From 9bbe4aa713e2c38dcfba02880c9b2cb63e82a859 Mon Sep 17 00:00:00 2001 From: kstranacher Date: Tue, 21 Jun 2011 15:40:44 +0000 Subject: =?UTF-8?q?*=20Update=20MOA-ID=20(Template=20Mechanismus=20f=C3=BC?= =?UTF-8?q?r=20Online-Vollmachten=20inkl.=20MOA-ID=20Config)=20*=20Update?= =?UTF-8?q?=20BK-Auswahl=20Howto=20*=20Update=20Default-Konfigurationen=20?= =?UTF-8?q?*=20L=C3=B6schen=20von=20A1-Signatur=20Texten=20*=20Entfernung?= =?UTF-8?q?=20von=20tempates.war?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit git-svn-id: https://joinup.ec.europa.eu/svn/moa-idspss/trunk@1206 d688527b-c9ab-4aba-bd8d-4036d912da1d --- .../moa/id/auth/AuthenticationServer.java | 6 + .../AuthenticationBlockAssertionBuilder.java | 7 +- .../builder/CreateXMLSignatureRequestBuilder.java | 54 +++-- .../auth/builder/GetIdentityLinkFormBuilder.java | 235 ++++++++++++++++----- .../moa/id/auth/builder/SAMLArtifactBuilder.java | 9 + .../moa/id/auth/data/AuthenticationSession.java | 7 +- .../id/auth/servlet/GetMISSessionIDServlet.java | 10 +- .../servlet/VerifyAuthenticationBlockServlet.java | 5 +- .../moa/id/config/ConfigurationBuilder.java | 91 +++++++- .../moa/id/config/OnlineMandatesTemplates.java | 54 +++++ .../moa/id/config/auth/OAAuthParameter.java | 24 ++- 11 files changed, 423 insertions(+), 79 deletions(-) create mode 100644 id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/OnlineMandatesTemplates.java (limited to 'id/server/idserverlib/src/main/java/at/gv/egovernment/moa') diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/AuthenticationServer.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/AuthenticationServer.java index a772e0457..af7841321 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/AuthenticationServer.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/AuthenticationServer.java @@ -291,6 +291,7 @@ public class AuthenticationServer implements MOAIDAuthConstants { * may be null; in this case, the default location will be used * @param useMandate Indicates if mandate is used or not * @param templateURL URL providing an HTML template for the HTML form generated + * @param templateMandteURL URL providing an HTML template for the HTML form generated (for signing in mandates mode) * @param scheme determines the protocol used * @return HTML form * @throws AuthenticationException @@ -391,6 +392,8 @@ public class AuthenticationServer implements MOAIDAuthConstants { ex); } } + + String pushInfobox = ""; VerifyInfoboxParameters verifyInfoboxParameters = oaParam.getVerifyInfoboxParameters(); if (verifyInfoboxParameters != null) { @@ -887,6 +890,8 @@ public class AuthenticationServer implements MOAIDAuthConstants { session.setExtendedSAMLAttributesAUTH(new Vector()); // Initialize SAML Attributes session.setExtendedSAMLAttributesOA(new Vector()); + //System.out.println("SAML set: " + session.getExtendedSAMLAttributesAUTH().size()); + if (verifyInfoboxParameters != null) { infoboxParameters = verifyInfoboxParameters.getInfoboxParameters(); @@ -1720,6 +1725,7 @@ public class AuthenticationServer implements MOAIDAuthConstants { } AuthenticationData authData = null; synchronized (authenticationDataStore) { + System.out.println("assertionHandle: " + assertionHandle); authData = (AuthenticationData) authenticationDataStore.get(assertionHandle); if (authData == null) { Logger.error("Assertion not found for SAML Artifact: " + samlArtifact); diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/builder/AuthenticationBlockAssertionBuilder.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/builder/AuthenticationBlockAssertionBuilder.java index bab387b4a..d105c3206 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/builder/AuthenticationBlockAssertionBuilder.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/builder/AuthenticationBlockAssertionBuilder.java @@ -190,9 +190,12 @@ public class AuthenticationBlockAssertionBuilder extends AuthenticationAssertion } ExtendedSAMLAttribute bpkAttribute = new ExtendedSAMLAttributeImpl("bPK", bpkSamlValueElement, Constants.MOA_NS_URI, ExtendedSAMLAttribute.ADD_TO_AUTHBLOCK_ONLY); - + + System.out.println("extendedSAMLAttributes: " + extendedSAMLAttributes.size()); + extendedSAMLAttributes.add(bpkAttribute); - //gebeORwbpk = gebeORwbpk + MessageFormat.format(BPK_ATTRIBUTE, new Object[] { identityLinkValue, identityLinkType }); + + //gebeORwbpk = gebeORwbpk + MessageFormat.format(BPK_ATTRIBUTE, new Object[] { identityLinkValue, identityLinkType }); wbpkNSDeclaration = " xmlns:pr=\"" + PD_NS_URI + "\""; //..BZ } diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/builder/CreateXMLSignatureRequestBuilder.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/builder/CreateXMLSignatureRequestBuilder.java index c61e2dd84..4d29c9135 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/builder/CreateXMLSignatureRequestBuilder.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/builder/CreateXMLSignatureRequestBuilder.java @@ -152,8 +152,8 @@ public class CreateXMLSignatureRequestBuilder implements Constants { // request += ""; request += ""; request += ""; - request += "

Authentication Data:

"; - request += "

Personal Data

"; + request += "

Anmeldedaten für (Requesting Application Access for):

"; + request += "

Persönliche Daten (Personal Data)

"; request += ""; request += ""; request += ""; @@ -162,21 +162,21 @@ public class CreateXMLSignatureRequestBuilder implements Constants { request += ""; request += ""; request += "
Name:
"; - request += "

Application Data

"; + request += "

Daten zur Anwendung (Application Data)

"; request += ""; request += ""; - request += ""; + request += ""; request += ""; request += ""; request += ""; - request += ""; - request += ""; + request += ""; + request += ""; request += ""; request += "
Name:Dienst (Service):"; // friendlyname from OA request += StringUtils.isEmpty(oaParam.getFriendlyName()) ? "" : oaParam.getFriendlyName(); request += "
Country:AustriaLand (Country):Österreich (Austria)
"; - request += "

Technical Parameters

"; + request += "

Technische Parameter (Technical Parameters)

"; request += ""; request += ""; request += ""; @@ -203,7 +203,7 @@ public class CreateXMLSignatureRequestBuilder implements Constants { // OA is publicservice request += ""; request += ""; + request += "Sektor (Sector):"; request += ""; @@ -212,27 +212,45 @@ public class CreateXMLSignatureRequestBuilder implements Constants { } request += ""; - request += ""; + request += ""; request += ""; request += ""; request += ""; - request += ""; + request += ""; request += ""; request += ""; request += "
URL:
"; - request += "Sector:"; request += target + " (" + sectorName + ")"; request += "
Date:Datum (Date):"; request += date; request += "
Time:Zeit (Time):"; request += time; request += "
"; - request += "

I hereby request to access this e-government application by using my " + - "domestic electronic identity.
" + - "I further affirm that I am not yet registered with the Austrian Central " + - "Residents Registry and that I am not obliged to register with the Austrian " + - "Central Residents Registry according to Austrian law.
" + - "In the event I am not yet registered with the Supplementary Register, I " + - "explicitly grant to do so according to §6 (5) E-Government Act (EGovG, idF: " + - "BGBl. I Nr. 7/2008 und BGBl. I Nr. 59/2008).

"; + request += "

Mit der Anmeldung erfolgt eine Abfrage des Ergänzungsregister für " + + "natürliche Personen (ERnP), damit ich meinen elektronischen " + + "Identitätsnachweis (meine elektronische Identitätskarte) unmittelbar " + + "als Österreichische Bürgerkarte verwenden kann. Ich bin nicht im " + + "Zentralen Melderegister eingetragen und stimme, sofern ich nicht im " + + "ERnP eingetragen bin, einer Eintragung ins ERnP zu. Ich nehme zur " + + "Kenntnis, dass die Eintragung ins ERnP ausschließlich der Aufzeichnung " + + "jener Daten, die für die eindeutige Identität notwendig sind, dient.

"; + + request += "

I affirm that I am not registered with the Austrian Central " + + "Register of Residents or the Supplementary Register for Natural Persons. I therefore " + + "apply for registration in the Supplementary Register for Natural Persons in order to use " + + "my electronic identity (my electronic ID card) as an Austrian citizen card. I take note " + + "that registration in the Supplementary Register for Natural Persons solely serves keeping " + + "records of those data that are used for validation of unique identity and that those data " + + "is only used for e-government purposes.

"; + + +// request += "

I hereby request to access this e-government application by using my " + +// "domestic electronic identity.
" + +// "I further affirm that I am not yet registered with the Austrian Central " + +// "Residents Registry and that I am not obliged to register with the Austrian " + +// "Central Residents Registry according to Austrian law.
" + +// "In the event I am not yet registered with the Supplementary Register, I " + +// "explicitly grant to do so according to §6 (5) E-Government Act (EGovG, idF: " + +// "BGBl. I Nr. 7/2008 und BGBl. I Nr. 59/2008).

"; request += ""; request += ""; diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/builder/GetIdentityLinkFormBuilder.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/builder/GetIdentityLinkFormBuilder.java index 9bab8643f..dcaed084a 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/builder/GetIdentityLinkFormBuilder.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/builder/GetIdentityLinkFormBuilder.java @@ -15,11 +15,19 @@ */ package at.gv.egovernment.moa.id.auth.builder; +import java.io.BufferedReader; import java.io.IOException; import java.io.StringReader; import java.io.StringWriter; +import at.gv.egovernment.moa.id.AuthenticationException; import at.gv.egovernment.moa.id.BuildException; +import at.gv.egovernment.moa.id.config.ConfigurationException; +import at.gv.egovernment.moa.id.config.OnlineMandatesTemplates; +import at.gv.egovernment.moa.id.config.auth.AuthConfigurationProvider; +import at.gv.egovernment.moa.id.config.auth.OAAuthParameter; +import at.gv.egovernment.moa.logging.Logger; +import at.gv.egovernment.moa.util.FileUtils; /** * Builder for HTML form requesting the security layer implementation @@ -43,6 +51,8 @@ public class GetIdentityLinkFormBuilder extends Builder { private static final String CERTINFO_DATAURL_TAG = ""; /** special tag in the HTML template to be substituted for the infoboxes to be pushed from the BKU */ private static final String PUSHINFOBOX_TAG = ""; + /** special tag in the HTML template to be substituted for the BKU URL */ + private static final String MANDATE_TAG = ""; /** private static int all contains the representation to replace all tags*/ private static final int ALL = -1; @@ -83,48 +93,101 @@ public class GetIdentityLinkFormBuilder extends Builder { "" + nl + ""; - /** default HTML template */ - private static final String DEFAULT_HTML_TEMPLATE_FOR_MANDATES = + /** default HTML template for mandates */ + private static final String DEFAULT_HTML_TEMPLATE_FOR_MANDATES_OLD = "" + nl + "" + nl + - "" + nl + + "" + nl + "Vollmachten-Anmeldung" + nl + - "" + nl + - "" + nl + - "" + nl + - "
" + nl + - " " + nl + - " " + nl + - " " + nl + - " " + nl + - "
" + nl + - "
" + nl + - " " + nl + - " " + nl + -// " " + nl + - " " + nl + - "
" + nl + - "" + nl + + "" + nl + + "" + nl + + "" + nl + + "

Vollmachten-Anmeldung

" + nl + + "" + nl + + "" + nl + + ""; + + + /** default HTML template - iFrame */ + private static final String DEFAULT_HTML_TEMPLATE_IFRAME_FOR_MANDATES_OLD = + "" + + "" + + //"" + + "" + + "Vollmachten-Anmeldung" + + "" + + "" + + "
" + + " " + + " " + + " " + + " " + + "
" + + "
" + + " " + + " " + + " " + + "
" + + "" + + ""; + + /** default HTML template for Online mandates */ + private static final String DEFAULT_HTML_TEMPLATE_IFRAME_FOR_MANDATES = + "" + + "" + + "" + + "Vollmachten-Anmeldung" + + "" + + "" + + "
" + + " " + + " " + + " " + + " " + + "
" + + "
" + + " " + + " " + + " " + + "
" + + "" + ""; /** @@ -167,25 +230,101 @@ public class GetIdentityLinkFormBuilder extends Builder { /** * Builds the HTML form, including XML Request and data URL as parameters. * - * @param htmlTemplate template to be used for the HTML form; - * may be null, in this case a default layout will be produced * @param xmlRequest XML Request to be sent as a parameter in the form * @param bkuURL URL of the "Bürgerkartenumgebung" the form will be submitted to; * may be null, in this case the default URL will be used * @param dataURL DataURL to be sent as a parameter in the form */ public String buildCreateSignature( - String bkuURL, + String bkuURL, String xmlRequest, - String dataURL) + String dataURL, + String oaUrl) throws BuildException { - String htmlForm = DEFAULT_HTML_TEMPLATE_FOR_MANDATES; - htmlForm = replaceTag(htmlForm, BKU_TAG, bkuURL, true, ALL); - htmlForm = replaceTag(htmlForm, XMLREQUEST_TAG, encodeParameter(xmlRequest), true, ALL); - htmlForm = replaceTag(htmlForm, DATAURL_TAG, dataURL, true, ALL); - return htmlForm; + String htmlForm = ""; + OAAuthParameter oaParam; + try { + oaParam = AuthConfigurationProvider.getInstance().getOnlineApplicationParameter(oaUrl); + } catch (ConfigurationException e) { + Logger.error("Error on building HTMl form for online mandates: " + e.getMessage()); + throw new BuildException("builder.03", null); + } + + OnlineMandatesTemplates[] templatesOnlineMandates = oaParam.getTemplateOnlineMandates(); + if (templatesOnlineMandates == null) { + // no templates given + htmlForm = DEFAULT_HTML_TEMPLATE_IFRAME_FOR_MANDATES; + htmlForm = replaceTag(htmlForm, BKU_TAG, bkuURL, true, ALL); + htmlForm = replaceTag(htmlForm, XMLREQUEST_TAG, encodeParameter(xmlRequest), true, ALL); + htmlForm = replaceTag(htmlForm, DATAURL_TAG, dataURL, true, ALL); + } else { + String moaidTemplateUrl = null; + String mandateTemplateUrl = null; + // check for configured bku URL + for (int i = 0; i < templatesOnlineMandates.length; i++) { + if (templatesOnlineMandates[i].getBkuURL().compareToIgnoreCase(bkuURL) == 0) { + moaidTemplateUrl = templatesOnlineMandates[i].getMoaIdTemplateURL(); + mandateTemplateUrl = templatesOnlineMandates[i].getMandatesTemplateURL(); + } + } + if (moaidTemplateUrl == null || mandateTemplateUrl == null) { + Logger.debug("Configured and used BKU URL are not equal. So standard template is used."); + htmlForm = DEFAULT_HTML_TEMPLATE_IFRAME_FOR_MANDATES; + htmlForm = replaceTag(htmlForm, BKU_TAG, bkuURL, true, ALL); + htmlForm = replaceTag(htmlForm, XMLREQUEST_TAG, encodeParameter(xmlRequest), true, ALL); + htmlForm = replaceTag(htmlForm, DATAURL_TAG, dataURL, true, ALL); + } else { + // use configured templates + String moaidTemplate; + String mandateTemplate; + try { + moaidTemplate = new String(FileUtils.readURL(moaidTemplateUrl)); + } catch (IOException ex) { + throw new BuildException("auth.03", new Object[] { moaidTemplateUrl, ex.toString()},ex); + } + try { + mandateTemplate = new String(FileUtils.readURL(mandateTemplateUrl)); + } catch (IOException ex) { + throw new BuildException("auth.03", new Object[] { mandateTemplateUrl, ex.toString()},ex); + } + + + // Mandatem template with iFrame + htmlForm = mandateTemplate; + + + // HTML form with XML signature request, which is filled into the iFrame + String htmlFormiFrame = moaidTemplate; + htmlFormiFrame = replaceTag(htmlFormiFrame, BKU_TAG, bkuURL, true, ALL); + htmlFormiFrame = replaceTag(htmlFormiFrame, XMLREQUEST_TAG, encodeParameter(xmlRequest), true, ALL); + htmlFormiFrame = replaceTag(htmlFormiFrame, DATAURL_TAG, dataURL, true, ALL); + htmlFormiFrame = htmlFormiFrame.replaceAll("\"", "\\\""); + htmlFormiFrame = htmlFormiFrame.replaceAll("'", "\\\\'"); + + // add writeln('[data]') for each line in the iframe + BufferedReader reader = new BufferedReader(new StringReader(htmlFormiFrame)); + String str; + String htmlFormiFrameWriteLn = ""; + try { + while ((str = reader.readLine()) != null) { + if (str.length() > 0) + htmlFormiFrameWriteLn += "writeln('" + str + "');"; + } + } catch(IOException e) { + throw new BuildException("builder.03", null); + } + + htmlForm = replaceTag(htmlForm, MANDATE_TAG, htmlFormiFrameWriteLn, true, ALL); + + } + + } + + return htmlForm; + } + /** * Encodes a string for inclusion as a parameter in the form. * Double quotes are substituted by "&quot;". diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/builder/SAMLArtifactBuilder.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/builder/SAMLArtifactBuilder.java index f0e9c7484..c94eb0b25 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/builder/SAMLArtifactBuilder.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/builder/SAMLArtifactBuilder.java @@ -64,6 +64,10 @@ public class SAMLArtifactBuilder { byte[] sourceID; // alternative sourceId String alternativeSourceID = AuthConfigurationProvider.getInstance().getGenericConfigurationParameter(GENERIC_CONFIG_PARAM_SOURCEID); + + System.out.println("alternativeSourceID: " + alternativeSourceID); + System.out.println("authURL: " + authURL); + if (!ParepUtils.isEmpty(alternativeSourceID)) { // if generic config parameter "AuthenticationServer.SourceID" is given, use that sourceID instead of authURL; sourceID = md.digest(alternativeSourceID.getBytes()); @@ -71,6 +75,9 @@ public class SAMLArtifactBuilder { } else { sourceID = md.digest(authURL.getBytes()); } + + System.out.println("sourceID: " + new String(sourceID)); + byte[] assertionHandle = md.digest(sessionID.getBytes()); ByteArrayOutputStream out = new ByteArrayOutputStream(42); out.write(0); @@ -78,7 +85,9 @@ public class SAMLArtifactBuilder { out.write(sourceID, 0, 20); out.write(assertionHandle, 0, 20); byte[] samlArtifact = out.toByteArray(); + System.out.println("samlArtifact: " + new String(samlArtifact)); String samlArtifactBase64 = Base64Utils.encode(samlArtifact); + System.out.println("samlArtifact Base64: " + samlArtifactBase64); return samlArtifactBase64; } catch (Throwable ex) { diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/data/AuthenticationSession.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/data/AuthenticationSession.java index 554b5012e..3d040d476 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/data/AuthenticationSession.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/data/AuthenticationSession.java @@ -64,6 +64,7 @@ public class AuthenticationSession { * HTML template URL */ private String templateURL; + /** * URL of the BKU */ @@ -363,14 +364,16 @@ public class AuthenticationSession { public String getTemplateURL() { return templateURL; } - + + /** * @param string the template URL */ public void setTemplateURL(String string) { templateURL = string; } - + + /** * Returns the SAML Attributes to be appended to the AUTHBlock. Maybe null. * diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/GetMISSessionIDServlet.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/GetMISSessionIDServlet.java index 4c0abdb0f..0270eb3cb 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/GetMISSessionIDServlet.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/GetMISSessionIDServlet.java @@ -16,6 +16,7 @@ import javax.servlet.http.HttpServletResponse; import org.apache.commons.fileupload.FileUploadException; import org.apache.commons.lang.StringEscapeUtils; +import at.gv.egovernment.moa.id.AuthenticationException; import at.gv.egovernment.moa.id.BuildException; import at.gv.egovernment.moa.id.MOAIDException; import at.gv.egovernment.moa.id.auth.AuthenticationServer; @@ -32,6 +33,7 @@ import at.gv.egovernment.moa.id.util.client.mis.simple.MISMandate; import at.gv.egovernment.moa.id.util.client.mis.simple.MISSimpleClient; import at.gv.egovernment.moa.id.util.client.mis.simple.MISSimpleClientException; import at.gv.egovernment.moa.logging.Logger; +import at.gv.egovernment.moa.util.FileUtils; /** * Servlet requested for getting the foreign eID @@ -143,8 +145,8 @@ public class GetMISSessionIDServlet extends AuthServlet { session.getSessionID()); Logger.debug(createXMLSignatureRequestOrRedirect); - - String request = getHTMLForm(createXMLSignatureRequestOrRedirect, session.getBkuURL(), dataurl); + + String request = getHTMLForm(createXMLSignatureRequestOrRedirect, session.getBkuURL(), dataurl, session.getPublicOAURLPrefix()); resp.setContentType("text/html;charset=UTF-8"); PrintWriter out = new PrintWriter(resp.getOutputStream()); @@ -164,8 +166,8 @@ public class GetMISSessionIDServlet extends AuthServlet { } } - private static String getHTMLForm(String request, String bkuURI, String dataURL) throws BuildException { - return new GetIdentityLinkFormBuilder().buildCreateSignature(bkuURI, request, dataURL); + private static String getHTMLForm(String request, String bkuURI, String dataURL, String oaUrl) throws BuildException { + return new GetIdentityLinkFormBuilder().buildCreateSignature(bkuURI, request, dataURL, oaUrl); } diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/VerifyAuthenticationBlockServlet.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/VerifyAuthenticationBlockServlet.java index f1fb15be0..44a1f3098 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/VerifyAuthenticationBlockServlet.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/VerifyAuthenticationBlockServlet.java @@ -102,6 +102,7 @@ public class VerifyAuthenticationBlockServlet extends AuthServlet { resp.setHeader(MOAIDAuthConstants.HEADER_PRAGMA,MOAIDAuthConstants.HEADER_VALUE_PRAGMA); resp.setHeader(MOAIDAuthConstants.HEADER_CACHE_CONTROL,MOAIDAuthConstants.HEADER_VALUE_CACHE_CONTROL); resp.addHeader(MOAIDAuthConstants.HEADER_CACHE_CONTROL,MOAIDAuthConstants.HEADER_VALUE_CACHE_CONTROL_IE); + Map parameters; try @@ -142,8 +143,10 @@ public class VerifyAuthenticationBlockServlet extends AuthServlet { } resp.setContentType("text/html"); resp.setStatus(302); - resp.addHeader("Location", redirectURL); + + resp.addHeader("Location", redirectURL); Logger.debug("REDIRECT TO: " + redirectURL); + } catch (MOAIDException ex) { diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/ConfigurationBuilder.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/ConfigurationBuilder.java index b5275cdd5..5a598b03d 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/ConfigurationBuilder.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/ConfigurationBuilder.java @@ -94,6 +94,13 @@ public class ConfigurationBuilder { /** an XPATH-Expression */ protected static final String AUTH_TEMPLATE_XPATH = ROOT + CONF + "AuthComponent/" + CONF + "Templates/" + CONF + "Template/@URL"; + /** an XPATH-Expression */ + public static final String AUTH_TEMPLATE_ONLINEMANDATES_BKU_XPATH = + ROOT + CONF + "AuthComponent/" + CONF + "Templates/" + CONF + "OnlineMandates/" + CONF + "BKU"; + + + //protected static final String AUTH_MANDATE_TEMPLATE_XPATH = +// ROOT + CONF + "AuthComponent/" + CONF + "Templates/" + CONF + "MandateTemplate/@URL"; /** an XPATH-Expression */ protected static final String INPUT_PROCESSOR_TEMPLATE_XPATH = ROOT + CONF + "AuthComponent/" + CONF + "Templates/" + CONF + "InputProcessorSignTemplate/@URL"; @@ -145,6 +152,11 @@ public class ConfigurationBuilder { /** an XPATH-Expression */ protected static final String OA_AUTH_COMPONENT_TEMPLATE_XPATH = CONF + "Templates/" + CONF + "Template/@URL"; + /** an XPATH-Expression */ + public static final String OA_AUTH_COMPONENT_TEMPLATE_ONLINEMANDATES_BKU_XPATH = + CONF + "Templates/" + CONF + "OnlineMandates/" + CONF + "BKU"; + //protected static final String OA_AUTH_COMPONENT_MANDATE_TEMPLATE_XPATH = + //CONF + "Templates/" + CONF + "MandateTemplate/@URL"; /** an XPATH-Expression */ protected static final String OA_AUTH_COMPONENT_TRANSFORMS_INFO_FILENAME_XPATH = CONF + "TransformsInfo/@filename"; /** an XPATH-Expression */ @@ -465,10 +477,12 @@ public class ConfigurationBuilder { String bkuSelectionTemplateURL = XPathUtils.getAttributeValue(configElem_, AUTH_BKUSELECT_TEMPLATE_XPATH, null); String templateURL = - XPathUtils.getAttributeValue(configElem_, AUTH_TEMPLATE_XPATH, null); + XPathUtils.getAttributeValue(configElem_, AUTH_TEMPLATE_XPATH, null); String inputProcessorSignTemplateURL = XPathUtils.getAttributeValue(configElem_, INPUT_PROCESSOR_TEMPLATE_XPATH, null); + OnlineMandatesTemplates[] templatesOnlineMandates = buildTemplateOnlineMandates(configElem_); + List OA_set = new ArrayList(); NodeList OAIter = XPathUtils.selectNodeList(configElem_, OA_XPATH); @@ -536,7 +550,9 @@ public class ConfigurationBuilder { oap.setProvideIdentityLink(BoolUtils.valueOf(authComponent.getAttribute("provideIdentityLink"))); oap.setProvideCertificate(BoolUtils.valueOf(authComponent.getAttribute("provideCertificate"))); oap.setBkuSelectionTemplateURL(buildTemplateURL(authComponent, OA_AUTH_COMPONENT_BKUSELECT_TEMPLATE_XPATH, bkuSelectionTemplateURL)); - oap.setTemplateURL(buildTemplateURL(authComponent, OA_AUTH_COMPONENT_TEMPLATE_XPATH, templateURL)); + oap.setTemplateURL(buildTemplateURL(authComponent, OA_AUTH_COMPONENT_TEMPLATE_XPATH, templateURL)); + oap.setTemplateOnlineMandates(buildTemplateOnlineMandatesOA(authComponent, templatesOnlineMandates)); + oap.setInputProcessorSignTemplateURL(buildTemplateURL(authComponent, INPUT_PROCESSOR_TEMPLATE_XPATH, inputProcessorSignTemplateURL)); // load OA specific transforms if present String[] transformsInfoFileNames = buildTransformsInfoFileNames(authComponent, OA_AUTH_COMPONENT_TRANSFORMS_INFO_FILENAME_XPATH); @@ -590,6 +606,77 @@ public class ConfigurationBuilder { } return templateURL; } + + + + protected OnlineMandatesTemplates[] buildTemplateOnlineMandates(Node contextNode) { + String xpathExpr = AUTH_TEMPLATE_ONLINEMANDATES_BKU_XPATH; + List onlineMandatesTemplatesList = new ArrayList(); + + NodeIterator bkuIter = XPathUtils.selectNodeIterator(contextNode, xpathExpr); + + Element bkuElem; + while ((bkuElem = (Element) bkuIter.nextNode()) != null) { + String bkuUrl = XPathUtils.getAttributeValue(bkuElem, "@URL", null); + String moaidTemplateUrl = XPathUtils.getAttributeValue(bkuElem, CONF + "MOA-ID-Template/@URL", null); + String mandateTemplateUrl = XPathUtils.getAttributeValue(bkuElem, CONF + "MandateTemplate/@URL", null); + + OnlineMandatesTemplates template = new OnlineMandatesTemplates(); + template.setBkuURL(bkuUrl); + if (moaidTemplateUrl != null) { + moaidTemplateUrl = FileUtils.makeAbsoluteURL(moaidTemplateUrl, rootConfigFileDir_); + } + if (moaidTemplateUrl != null) { + mandateTemplateUrl = FileUtils.makeAbsoluteURL(mandateTemplateUrl, rootConfigFileDir_); + } + template.setMoaIdTemplateURL(moaidTemplateUrl); + template.setMandatesTemplateURL(mandateTemplateUrl); + + onlineMandatesTemplatesList.add(template); + + } + + if (onlineMandatesTemplatesList.isEmpty()) + return null; + + OnlineMandatesTemplates[] onlinemandatesTemplates = new OnlineMandatesTemplates[onlineMandatesTemplatesList.size()]; + onlineMandatesTemplatesList.toArray(onlinemandatesTemplates); + + return onlinemandatesTemplates; + + } + + protected OnlineMandatesTemplates[] buildTemplateOnlineMandatesOA(Node contextNode, OnlineMandatesTemplates[] defaultTemplatesOnlineMandates) { + + String xpathExpr = OA_AUTH_COMPONENT_TEMPLATE_ONLINEMANDATES_BKU_XPATH; + List onlineMandatesTemplatesList = new ArrayList(); + + NodeIterator bkuIter = XPathUtils.selectNodeIterator(contextNode, xpathExpr); + + Element bkuElem; + while ((bkuElem = (Element) bkuIter.nextNode()) != null) { + String bkuUrl = XPathUtils.getAttributeValue(bkuElem, "@URL", null); + String moaidTemplateUrl = XPathUtils.getAttributeValue(bkuElem, CONF + "MOA-ID-Template/@URL", null); + String mandateTemplateUrl = XPathUtils.getAttributeValue(bkuElem, CONF + "MandateTemplate/@URL", null); + + OnlineMandatesTemplates template = new OnlineMandatesTemplates(); + template.setBkuURL(bkuUrl); + template.setMoaIdTemplateURL(moaidTemplateUrl); + template.setMandatesTemplateURL(mandateTemplateUrl); + + onlineMandatesTemplatesList.add(template); + + } + + if (onlineMandatesTemplatesList.isEmpty()) + return defaultTemplatesOnlineMandates; + + OnlineMandatesTemplates[] onlinemandatesTemplates = new OnlineMandatesTemplates[onlineMandatesTemplatesList.size()]; + onlineMandatesTemplatesList.toArray(onlinemandatesTemplates); + + return onlinemandatesTemplates; + + } /** diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/OnlineMandatesTemplates.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/OnlineMandatesTemplates.java new file mode 100644 index 000000000..9ff2467a0 --- /dev/null +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/OnlineMandatesTemplates.java @@ -0,0 +1,54 @@ +package at.gv.egovernment.moa.id.config; + +public class OnlineMandatesTemplates { + + private String bkuURL; + + private String moaIdTemplateURL; + + private String mandatesTemplateURL; + + /** + * @return the bkuURL + */ + public String getBkuURL() { + return bkuURL; + } + + /** + * @param bkuURL the bkuURL to set + */ + public void setBkuURL(String bkuURL) { + this.bkuURL = bkuURL; + } + + /** + * @return the moaIdTemplateURL + */ + public String getMoaIdTemplateURL() { + return moaIdTemplateURL; + } + + /** + * @param moaIdTemplateURL the moaIdTemplateURL to set + */ + public void setMoaIdTemplateURL(String moaIdTemplateURL) { + this.moaIdTemplateURL = moaIdTemplateURL; + } + + /** + * @return the mandatesTemplateURL + */ + public String getMandatesTemplateURL() { + return mandatesTemplateURL; + } + + /** + * @param mandatesTemplateURL the mandatesTemplateURL to set + */ + public void setMandatesTemplateURL(String mandatesTemplateURL) { + this.mandatesTemplateURL = mandatesTemplateURL; + } + + +} diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/auth/OAAuthParameter.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/auth/OAAuthParameter.java index aa5aa21a3..fbaf32c1c 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/auth/OAAuthParameter.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/auth/OAAuthParameter.java @@ -16,6 +16,7 @@ package at.gv.egovernment.moa.id.config.auth; import at.gv.egovernment.moa.id.config.OAParameter; +import at.gv.egovernment.moa.id.config.OnlineMandatesTemplates; /** * Configuration parameters belonging to an online application, @@ -79,6 +80,8 @@ public class OAAuthParameter extends OAParameter { * template for web page "Anmeldung mit Bürgerkarte" */ private String templateURL; + + private OnlineMandatesTemplates[] templateOnlineMandates; /** * template for web page "Signatur der Anmeldedaten" */ @@ -167,7 +170,8 @@ public class OAAuthParameter extends OAParameter { return provideCertificate; } - /** + +/** * Returns the key box identifier. * @return String */ @@ -193,6 +197,7 @@ public class OAAuthParameter extends OAParameter { return templateURL; } + /** * Returns the inputProcessorSignTemplateURL url. * @return The inputProcessorSignTemplateURL url or null if no url for @@ -239,6 +244,21 @@ public class OAAuthParameter extends OAParameter { this.transformsInfos = transformsInfos; } /** + * @return the templateOnlineMandates + */ +public OnlineMandatesTemplates[] getTemplateOnlineMandates() { + return templateOnlineMandates; +} + +/** + * @param templateOnlineMandates the templateOnlineMandates to set + */ +public void setTemplateOnlineMandates( + OnlineMandatesTemplates[] templateOnlineMandates) { + this.templateOnlineMandates = templateOnlineMandates; +} + +/** * Sets the provideAuthBlock. * @param provideAuthBlock The provideAuthBlock to set */ @@ -295,7 +315,7 @@ public class OAAuthParameter extends OAParameter { public void setTemplateURL(String templateURL) { this.templateURL = templateURL; } - + /** * Sets the input processor sign form template url. * -- cgit v1.2.3