package at.gv.egovernment.moa.id.auth.modules.internal.tasks;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import org.apache.commons.lang3.BooleanUtils;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.beans.factory.annotation.Qualifier;
import org.springframework.stereotype.Component;
import com.google.common.net.MediaType;
import at.gv.egiz.eaaf.core.api.idp.process.ExecutionContext;
import at.gv.egiz.eaaf.core.exceptions.TaskExecutionException;
import at.gv.egiz.eaaf.core.impl.idp.auth.modules.AbstractAuthServletTask;
import at.gv.egiz.eaaf.core.impl.utils.TransactionIDUtils;
import at.gv.egovernment.moa.id.advancedlogging.MOAIDEventConstants;
import at.gv.egovernment.moa.id.auth.AuthenticationServer;
import at.gv.egovernment.moa.id.auth.data.AuthenticationSessionWrapper;
import at.gv.egovernment.moa.id.auth.exception.WrongParametersException;
import at.gv.egovernment.moa.id.commons.api.exceptions.MOAIDException;
import at.gv.egovernment.moa.logging.Logger;
import at.gv.egovernment.moa.util.StringUtils;
/**
* Creates a http form including an embedded {@code InfoBoxReadRequest} for reading the identity link.
* In detail:
*
* - Renames the moa session id.
* - Removes ExecutionContext property {@linkplain at.gv.egovernment.moa.id.commons.MOAIDAuthConstants#PARAM_SESSIONID PARAM_SESSIONID}.
* - Creates the http form mentioned above.
* - Returns the http form via HttpServletResponse.
*
* Expects:
*
* - HttpServletRequest parameter {@linkplain at.gv.egovernment.moa.id.commons.MOAIDAuthConstants#PARAM_SESSIONID PARAM_SESSIONID} or
* - ExecutionContext property {@linkplain at.gv.egovernment.moa.id.commons.MOAIDAuthConstants#PARAM_SESSIONID PARAM_SESSIONID} (in case of legacy authentication without CCE selection, where the moa session is not provided by request parameter).
*
* Result:
*
* - The identity link form via HttpServletResponse.
*
* Possible branches:
*
* - In case of STORK authentication
*
* - Creates STORK auth SAML request.
* - Creates and returns a form for submitting the SAML request to the CPEPS (post binding).
* - Returns the form via HttpServletResponse.
*
*
*
* Code taken from {@link at.gv.egovernment.moa.id.auth.servlet.GenerateIFrameTemplateServlet}.
* @see #execute(ExecutionContext, HttpServletRequest, HttpServletResponse)
*
*/
@Component("CreateIdentityLinkFormTask")
public class CreateIdentityLinkFormTask extends AbstractAuthServletTask {
@Autowired @Qualifier("CitizenCardAuthenticationServer") private AuthenticationServer authServer;
@Override
public void execute(ExecutionContext executionContext, HttpServletRequest req, HttpServletResponse resp)
throws TaskExecutionException {
try {
//execute default task initialization
AuthenticationSessionWrapper moasession = pendingReq.getSessionData(AuthenticationSessionWrapper.class);
//normal MOA-ID authentication
Logger.debug("Starting normal MOA-ID authentication");
String getIdentityLinkForm = authServer.startAuthentication(moasession, req, pendingReq);
if (BooleanUtils.isTrue((Boolean) executionContext.get("useMandate")))
revisionsLogger.logEvent(pendingReq, MOAIDEventConstants.AUTHPROCESS_MANDATES_REQUESTED);
revisionsLogger.logEvent(pendingReq, MOAIDEventConstants.AUTHPROCESS_BKU_URL, moasession.getBkuURL());
if (!StringUtils.isEmpty(getIdentityLinkForm)) {
byte[] content = getIdentityLinkForm.getBytes("UTF-8");
resp.setContentType(MediaType.HTML_UTF_8.toString());
resp.setContentLength(content.length);
resp.getOutputStream().write(content);
Logger.debug("Finished GET " + CreateIdentityLinkFormTask.class);
}
} catch (WrongParametersException ex) {
throw new TaskExecutionException(pendingReq, ex.getMessage(), ex);
}
catch (MOAIDException ex) {
Logger.info("GetIdentityLink request generation FAILED. Reason:" + ex.getMessage());
throw new TaskExecutionException(pendingReq, ex.getMessage(), ex);
} catch (Exception e) {
Logger.error("CreateIdentityLinkFormTask has an interal Error.", e);
throw new TaskExecutionException(pendingReq, e.getMessage(), e);
}
finally {
TransactionIDUtils.removeTransactionId();
TransactionIDUtils.removeSessionId();
}
}
}