From 028be490569e4080947f7708f08782f4306503ae Mon Sep 17 00:00:00 2001
From: pdanner <pdanner@d688527b-c9ab-4aba-bd8d-4036d912da1d>
Date: Fri, 19 Oct 2007 13:12:22 +0000
Subject: Fixed path choice on parep validation

git-svn-id: https://joinup.ec.europa.eu/svn/moa-idspss/trunk@1028 d688527b-c9ab-4aba-bd8d-4036d912da1d
---
 .../auth/servlet/ProcessValidatorInputServlet.java | 71 +++++++++++++---------
 1 file changed, 42 insertions(+), 29 deletions(-)

(limited to 'id')

diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/ProcessValidatorInputServlet.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/ProcessValidatorInputServlet.java
index 89834307d..e2eda5755 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/ProcessValidatorInputServlet.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/ProcessValidatorInputServlet.java
@@ -124,37 +124,50 @@ public class ProcessValidatorInputServlet extends AuthServlet {
         String dataURL = new DataURLBuilder().buildDataURL(
             session.getAuthURL(), AuthenticationServer.REQ_VERIFY_AUTH_BLOCK, sessionID);
         
-        // Test if we have a user input form sign template
-        String inputProcessorSignTemplateURL = req.getParameter(PARAM_INPUT_PROCESSOR_SIGN_TEMPLATE);
-        String inputProcessorSignTemplate = null;
-        OAAuthParameter oaParam =
-          AuthConfigurationProvider.getInstance().getOnlineApplicationParameter(session.getOAURLRequested());
-        // override template url by url from configuration file
-        if (oaParam.getInputProcessorSignTemplateURL() != null) {
-          inputProcessorSignTemplateURL = oaParam.getInputProcessorSignTemplateURL();
-        }       
-        if (inputProcessorSignTemplateURL != null) {
-          try {
-            inputProcessorSignTemplate = new String(FileUtils.readURL(inputProcessorSignTemplateURL));
-          } catch (IOException ex) {
-            throw new AuthenticationException(
-              "auth.03",
-              new Object[] { inputProcessorSignTemplateURL, ex.toString()},
-              ex);
+        String htmlForm = null;
+        
+        boolean doInputProcessorSign = false;
+        String inputProcessorSignForm = req.getParameter("Sign_Form");
+        if (inputProcessorSignForm==null) inputProcessorSignForm = (String) req.getAttribute("Sign_Form");
+        if (inputProcessorSignForm==null) inputProcessorSignForm = (String) parameters.get("Sign_Form");
+        if (inputProcessorSignForm==null) inputProcessorSignForm = (String) parameters.get("Sign_Form_");
+        if (!ParepUtils.isEmpty(inputProcessorSignForm)) doInputProcessorSign = inputProcessorSignForm.equalsIgnoreCase("true");
+        if (doInputProcessorSign) {
+          // Test if we have a user input form sign template
+          String inputProcessorSignTemplateURL = req.getParameter(PARAM_INPUT_PROCESSOR_SIGN_TEMPLATE);
+          String inputProcessorSignTemplate = null;
+          OAAuthParameter oaParam =
+            AuthConfigurationProvider.getInstance().getOnlineApplicationParameter(session.getOAURLRequested());
+          // override template url by url from configuration file
+          if (oaParam.getInputProcessorSignTemplateURL() != null) {
+            inputProcessorSignTemplateURL = oaParam.getInputProcessorSignTemplateURL();
+          }       
+          if (inputProcessorSignTemplateURL != null) {
+            try {
+              inputProcessorSignTemplate = new String(FileUtils.readURL(inputProcessorSignTemplateURL));
+            } catch (IOException ex) {
+              throw new AuthenticationException(
+                "auth.03",
+                new Object[] { inputProcessorSignTemplateURL, ex.toString()},
+                ex);
+            }
           }
+          
+          htmlForm = new GetVerifyAuthBlockFormBuilder().build(
+              inputProcessorSignTemplate, session.getBkuURL(), createXMLSignatureRequestOrRedirect, dataURL, session.getPushInfobox());
+          htmlForm = ParepUtils.replaceAll(htmlForm, "<BASE_href>", session.getAuthURL());
+          htmlForm = ParepUtils.replaceAll(htmlForm, "<MOASessionID>", sessionID);
+          htmlForm = ParepUtils.replaceAll(htmlForm, "<BKU>", session.getBkuURL());
+          htmlForm = ParepUtils.replaceAll(htmlForm, "<DataURL>", dataURL);
+          htmlForm = ParepUtils.replaceAll(htmlForm, "<PushInfobox>", session.getPushInfobox());
+          resp.setContentType("text/html;charset=UTF-8");
+        } else {
+          htmlForm = createXMLSignatureRequestOrRedirect;
+          resp.setStatus(307);
+          resp.addHeader("Location", dataURL);
+          //TODO test impact of explicit setting charset with older versions of BKUs (HotSign)
+          resp.setContentType("text/xml;charset=UTF-8");
         }
-
-        
-        
-        String htmlForm = new GetVerifyAuthBlockFormBuilder().build(
-            inputProcessorSignTemplate, session.getBkuURL(), createXMLSignatureRequestOrRedirect, dataURL, session.getPushInfobox());
-        htmlForm = ParepUtils.replaceAll(htmlForm, "<BASE_href>", session.getAuthURL());
-        htmlForm = ParepUtils.replaceAll(htmlForm, "<MOASessionID>", sessionID);
-        htmlForm = ParepUtils.replaceAll(htmlForm, "<BKU>", session.getBkuURL());
-        htmlForm = ParepUtils.replaceAll(htmlForm, "<DataURL>", dataURL);
-        htmlForm = ParepUtils.replaceAll(htmlForm, "<PushInfobox>", session.getPushInfobox());
-        
-        resp.setContentType("text/html;charset=UTF-8");
         
         OutputStream out = resp.getOutputStream();
         out.write(htmlForm.getBytes("UTF-8"));
-- 
cgit v1.2.3