, request )); - - } - } - } - } - - return errors; - } + if (!ValidationHelper.validateURL(check)) { + log.info("Not valid Online-BKU URL"); + errors.add(LanguageHelper.getErrorString("validation.general.bku.online.valid", request)); + } + } + } + + if (isAdmin) { + // check KeyBoxIdentifier + check = form.getKeyBoxIdentifier(); + if (MiscUtil.isEmpty(check)) { + log.info("Empty KeyBoxIdentifier"); + errors.add(LanguageHelper.getErrorString("validation.general.keyboxidentifier.empty", request)); + } else { + final Map list = form.getKeyBoxIdentifierList(); + if (!list.containsKey(check)) { + log.info("Not valid KeyBoxIdentifier " + check); + errors.add(LanguageHelper.getErrorString("validation.general.keyboxidentifier.valid", request)); + } + } + + // check LegacyMode SLTemplates + if (form.isLegacy()) { + if (MiscUtil.isEmpty(form.getSLTemplateURL1()) && + MiscUtil.isEmpty(form.getSLTemplateURL2()) && + MiscUtil.isEmpty(form.getSLTemplateURL3())) { + log.info("Empty OA-specific SecurityLayer Templates"); + errors.add(LanguageHelper.getErrorString("validation.general.sltemplates.empty", request)); + + } else { + check = form.getSLTemplateURL1(); + if (MiscUtil.isNotEmpty(check) && + ValidationHelper.isNotValidIdentityLinkSigner(check)) { + log.info("First OA-specific SecurityLayer Templates is not valid"); + errors.add(LanguageHelper.getErrorString("validation.general.sltemplate1.valid", request)); + } + check = form.getSLTemplateURL2(); + if (MiscUtil.isNotEmpty(check) && + ValidationHelper.isNotValidIdentityLinkSigner(check)) { + log.info("Second OA-specific SecurityLayer Templates is not valid"); + errors.add(LanguageHelper.getErrorString("validation.general.sltemplate2.valid", request)); + } + check = form.getSLTemplateURL3(); + if (MiscUtil.isNotEmpty(check) && + ValidationHelper.isNotValidIdentityLinkSigner(check)) { + log.info("Third OA-specific SecurityLayer Templates is not valid"); + errors.add(LanguageHelper.getErrorString("validation.general.sltemplate3.valid", request)); + } + } + } + } + + // check Mandate Profiles + check = form.getMandateProfiles(); + if (MiscUtil.isNotEmpty(check)) { + + if (!form.isUseMandates()) { + log.info("MandateProfiles configured but useMandates is false."); + errors.add(LanguageHelper.getErrorString("validation.general.mandate.usemandate", request)); + } + + if (ValidationHelper.containsNotValidCharacter(check, true)) { + log.warn("MandateProfiles contains potentail XSS characters: " + check); + errors.add(LanguageHelper.getErrorString("validation.general.mandate.profiles", + new Object[] { ValidationHelper.getNotValidCharacter(true) }, request)); + } + } + + check = form.getMisServiceSelected(); + if (MiscUtil.isNotEmpty(check)) { + if (!ValidationHelper.validateURL(check)) { + log.info("Not valid MIS Service URL"); + errors.add(LanguageHelper.getErrorString("validation.general.mandateservice.valid", + new Object[] { check }, request)); + } + } + + check = form.getElgaServiceSelected(); + if (MiscUtil.isNotEmpty(check)) { + if (!ValidationHelper.validateURL(check)) { + log.info("Not valid ELGA Service URL"); + errors.add(LanguageHelper.getErrorString("validation.general.elga.mandateservice.valid", + new Object[] { check }, request)); + } + } + + check = form.getSzrgwServiceSelected(); + if (MiscUtil.isNotEmpty(check)) { + if (!ValidationHelper.validateURL(check)) { + log.info("Not valid SZR-GW Service URL"); + errors.add(LanguageHelper.getErrorString("validation.general.szrgw.url.valid", + new Object[] { check }, request)); + } + } + + check = form.getEidServiceSelected(); + if (MiscUtil.isNotEmpty(check)) { + if (!ValidationHelper.validateURL(check)) { + log.info("Not valid E-ID Service URL"); + errors.add(LanguageHelper.getErrorString("validation.general.eid.url.valid", + new Object[] { check }, request)); + } + } + + if (form.isEnableTestCredentials() + && form.getTestCredialOIDList() != null && !form.getTestCredialOIDList().isEmpty()) { + for (final String el : form.getTestCredialOIDList()) { + if (!el.startsWith(MOAIDConstants.TESTCREDENTIALROOTOID)) { + log.warn("Test credential OID does not start with test credential root OID"); + errors.add(LanguageHelper.getErrorString("validation.general.testcredentials.oid.valid", + new Object[] { el }, request)); + } + } + + } + + if (form.isSl20Active()) { + if (MiscUtil.isNotEmpty(form.getSl20EndPoints())) { + log.debug("Validate SL2.0 configuration ... "); + final List sl20Endpoints = KeyValueUtils.getListOfCSVValues(form.getSl20EndPoints()); + if (sl20Endpoints.size() == 1) { + final String value = sl20Endpoints.get(0); + + if (!value.startsWith(KeyValueUtils.DEFAULT_VALUE + KeyValueUtils.KEYVVALUEDELIMITER) && + value.contains(KeyValueUtils.KEYVVALUEDELIMITER)) { + log.warn("SL2.0 endpoint '" + value + "' has wrong format"); + errors.add(LanguageHelper.getErrorString("validation.general.sl20.endpoints.wrong", + new Object[] { value }, request)); + + } else if (!value.startsWith(KeyValueUtils.DEFAULT_VALUE + KeyValueUtils.KEYVVALUEDELIMITER) && + !value.contains(KeyValueUtils.KEYVVALUEDELIMITER)) { + log.info("Find one SL2.0 endpoint without 'default='. Start update ... "); + form.setSl20EndPoints(KeyValueUtils.DEFAULT_VALUE + KeyValueUtils.KEYVVALUEDELIMITER + value); + + } + + } else { + boolean findDefault = false; + for (final String el : sl20Endpoints) { + if (!el.contains(KeyValueUtils.KEYVVALUEDELIMITER)) { + log.warn("SL2.0 endpoint '" + el + "' has wrong format"); + errors.add(LanguageHelper.getErrorString("validation.general.sl20.endpoints.wrong", + new Object[] { el }, request)); + + } else { + if (el.startsWith(KeyValueUtils.DEFAULT_VALUE + KeyValueUtils.KEYVVALUEDELIMITER)) { + log.debug("Find default endpoint."); + findDefault = true; + + } else { + final String firstPart = el.split(KeyValueUtils.KEYVVALUEDELIMITER)[0]; + try { + Integer.valueOf(firstPart); + + } catch (final NumberFormatException e) { + log.warn("SL2.0 endpoint '" + el + "' has wrong format", e); + errors.add(LanguageHelper.getErrorString("validation.general.sl20.endpoints.wrong", + new Object[] { el }, request)); + + } + } + } + } + + if (!findDefault) { + log.warn("SL2.0 endpoints contains NO default endpoint"); + errors.add(LanguageHelper.getErrorString("validation.general.sl20.endpoints.default", + new Object[] {}, request)); + + } + } + } + } + + return errors; + } } diff --git a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/validation/oa/OAFileUploadValidation.java b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/validation/oa/OAFileUploadValidation.java index 2011a07f1..951b89753 100644 --- a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/validation/oa/OAFileUploadValidation.java +++ b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/validation/oa/OAFileUploadValidation.java @@ -27,67 +27,62 @@ import java.io.FileInputStream; import java.io.IOException; import java.io.InputStream; import java.util.ArrayList; -import java.util.HashMap; import java.util.List; import java.util.Map; import javax.servlet.http.HttpServletRequest; -import org.apache.commons.io.IOUtils; -import org.apache.log4j.Logger; - import at.gv.egovernment.moa.id.commons.validation.ValidationHelper; -import at.gv.egovernment.moa.id.configuration.data.oa.OAGeneralConfig; import at.gv.egovernment.moa.id.configuration.helper.LanguageHelper; import at.gv.egovernment.moa.util.Base64Utils; import at.gv.egovernment.moa.util.MiscUtil; +import lombok.extern.slf4j.Slf4j; /** * @author tlenz * */ +@Slf4j public class OAFileUploadValidation { - private static final Logger log = Logger.getLogger(OASSOConfigValidation.class); - - public List validate(List fileName, List files, - String errorMsgPreFix, Map output, HttpServletRequest request) { - - List errors = new ArrayList(); - - if (fileName != null) { - - if (fileName.size() > 1) { - log.info("Only one BKU-selecten template file can be stored"); - errors.add(LanguageHelper.getErrorString(errorMsgPreFix + ".file.selected", request)); - } - - for (int i=0; i validate(List fileName, List files, + String errorMsgPreFix, Map output, HttpServletRequest request) { + + final List errors = new ArrayList<>(); + + if (fileName != null) { + + if (fileName.size() > 1) { + log.info("Only one BKU-selecten template file can be stored"); + errors.add(LanguageHelper.getErrorString(errorMsgPreFix + ".file.selected", request)); + } + + for (int i = 0; i < fileName.size(); i++) { + final String filename = fileName.get(i); + + if (MiscUtil.isNotEmpty(filename)) { + if (ValidationHelper.containsNotValidCharacter(filename, false)) { + log.info("Filename is not valid"); + errors.add(LanguageHelper.getErrorString(errorMsgPreFix + ".filename.valid", request)); + + } else { + try { + final File file = files.get(i); + final InputStream stream = new FileInputStream(file); + output.put(filename, Base64Utils.encode(stream).getBytes("UTF-8")); + stream.close(); + + } catch (final IOException e) { + log.info("File with FileName " + + filename + " can not be loaded.", e); + errors.add(LanguageHelper.getErrorString(errorMsgPreFix + ".file.valid", + new Object[] { filename }, request)); + } + } + } + } + } + + return errors; + } } diff --git a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/validation/oa/OAOAUTH20ConfigValidation.java b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/validation/oa/OAOAUTH20ConfigValidation.java index c30c11f5a..205e792fa 100644 --- a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/validation/oa/OAOAUTH20ConfigValidation.java +++ b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/validation/oa/OAOAUTH20ConfigValidation.java @@ -28,30 +28,29 @@ import java.util.List; import javax.servlet.http.HttpServletRequest; import org.apache.commons.lang.StringUtils; -import org.apache.log4j.Logger; import at.gv.egovernment.moa.id.configuration.data.oa.OAOAuth20Config; import at.gv.egovernment.moa.id.configuration.helper.LanguageHelper; import at.gv.egovernment.moa.id.protocols.oauth20.OAuth20Util; +import lombok.extern.slf4j.Slf4j; +@Slf4j public class OAOAUTH20ConfigValidation { - - private static final Logger log = Logger.getLogger(OAOAUTH20ConfigValidation.class); - - public List validate(OAOAuth20Config form, HttpServletRequest request) { - - List errors = new ArrayList(); - - // validate secret + + public List validate(OAOAuth20Config form, HttpServletRequest request) { + + final List errors = new ArrayList<>(); + + // validate secret // if (StringUtils.isEmpty(form.getClientSecret())) { // errors.add(LanguageHelper.getErrorString("error.oa.oauth.clientSecret")); // } - - // validate redirectUri - if (StringUtils.isNotEmpty(form.getRedirectUri()) && !OAuth20Util.isUrl(form.getRedirectUri())) { - errors.add(LanguageHelper.getErrorString("error.oa.oauth.redirecturi", request)); - } - - return errors; - } + + // validate redirectUri + if (StringUtils.isNotEmpty(form.getRedirectUri()) && !OAuth20Util.isUrl(form.getRedirectUri())) { + errors.add(LanguageHelper.getErrorString("error.oa.oauth.redirecturi", request)); + } + + return errors; + } } diff --git a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/validation/oa/OAPVP2ConfigValidation.java b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/validation/oa/OAPVP2ConfigValidation.java index cbb7c88b2..8e9865a3a 100644 --- a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/validation/oa/OAPVP2ConfigValidation.java +++ b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/validation/oa/OAPVP2ConfigValidation.java @@ -33,7 +33,6 @@ import javax.net.ssl.SSLHandshakeException; import javax.servlet.http.HttpServletRequest; import org.apache.commons.httpclient.MOAHttpClient; -import org.apache.log4j.Logger; import org.opensaml.saml2.metadata.provider.HTTPMetadataProvider; import org.opensaml.saml2.metadata.provider.MetadataFilter; import org.opensaml.saml2.metadata.provider.MetadataFilterChain; @@ -57,186 +56,189 @@ import at.gv.egovernment.moa.id.configuration.helper.LanguageHelper; import at.gv.egovernment.moa.util.Base64Utils; import at.gv.egovernment.moa.util.MiscUtil; import iaik.x509.X509Certificate; +import lombok.extern.slf4j.Slf4j; +@Slf4j public class OAPVP2ConfigValidation { - private static final Logger log = Logger.getLogger(OAPVP2ConfigValidation.class); - - public List validate(OAPVP2Config form, String oaID, HttpServletRequest request) { - - Timer timer = null; - MOAHttpClient httpClient = null; - HTTPMetadataProvider httpProvider = null; - - List errors = new ArrayList(); - try { - byte[] certSerialized = null; - if (form.getFileUpload() != null) - certSerialized = form.getCertificate(); - - else { - try { - //Some databases does not allow the selection of a lob in SQL where expression - String dbDriver = ConfigurationProvider.getInstance().getConfigurationProperties().getProperty("hibernate.connection.driver_class"); - boolean backupVersion = false; - if (MiscUtil.isNotEmpty(dbDriver)) { - for (String el:MOAIDConstants.JDBC_DRIVER_NEEDS_WORKAROUND) { - if (dbDriver.startsWith(el)) { - backupVersion = true; - log.debug("JDBC driver '" + dbDriver - + "' is blacklisted --> Switch to alternative DB access methode implementation."); - - } - - } - } - - Map oa = ConfigurationProvider.getInstance().getDbRead().getOnlineApplicationKeyValueWithId(oaID, backupVersion); - if (oa != null && - MiscUtil.isNotEmpty(oa.get(MOAIDConfigurationConstants.SERVICE_PROTOCOLS_PVP2X_CERTIFICATE))) { - certSerialized = Base64Utils.decode(oa.get(MOAIDConfigurationConstants.SERVICE_PROTOCOLS_PVP2X_CERTIFICATE), false); - form.setStoredCert(certSerialized); - } - - } catch (ConfigurationException e) { - log.error("MOA-ID-Configuration initialization FAILED.", e); - - } - } - - String check = form.getMetaDataURL(); - if (MiscUtil.isNotEmpty(check)) { - - if (!ValidationHelper.validateURL(check)) { - log.info("MetaDataURL has no valid form."); - errors.add(LanguageHelper.getErrorString("validation.pvp2.metadataurl.valid", request)); - - } else { - if (certSerialized == null) { - log.info("No certificate for metadata validation"); - errors.add(LanguageHelper.getErrorString("validation.pvp2.certificate.notfound", request)); - - } else { - if (form.getMetaDataURL().startsWith("http")) { - X509Certificate cert = new X509Certificate(certSerialized); - BasicX509Credential credential = new BasicX509Credential(); - credential.setEntityCertificate(cert); - - timer = new Timer(); - httpClient = new MOAHttpClient(); - - if (form.getMetaDataURL().startsWith("https:")) - try { - MOAHttpProtocolSocketFactory protoSocketFactory = new MOAHttpProtocolSocketFactory( - "MOAMetaDataProvider", - true, - ConfigurationProvider.getInstance().getCertStoreDirectory(), - ConfigurationProvider.getInstance().getTrustStoreDirectory(), - null, - "pkix", - true, - new String[]{"crl"}, - false); - - httpClient.setCustomSSLTrustStore( - form.getMetaDataURL(), - protoSocketFactory); - - } catch (MOAHttpProtocolSocketFactoryException e) { - log.warn("MOA SSL-TrustStore can not initialized. Use default Java TrustStore.", e); - - } catch (ConfigurationException e) { - log.info("No MOA specific SSL-TrustStore configured. Use default Java TrustStore."); - - } - - List filterList = new ArrayList(); - filterList.add(new MetaDataVerificationFilter(credential)); - - try { - filterList.add(new SchemaValidationFilter( - ConfigurationProvider.getInstance().isPVPMetadataSchemaValidationActive())); - - } catch (ConfigurationException e) { - log.warn("Configuration access FAILED!", e); - - } - - MetadataFilterChain filter = new MetadataFilterChain(); - filter.setFilters(filterList); - - httpProvider = - new HTTPMetadataProvider(timer, httpClient, form.getMetaDataURL()); - httpProvider.setParserPool(new BasicParserPool()); - httpProvider.setRequireValidMetadata(true); - httpProvider.setMetadataFilter(filter); - httpProvider.setMinRefreshDelay(1000*60*15); //15 minutes - httpProvider.setMaxRefreshDelay(1000*60*60*24); //24 hours - - httpProvider.setRequireValidMetadata(true); - - httpProvider.initialize(); - - - - - if (httpProvider.getMetadata() == null) { - log.info("Metadata could be received but validation FAILED."); - errors.add(LanguageHelper.getErrorString("validation.pvp2.metadata.validation", request)); - } - - } else { - log.info("Metadata load validation skipped, because it's no http(s) metadata: " + form.getMetaDataURL()); - - } - - } - } - } - - } catch (CertificateException e) { - log.info("Uploaded Certificate can not be found", e); - errors.add(LanguageHelper.getErrorString("validation.pvp2.certificate.notfound", request)); - - } catch (IOException e) { - log.info("Metadata can not be loaded from URL", e); - errors.add(LanguageHelper.getErrorString("validation.pvp2.metadataurl.read", request)); - - } catch (MetadataProviderException e) { - - try { - if (e.getCause() != null && e.getCause().getCause() instanceof SSLHandshakeException) { - log.info("SSL Server certificate not trusted.", e); - errors.add(LanguageHelper.getErrorString("validation.pvp2.metadata.ssl", request)); - - } else if (e.getCause() != null && e.getCause().getCause() instanceof SignatureValidationException) { - log.info("MetaDate verification failed", e); - errors.add(LanguageHelper.getErrorString("validation.pvp2.metadata.verify.sig", request)); - - } else if (e.getCause() != null && e.getCause().getCause() instanceof SchemaValidationException) { - log.info("MetaDate verification failed", e); - errors.add(LanguageHelper.getErrorString("validation.pvp2.metadata.verify.schema", request)); - - } else { - log.info("MetaDate verification failed", e); - errors.add(LanguageHelper.getErrorString("validation.pvp2.metadata.verify.general", request)); - } - - } catch (Exception e1) { - log.info("MetaDate verification failed", e1); - errors.add(LanguageHelper.getErrorString("validation.pvp2.metadata.verify.general", request)); - - } - - } finally { - if (httpProvider != null) - httpProvider.destroy(); - - if (timer != null) - timer.cancel(); - - } - - return errors; - } + public List validate(OAPVP2Config form, String oaID, HttpServletRequest request) { + + Timer timer = null; + MOAHttpClient httpClient = null; + HTTPMetadataProvider httpProvider = null; + + final List errors = new ArrayList<>(); + try { + byte[] certSerialized = null; + if (form.getFileUpload() != null) { + certSerialized = form.getCertificate(); + } else { + try { + // Some databases does not allow the selection of a lob in SQL where expression + final String dbDriver = ConfigurationProvider.getInstance().getConfigurationProperties() + .getProperty("hibernate.connection.driver_class"); + boolean backupVersion = false; + if (MiscUtil.isNotEmpty(dbDriver)) { + for (final String el : MOAIDConstants.JDBC_DRIVER_NEEDS_WORKAROUND) { + if (dbDriver.startsWith(el)) { + backupVersion = true; + log.debug("JDBC driver '" + dbDriver + + "' is blacklisted --> Switch to alternative DB access methode implementation."); + + } + + } + } + + final Map oa = ConfigurationProvider.getInstance().getDbRead() + .getOnlineApplicationKeyValueWithId(oaID, backupVersion); + if (oa != null && + MiscUtil.isNotEmpty(oa.get(MOAIDConfigurationConstants.SERVICE_PROTOCOLS_PVP2X_CERTIFICATE))) { + certSerialized = Base64Utils.decode(oa.get( + MOAIDConfigurationConstants.SERVICE_PROTOCOLS_PVP2X_CERTIFICATE), false); + form.setStoredCert(certSerialized); + } + + } catch (final ConfigurationException e) { + log.error("MOA-ID-Configuration initialization FAILED.", e); + + } + } + + final String check = form.getMetaDataURL(); + if (MiscUtil.isNotEmpty(check)) { + + if (!ValidationHelper.validateURL(check)) { + log.info("MetaDataURL has no valid form."); + errors.add(LanguageHelper.getErrorString("validation.pvp2.metadataurl.valid", request)); + + } else { + if (certSerialized == null) { + log.info("No certificate for metadata validation"); + errors.add(LanguageHelper.getErrorString("validation.pvp2.certificate.notfound", request)); + + } else { + if (form.getMetaDataURL().startsWith("http")) { + final X509Certificate cert = new X509Certificate(certSerialized); + final BasicX509Credential credential = new BasicX509Credential(); + credential.setEntityCertificate(cert); + + timer = new Timer(); + httpClient = new MOAHttpClient(); + + if (form.getMetaDataURL().startsWith("https:")) { + try { + final MOAHttpProtocolSocketFactory protoSocketFactory = new MOAHttpProtocolSocketFactory( + "MOAMetaDataProvider", + true, + ConfigurationProvider.getInstance().getCertStoreDirectory(), + ConfigurationProvider.getInstance().getTrustStoreDirectory(), + null, + "pkix", + true, + new String[] { "crl" }, + false); + + httpClient.setCustomSSLTrustStore( + form.getMetaDataURL(), + protoSocketFactory); + + } catch (final MOAHttpProtocolSocketFactoryException e) { + log.warn("MOA SSL-TrustStore can not initialized. Use default Java TrustStore.", e); + + } catch (final ConfigurationException e) { + log.info("No MOA specific SSL-TrustStore configured. Use default Java TrustStore."); + + } + } + + final List filterList = new ArrayList<>(); + filterList.add(new MetaDataVerificationFilter(credential)); + + try { + filterList.add(new SchemaValidationFilter( + ConfigurationProvider.getInstance().isPVPMetadataSchemaValidationActive())); + + } catch (final ConfigurationException e) { + log.warn("Configuration access FAILED!", e); + + } + + final MetadataFilterChain filter = new MetadataFilterChain(); + filter.setFilters(filterList); + + httpProvider = + new HTTPMetadataProvider(timer, httpClient, form.getMetaDataURL()); + httpProvider.setParserPool(new BasicParserPool()); + httpProvider.setRequireValidMetadata(true); + httpProvider.setMetadataFilter(filter); + httpProvider.setMinRefreshDelay(1000 * 60 * 15); // 15 minutes + httpProvider.setMaxRefreshDelay(1000 * 60 * 60 * 24); // 24 hours + + httpProvider.setRequireValidMetadata(true); + + httpProvider.initialize(); + + if (httpProvider.getMetadata() == null) { + log.info("Metadata could be received but validation FAILED."); + errors.add(LanguageHelper.getErrorString("validation.pvp2.metadata.validation", request)); + } + + } else { + log.info("Metadata load validation skipped, because it's no http(s) metadata: " + form + .getMetaDataURL()); + + } + + } + } + } + + } catch (final CertificateException e) { + log.info("Uploaded Certificate can not be found", e); + errors.add(LanguageHelper.getErrorString("validation.pvp2.certificate.notfound", request)); + + } catch (final IOException e) { + log.info("Metadata can not be loaded from URL", e); + errors.add(LanguageHelper.getErrorString("validation.pvp2.metadataurl.read", request)); + + } catch (final MetadataProviderException e) { + + try { + if (e.getCause() != null && e.getCause().getCause() instanceof SSLHandshakeException) { + log.info("SSL Server certificate not trusted.", e); + errors.add(LanguageHelper.getErrorString("validation.pvp2.metadata.ssl", request)); + + } else if (e.getCause() != null && e.getCause().getCause() instanceof SignatureValidationException) { + log.info("MetaDate verification failed", e); + errors.add(LanguageHelper.getErrorString("validation.pvp2.metadata.verify.sig", request)); + + } else if (e.getCause() != null && e.getCause().getCause() instanceof SchemaValidationException) { + log.info("MetaDate verification failed", e); + errors.add(LanguageHelper.getErrorString("validation.pvp2.metadata.verify.schema", request)); + + } else { + log.info("MetaDate verification failed", e); + errors.add(LanguageHelper.getErrorString("validation.pvp2.metadata.verify.general", request)); + } + + } catch (final Exception e1) { + log.info("MetaDate verification failed", e1); + errors.add(LanguageHelper.getErrorString("validation.pvp2.metadata.verify.general", request)); + + } + + } finally { + if (httpProvider != null) { + httpProvider.destroy(); + } + + if (timer != null) { + timer.cancel(); + } + + } + + return errors; + } } diff --git a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/validation/oa/OASAML1ConfigValidation.java b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/validation/oa/OASAML1ConfigValidation.java index 95104b929..903e8899a 100644 --- a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/validation/oa/OASAML1ConfigValidation.java +++ b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/validation/oa/OASAML1ConfigValidation.java @@ -27,25 +27,23 @@ import java.util.List; import javax.servlet.http.HttpServletRequest; -import org.apache.log4j.Logger; - import at.gv.egovernment.moa.id.configuration.data.oa.OAGeneralConfig; import at.gv.egovernment.moa.id.configuration.data.oa.OASAML1Config; import at.gv.egovernment.moa.id.configuration.helper.LanguageHelper; +import lombok.extern.slf4j.Slf4j; +@Slf4j public class OASAML1ConfigValidation { - private static final Logger log = Logger.getLogger(OASAML1ConfigValidation.class); - - public List validate(OASAML1Config form, OAGeneralConfig general, HttpServletRequest request) { - - List errors = new ArrayList(); - - if (general.isBusinessService() && form.isProvideStammZahl()) { - log.info("ProvideStammZahl can not be used with BusinessService applications"); - errors.add(LanguageHelper.getErrorString("validation.saml1.providestammzahl", request)); - } - - return errors; - } + public List validate(OASAML1Config form, OAGeneralConfig general, HttpServletRequest request) { + + final List errors = new ArrayList<>(); + + if (general.isBusinessService() && form.isProvideStammZahl()) { + log.info("ProvideStammZahl can not be used with BusinessService applications"); + errors.add(LanguageHelper.getErrorString("validation.saml1.providestammzahl", request)); + } + + return errors; + } } diff --git a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/validation/oa/OASSOConfigValidation.java b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/validation/oa/OASSOConfigValidation.java index 971e11cc4..109257551 100644 --- a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/validation/oa/OASSOConfigValidation.java +++ b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/validation/oa/OASSOConfigValidation.java @@ -27,33 +27,31 @@ import java.util.List; import javax.servlet.http.HttpServletRequest; -import org.apache.log4j.Logger; - import at.gv.egovernment.moa.id.commons.validation.ValidationHelper; import at.gv.egovernment.moa.id.configuration.data.oa.OASSOConfig; import at.gv.egovernment.moa.id.configuration.helper.LanguageHelper; import at.gv.egovernment.moa.util.MiscUtil; +import lombok.extern.slf4j.Slf4j; +@Slf4j public class OASSOConfigValidation { - - private static final Logger log = Logger.getLogger(OASSOConfigValidation.class); - - public List validate(OASSOConfig form, boolean isAdmin, HttpServletRequest request) { - - List errors = new ArrayList(); - - String urlString = form.getSingleLogOutURL(); - if (MiscUtil.isEmpty(urlString)) { - log.info("No Single Log-Out URL"); - //TODO: set error if it is implemented - //errors.add(LanguageHelper.getErrorString("validation.sso.logouturl.empty")); - } else { - if (!ValidationHelper.validateURL(urlString) && form.isUseSSO()) { - log.info("Single Log-Out url validation error"); - errors.add(LanguageHelper.getErrorString("validation.sso.logouturl.valid", request)); - } - } - - return errors; - } + + public List validate(OASSOConfig form, boolean isAdmin, HttpServletRequest request) { + + final List errors = new ArrayList<>(); + + final String urlString = form.getSingleLogOutURL(); + if (MiscUtil.isEmpty(urlString)) { + log.info("No Single Log-Out URL"); + // TODO: set error if it is implemented + // errors.add(LanguageHelper.getErrorString("validation.sso.logouturl.empty")); + } else { + if (!ValidationHelper.validateURL(urlString) && form.isUseSSO()) { + log.info("Single Log-Out url validation error"); + errors.add(LanguageHelper.getErrorString("validation.sso.logouturl.valid", request)); + } + } + + return errors; + } } diff --git a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/validation/oa/OASTORKConfigValidation.java b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/validation/oa/OASTORKConfigValidation.java index 00ccdca8c..a8836145a 100644 --- a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/validation/oa/OASTORKConfigValidation.java +++ b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/validation/oa/OASTORKConfigValidation.java @@ -28,60 +28,59 @@ import java.util.List; import javax.servlet.http.HttpServletRequest; -import org.apache.log4j.Logger; - import at.gv.egovernment.moa.id.commons.MOAIDConstants; import at.gv.egovernment.moa.id.commons.db.dao.config.deprecated.AttributeProviderPlugin; import at.gv.egovernment.moa.id.commons.validation.ValidationHelper; import at.gv.egovernment.moa.id.configuration.data.oa.OASTORKConfig; import at.gv.egovernment.moa.id.configuration.helper.LanguageHelper; import at.gv.egovernment.moa.util.MiscUtil; +import lombok.extern.slf4j.Slf4j; +@Slf4j public class OASTORKConfigValidation { - private static final Logger log = Logger.getLogger(OASTORKConfigValidation.class); + public List validate(OASTORKConfig oageneral, HttpServletRequest request) { + + final List errors = new ArrayList<>(); + + // check qaa + final String qaa = oageneral.getQaa(); + if (MiscUtil.isNotEmpty(qaa) && !MOAIDConstants.ALLOWED_eIDAS_LOA.contains(qaa)) { + log.warn("eIDAS LoA is not allowed : " + qaa); + errors.add(LanguageHelper.getErrorString("validation.stork.qaa.outofrange", + new Object[] { qaa }, request)); + } + + if (oageneral.isVidpEnabled()) { + final Iterator interator = oageneral.getAttributeProviderPlugins().iterator(); + while (interator.hasNext()) { + final AttributeProviderPlugin current = interator.next(); + if (MiscUtil.isEmpty(current.getUrl()) || !ValidationHelper.validateURL(current.getUrl())) { + log.info("AttributeProviderPlugin URL has no valid form."); + errors.add(LanguageHelper.getErrorString("validation.stork.ap.url.valid", request)); + } + if (MiscUtil.isEmpty(current.getName())) { + log.info("AttributeProviderPlugin Name is empty."); + errors.add(LanguageHelper.getErrorString("validation.stork.ap.name.empty", request)); - public List validate(OASTORKConfig oageneral, HttpServletRequest request) { + } else { + if (!oageneral.getAvailableAttributeProviderPlugins().contains(current.getName())) { + log.info("AttributeProviderPlugin Name is not supported."); + errors.add(LanguageHelper.getErrorString("validation.stork.ap.name.valid", request)); + } + } - List errors = new ArrayList(); + if (MiscUtil.isEmpty(current.getAttributes()) || !current.getAttributes().matches( + "[a-zA-Z]+(, ?[a-zA-Z]+)*")) { + log.info("AttributeProviderPlugin attributes are empty or do not match csv format."); + errors.add(LanguageHelper.getErrorString("validation.stork.ap.attributes.valid", request)); + } + } - // check qaa - String qaa = oageneral.getQaa(); - if (MiscUtil.isNotEmpty(qaa) && !MOAIDConstants.ALLOWED_eIDAS_LOA.contains(qaa)) { - log.warn("eIDAS LoA is not allowed : " + qaa); - errors.add(LanguageHelper.getErrorString("validation.stork.qaa.outofrange", - new Object[] {qaa}, request )); - } - - if (oageneral.isVidpEnabled()) { - Iterator interator = oageneral.getAttributeProviderPlugins().iterator(); - while (interator.hasNext()) { - AttributeProviderPlugin current = interator.next(); - if (MiscUtil.isEmpty(current.getUrl()) || !ValidationHelper.validateURL(current.getUrl())) { - log.info("AttributeProviderPlugin URL has no valid form."); - errors.add(LanguageHelper.getErrorString("validation.stork.ap.url.valid", request)); - } - if (MiscUtil.isEmpty(current.getName())) { - log.info("AttributeProviderPlugin Name is empty."); - errors.add(LanguageHelper.getErrorString("validation.stork.ap.name.empty", request)); - - } else { - if (!oageneral.getAvailableAttributeProviderPlugins().contains(current.getName())) { - log.info("AttributeProviderPlugin Name is not supported."); - errors.add(LanguageHelper.getErrorString("validation.stork.ap.name.valid", request)); - } - } - - if (MiscUtil.isEmpty(current.getAttributes()) || !current.getAttributes().matches("[a-zA-Z]+(, ?[a-zA-Z]+)*")) { - log.info("AttributeProviderPlugin attributes are empty or do not match csv format."); - errors.add(LanguageHelper.getErrorString("validation.stork.ap.attributes.valid", request)); - } - } - - } else { - oageneral.setAttributeProviderPlugins(null); - } + } else { + oageneral.setAttributeProviderPlugins(null); + } - return errors; - } + return errors; + } } diff --git a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/validation/oa/OATargetConfigValidation.java b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/validation/oa/OATargetConfigValidation.java index 4807d479e..3e1ed0a38 100644 --- a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/validation/oa/OATargetConfigValidation.java +++ b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/validation/oa/OATargetConfigValidation.java @@ -29,8 +29,6 @@ import java.util.regex.Pattern; import javax.servlet.http.HttpServletRequest; -import org.apache.log4j.Logger; - import at.gv.egovernment.moa.id.commons.validation.ValidationHelper; import at.gv.egovernment.moa.id.configuration.Constants; import at.gv.egovernment.moa.id.configuration.data.oa.OAGeneralConfig; @@ -38,133 +36,133 @@ import at.gv.egovernment.moa.id.configuration.data.oa.OATargetConfiguration; import at.gv.egovernment.moa.id.configuration.helper.LanguageHelper; import at.gv.egovernment.moa.id.configuration.validation.CompanyNumberValidator; import at.gv.egovernment.moa.util.MiscUtil; +import lombok.extern.slf4j.Slf4j; +@Slf4j public class OATargetConfigValidation { - private static final Logger log = Logger.getLogger(OATargetConfigValidation.class); - - public List validate(OATargetConfiguration form, boolean isAdmin, OAGeneralConfig general, HttpServletRequest request) { - - List errors = new ArrayList(); - String check; - - if (general.isBusinessService()) { - - //check identification type - check = form.getIdentificationType(); - if (!form.getIdentificationTypeList().contains(check)) { - log.info("IdentificationType is not known."); - errors.add(LanguageHelper.getErrorString("validation.general.stork.sptarget", request)); - } - - //check identification number - check = form.getIdentificationNumber(); - if (MiscUtil.isEmpty(check)) { - log.info("Empty IdentificationNumber"); - errors.add(LanguageHelper.getErrorString("validation.general.identificationnumber.empty", request)); - - } else { - if (ValidationHelper.containsNotValidCharacter(check, false)) { - log.warn("IdentificationNumber contains potentail XSS characters: " + check); - errors.add(LanguageHelper.getErrorString("validation.general.identificationnumber.valid", - new Object[] {ValidationHelper.getNotValidCharacter(false)}, request )); - } - - if (form.getIdentificationType().equals(Constants.IDENIFICATIONTYPE_FN)) { - CompanyNumberValidator val = new CompanyNumberValidator(); - if (!val.validate(check)) { - log.info("Not valid CompanyNumber"); - errors.add(LanguageHelper.getErrorString("validation.general.identificationnumber.fn.valid", request)); - } - - } else if (form.getIdentificationType().equals(Constants.IDENIFICATIONTYPE_EIDAS)) { - Pattern pattern = Pattern.compile("[A-Z,a-z]{2}\\+[A-Z,a-z]{2}"); - Matcher matcher = pattern.matcher(check); - if (!matcher.matches()) { - log.info("Not valid eIDAS Target"); - errors.add(LanguageHelper.getErrorString("validation.general.identificationnumber.eidas.valid", request)); - - } - - } - } - - } else { - - check = form.getTarget_subsector(); - if (MiscUtil.isNotEmpty(check)) { - if (!ValidationHelper.isValidAdminTarget(check)) { - log.info("Not valid Target-Subsector"); - errors.add(LanguageHelper.getErrorString("validation.general.target.subsector.valid", request)); - } - } - - - if (!isAdmin) { - //check PublicURL Prefix allows PublicService - if (!ValidationHelper.isPublicServiceAllowed(general.getIdentifier())) { - log.warn("PublicURLPrefix does not allow PublicService: " + general.getIdentifier()); - errors.add(LanguageHelper.getErrorString("validation.general.target.publicserviceurl", - new Object[] {general.getIdentifier()}, request )); - general.setBusinessService(true); - return errors; - - } - - //check Target - check = form.getTarget(); - if (MiscUtil.isEmpty(check)) { - log.info("Empty Target"); - errors.add(LanguageHelper.getErrorString("validation.general.target.empty", request)); - - } else { - if (!ValidationHelper.isValidTarget(check)) { - log.info("Not valid Target"); - errors.add(LanguageHelper.getErrorString("validation.general.target.valid", request)); - } - } - - } else { - - //check targetFrindlyName(); - check = form.getTargetFriendlyName(); - if (MiscUtil.isNotEmpty(check)) { - if (ValidationHelper.containsNotValidCharacter(check, false)) { - log.warn("TargetFriendlyName contains potentail XSS characters: " + check); - errors.add(LanguageHelper.getErrorString("validation.general.targetfriendlyname", - new Object[] {ValidationHelper.getNotValidCharacter(false)}, request )); - } - } - - if (MiscUtil.isEmpty(form.getTarget()) && MiscUtil.isEmpty(form.getTarget_admin())) { - log.info("Empty Target"); - errors.add(LanguageHelper.getErrorString("validation.general.target.empty", request)); - } - - //check Target - check = form.getTarget(); - if (MiscUtil.isNotEmpty(check)) { - if (!ValidationHelper.isValidTarget(check)) { - log.info("Not valid Target"); - errors.add(LanguageHelper.getErrorString("validation.general.target.valid", request)); - } - } - - //check Admin Target - check = form.getTarget_admin(); - if (MiscUtil.isNotEmpty(check)) { - if (!ValidationHelper.isValidAdminTarget(check)) { - log.info("Not valid Target"); - errors.add(LanguageHelper.getErrorString("validation.general.target.admin.valid", request)); - } - } - } - } - - - //foreign bPK configuration - - - return errors; - } + public List validate(OATargetConfiguration form, boolean isAdmin, OAGeneralConfig general, + HttpServletRequest request) { + + final List errors = new ArrayList<>(); + String check; + + if (general.isBusinessService()) { + + // check identification type + check = form.getIdentificationType(); + if (!form.getIdentificationTypeList().contains(check)) { + log.info("IdentificationType is not known."); + errors.add(LanguageHelper.getErrorString("validation.general.stork.sptarget", request)); + } + + // check identification number + check = form.getIdentificationNumber(); + if (MiscUtil.isEmpty(check)) { + log.info("Empty IdentificationNumber"); + errors.add(LanguageHelper.getErrorString("validation.general.identificationnumber.empty", request)); + + } else { + if (ValidationHelper.containsNotValidCharacter(check, false)) { + log.warn("IdentificationNumber contains potentail XSS characters: " + check); + errors.add(LanguageHelper.getErrorString("validation.general.identificationnumber.valid", + new Object[] { ValidationHelper.getNotValidCharacter(false) }, request)); + } + + if (form.getIdentificationType().equals(Constants.IDENIFICATIONTYPE_FN)) { + final CompanyNumberValidator val = new CompanyNumberValidator(); + if (!val.validate(check)) { + log.info("Not valid CompanyNumber"); + errors.add(LanguageHelper.getErrorString("validation.general.identificationnumber.fn.valid", + request)); + } + + } else if (form.getIdentificationType().equals(Constants.IDENIFICATIONTYPE_EIDAS)) { + final Pattern pattern = Pattern.compile("[A-Z,a-z]{2}\\+[A-Z,a-z]{2}"); + final Matcher matcher = pattern.matcher(check); + if (!matcher.matches()) { + log.info("Not valid eIDAS Target"); + errors.add(LanguageHelper.getErrorString("validation.general.identificationnumber.eidas.valid", + request)); + + } + + } + } + + } else { + + check = form.getTarget_subsector(); + if (MiscUtil.isNotEmpty(check)) { + if (!ValidationHelper.isValidAdminTarget(check)) { + log.info("Not valid Target-Subsector"); + errors.add(LanguageHelper.getErrorString("validation.general.target.subsector.valid", request)); + } + } + + if (!isAdmin) { + // check PublicURL Prefix allows PublicService + if (!ValidationHelper.isPublicServiceAllowed(general.getIdentifier())) { + log.warn("PublicURLPrefix does not allow PublicService: " + general.getIdentifier()); + errors.add(LanguageHelper.getErrorString("validation.general.target.publicserviceurl", + new Object[] { general.getIdentifier() }, request)); + general.setBusinessService(true); + return errors; + + } + + // check Target + check = form.getTarget(); + if (MiscUtil.isEmpty(check)) { + log.info("Empty Target"); + errors.add(LanguageHelper.getErrorString("validation.general.target.empty", request)); + + } else { + if (!ValidationHelper.isValidTarget(check)) { + log.info("Not valid Target"); + errors.add(LanguageHelper.getErrorString("validation.general.target.valid", request)); + } + } + + } else { + + // check targetFrindlyName(); + check = form.getTargetFriendlyName(); + if (MiscUtil.isNotEmpty(check)) { + if (ValidationHelper.containsNotValidCharacter(check, false)) { + log.warn("TargetFriendlyName contains potentail XSS characters: " + check); + errors.add(LanguageHelper.getErrorString("validation.general.targetfriendlyname", + new Object[] { ValidationHelper.getNotValidCharacter(false) }, request)); + } + } + + if (MiscUtil.isEmpty(form.getTarget()) && MiscUtil.isEmpty(form.getTarget_admin())) { + log.info("Empty Target"); + errors.add(LanguageHelper.getErrorString("validation.general.target.empty", request)); + } + + // check Target + check = form.getTarget(); + if (MiscUtil.isNotEmpty(check)) { + if (!ValidationHelper.isValidTarget(check)) { + log.info("Not valid Target"); + errors.add(LanguageHelper.getErrorString("validation.general.target.valid", request)); + } + } + + // check Admin Target + check = form.getTarget_admin(); + if (MiscUtil.isNotEmpty(check)) { + if (!ValidationHelper.isValidAdminTarget(check)) { + log.info("Not valid Target"); + errors.add(LanguageHelper.getErrorString("validation.general.target.admin.valid", request)); + } + } + } + } + + // foreign bPK configuration + + return errors; + } } -- cgit v1.2.3 From b2332a3b55b1d5164f9764cb895185798b4fb4a2 Mon Sep 17 00:00:00 2001 From: Thomas Lenz Date: Tue, 14 Dec 2021 11:52:51 +0100 Subject: fix possible problem with IAIK provider --- id/ConfigWebTool/pom.xml | 4 +- .../config/ConfigurationProvider.java | 59 ++++++++++++++++++++++ id/moa-id-webgui/pom.xml | 4 +- id/oa/pom.xml | 4 +- id/server/idserverlib/pom.xml | 4 +- id/server/moa-id-commons/pom.xml | 4 +- 6 files changed, 69 insertions(+), 10 deletions(-) (limited to 'id/ConfigWebTool/src') diff --git a/id/ConfigWebTool/pom.xml b/id/ConfigWebTool/pom.xml index fefc4fec5..90ec43a39 100644 --- a/id/ConfigWebTool/pom.xml +++ b/id/ConfigWebTool/pom.xml @@ -276,8 +276,8 @@ org.apache.maven.plugins maven-compiler-plugin - 1.7 - 1.7 + 1.8 + 1.8 diff --git a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/config/ConfigurationProvider.java b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/config/ConfigurationProvider.java index 8eb4db4a2..2cce2ebab 100644 --- a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/config/ConfigurationProvider.java +++ b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/config/ConfigurationProvider.java @@ -33,9 +33,12 @@ import java.net.URL; import java.security.KeyStore; import java.security.KeyStoreException; import java.security.NoSuchAlgorithmException; +import java.security.Provider; +import java.security.Security; import java.security.cert.CertificateException; import java.util.ArrayList; import java.util.Arrays; +import java.util.Optional; import java.util.Properties; import java.util.Timer; import java.util.jar.Attributes; @@ -54,6 +57,9 @@ import org.springframework.context.ApplicationContext; import org.springframework.context.support.ClassPathXmlApplicationContext; import org.springframework.context.support.GenericApplicationContext; +import com.google.common.collect.Streams; + +import at.gv.egiz.eaaf.core.impl.data.Pair; import at.gv.egiz.eaaf.core.impl.utils.FileUtils; import at.gv.egovernment.moa.id.commons.db.NewConfigurationDBRead; import at.gv.egovernment.moa.id.commons.ex.MOAHttpProtocolSocketFactoryException; @@ -64,8 +70,10 @@ import at.gv.egovernment.moa.id.configuration.Constants; import at.gv.egovernment.moa.id.configuration.auth.pvp2.MetaDataVerificationFilter; import at.gv.egovernment.moa.id.configuration.config.usermanagement.FileBasedUserConfiguration; import at.gv.egovernment.moa.id.configuration.utils.UserRequestCleaner; +import at.gv.egovernment.moa.logging.Logger; import at.gv.egovernment.moa.util.MiscUtil; import iaik.asn1.structures.AlgorithmID; +import iaik.security.provider.IAIK; import iaik.x509.X509Certificate; import lombok.extern.slf4j.Slf4j; @@ -174,6 +182,12 @@ public class ConfigurationProvider { log.info("Hibernate initialization finished."); + //check if IAIK provider is already loaded in first place + Optional> isIaikProviderLoaded = Streams.mapWithIndex( + Arrays.stream(Security.getProviders()), (str, index) -> Pair.newInstance(index, str)) + .filter(el -> IAIK.getInstance().getName().equals(el.getSecond().getName())) + .findAny(); + DefaultBootstrap.bootstrap(); log.info("OPENSAML initialized"); @@ -181,6 +195,17 @@ public class ConfigurationProvider { fixJava8_141ProblemWithSSLAlgorithms(); + //load a first place + checkSecuityProviderPosition(isIaikProviderLoaded); + + if (Logger.isDebugEnabled()) { + log.debug("Loaded Security Provider:"); + Provider[] providerList = Security.getProviders(); + for (int i=0; i> iaikProviderLoadedBefore) { + if (iaikProviderLoadedBefore.isPresent() && iaikProviderLoadedBefore.get().getFirst() == 0) { + Optional> iaikProviderLoadedNow = Streams.mapWithIndex( + Arrays.stream(Security.getProviders()), (str, index) -> Pair.newInstance(index, str)) + .filter(el -> IAIK.getInstance().getName().equals(el.getSecond().getName())) + .findAny(); + + if (iaikProviderLoadedNow.isPresent() && iaikProviderLoadedNow.get().getFirst() != + iaikProviderLoadedBefore.get().getFirst()) { + log.debug("IAIK Provider was loaded before on place: {}, but it's now on place: {}. Starting re-ordering ... ", + iaikProviderLoadedBefore.get().getFirst(), iaikProviderLoadedNow.get().getFirst()); + Security.removeProvider(IAIK.getInstance().getName()); + Security.insertProviderAt(IAIK.getInstance(), 0); + log.info("Re-ordering of Security Provider done."); + + } else { + log.debug("IAIK Provider was loaded before on place: {} and it's already there. Nothing todo", + iaikProviderLoadedBefore.get().getFirst()); + + } + } else { + if (iaikProviderLoadedBefore.isPresent()) { + log.debug("IAIK Provider was loaded before on place: {}. Nothing todo", + iaikProviderLoadedBefore.get().getFirst()); + + } else { + log.debug("IAIK Provider was not loaded before. Nothing todo"); + + } + + } + + } + private static void fixJava8_141ProblemWithSSLAlgorithms() { log.info("Change AlgorithmIDs to fix problems with Java8 >= 141 ..."); // new AlgorithmID("1.2.840.113549.1.1.4", "md5WithRSAEncryption", new String[] diff --git a/id/moa-id-webgui/pom.xml b/id/moa-id-webgui/pom.xml index db9113441..d18f62795 100644 --- a/id/moa-id-webgui/pom.xml +++ b/id/moa-id-webgui/pom.xml @@ -33,8 +33,8 @@ maven-compiler-plugin - 1.7 - 1.7 + 1.8 + 1.8 diff --git a/id/oa/pom.xml b/id/oa/pom.xml index 472c1d637..955f055a2 100644 --- a/id/oa/pom.xml +++ b/id/oa/pom.xml @@ -43,8 +43,8 @@ org.apache.maven.plugins maven-compiler-plugin - 1.7 - 1.7 + 1.8 + 1.8 diff --git a/id/server/idserverlib/pom.xml b/id/server/idserverlib/pom.xml index 9f8fa943c..c9fd1d195 100644 --- a/id/server/idserverlib/pom.xml +++ b/id/server/idserverlib/pom.xml @@ -712,8 +712,8 @@ maven-compiler-plugin 3.6.1 - 1.7 - 1.7 + 1.8 + 1.8 UTF-8 diff --git a/id/server/moa-id-commons/pom.xml b/id/server/moa-id-commons/pom.xml index cb4e0f116..1aac6b397 100644 --- a/id/server/moa-id-commons/pom.xml +++ b/id/server/moa-id-commons/pom.xml @@ -346,8 +346,8 @@ maven-compiler-plugin 3.6.1 - 1.7 - 1.7 + 1.8 + 1.8 UTF-8 -- cgit v1.2.3 From 7f39aaa3d8633e9f05d2570c756e5e1fcac9b017 Mon Sep 17 00:00:00 2001 From: Thomas Lenz Date: Mon, 20 Dec 2021 08:16:01 +0100 Subject: switch from log4j to logback --- id/ConfigWebTool/pom.xml | 8 +- id/ConfigWebTool/src/main/resources/logback.xml | 40 ++++++ id/moa-id-webgui/pom.xml | 5 - id/oa/pom.xml | 4 +- id/oa/src/main/resources/logback.xml | 30 +++++ id/server/auth-edu/pom.xml | 9 +- id/server/auth-edu/src/main/resources/logback.xml | 79 +++++++++++ id/server/auth-final/pom.xml | 4 + .../auth-final/src/main/resources/logback.xml | 100 ++++++++++++++ .../deploy/conf/moa-id-configuration/logback.xml | 40 ++++++ .../conf/moa-id-configuration/logback_config.xml | 71 ---------- id/server/data/deploy/conf/moa-id-oa/logback.xml | 30 +++++ id/server/data/deploy/conf/moa-id/log4j.properties | 62 --------- id/server/data/deploy/conf/moa-id/logback.xml | 79 +++++++++++ .../data/deploy/conf/moa-id/logback_config.xml | 105 --------------- id/server/data/deploy/tomcat/unix/tomcat-start.sh | 3 +- id/server/data/deploy/tomcat/win32/startTomcat.bat | 3 +- id/server/doc/handbook/install/install.html | 144 ++++++++++----------- id/server/moa-id-commons/pom.xml | 5 +- pom.xml | 13 +- 20 files changed, 497 insertions(+), 337 deletions(-) create mode 100644 id/ConfigWebTool/src/main/resources/logback.xml create mode 100644 id/oa/src/main/resources/logback.xml create mode 100644 id/server/auth-edu/src/main/resources/logback.xml create mode 100644 id/server/auth-final/src/main/resources/logback.xml create mode 100644 id/server/data/deploy/conf/moa-id-configuration/logback.xml delete mode 100644 id/server/data/deploy/conf/moa-id-configuration/logback_config.xml create mode 100644 id/server/data/deploy/conf/moa-id-oa/logback.xml delete mode 100644 id/server/data/deploy/conf/moa-id/log4j.properties create mode 100644 id/server/data/deploy/conf/moa-id/logback.xml delete mode 100644 id/server/data/deploy/conf/moa-id/logback_config.xml (limited to 'id/ConfigWebTool/src') diff --git a/id/ConfigWebTool/pom.xml b/id/ConfigWebTool/pom.xml index 487470ce2..394a12e13 100644 --- a/id/ConfigWebTool/pom.xml +++ b/id/ConfigWebTool/pom.xml @@ -87,10 +87,10 @@ eaaf-core - - org.apache.logging.log4j - log4j-core - + + ch.qos.logback + logback-classic + MOA.id diff --git a/id/ConfigWebTool/src/main/resources/logback.xml b/id/ConfigWebTool/src/main/resources/logback.xml new file mode 100644 index 000000000..fc7508598 --- /dev/null +++ b/id/ConfigWebTool/src/main/resources/logback.xml @@ -0,0 +1,40 @@ + + + + + ${catalina.base}/logs/moa-id-webgui.log + + %5p | %d{dd HH:mm:ss,SSS} | %X{sessionId} | %X{transactionId} | %X{oaId} | %t | %m%n + + + 1 + ${catalina.base}/logs/moa-id-webgui.log.%i.gz + + + 10000KB + + + + + %5p | %d{dd HH:mm:ss,SSS} | %X{sessionId} | %X{transactionId} | %X{oaId} |%20.20c | %10t | %m%n + + + + + + + + + + + + + + + + + + + + + diff --git a/id/moa-id-webgui/pom.xml b/id/moa-id-webgui/pom.xml index 2106a84e3..e39516865 100644 --- a/id/moa-id-webgui/pom.xml +++ b/id/moa-id-webgui/pom.xml @@ -72,11 +72,6 @@ commons-collections4 - - org.apache.logging.log4j - log4j-slf4j-impl - - org.opensaml opensaml diff --git a/id/oa/pom.xml b/id/oa/pom.xml index a687401af..908cdb22f 100644 --- a/id/oa/pom.xml +++ b/id/oa/pom.xml @@ -99,8 +99,8 @@ slf4j-api - org.apache.logging.log4j - log4j-slf4j-impl + ch.qos.logback + logback-classic diff --git a/id/oa/src/main/resources/logback.xml b/id/oa/src/main/resources/logback.xml new file mode 100644 index 000000000..b94b7476a --- /dev/null +++ b/id/oa/src/main/resources/logback.xml @@ -0,0 +1,30 @@ + + + + + ${catalina.base}/logs/moa-demo-sp.log + + %5p | %d{dd HH:mm:ss,SSS} | %X{sessionId} | %X{transactionId} | %X{oaId} | %t | %m%n + + + 1 + ${catalina.base}/logs/moa-demo-sp.%i.gz + + + 10000KB + + + + + %5p | %d{dd HH:mm:ss,SSS} | %X{sessionId} | %X{transactionId} | %X{oaId} |%20.20c | %10t | %m%n + + + + + + + + + + + diff --git a/id/server/auth-edu/pom.xml b/id/server/auth-edu/pom.xml index 4d9433996..09e569ff0 100644 --- a/id/server/auth-edu/pom.xml +++ b/id/server/auth-edu/pom.xml @@ -230,8 +230,13 @@ MOA.id.server.modules - moa-id-module-ehvd_integration - + moa-id-module-ehvd_integration + + + + ch.qos.logback + logback-classic + + ${catalina.base}/logs/moa-id.log + + %5p | %d{dd HH:mm:ss,SSS} | %X{sessionId} | %X{transactionId} | %X{oaId} | %t | %m%n + + + 1 + ${catalina.base}/logs/moa-id.log.%i.gz + + + 10000KB + + + + + ${catalina.base}/logs/moa-spss.log + + %5p | %d{dd HH:mm:ss,SSS} | %X{sessionId} | %X{transactionId} | %X{oaId} | %t | %m%n + + + 1 + ${catalina.base}/logs/moa-spss.log.%i.gz + + + 10000KB + + + + + ${catalina.base}/moa-id-reversion.log + + %5p | %d{ISO8601} | %t | %m%n + + + 9999 + ${catalina.base}/moa-id-reversion.log.%i.gz + + + 10000KB + + + + + %5p | %d{dd HH:mm:ss,SSS} | %X{sessionId} | %X{transactionId} | %X{oaId} |%20.20c | %10t | %m%n + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + diff --git a/id/server/auth-final/pom.xml b/id/server/auth-final/pom.xml index 684ed38ee..2ed05cad4 100644 --- a/id/server/auth-final/pom.xml +++ b/id/server/auth-final/pom.xml @@ -176,6 +176,10 @@ moa-id-module-ehvd_integration + + ch.qos.logback + logback-classic + diff --git a/id/server/auth-final/src/main/resources/logback.xml b/id/server/auth-final/src/main/resources/logback.xml new file mode 100644 index 000000000..e5394d87a --- /dev/null +++ b/id/server/auth-final/src/main/resources/logback.xml @@ -0,0 +1,100 @@ + + + + + ${catalina.base}/logs/moa-id.log + + %5p | %d{dd HH:mm:ss,SSS} | %X{sessionId} | %X{transactionId} | %X{oaId} | %t | %m%n + + + 1 + ${catalina.base}/logs/moa-id.log.%i + + + 10000KB + + + + + ${catalina.base}/logs/moa-spss.log + + %5p | %d{dd HH:mm:ss,SSS} | %X{sessionId} | %X{transactionId} | %X{oaId} | %t | %m%n + + + 1 + ${catalina.base}/logs/moa-spss.log.%i + + + 10000KB + + + + + ${catalina.base}/logs/moa-id-webgui.log + + %5p | %d{dd HH:mm:ss,SSS} | %X{sessionId} | %X{transactionId} | %X{oaId} | %t | %m%n + + + 1 + ${catalina.base}/logs/moa-id-webgui.log.%i + + + 10000KB + + + + + ${catalina.base}/moa-id-reversion.log + + %5p | %d{ISO8601} | %t | %m%n + + + 9999 + ${catalina.base}/moa-id-reversion.log.%i + + + 10000KB + + + + + %5p | %d{dd HH:mm:ss,SSS} | %X{sessionId} | %X{transactionId} | %X{oaId} |%20.20c | %10t | %m%n + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + diff --git a/id/server/data/deploy/conf/moa-id-configuration/logback.xml b/id/server/data/deploy/conf/moa-id-configuration/logback.xml new file mode 100644 index 000000000..fc7508598 --- /dev/null +++ b/id/server/data/deploy/conf/moa-id-configuration/logback.xml @@ -0,0 +1,40 @@ + + + + + ${catalina.base}/logs/moa-id-webgui.log + + %5p | %d{dd HH:mm:ss,SSS} | %X{sessionId} | %X{transactionId} | %X{oaId} | %t | %m%n + + + 1 + ${catalina.base}/logs/moa-id-webgui.log.%i.gz + + + 10000KB + + + + + %5p | %d{dd HH:mm:ss,SSS} | %X{sessionId} | %X{transactionId} | %X{oaId} |%20.20c | %10t | %m%n + + + + + + + + + + + + + + + + + + + + + diff --git a/id/server/data/deploy/conf/moa-id-configuration/logback_config.xml b/id/server/data/deploy/conf/moa-id-configuration/logback_config.xml deleted file mode 100644 index c00e62e52..000000000 --- a/id/server/data/deploy/conf/moa-id-configuration/logback_config.xml +++ /dev/null @@ -1,71 +0,0 @@ - - - - - - - - - - - - - - - - ${catalina.base}/logs/moa-id.log - - %5p | %d{dd HH:mm:ss,SSS} | %X{transactionId} | %t | %m%n - - - 1 - ${catalina.base}/logs/moa-id.log.%i - - - 10000KB - - - - - - - - ${catalina.base}/logs/moa-id-webgui.log - - %5p | %d{dd HH:mm:ss,SSS} | %X{transactionId} | %t | %m%n - - - 1 - ${catalina.base}/logs/moa-id-webgui.log.%i - - - 10000KB - - - - - %5p | %d{dd HH:mm:ss,SSS} | %X{transactionId} |%20.20c | %10t | %m%n - - - - - - - - - - - - - - - - - - - - - - - - diff --git a/id/server/data/deploy/conf/moa-id-oa/logback.xml b/id/server/data/deploy/conf/moa-id-oa/logback.xml new file mode 100644 index 000000000..b94b7476a --- /dev/null +++ b/id/server/data/deploy/conf/moa-id-oa/logback.xml @@ -0,0 +1,30 @@ + + + + + ${catalina.base}/logs/moa-demo-sp.log + + %5p | %d{dd HH:mm:ss,SSS} | %X{sessionId} | %X{transactionId} | %X{oaId} | %t | %m%n + + + 1 + ${catalina.base}/logs/moa-demo-sp.%i.gz + + + 10000KB + + + + + %5p | %d{dd HH:mm:ss,SSS} | %X{sessionId} | %X{transactionId} | %X{oaId} |%20.20c | %10t | %m%n + + + + + + + + + + + diff --git a/id/server/data/deploy/conf/moa-id/log4j.properties b/id/server/data/deploy/conf/moa-id/log4j.properties deleted file mode 100644 index 2914fcff1..000000000 --- a/id/server/data/deploy/conf/moa-id/log4j.properties +++ /dev/null @@ -1,62 +0,0 @@ -# commons-logging setup -org.apache.commons.logging.LogFactory=org.apache.commons.logging.impl.Log4jFactory - -# define log4j root loggers -log4j.rootLogger=warn,stdout - -### MOA-ID process log ### -log4j.logger.at.gv.egiz.eaaf=info,moaid -log4j.logger.at.gv.egovernment.moa.id=info,moaid -log4j.logger.at.gv.egovernment.moa.spss=info,moaid - -### process revision log with event-codes ### -log4j.logger.at.gv.egiz.eventlog.plain.all=info,reversion - -### Signature verification and certificate proofing #### -log4j.logger.at.gv.egovernment.moa.spss=info,moaspss -log4j.logger.iaik.server=info,moaspss -log4j.logger.pki=info,moaspss - -### ConfigTool Logs #### -log4j.logger.at.gv.egiz.components.configuration=info,CONFIGTOOL -log4j.logger.at.gv.egovernment.moa.id.commons=info,CONFIGTOOL -log4j.logger.at.gv.egovernment.moa.id.config.webgui=info,CONFIGTOOL -log4j.logger.at.gv.egovernment.moa.id.configuration=info,CONFIGTOOL - - -### Log Appender #### -# configure the stdout appender -log4j.appender.stdout=org.apache.log4j.ConsoleAppender -log4j.appender.stdout.layout=org.apache.log4j.PatternLayout -log4j.appender.stdout.layout.ConversionPattern=%5p | %d{dd HH:mm:ss,SSS} | %X{sessionId} | %X{transactionId} | %X{oaId} |%20.20c | %10t | %m%n - -# configure the rolling file appender (moaid) -log4j.appender.moaid=org.apache.log4j.RollingFileAppender -log4j.appender.moaid.File=${catalina.base}/logs/moa-id.log -log4j.appender.moaid.MaxFileSize=10000KB -log4j.appender.moaid.MaxBackupIndex=1 -log4j.appender.moaid.layout=org.apache.log4j.PatternLayout -log4j.appender.moaid.layout.ConversionPattern=%5p | %d{dd HH:mm:ss,SSS} | %X{sessionId} | %X{transactionId} | %X{oaId} | %t | %m%n - -# configure the rolling file appender (moaid) -log4j.appender.moaspss=org.apache.log4j.RollingFileAppender -log4j.appender.moaspss.File=${catalina.base}/logs/moa-spss.log -log4j.appender.moaspss.MaxFileSize=10000KB -log4j.appender.moaspss.MaxBackupIndex=1 -log4j.appender.moaspss.layout=org.apache.log4j.PatternLayout -log4j.appender.moaspss.layout.ConversionPattern=%5p | %d{dd HH:mm:ss,SSS} | %X{sessionId} | %X{transactionId} | %X{oaId} | %t | %m%n - -log4j.appender.reversion=org.apache.log4j.RollingFileAppender -log4j.appender.reversion.File=${catalina.base}/moa-id-reversion.log -log4j.appender.reversion.MaxFileSize=10000KB -log4j.appender.reversion.MaxBackupIndex=9999 -log4j.appender.reversion.layout=org.apache.log4j.PatternLayout -log4j.appender.reversion.layout.ConversionPattern=%5p | %d{ISO8601} | %t | %m%n - -# configure the rolling file appender (configtool) -log4j.appender.CONFIGTOOL=org.apache.log4j.RollingFileAppender -log4j.appender.CONFIGTOOL.File=${catalina.base}/logs/moa-id-webgui.log -log4j.appender.CONFIGTOOL.MaxFileSize=10000KB -log4j.appender.CONFIGTOOL.MaxBackupIndex=1 -log4j.appender.CONFIGTOOL.layout=org.apache.log4j.PatternLayout -log4j.appender.CONFIGTOOL.layout.ConversionPattern=%5p | %d{dd HH:mm:ss,SSS} | %X{sessionId} | %X{transactionId} | %X{oaId} | %t | %m%n \ No newline at end of file diff --git a/id/server/data/deploy/conf/moa-id/logback.xml b/id/server/data/deploy/conf/moa-id/logback.xml new file mode 100644 index 000000000..3f0d54fe5 --- /dev/null +++ b/id/server/data/deploy/conf/moa-id/logback.xml @@ -0,0 +1,79 @@ + + + + + ${catalina.base}/logs/moa-id.log + + %5p | %d{dd HH:mm:ss,SSS} | %X{sessionId} | %X{transactionId} | %X{oaId} | %t | %m%n + + + 1 + ${catalina.base}/logs/moa-id.log.%i.gz + + + 10000KB + + + + + ${catalina.base}/logs/moa-spss.log + + %5p | %d{dd HH:mm:ss,SSS} | %X{sessionId} | %X{transactionId} | %X{oaId} | %t | %m%n + + + 1 + ${catalina.base}/logs/moa-spss.log.%i.gz + + + 10000KB + + + + + ${catalina.base}/moa-id-reversion.log + + %5p | %d{ISO8601} | %t | %m%n + + + 9999 + ${catalina.base}/moa-id-reversion.log.%i.gz + + + 10000KB + + + + + %5p | %d{dd HH:mm:ss,SSS} | %X{sessionId} | %X{transactionId} | %X{oaId} |%20.20c | %10t | %m%n + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + diff --git a/id/server/data/deploy/conf/moa-id/logback_config.xml b/id/server/data/deploy/conf/moa-id/logback_config.xml deleted file mode 100644 index fa221fbc2..000000000 --- a/id/server/data/deploy/conf/moa-id/logback_config.xml +++ /dev/null @@ -1,105 +0,0 @@ - - - - - - - - - - - - - ${catalina.base}/logs/moa-id.log - - %5p | %d{dd HH:mm:ss,SSS} | %X{sessionId} | %X{transactionId} | %X{oaId} | %t | %m%n - - - 1 - ${catalina.base}/logs/moa-id.log.%i - - - 10000KB - - - - - ${catalina.base}/logs/moa-spss.log - - %5p | %d{dd HH:mm:ss,SSS} | %X{sessionId} | %X{transactionId} | %X{oaId} | %t | %m%n - - - 1 - ${catalina.base}/logs/moa-spss.log.%i - - - 10000KB - - - - - ${catalina.base}/logs/moa-id-webgui.log - - %5p | %d{dd HH:mm:ss,SSS} | %X{sessionId} | %X{transactionId} | %X{oaId} | %t | %m%n - - - 1 - ${catalina.base}/logs/moa-id-webgui.log.%i - - - 10000KB - - - - - ${catalina.base}/moa-id-reversion.log - - %5p | %d{ISO8601} | %t | %m%n - - - 9999 - ${catalina.base}/moa-id-reversion.log.%i - - - 10000KB - - - - - %5p | %d{dd HH:mm:ss,SSS} | %X{sessionId} | %X{transactionId} | %X{oaId} |%20.20c | %10t | %m%n - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - diff --git a/id/server/data/deploy/tomcat/unix/tomcat-start.sh b/id/server/data/deploy/tomcat/unix/tomcat-start.sh index d717ecd25..0ad50ff0e 100644 --- a/id/server/data/deploy/tomcat/unix/tomcat-start.sh +++ b/id/server/data/deploy/tomcat/unix/tomcat-start.sh @@ -7,8 +7,7 @@ export CATALINA_BASE=$CATALINA_HOME FILE_ENCODING=-Dfile.encoding=UTF-8 RAND_FILE=-Djava.security.egd=file:///dev/urandom -LOGGING_OPT=-Dlog4j.configuration=file:$CATALINA_BASE/conf/moa-id/log4j.properties -LOGGING_LOGBACK_OPT=-Dlogback.configurationFile=$CATALINA_BASE/conf/moa-id/logback_config.xml +LOGGING_LOGBACK_OPT=-Dlogback.configurationFile=$CATALINA_BASE/conf/moa-id/logback.xml CONFIG_OPT=-Dmoa.id.configuration=file:$CATALINA_BASE/conf/moa-id/moa-id.properties SPSS_OPT=-Dmoa.spss.server.configuration=$CATALINA_BASE/conf/moa-spss/SampleMOASPSSConfiguration.xml diff --git a/id/server/data/deploy/tomcat/win32/startTomcat.bat b/id/server/data/deploy/tomcat/win32/startTomcat.bat index afdd907c8..93eb3ea80 100644 --- a/id/server/data/deploy/tomcat/win32/startTomcat.bat +++ b/id/server/data/deploy/tomcat/win32/startTomcat.bat @@ -12,8 +12,7 @@ rem ---------------------------------------------------------------------------- set FILE_ENCODING=-Dfile.encoding=UTF-8 set RAND_FILE=-Djava.security.egd=file:///dev/urandom -set LOGGING_OPT=-Dlog4j.configuration=file:%CATALINA_HOME%/conf/moa-id/log4j.properties -set LOGGING_LOGBACK_OPT=-Dlogback.configurationFile=%CATALINA_HOME%/conf/moa-id/logback_config.xml +set LOGGING_LOGBACK_OPT=-Dlogback.configurationFile=%CATALINA_HOME%/conf/moa-id/logback.xml set CONFIG_OPT_SPSS=-Dmoa.spss.server.configuration=%CATALINA_HOME%/conf/moa-spss/SampleMOASPSSConfiguration.xml set CONFIG_OPT_ID=-Dmoa.id.configuration=file:%CATALINA_HOME%/conf/moa-id/moa-id.properties diff --git a/id/server/doc/handbook/install/install.html b/id/server/doc/handbook/install/install.html index bcd802b75..4f9214cbd 100644 --- a/id/server/doc/handbook/install/install.html +++ b/id/server/doc/handbook/install/install.html @@ -7,7 +7,7 @@ - +
@@ -16,65 +16,65 @@
-

Installation

+

Installation

Inhalt

-
    -
  1. -

    MOA-ID-Auth und MOA-ID-Configuration

    -
      -
    1. Basisinstallation -
        -
      1. Einführung
        2. -
      2. Installation -
          -
        1. Vorbereitung
          2. -
        2. Konfiguration von Apache Tomcat -
            -
          1. Konfiguration des HTTP Connectors
            2. -
          2. Konfiguration des HTTPS Connectors
            3. -
          -
          3. +
            +
          1. +

            MOA-ID-Auth und MOA-ID-Configuration

            +
              +
            1. Basisinstallation +
                +
              1. Einführung
                2. +
              2. Installation +
                  +
                1. Vorbereitung
                  2. +
                2. Konfiguration von Apache Tomcat +
                    +
                  1. Konfiguration des HTTP Connectors
                    2. +
                  2. Konfiguration des HTTPS Connectors
                    3. +
                  +
                3. Einsatz des Moduls MOA-ID-Auth in Tomcat
                  4. -
                4. Einsatz des Moduls MOA-ID-Configuration in Tomcat
                  5. -
                5. Starten und Stoppen von Tomcat -
                    -
                  1. Unter Windows
                    2. -
                  2. Unter Unix
                    3. -
                  3. Prüfen des erfolgreichen Starts
                    4. -
                  -
                  6. -
                6. Änderung der Konfiguration im laufenden Betrieb
                  7. -
                -
                3. -
              3. Logging -
                  -
                1. Format der Log-Meldungen
                  2. -
                2. Wichtige Log-Meldungen
                  3. -
                -
                4. -
              -
              2. -
            2. Erweiterungsmöglichkeiten
                -
              1. Vorgeschalteter Webserver
                  -
                1. Microsoft Internet Information Server (MS IIS)
                    -
                  1. Konfiguration von mod_jk im MS IIS
                    2. -
                  2. Konfiguration von Tomcat
                    3. -
                  3. Konfiguration von SSL
                    4. -
                  -
                  2. -
                2. Apache
                    -
                  1. Konfiguration von mod_jk im Apache
                    2. -
                  2. Konfiguration von Tomcat
                    3. -
                  3. Konfiguration von SSL mit mod_SSL
                    4. -
                  -
                  3. +
                3. Einsatz des Moduls MOA-ID-Configuration in Tomcat
                  4. +
                4. Starten und Stoppen von Tomcat +
                    +
                  1. Unter Windows
                    2. +
                  2. Unter Unix
                    3. +
                  3. Prüfen des erfolgreichen Starts
                    4. +
                  +
                  5. +
                5. Änderung der Konfiguration im laufenden Betrieb
                  6. +
                +
                2. +
              2. Logging +
                  +
                1. Format der Log-Meldungen
                  2. +
                2. Wichtige Log-Meldungen
                  3. +
                +
                3. +
              +
              3. +
            3. Erweiterungsmöglichkeiten
                +
              1. Vorgeschalteter Webserver
                  +
                1. Microsoft Internet Information Server (MS IIS)
                    +
                  1. Konfiguration von mod_jk im MS IIS
                    2. +
                  2. Konfiguration von Tomcat
                    3. +
                  3. Konfiguration von SSL
                    4. +
                  +
                  2. +
                2. Apache
                    +
                  1. Konfiguration von mod_jk im Apache
                    2. +
                  2. Konfiguration von Tomcat
                    3. +
                  3. Konfiguration von SSL mit mod_SSL
                    4. +
                  +
              4. -
            +
        -
          +
          1. Referenzierte Software

          1 Übersicht

          @@ -95,7 +95,7 @@
        1. Java SE Update SE 7 (neuestes Update) bzw. Java SE 8 (neuestes Update)
        2. Apache Tomcat 7 (neuestes Update) bzw. Apache Tomcat 8 (neuestes Update)
          3. -

          In diesem Betriebs-Szenario wird das MOA-ID-Auth Webservice und das MOA-ID Konfigurationstool in Tomcat zum Einsatz gebracht. Beide Module können sowohl in derselben Tomcat-Instanz, als auch in separaten Tomcat-Instanzen betrieben werden. Für den Fall des separaten Betriebs muss die Installation auf beiden Tomcat-Instanzen ausgeführt werden. In beiden Fällen fungiert der Tomcat gleichzeitig als HTTP- und HTTPS-Endpunkt für beide Module. Beide Protokolle werden direkt in Tomcat konfiguriert, wobei MOA-ID-Auth und MOA-ID-Configuration Log4j als Logging Toolkit verwenden.

          +

          In diesem Betriebs-Szenario wird das MOA-ID-Auth Webservice und das MOA-ID Konfigurationstool in Tomcat zum Einsatz gebracht. Beide Module können sowohl in derselben Tomcat-Instanz, als auch in separaten Tomcat-Instanzen betrieben werden. Für den Fall des separaten Betriebs muss die Installation auf beiden Tomcat-Instanzen ausgeführt werden. In beiden Fällen fungiert der Tomcat gleichzeitig als HTTP- und HTTPS-Endpunkt für beide Module. Beide Protokolle werden direkt in Tomcat konfiguriert, wobei MOA-ID-Auth und MOA-ID-Configuration LogBack als Logging Toolkit verwenden.

          2.1.2 Installation

          2.1.2.1 Vorbereitung

          Die folgenden Schritte dienen der Vorbereitung der Installation.

          @@ -108,9 +108,9 @@
          Entpacken Sie die Datei moa-id-auth-3.0.0.zip in ein beliebiges Verzeichnis. Dieses Verzeichnis wird im weiteren Verlauf als $MOA_ID_AUTH_INST bezeichnet.
          Installation der Kryptographiebibliotheken von SIC/IAIK
          -

          Kopieren Sie alle Dateien aus dem Verzeichnis $MOA_ID_AUTH_INST/ext in das Verzeichnis $JAVA_HOME/jre/lib/ext. Zusätzlich müssen Sie die Rechtedateien Ihrer Java SE austauschen. Laden Sie dazu die passenden Unlimited Strength - - +

          Kopieren Sie alle Dateien aus dem Verzeichnis $MOA_ID_AUTH_INST/ext in das Verzeichnis $JAVA_HOME/jre/lib/ext. Zusätzlich müssen Sie die Rechtedateien Ihrer Java SE austauschen. Laden Sie dazu die passenden Unlimited Strength + + Jurisdiction Policy Files von der Java SE Downloadseite und achten Sie darauf die für ihre verwendete Java SE Installation richtige Version zu nehmen. Anschließend folgen Sie der darin enthaltenen Installationsanweisung.

          Installation einer Datenbank
          @@ -142,8 +142,7 @@
        3. moa.id.configuration: Pfad und Name der Basiskonfigurationsdatei für MOA-ID-Auth. Eine beispielhafte Konfigurationsdatei finden Sie hier. Wird ein relativer Pfad angegeben, wird dieser relativ zum Startverzeichnis der Java Virtual Machine interpretiert.
        4. moa.spss.server.configuration: Pfad und Name der zentralen Konfigurationsdatei für MOA SP/SS. Eine beispielhafte Konfigurationsdatei finden Sie hier. Wird ein relativer Pfad angegeben, wird dieser relativ zum Startverzeichnis der Java Virtual Machine interpretiert. Ist diese System Property nicht gesetzt, wird automatisch eine im Webarchiv unter WEB-INF/conf enthaltene Default-Konfiguration herangezogen.
        5. eu.stork.samlengine.config.location: Pfad auf den Ordner mit den zentralen Konfigurationsdateien für STORK. Die Beispielkonfiguration für das Modul MOA-ID-Auth enthält bereits den Ordner für die STORK Konfiguration.
          6. -
        6. log4j.configuration: URL der Log4j Konfigurationsdatei. Eine beispielhafte Log4j-Konfiguration finden Sie hier. Wird eine relative URL angegeben, wird diese als File-URL relativ zum Startverzeichnis der Java Virtual Machine interpretiert. Ist diese System Property nicht gesetzt, wird automatisch eine im Webarchiv unter WEB-INF/classes enthaltene Default-Konfiguration herangezogen.
          7. -
        7. -Dlogback.configurationFile: URL der LogBack Konfigurationsdatei. Eine beispielhafte LobBack-Konfiguration finden Sie hier. Wird eine relative URL angegeben, wird diese als File-URL relativ zum Startverzeichnis der Java Virtual Machine interpretiert. Ist diese System Property nicht gesetzt, wird automatisch eine im Webarchiv unter WEB-INF/classes enthaltene Default-Konfiguration herangezogen. Überdies besteht die Möglichkeit eine bestehende Log44 Konfigurationsdatei in der LogBack Format zu überführen (http://logback.qos.ch/translator/).
          8. +
        8. -Dlogback.configurationFile: URL der LogBack Konfigurationsdatei. Eine beispielhafte LobBack-Konfiguration finden Sie hier. Wird eine relative URL angegeben, wird diese als File-URL relativ zum Startverzeichnis der Java Virtual Machine interpretiert. Ist diese System Property nicht gesetzt, wird automatisch eine im Webarchiv unter WEB-INF/classes enthaltene Default-Konfiguration herangezogen. Überdies besteht die Möglichkeit eine bestehende Log44 Konfigurationsdatei in der LogBack Format zu überführen (http://logback.qos.ch/translator/).
        9. javax.net.ssl.trustStore: Pfad und Dateiname des Truststores für vertrauenswürdige SSL Zertifikate. Die SSL Serverzertifikate der Server von denen mittels https Dateien bezogen werden müssen im Truststore abgelegt werden. Ein relativer Pfad werden relativ zum Startverzeichnis der Java Virtual Machine interpretiert.
        10. javax.net.ssl.trustStorePassword: Passwort für den Truststore (optional; nur, wenn SSL Client-Authentisierung durchgeführt werden soll).
        11. javax.net.ssl.trustStoreType: Truststore-Typ (optional; nur, wenn SSL Client-Authentisierung durchgeführt werden soll). Je nach verwendetem Keystore-Typ muss jks (Java Key Store) oder pkcs12 (PKCS#12-Datei) angegeben werden.
          12. @@ -161,8 +160,7 @@
          • moa.id.webconfig: Pfad und Name der Basiskonfigurationsdatei für MOA-ID-Configuration. Eine beispielhafte Konfigurationsdatei finden Sie hier. Wird ein relativer Pfad angegeben, wird dieser relativ zum Startverzeichnis der Java Virtual Machine interpretiert.
          • user.properties: Pfad und Name der Basiskonfigurationsdatei für das Usermanagement der Konfigurationsoberfläche. Eine beispielhafte Konfigurationsdatei finden Sie hier. Wird ein relativer Pfad angegeben, wird dieser relativ zum Startverzeichnis der Java Virtual Machine interpretiert.
            • -
          • log4j.configuration: URL der Log4j Konfigurationsdatei. Eine beispielhafte Log4j-Konfiguration finden Sie hier. Wird eine relative URL angegeben, wird diese als File-URL relativ zum Startverzeichnis der Java Virtual Machine interpretiert. Ist diese System Property nicht gesetzt, wird automatisch eine im Webarchiv unter WEB-INF/classes enthaltene Default-Konfiguration herangezogen.
            • -
          • logback.configurationFile: URL der LogBack Konfigurationsdatei. Eine beispielhafte LobBack-Konfiguration finden Sie hier. Wird eine relative URL angegeben, wird diese als File-URL relativ zum Startverzeichnis der Java Virtual Machine interpretiert. Ist diese System Property nicht gesetzt, wird automatisch eine im Webarchiv unter WEB-INF/classes enthaltene Default-Konfiguration herangezogen. Überdies besteht die Möglichkeit eine bestehende Log44 Konfigurationsdatei in der LogBack Format zu überführen (http://logback.qos.ch/translator/).
            • +
          • logback.configurationFile: URL der LogBack Konfigurationsdatei. Eine beispielhafte LobBack-Konfiguration finden Sie hier. Wird eine relative URL angegeben, wird diese als File-URL relativ zum Startverzeichnis der Java Virtual Machine interpretiert. Ist diese System Property nicht gesetzt, wird automatisch eine im Webarchiv unter WEB-INF/classes enthaltene Default-Konfiguration herangezogen. Überdies besteht die Möglichkeit eine bestehende Log44 Konfigurationsdatei in der LogBack Format zu überführen (http://logback.qos.ch/translator/).
          • javax.net.ssl.trustStore: Pfad und Dateiname des Truststores für vertrauenswürdige SSL Zertifikate Die SSL Serverzertifikate der Server von denen mittels https Dateien bezogen werden müssen im Truststore abgelegt werden. Ein relativer Pfad werden relativ zum Startverzeichnis der Java Virtual Machine interpretiert.
          • javax.net.ssl.trustStorePassword: Passwort für den Truststore (optional; nur, wenn SSL Client-Authentisierung durchgeführt werden soll).
          • javax.net.ssl.trustStoreType: Truststore-Typ (optional; nur, wenn SSL Client-Authentisierung durchgeführt werden soll). Je nach verwendetem Keystore-Typ muss jks (Java Key Store) oder pkcs12 (PKCS#12-Datei) angegeben werden.
            • @@ -186,7 +184,7 @@ gestartet werden. Das Stoppen von Tomcat erfolgt analog mit

            Ein erfolgreicher Start des MOA-ID-Auth Modules ist an folgender Log-Meldung ersichtlich:

-
32131 [localhost-startStop-1] INFO moa.id.auth  - MOA ID Authentisierung wurde erfolgreich gestartet 
+
32131 [localhost-startStop-1] INFO moa.id.auth  - MOA ID Authentisierung wurde erfolgreich gestartet
 32131 [localhost-startStop-1] INFO moa.id.auth  - Dispatcher Servlet initialization finished.

 
Analog bei MOA-ID-Configuration

 
INFO | 21 10:16:22 | localhost-startStop-1 | Loading config module: MOAIDConfigurationModul

@@ -202,7 +200,7 @@ https://<host>:<port>/moa-id-auth/
 https://<host>:<port>/egiz-configuration-webapp/

Die Verfügbarkeit des Services können Sie einfach überprüfen, indem Sie die Endpunkte mit einem Web-Browser aufgerufen; dies sollte nach erfolgreichem Start zur Anzeige einer Informationsseite führen.

2.1.3 Logging
-

Beide Module verwenden Log4j für die Ausgabe von Log-Meldungen am Bildschirm bzw. in Log-Dateien. Log4j bietet zahlreiche Konfigurationsmöglichkeiten, die ausführlich im Log4j Handbuch beschrieben sind. Unter anderem gibt es die Möglichkeit, folgende Einstellungen vorzunehmen: +

Beide Module verwenden LobBack für die Ausgabe von Log-Meldungen am Bildschirm bzw. in Log-Dateien. LogBack bietet zahlreiche Konfigurationsmöglichkeiten, die ausführlich im LogBack Handbuch beschrieben sind. Unter anderem gibt es die Möglichkeit, folgende Einstellungen vorzunehmen:

  • Das verwendete Log-Level (DEBUG, INFO, WARN, ERROR, FATAL);

    @@ -228,16 +226,16 @@ https://<host>:<port>/egiz-configuration-webapp/

  • at.gv.egiz.eventlog.plain.all für alle Log-Meldungen aus dem MOA-ID EventLog zur Revisionssicherung

    -
    • +

  • iaik.server für alle Log-Meldungen aus den SIC/IAIK Kryptographie-Modulen.

-

Eine für beide Module passende Konfigurationsdatei für Log4j finden Sie hier. Wird diese Datei als Logging-Konfiguration verwendet, so werden alle Log-Meldungen sowohl in die Konsole, als auch in die Dateien moa-id-auth.log und moa-id-configuration.log geschrieben.

+

Wird diese Datei als Logging-Konfiguration verwendet, so werden alle Log-Meldungen sowohl in die Konsole, als auch in die Dateien moa-id-auth.log und moa-id-configuration.log geschrieben.

2.1.3.1 Format der Log-Meldungen
-

Anhand einer konkreten Log-Meldung wird das Format der MOA SP/SS Log-Meldungen erläutert:

+

Anhand einer konkreten Log-Meldung wird das Format der MOA-ID-Meldungen erläutert: 

- INFO | 2017-09-18 10:29:22,904 | SID-7947921060553739539 | TID-4708232418268334030 | https://sso.demosp.at/handysignatur 
+ INFO | 2017-09-18 10:29:22,904 | SID-7947921060553739539 | TID-4708232418268334030 | https://sso.demosp.at/handysignatur
       | ajp-nio-28109-exec-7 | No SSO Session cookie found

Der Wert INFO besagt, dass die Log-Meldung im Log-Level INFO entstanden ist. Folgende Log-Levels existieren:

@@ -259,19 +257,19 @@ https://<host>:<port>/egiz-configuration-webapp/

Der nächste Wert 01 21:25:26,540 gibt den Zeitpunkt an, zu dem die Log-Meldung generiert wurde (in diesem Fall den 1. Tag im aktuellen Monat, sowie die genaue Uhrzeit).

-

Der Wert SID-7947921060553739539 bezeichnet die SessionID, welche diesem Request zugeordnet wurde. Eine SessionID ist innerhalb einer SSO auch über mehrere Authentifizierungsrequests eindeutig. Das Loggen der SessionID kann mittels %X{sessionId} in der log4j Konfiguration gesetzt werden

-

Der Wert TID-4708232418268334030 bezeichnet die TransactionsID, welche diesem Request zugeordnet wurde. Eine TransactionsID ist innerhalb eines Authentifizierungsrequests eindeutig. Das Loggen der TransactionsID kann mittels %X{transactionId} in der log4j Konfiguration gesetzt werden

-

Der Wert https://sso.demosp.at/handysignatur bezeichnet die Online Applikation (eindeutiger Identifier dieses Service Providers) für welchen dieser Authentifizierungsrequest durchgeführt wird. Das Loggen des OA Identifiers kann mittels %X{oaId} in der log4j Konfiguration gesetzt werden

+

Der Wert SID-7947921060553739539 bezeichnet die SessionID, welche diesem Request zugeordnet wurde. Eine SessionID ist innerhalb einer SSO auch über mehrere Authentifizierungsrequests eindeutig. Das Loggen der SessionID kann mittels %X{sessionId} in der LogBack Konfiguration gesetzt werden

+

Der Wert TID-4708232418268334030 bezeichnet die TransactionsID, welche diesem Request zugeordnet wurde. Eine TransactionsID ist innerhalb eines Authentifizierungsrequests eindeutig. Das Loggen der TransactionsID kann mittels %X{transactionId} in der LogBack Konfiguration gesetzt werden

+

Der Wert https://sso.demosp.at/handysignatur bezeichnet die Online Applikation (eindeutiger Identifier dieses Service Providers) für welchen dieser Authentifizierungsrequest durchgeführt wird. Das Loggen des OA Identifiers kann mittels %X{oaId} in der LogBack Konfiguration gesetzt werden

Der Wert ajp-nio-28109-exec-7 bezeichnet den Thread, von dem die Anfrage bearbeitet wird.

Der Rest der Zeile einer Log-Meldung ist der eigentliche Text, mit dem das System bestimmte Informationen anzeigt. Im Fehlerfall ist häufig ein Java Stack-Trace angefügt, der eine genauere Ursachen-Forschung ermöglicht.

2.1.3.2 Wichtige Log-Meldungen

Neben den im Abschnitt 2.1.2.4.3 beschriebenen Log-Meldungen, die anzeigen, ob das Service ordnungsgemäß gestartet wurde, geben nachfolgenden Log-Meldungen Aufschluss über die Abarbeitung von Anfragen.

Die Entgegennahme einer Anfrage wird angezeigt durch: - + 

125690 [ajp-bio-129.27.142.119-38609-exec-1] INFO moa.id.auth  - REQUEST: /moa-id-auth/dispatcher
 125690 [ajp-bio-129.27.142.119-38609-exec-1] INFO moa.id.auth  - QUERY  : mod=id_pvp2x&action=Post&
-

Ein Fehler beim Abarbeiten der Anfrage wird angezeigt durch: +

Ein Fehler beim Abarbeiten der Anfrage wird angezeigt durch: 

2435298 [ajp-bio-129.27.142.119-38609-exec-10] ERROR moa.id.auth  - Failed to generate a valid protocol request!

In diesem Fall gibt der mitgeloggte Stacktrace Auskunft über die Art des Fehlers.

@@ -318,7 +316,7 @@ https://<host>:<port>/egiz-configuration-webapp/ Java Standard Edition (Software Development Kit bzw. Java Runtime Environment) - Log4J + LogBack Logging Framework diff --git a/id/server/moa-id-commons/pom.xml b/id/server/moa-id-commons/pom.xml index 446c11437..56af92d73 100644 --- a/id/server/moa-id-commons/pom.xml +++ b/id/server/moa-id-commons/pom.xml @@ -182,12 +182,11 @@ org.apache.logging.log4j - log4j-slf4j-impl + log4j-1.2-api - org.apache.logging.log4j - log4j-1.2-api + log4j-to-slf4j diff --git a/pom.xml b/pom.xml index 6a28bf6b9..99f846438 100644 --- a/pom.xml +++ b/pom.xml @@ -59,7 +59,8 @@ 2.0.0 1.7.30 - 2.16.0 + 2.17.0 + 1.2.9 4.5.13 4.4.15 @@ -474,18 +475,18 @@ org.apache.logging.log4j - log4j-slf4j-impl + log4j-1.2-api ${log4j.version} org.apache.logging.log4j - log4j-1.2-api + log4j-to-slf4j ${log4j.version} - org.apache.logging.log4j - log4j-core - ${log4j.version} + ch.qos.logback + logback-classic + ${logback.version} -- cgit v1.2.3