package at.gv.egovernment.moa.id.auth.modules.eidproxyauth.controller; import java.io.IOException; import java.net.URL; import javax.servlet.http.HttpServletRequest; import javax.servlet.http.HttpServletResponse; import org.springframework.beans.factory.annotation.Autowired; import org.springframework.http.HttpStatus; import org.springframework.stereotype.Controller; import org.springframework.web.bind.annotation.RequestMapping; import org.springframework.web.bind.annotation.RequestMethod; import at.gv.egiz.eaaf.core.api.gui.IGUIFormBuilder; import at.gv.egiz.eaaf.core.exceptions.EAAFException; import at.gv.egiz.eaaf.core.exceptions.GUIBuildException; import at.gv.egiz.eaaf.core.exceptions.InvalidProtocolRequestException; import at.gv.egiz.eaaf.core.impl.idp.controller.AbstractController; import at.gv.egiz.eaaf.core.impl.utils.HTTPUtils; import at.gv.egovernment.moa.id.auth.exception.WrongParametersException; import at.gv.egovernment.moa.id.auth.frontend.builder.DefaultGUIFormBuilderConfiguration; import at.gv.egovernment.moa.id.auth.modules.eidproxyauth.EIDProxyAuthConstants; import at.gv.egovernment.moa.id.auth.modules.eidproxyauth.utils.Utils; import at.gv.egovernment.moa.id.commons.MOAIDAuthConstants; import at.gv.egovernment.moa.id.commons.api.IOAAuthParameters; import at.gv.egovernment.moa.id.util.ParamValidatorUtils; import at.gv.egovernment.moa.logging.Logger; import at.gv.egovernment.moa.util.MiscUtil; @Controller public class EidAppRegIdentifierGenerationController extends AbstractController { private static final String GUI_TEMPLATE_APPREG_ID = "appreg_id_generator.html"; @Autowired IGUIFormBuilder guiBuilder; @RequestMapping(value = EIDProxyAuthConstants.ENDPOINT_APPREG_INFO, method = {RequestMethod.GET}) public void getAppRegSpId(HttpServletRequest req, HttpServletResponse resp) throws IOException, EAAFException { if (!authConfig.getBasicConfigurationBoolean( EIDProxyAuthConstants.CONFIG_PROPS_ENABLE_APPREG_IDENTIFIER_GENERATION_ENDPOINT, true)) { Logger.info("Endpoint: " + EIDProxyAuthConstants.ENDPOINT_APPREG_INFO + " DISABLED!"); resp.setStatus(HttpStatus.FORBIDDEN.value()); return; } String authUrl; DefaultGUIFormBuilderConfiguration config; try { String authUrlString = HTTPUtils.extractAuthURLFromRequest(req); URL authReqURL = new URL(authUrlString); authUrl = authConfig.validateIDPURL(authReqURL); config = new DefaultGUIFormBuilderConfiguration( authUrl, GUI_TEMPLATE_APPREG_ID, null); } catch (Exception e) { Logger.warn("Bad request on: " + EIDProxyAuthConstants.ENDPOINT_APPREG_INFO, e); resp.setStatus(HttpStatus.BAD_REQUEST.value()); resp.getWriter().write(e.getMessage()); return; } try { String oaURL = req.getParameter(MOAIDAuthConstants.PARAM_OA); if (MiscUtil.isEmpty(oaURL)) { Logger.info("Receive OA parameter in SAML1 like request. Can not generate AppReg Identifier"); throw new WrongParametersException(EIDProxyAuthConstants.ENDPOINT_APPREG_INFO, MOAIDAuthConstants.PARAM_OA, "auth.12"); } if (!ParamValidatorUtils.isValidOA(oaURL)) throw new WrongParametersException(EIDProxyAuthConstants.ENDPOINT_APPREG_INFO, MOAIDAuthConstants.PARAM_OA, "auth.12"); IOAAuthParameters oaParam = authConfig.getServiceProviderConfiguration(oaURL, IOAAuthParameters.class); if (oaParam == null) { Logger.info("No configuration for application with ID: " + oaURL); throw new InvalidProtocolRequestException("auth.00",new Object[] { null }); } String appRegId = Utils.getEidSystemApplicationId(oaParam, authUrl, authConfig); config.putCustomParameterWithOutEscaption(null, "appregId", appRegId); guiBuilder.build(req, resp, config, "AppReg Id generation GUI"); } catch (Exception e) { Logger.warn("Can not build AppReg Identifier", e); config.putCustomParameterWithOutEscaption(null, "error", e.getMessage()); try { guiBuilder.build(req, resp, config, "AppReg Id generation GUI"); } catch (GUIBuildException e1) { Logger.error("Internal server error", e); resp.setStatus(HttpStatus.INTERNAL_SERVER_ERROR.value()); } } } }