package at.gv.egovernment.moa.id.auth.servlet; import java.io.IOException; import java.io.OutputStream; import java.util.Map; import javax.servlet.ServletException; import javax.servlet.http.HttpServletRequest; import javax.servlet.http.HttpServletResponse; import at.gv.egovernment.moa.id.MOAIDException; import at.gv.egovernment.moa.id.auth.AuthenticationServer; import at.gv.egovernment.moa.id.auth.builder.DataURLBuilder; import at.gv.egovernment.moa.id.auth.data.AuthenticationSession; import at.gv.egovernment.moa.id.auth.MOAIDAuthConstants; import at.gv.egovernment.moa.logging.Logger; import at.gv.egovernment.moa.util.OutputXML2File; /** * Servlet requested for verifying the identity link * provided by the security layer implementation. * Utilizes the {@link AuthenticationServer}. * * @author Paul Ivancsics * @version $Id$ */ public class VerifyIdentityLinkServlet extends AuthServlet { /** * Constructor for VerifyIdentityLinkServlet. */ public VerifyIdentityLinkServlet() { super(); } /** * GET requested by security layer implementation to verify * that data URL resource is available. * @see javax.servlet.http.HttpServlet#doGet(HttpServletRequest, HttpServletResponse) */ protected void doGet(HttpServletRequest req, HttpServletResponse resp) throws ServletException, IOException { Logger.debug("GET VerifyIdentityLink"); } /** * Verifies the identity link and responds with a new * CreateXMLSignatureRequest. *
* Request parameters: * * Response: * * @see javax.servlet.http.HttpServlet#doPost(HttpServletRequest, HttpServletResponse) */ protected void doPost(HttpServletRequest req, HttpServletResponse resp) throws ServletException, IOException { Logger.debug("POST VerifyIdentityLink"); Map parameters = getParameters(req); String sessionID = req.getParameter(PARAM_SESSIONID); String infoboxReadResponse = (String)parameters.get(PARAM_XMLRESPONSE); // debug output if(null != infoboxReadResponse) OutputXML2File.debugOutputXML2File("InfoboxReadResponse.xml", infoboxReadResponse, MOAIDAuthConstants.DEBUG_OUTPUT_HIERARCHY); try { String createXMLSignatureRequest = AuthenticationServer.getInstance().verifyIdentityLink(sessionID, infoboxReadResponse); AuthenticationSession session = AuthenticationServer.getSession(sessionID); resp.setStatus(307); String dataURL = new DataURLBuilder().buildDataURL( session.getAuthURL(), AuthenticationServer.REQ_VERIFY_AUTH_BLOCK, sessionID); resp.addHeader("Location", dataURL); resp.setContentType("text/xml"); // debug output if(null != createXMLSignatureRequest) OutputXML2File.debugOutputXML2File("CreateXMLSignatureRequest.xml", createXMLSignatureRequest, MOAIDAuthConstants.DEBUG_OUTPUT_HIERARCHY); OutputStream out = resp.getOutputStream(); out.write(createXMLSignatureRequest.getBytes("UTF-8")); out.flush(); out.close(); Logger.debug("Finished POST VerifyIdentityLink"); } catch (MOAIDException ex) { handleError(null, ex, req, resp); } } }