package at.gv.egovernment.moa.id.auth.servlet;
import java.io.IOException;
import java.io.OutputStream;
import java.util.Map;
import javax.servlet.ServletException;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import at.gv.egovernment.moa.id.MOAIDException;
import at.gv.egovernment.moa.id.auth.AuthenticationServer;
import at.gv.egovernment.moa.id.auth.builder.DataURLBuilder;
import at.gv.egovernment.moa.id.auth.data.AuthenticationSession;
import at.gv.egovernment.moa.logging.Logger;
/**
* Servlet requested for verifying the identity link
* provided by the security layer implementation.
* Utilizes the {@link AuthenticationServer}.
*
* @author Paul Ivancsics
* @version $Id$
*/
public class VerifyIdentityLinkServlet extends AuthServlet {
/**
* Constructor for VerifyIdentityLinkServlet.
*/
public VerifyIdentityLinkServlet() {
super();
}
/**
* GET requested by security layer implementation to verify
* that data URL resource is available.
* @see javax.servlet.http.HttpServlet#doGet(HttpServletRequest, HttpServletResponse)
*/
protected void doGet(HttpServletRequest req, HttpServletResponse resp)
throws ServletException, IOException {
Logger.debug("GET VerifyIdentityLink");
}
/**
* Verifies the identity link and responds with a new
* CreateXMLSignatureRequest
.
*
* Request parameters:
*
* - MOASessionID: ID of associated authentication session
* - XMLResponse:
<InfoboxReadResponse>
*
* Response:
*
* - Content type:
"text/xml"
* - Content: see return value of {@link AuthenticationServer#verifyIdentityLink}
* - Error status:
500
*
* @see javax.servlet.http.HttpServlet#doPost(HttpServletRequest, HttpServletResponse)
*/
protected void doPost(HttpServletRequest req, HttpServletResponse resp)
throws ServletException, IOException {
Logger.debug("POST VerifyIdentityLink");
Map parameters = getParameters(req);
String sessionID = req.getParameter(PARAM_SESSIONID);
String infoboxReadResponse = (String)parameters.get(PARAM_XMLRESPONSE);
// debug output
if(null != infoboxReadResponse)
AuthenticationServer.debugOutputXMLFile("InfoboxReadResponse.xml", infoboxReadResponse);
try {
String createXMLSignatureRequest =
AuthenticationServer.getInstance().verifyIdentityLink(sessionID, infoboxReadResponse);
AuthenticationSession session = AuthenticationServer.getSession(sessionID);
resp.setStatus(307);
String dataURL = new DataURLBuilder().buildDataURL(
session.getAuthURL(), AuthenticationServer.REQ_VERIFY_AUTH_BLOCK, sessionID);
resp.addHeader("Location", dataURL);
resp.setContentType("text/xml");
// debug output
if(null != createXMLSignatureRequest)
AuthenticationServer.debugOutputXMLFile("CreateXMLSignatureRequest.xml", createXMLSignatureRequest);
OutputStream out = resp.getOutputStream();
out.write(createXMLSignatureRequest.getBytes("UTF-8"));
out.flush();
out.close();
Logger.debug("Finished POST VerifyIdentityLink");
}
catch (MOAIDException ex) {
handleError(null, ex, req, resp);
}
}
}