/******************************************************************************* * Copyright 2014 Federal Chancellery Austria * MOA-ID has been developed in a cooperation between BRZ, the Federal * Chancellery Austria - ICT staff unit, and Graz University of Technology. * * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by * the European Commission - subsequent versions of the EUPL (the "Licence"); * You may not use this work except in compliance with the Licence. * You may obtain a copy of the Licence at: * http://www.osor.eu/eupl/ * * Unless required by applicable law or agreed to in writing, software * distributed under the Licence is distributed on an "AS IS" basis, * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. * See the Licence for the specific language governing permissions and * limitations under the Licence. * * This product combines work with different licenses. See the "NOTICE" text * file for details on the various modules and licenses. * The "NOTICE" text file is part of the distribution. Any derivative works * that you distribute must include a readable copy of the "NOTICE" text file. *******************************************************************************/ package at.gv.egovernment.moa.id.configuration.validation.oa; import java.util.ArrayList; import java.util.List; import java.util.Map; import javax.servlet.http.HttpServletRequest; import org.apache.log4j.Logger; import at.gv.egovernment.moa.id.configuration.Constants; import at.gv.egovernment.moa.id.configuration.data.oa.OAGeneralConfig; import at.gv.egovernment.moa.id.configuration.helper.LanguageHelper; import at.gv.egovernment.moa.id.configuration.validation.CompanyNumberValidator; import at.gv.egovernment.moa.id.configuration.validation.ValidationHelper; import at.gv.egovernment.moa.util.MiscUtil; public class OAGeneralConfigValidation { private static final Logger log = Logger.getLogger(OASSOConfigValidation.class); public List validate(OAGeneralConfig form, boolean isAdmin, HttpServletRequest request) { List errors = new ArrayList(); String check; if (isAdmin) { //validate aditionalAuthBlockText check = form.getAditionalAuthBlockText(); if (MiscUtil.isNotEmpty(check)) { if (ValidationHelper.containsPotentialCSSCharacter(check, false)) { log.warn("AditionalAuthBlockText contains potentail XSS characters: " + check); errors.add(LanguageHelper.getErrorString("validation.general.aditionalauthblocktext", new Object[] {ValidationHelper.getPotentialCSSCharacter(false)}, request )); } } } //Check BKU URLs if (isAdmin) { check =form.getBkuHandyURL(); if (MiscUtil.isNotEmpty(check)) { // log.info("Empty Handy-BKU URL"); // errors.add(LanguageHelper.getErrorString("validation.general.bku.handy.empty")); // // } else { if (!ValidationHelper.validateURL(check)) { log.info("Not valid Handy-BKU URL"); errors.add(LanguageHelper.getErrorString("validation.general.bku.handy.valid", request)); } } check =form.getBkuLocalURL(); if (MiscUtil.isNotEmpty(check)) { // log.info("Empty Local-BKU URL"); // errors.add(LanguageHelper.getErrorString("validation.general.bku.local.empty")); // // } else { if (!ValidationHelper.validateURL(check)) { log.info("Not valid Online-BKU URL"); errors.add(LanguageHelper.getErrorString("validation.general.bku.local.valid", request)); } } check =form.getBkuOnlineURL(); if (MiscUtil.isNotEmpty(check)) { // log.info("Empty Online-BKU URL"); // errors.add(LanguageHelper.getErrorString("validation.general.bku.online.empty")); // // } else { if (!ValidationHelper.validateURL(check)) { log.info("Not valid Online-BKU URL"); errors.add(LanguageHelper.getErrorString("validation.general.bku.online.valid", request)); } } } //check OA FriendlyName check = form.getFriendlyName(); if (MiscUtil.isNotEmpty(check)) { if (ValidationHelper.containsPotentialCSSCharacter(check, false)) { log.warn("OAFriendlyName contains potentail XSS characters: " + check); errors.add(LanguageHelper.getErrorString("validation.general.oafriendlyname.valid", new Object[] {ValidationHelper.getPotentialCSSCharacter(false)}, request )); } } else { log.info("OA friendlyName is empty"); errors.add(LanguageHelper.getErrorString("validation.general.oafriendlyname.empty", request)); } if (isAdmin) { //check KeyBoxIdentifier check = form.getKeyBoxIdentifier(); if (MiscUtil.isEmpty(check)) { log.info("Empty KeyBoxIdentifier"); errors.add(LanguageHelper.getErrorString("validation.general.keyboxidentifier.empty", request)); } else { Map list = form.getKeyBoxIdentifierList(); if (!list.containsKey(check)) { log.info("Not valid KeyBoxIdentifier " + check); errors.add(LanguageHelper.getErrorString("validation.general.keyboxidentifier.valid", request)); } } //check LegacyMode SLTemplates if (form.isLegacy()) { if (MiscUtil.isEmpty(form.getSLTemplateURL1()) && MiscUtil.isEmpty(form.getSLTemplateURL2()) && MiscUtil.isEmpty(form.getSLTemplateURL3()) ) { log.info("Empty OA-specific SecurityLayer Templates"); errors.add(LanguageHelper.getErrorString("validation.general.sltemplates.empty", request)); } else { check = form.getSLTemplateURL1(); if (MiscUtil.isNotEmpty(check) && ValidationHelper.isNotValidIdentityLinkSigner(check) ) { log.info("First OA-specific SecurityLayer Templates is not valid"); errors.add(LanguageHelper.getErrorString("validation.general.sltemplate1.valid", request)); } check = form.getSLTemplateURL2(); if (MiscUtil.isNotEmpty(check) && ValidationHelper.isNotValidIdentityLinkSigner(check) ) { log.info("Second OA-specific SecurityLayer Templates is not valid"); errors.add(LanguageHelper.getErrorString("validation.general.sltemplate2.valid", request)); } check = form.getSLTemplateURL3(); if (MiscUtil.isNotEmpty(check) && ValidationHelper.isNotValidIdentityLinkSigner(check) ) { log.info("Third OA-specific SecurityLayer Templates is not valid"); errors.add(LanguageHelper.getErrorString("validation.general.sltemplate3.valid", request)); } } } } //check Mandate Profiles check = form.getMandateProfiles(); if (MiscUtil.isNotEmpty(check)) { if (!form.isUseMandates()) { log.info("MandateProfiles configured but useMandates is false."); errors.add(LanguageHelper.getErrorString("validation.general.mandate.usemandate", request)); } if (ValidationHelper.containsPotentialCSSCharacter(check, true)) { log.warn("MandateProfiles contains potentail XSS characters: " + check); errors.add(LanguageHelper.getErrorString("validation.general.mandate.profiles", new Object[] {ValidationHelper.getPotentialCSSCharacter(true)}, request )); } } boolean businessservice = form.isBusinessService(); if (businessservice) { //check identification type check = form.getIdentificationType(); if (!form.getIdentificationTypeList().contains(check)) { log.info("IdentificationType is not known."); errors.add(LanguageHelper.getErrorString("validation.general.stork.sptarget", request)); } //check identification number check = form.getIdentificationNumber(); if (MiscUtil.isEmpty(check)) { log.info("Empty IdentificationNumber"); errors.add(LanguageHelper.getErrorString("validation.general.identificationnumber.empty", request)); } else { if (ValidationHelper.containsPotentialCSSCharacter(check, false)) { log.warn("IdentificationNumber contains potentail XSS characters: " + check); errors.add(LanguageHelper.getErrorString("validation.general.identificationnumber.valid", new Object[] {ValidationHelper.getPotentialCSSCharacter(false)}, request )); } if (form.getIdentificationType().equals(Constants.IDENIFICATIONTYPE_FN)) { CompanyNumberValidator val = new CompanyNumberValidator(); if (!val.validate(check)) { log.info("Not valid CompanyNumber"); errors.add(LanguageHelper.getErrorString("validation.general.identificationnumber.fn.valid", request)); } } } } else { check = form.getTarget_subsector(); if (MiscUtil.isNotEmpty(check)) { if (!ValidationHelper.isValidAdminTarget(check)) { log.info("Not valid Target-Subsector"); errors.add(LanguageHelper.getErrorString("validation.general.target.subsector.valid", request)); } } if (!isAdmin) { //check PublicURL Prefix allows PublicService if (!ValidationHelper.isPublicServiceAllowed(form.getIdentifier())) { log.warn("PublicURLPrefix does not allow PublicService: " + form.getIdentifier()); errors.add(LanguageHelper.getErrorString("validation.general.target.publicserviceurl", new Object[] {form.getIdentifier()}, request )); form.setBusinessService(true); return errors; } //check Target check = form.getTarget(); if (MiscUtil.isEmpty(check)) { log.info("Empty Target"); errors.add(LanguageHelper.getErrorString("validation.general.target.empty", request)); } else { if (!ValidationHelper.isValidTarget(check)) { log.info("Not valid Target"); errors.add(LanguageHelper.getErrorString("validation.general.target.valid", request)); } } } else { //check targetFrindlyName(); check = form.getTargetFriendlyName(); if (MiscUtil.isNotEmpty(check)) { if (ValidationHelper.containsPotentialCSSCharacter(check, false)) { log.warn("TargetFriendlyName contains potentail XSS characters: " + check); errors.add(LanguageHelper.getErrorString("validation.general.targetfriendlyname", new Object[] {ValidationHelper.getPotentialCSSCharacter(false)}, request )); } } if (MiscUtil.isEmpty(form.getTarget()) && MiscUtil.isEmpty(form.getTarget_admin())) { log.info("Empty Target"); errors.add(LanguageHelper.getErrorString("validation.general.target.empty", request)); } //check Target check = form.getTarget(); if (MiscUtil.isNotEmpty(check)) { if (!ValidationHelper.isValidTarget(check)) { log.info("Not valid Target"); errors.add(LanguageHelper.getErrorString("validation.general.target.valid", request)); } } //check Admin Target check = form.getTarget_admin(); if (MiscUtil.isNotEmpty(check)) { if (!ValidationHelper.isValidAdminTarget(check)) { log.info("Not valid Target"); errors.add(LanguageHelper.getErrorString("validation.general.target.admin.valid", request)); } } } } return errors; } }