From dd7dc7d427b9798c7e7d3a8fd6bbd407911650a9 Mon Sep 17 00:00:00 2001
From: Thomas Lenz <tlenz@iaik.tugraz.at>
Date: Fri, 9 Oct 2015 11:13:10 +0200
Subject: move BKU Authentication preprocessing into a seperate task. The
GenerateIFrameTemplateServlet only put all request parameters into
process-managment context
---
.../StartAuthentificationParameterParser.java | 19 ++--
.../servlet/GenerateIFrameTemplateServlet.java | 123 +++++----------------
.../moa/id/moduls/AuthenticationManager.java | 30 ++---
3 files changed, 55 insertions(+), 117 deletions(-)
(limited to 'id/server/idserverlib/src/main/java')
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/parser/StartAuthentificationParameterParser.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/parser/StartAuthentificationParameterParser.java
index 998aa67eb..004961116 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/parser/StartAuthentificationParameterParser.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/parser/StartAuthentificationParameterParser.java
@@ -38,6 +38,7 @@ import at.gv.egovernment.moa.id.config.TargetToSectorNameMapper;
import at.gv.egovernment.moa.id.config.auth.AuthConfigurationProviderFactory;
import at.gv.egovernment.moa.id.config.auth.OAAuthParameter;
import at.gv.egovernment.moa.id.moduls.IRequest;
+import at.gv.egovernment.moa.id.process.api.ExecutionContext;
import at.gv.egovernment.moa.id.util.ParamValidatorUtils;
import at.gv.egovernment.moa.logging.Logger;
import at.gv.egovernment.moa.util.FileUtils;
@@ -279,7 +280,7 @@ public class StartAuthentificationParameterParser extends MOAIDAuthConstants{
}
- public static void parse(HttpServletRequest req, HttpServletResponse resp,
+ public static void parse(ExecutionContext ec, HttpServletRequest req,
AuthenticationSession moasession, IRequest request) throws WrongParametersException, MOAIDException {
@@ -299,12 +300,12 @@ public class StartAuthentificationParameterParser extends MOAIDAuthConstants{
moasession.setAction(action);
//get Parameters from request
- String target = req.getParameter(PARAM_TARGET);
- String oaURL = req.getParameter(PARAM_OA);
- String bkuURL = req.getParameter(PARAM_BKU);
- String templateURL = req.getParameter(PARAM_TEMPLATE);
- String useMandate = req.getParameter(PARAM_USEMANDATE);
- String ccc = req.getParameter(PARAM_CCC);
+ String target = (String) ec.get(PARAM_TARGET);
+ String oaURL = (String) ec.get(PARAM_OA);
+ String bkuURL = (String) ec.get(PARAM_BKU);
+ String templateURL = (String) ec.get(PARAM_TEMPLATE);
+ String useMandate = (String) ec.get(PARAM_USEMANDATE);
+ String ccc = (String) ec.get(PARAM_CCC);
if (request.getOnlineApplicationConfiguration() != null &&
request.getOnlineApplicationConfiguration().isOnlyMandateAllowed()) {
@@ -313,8 +314,7 @@ public class StartAuthentificationParameterParser extends MOAIDAuthConstants{
useMandate = String.valueOf(request.getOnlineApplicationConfiguration().isOnlyMandateAllowed());
}
-
-
+
oaURL = request.getOAURL();
target = request.getTarget();
@@ -332,4 +332,5 @@ public class StartAuthentificationParameterParser extends MOAIDAuthConstants{
private static boolean isEmpty(String param) {
return param == null || param.length() == 0;
}
+
}
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/GenerateIFrameTemplateServlet.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/GenerateIFrameTemplateServlet.java
index 6feb0b260..2a63968dd 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/GenerateIFrameTemplateServlet.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/GenerateIFrameTemplateServlet.java
@@ -23,7 +23,9 @@
package at.gv.egovernment.moa.id.auth.servlet;
import java.io.IOException;
+import java.util.Enumeration;
import java.util.List;
+import java.util.Map;
import javax.servlet.ServletException;
import javax.servlet.http.HttpServletRequest;
@@ -66,27 +68,13 @@ public class GenerateIFrameTemplateServlet extends AuthServlet {
String pendingRequestID = null;
try {
- String bkuid = req.getParameter(MOAIDAuthConstants.PARAM_BKU);
- String useMandate = req.getParameter(MOAIDAuthConstants.PARAM_USEMANDATE);
- String ccc = req.getParameter(MOAIDAuthConstants.PARAM_CCC);
- String moasessionid = req.getParameter(MOAIDAuthConstants.PARAM_SESSIONID);
-
- moasessionid = StringEscapeUtils.escapeHtml(moasessionid);
-
- AuthenticationSession moasession = null;
-
- if (MiscUtil.isEmpty(bkuid) || MiscUtil.isEmpty(moasessionid)) {
- Logger.warn("MOASessionID or BKU-type is empty. Maybe an old BKU-selection template is in use.");
- throw new MOAIDException("auth.23", new Object[] {});
- }
-
+ String moasessionid = req.getParameter(MOAIDAuthConstants.PARAM_SESSIONID);
+ moasessionid = StringEscapeUtils.escapeHtml(moasessionid);
+ AuthenticationSession moasession = null;
try {
- pendingRequestID = AuthenticationSessionStoreage.getPendingRequestID(moasessionid);
-
+ pendingRequestID = AuthenticationSessionStoreage.getPendingRequestID(moasessionid);
moasession = AuthenticationSessionStoreage.getSession(moasessionid);
-
-// AuthenticationSessionStoreage.changeSessionID(moasession);
-
+
} catch (MOADatabaseException e) {
Logger.info("MOASession with SessionID="+ moasessionid + " is not found in Database");
throw new MOAIDException("init.04", new Object[] {
@@ -97,89 +85,36 @@ public class GenerateIFrameTemplateServlet extends AuthServlet {
throw new MOAIDException("auth.18", new Object[] {});
}
- //load OA Config
- OAAuthParameter oaParam = AuthConfigurationProviderFactory.getInstance()
- .getOnlineApplicationParameter(moasession.getOAURLRequested());
-
- if (oaParam == null)
- throw new AuthenticationException("auth.00", new Object[] { moasession.getOAURLRequested() });
-
- else {
-
- //get Target from config or from request in case of SAML 1
- String target = null;
- IRequest pendingReq = RequestStorage.getPendingRequest(pendingRequestID);
- if (pendingReq == null) {
- Logger.info("No PendingRequest with Id: " + pendingRequestID + " Maybe, a transaction timeout occure.");
- throw new MOAIDException("auth.28", new Object[]{pendingRequestID});
-
- }
-
- MOAReversionLogger.getInstance().logEvent(pendingReq.getOnlineApplicationConfiguration(),
- pendingReq, MOAIDEventConstants.AUTHPROCESS_BKUTYPE_SELECTED, bkuid);
-
- if (MiscUtil.isNotEmpty(pendingReq.getTarget()) &&
- pendingReq.requestedModule().equals("id_saml1"))
- target = pendingReq.getTarget();
- else
- target = oaParam.getTarget();
-
- String bkuURL = oaParam.getBKUURL(bkuid);
- if (MiscUtil.isEmpty(bkuURL)) {
- Logger.info("No OA specific BKU defined. Use BKU from default configuration");
- bkuURL = AuthConfigurationProviderFactory.getInstance().getDefaultBKUURL(bkuid);
- }
-
- //search for OA specific template
- String templateURL = null;
- List<String> oaTemplateURLList = oaParam.getTemplateURL();
- if ( oaTemplateURLList != null && oaTemplateURLList.size() > 0
- && MiscUtil.isNotEmpty(oaTemplateURLList.get(0)) ) {
- templateURL = oaTemplateURLList.get(0);
-
- } else {
- templateURL = AuthConfigurationProviderFactory.getInstance().getSLRequestTemplates(bkuid);
- }
-
- //make url absolut if it is a local url
- if (MiscUtil.isNotEmpty(templateURL))
- templateURL = FileUtils.makeAbsoluteURL(templateURL,
- AuthConfigurationProviderFactory.getInstance().getRootConfigFileDir());
-
- if (oaParam.isOnlyMandateAllowed())
- useMandate = "true";
-
- if (!oaParam.isShowMandateCheckBox())
- useMandate = "false";
-
- //parse all OA parameters i
- StartAuthentificationParameterParser.parse(moasession,
- target,
- moasession.getOAURLRequested(),
- bkuURL,
- templateURL,
- useMandate,
- ccc,
- moasession.getModul(),
- moasession.getAction(),
- req);
- }
+
ExecutionContext ec = new ExecutionContextImpl();
- // set execution context
- ec.put("ccc", moasession.getCcc());
- ec.put("useMandate", moasession.getUseMandate());
- ec.put("bkuURL", moasession.getBkuURL());
+ // set execution context
+ Enumeration<String> reqParamNames = req.getParameterNames();
+ while(reqParamNames.hasMoreElements()) {
+ String paramName = reqParamNames.nextElement();
+ if (MiscUtil.isNotEmpty(paramName))
+ ec.put(paramName, req.getParameter(paramName));
+
+ }
+
ec.put("pendingRequestID", pendingRequestID);
-
+ ec.put(MOAIDAuthConstants.PARAM_SESSIONID, moasessionid);
+
+// String bkuid = req.getParameter(MOAIDAuthConstants.PARAM_BKU);
+// String useMandate = req.getParameter(MOAIDAuthConstants.PARAM_USEMANDATE);
+// String ccc = req.getParameter(MOAIDAuthConstants.PARAM_CCC);
+// ec.put("ccc", moasession.getCcc());
+// ec.put("useMandate", moasession.getUseMandate());
+// ec.put("bkuURL", moasession.getBkuURL());
+
// select and create process instance
String processDefinitionId = ModuleRegistration.getInstance().selectProcess(ec);
- String processInstanceId = getProcessEngine().createProcessInstance(processDefinitionId, ec);
-
if (processDefinitionId == null) {
Logger.warn("No suitable process found for SessionID " + moasession.getSessionID());
throw new MOAIDException("process.02", new Object[] { moasession.getSessionID() });
- }
+ }
+
+ String processInstanceId = getProcessEngine().createProcessInstance(processDefinitionId, ec);
// keep process instance id in moa session
moasession.setProcessInstanceId(processInstanceId);
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/moduls/AuthenticationManager.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/moduls/AuthenticationManager.java
index 11fa2bb42..39cb5b9c8 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/moduls/AuthenticationManager.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/moduls/AuthenticationManager.java
@@ -28,6 +28,7 @@ import java.lang.reflect.InvocationTargetException;
import java.security.NoSuchAlgorithmException;
import java.util.ArrayList;
import java.util.Collection;
+import java.util.Enumeration;
import java.util.Iterator;
import java.util.List;
import java.util.Map.Entry;
@@ -623,21 +624,22 @@ public class AuthenticationManager extends MOAIDAuthConstants {
try {
if (legacyallowed && legacyparamavail) {
-
- //parse request parameter into MOASession
- StartAuthentificationParameterParser.parse(request, response, moasession, target);
-
- Logger.info("Start Authentication Module: " + moasession.getModul()
- + " Action: " + moasession.getAction());
-
- // create execution context
+
+ // create execution context
ExecutionContext executionContext = new ExecutionContextImpl();
- executionContext.put("ccc", moasession.getCcc());
- executionContext.put("useMandate", moasession.getUseMandate());
- executionContext.put("bkuURL", moasession.getBkuURL());
- executionContext.put(PARAM_SESSIONID, moasession.getSessionID());
+ executionContext.put(MOAIDAuthConstants.PARAM_SESSIONID, moasession.getSessionID());
executionContext.put("pendingRequestID", target.getRequestID());
-
+
+ executionContext.put("isLegacyRequest", true);
+
+ Enumeration<String> reqParamNames = request.getParameterNames();
+ while(reqParamNames.hasMoreElements()) {
+ String paramName = reqParamNames.nextElement();
+ if (MiscUtil.isNotEmpty(paramName))
+ executionContext.put(paramName, request.getParameter(paramName));
+
+ }
+
// create process instance
String processDefinitionId = ModuleRegistration.getInstance().selectProcess(executionContext);
@@ -660,7 +662,7 @@ public class AuthenticationManager extends MOAIDAuthConstants {
throw new MOAIDException("init.04", new Object[] {
moasession.getSessionID()});
}
-
+
// start process
processEngine.start(processInstanceId);
--
cgit v1.2.3