package at.gv.egovernment.moa.id.auth.modules.internal.tasks;
import static at.gv.egovernment.moa.id.auth.MOAIDAuthConstants.*;
import java.io.PrintWriter;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import org.apache.commons.lang.StringEscapeUtils;
import org.apache.commons.lang3.ObjectUtils;
import at.gv.egovernment.moa.id.auth.builder.StartAuthenticationBuilder;
import at.gv.egovernment.moa.id.auth.data.AuthenticationSession;
import at.gv.egovernment.moa.id.auth.exception.MOAIDException;
import at.gv.egovernment.moa.id.auth.exception.WrongParametersException;
import at.gv.egovernment.moa.id.auth.servlet.GenerateIFrameTemplateServlet;
import at.gv.egovernment.moa.id.commons.db.ConfigurationDBUtils;
import at.gv.egovernment.moa.id.commons.db.ex.MOADatabaseException;
import at.gv.egovernment.moa.id.process.api.ExecutionContext;
import at.gv.egovernment.moa.id.storage.AuthenticationSessionStoreage;
import at.gv.egovernment.moa.logging.Logger;
import at.gv.egovernment.moa.util.MiscUtil;
import at.gv.egovernment.moa.util.StringUtils;
/**
* Creates a http form including an embedded {@code InfoBoxReadRequest} for reading the identity link.
* In detail:
*
* - Renames the moa session id.
* - Removes ExecutionContext property {@linkplain at.gv.egovernment.moa.id.auth.MOAIDAuthConstants#PARAM_SESSIONID PARAM_SESSIONID}.
* - Creates the http form mentioned above.
* - Returns the http form via HttpServletResponse.
*
* Expects:
*
* - HttpServletRequest parameter {@linkplain at.gv.egovernment.moa.id.auth.MOAIDAuthConstants#PARAM_SESSIONID PARAM_SESSIONID} or
* - ExecutionContext property {@linkplain at.gv.egovernment.moa.id.auth.MOAIDAuthConstants#PARAM_SESSIONID PARAM_SESSIONID} (in case of legacy authentication without CCE selection, where the moa session is not provided by request parameter).
*
* Result:
*
* - The identity link form via HttpServletResponse.
*
* Possible branches:
*
* - In case of STORK authentication
*
* - Creates STORK auth SAML request.
* - Creates and returns a form for submitting the SAML request to the CPEPS (post binding).
* - Returns the form via HttpServletResponse.
*
*
*
* Code taken from {@link at.gv.egovernment.moa.id.auth.servlet.GenerateIFrameTemplateServlet}.
* @see #execute(ExecutionContext, HttpServletRequest, HttpServletResponse)
*
*/
public class CreateIdentityLinkFormTask extends AbstractAuthServletTask {
@Override
public void execute(ExecutionContext executionContext, HttpServletRequest req, HttpServletResponse resp)
throws Exception {
String pendingRequestID = null;
String moasessionid = StringEscapeUtils.escapeHtml(ObjectUtils.defaultIfNull(req.getParameter(PARAM_SESSIONID), (String) executionContext.get(PARAM_SESSIONID)));
AuthenticationSession moasession = null;
try {
if (MiscUtil.isEmpty(moasessionid)) {
Logger.warn("MOASessionID is empty.");
throw new MOAIDException("auth.18", new Object[] {});
}
try {
pendingRequestID = AuthenticationSessionStoreage.getPendingRequestID(moasessionid);
moasession = AuthenticationSessionStoreage.getSession(moasessionid);
AuthenticationSessionStoreage.changeSessionID(moasession);
executionContext.remove(PARAM_SESSIONID);
} catch (MOADatabaseException e) {
Logger.info("MOASession with SessionID=" + moasessionid + " is not found in Database");
throw new MOAIDException("init.04", new Object[] { moasessionid });
} catch (Throwable e) {
Logger.info("No HTTP Session found!");
throw new MOAIDException("auth.18", new Object[] {});
}
StartAuthenticationBuilder startauth = StartAuthenticationBuilder.getInstance();
String getIdentityLinkForm = startauth.build(moasession, req, resp);
if (!StringUtils.isEmpty(getIdentityLinkForm)) {
resp.setContentType("text/html;charset=UTF-8");
PrintWriter out = new PrintWriter(resp.getOutputStream());
out.print(getIdentityLinkForm);
out.flush();
Logger.debug("Finished GET " + GenerateIFrameTemplateServlet.class);
}
} catch (WrongParametersException ex) {
handleWrongParameters(ex, req, resp);
}
catch (MOAIDException ex) {
handleError(null, ex, req, resp, pendingRequestID);
} catch (Exception e) {
Logger.error("CreateIdentityLinkFormTask has an interal Error.", e);
}
finally {
ConfigurationDBUtils.closeSession();
}
}
}