From 2736109c0928c0c1edb787d54e91bf67bbaad849 Mon Sep 17 00:00:00 2001 From: Thomas Lenz Date: Tue, 3 Oct 2017 16:20:11 +0200 Subject: remove mobileBKU and add an additional third BKU --- ...roviderSpecificGUIFormBuilderConfiguration.java | 41 +++++++++++++++++++--- 1 file changed, 36 insertions(+), 5 deletions(-) (limited to 'id/server/moa-id-frontend-resources/src/main') diff --git a/id/server/moa-id-frontend-resources/src/main/java/at/gv/egovernment/moa/id/auth/frontend/builder/AbstractServiceProviderSpecificGUIFormBuilderConfiguration.java b/id/server/moa-id-frontend-resources/src/main/java/at/gv/egovernment/moa/id/auth/frontend/builder/AbstractServiceProviderSpecificGUIFormBuilderConfiguration.java index 4bb4b0e27..a582c8d45 100644 --- a/id/server/moa-id-frontend-resources/src/main/java/at/gv/egovernment/moa/id/auth/frontend/builder/AbstractServiceProviderSpecificGUIFormBuilderConfiguration.java +++ b/id/server/moa-id-frontend-resources/src/main/java/at/gv/egovernment/moa/id/auth/frontend/builder/AbstractServiceProviderSpecificGUIFormBuilderConfiguration.java @@ -41,19 +41,28 @@ import at.gv.egovernment.moa.util.MiscUtil; */ public abstract class AbstractServiceProviderSpecificGUIFormBuilderConfiguration extends AbstractGUIFormBuilderConfiguration { + public static final String VIEW_TEMPLATE_MAINGUI_DIRECTORY = "mainGUI/"; + public static final String VIEW_BKUSELECTION = "loginFormFull.html"; public static final String VIEW_SENDASSERTION = "sendAssertionFormFull.html"; public static final String VIEW_TEMPLATE_CSS = "css_template.css"; - public static final String VIEW_TEMPLATE_JS = "javascript_tempalte.js"; + public static final String VIEW_TEMPLATE_JS = "javascript_tempalte.js"; + public static final String VIEW_TEMPLATE_BKUDETECTION_SP_SPECIFIC = "iframeLBKUdetectSPSpecific.html"; + public static final String VIEW_TEMPLATE_BKUDETECTION_GENERIC = "iframeLBKUdetect.html"; public static final String PARAM_BKU_ONLINE = "bkuOnline"; public static final String PARAM_BKU_HANDY = "bkuHandy"; - public static final String PARAM_BKU_LOCAL = "bkuLocal"; + public static final String PARAM_BKU_LOCAL = "bkuLocal"; + + public static final String PARAM_BKU_URL_HANDY = "bkuURLHandy"; + public static final String PARAM_BKU_URL_LOCAL = "bkuURLLocal"; + public static final String PARAM_BKU_URL_THIRD = "bkuURLThird"; public static final String PARAM_OANAME = "OAName"; public static final String PARAM_COUNTRYLIST = "countryList"; protected IRequest pendingReq = null; + protected String templateClasspahtDir = null; /** * @param authURL PublicURLPrefix of the IDP but never null @@ -86,7 +95,7 @@ public abstract class AbstractServiceProviderSpecificGUIFormBuilderConfiguration @Override public Map getSpecificViewParameters() { Map params = new HashMap(); - params.put(PARAM_BKU_ONLINE, IOAAuthParameters.ONLINEBKU); + params.put(PARAM_BKU_ONLINE, IOAAuthParameters.THIRDBKU); params.put(PARAM_BKU_HANDY, IOAAuthParameters.HANDYBKU); params.put(PARAM_BKU_LOCAL, IOAAuthParameters.LOCALBKU); @@ -97,7 +106,16 @@ public abstract class AbstractServiceProviderSpecificGUIFormBuilderConfiguration IOAAuthParameters oaParam = pendingReq.getOnlineApplicationConfiguration(); if (oaParam != null) { params.put(PARAM_OANAME, oaParam.getFriendlyName()); - + + //set BKU URLs + if (MiscUtil.isNotEmpty(oaParam.getBKUURL(IOAAuthParameters.LOCALBKU))) + params.put(PARAM_BKU_URL_LOCAL, oaParam.getBKUURL(IOAAuthParameters.LOCALBKU)); + if (MiscUtil.isNotEmpty(oaParam.getBKUURL(IOAAuthParameters.HANDYBKU))) + params.put(PARAM_BKU_URL_HANDY, oaParam.getBKUURL(IOAAuthParameters.HANDYBKU)); + if (MiscUtil.isNotEmpty(oaParam.getBKUURL(IOAAuthParameters.THIRDBKU))) + params.put(PARAM_BKU_URL_THIRD, oaParam.getBKUURL(IOAAuthParameters.THIRDBKU)); + + //set eIDAS login information if requird if (oaParam.isShowStorkLogin()) addCountrySelection(params, oaParam); else @@ -151,7 +169,7 @@ public abstract class AbstractServiceProviderSpecificGUIFormBuilderConfiguration */ @Override public String getClasspathTemplateDir() { - return null; + return templateClasspahtDir; } /* (non-Javadoc) @@ -184,4 +202,17 @@ public abstract class AbstractServiceProviderSpecificGUIFormBuilderConfiguration return null; } + /** + * Set a specific classPath directory for this template configuration. + *
If the directory is null then the default directory /templates is used. + * + * @param templateClasspahtDir the templateClasspahtDir to set + */ + public void setTemplateClasspahtDir(String templateClasspahtDir) { + this.templateClasspahtDir = templateClasspahtDir; + } + + + + } -- cgit v1.2.3 From a2f3140358be730c86acac9d77ff4df282cbf1e4 Mon Sep 17 00:00:00 2001 From: Thomas Lenz Date: Tue, 3 Oct 2017 16:21:15 +0200 Subject: update template builder to support OA specific BKU detection templates --- .../main/resources/mainGUI/iframeLBKUdetect.html | 2 +- .../main/resources/mainGUI/template_thirdBKU.html | 37 ++++++++++++++++++++++ .../templates/iframeLBKUdetectSPSpecific.html | 12 +++++++ .../main/resources/templates/loginFormFull.html | 10 ++++-- 4 files changed, 57 insertions(+), 4 deletions(-) create mode 100644 id/server/moa-id-frontend-resources/src/main/resources/mainGUI/template_thirdBKU.html create mode 100644 id/server/moa-id-frontend-resources/src/main/resources/templates/iframeLBKUdetectSPSpecific.html (limited to 'id/server/moa-id-frontend-resources/src/main') diff --git a/id/server/moa-id-frontend-resources/src/main/resources/mainGUI/iframeLBKUdetect.html b/id/server/moa-id-frontend-resources/src/main/resources/mainGUI/iframeLBKUdetect.html index 54dc9d910..261e19a33 100644 --- a/id/server/moa-id-frontend-resources/src/main/resources/mainGUI/iframeLBKUdetect.html +++ b/id/server/moa-id-frontend-resources/src/main/resources/mainGUI/iframeLBKUdetect.html @@ -24,7 +24,7 @@ document.write(''); try { document.bkudetectform.submit(); - } catch(e) {} + } catch(e) {console.log(e)} } //--> diff --git a/id/server/moa-id-frontend-resources/src/main/resources/mainGUI/template_thirdBKU.html b/id/server/moa-id-frontend-resources/src/main/resources/mainGUI/template_thirdBKU.html new file mode 100644 index 000000000..a9932d49d --- /dev/null +++ b/id/server/moa-id-frontend-resources/src/main/resources/mainGUI/template_thirdBKU.html @@ -0,0 +1,37 @@ + + + + + + + + +
+ Falls Sie nicht automatisch weitergeleitet werden klicken Sie bitte hier: + + + + + + + + + + + + +
+ +
+ + +
+
+
+ + diff --git a/id/server/moa-id-frontend-resources/src/main/resources/templates/iframeLBKUdetectSPSpecific.html b/id/server/moa-id-frontend-resources/src/main/resources/templates/iframeLBKUdetectSPSpecific.html new file mode 100644 index 000000000..79a217946 --- /dev/null +++ b/id/server/moa-id-frontend-resources/src/main/resources/templates/iframeLBKUdetectSPSpecific.html @@ -0,0 +1,12 @@ + + + +BKU-Erkennung + + +
+ + +
+ + diff --git a/id/server/moa-id-frontend-resources/src/main/resources/templates/loginFormFull.html b/id/server/moa-id-frontend-resources/src/main/resources/templates/loginFormFull.html index 53c4f0d5d..8deabeb4f 100644 --- a/id/server/moa-id-frontend-resources/src/main/resources/templates/loginFormFull.html +++ b/id/server/moa-id-frontend-resources/src/main/resources/templates/loginFormFull.html @@ -50,8 +50,11 @@ - - + + + + +
@@ -59,6 +62,7 @@
+ -- cgit v1.2.3 From 4957d92a80841935b0c74f21d034e22bfc925459 Mon Sep 17 00:00:00 2001 From: Thomas Lenz Date: Wed, 4 Oct 2017 12:47:26 +0200 Subject: set default local-BKU URL if there is no OA specific --- .../AbstractServiceProviderSpecificGUIFormBuilderConfiguration.java | 3 +++ 1 file changed, 3 insertions(+) (limited to 'id/server/moa-id-frontend-resources/src/main') diff --git a/id/server/moa-id-frontend-resources/src/main/java/at/gv/egovernment/moa/id/auth/frontend/builder/AbstractServiceProviderSpecificGUIFormBuilderConfiguration.java b/id/server/moa-id-frontend-resources/src/main/java/at/gv/egovernment/moa/id/auth/frontend/builder/AbstractServiceProviderSpecificGUIFormBuilderConfiguration.java index a582c8d45..da38e3bef 100644 --- a/id/server/moa-id-frontend-resources/src/main/java/at/gv/egovernment/moa/id/auth/frontend/builder/AbstractServiceProviderSpecificGUIFormBuilderConfiguration.java +++ b/id/server/moa-id-frontend-resources/src/main/java/at/gv/egovernment/moa/id/auth/frontend/builder/AbstractServiceProviderSpecificGUIFormBuilderConfiguration.java @@ -110,6 +110,9 @@ public abstract class AbstractServiceProviderSpecificGUIFormBuilderConfiguration //set BKU URLs if (MiscUtil.isNotEmpty(oaParam.getBKUURL(IOAAuthParameters.LOCALBKU))) params.put(PARAM_BKU_URL_LOCAL, oaParam.getBKUURL(IOAAuthParameters.LOCALBKU)); + else + params.put(PARAM_BKU_URL_LOCAL, MOAIDAuthConstants.DEFAULT_BKU_HTTPS); + if (MiscUtil.isNotEmpty(oaParam.getBKUURL(IOAAuthParameters.HANDYBKU))) params.put(PARAM_BKU_URL_HANDY, oaParam.getBKUURL(IOAAuthParameters.HANDYBKU)); if (MiscUtil.isNotEmpty(oaParam.getBKUURL(IOAAuthParameters.THIRDBKU))) -- cgit v1.2.3 From a59e9d088954345d67ff6b5b9b0f4d88d56531be Mon Sep 17 00:00:00 2001 From: Thomas Lenz Date: Mon, 9 Oct 2017 15:23:33 +0200 Subject: update version in moa-id-auth mainpage --- .../moa-id-frontend-resources/src/main/resources/mainGUI/index.html | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'id/server/moa-id-frontend-resources/src/main') diff --git a/id/server/moa-id-frontend-resources/src/main/resources/mainGUI/index.html b/id/server/moa-id-frontend-resources/src/main/resources/mainGUI/index.html index 5f7e92321..7fc2b0298 100644 --- a/id/server/moa-id-frontend-resources/src/main/resources/mainGUI/index.html +++ b/id/server/moa-id-frontend-resources/src/main/resources/mainGUI/index.html @@ -2,7 +2,7 @@ - MOA-ID 3.2.x + MOA-ID 3.3.x -- cgit v1.2.3 From 352c4f2de3503dfc7f8528b846ebaa62a7f439f1 Mon Sep 17 00:00:00 2001 From: Thomas Lenz Date: Mon, 9 Oct 2017 15:43:13 +0200 Subject: update some more templates and version numbers --- .../src/main/resources/templates/loginFormFull.html | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'id/server/moa-id-frontend-resources/src/main') diff --git a/id/server/moa-id-frontend-resources/src/main/resources/templates/loginFormFull.html b/id/server/moa-id-frontend-resources/src/main/resources/templates/loginFormFull.html index 8deabeb4f..c4da51dc1 100644 --- a/id/server/moa-id-frontend-resources/src/main/resources/templates/loginFormFull.html +++ b/id/server/moa-id-frontend-resources/src/main/resources/templates/loginFormFull.html @@ -51,7 +51,7 @@ - + -- cgit v1.2.3 From fe2a02ec2afcbe2d7b9d59a9969d05923813ffdf Mon Sep 17 00:00:00 2001 From: Thomas Lenz Date: Mon, 13 Nov 2017 09:38:00 +0100 Subject: fix some open CrossSiteScripting paths --- ...actServiceProviderSpecificGUIFormBuilderConfiguration.java | 4 +++- .../frontend/builder/DefaultGUIFormBuilderConfiguration.java | 11 ++++++++++- 2 files changed, 13 insertions(+), 2 deletions(-) (limited to 'id/server/moa-id-frontend-resources/src/main') diff --git a/id/server/moa-id-frontend-resources/src/main/java/at/gv/egovernment/moa/id/auth/frontend/builder/AbstractServiceProviderSpecificGUIFormBuilderConfiguration.java b/id/server/moa-id-frontend-resources/src/main/java/at/gv/egovernment/moa/id/auth/frontend/builder/AbstractServiceProviderSpecificGUIFormBuilderConfiguration.java index da38e3bef..15bc92a54 100644 --- a/id/server/moa-id-frontend-resources/src/main/java/at/gv/egovernment/moa/id/auth/frontend/builder/AbstractServiceProviderSpecificGUIFormBuilderConfiguration.java +++ b/id/server/moa-id-frontend-resources/src/main/java/at/gv/egovernment/moa/id/auth/frontend/builder/AbstractServiceProviderSpecificGUIFormBuilderConfiguration.java @@ -27,6 +27,8 @@ import java.io.InputStream; import java.util.HashMap; import java.util.Map; +import org.apache.commons.lang.StringEscapeUtils; + import at.gv.egovernment.moa.id.auth.frontend.utils.FormBuildUtils; import at.gv.egovernment.moa.id.commons.MOAIDAuthConstants; import at.gv.egovernment.moa.id.commons.api.IOAAuthParameters; @@ -100,7 +102,7 @@ public abstract class AbstractServiceProviderSpecificGUIFormBuilderConfiguration params.put(PARAM_BKU_LOCAL, IOAAuthParameters.LOCALBKU); if (pendingReq != null) { - params.put(PARAM_PENDINGREQUESTID, pendingReq.getRequestID()); + params.put(PARAM_PENDINGREQUESTID, StringEscapeUtils.escapeHtml(pendingReq.getRequestID())); //add service-provider specific GUI parameters IOAAuthParameters oaParam = pendingReq.getOnlineApplicationConfiguration(); diff --git a/id/server/moa-id-frontend-resources/src/main/java/at/gv/egovernment/moa/id/auth/frontend/builder/DefaultGUIFormBuilderConfiguration.java b/id/server/moa-id-frontend-resources/src/main/java/at/gv/egovernment/moa/id/auth/frontend/builder/DefaultGUIFormBuilderConfiguration.java index 2c2792b84..0c07ad3fb 100644 --- a/id/server/moa-id-frontend-resources/src/main/java/at/gv/egovernment/moa/id/auth/frontend/builder/DefaultGUIFormBuilderConfiguration.java +++ b/id/server/moa-id-frontend-resources/src/main/java/at/gv/egovernment/moa/id/auth/frontend/builder/DefaultGUIFormBuilderConfiguration.java @@ -26,6 +26,8 @@ import java.io.InputStream; import java.util.HashMap; import java.util.Map; +import org.apache.commons.lang.StringEscapeUtils; + import at.gv.egovernment.moa.id.commons.api.IRequest; /** @@ -68,6 +70,13 @@ public class DefaultGUIFormBuilderConfiguration extends AbstractGUIFormBuilderCo } + /** + * Add a key/value pair into Velocity context.
+ * IMPORTANT: external HTML escapetion is required, because it is NOT done internally + * + * @param key velocity context key + * @param value of this key + */ public void putCustomParameter(String key, Object value) { if (customParameters == null) customParameters = new HashMap(); @@ -82,7 +91,7 @@ public class DefaultGUIFormBuilderConfiguration extends AbstractGUIFormBuilderCo public Map getSpecificViewParameters() { Map params = new HashMap(); if (pendingReq != null) { - params.put(PARAM_PENDINGREQUESTID, pendingReq.getRequestID()); + params.put(PARAM_PENDINGREQUESTID, StringEscapeUtils.escapeHtml(pendingReq.getRequestID())); } if (customParameters != null) -- cgit v1.2.3