package at.gv.egovernment.moa.id.auth.modules.internal.tasks;
import java.io.IOException;
import java.util.Map;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.beans.factory.annotation.Qualifier;
import org.springframework.stereotype.Component;
import at.gv.egiz.eaaf.core.api.idp.process.ExecutionContext;
import at.gv.egiz.eaaf.core.exceptions.TaskExecutionException;
import at.gv.egiz.eaaf.core.impl.idp.auth.modules.AbstractAuthServletTask;
import at.gv.egovernment.moa.id.advancedlogging.MOAIDEventConstants;
import at.gv.egovernment.moa.id.auth.AuthenticationServer;
import at.gv.egovernment.moa.id.auth.data.AuthenticationSessionWrapper;
import at.gv.egovernment.moa.id.auth.exception.ParseException;
import at.gv.egovernment.moa.id.commons.api.exceptions.MOAIDException;
import at.gv.egovernment.moa.logging.Logger;
/**
* Verifies the identity link.
* In detail:
*
* - Renames the moa session id.
* - Parses the identity link retrieved as {@code InfoBoxReadResponse} from POST parameter {@linkplain at.gv.egovernment.moa.id.commons.MOAIDAuthConstants#PARAM_XMLRESPONSE PARAM_XMLRESPONSE}.
* - Verifies the identity link.
* - Updates moa session.
* - Puts boolean flag {@code identityLinkAvailable} into {@code ExecutionContext}.
*
* Expects:
*
* - HttpServletRequest parameter {@linkplain at.gv.egovernment.moa.id.commons.MOAIDAuthConstants#PARAM_SESSIONID PARAM_SESSIONID}
* - HttpServletRequest parameter {@linkplain at.gv.egovernment.moa.id.commons.MOAIDAuthConstants#PARAM_XMLRESPONSE PARAM_XMLRESPONSE} containing a {@code InfoBoxReadResponse}.
*
* Result:
*
* - Identity link put into moa session.
* - Boolean flag {@code identityLinkAvailable} into {@code ExecutionContext}.
*
* Code taken from {@link at.gv.egovernment.moa.id.auth.servlet.VerifyIdentityLinkServlet}.
* @see #execute(ExecutionContext, HttpServletRequest, HttpServletResponse)
*
*/
@Component("VerifyIdentityLinkTask")
public class VerifyIdentityLinkTask extends AbstractAuthServletTask {
@Autowired @Qualifier("CitizenCardAuthenticationServer") private AuthenticationServer authServer;
@Override
public void execute(ExecutionContext executionContext, HttpServletRequest req, HttpServletResponse resp)
throws TaskExecutionException {
Logger.debug("Receive VerifyIdentityLink Response");
Map parameters;
try {
parameters = getParameters(req);
} catch (Exception e) {
Logger.error("Parsing mulitpart/form-data request parameters failed: " + e.getMessage());
throw new TaskExecutionException(pendingReq, "Parsing mulitpart/form-data request parameters failed", new IOException(e.getMessage()));
}
try {
//execute default task initialization
AuthenticationSessionWrapper moasession = pendingReq.getSessionData(AuthenticationSessionWrapper.class);
revisionsLogger.logEvent(pendingReq, MOAIDEventConstants.AUTHPROCESS_BKU_DATAURL_IP, req.getRemoteHost());
//verify identityLink
boolean identityLinkAvailable = authServer.verifyIdentityLink(pendingReq, moasession, parameters) != null;
//store pending request with new MOASession data information
requestStoreage.storePendingRequest(pendingReq);
//set 'identityLink exists' flag to context
executionContext.put("identityLinkAvailable", identityLinkAvailable);
} catch (ParseException ex) {
throw new TaskExecutionException(pendingReq, ex.getMessage(), ex);
} catch (MOAIDException ex) {
throw new TaskExecutionException(pendingReq, ex.getMessage(), ex);
} catch (Exception e) {
Logger.error("IdentityLinkValidation has an interal Error.", e);
throw new TaskExecutionException(pendingReq, e.getMessage(), e);
}
finally {
}
}
}