package at.gv.egovernment.moa.id.auth.modules.internal.tasks;
import static at.gv.egovernment.moa.id.commons.MOAIDAuthConstants.GET_MIS_SESSIONID;
import java.security.GeneralSecurityException;
import java.util.List;
import javax.net.ssl.SSLSocketFactory;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import javax.xml.parsers.ParserConfigurationException;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.beans.factory.annotation.Qualifier;
import org.springframework.stereotype.Component;
import org.xml.sax.SAXException;
import at.gv.egiz.eaaf.core.api.idp.process.ExecutionContext;
import at.gv.egiz.eaaf.core.exceptions.TaskExecutionException;
import at.gv.egiz.eaaf.core.impl.idp.auth.modules.AbstractAuthServletTask;
import at.gv.egiz.eaaf.core.impl.utils.DOMUtils;
import at.gv.egovernment.moa.id.advancedlogging.MOAIDEventConstants;
import at.gv.egovernment.moa.id.auth.AuthenticationServer;
import at.gv.egovernment.moa.id.auth.data.AuthenticationSessionWrapper;
import at.gv.egovernment.moa.id.auth.exception.AuthenticationException;
import at.gv.egovernment.moa.id.commons.api.AuthConfiguration;
import at.gv.egovernment.moa.id.commons.api.ConnectionParameterInterface;
import at.gv.egovernment.moa.id.commons.api.IOAAuthParameters;
import at.gv.egovernment.moa.id.commons.api.data.IMISMandate;
import at.gv.egovernment.moa.id.commons.api.exceptions.MOAIDException;
import at.gv.egovernment.moa.id.data.MISMandate;
import at.gv.egovernment.moa.id.util.SSLUtils;
import at.gv.egovernment.moa.id.util.client.mis.simple.MISSimpleClient;
import at.gv.egovernment.moa.logging.Logger;
import iaik.pki.PKIException;
/**
* Retrieves a mandate from the online mandate issuing service.
* In detail:
*
* - Renames the moa session id.
* - Retrieves the mandate referenced within the moa session from the online (external) mandate issuing service.
* - Verifies the mandate.
* - Puts mandate into moa session.
* - Redirects back to {@code /dispatcher} in order to finalize the authentication.
*
* Expects:
*
* - HttpServletRequest parameter {@linkplain at.gv.egovernment.moa.id.commons.MOAIDAuthConstants#PARAM_SESSIONID PARAM_SESSIONID}
*
* Result:
*
* - Mandate put into moa session.
* - Redirect to {@code /dispatcher}.
*
* Code taken from {@link at.gv.egovernment.moa.id.auth.servlet.GetMISSessionIDServlet}.
* @see #execute(ExecutionContext, HttpServletRequest, HttpServletResponse)
*
*/
@Component("GetMISSessionIDTask")
public class GetMISSessionIDTask extends AbstractAuthServletTask {
@Autowired @Qualifier("CitizenCardAuthenticationServer") private AuthenticationServer authServer;
@Autowired private AuthConfiguration moaAuthConfig;
@Override
public void execute(ExecutionContext executionContext, HttpServletRequest req, HttpServletResponse resp)
throws TaskExecutionException {
Logger.debug("POST GetMISSessionIDServlet");
try {
//execute default task initialization
AuthenticationSessionWrapper moasession = pendingReq.getSessionData(AuthenticationSessionWrapper.class);
//get MIS sessionID
String misSessionID = moasession.getMISSessionID();
//get mandates from MIS
ConnectionParameterInterface connectionParameters = moaAuthConfig
.getOnlineMandatesConnectionParameter(pendingReq.getServiceProviderConfiguration(IOAAuthParameters.class));
SSLSocketFactory sslFactory = SSLUtils.getSSLSocketFactory(
moaAuthConfig,
connectionParameters);
List list = MISSimpleClient.sendGetMandatesRequest(
connectionParameters.getUrl(), misSessionID, sslFactory, moaAuthConfig);
//check if mandates received
if (list == null || list.size() == 0) {
Logger.error("Keine Vollmacht gefunden.");
throw new AuthenticationException("auth.15", null);
}
revisionsLogger.logEvent(pendingReq, MOAIDEventConstants.AUTHPROCESS_MANDATE_RECEIVED);
// for now: list contains only one element
IMISMandate mandate = (IMISMandate) list.get(0);
String sMandate = new String(mandate.getMandate(), "UTF-8");
if (sMandate == null || sMandate.compareToIgnoreCase("") == 0) {
Logger.error("Mandate is empty.");
throw new AuthenticationException("auth.15",
new Object[] { GET_MIS_SESSIONID });
}
//check if it is a parsable XML
byte[] byteMandate = mandate.getMandate();
// TODO[tlenz]: UTF-8 ?
String stringMandate = new String(byteMandate);
DOMUtils.parseDocument(stringMandate, false,
null, null).getDocumentElement();
// extract RepresentationType
authServer.verifyMandate(pendingReq, moasession, mandate);
moasession.setMISMandate(mandate);
//log mandate specific set of events
//revisionsLogger.logMandateEventSet(pendingReq, mandate);
//store pending request with new MOASession data information
requestStoreage.storePendingRequest(pendingReq);
} catch (MOAIDException ex) {
throw new TaskExecutionException(pendingReq, ex.getMessage(), ex);
} catch (GeneralSecurityException ex) {
throw new TaskExecutionException(pendingReq, ex.getMessage(), ex);
} catch (PKIException e) {
throw new TaskExecutionException(pendingReq, e.getMessage(), e);
} catch (SAXException e) {
throw new TaskExecutionException(pendingReq, e.getMessage(), e);
} catch (ParserConfigurationException e) {
throw new TaskExecutionException(pendingReq, e.getMessage(), e);
} catch (Exception e) {
Logger.error("MISMandateValidation has an interal Error.", e);
throw new TaskExecutionException(pendingReq, e.getMessage(), e);
}
finally {
}
}
}