From dd7dc7d427b9798c7e7d3a8fd6bbd407911650a9 Mon Sep 17 00:00:00 2001 From: Thomas Lenz Date: Fri, 9 Oct 2015 11:13:10 +0200 Subject: move BKU Authentication preprocessing into a seperate task. The GenerateIFrameTemplateServlet only put all request parameters into process-managment context --- .../StartAuthentificationParameterParser.java | 19 ++-- .../servlet/GenerateIFrameTemplateServlet.java | 123 +++++---------------- .../moa/id/moduls/AuthenticationManager.java | 30 ++--- 3 files changed, 55 insertions(+), 117 deletions(-) (limited to 'id/server/idserverlib/src/main') diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/parser/StartAuthentificationParameterParser.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/parser/StartAuthentificationParameterParser.java index 998aa67eb..004961116 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/parser/StartAuthentificationParameterParser.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/parser/StartAuthentificationParameterParser.java @@ -38,6 +38,7 @@ import at.gv.egovernment.moa.id.config.TargetToSectorNameMapper; import at.gv.egovernment.moa.id.config.auth.AuthConfigurationProviderFactory; import at.gv.egovernment.moa.id.config.auth.OAAuthParameter; import at.gv.egovernment.moa.id.moduls.IRequest; +import at.gv.egovernment.moa.id.process.api.ExecutionContext; import at.gv.egovernment.moa.id.util.ParamValidatorUtils; import at.gv.egovernment.moa.logging.Logger; import at.gv.egovernment.moa.util.FileUtils; @@ -279,7 +280,7 @@ public class StartAuthentificationParameterParser extends MOAIDAuthConstants{ } - public static void parse(HttpServletRequest req, HttpServletResponse resp, + public static void parse(ExecutionContext ec, HttpServletRequest req, AuthenticationSession moasession, IRequest request) throws WrongParametersException, MOAIDException { @@ -299,12 +300,12 @@ public class StartAuthentificationParameterParser extends MOAIDAuthConstants{ moasession.setAction(action); //get Parameters from request - String target = req.getParameter(PARAM_TARGET); - String oaURL = req.getParameter(PARAM_OA); - String bkuURL = req.getParameter(PARAM_BKU); - String templateURL = req.getParameter(PARAM_TEMPLATE); - String useMandate = req.getParameter(PARAM_USEMANDATE); - String ccc = req.getParameter(PARAM_CCC); + String target = (String) ec.get(PARAM_TARGET); + String oaURL = (String) ec.get(PARAM_OA); + String bkuURL = (String) ec.get(PARAM_BKU); + String templateURL = (String) ec.get(PARAM_TEMPLATE); + String useMandate = (String) ec.get(PARAM_USEMANDATE); + String ccc = (String) ec.get(PARAM_CCC); if (request.getOnlineApplicationConfiguration() != null && request.getOnlineApplicationConfiguration().isOnlyMandateAllowed()) { @@ -313,8 +314,7 @@ public class StartAuthentificationParameterParser extends MOAIDAuthConstants{ useMandate = String.valueOf(request.getOnlineApplicationConfiguration().isOnlyMandateAllowed()); } - - + oaURL = request.getOAURL(); target = request.getTarget(); @@ -332,4 +332,5 @@ public class StartAuthentificationParameterParser extends MOAIDAuthConstants{ private static boolean isEmpty(String param) { return param == null || param.length() == 0; } + } diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/GenerateIFrameTemplateServlet.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/GenerateIFrameTemplateServlet.java index 6feb0b260..2a63968dd 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/GenerateIFrameTemplateServlet.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/GenerateIFrameTemplateServlet.java @@ -23,7 +23,9 @@ package at.gv.egovernment.moa.id.auth.servlet; import java.io.IOException; +import java.util.Enumeration; import java.util.List; +import java.util.Map; import javax.servlet.ServletException; import javax.servlet.http.HttpServletRequest; @@ -66,27 +68,13 @@ public class GenerateIFrameTemplateServlet extends AuthServlet { String pendingRequestID = null; try { - String bkuid = req.getParameter(MOAIDAuthConstants.PARAM_BKU); - String useMandate = req.getParameter(MOAIDAuthConstants.PARAM_USEMANDATE); - String ccc = req.getParameter(MOAIDAuthConstants.PARAM_CCC); - String moasessionid = req.getParameter(MOAIDAuthConstants.PARAM_SESSIONID); - - moasessionid = StringEscapeUtils.escapeHtml(moasessionid); - - AuthenticationSession moasession = null; - - if (MiscUtil.isEmpty(bkuid) || MiscUtil.isEmpty(moasessionid)) { - Logger.warn("MOASessionID or BKU-type is empty. Maybe an old BKU-selection template is in use."); - throw new MOAIDException("auth.23", new Object[] {}); - } - + String moasessionid = req.getParameter(MOAIDAuthConstants.PARAM_SESSIONID); + moasessionid = StringEscapeUtils.escapeHtml(moasessionid); + AuthenticationSession moasession = null; try { - pendingRequestID = AuthenticationSessionStoreage.getPendingRequestID(moasessionid); - + pendingRequestID = AuthenticationSessionStoreage.getPendingRequestID(moasessionid); moasession = AuthenticationSessionStoreage.getSession(moasessionid); - -// AuthenticationSessionStoreage.changeSessionID(moasession); - + } catch (MOADatabaseException e) { Logger.info("MOASession with SessionID="+ moasessionid + " is not found in Database"); throw new MOAIDException("init.04", new Object[] { @@ -97,89 +85,36 @@ public class GenerateIFrameTemplateServlet extends AuthServlet { throw new MOAIDException("auth.18", new Object[] {}); } - //load OA Config - OAAuthParameter oaParam = AuthConfigurationProviderFactory.getInstance() - .getOnlineApplicationParameter(moasession.getOAURLRequested()); - - if (oaParam == null) - throw new AuthenticationException("auth.00", new Object[] { moasession.getOAURLRequested() }); - - else { - - //get Target from config or from request in case of SAML 1 - String target = null; - IRequest pendingReq = RequestStorage.getPendingRequest(pendingRequestID); - if (pendingReq == null) { - Logger.info("No PendingRequest with Id: " + pendingRequestID + " Maybe, a transaction timeout occure."); - throw new MOAIDException("auth.28", new Object[]{pendingRequestID}); - - } - - MOAReversionLogger.getInstance().logEvent(pendingReq.getOnlineApplicationConfiguration(), - pendingReq, MOAIDEventConstants.AUTHPROCESS_BKUTYPE_SELECTED, bkuid); - - if (MiscUtil.isNotEmpty(pendingReq.getTarget()) && - pendingReq.requestedModule().equals("id_saml1")) - target = pendingReq.getTarget(); - else - target = oaParam.getTarget(); - - String bkuURL = oaParam.getBKUURL(bkuid); - if (MiscUtil.isEmpty(bkuURL)) { - Logger.info("No OA specific BKU defined. Use BKU from default configuration"); - bkuURL = AuthConfigurationProviderFactory.getInstance().getDefaultBKUURL(bkuid); - } - - //search for OA specific template - String templateURL = null; - List oaTemplateURLList = oaParam.getTemplateURL(); - if ( oaTemplateURLList != null && oaTemplateURLList.size() > 0 - && MiscUtil.isNotEmpty(oaTemplateURLList.get(0)) ) { - templateURL = oaTemplateURLList.get(0); - - } else { - templateURL = AuthConfigurationProviderFactory.getInstance().getSLRequestTemplates(bkuid); - } - - //make url absolut if it is a local url - if (MiscUtil.isNotEmpty(templateURL)) - templateURL = FileUtils.makeAbsoluteURL(templateURL, - AuthConfigurationProviderFactory.getInstance().getRootConfigFileDir()); - - if (oaParam.isOnlyMandateAllowed()) - useMandate = "true"; - - if (!oaParam.isShowMandateCheckBox()) - useMandate = "false"; - - //parse all OA parameters i - StartAuthentificationParameterParser.parse(moasession, - target, - moasession.getOAURLRequested(), - bkuURL, - templateURL, - useMandate, - ccc, - moasession.getModul(), - moasession.getAction(), - req); - } + ExecutionContext ec = new ExecutionContextImpl(); - // set execution context - ec.put("ccc", moasession.getCcc()); - ec.put("useMandate", moasession.getUseMandate()); - ec.put("bkuURL", moasession.getBkuURL()); + // set execution context + Enumeration reqParamNames = req.getParameterNames(); + while(reqParamNames.hasMoreElements()) { + String paramName = reqParamNames.nextElement(); + if (MiscUtil.isNotEmpty(paramName)) + ec.put(paramName, req.getParameter(paramName)); + + } + ec.put("pendingRequestID", pendingRequestID); - + ec.put(MOAIDAuthConstants.PARAM_SESSIONID, moasessionid); + +// String bkuid = req.getParameter(MOAIDAuthConstants.PARAM_BKU); +// String useMandate = req.getParameter(MOAIDAuthConstants.PARAM_USEMANDATE); +// String ccc = req.getParameter(MOAIDAuthConstants.PARAM_CCC); +// ec.put("ccc", moasession.getCcc()); +// ec.put("useMandate", moasession.getUseMandate()); +// ec.put("bkuURL", moasession.getBkuURL()); + // select and create process instance String processDefinitionId = ModuleRegistration.getInstance().selectProcess(ec); - String processInstanceId = getProcessEngine().createProcessInstance(processDefinitionId, ec); - if (processDefinitionId == null) { Logger.warn("No suitable process found for SessionID " + moasession.getSessionID()); throw new MOAIDException("process.02", new Object[] { moasession.getSessionID() }); - } + } + + String processInstanceId = getProcessEngine().createProcessInstance(processDefinitionId, ec); // keep process instance id in moa session moasession.setProcessInstanceId(processInstanceId); diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/moduls/AuthenticationManager.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/moduls/AuthenticationManager.java index 11fa2bb42..39cb5b9c8 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/moduls/AuthenticationManager.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/moduls/AuthenticationManager.java @@ -28,6 +28,7 @@ import java.lang.reflect.InvocationTargetException; import java.security.NoSuchAlgorithmException; import java.util.ArrayList; import java.util.Collection; +import java.util.Enumeration; import java.util.Iterator; import java.util.List; import java.util.Map.Entry; @@ -623,21 +624,22 @@ public class AuthenticationManager extends MOAIDAuthConstants { try { if (legacyallowed && legacyparamavail) { - - //parse request parameter into MOASession - StartAuthentificationParameterParser.parse(request, response, moasession, target); - - Logger.info("Start Authentication Module: " + moasession.getModul() - + " Action: " + moasession.getAction()); - - // create execution context + + // create execution context ExecutionContext executionContext = new ExecutionContextImpl(); - executionContext.put("ccc", moasession.getCcc()); - executionContext.put("useMandate", moasession.getUseMandate()); - executionContext.put("bkuURL", moasession.getBkuURL()); - executionContext.put(PARAM_SESSIONID, moasession.getSessionID()); + executionContext.put(MOAIDAuthConstants.PARAM_SESSIONID, moasession.getSessionID()); executionContext.put("pendingRequestID", target.getRequestID()); - + + executionContext.put("isLegacyRequest", true); + + Enumeration reqParamNames = request.getParameterNames(); + while(reqParamNames.hasMoreElements()) { + String paramName = reqParamNames.nextElement(); + if (MiscUtil.isNotEmpty(paramName)) + executionContext.put(paramName, request.getParameter(paramName)); + + } + // create process instance String processDefinitionId = ModuleRegistration.getInstance().selectProcess(executionContext); @@ -660,7 +662,7 @@ public class AuthenticationManager extends MOAIDAuthConstants { throw new MOAIDException("init.04", new Object[] { moasession.getSessionID()}); } - + // start process processEngine.start(processInstanceId); -- cgit v1.2.3