package at.gv.egovernment.moa.id.auth.servlet; import java.io.IOException; import java.net.URLEncoder; import java.util.Map; import javax.servlet.ServletException; import javax.servlet.http.HttpServletRequest; import javax.servlet.http.HttpServletResponse; import at.gv.egovernment.moa.id.MOAIDException; import at.gv.egovernment.moa.id.auth.AuthenticationServer; import at.gv.egovernment.moa.id.auth.data.AuthenticationSession; import at.gv.egovernment.moa.logging.Logger; /** * Servlet requested for verifying the signed authentication block * provided by the security layer implementation. * Utilizes the {@link AuthenticationServer}. * * @author Paul Ivancsics * @version $Id$ */ public class VerifyAuthenticationBlockServlet extends AuthServlet { /** * Constructor for VerifyAuthenticationBlockServlet. */ public VerifyAuthenticationBlockServlet() { super(); } /** * GET requested by security layer implementation to verify * that data URL resource is available. * @see javax.servlet.http.HttpServlet#doGet(HttpServletRequest, HttpServletResponse) */ protected void doGet(HttpServletRequest req, HttpServletResponse resp) throws ServletException, IOException { Logger.debug("GET VerifyAuthenticationBlock"); } /** * Verifies the signed authentication block and redirects the browser * to the online application requested, adding a parameter needed for * retrieving the authentication data. *
* Request parameters: * * Response: * * @see AuthenticationServer#verifyAuthenticationBlock * @see javax.servlet.http.HttpServlet#doPost(HttpServletRequest, HttpServletResponse) */ protected void doPost(HttpServletRequest req, HttpServletResponse resp) throws ServletException, IOException { Logger.debug("POST VerifyAuthenticationBlock"); Map parameters = getParameters(req); String sessionID = req.getParameter(PARAM_SESSIONID); String createXMLSignatureResponse = (String)parameters.get(PARAM_XMLRESPONSE); // debug XMLSignatureResponse from BKU if(null != createXMLSignatureResponse) AuthenticationServer.debugOutputXMLFile("CreateXMLSignatureResponse.xml", createXMLSignatureResponse); try { AuthenticationSession session = AuthenticationServer.getSession(sessionID); String samlArtifactBase64 = AuthenticationServer.getInstance().verifyAuthenticationBlock(sessionID, createXMLSignatureResponse); String redirectURL = session.getOAURLRequested(); redirectURL = addURLParameter(redirectURL, PARAM_TARGET, session.getTarget()); redirectURL = addURLParameter(redirectURL, PARAM_SAMLARTIFACT, URLEncoder.encode(samlArtifactBase64)); redirectURL = resp.encodeRedirectURL(redirectURL); resp.setStatus(302); resp.addHeader("Location", redirectURL); Logger.debug("REDIRECT TO: " + redirectURL); } catch (MOAIDException ex) { handleError(null, ex, req, resp); } } /** * Adds a parameter to a URL. * @param url the URL * @param paramname parameter name * @param paramvalue parameter value * @return the URL with parameter added */ private static String addURLParameter(String url, String paramname, String paramvalue) { String param = paramname + "=" + paramvalue; if (url.indexOf("?") < 0) return url + "?" + param; else return url + "&" + param; } }