/******************************************************************************* * Copyright 2014 Federal Chancellery Austria * MOA-ID has been developed in a cooperation between BRZ, the Federal * Chancellery Austria - ICT staff unit, and Graz University of Technology. * * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by * the European Commission - subsequent versions of the EUPL (the "Licence"); * You may not use this work except in compliance with the Licence. * You may obtain a copy of the Licence at: * http://www.osor.eu/eupl/ * * Unless required by applicable law or agreed to in writing, software * distributed under the Licence is distributed on an "AS IS" basis, * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. * See the Licence for the specific language governing permissions and * limitations under the Licence. * * This product combines work with different licenses. See the "NOTICE" text * file for details on the various modules and licenses. * The "NOTICE" text file is part of the distribution. Any derivative works * that you distribute must include a readable copy of the "NOTICE" text file. *******************************************************************************/ package at.gv.egovernment.moa.id.configuration.data.oa; import java.io.File; import java.io.FileInputStream; import java.io.IOException; import java.security.cert.CertificateException; import java.util.ArrayList; import java.util.Date; import java.util.List; import javax.servlet.http.HttpServletRequest; import at.gv.egovernment.moa.id.commons.config.MOAIDConfigurationConstants; import at.gv.egovernment.moa.id.commons.db.dao.config.deprecated.AuthComponentOA; import at.gv.egovernment.moa.id.commons.db.dao.config.deprecated.OAPVP2; import at.gv.egovernment.moa.id.commons.db.dao.config.deprecated.OnlineApplication; import at.gv.egovernment.moa.id.configuration.auth.AuthenticatedUser; import at.gv.egovernment.moa.id.configuration.helper.LanguageHelper; import at.gv.egovernment.moa.id.configuration.validation.oa.OAPVP2ConfigValidation; import at.gv.egovernment.moa.util.Base64Utils; import at.gv.egovernment.moa.util.MiscUtil; import iaik.x509.X509Certificate; import lombok.extern.slf4j.Slf4j; @Slf4j public class OAPVP2Config implements IOnlineApplicationData { private boolean reLoad = false; private String metaDataURL = null; private String certificateDN = null; private File fileUpload = null; private String fileUploadContentType; private String fileUploadFileName; private byte[] storedCert = null; public OAPVP2Config() { } /* * (non-Javadoc) * * @see * at.gv.egovernment.moa.id.configuration.data.oa.IOnlineApplicationData#getName * () */ @Override public String getName() { return "OAPVP2"; } /* * (non-Javadoc) * * @see * at.gv.egovernment.moa.id.configuration.data.oa.IOnlineApplicationData#store( * at.gv.egovernment.moa.id.commons.db.dao.config.OnlineApplication, * at.gv.egovernment.moa.id.configuration.auth.AuthenticatedUser) */ @Override public String store(OnlineApplication dboa, AuthenticatedUser authUser, HttpServletRequest request) { AuthComponentOA authoa = dboa.getAuthComponentOA(); if (authoa == null) { authoa = new AuthComponentOA(); dboa.setAuthComponentOA(authoa); } OAPVP2 pvp2 = authoa.getOAPVP2(); if (pvp2 == null) { pvp2 = new OAPVP2(); authoa.setOAPVP2(pvp2); } try { if (getFileUpload() != null) { pvp2.setCertificate(getCertificate()); setReLoad(true); } else if (storedCert != null) { pvp2.setCertificate(storedCert); } } catch (final CertificateException e) { log.info("Uploaded Certificate can not be found", e); return LanguageHelper.getErrorString("validation.pvp2.certificate.notfound", request); } catch (final IOException e) { log.info("Uploaded Certificate can not be parsed", e); return LanguageHelper.getErrorString("validation.pvp2.certificate.format", request); } if (getMetaDataURL() != null && !getMetaDataURL().equals(pvp2.getMetadataURL())) { setReLoad(true); } pvp2.setMetadataURL(getMetaDataURL()); if (isReLoad()) { pvp2.setUpdateRequiredItem(new Date()); } return null; } /* * (non-Javadoc) * * @see at.gv.egovernment.moa.id.configuration.data.oa.IOnlineApplicationData# * validate(at.gv.egovernment.moa.id.configuration.data.oa.OAGeneralConfig, * at.gv.egovernment.moa.id.configuration.auth.AuthenticatedUser, * javax.servlet.http.HttpServletRequest) */ @Override public List validate(OAGeneralConfig general, AuthenticatedUser authUser, HttpServletRequest request) { return new OAPVP2ConfigValidation().validate(this, general.getIdentifier(), request); } /* * (non-Javadoc) * * @see * at.gv.egovernment.moa.id.configuration.data.oa.IOnlineApplicationData#parse( * at.gv.egovernment.moa.id.commons.db.dao.config.OnlineApplication) */ @Override public List parse(OnlineApplication dbOAConfig, AuthenticatedUser authUser, HttpServletRequest request) { final List errors = new ArrayList<>(); final AuthComponentOA authdata = dbOAConfig.getAuthComponentOA(); if (authdata != null) { final OAPVP2 pvp2 = authdata.getOAPVP2(); if (pvp2 != null) { metaDataURL = pvp2.getMetadataURL(); if (pvp2.getCertificate() != null && !new String(pvp2.getCertificate()).equals(MOAIDConfigurationConstants.WEBGUI_EMPTY_ELEMENT)) { try { // byte[] cert = pvp2.getCertificate(); final byte[] cert = Base64Utils.decode(new String(pvp2.getCertificate()), false); if (MiscUtil.isNotEmpty(cert)) { final X509Certificate x509 = new X509Certificate(cert); certificateDN = x509.getSubjectDN().getName(); } } catch (final CertificateException e) { try { final byte[] cert = pvp2.getCertificate(); if (MiscUtil.isNotEmpty(cert)) { final X509Certificate x509 = new X509Certificate(cert); certificateDN = x509.getSubjectDN().getName(); } } catch (final CertificateException e1) { log.warn("PVP2 certificate can not be loaded from Online-Applikation with ID " + dbOAConfig .getPublicURLPrefix(), e1); errors.add(LanguageHelper.getErrorString("error.oa.pvp2.certificate", request)); } } catch (final IOException e) { log.warn("PVP2 certificate can not be loaded from Online-Applikation with ID " + dbOAConfig .getPublicURLPrefix()); errors.add(LanguageHelper.getErrorString("error.oa.pvp2.certificate", request)); } } } } return errors; } public byte[] getCertificate() throws CertificateException, IOException { final FileInputStream filestream = new FileInputStream(fileUpload); final X509Certificate x509 = new X509Certificate(filestream); return x509.getEncoded(); } public void setStoredCert(byte[] storedCert) { this.storedCert = storedCert; } public String getMetaDataURL() { return metaDataURL; } public void setMetaDataURL(String metaDataURL) { this.metaDataURL = metaDataURL; } /** * @return the certificateDN */ public String getCertificateDN() { return certificateDN; } /** * @return the fileUpLoad */ public File getFileUpload() { return fileUpload; } /** * @param fileUpLoad the fileUpLoad to set */ public void setFileUpload(File fileUpload) { this.fileUpload = fileUpload; } /** * @return the fileUploadContentType */ public String getFileUploadContentType() { return fileUploadContentType; } /** * @param fileUploadContentType the fileUploadContentType to set */ public void setFileUploadContentType(String fileUploadContentType) { this.fileUploadContentType = fileUploadContentType; } /** * @return the fileUploadFileName */ public String getFileUploadFileName() { return fileUploadFileName; } /** * @param fileUploadFileName the fileUploadFileName to set */ public void setFileUploadFileName(String fileUploadFileName) { this.fileUploadFileName = fileUploadFileName; } /** * @return the reLoad */ public boolean isReLoad() { return reLoad; } /** * @param reLoad the reLoad to set */ public void setReLoad(boolean reLoad) { this.reLoad = reLoad; } }