/******************************************************************************* * Copyright 2014 Federal Chancellery Austria * MOA-ID has been developed in a cooperation between BRZ, the Federal * Chancellery Austria - ICT staff unit, and Graz University of Technology. * * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by * the European Commission - subsequent versions of the EUPL (the "Licence"); * You may not use this work except in compliance with the Licence. * You may obtain a copy of the Licence at: * http://www.osor.eu/eupl/ * * Unless required by applicable law or agreed to in writing, software * distributed under the Licence is distributed on an "AS IS" basis, * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. * See the Licence for the specific language governing permissions and * limitations under the Licence. * * This product combines work with different licenses. See the "NOTICE" text * file for details on the various modules and licenses. * The "NOTICE" text file is part of the distribution. Any derivative works * that you distribute must include a readable copy of the "NOTICE" text file. ******************************************************************************/ package at.gv.egovernment.moa.id.auth.builder; import java.io.ByteArrayInputStream; import java.io.File; import java.io.FileInputStream; import java.io.FileNotFoundException; import java.io.IOException; import java.io.InputStream; import java.io.StringWriter; import java.net.URI; import java.net.URISyntaxException; import java.util.List; import org.apache.commons.io.IOUtils; import at.gv.egovernment.moa.id.auth.MOAIDAuthConstants; import at.gv.egovernment.moa.id.commons.db.ConfigurationDBRead; import at.gv.egovernment.moa.id.commons.db.dao.config.CPEPS; import at.gv.egovernment.moa.id.config.ConfigurationException; import at.gv.egovernment.moa.id.config.auth.AuthConfigurationProvider; import at.gv.egovernment.moa.id.config.auth.IOAAuthParameters; import at.gv.egovernment.moa.id.config.auth.OAAuthParameter; import at.gv.egovernment.moa.id.protocols.saml1.SAML1Protocol; import at.gv.egovernment.moa.id.util.FormBuildUtils; import at.gv.egovernment.moa.logging.Logger; import at.gv.egovernment.moa.util.MiscUtil; public class LoginFormBuilder { private static final String HTMLTEMPLATESDIR = "htmlTemplates/"; private static final String HTMLTEMPLATEFULL = "loginFormFull.html"; private static String AUTH_URL = "#AUTH_URL#"; private static String MODUL = "#MODUL#"; private static String ACTION = "#ACTION#"; private static String OANAME = "#OAName#"; private static String BKU_ONLINE = "#ONLINE#"; private static String BKU_HANDY = "#HANDY#"; private static String BKU_LOCAL = "#LOCAL#"; public static String CONTEXTPATH = "#CONTEXTPATH#"; private static String MOASESSIONID = "#SESSIONID#"; private static String PEPSLIST = "#PEPSLIST#"; private static String SERVLET = CONTEXTPATH+"/GenerateIframeTemplate"; private static String getTemplate() { String pathLocation =""; InputStream input = null; try { String rootconfigdir = AuthConfigurationProvider.getInstance().getRootConfigFileDir(); pathLocation = rootconfigdir + HTMLTEMPLATESDIR + HTMLTEMPLATEFULL; File file = new File(new URI(pathLocation)); input = new FileInputStream(file); } catch (ConfigurationException e) { Logger.warn("MOA-ID configuration can not be loaded."); } catch (Exception e) { } return getTemplate(input); } public static String getTemplate(InputStream input) { String template = null; try { if (input == null) { Logger.warn("No LoginFormTempaltes found. Use Generic Templates from package."); String pathLocation = "resources/templates/" + HTMLTEMPLATEFULL; input = Thread.currentThread() .getContextClassLoader() .getResourceAsStream(pathLocation); } StringWriter writer = new StringWriter(); IOUtils.copy(input, writer); template = writer.toString(); template = template.replace(AUTH_URL, SERVLET); template = template.replace(BKU_ONLINE, IOAAuthParameters.ONLINEBKU); template = template.replace(BKU_HANDY, IOAAuthParameters.HANDYBKU); template = template.replace(BKU_LOCAL, IOAAuthParameters.LOCALBKU); } catch (Exception e) { Logger.error("Failed to read template", e); } finally { try { input.close(); } catch (IOException e) { Logger.warn("SendAssertionTemplate inputstream can not be closed.", e); } } return template; } public static String buildLoginForm(String modul, String action, OAAuthParameter oaParam, String contextpath, String moaSessionID) { String value = null; byte[] oatemplate = oaParam.getBKUSelectionTemplate(); // OA specific template requires a size of 8 bits minimum if (oatemplate != null && oatemplate.length > 7) { InputStream is = new ByteArrayInputStream(oatemplate); value = getTemplate(is); } else { //load default BKU-selection template value = getTemplate(); } if(value != null) { if(modul == null) { modul = SAML1Protocol.PATH; } if(action == null) { action = SAML1Protocol.GETARTIFACT; } value = value.replace(MODUL, modul); value = value.replace(ACTION, action); value = value.replace(OANAME, oaParam.getFriendlyName()); value = value.replace(CONTEXTPATH, contextpath); value = value.replace(MOASESSIONID, moaSessionID); if (oaParam.isShowStorkLogin()) { String pepslist = ""; List cpepsList = null; try { cpepsList = ConfigurationDBRead.getMOAIDConfiguration().getAuthComponentGeneral().getForeignIdentities().getSTORK().getCPEPS(); for (CPEPS current : oaParam.getPepsList()) // check if master config has changed... if(cpepsList != null && cpepsList.contains(current)) { String countryName = null; if (MiscUtil.isNotEmpty(MOAIDAuthConstants.COUNTRYCODE_XX_TO_NAME.get(current.getCountryCode().toUpperCase()))) countryName = MOAIDAuthConstants.COUNTRYCODE_XX_TO_NAME.get(current.getCountryCode().toUpperCase()); else countryName = current.getCountryCode().toUpperCase(); pepslist += "\n"; } value = value.replace(PEPSLIST, pepslist); } catch (NullPointerException e) { } } value = FormBuildUtils.customiceLayoutBKUSelection(value, oaParam.isShowMandateCheckBox(), oaParam.isOnlyMandateAllowed(), oaParam.getFormCustomizaten(), oaParam.isShowStorkLogin()); } return value; } }