From 29f01a4975f637c26fbcd0b43a9c844d7d3d2e54 Mon Sep 17 00:00:00 2001 From: Florian Reimair Date: Tue, 12 Jan 2016 15:57:30 +0100 Subject: fetch requested attributes from configuration --- .../webgui/validation/task/impl/GeneralSTORKConfigurationTask.java | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) (limited to 'id/moa-id-webgui/src') diff --git a/id/moa-id-webgui/src/main/java/at/gv/egovernment/moa/id/config/webgui/validation/task/impl/GeneralSTORKConfigurationTask.java b/id/moa-id-webgui/src/main/java/at/gv/egovernment/moa/id/config/webgui/validation/task/impl/GeneralSTORKConfigurationTask.java index c6086583a..1747e2207 100644 --- a/id/moa-id-webgui/src/main/java/at/gv/egovernment/moa/id/config/webgui/validation/task/impl/GeneralSTORKConfigurationTask.java +++ b/id/moa-id-webgui/src/main/java/at/gv/egovernment/moa/id/config/webgui/validation/task/impl/GeneralSTORKConfigurationTask.java @@ -210,6 +210,7 @@ public static final List KEYWHITELIST; for(String key : attributeList.keySet()) { if (key.endsWith(MOAIDConfigurationConstants.GENERAL_AUTH_STORK_ATTRIBUTES_LIST_NAME)) { String value = attributeList.get(key); + value = value.replace("eidas/attributes/", ""); // since eIDaS attributes come with a "/", we need to exclude them from validation. TODO Or should we require the admin to escape them in the UI? if (!validatedAttributes.contains(value)) { if (ValidationHelper.containsPotentialCSSCharacter(value, true)) { log.warn("default attributes contains potentail XSS characters: " + value); @@ -219,7 +220,7 @@ public static final List KEYWHITELIST; LanguageHelper.getErrorString("validation.stork.requestedattributes", new Object[] {ValidationHelper.getPotentialCSSCharacter(true)}))); } - if(!value.toLowerCase().matches("^[a-z0-9]*$")) { + if(!value.toLowerCase().matches("^[A-Za-z]*$")) { log.warn("default attributes do not match the requested format : " + value); errors.add(new ValidationObjectIdentifier( MOAIDConfigurationConstants.GENERAL_AUTH_STORK_QAA, -- cgit v1.2.3 From 4b932484d66ef161bb547a419fdc32f04677fe57 Mon Sep 17 00:00:00 2001 From: Thomas Lenz Date: Thu, 7 Apr 2016 10:44:11 +0200 Subject: fix some possible problems with STORK configuration in config-GUI --- .../task/impl/GeneralMOAIDConfigurationTask.java | 8 ++-- .../task/impl/GeneralSTORKConfigurationTask.java | 54 +++++++++++----------- 2 files changed, 32 insertions(+), 30 deletions(-) (limited to 'id/moa-id-webgui/src') diff --git a/id/moa-id-webgui/src/main/java/at/gv/egovernment/moa/id/config/webgui/validation/task/impl/GeneralMOAIDConfigurationTask.java b/id/moa-id-webgui/src/main/java/at/gv/egovernment/moa/id/config/webgui/validation/task/impl/GeneralMOAIDConfigurationTask.java index 1c3e0fe13..270d0866c 100644 --- a/id/moa-id-webgui/src/main/java/at/gv/egovernment/moa/id/config/webgui/validation/task/impl/GeneralMOAIDConfigurationTask.java +++ b/id/moa-id-webgui/src/main/java/at/gv/egovernment/moa/id/config/webgui/validation/task/impl/GeneralMOAIDConfigurationTask.java @@ -435,10 +435,10 @@ public class GeneralMOAIDConfigurationTask extends AbstractTaskValidator impleme check = input.get(KeyValueUtils.removePrefixFromKey(MOAIDConfigurationConstants.GENERAL_AUTH_SSO_TARGET, getKeyPrefix())); if (MiscUtil.isEmpty(check)) { log.info("Empty SSO Target"); - errors.add(new ValidationObjectIdentifier( - MOAIDConfigurationConstants.GENERAL_AUTH_SSO_TARGET, - "SSO - Target", - LanguageHelper.getErrorString("validation.general.sso.target.empty"))); +// errors.add(new ValidationObjectIdentifier( +// MOAIDConfigurationConstants.GENERAL_AUTH_SSO_TARGET, +// "SSO - Target", +// LanguageHelper.getErrorString("validation.general.sso.target.empty"))); } else { diff --git a/id/moa-id-webgui/src/main/java/at/gv/egovernment/moa/id/config/webgui/validation/task/impl/GeneralSTORKConfigurationTask.java b/id/moa-id-webgui/src/main/java/at/gv/egovernment/moa/id/config/webgui/validation/task/impl/GeneralSTORKConfigurationTask.java index 1747e2207..8a1a2925b 100644 --- a/id/moa-id-webgui/src/main/java/at/gv/egovernment/moa/id/config/webgui/validation/task/impl/GeneralSTORKConfigurationTask.java +++ b/id/moa-id-webgui/src/main/java/at/gv/egovernment/moa/id/config/webgui/validation/task/impl/GeneralSTORKConfigurationTask.java @@ -133,38 +133,40 @@ public static final List KEYWHITELIST; LanguageHelper.getErrorString("validation.stork.cpeps.cc", new Object[] {cc}))); } - } else { - log.warn("CPEPS config countrycode is empty : " + cc); - errors.add(new ValidationObjectIdentifier( - MOAIDConfigurationConstants.GENERAL_AUTH_STORK_CPEPS_LIST - + "." + cpepsKey, - "STORK - CPEPS Country", - LanguageHelper.getErrorString("validation.stork.cpeps.empty", - new Object[] {cc}))); - } - - // check url - if (MiscUtil.isNotEmpty(url)) { - if (!ValidationHelper.validateURL(url)) { - log.info("CPEPS config URL is invalid : " + url); + + // check url + if (MiscUtil.isNotEmpty(url)) { + if (!ValidationHelper.validateURL(url)) { + log.info("CPEPS config URL is invalid : " + url); + errors.add(new ValidationObjectIdentifier( + MOAIDConfigurationConstants.GENERAL_AUTH_STORK_CPEPS_LIST + + "." + index + "." + + MOAIDConfigurationConstants.GENERAL_AUTH_STORK_CPEPS_LIST_URL, + "STORK - CPEPS URL", + LanguageHelper.getErrorString("validation.stork.cpeps.url"))); + } + } else { + log.warn("CPEPS config url is empty : " + url); errors.add(new ValidationObjectIdentifier( MOAIDConfigurationConstants.GENERAL_AUTH_STORK_CPEPS_LIST + "." + index + "." + MOAIDConfigurationConstants.GENERAL_AUTH_STORK_CPEPS_LIST_URL, "STORK - CPEPS URL", - LanguageHelper.getErrorString("validation.stork.cpeps.url"))); - } + LanguageHelper.getErrorString("validation.stork.cpeps.empty", + new Object[] {url}))); + + } + } else { - log.warn("CPEPS config url is empty : " + url); - errors.add(new ValidationObjectIdentifier( - MOAIDConfigurationConstants.GENERAL_AUTH_STORK_CPEPS_LIST - + "." + index + "." - + MOAIDConfigurationConstants.GENERAL_AUTH_STORK_CPEPS_LIST_URL, - "STORK - CPEPS URL", - LanguageHelper.getErrorString("validation.stork.cpeps.empty", - new Object[] {url}))); - - } + log.warn("CPEPS config countrycode is empty : " + cc); +// errors.add(new ValidationObjectIdentifier( +// MOAIDConfigurationConstants.GENERAL_AUTH_STORK_CPEPS_LIST +// + "." + cpepsKey, +// "STORK - CPEPS Country", +// LanguageHelper.getErrorString("validation.stork.cpeps.empty", +// new Object[] {cc}))); + } + validatedCPeps.put(cc, url); } else { -- cgit v1.2.3