From 731ab39b8ef05a4e84b72fb4243d59c9f6dd48cb Mon Sep 17 00:00:00 2001 From: Thomas Lenz Date: Tue, 23 Jan 2018 14:23:39 +0100 Subject: update mostly all GUI forms to split JavaScript and CSS from html code to support "Content Security-Policy" http headers --- .../java/at/gv/egovernment/moa/id/auth/AuthenticationServer.java | 2 +- .../moa/id/auth/builder/GetIdentityLinkFormBuilder.java | 9 ++++++++- .../moa/id/auth/builder/GetIdentityLinkFormBuilderTest.java | 7 +++---- 3 files changed, 12 insertions(+), 6 deletions(-) (limited to 'id/server/modules/moa-id-modul-citizencard_authentication') diff --git a/id/server/modules/moa-id-modul-citizencard_authentication/src/main/java/at/gv/egovernment/moa/id/auth/AuthenticationServer.java b/id/server/modules/moa-id-modul-citizencard_authentication/src/main/java/at/gv/egovernment/moa/id/auth/AuthenticationServer.java index faeb0158b..f7c3db8d1 100644 --- a/id/server/modules/moa-id-modul-citizencard_authentication/src/main/java/at/gv/egovernment/moa/id/auth/AuthenticationServer.java +++ b/id/server/modules/moa-id-modul-citizencard_authentication/src/main/java/at/gv/egovernment/moa/id/auth/AuthenticationServer.java @@ -213,7 +213,7 @@ public class AuthenticationServer extends BaseAuthenticationServer { try { String htmlForm = new GetIdentityLinkFormBuilder().build(template, session.getBkuURL(), infoboxReadRequest, dataURL, null, - null, pushInfobox, oaParam, appletheigth, appletwidth); + null, pushInfobox, oaParam, appletheigth, appletwidth, pendingReq.getAuthURL()); return htmlForm; diff --git a/id/server/modules/moa-id-modul-citizencard_authentication/src/main/java/at/gv/egovernment/moa/id/auth/builder/GetIdentityLinkFormBuilder.java b/id/server/modules/moa-id-modul-citizencard_authentication/src/main/java/at/gv/egovernment/moa/id/auth/builder/GetIdentityLinkFormBuilder.java index ef81af94b..f7aba5e53 100644 --- a/id/server/modules/moa-id-modul-citizencard_authentication/src/main/java/at/gv/egovernment/moa/id/auth/builder/GetIdentityLinkFormBuilder.java +++ b/id/server/modules/moa-id-modul-citizencard_authentication/src/main/java/at/gv/egovernment/moa/id/auth/builder/GetIdentityLinkFormBuilder.java @@ -78,6 +78,9 @@ public class GetIdentityLinkFormBuilder extends Builder { // private static final String CERTINFO_DATAURL_TAG = ""; /** special tag in the HTML template to be substituted for the infoboxes to be pushed from the BKU */ private static final String PUSHINFOBOX_TAG = ""; + + private static final String CONTEXTURL_TAG = ""; + /** special tag in the HTML template to be substituted for the BKU URL */ /** private static int all contains the representation to replace all tags*/ private static final int ALL = -1; @@ -155,7 +158,8 @@ public class GetIdentityLinkFormBuilder extends Builder { String certInfoDataURL, String pushInfobox, IOAAuthParameters oaParam, String appletheigth, - String appletwidth) + String appletwidth, + String contextURL) throws BuildException { String htmlForm = htmlTemplate == null ? DEFAULT_HTML_TEMPLATE : htmlTemplate; @@ -163,6 +167,9 @@ public class GetIdentityLinkFormBuilder extends Builder { htmlForm = replaceTag(htmlForm, XMLREQUEST_TAG, encodeParameter(xmlRequest), true, ALL); htmlForm = replaceTag(htmlForm, DATAURL_TAG, dataURL, true, ALL); htmlForm = replaceTag(htmlForm, PUSHINFOBOX_TAG, pushInfobox, false, ALL); + + htmlForm = replaceTag(htmlForm, CONTEXTURL_TAG, contextURL, false, ALL); + //new:wird oben mitreplaced htmlForm = replaceTag(htmlForm, BKU_TAG, bkuURL); diff --git a/id/server/modules/moa-id-modul-citizencard_authentication/src/test/java/test/at/gv/egovernment/moa/id/auth/builder/GetIdentityLinkFormBuilderTest.java b/id/server/modules/moa-id-modul-citizencard_authentication/src/test/java/test/at/gv/egovernment/moa/id/auth/builder/GetIdentityLinkFormBuilderTest.java index 7b364789b..f8c9fd75b 100644 --- a/id/server/modules/moa-id-modul-citizencard_authentication/src/test/java/test/at/gv/egovernment/moa/id/auth/builder/GetIdentityLinkFormBuilderTest.java +++ b/id/server/modules/moa-id-modul-citizencard_authentication/src/test/java/test/at/gv/egovernment/moa/id/auth/builder/GetIdentityLinkFormBuilderTest.java @@ -48,11 +48,10 @@ package test.at.gv.egovernment.moa.id.auth.builder; import java.text.MessageFormat; -import junit.framework.TestCase; - import at.gv.egovernment.moa.id.auth.builder.CertInfoVerifyXMLSignatureRequestBuilder; import at.gv.egovernment.moa.id.auth.builder.GetIdentityLinkFormBuilder; import at.gv.egovernment.moa.id.auth.builder.InfoboxReadRequestBuilder; +import junit.framework.TestCase; /** * @author Paul Ivancsics @@ -99,7 +98,7 @@ public class GetIdentityLinkFormBuilderTest extends TestCase { String dataURL = "https://1.2.3.4/auth/VerifyIdentityLink?MOASessionID=1234567"; String infoRequest = new CertInfoVerifyXMLSignatureRequestBuilder().build(); String infoDataURL = "https://1.2.3.4/auth/StartAuthentication?Target=gb&OA=https://oa.gv.at/"; - String form = new GetIdentityLinkFormBuilder().build(null, null, xmlRequest, dataURL, infoRequest, infoDataURL, null, null, null, null); + String form = new GetIdentityLinkFormBuilder().build(null, null, xmlRequest, dataURL, infoRequest, infoDataURL, null, null, null, null, null); String formShould = MessageFormat.format( FORM, new Object[] { BKU, xmlRequest, dataURL, infoRequest, infoDataURL }); assertEquals(formShould, form); @@ -110,7 +109,7 @@ public class GetIdentityLinkFormBuilderTest extends TestCase { String infoRequest = new CertInfoVerifyXMLSignatureRequestBuilder().build(); String infoDataURL = "https://1.2.3.4/auth/StartAuthentication?Target=gb&OA=https://oa.gv.at/"; String bkuURL = "http://bku.at/"; - String form = new GetIdentityLinkFormBuilder().build(null, bkuURL, xmlRequest, dataURL, infoRequest, infoDataURL, null, null, null, null); + String form = new GetIdentityLinkFormBuilder().build(null, bkuURL, xmlRequest, dataURL, infoRequest, infoDataURL, null, null, null, null, null); String formShould = MessageFormat.format( FORM, new Object[] { bkuURL, xmlRequest, dataURL, infoRequest, infoDataURL }); assertEquals(formShould, form); -- cgit v1.2.3