package at.gv.egovernment.moa.id.configuration.struts.action; import iaik.utils.URLDecoder; import java.io.ByteArrayInputStream; import java.io.File; import java.io.FileInputStream; import java.io.IOException; import java.io.InputStream; import java.math.BigInteger; import java.security.cert.CertificateException; import java.util.ArrayList; import java.util.Date; import java.util.HashMap; import java.util.List; import java.util.Map; import javax.servlet.http.HttpServletRequest; import javax.servlet.http.HttpServletResponse; import javax.servlet.http.HttpSession; import org.apache.log4j.Logger; import org.apache.struts2.interceptor.ServletRequestAware; import org.apache.struts2.interceptor.ServletResponseAware; import at.gv.egovernment.moa.id.auth.builder.LoginFormBuilder; import at.gv.egovernment.moa.id.commons.db.ConfigurationDBRead; import at.gv.egovernment.moa.id.commons.db.ConfigurationDBUtils; import at.gv.egovernment.moa.id.commons.db.dao.config.AuthComponentOA; import at.gv.egovernment.moa.id.commons.db.dao.config.BKUSelectionCustomizationType; import at.gv.egovernment.moa.id.commons.db.dao.config.BKUURLS; import at.gv.egovernment.moa.id.commons.db.dao.config.DefaultBKUs; import at.gv.egovernment.moa.id.commons.db.dao.config.IdentificationNumber; import at.gv.egovernment.moa.id.commons.db.dao.config.MOAIDConfiguration; import at.gv.egovernment.moa.id.commons.db.dao.config.MOAKeyBoxSelector; import at.gv.egovernment.moa.id.commons.db.dao.config.Mandates; import at.gv.egovernment.moa.id.commons.db.dao.config.OAOAUTH20; import at.gv.egovernment.moa.id.commons.db.dao.config.OAPVP2; import at.gv.egovernment.moa.id.commons.db.dao.config.OASAML1; import at.gv.egovernment.moa.id.commons.db.dao.config.OASSO; import at.gv.egovernment.moa.id.commons.db.dao.config.OnlineApplication; import at.gv.egovernment.moa.id.commons.db.dao.config.OnlineApplicationType; import at.gv.egovernment.moa.id.commons.db.dao.config.STORK; import at.gv.egovernment.moa.id.commons.db.dao.config.TemplateType; import at.gv.egovernment.moa.id.commons.db.dao.config.TemplatesType; import at.gv.egovernment.moa.id.commons.db.dao.config.TransformsInfoType; import at.gv.egovernment.moa.id.commons.db.dao.config.UserDatabase; import at.gv.egovernment.moa.id.commons.db.ex.MOADatabaseException; import at.gv.egovernment.moa.id.configuration.Constants; import at.gv.egovernment.moa.id.configuration.auth.AuthenticatedUser; import at.gv.egovernment.moa.id.configuration.config.ConfigurationProvider; import at.gv.egovernment.moa.id.configuration.data.FormularCustomization; import at.gv.egovernment.moa.id.configuration.data.oa.OAGeneralConfig; import at.gv.egovernment.moa.id.configuration.data.oa.OAOAuth20Config; import at.gv.egovernment.moa.id.configuration.data.oa.OAPVP2Config; import at.gv.egovernment.moa.id.configuration.data.oa.OASAML1Config; import at.gv.egovernment.moa.id.configuration.data.oa.OASSOConfig; import at.gv.egovernment.moa.id.configuration.data.oa.OASTORKConfig; import at.gv.egovernment.moa.id.configuration.exception.ConfigurationException; import at.gv.egovernment.moa.id.configuration.helper.LanguageHelper; import at.gv.egovernment.moa.id.configuration.helper.MailHelper; import at.gv.egovernment.moa.id.configuration.validation.FormularCustomizationValitator; import at.gv.egovernment.moa.id.configuration.validation.TargetValidator; import at.gv.egovernment.moa.id.configuration.validation.ValidationHelper; import at.gv.egovernment.moa.id.configuration.validation.oa.OAGeneralConfigValidation; import at.gv.egovernment.moa.id.configuration.validation.oa.OAOAUTH20ConfigValidation; import at.gv.egovernment.moa.id.configuration.validation.oa.OAPVP2ConfigValidation; import at.gv.egovernment.moa.id.configuration.validation.oa.OASAML1ConfigValidation; import at.gv.egovernment.moa.id.configuration.validation.oa.OASSOConfigValidation; import at.gv.egovernment.moa.id.configuration.validation.oa.OASTORKConfigValidation; import at.gv.egovernment.moa.id.util.FormBuildUtils; import at.gv.egovernment.moa.id.util.Random; import at.gv.egovernment.moa.util.MiscUtil; import com.opensymphony.xwork2.ActionSupport; public class EditOAAction extends ActionSupport implements ServletRequestAware, ServletResponseAware { private final Logger log = Logger.getLogger(EditOAAction.class); private static final long serialVersionUID = 1L; private HttpServletRequest request; private HttpServletResponse response; private AuthenticatedUser authUser; private String oaidobj; private boolean newOA; private String formID; private boolean onlyBusinessService = false; private boolean subTargetSet = false; private boolean deaktivededBusinessService = false; private boolean isMetaDataRefreshRequired = false; private String nextPage; private OAGeneralConfig generalOA = new OAGeneralConfig(); private OAPVP2Config pvp2OA = new OAPVP2Config(); private OASAML1Config saml1OA = new OASAML1Config(); private OASSOConfig ssoOA = new OASSOConfig(); private OAOAuth20Config oauth20OA = new OAOAuth20Config(); private OASTORKConfig storkOA; private FormularCustomization formOA = new FormularCustomization(); private InputStream stream; // STRUTS actions public String inital() { HttpSession session = request.getSession(); if (session == null) { log.info("No http Session found."); return Constants.STRUTS_ERROR; } Object authUserObj = session.getAttribute(Constants.SESSION_AUTH); authUser = (AuthenticatedUser) authUserObj; long oaid = -1; if (!ValidationHelper.validateOAID(oaidobj)) { addActionError(LanguageHelper.getErrorString("errors.edit.oa.oaid", request)); return Constants.STRUTS_ERROR; } oaid = Long.valueOf(oaidobj); UserDatabase userdb = null; OnlineApplication onlineapplication = null; if (authUser.isAdmin()) onlineapplication = ConfigurationDBRead.getOnlineApplication(oaid); else { userdb = ConfigurationDBRead.getUserWithID(authUser.getUserID()); if (!authUser.isAdmin() && userdb.isIsMailAddressVerified() != null && !userdb.isIsMailAddressVerified()) { log.info("Online-Applikation managemant disabled. Mail address is not verified."); addActionError(LanguageHelper.getErrorString("error.editoa.mailverification")); return Constants.STRUTS_SUCCESS; } // TODO: change to direct Database operation List oas = userdb.getOnlineApplication(); for (OnlineApplication oa : oas) { if (oa.getHjid() == oaid) { onlineapplication = oa; break; } } if (onlineapplication == null) { addActionError(LanguageHelper.getErrorString("errors.edit.oa.oaid", request)); return Constants.STRUTS_ERROR; } } generalOA.parse(onlineapplication); ssoOA.parse(onlineapplication); saml1OA.parse(onlineapplication); oauth20OA.parse(onlineapplication); session.setAttribute(Constants.SESSION_OAUTH20SECRET, this.oauth20OA.getClientSecret()); Map map = new HashMap(); map.putAll(FormBuildUtils.getDefaultMap()); formOA.parse(onlineapplication, map); session.setAttribute(Constants.SESSION_BKUFORMPREVIEW, map); List errors = pvp2OA.parse(onlineapplication); if (errors.size() > 0) { for (String el : errors) addActionError(el); } subTargetSet = MiscUtil.isNotEmpty(generalOA.getTarget_subsector()); // set UserSpezific OA Parameters if (!authUser.isAdmin()) generateUserSpecificConfigurationOptions(userdb); ConfigurationDBUtils.closeSession(); session.setAttribute(Constants.SESSION_OAID, oaid); formID = Random.nextRandom(); session.setAttribute(Constants.SESSION_FORMID, formID); newOA = false; return Constants.STRUTS_OA_EDIT; } public String newOA() { log.debug("insert new Online-Application"); HttpSession session = request.getSession(); if (session == null) { log.info("No http Session found."); return Constants.STRUTS_ERROR; } session.setAttribute(Constants.SESSION_OAID, null); nextPage = Constants.STRUTS_RETURNAREA_VALUES.main.name(); Object authUserObj = session.getAttribute(Constants.SESSION_AUTH); authUser = (AuthenticatedUser) authUserObj; UserDatabase userdb = ConfigurationDBRead.getUserWithID(authUser.getUserID()); if (!authUser.isAdmin() && userdb.isIsMailAddressVerified() != null && !userdb.isIsMailAddressVerified()) { log.info("Online-Applikation managemant disabled. Mail address is not verified."); addActionError(LanguageHelper.getErrorString("error.editoa.mailverification")); return Constants.STRUTS_SUCCESS; } MOAIDConfiguration moaidconfig = ConfigurationDBRead.getMOAIDConfiguration(); if (moaidconfig != null) { DefaultBKUs defaultbkus = moaidconfig.getDefaultBKUs(); if (defaultbkus != null) { generalOA.setBkuHandyURL(defaultbkus.getHandyBKU()); generalOA.setBkuLocalURL(defaultbkus.getLocalBKU()); generalOA.setBkuOnlineURL(defaultbkus.getOnlineBKU()); } } // set UserSpezific OA Parameters if (!authUser.isAdmin()) generateUserSpecificConfigurationOptions(userdb); ConfigurationDBUtils.closeSession(); newOA = true; formID = Random.nextRandom(); session.setAttribute(Constants.SESSION_FORMID, formID); session.setAttribute(Constants.SESSION_BKUFORMPREVIEW, null); this.oauth20OA.generateClientSecret(); session.setAttribute(Constants.SESSION_OAUTH20SECRET, this.oauth20OA.getClientSecret()); return Constants.STRUTS_OA_EDIT; } public String saveOA() { HttpSession session = request.getSession(); if (session == null) { log.info("No http Session found."); return Constants.STRUTS_ERROR; } Object authUserObj = session.getAttribute(Constants.SESSION_AUTH); authUser = (AuthenticatedUser) authUserObj; Object formidobj = session.getAttribute(Constants.SESSION_FORMID); if (formidobj != null && formidobj instanceof String) { String formid = (String) formidobj; if (!formid.equals(formID)) { log.warn("FormIDs does not match. Some suspect Form is received from user " + authUser.getFamilyName() + authUser.getGivenName() + authUser.getUserID()); return Constants.STRUTS_ERROR; } } else { log.warn("FormIDs does not match. Some suspect Form is received from user " + authUser.getFamilyName() + authUser.getGivenName() + authUser.getUserID()); return Constants.STRUTS_ERROR; } session.setAttribute(Constants.SESSION_FORMID, null); UserDatabase userdb = ConfigurationDBRead.getUserWithID(authUser.getUserID()); if (!authUser.isAdmin() && userdb.isIsMailAddressVerified() != null && !userdb.isIsMailAddressVerified()) { log.info("Online-Applikation managemant disabled. Mail address is not verified."); addActionError(LanguageHelper.getErrorString("error.editoa.mailverification")); return Constants.STRUTS_SUCCESS; } OnlineApplication onlineapplication = null; List errors = new ArrayList(); Object oadbid = request.getSession().getAttribute(Constants.SESSION_OAID); Long oaid = (long) -1; if (oadbid != null) { try { oaid = (Long) oadbid; if (oaid < 0 || oaid > Long.MAX_VALUE) { addActionError(LanguageHelper.getErrorString("errors.edit.oa.oaid", request)); return Constants.STRUTS_ERROR; } } catch (Throwable t) { addActionError(LanguageHelper.getErrorString("errors.edit.oa.oaid", request)); return Constants.STRUTS_ERROR; } } // valid DBID and check entry String oaidentifier = generalOA.getIdentifier(); if (MiscUtil.isEmpty(oaidentifier)) { log.info("Empty OA identifier"); errors.add(LanguageHelper.getErrorString("validation.general.oaidentifier.empty")); } else { if (!ValidationHelper.validateURL(oaidentifier)) { log.warn("OnlineapplikationIdentifier is not a valid URL: " + oaidentifier); errors.add(LanguageHelper.getErrorString("validation.general.oaidentifier.valid", new Object[] { ValidationHelper.getNotValidOAIdentifierCharacters() })); } else { if (oaid == -1) { onlineapplication = ConfigurationDBRead.getOnlineApplication(oaidentifier); newOA = true; if (onlineapplication != null) { log.info("The OAIdentifier is not unique"); errors.add(LanguageHelper.getErrorString("validation.general.oaidentifier.notunique")); } } else { onlineapplication = ConfigurationDBRead.getOnlineApplication(oaid); if (!oaidentifier.equals(onlineapplication.getPublicURLPrefix())) { if (ConfigurationDBRead.getOnlineApplication(oaidentifier) != null) { log.info("The OAIdentifier is not unique"); errors.add(LanguageHelper.getErrorString("validation.general.oaidentifier.notunique")); } } } } } // set UserSpezific OA Parameters if (!authUser.isAdmin()) generateUserSpecificConfigurationOptions(userdb); // check form OAGeneralConfigValidation validatior_general = new OAGeneralConfigValidation(); OAPVP2ConfigValidation validatior_pvp2 = new OAPVP2ConfigValidation(); OASAML1ConfigValidation validatior_saml1 = new OASAML1ConfigValidation(); OASSOConfigValidation validatior_sso = new OASSOConfigValidation(); OASTORKConfigValidation validator_stork = new OASTORKConfigValidation(); FormularCustomizationValitator validator_form = new FormularCustomizationValitator(); OAOAUTH20ConfigValidation validatior_oauth20 = new OAOAUTH20ConfigValidation(); errors.addAll(validatior_general.validate(generalOA, authUser.isAdmin())); errors.addAll(validatior_pvp2.validate(pvp2OA)); errors.addAll(validatior_saml1.validate(saml1OA, generalOA)); errors.addAll(validatior_sso.validate(ssoOA, authUser.isAdmin())); errors.addAll(validator_stork.validate(storkOA)); errors.addAll(validator_form.validate(formOA)); errors.addAll(validatior_oauth20.validate(oauth20OA)); // Do not allow SSO in combination with special BKUSelection features if (ssoOA.isUseSSO() && (formOA.isOnlyMandateAllowed() || !formOA.isShowMandateLoginButton())) { log.warn("Special BKUSelection features can not be used in combination with SSO"); errors.add(LanguageHelper.getErrorString("validation.general.bkuselection.specialfeatures.valid")); } if (errors.size() > 0) { log.info("OAConfiguration with ID " + generalOA.getIdentifier() + " has some errors."); for (String el : errors) addActionError(el); formID = Random.nextRandom(); session.setAttribute(Constants.SESSION_FORMID, formID); return Constants.STRUTS_ERROR_VALIDATION; } else { boolean newentry = false; if (onlineapplication == null) { onlineapplication = new OnlineApplication(); newentry = true; onlineapplication.setIsActive(false); if (!authUser.isAdmin()) { onlineapplication.setIsAdminRequired(true); } else isMetaDataRefreshRequired = true; } else { if (!authUser.isAdmin() && !onlineapplication.getPublicURLPrefix().equals(generalOA.getIdentifier())) { onlineapplication.setIsAdminRequired(true); onlineapplication.setIsActive(false); log.info("User with ID " + authUser.getUserID() + " change OA-PublicURLPrefix. Reaktivation is required."); } } if ((onlineapplication.isIsAdminRequired() == null) || (authUser.isAdmin() && generalOA.isActive() && onlineapplication.isIsAdminRequired())) { onlineapplication.setIsAdminRequired(false); isMetaDataRefreshRequired = true; if (onlineapplication.getHjid() != null) userdb = ConfigurationDBRead.getUsersWithOADBID(onlineapplication.getHjid()); if (userdb != null && !userdb.isIsAdmin()) { try { MailHelper.sendUserOnlineApplicationActivationMail(userdb.getGivenname(), userdb.getFamilyname(), userdb.getInstitut(), onlineapplication.getPublicURLPrefix(), userdb.getMail()); } catch (ConfigurationException e) { log.warn("Sending Mail to User " + userdb.getMail() + " failed", e); } } } if (pvp2OA.getMetaDataURL() != null) { try { if (isMetaDataRefreshRequired || !pvp2OA.getMetaDataURL().equals(onlineapplication.getAuthComponentOA().getOAPVP2().getMetadataURL())) { log.debug("Set PVP2 Metadata refresh flag."); MOAIDConfiguration moaconfig = ConfigurationDBRead.getMOAIDConfiguration(); moaconfig.setPvp2RefreshItem(new Date()); ConfigurationDBUtils.saveOrUpdate(moaconfig); } } catch (Throwable e) { log.info("Found no MetadataURL in OA-Databaseconfig!", e); } } String error = saveOAConfigToDatabase(onlineapplication, newentry); if (MiscUtil.isNotEmpty(error)) { log.warn("OA configuration can not be stored!"); addActionError(error); formID = Random.nextRandom(); session.setAttribute(Constants.SESSION_FORMID, formID); return Constants.STRUTS_ERROR_VALIDATION; } } Object nextPageAttr = session.getAttribute(Constants.SESSION_RETURNAREA); if (nextPageAttr != null && nextPageAttr instanceof String) { nextPage = (String) nextPageAttr; session.setAttribute(Constants.SESSION_RETURNAREA, null); } else { nextPage = Constants.STRUTS_RETURNAREA_VALUES.main.name(); } if (onlineapplication.isIsAdminRequired()) { int numoas = 0; int numusers = 0; List openOAs = ConfigurationDBRead.getAllNewOnlineApplications(); if (openOAs != null) numoas = openOAs.size(); List openUsers = ConfigurationDBRead.getAllNewUsers(); if (openUsers != null) numusers = openUsers.size(); try { addActionMessage(LanguageHelper.getGUIString("webpages.oaconfig.success.admin", generalOA.getIdentifier(), request)); if (numusers > 0 || numoas > 0) MailHelper.sendAdminMail(numoas, numusers); } catch (ConfigurationException e) { log.warn("Sending Mail to Admin failed.", e); } } else addActionMessage(LanguageHelper.getGUIString("webpages.oaconfig.success", generalOA.getIdentifier(), request)); request.getSession().setAttribute(Constants.SESSION_OAID, null); ConfigurationDBUtils.closeSession(); return Constants.STRUTS_SUCCESS; } public String cancleAndBackOA() { HttpSession session = request.getSession(); if (session == null) { log.info("No http Session found."); return Constants.STRUTS_ERROR; } Object nextPageAttr = session.getAttribute(Constants.SESSION_RETURNAREA); if (nextPageAttr != null && nextPageAttr instanceof String) { nextPage = (String) nextPageAttr; session.setAttribute(Constants.SESSION_RETURNAREA, null); } else { nextPage = Constants.STRUTS_RETURNAREA_VALUES.main.name(); } session.setAttribute(Constants.SESSION_OAID, null); addActionMessage(LanguageHelper.getGUIString("webpages.oaconfig.cancle", generalOA.getIdentifier(), request)); ConfigurationDBUtils.closeSession(); return Constants.STRUTS_SUCCESS; } public String deleteOA() { HttpSession session = request.getSession(); if (session == null) { log.info("No http Session found."); return Constants.STRUTS_ERROR; } Object authUserObj = session.getAttribute(Constants.SESSION_AUTH); authUser = (AuthenticatedUser) authUserObj; Object formidobj = session.getAttribute(Constants.SESSION_FORMID); if (formidobj != null && formidobj instanceof String) { String formid = (String) formidobj; if (!formid.equals(formID)) { log.warn("FormIDs does not match. Some suspect Form is received from user " + authUser.getFamilyName() + authUser.getGivenName() + authUser.getUserID()); return Constants.STRUTS_ERROR; } } else { log.warn("FormIDs does not match. Some suspect Form is received from user " + authUser.getFamilyName() + authUser.getGivenName() + authUser.getUserID()); return Constants.STRUTS_ERROR; } session.setAttribute(Constants.SESSION_FORMID, null); Object nextPageAttr = session.getAttribute(Constants.SESSION_RETURNAREA); if (nextPageAttr != null && nextPageAttr instanceof String) { nextPage = (String) nextPageAttr; } else { nextPage = Constants.STRUTS_RETURNAREA_VALUES.main.name(); } UserDatabase userdb = ConfigurationDBRead.getUserWithID(authUser.getUserID()); if (!authUser.isAdmin() && userdb.isIsMailAddressVerified() != null && !userdb.isIsMailAddressVerified()) { log.info("Online-Applikation managemant disabled. Mail address is not verified."); addActionError(LanguageHelper.getErrorString("error.editoa.mailverification")); return Constants.STRUTS_SUCCESS; } String oaidentifier = generalOA.getIdentifier(); if (MiscUtil.isEmpty(oaidentifier)) { log.info("Empty OA identifier"); addActionError(LanguageHelper.getErrorString("validation.general.oaidentifier.empty")); formID = Random.nextRandom(); session.setAttribute(Constants.SESSION_FORMID, formID); return Constants.STRUTS_ERROR_VALIDATION; } else { if (ValidationHelper.isValidOAIdentifier(oaidentifier)) { log.warn("IdentificationNumber contains potentail XSS characters: " + oaidentifier); addActionError(LanguageHelper.getErrorString("validation.general.oaidentifier.valid", new Object[] { ValidationHelper.getNotValidOAIdentifierCharacters() })); formID = Random.nextRandom(); session.setAttribute(Constants.SESSION_FORMID, formID); return Constants.STRUTS_ERROR_VALIDATION; } } OnlineApplication onlineapplication = ConfigurationDBRead.getOnlineApplication(oaidentifier); request.getSession().setAttribute(Constants.SESSION_OAID, null); try { if (MiscUtil.isNotEmpty(onlineapplication.getAuthComponentOA().getOAPVP2().getMetadataURL())) { MOAIDConfiguration moaconfig = ConfigurationDBRead.getMOAIDConfiguration(); moaconfig.setPvp2RefreshItem(new Date()); ConfigurationDBUtils.saveOrUpdate(moaconfig); } } catch (Throwable e) { log.info("Found no MetadataURL in OA-Databaseconfig!", e); } if (ConfigurationDBUtils.delete(onlineapplication)) { if (!authUser.isAdmin()) { UserDatabase user = ConfigurationDBRead.getUserWithID(authUser.getUserID()); List useroas = user.getOnlineApplication(); for (OnlineApplicationType oa : useroas) { if (oa.getHjid().equals(onlineapplication.getHjid())) { useroas.remove(oa); } } try { ConfigurationDBUtils.saveOrUpdate(user); } catch (MOADatabaseException e) { log.warn("User information can not be updated in database", e); addActionError(LanguageHelper.getGUIString("error.db.oa.store", request)); return Constants.STRUTS_ERROR; } } ConfigurationDBUtils.closeSession(); addActionMessage(LanguageHelper.getGUIString("webpages.oaconfig.delete.message", generalOA.getIdentifier(), request)); return Constants.STRUTS_SUCCESS; } else { ConfigurationDBUtils.closeSession(); addActionError(LanguageHelper.getGUIString("webpages.oaconfig.delete.error", generalOA.getIdentifier(), request)); return Constants.STRUTS_SUCCESS; } } public String bkuFramePreview() { String preview = null; HttpSession session = request.getSession(); if (session == null) { log.info("No http Session found."); preview = LanguageHelper.getErrorString("error.bkuformpreview.notpossible"); } else { InputStream input = null; try { Object mapobj = session.getAttribute(Constants.SESSION_BKUFORMPREVIEW); if (mapobj != null && mapobj instanceof Map) { ConfigurationProvider config = ConfigurationProvider.getInstance(); String templateURL = config.getConfigRootDir() + ConfigurationProvider.HTMLTEMPLATE_DIR + ConfigurationProvider.HTMLTEMPLATE_FILE; File file = new File(templateURL); input = new FileInputStream(file); String contextpath = config.getMOAIDInstanceURL(); if (MiscUtil.isEmpty(contextpath)) { log.info("NO MOA-ID instance URL configurated."); throw new ConfigurationException("No MOA-ID instance configurated"); } preview = LoginFormBuilder.getTemplate(input); preview = preview.replace(LoginFormBuilder.CONTEXTPATH, contextpath); Map map = (Map) mapobj; request.setCharacterEncoding("UTF-8"); String module = request.getParameter(Constants.REQUEST_FORMCUSTOM_MODULE); String value = request.getParameter(Constants.REQUEST_FORMCUSTOM_VALUE); if (value != null) { String[] query = URLDecoder.decode(request.getQueryString()).split("&"); value = query[1].substring("value=".length()); } synchronized (map) { if (MiscUtil.isNotEmpty(module)) { if (map.containsKey("#" + module + "#")) { if (MiscUtil.isNotEmpty(value)) { if (FormBuildUtils.FONTFAMILY.contains(module) || FormBuildUtils.HEADER_TEXT.contains(module) || value.startsWith("#")) map.put("#" + module + "#", value); else map.put("#" + module + "#", "#" + value); } else { map.put("#" + module + "#", FormBuildUtils.getDefaultMap().get("#" + module + "#")); } } } preview = FormBuildUtils.customiceLayoutBKUSelection(preview, true, false, map); } } else { preview = LanguageHelper.getErrorString("error.bkuformpreview.notpossible"); } } catch (Exception e) { log.warn("BKUSelection Preview can not be generated.", e); preview = LanguageHelper.getErrorString("error.bkuformpreview.notpossible"); } } stream = new ByteArrayInputStream(preview.getBytes()); return Constants.STRUTS_SUCCESS; } private String saveOAConfigToDatabase(OnlineApplication dboa, boolean newentry) { AuthComponentOA authoa = dboa.getAuthComponentOA(); if (authoa == null) { authoa = new AuthComponentOA(); dboa.setAuthComponentOA(authoa); } if (authUser.isAdmin()) dboa.setIsActive(generalOA.isActive()); dboa.setFriendlyName(generalOA.getFriendlyName()); dboa.setCalculateHPI(generalOA.isCalculateHPI()); dboa.setRemoveBPKFromAuthBlock(generalOA.isHideBPKAuthBlock()); if (authUser.isAdmin()) dboa.setKeyBoxIdentifier(MOAKeyBoxSelector.fromValue(generalOA.getKeyBoxIdentifier())); else { if (newentry) dboa.setKeyBoxIdentifier(MOAKeyBoxSelector.SECURE_SIGNATURE_KEYPAIR); } dboa.setPublicURLPrefix(generalOA.getIdentifier()); if (generalOA.isBusinessService() || onlyBusinessService) { dboa.setType(Constants.MOA_CONFIG_BUSINESSSERVICE); String num = generalOA.getIdentificationNumber().replaceAll(" ", ""); if (num.startsWith(Constants.IDENIFICATIONTYPE_FN)) { num = num.substring(Constants.IDENIFICATIONTYPE_FN.length()); num = at.gv.egovernment.moa.util.StringUtils.deleteLeadingZeros(num); // num = StringUtils.leftPad(num, 7, '0'); } if (num.startsWith(Constants.IDENIFICATIONTYPE_ZVR)) num = num.substring(Constants.IDENIFICATIONTYPE_ZVR.length()); if (num.startsWith(Constants.IDENIFICATIONTYPE_ERSB)) num = num.substring(Constants.IDENIFICATIONTYPE_ERSB.length()); IdentificationNumber idnumber = new IdentificationNumber(); idnumber.setValue(Constants.PREFIX_WPBK + generalOA.getIdentificationType() + "+" + num); authoa.setIdentificationNumber(idnumber); } else { dboa.setType(null); if (authUser.isAdmin()) { if (MiscUtil.isNotEmpty(generalOA.getTarget_admin()) && generalOA.isAdminTarget()) { dboa.setTarget(generalOA.getTarget_admin()); dboa.setTargetFriendlyName(generalOA.getTargetFriendlyName()); } else { String target = generalOA.getTarget(); if (MiscUtil.isNotEmpty(generalOA.getTarget_subsector()) && subTargetSet) dboa.setTarget(target + "-" + generalOA.getTarget_subsector()); else dboa.setTarget(target); String targetname = TargetValidator.getTargetFriendlyName(target); if (MiscUtil.isNotEmpty(targetname)) dboa.setTargetFriendlyName(targetname); } } else { if (MiscUtil.isNotEmpty(generalOA.getTarget())) { String target = generalOA.getTarget(); if (MiscUtil.isNotEmpty(generalOA.getTarget_subsector()) && subTargetSet) dboa.setTarget(target + "-" + generalOA.getTarget_subsector()); else dboa.setTarget(target); String targetname = TargetValidator.getTargetFriendlyName(target); if (MiscUtil.isNotEmpty(targetname)) dboa.setTargetFriendlyName(targetname); } } } BKUURLS bkuruls = new BKUURLS(); authoa.setBKUURLS(bkuruls); if (authUser.isAdmin()) { bkuruls.setHandyBKU(generalOA.getBkuHandyURL()); bkuruls.setLocalBKU(generalOA.getBkuLocalURL()); bkuruls.setOnlineBKU(generalOA.getBkuOnlineURL()); } TemplatesType templates = authoa.getTemplates(); if (templates == null) { templates = new TemplatesType(); authoa.setTemplates(templates); } BKUSelectionCustomizationType bkuselectioncustom = templates.getBKUSelectionCustomization(); if (bkuselectioncustom == null) { bkuselectioncustom = new BKUSelectionCustomizationType(); templates.setBKUSelectionCustomization(bkuselectioncustom); } Mandates mandates = new Mandates(); if (generalOA.isUseMandates()) { mandates.setProfiles(generalOA.getMandateProfiles()); } else { mandates.setProfiles(new String()); } authoa.setMandates(mandates); bkuselectioncustom.setMandateLoginButton(MiscUtil.isNotEmpty(generalOA.getMandateProfiles())); bkuselectioncustom.setOnlyMandateLoginAllowed(formOA.isOnlyMandateAllowed()); if (authUser.isAdmin()) { templates.setAditionalAuthBlockText(generalOA.getAditionalAuthBlockText()); List template = templates.getTemplate(); if (generalOA.isLegacy()) { if (template == null) template = new ArrayList(); else template.clear(); if (MiscUtil.isNotEmpty(generalOA.getSLTemplateURL1())) { TemplateType el = new TemplateType(); el.setURL(generalOA.getSLTemplateURL1()); template.add(el); } if (MiscUtil.isNotEmpty(generalOA.getSLTemplateURL2())) { TemplateType el = new TemplateType(); el.setURL(generalOA.getSLTemplateURL2()); template.add(el); } if (MiscUtil.isNotEmpty(generalOA.getSLTemplateURL3())) { TemplateType el = new TemplateType(); el.setURL(generalOA.getSLTemplateURL3()); template.add(el); } } else { if (template != null && template.size() > 0) template.clear(); } bkuselectioncustom.setBackGroundColor(parseColor(formOA.getBackGroundColor())); bkuselectioncustom.setFrontColor(parseColor(formOA.getFrontColor())); bkuselectioncustom.setHeaderBackGroundColor(parseColor(formOA.getHeader_BackGroundColor())); bkuselectioncustom.setHeaderFrontColor(parseColor(formOA.getHeader_FrontColor())); bkuselectioncustom.setHeaderText(formOA.getHeader_text()); bkuselectioncustom.setButtonBackGroundColor(parseColor(formOA.getButton_BackGroundColor())); bkuselectioncustom.setButtonBackGroundColorFocus(parseColor(formOA.getButton_BackGroundColorFocus())); bkuselectioncustom.setButtonFontColor(parseColor(formOA.getButton_FrontColor())); if (MiscUtil.isNotEmpty(formOA.getAppletRedirectTarget())) bkuselectioncustom.setAppletRedirectTarget(formOA.getAppletRedirectTarget()); bkuselectioncustom.setFontType(formOA.getFontType()); } // set default transformation if it is empty List transformsInfo = authoa.getTransformsInfo(); if (transformsInfo == null) { // TODO: set OA specific transformation if it is required } OAPVP2 pvp2 = authoa.getOAPVP2(); if (pvp2 == null) { pvp2 = new OAPVP2(); authoa.setOAPVP2(pvp2); } pvp2.setMetadataURL(pvp2OA.getMetaDataURL()); try { if (pvp2OA.getFileUpload() != null) pvp2.setCertificate(pvp2OA.getCertificate()); } catch (CertificateException e) { log.info("Uploaded Certificate can not be found", e); return LanguageHelper.getErrorString("validation.pvp2.certificate.notfound"); } catch (IOException e) { log.info("Uploaded Certificate can not be parsed", e); return LanguageHelper.getErrorString("validation.pvp2.certificate.format"); } OASAML1 saml1 = authoa.getOASAML1(); if (saml1 == null) { saml1 = new OASAML1(); authoa.setOASAML1(saml1); saml1.setIsActive(false); } if (authUser.isAdmin()) { saml1.setIsActive(saml1OA.isActive()); } if (saml1.isIsActive() != null && saml1.isIsActive()) { saml1.setProvideAUTHBlock(saml1OA.isProvideAuthBlock()); saml1.setProvideCertificate(saml1OA.isProvideCertificate()); saml1.setProvideFullMandatorData(saml1OA.isProvideFullMandateData()); saml1.setProvideIdentityLink(saml1OA.isProvideIdentityLink()); saml1.setProvideStammzahl(saml1OA.isProvideStammZahl()); saml1.setUseCondition(saml1OA.isUseCondition()); saml1.setConditionLength(BigInteger.valueOf(saml1OA.getConditionLength())); // TODO: set sourceID // saml1.setSourceID(""); } OASSO sso = authoa.getOASSO(); if (sso == null) { sso = new OASSO(); authoa.setOASSO(sso); sso.setAuthDataFrame(true); } sso.setUseSSO(ssoOA.isUseSSO()); if (authUser.isAdmin()) sso.setAuthDataFrame(ssoOA.isShowAuthDataFrame()); sso.setSingleLogOutURL(ssoOA.getSingleLogOutURL()); STORK stork = authoa.getSTORK(); if (stork == null) { // TODO: make stork configurable } if (oauth20OA != null) { log.debug("Saving OAuth 2.0 configuration:"); OAOAUTH20 oaOAuth20 = authoa.getOAOAUTH20(); if (oaOAuth20 == null) { oaOAuth20 = new OAOAUTH20(); authoa.setOAOAUTH20(oaOAuth20); } oaOAuth20.setOAuthClientId(generalOA.getIdentifier()); // oaOAuth20.setOAuthClientSecret(oauth20OA.getClientSecret()); oaOAuth20.setOAuthRedirectUri(oauth20OA.getRedirectUri()); log.debug("client id: " + oauth20OA.getClientId()); log.debug("client secret: " + oauth20OA.getClientSecret()); log.debug("redirect uri:" + oauth20OA.getRedirectUri()); oaOAuth20.setOAuthClientSecret((String) request.getSession().getAttribute(Constants.SESSION_OAUTH20SECRET)); request.getSession().setAttribute(Constants.SESSION_OAUTH20SECRET, null); } try { if (newentry) { ConfigurationDBUtils.save(dboa); if (!authUser.isAdmin()) { UserDatabase user = ConfigurationDBRead.getUserWithID(authUser.getUserID()); List useroas = user.getOnlineApplication(); if (useroas == null) useroas = new ArrayList(); useroas.add(dboa); ConfigurationDBUtils.saveOrUpdate(user); } } else ConfigurationDBUtils.saveOrUpdate(dboa); } catch (MOADatabaseException e) { log.warn("Online-Application can not be stored.", e); return LanguageHelper.getErrorString("error.db.oa.store"); } return null; } private String parseColor(String color) { String value = ""; if (MiscUtil.isNotEmpty(color)) { if (!color.startsWith("#")) value = "#" + color; else value = color; } return value; } private void generateUserSpecificConfigurationOptions(UserDatabase userdb) { if (userdb.isIsMandateUser() != null && userdb.isIsMandateUser()) { String bpk = userdb.getBpk(); if (bpk.startsWith(Constants.IDENIFICATIONTYPE_BASEID_FN) || bpk.startsWith(Constants.IDENIFICATIONTYPE_BASEID_ZVR)) { onlyBusinessService = true; generalOA.setBusinessService(true); } deaktivededBusinessService = true; String[] split = bpk.split("\\+"); generalOA.setIdentificationType(split[1].substring(1)); if (bpk.startsWith(Constants.IDENIFICATIONTYPE_BASEID_FN)) generalOA.setIdentificationNumber(at.gv.egovernment.moa.util.StringUtils.deleteLeadingZeros(split[2])); else generalOA.setIdentificationNumber(split[2]); } } public String setGeneralOAConfig() { return Constants.STRUTS_SUCCESS; } public String setSAML1OAConfig() { return Constants.STRUTS_SUCCESS; } public String setPVP2OAConfig() { return Constants.STRUTS_SUCCESS; } public String setSSOOAConfig() { return Constants.STRUTS_SUCCESS; } public String setSTORKOAConfig() { return Constants.STRUTS_SUCCESS; } // Getter and Setter public void setServletResponse(HttpServletResponse arg0) { this.response = arg0; } public void setServletRequest(HttpServletRequest arg0) { this.request = arg0; } public HttpServletRequest getRequest() { return request; } public void setRequest(HttpServletRequest request) { this.request = request; } public HttpServletResponse getResponse() { return response; } public void setResponse(HttpServletResponse response) { this.response = response; } public OAGeneralConfig getGeneralOA() { return generalOA; } public void setGeneralOA(OAGeneralConfig generalOA) { this.generalOA = generalOA; } public OAPVP2Config getPvp2OA() { return pvp2OA; } public void setPvp2OA(OAPVP2Config pvp2oa) { pvp2OA = pvp2oa; } public OASAML1Config getSaml1OA() { return saml1OA; } public void setSaml1OA(OASAML1Config saml1oa) { saml1OA = saml1oa; } public OASSOConfig getSsoOA() { return ssoOA; } public void setSsoOA(OASSOConfig ssoOA) { this.ssoOA = ssoOA; } public OASTORKConfig getStorkOA() { return storkOA; } public void setStorkOA(OASTORKConfig storkOA) { this.storkOA = storkOA; } /** * @param oaidobj * the oaidobj to set */ public void setOaidobj(String oaidobj) { this.oaidobj = oaidobj; } /** * @return the authUser */ public AuthenticatedUser getAuthUser() { return authUser; } /** * @return the newOA */ public boolean isNewOA() { return newOA; } /** * @param newOA * the newOA to set */ public void setNewOA(boolean newOA) { this.newOA = newOA; } /** * @return the nextPage */ public String getNextPage() { return nextPage; } /** * @return the formID */ public String getFormID() { return formID; } /** * @param formID * the formID to set */ public void setFormID(String formID) { this.formID = formID; } /** * @return the onlyBusinessService */ public boolean isOnlyBusinessService() { return onlyBusinessService; } /** * @param onlyBusinessService * the onlyBusinessService to set */ public void setOnlyBusinessService(boolean onlyBusinessService) { this.onlyBusinessService = onlyBusinessService; } /** * @return the subTargetSet */ public boolean isSubTargetSet() { return subTargetSet; } /** * @param subTargetSet * the subTargetSet to set */ public void setSubTargetSet(boolean subTargetSet) { this.subTargetSet = subTargetSet; } /** * @return the deaktivededBusinessService */ public boolean isDeaktivededBusinessService() { return deaktivededBusinessService; } /** * @param deaktivededBusinessService * the deaktivededBusinessService to set */ public void setDeaktivededBusinessService(boolean deaktivededBusinessService) { this.deaktivededBusinessService = deaktivededBusinessService; } /** * @return the formOA */ public FormularCustomization getFormOA() { return formOA; } /** * @param formOA * the formOA to set */ public void setFormOA(FormularCustomization formOA) { this.formOA = formOA; } /** * @return the stream */ public InputStream getStream() { return stream; } public OAOAuth20Config getOauth20OA() { return oauth20OA; } public void setOauth20OA(OAOAuth20Config oauth20OA) { this.oauth20OA = oauth20OA; } }