diff options
| author | clemenso <clemenso@8a26b1a7-26f0-462f-b9ef-d0e30c41f5a4> | 2009-01-20 17:01:09 +0000 |
|---|---|---|
| committer | clemenso <clemenso@8a26b1a7-26f0-462f-b9ef-d0e30c41f5a4> | 2009-01-20 17:01:09 +0000 |
| commit | a7d404cd6db2724d36523e59c87c3007fa86a258 (patch) | |
| tree | e938b10cccf606c062fdb4cf569b8245a83b8a37 /bkucommon/src/main | |
| parent | c97c49eb4399829603816e4b3e47c74b67d0f27b (diff) | |
| parent | ce598ba5142ff7673085dd90865f9323d69574be (diff) | |
| download | mocca-98226bf4e7944ad94068d90feca46e9da2dce567.tar.gz mocca-98226bf4e7944ad94068d90feca46e9da2dce567.tar.bz2 mocca-98226bf4e7944ad94068d90feca46e9da2dce567.zip | |
[maven-release-plugin] copy for tag mocca-1.0.2mocca-1.0.2
git-svn-id: https://joinup.ec.europa.eu/svn/mocca/tags/mocca-1.0.2@276 8a26b1a7-26f0-462f-b9ef-d0e30c41f5a4
Diffstat (limited to 'bkucommon/src/main')
34 files changed, 2772 insertions, 821 deletions
diff --git a/bkucommon/src/main/java/at/gv/egiz/bku/accesscontroller/AuthenticationClassifier.java b/bkucommon/src/main/java/at/gv/egiz/bku/accesscontroller/AuthenticationClassifier.java index ed4b9bda..61d3d7a5 100644 --- a/bkucommon/src/main/java/at/gv/egiz/bku/accesscontroller/AuthenticationClassifier.java +++ b/bkucommon/src/main/java/at/gv/egiz/bku/accesscontroller/AuthenticationClassifier.java @@ -65,7 +65,8 @@ public class AuthenticationClassifier { } catch (CertificateParsingException e) {
log.error(e);
}
- if (cert.getExtensionValue("1.2.40.0.10.1.1.1") != null) {
+ if ((cert.getExtensionValue("1.2.40.0.10.1.1.1") != null)
+ || (cert.getExtensionValue("1.2.40.0.10.1.1.2") != null)) {
return true;
}
return false;
diff --git a/bkucommon/src/main/java/at/gv/egiz/bku/binding/BindingProcessorManagerImpl.java b/bkucommon/src/main/java/at/gv/egiz/bku/binding/BindingProcessorManagerImpl.java index 9757f7cc..5b061850 100644 --- a/bkucommon/src/main/java/at/gv/egiz/bku/binding/BindingProcessorManagerImpl.java +++ b/bkucommon/src/main/java/at/gv/egiz/bku/binding/BindingProcessorManagerImpl.java @@ -49,9 +49,10 @@ public class BindingProcessorManagerImpl implements BindingProcessorManager { private static Log log = LogFactory.getLog(BindingProcessorManagerImpl.class); + protected STALFactory stalFactory; + protected SLCommandInvoker commandInvokerClass; + private RemovalStrategy removalStrategy; - private STALFactory stalFactory; - private SLCommandInvoker commandInvokerClass; private ExecutorService executorService; private Map<Id, ProcessingContext> contextMap = Collections.synchronizedMap(new HashMap<Id, ProcessingContext>()); // private Map<Id, MapEntityWrapper> bindingProcessorMap = Collections diff --git a/bkucommon/src/main/java/at/gv/egiz/bku/binding/DataUrl.java b/bkucommon/src/main/java/at/gv/egiz/bku/binding/DataUrl.java index d462ac60..2e2cc38a 100644 --- a/bkucommon/src/main/java/at/gv/egiz/bku/binding/DataUrl.java +++ b/bkucommon/src/main/java/at/gv/egiz/bku/binding/DataUrl.java @@ -20,6 +20,9 @@ import java.net.MalformedURLException; import java.net.URL; import java.util.Properties; +import javax.net.ssl.HostnameVerifier; +import javax.net.ssl.SSLSocketFactory; + import org.apache.commons.logging.Log; import org.apache.commons.logging.LogFactory; @@ -32,7 +35,10 @@ import at.gv.egiz.bku.slexceptions.SLRuntimeException; public class DataUrl {
private static DataUrlConnectionSPI defaultDataUrlConnection = new DataUrlConnectionImpl();
private static Log log = LogFactory.getLog(DataUrl.class); - private static Properties configuration;
+ private static Properties configuration; + private static SSLSocketFactory sslSocketFactory;
+ private static HostnameVerifier hostNameVerifier; + private URL url;
@@ -44,7 +50,10 @@ public class DataUrl { if (dataUrlConnection == null) {
throw new NullPointerException("Default dataurlconnection must not be set to null");
}
- defaultDataUrlConnection = dataUrlConnection;
+ defaultDataUrlConnection = dataUrlConnection; + defaultDataUrlConnection.setConfiguration(configuration); + defaultDataUrlConnection.setSSLSocketFactory(sslSocketFactory); + defaultDataUrlConnection.setHostnameVerifier(hostNameVerifier);
}
public DataUrl(String aUrlString) throws MalformedURLException {
@@ -65,5 +74,16 @@ public class DataUrl { public static void setConfiguration(Properties props) { configuration = props; - }
+ defaultDataUrlConnection.setConfiguration(configuration); + } + + public static void setSSLSocketFactory(SSLSocketFactory socketFactory) { + sslSocketFactory = socketFactory; + defaultDataUrlConnection.setSSLSocketFactory(socketFactory); + } + + public static void setHostNameVerifier(HostnameVerifier hostNameVerifier) { + DataUrl.hostNameVerifier = hostNameVerifier; + defaultDataUrlConnection.setHostnameVerifier(hostNameVerifier); + }
}
\ No newline at end of file diff --git a/bkucommon/src/main/java/at/gv/egiz/bku/binding/DataUrlConnectionImpl.java b/bkucommon/src/main/java/at/gv/egiz/bku/binding/DataUrlConnectionImpl.java index 6ad0bb78..57d89c89 100644 --- a/bkucommon/src/main/java/at/gv/egiz/bku/binding/DataUrlConnectionImpl.java +++ b/bkucommon/src/main/java/at/gv/egiz/bku/binding/DataUrlConnectionImpl.java @@ -31,7 +31,9 @@ import java.util.Map; import java.util.Properties; import java.util.Set; +import javax.net.ssl.HostnameVerifier; import javax.net.ssl.HttpsURLConnection; +import javax.net.ssl.SSLSocketFactory; import org.apache.commons.httpclient.methods.multipart.FilePart; import org.apache.commons.httpclient.methods.multipart.Part; @@ -51,11 +53,12 @@ import at.gv.egiz.bku.utils.binding.Protocol; * */ public class DataUrlConnectionImpl implements DataUrlConnectionSPI { - + private final static Log log = LogFactory.getLog(DataUrlConnectionImpl.class); public final static Protocol[] SUPPORTED_PROTOCOLS = { Protocol.HTTP, Protocol.HTTPS }; + protected X509Certificate serverCertificate; protected Protocol protocol; protected URL url; @@ -64,6 +67,8 @@ public class DataUrlConnectionImpl implements DataUrlConnectionSPI { protected ArrayList<Part> formParams; protected String boundary; protected Properties config = null; + protected SSLSocketFactory sslSocketFactory; + protected HostnameVerifier hostnameVerifier; protected DataUrlResponse result; @@ -84,6 +89,22 @@ public class DataUrlConnectionImpl implements DataUrlConnectionSPI { */ public void connect() throws SocketTimeoutException, IOException { connection = (HttpURLConnection) url.openConnection(); + if (connection instanceof HttpsURLConnection) { + log.trace("Detected ssl connection"); + HttpsURLConnection https = (HttpsURLConnection) connection; + if (sslSocketFactory != null) { + log.debug("Setting custom ssl socket factory for ssl connection"); + https.setSSLSocketFactory(sslSocketFactory); + } else { + log.trace("No custom socket factory set"); + } + if (hostnameVerifier != null) { + log.debug("Setting custom hostname verifier"); + https.setHostnameVerifier(hostnameVerifier); + } + } else { + log.trace("No secure connection with: "+url+ " class="+connection.getClass()); + } connection.setDoOutput(true); Set<String> headers = requestHttpHeaders.keySet(); Iterator<String> headerIt = headers.iterator(); @@ -91,13 +112,13 @@ public class DataUrlConnectionImpl implements DataUrlConnectionSPI { String name = headerIt.next(); connection.setRequestProperty(name, requestHttpHeaders.get(name)); } - log.trace("Connecting to: "+url); + log.trace("Connecting to: " + url); connection.connect(); if (connection instanceof HttpsURLConnection) { HttpsURLConnection ssl = (HttpsURLConnection) connection; X509Certificate[] certs = (X509Certificate[]) ssl.getServerCertificates(); if ((certs != null) && (certs.length >= 1)) { - log.trace("Server certificate: "+certs[0]); + log.trace("Server certificate: " + certs[0]); serverCertificate = certs[0]; } } @@ -155,8 +176,9 @@ public class DataUrlConnectionImpl implements DataUrlConnectionSPI { } catch (IOException iox) { log.info(iox); } - log.trace("Reading response");
- result = new DataUrlResponse(url.toString(), connection.getResponseCode(), is); + log.trace("Reading response"); + result = new DataUrlResponse(url.toString(), connection.getResponseCode(), + is); Map<String, String> responseHttpHeaders = new HashMap<String, String>(); Map<String, List<String>> httpHeaders = connection.getHeaderFields(); for (Iterator<String> keyIt = httpHeaders.keySet().iterator(); keyIt @@ -227,6 +249,7 @@ public class DataUrlConnectionImpl implements DataUrlConnectionSPI { public DataUrlConnectionSPI newInstance() { DataUrlConnectionSPI uc = new DataUrlConnectionImpl(); uc.setConfiguration(config); + uc.setSSLSocketFactory(sslSocketFactory); return uc; } @@ -239,4 +262,14 @@ public class DataUrlConnectionImpl implements DataUrlConnectionSPI { public void setConfiguration(Properties config) { this.config = config; } + + @Override + public void setSSLSocketFactory(SSLSocketFactory socketFactory) { + this.sslSocketFactory = socketFactory; + } + + @Override + public void setHostnameVerifier(HostnameVerifier hostnameVerifier) { + this.hostnameVerifier = hostnameVerifier; + } }
\ No newline at end of file diff --git a/bkucommon/src/main/java/at/gv/egiz/bku/binding/DataUrlConnectionSPI.java b/bkucommon/src/main/java/at/gv/egiz/bku/binding/DataUrlConnectionSPI.java index 80cc3a0b..f838b919 100644 --- a/bkucommon/src/main/java/at/gv/egiz/bku/binding/DataUrlConnectionSPI.java +++ b/bkucommon/src/main/java/at/gv/egiz/bku/binding/DataUrlConnectionSPI.java @@ -18,6 +18,9 @@ package at.gv.egiz.bku.binding; import java.net.URL;
import java.util.Properties; + +import javax.net.ssl.HostnameVerifier; +import javax.net.ssl.SSLSocketFactory; /**
* Prototype of a DataurlconnectionSPI
@@ -43,7 +46,19 @@ public interface DataUrlConnectionSPI extends DataUrlConnection { * Sets configuration parameters for this connection * @param config */ - public void setConfiguration(Properties config);
+ public void setConfiguration(Properties config); + + /** + * Sets the socketfactory to be used for ssl connections. + * @param socketFactory if null the socket factory will not be set explicitly + */ + public void setSSLSocketFactory(SSLSocketFactory socketFactory); + + /** + * Sets the hostname verifier to be used, + * @param hostnameVerifier if null the default hostname verifier will be used + */ + public void setHostnameVerifier(HostnameVerifier hostnameVerifier);
}
diff --git a/bkucommon/src/main/java/at/gv/egiz/bku/binding/HTTPBindingProcessor.java b/bkucommon/src/main/java/at/gv/egiz/bku/binding/HTTPBindingProcessor.java index 4a22874c..98b5b775 100644 --- a/bkucommon/src/main/java/at/gv/egiz/bku/binding/HTTPBindingProcessor.java +++ b/bkucommon/src/main/java/at/gv/egiz/bku/binding/HTTPBindingProcessor.java @@ -139,8 +139,8 @@ public class HTTPBindingProcessor extends AbstractBindingProcessor implements srcContex.setSourceIsDataURL(false); } - //----------------------------------------------------------------------------
- // ----------- BEGIN CONVENIENCE METHODS -----------
+ //---------------------------------------------------------------------------- + // ----------- BEGIN CONVENIENCE METHODS ----------- protected void sendSTALQuit() { log.info("Sending QUIT command to STAL"); @@ -217,24 +217,24 @@ public class HTTPBindingProcessor extends AbstractBindingProcessor implements } } - //----------------------------------------------------------------------------
- // ----------- END CONVENIENCE METHODS -----------
+ //---------------------------------------------------------------------------- + // ----------- END CONVENIENCE METHODS ----------- - //----------------------------------------------------------------------------
- // -- BEGIN Methods that handle the http binding activities as defined in the
- // activity diagram --
+ //---------------------------------------------------------------------------- + // -- BEGIN Methods that handle the http binding activities as defined in the + // activity diagram -- protected void init() { log.info("Starting Bindingprocessor in Thread: " + Thread.currentThread().getId()); if (bindingProcessorError != null) { log.debug("Detected binding processor error, sending quit command"); - // sendSTALQuit();
+ // sendSTALQuit(); currentState = State.FINISHED; } else if (slCommand == null) { log.error("SLCommand not set (consumeRequest not called ??)"); bindingProcessorError = new SLException(2000); - // sendSTALQuit();
+ // sendSTALQuit(); currentState = State.FINISHED; } else { currentState = State.PROCESS; @@ -270,7 +270,7 @@ public class HTTPBindingProcessor extends AbstractBindingProcessor implements DataUrl dataUrl = new DataUrl(getDataUrl()); DataUrlConnection conn = dataUrl.openConnection(); - // set transfer headers
+ // set transfer headers for (FormParameter fp : getTransferHeaders()) { String paramString = getFormParameterAsString(fp); if (paramString == null) { @@ -288,7 +288,7 @@ public class HTTPBindingProcessor extends AbstractBindingProcessor implements } } - // set transfer form parameters
+ // set transfer form parameters for (FormParameter fp : getTransferForms()) { String contentTransferEncoding = null; String contentType = fp.getFormParameterContentType(); @@ -311,18 +311,18 @@ public class HTTPBindingProcessor extends AbstractBindingProcessor implements contentTransferEncoding); } - // connect
+ // connect conn.connect(); - // fetch and set SL result
+ // fetch and set SL result targetContext.setTargetIsDataURL(true); targetContext.setTargetCertificate(conn.getServerCertificate()); targetContext.setTargetUrl(conn.getUrl()); SLResult result = commandInvoker.getResult(targetContext); - // transfer result
+ // transfer result conn.transmit(result); - // process Dataurl response
+ // process Dataurl response dataUrlResponse = conn.getResponse(); log.debug("Received data url response code: " + dataUrlResponse.getResponseCode()); @@ -335,7 +335,7 @@ public class HTTPBindingProcessor extends AbstractBindingProcessor implements if ((contentType.startsWith(HttpUtil.APPLICATION_URL_ENCODED)) || (contentType.startsWith(HttpUtil.MULTIPART_FOTMDATA))) { log.debug("Detected SL Request in dataurl response"); - // process headers and request
+ // process headers and request setHTTPHeaders(dataUrlResponse.getResponseHeaders()); consumeRequestStream(dataUrlResponse.getStream()); closeDataUrlConnection(); @@ -363,7 +363,7 @@ public class HTTPBindingProcessor extends AbstractBindingProcessor implements srcContex.setSourceIsDataURL(true); srcContex.setSourceUrl(conn.getUrl()); currentState = State.PROCESS; - // just to be complete, actually not used
+ // just to be complete, actually not used srcContex.setSourceHTTPReferer(dataUrlResponse.getResponseHeaders() .get(HttpUtil.HTTP_HEADER_REFERER)); } else { @@ -390,7 +390,7 @@ public class HTTPBindingProcessor extends AbstractBindingProcessor implements .error("Did not get a location header for a 307 data url response"); throw new SLBindingException(2003); } - // consumeRequestStream(dataUrlResponse.getStream());
+ // consumeRequestStream(dataUrlResponse.getStream()); FormParameterStore fp = new FormParameterStore(); fp.init(location.getBytes(HttpUtil.DEFAULT_CHARSET), FixedFormParameters.DATAURL, null, null); @@ -403,7 +403,7 @@ public class HTTPBindingProcessor extends AbstractBindingProcessor implements srcContex.setSourceIsDataURL(true); srcContex.setSourceUrl(conn.getUrl()); currentState = State.PROCESS; - // just to be complete, actually not used
+ // just to be complete, actually not used srcContex.setSourceHTTPReferer(dataUrlResponse.getResponseHeaders() .get(HttpUtil.HTTP_HEADER_REFERER)); @@ -427,7 +427,7 @@ public class HTTPBindingProcessor extends AbstractBindingProcessor implements break; default: - // issue error
+ // issue error log.info("Unexpected response code from dataurl server: " + dataUrlResponse.getResponseCode()); throw new SLBindingException(2007); @@ -499,9 +499,9 @@ public class HTTPBindingProcessor extends AbstractBindingProcessor implements finished = true; } - // -- END Methods that handle the http binding activities as defined in the
- // activity diagram --
- //----------------------------------------------------------------------------
+ // -- END Methods that handle the http binding activities as defined in the + // activity diagram -- + //---------------------------------------------------------------------------- /** * Sets the headers of the SL Request. IMPORTANT: make sure to set all headers @@ -512,7 +512,7 @@ public class HTTPBindingProcessor extends AbstractBindingProcessor implements */ public void setHTTPHeaders(Map<String, String> aHeaderMap) { headerMap = new HashMap<String, String>(); - // ensure lowercase keys
+ // ensure lowercase keys if (aHeaderMap != null) { for (String s : aHeaderMap.keySet()) { if (s != null) { @@ -673,7 +673,7 @@ public class HTTPBindingProcessor extends AbstractBindingProcessor implements FormParameterStore fps = new FormParameterStore(); fps.init(fp); if (!fps.isEmpty()) { - log.debug("Setting from parameter: " + fps.getFormParameterName()); + log.debug("Setting form parameter: " + fps.getFormParameterName()); formParameterMap.put(fps.getFormParameterName(), fps); } } @@ -683,7 +683,7 @@ public class HTTPBindingProcessor extends AbstractBindingProcessor implements } if (is.read() != -1) { log.error("Request input stream not completely read"); - // consume rest of stream, should never occur
+ // consume rest of stream, should never occur throw new SLRuntimeException( "request input stream not consumed till end"); } @@ -761,15 +761,15 @@ public class HTTPBindingProcessor extends AbstractBindingProcessor implements transformer.transform(new StreamSource(isr), new StreamResult(osw)); } catch (TransformerException e) { log.fatal("Exception occured during result transformation", e); - // bindingProcessorError = new SLException(2008);
- // handleBindingProcessorError(os, encoding, null);
+ // bindingProcessorError = new SLException(2008); + // handleBindingProcessorError(os, encoding, null); return; } } osw.flush(); isr.close(); } else if (slResult == null) { - // result not yet assigned -> must be a cancel
+ // result not yet assigned -> must be a cancel bindingProcessorError = new SLException(6001); handleBindingProcessorError(os, encoding, templates); return; diff --git a/bkucommon/src/main/java/at/gv/egiz/bku/binding/LegacyDataUrlConnectionImpl.java b/bkucommon/src/main/java/at/gv/egiz/bku/binding/LegacyDataUrlConnectionImpl.java new file mode 100644 index 00000000..452c45e5 --- /dev/null +++ b/bkucommon/src/main/java/at/gv/egiz/bku/binding/LegacyDataUrlConnectionImpl.java @@ -0,0 +1,257 @@ +package at.gv.egiz.bku.binding; + + +import java.io.IOException; +import java.io.InputStream; +import java.io.InputStreamReader; +import java.io.OutputStream; +import java.io.OutputStreamWriter; +import java.io.StringWriter; +import java.net.HttpURLConnection; +import java.net.SocketTimeoutException; +import java.net.URL; +import java.net.URLEncoder; +import java.security.cert.X509Certificate; +import java.util.HashMap; +import java.util.Iterator; +import java.util.List; +import java.util.Map; +import java.util.Properties; +import java.util.Set; + +import javax.net.ssl.HostnameVerifier; +import javax.net.ssl.HttpsURLConnection; +import javax.net.ssl.SSLSocketFactory; +import javax.xml.transform.stream.StreamResult; + +import org.apache.commons.logging.Log; +import org.apache.commons.logging.LogFactory; + +import at.gv.egiz.bku.slcommands.SLResult; +import at.gv.egiz.bku.slcommands.SLResult.SLResultType; +import at.gv.egiz.bku.slexceptions.SLRuntimeException; +import at.gv.egiz.bku.utils.binding.Protocol; + +/** + * not thread-safe thus newInsance always returns a new object + * + */ +public class LegacyDataUrlConnectionImpl implements DataUrlConnectionSPI { + + private final static Log log = LogFactory.getLog(DataUrlConnectionImpl.class); + + public final static Protocol[] SUPPORTED_PROTOCOLS = { Protocol.HTTP, + Protocol.HTTPS }; + protected X509Certificate serverCertificate; + protected Protocol protocol; + protected URL url; + private HttpURLConnection connection; + protected Map<String, String> requestHttpHeaders; + protected Map<String, String> formParams; + protected String boundary; + protected Properties config = null; + protected SSLSocketFactory sslSocketFactory; + protected HostnameVerifier hostnameVerifier; + + protected DataUrlResponse result; + + public String getProtocol() { + if (protocol == null) { + return null; + } + return protocol.toString(); + } + + /** + * opens a connection sets the headers gets the server certificate + * + * @throws java.net.SocketTimeoutException + * @throws java.io.IOException + * @pre url != null + * @pre httpHeaders != null + */ + public void connect() throws SocketTimeoutException, IOException { + connection = (HttpURLConnection) url.openConnection(); + if (connection instanceof HttpsURLConnection) { + HttpsURLConnection https = (HttpsURLConnection) connection; + if (sslSocketFactory != null) { + log.debug("Setting custom ssl socket factory for ssl connection"); + https.setSSLSocketFactory(sslSocketFactory); + } + if (hostnameVerifier != null) { + log.debug("Setting custom hostname verifier"); + https.setHostnameVerifier(hostnameVerifier); + } + } + connection.setDoOutput(true); + Set<String> headers = requestHttpHeaders.keySet(); + Iterator<String> headerIt = headers.iterator(); + while (headerIt.hasNext()) { + String name = headerIt.next(); + connection.setRequestProperty(name, requestHttpHeaders.get(name)); + } + log.trace("Connecting to: "+url); + connection.connect(); + if (connection instanceof HttpsURLConnection) { + HttpsURLConnection ssl = (HttpsURLConnection) connection; + X509Certificate[] certs = (X509Certificate[]) ssl.getServerCertificates(); + if ((certs != null) && (certs.length >= 1)) { + log.trace("Server certificate: "+certs[0]); + serverCertificate = certs[0]; + } + } + } + + public X509Certificate getServerCertificate() { + return serverCertificate; + } + + public void setHTTPHeader(String name, String value) { + if (name != null && value != null) { + requestHttpHeaders.put(name, value); + } + } + + public void setHTTPFormParameter(String name, InputStream data, + String contentType, String charSet, String transferEncoding) { + StringBuilder sb = new StringBuilder(); + try { + InputStreamReader reader = new InputStreamReader(data, (charSet != null) ? charSet : "UTF-8"); + char[] c = new char[512]; + for (int l; (l = reader.read(c)) != -1;) { + sb.append(c, 0, l); + } + } catch (IOException e) { + throw new SLRuntimeException("Failed to set HTTP form parameter.", e); + } + formParams.put(name, sb.toString()); + } + + /** + * send all formParameters + * + * @throws java.io.IOException + */ + public void transmit(SLResult slResult) throws IOException { + StringWriter writer = new StringWriter(); + slResult.writeTo(new StreamResult(writer)); + formParams.put( + (slResult.getResultType() == SLResultType.XML) + ? DataUrlConnection.FORMPARAM_XMLRESPONSE + : DataUrlConnection.FORMPARAM_BINARYRESPONSE, + writer.toString()); + + OutputStream os = connection.getOutputStream(); + OutputStreamWriter streamWriter = new OutputStreamWriter(os, HttpUtil.DEFAULT_CHARSET); + + log.trace("Sending data"); + Iterator<String> keys = formParams.keySet().iterator(); + while(keys.hasNext()) { + String key = keys.next(); + streamWriter.write(URLEncoder.encode(key, "UTF-8")); + streamWriter.write("="); + streamWriter.write(URLEncoder.encode(formParams.get(key), "UTF-8")); + if (keys.hasNext()) { + streamWriter.write("&"); + } + } + streamWriter.flush(); + os.close(); + + // MultipartRequestEntity PostMethod + InputStream is = null; + try { + is = connection.getInputStream(); + } catch (IOException iox) { + log.info(iox); + } + log.trace("Reading response");
+ result = new DataUrlResponse(url.toString(), connection.getResponseCode(), is); + Map<String, String> responseHttpHeaders = new HashMap<String, String>(); + Map<String, List<String>> httpHeaders = connection.getHeaderFields(); + for (Iterator<String> keyIt = httpHeaders.keySet().iterator(); keyIt + .hasNext();) { + String key = keyIt.next(); + StringBuffer value = new StringBuffer(); + for (String val : httpHeaders.get(key)) { + value.append(val); + value.append(HttpUtil.SEPERATOR[0]); + } + String valString = value.substring(0, value.length() - 1); + if ((key != null) && (value.length() > 0)) { + responseHttpHeaders.put(key, valString); + } + } + result.setResponseHttpHeaders(responseHttpHeaders); + } + + @Override + public DataUrlResponse getResponse() throws IOException { + return result; + } + + /** + * inits protocol, url, httpHeaders, formParams + * + * @param url + * must not be null + */ + @Override + public void init(URL url) { + + for (int i = 0; i < SUPPORTED_PROTOCOLS.length; i++) { + if (SUPPORTED_PROTOCOLS[i].toString().equalsIgnoreCase(url.getProtocol())) { + protocol = SUPPORTED_PROTOCOLS[i]; + break; + } + } + if (protocol == null) { + throw new SLRuntimeException("Protocol " + url.getProtocol() + + " not supported for data url"); + } + this.url = url; + requestHttpHeaders = new HashMap<String, String>(); + if ((config != null) + && (config.getProperty(USER_AGENT_PROPERTY_KEY) != null)) { + requestHttpHeaders.put(HttpUtil.HTTP_HEADER_USER_AGENT, config + .getProperty(USER_AGENT_PROPERTY_KEY)); + } else { + requestHttpHeaders + .put(HttpUtil.HTTP_HEADER_USER_AGENT, DEFAULT_USERAGENT); + + } + requestHttpHeaders.put(HttpUtil.HTTP_HEADER_CONTENT_TYPE, + HttpUtil.APPLICATION_URL_ENCODED); + + formParams = new HashMap<String, String>(); + } + + @Override + public DataUrlConnectionSPI newInstance() { + DataUrlConnectionSPI uc = new LegacyDataUrlConnectionImpl(); + uc.setConfiguration(config); + uc.setSSLSocketFactory(sslSocketFactory); + uc.setHostnameVerifier(hostnameVerifier); + return uc; + } + + @Override + public URL getUrl() { + return url; + } + + @Override + public void setConfiguration(Properties config) { + this.config = config; + } + + @Override + public void setSSLSocketFactory(SSLSocketFactory socketFactory) { + this.sslSocketFactory = socketFactory; + } + + @Override + public void setHostnameVerifier(HostnameVerifier hostnameVerifier) { + this.hostnameVerifier = hostnameVerifier; + } +}
\ No newline at end of file diff --git a/bkucommon/src/main/java/at/gv/egiz/bku/binding/ProcessingContext.java b/bkucommon/src/main/java/at/gv/egiz/bku/binding/ProcessingContext.java index ae7f01eb..913259f6 100644 --- a/bkucommon/src/main/java/at/gv/egiz/bku/binding/ProcessingContext.java +++ b/bkucommon/src/main/java/at/gv/egiz/bku/binding/ProcessingContext.java @@ -1,6 +1,18 @@ /* - * To change this template, choose Tools | Templates - * and open the template in the editor. + * Copyright 2008 Federal Chancellery Austria and + * Graz University of Technology + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. */ package at.gv.egiz.bku.binding; @@ -8,32 +20,40 @@ package at.gv.egiz.bku.binding; import java.util.Hashtable; import java.util.Map; import java.util.concurrent.Future; +import org.apache.commons.logging.Log; +import org.apache.commons.logging.LogFactory; /** - * BindingContext? - * RequestBindingContext? - * - * @author clemens + * + * @author Clemens Orthacker <clemens.orthacker@iaik.tugraz.at> */ public class ProcessingContext { public static final String BINDING_PROCESSOR = "binding.processor"; public static final String FUTURE = "future"; - + + protected static final Log log = LogFactory.getLog(ProcessingContext.class); + protected Map<String, Object> properties = new Hashtable<String, Object>(); public ProcessingContext(BindingProcessor bp, Future future) { properties.put(BINDING_PROCESSOR, bp); properties.put(FUTURE, future); } - - - + public BindingProcessor getBindingProcessor() { return (BindingProcessor) properties.get(BINDING_PROCESSOR); } - + public Future getFuture() { - return (Future) properties.get(FUTURE); + return (Future) properties.get(FUTURE); + } + + public Object get(String key) { + return properties.get(key); + } + + public void put(String key, Object value) { + properties.put(key, value); } } diff --git a/bkucommon/src/main/java/at/gv/egiz/bku/conf/Configurator.java b/bkucommon/src/main/java/at/gv/egiz/bku/conf/Configurator.java index 9ed99190..733b47dc 100644 --- a/bkucommon/src/main/java/at/gv/egiz/bku/conf/Configurator.java +++ b/bkucommon/src/main/java/at/gv/egiz/bku/conf/Configurator.java @@ -14,6 +14,7 @@ import java.security.InvalidAlgorithmParameterException; import java.security.NoSuchAlgorithmException;
import java.security.Provider;
import java.security.Security;
+import java.security.Provider.Service;
import java.security.cert.CertStore;
import java.security.cert.CertificateException;
import java.security.cert.CertificateFactory;
@@ -24,6 +25,7 @@ import java.util.ArrayList; import java.util.LinkedList;
import java.util.List;
import java.util.Properties;
+import java.util.Set;
import javax.net.ssl.HostnameVerifier;
import javax.net.ssl.HttpsURLConnection;
@@ -80,7 +82,7 @@ public abstract class Configurator { log.error("Cannot add trusted ca", e);
}
}
- return caCerts.toArray(new X509Certificate[caCerts.size()]);
+ return caCerts.toArray(new X509Certificate[caCerts.size()]);
} else {
log.warn("No CA certificates configured");
}
@@ -150,9 +152,21 @@ public abstract class Configurator { log.debug("Registering security providers");
Security.insertProviderAt(new IAIK(), 1);
Security.insertProviderAt(new ECCProvider(false), 2);
- Security.addProvider(new STALProvider());
- XSecProvider.addAsProvider(false);
+
+ // registering STALProvider as delegation provider for XSECT
+ STALProvider stalProvider = new STALProvider();
+ Set<Service> services = stalProvider.getServices();
StringBuilder sb = new StringBuilder();
+ for (Service service : services) {
+ String algorithm = service.getType() + "." + service.getAlgorithm();
+ XSecProvider.setDelegationProvider(algorithm, stalProvider.getName());
+ sb.append("\n" + algorithm);
+ }
+ log.debug("Registered STALProvider as XSecProvider delegation provider for the following services : " + sb.toString());
+
+ Security.addProvider(stalProvider);
+ XSecProvider.addAsProvider(false);
+ sb = new StringBuilder();
sb.append("Registered providers: ");
int i = 1;
for (Provider prov : Security.getProviders()) {
@@ -187,28 +201,28 @@ public abstract class Configurator { }
public void configureVersion() {
- Properties p = new Properties();
- try {
- InputStream is = getManifest();
- if (is != null) {
- p.load(getManifest());
- String version = p.getProperty("Implementation-Build");
- properties.setProperty(DataUrlConnection.USER_AGENT_PROPERTY_KEY,
- "citizen-card-environment/1.2 MOCCA " + version);
- DataUrl.setConfiguration(properties);
- log
- .debug("Setting user agent to: "
- + properties
- .getProperty(DataUrlConnection.USER_AGENT_PROPERTY_KEY));
- } else {
- log.warn("Cannot read manifest");
- properties.setProperty(DataUrlConnection.USER_AGENT_PROPERTY_KEY,
- "citizen-card-environment/1.2 MOCCA UNKNOWN");
- DataUrl.setConfiguration(properties);
+ if (properties.getProperty(DataUrlConnection.USER_AGENT_PROPERTY_KEY) == null) {
+ Properties p = new Properties();
+ try {
+ InputStream is = getManifest();
+ if (is != null) {
+ p.load(getManifest());
+ String version = p.getProperty("Implementation-Build");
+ properties.setProperty(DataUrlConnection.USER_AGENT_PROPERTY_KEY,
+ "citizen-card-environment/1.2 MOCCA " + version);
+ log.debug("Setting user agent to: "
+ + properties
+ .getProperty(DataUrlConnection.USER_AGENT_PROPERTY_KEY));
+ } else {
+ log.warn("Cannot read manifest");
+ properties.setProperty(DataUrlConnection.USER_AGENT_PROPERTY_KEY,
+ "citizen-card-environment/1.2 MOCCA UNKNOWN");
+ }
+ } catch (IOException e) {
+ log.error(e);
}
- } catch (IOException e) {
- log.error(e);
}
+ DataUrl.setConfiguration(properties);
}
public void configure() {
@@ -255,7 +269,7 @@ public abstract class Configurator { getCertDir(), getCADir(), caCerts);
sslCtx.init(km, new TrustManager[] { pkixTM }, null);
}
- HttpsURLConnection.setDefaultSSLSocketFactory(sslCtx.getSocketFactory());
+ DataUrl.setSSLSocketFactory(sslCtx.getSocketFactory());
} catch (Exception e) {
log.error("Cannot configure SSL", e);
}
@@ -263,7 +277,7 @@ public abstract class Configurator { log.warn("---------------------------------");
log.warn(" Disabling Hostname Verification ");
log.warn("---------------------------------");
- HttpsURLConnection.setDefaultHostnameVerifier(new HostnameVerifier() {
+ DataUrl.setHostNameVerifier(new HostnameVerifier() {
@Override
public boolean verify(String hostname, SSLSession session) {
return true;
@@ -272,8 +286,6 @@ public abstract class Configurator { }
}
-
-
public void setCertValidator(CertValidator certValidator) {
this.certValidator = certValidator;
}
diff --git a/bkucommon/src/main/java/at/gv/egiz/bku/slcommands/InfoboxUpdateCommand.java b/bkucommon/src/main/java/at/gv/egiz/bku/slcommands/InfoboxUpdateCommand.java new file mode 100644 index 00000000..c2974785 --- /dev/null +++ b/bkucommon/src/main/java/at/gv/egiz/bku/slcommands/InfoboxUpdateCommand.java @@ -0,0 +1,23 @@ +/* +* Copyright 2008 Federal Chancellery Austria and +* Graz University of Technology +* +* Licensed under the Apache License, Version 2.0 (the "License"); +* you may not use this file except in compliance with the License. +* You may obtain a copy of the License at +* +* http://www.apache.org/licenses/LICENSE-2.0 +* +* Unless required by applicable law or agreed to in writing, software +* distributed under the License is distributed on an "AS IS" BASIS, +* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +* See the License for the specific language governing permissions and +* limitations under the License. +*/ +package at.gv.egiz.bku.slcommands; + +public interface InfoboxUpdateCommand extends SLCommand { + + public String getInfoboxIdentifier(); + +} diff --git a/bkucommon/src/main/java/at/gv/egiz/bku/slcommands/InfoboxUpdateResult.java b/bkucommon/src/main/java/at/gv/egiz/bku/slcommands/InfoboxUpdateResult.java new file mode 100644 index 00000000..d180facf --- /dev/null +++ b/bkucommon/src/main/java/at/gv/egiz/bku/slcommands/InfoboxUpdateResult.java @@ -0,0 +1,21 @@ +/* +* Copyright 2008 Federal Chancellery Austria and +* Graz University of Technology +* +* Licensed under the Apache License, Version 2.0 (the "License"); +* you may not use this file except in compliance with the License. +* You may obtain a copy of the License at +* +* http://www.apache.org/licenses/LICENSE-2.0 +* +* Unless required by applicable law or agreed to in writing, software +* distributed under the License is distributed on an "AS IS" BASIS, +* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +* See the License for the specific language governing permissions and +* limitations under the License. +*/ +package at.gv.egiz.bku.slcommands; + +public interface InfoboxUpdateResult extends SLResult { + +} diff --git a/bkucommon/src/main/java/at/gv/egiz/bku/slcommands/SLCommandFactory.java b/bkucommon/src/main/java/at/gv/egiz/bku/slcommands/SLCommandFactory.java index e13b29a1..bec2b253 100644 --- a/bkucommon/src/main/java/at/gv/egiz/bku/slcommands/SLCommandFactory.java +++ b/bkucommon/src/main/java/at/gv/egiz/bku/slcommands/SLCommandFactory.java @@ -16,40 +16,40 @@ */ package at.gv.egiz.bku.slcommands;
-import java.io.IOException;
-import java.net.URL;
-import java.util.HashMap;
-import java.util.Map;
-
-import javax.xml.XMLConstants;
-import javax.xml.bind.JAXBContext;
-import javax.xml.bind.JAXBElement;
-import javax.xml.bind.JAXBException;
-import javax.xml.bind.UnmarshalException;
-import javax.xml.bind.Unmarshaller;
-import javax.xml.namespace.QName;
-import javax.xml.stream.XMLEventReader;
-import javax.xml.stream.XMLInputFactory;
-import javax.xml.stream.XMLStreamException;
-import javax.xml.transform.Source;
-import javax.xml.transform.stream.StreamSource;
-import javax.xml.validation.Schema;
-import javax.xml.validation.SchemaFactory;
-
-import org.apache.commons.logging.Log;
-import org.apache.commons.logging.LogFactory;
-import org.xml.sax.SAXException;
-import org.xml.sax.SAXParseException;
-
-import at.gv.egiz.bku.slcommands.impl.CreateXMLSignatureCommandImpl;
-import at.gv.egiz.bku.slcommands.impl.InfoboxReadCommandImpl;
-import at.gv.egiz.bku.slcommands.impl.NullOperationCommandImpl;
-import at.gv.egiz.bku.slexceptions.SLCommandException;
-import at.gv.egiz.bku.slexceptions.SLExceptionMessages;
-import at.gv.egiz.bku.slexceptions.SLRequestException;
-import at.gv.egiz.bku.slexceptions.SLRuntimeException;
-import at.gv.egiz.slbinding.RedirectEventFilter;
-import at.gv.egiz.slbinding.RedirectUnmarshallerListener;
+import java.io.IOException; +import java.io.Reader; +import java.net.URL; +import java.util.HashMap; +import java.util.Map; + +import javax.xml.XMLConstants; +import javax.xml.bind.JAXBContext; +import javax.xml.bind.JAXBElement; +import javax.xml.bind.JAXBException; +import javax.xml.bind.UnmarshalException; +import javax.xml.bind.Unmarshaller; +import javax.xml.namespace.QName; +import javax.xml.stream.XMLEventReader; +import javax.xml.stream.XMLInputFactory; +import javax.xml.stream.XMLStreamException; +import javax.xml.transform.Source; +import javax.xml.transform.stream.StreamSource; +import javax.xml.validation.Schema; +import javax.xml.validation.SchemaFactory; + +import org.apache.commons.logging.Log; +import org.apache.commons.logging.LogFactory; +import org.xml.sax.SAXException; +import org.xml.sax.SAXParseException; + +import at.buergerkarte.namespaces.cardchannel.ObjectFactory; +import at.gv.egiz.bku.slexceptions.SLCommandException; +import at.gv.egiz.bku.slexceptions.SLExceptionMessages; +import at.gv.egiz.bku.slexceptions.SLRequestException; +import at.gv.egiz.bku.slexceptions.SLRuntimeException; +import at.gv.egiz.bku.utils.DebugReader; +import at.gv.egiz.slbinding.RedirectEventFilter; +import at.gv.egiz.slbinding.RedirectUnmarshallerListener; public class SLCommandFactory {
@@ -72,29 +72,30 @@ public class SLCommandFactory { /**
* Schema for Security Layer command validation.
*/
- private static Schema slSchema;
+ private Schema slSchema;
/**
* The JAXBContext.
*/
- private static JAXBContext jaxbContext;
+ private JAXBContext jaxbContext;
/**
* The map of <namespaceURI>:<localName> to implementation class of the
* corresponding {@link SLCommand}.
*/
- private static Map<String, Class<? extends SLCommand>> slRequestTypeMap = new HashMap<String, Class<? extends SLCommand>>();
-
-
- static {
-
- // TODO: implement dynamic registration
-
- // register all known implementation classes
- putImplClass(SLCommand.NAMESPACE_URI, "NullOperationRequest",
- NullOperationCommandImpl.class);
- putImplClass(SLCommand.NAMESPACE_URI, "InfoboxReadRequest",
- InfoboxReadCommandImpl.class);
- putImplClass(SLCommand.NAMESPACE_URI, "CreateXMLSignatureRequest",
- CreateXMLSignatureCommandImpl.class);
+ private Map<String, Class<? extends SLCommand>> slRequestTypeMap = new HashMap<String, Class<? extends SLCommand>>();
+ + /** + * Configures the singleton instance with command implementations + * @param commandImplMap + * @throws ClassNotFoundException + */ + @SuppressWarnings("unchecked") + public void setCommandImpl(Map<String, String> commandImplMap) throws ClassNotFoundException { + ClassLoader cl = getClass().getClassLoader(); + for (String key : commandImplMap.keySet()) { + Class<? extends SLCommand> impl = (Class<? extends SLCommand>) cl.loadClass(commandImplMap.get(key)); + log.debug("Registering sl command implementation for :"+key+ "; implementation class: "+impl.getCanonicalName()); + slRequestTypeMap.put(key, impl); + } }
/**
@@ -110,7 +111,7 @@ public class SLCommandFactory { * the implementation class, or <code>null</code> to deregister a
* currently registered class
*/
- public static void putImplClass(String namespaceUri, String localname,
+ public void setImplClass(String namespaceUri, String localname,
Class<? extends SLCommand> slCommandClass) {
if (slCommandClass != null) {
slRequestTypeMap.put(namespaceUri + ":" + localname, slCommandClass);
@@ -128,7 +129,7 @@ public class SLCommandFactory { * @return the implementation class, or <code>null</code> if no class is
* registered for the given <code>name</code>
*/
- public static Class<? extends SLCommand> getImplClass(QName name) {
+ public Class<? extends SLCommand> getImplClass(QName name) {
String namespaceURI = name.getNamespaceURI();
String localPart = name.getLocalPart();
return slRequestTypeMap.get(namespaceURI + ":" + localPart);
@@ -139,14 +140,14 @@ public class SLCommandFactory { *
* @param slSchema the schema to validate Security Layer commands with
*/
- public static void setSLSchema(Schema slSchema) {
- SLCommandFactory.slSchema = slSchema;
+ public void setSLSchema(Schema slSchema) {
+ this.slSchema = slSchema;
}
/**
* @return the jaxbContext
*/
- public static JAXBContext getJaxbContext() {
+ public JAXBContext getJaxbContext() {
ensureJaxbContext();
return jaxbContext;
}
@@ -154,19 +155,20 @@ public class SLCommandFactory { /**
* @param jaxbContext the jaxbContext to set
*/
- public static void setJaxbContext(JAXBContext jaxbContext) {
- SLCommandFactory.jaxbContext = jaxbContext;
+ public void setJaxbContext(JAXBContext jaxbContext) {
+ this.jaxbContext = jaxbContext;
}
/**
* Initialize the JAXBContext.
*/
- private synchronized static void ensureJaxbContext() {
+ private synchronized void ensureJaxbContext() {
if (jaxbContext == null) {
try {
String slPkg = at.buergerkarte.namespaces.securitylayer._1.ObjectFactory.class.getPackage().getName();
- String xmldsigPkg = org.w3._2000._09.xmldsig_.ObjectFactory.class.getPackage().getName();
- setJaxbContext(JAXBContext.newInstance(slPkg + ":" + xmldsigPkg));
+ String xmldsigPkg = org.w3._2000._09.xmldsig_.ObjectFactory.class.getPackage().getName(); + String cardChannelPkg = at.buergerkarte.namespaces.cardchannel.ObjectFactory.class.getPackage().getName(); + setJaxbContext(JAXBContext.newInstance(slPkg + ":" + xmldsigPkg + ":" + cardChannelPkg));
} catch (JAXBException e) {
log.error("Failed to setup JAXBContext security layer request.", e);
throw new SLRuntimeException(e);
@@ -177,7 +179,7 @@ public class SLCommandFactory { /**
* Initialize the security layer schema.
*/
- private synchronized static void ensureSchema() {
+ private synchronized void ensureSchema() {
if (slSchema == null) {
try {
SchemaFactory schemaFactory = SchemaFactory.newInstance(XMLConstants.W3C_XML_SCHEMA_NS_URI);
@@ -194,7 +196,7 @@ public class SLCommandFactory { }
Schema schema = schemaFactory.newSchema(sources);
log.debug("Schema successfully created.");
- SLCommandFactory.setSLSchema(schema);
+ setSLSchema(schema);
} catch (SAXException e) {
log.error("Failed to load security layer schema.", e);
throw new SLRuntimeException("Failed to load security layer schema.", e);
@@ -211,9 +213,9 @@ public class SLCommandFactory { */
public synchronized static SLCommandFactory getInstance() {
if (instance == null) {
- ensureJaxbContext();
- ensureSchema();
- instance = new SLCommandFactory();
+ instance = new SLCommandFactory();
+ instance.ensureJaxbContext();
+ instance.ensureSchema();
}
return instance;
}
@@ -327,12 +329,31 @@ public class SLCommandFactory { */
@SuppressWarnings("unchecked")
public SLCommand createSLCommand(Source source, SLCommandContext context)
- throws SLCommandException, SLRuntimeException, SLRequestException {
+ throws SLCommandException, SLRuntimeException, SLRequestException { + + DebugReader dr = null; + if (log.isTraceEnabled() && source instanceof StreamSource) { + StreamSource streamSource = (StreamSource) source; + if (streamSource.getReader() != null) { + dr = new DebugReader(streamSource.getReader(), "SLCommand unmarshalled from:\n"); + streamSource.setReader(dr); + } + }
- Object object = unmarshal(source);
+ Object object; + try { + object = unmarshal(source); + } catch (SLRequestException e) { + throw e; + } finally { + if (dr != null) { + log.trace(dr.getCachedString()); + } + } + if (!(object instanceof JAXBElement)) {
// invalid request
- log.info("Invalid security layer request. " + object.toString());
+ log.info("Invalid security layer request. " + object.toString()); throw new SLRequestException(3002, SLExceptionMessages.EC3002_INVALID,
new Object[]{object.toString()});
}
@@ -345,7 +366,9 @@ public class SLCommandFactory { throw new SLCommandException(4011,
SLExceptionMessages.EC4011_NOTIMPLEMENTED, new Object[]{qName.toString()});
}
-
+ + +
// try to instantiate
SLCommand slCommand;
try {
@@ -362,6 +385,7 @@ public class SLCommandFactory { e);
throw new SLRuntimeException(e);
}
+ slCommand.init(context, (JAXBElement) object);
return slCommand;
diff --git a/bkucommon/src/main/java/at/gv/egiz/bku/slcommands/impl/AbstractAssocArrayInfobox.java b/bkucommon/src/main/java/at/gv/egiz/bku/slcommands/impl/AbstractAssocArrayInfobox.java new file mode 100644 index 00000000..e7f96c06 --- /dev/null +++ b/bkucommon/src/main/java/at/gv/egiz/bku/slcommands/impl/AbstractAssocArrayInfobox.java @@ -0,0 +1,304 @@ +/* + * Copyright 2008 Federal Chancellery Austria and + * Graz University of Technology + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ +package at.gv.egiz.bku.slcommands.impl; + +import java.io.ByteArrayOutputStream; +import java.util.Arrays; +import java.util.Collections; +import java.util.List; +import java.util.Map; +import java.util.regex.Pattern; + +import javax.xml.bind.JAXBContext; +import javax.xml.bind.JAXBException; +import javax.xml.bind.Marshaller; + +import org.apache.commons.logging.Log; +import org.apache.commons.logging.LogFactory; + +import at.buergerkarte.namespaces.securitylayer._1.InfoboxAssocArrayPairType; +import at.buergerkarte.namespaces.securitylayer._1.InfoboxReadDataAssocArrayType; +import at.buergerkarte.namespaces.securitylayer._1.InfoboxReadParamsAssocArrayType; +import at.buergerkarte.namespaces.securitylayer._1.InfoboxReadRequestType; +import at.buergerkarte.namespaces.securitylayer._1.ObjectFactory; +import at.buergerkarte.namespaces.securitylayer._1.XMLContentType; +import at.buergerkarte.namespaces.securitylayer._1.InfoboxReadParamsAssocArrayType.ReadKeys; +import at.buergerkarte.namespaces.securitylayer._1.InfoboxReadParamsAssocArrayType.ReadPairs; +import at.buergerkarte.namespaces.securitylayer._1.InfoboxReadParamsAssocArrayType.ReadValue; +import at.gv.egiz.bku.slcommands.InfoboxReadResult; +import at.gv.egiz.bku.slcommands.SLCommandContext; +import at.gv.egiz.bku.slcommands.SLCommandFactory; +import at.gv.egiz.bku.slexceptions.SLCommandException; + +/** + * An abstract base class for {@link Infobox} implementations of type associative array. + * + * @author mcentner + */ +public abstract class AbstractAssocArrayInfobox extends AbstractInfoboxImpl + implements AssocArrayInfobox { + + /** + * Logging facility. + */ + private static Log log = LogFactory.getLog(AbstractAssocArrayInfobox.class); + + /** + * The search string pattern. + */ + public static final String SEARCH_STRING_PATTERN = "(.&&[^/])+(/.&&[^/])*"; + + /** + * @return the keys available in this infobox. + */ + public abstract String[] getKeys(); + + /** + * @return <code>true</code> if the values are XML entities, or <code>false</code> otherwise. + */ + public abstract boolean isValuesAreXMLEntities(); + + /** + * Returns a key to value mapping for the given <code>keys</code>. + * + * @param keys a list of keys + * @param cmdCtx the command context + * + * @return a key to value mapping for the given <code>keys</code>. + * + * @throws SLCommandException if obtaining the values fails + */ + public abstract Map<String, Object> getValues(List<String> keys, SLCommandContext cmdCtx) throws SLCommandException; + + /** + * Returns all keys that match the given <code>searchString</code>. + * + * @param searchString the search string + * + * @return all keys that match the given <code>searchString</code> + * + * @throws SLCommandException if the given search string is invalid + */ + protected List<String> selectKeys(String searchString) throws SLCommandException { + + if ("*".equals(searchString) || "**".equals(searchString)) { + return Arrays.asList(getKeys()); + } + + if (!searchString.contains("*")) { + Arrays.asList(getKeys()).contains(searchString); + return Collections.singletonList(searchString); + } + + if (Pattern.matches(SEARCH_STRING_PATTERN, searchString)) { + +// for (int i = 0; i < searchString.length(); i++) { +// int codePoint = searchString.codePointAt(i); +// +// } + + // TODO : build pattern + return Collections.emptyList(); + } else { + log.info("Got invalid search string '" + searchString + "'"); + throw new SLCommandException(4010); + } + + } + + /** + * Read all keys specified by <code>readKeys</code>. + * + * @param readKeys + * the ReadKeys element + * @param cmdCtx + * the command context + * @return a corresponding InfoboxReadResult + * + * @throws SLCommandException + * if the ReadKeys element is invalid or obtaining the corresponding + * values fails + */ + protected InfoboxReadResult readKeys(ReadKeys readKeys, SLCommandContext cmdCtx) throws SLCommandException { + + List<String> selectedKeys = selectKeys(readKeys.getSearchString()); + + if (readKeys.isUserMakesUnique() && selectedKeys.size() > 1) { + log.info("UserMakesUnique not supported"); + // TODO: give more specific error message + throw new SLCommandException(4010); + } + + ObjectFactory objectFactory = new ObjectFactory(); + + InfoboxReadDataAssocArrayType infoboxReadDataAssocArrayType = objectFactory + .createInfoboxReadDataAssocArrayType(); + + List<String> keys = infoboxReadDataAssocArrayType.getKey(); + keys.addAll(selectedKeys); + + return new InfoboxReadResultImpl(infoboxReadDataAssocArrayType); + + } + + /** + * Read all pairs specified by <code>readPairs</code>. + * + * @param readPairs + * the readPairs element + * @param cmdCtx + * the command context + * @return a corresponding InfoboxReadResult + * + * @throws SLCommandException + * if the ReadPairs element is invalid or obtaining the corresponding + * values fails + */ + protected InfoboxReadResult readPairs(ReadPairs readPairs, SLCommandContext cmdCtx) throws SLCommandException { + + if (readPairs.isValuesAreXMLEntities() && !isValuesAreXMLEntities()) { + log.info("Got valuesAreXMLEntities=" + readPairs.isValuesAreXMLEntities() + " but infobox type is binary."); + throw new SLCommandException(4010); + } + + List<String> selectedKeys = selectKeys(readPairs.getSearchString()); + + if (readPairs.isUserMakesUnique() && selectedKeys.size() > 1) { + log.info("UserMakesUnique not supported"); + // TODO: give more specific error message + throw new SLCommandException(4010); + } + + return new InfoboxReadResultImpl(marshallPairs(selectedKeys, getValues( + selectedKeys, cmdCtx), readPairs.isValuesAreXMLEntities())); + } + + /** + * Read the value specified by <code>readPairs</code>. + * + * @param readValue + * the readValue element + * @param cmdCtx + * the command context + * @return a corresponding InfoboxReadResult + * + * @throws SLCommandException + * if the ReadValue element is invalid or obtaining the corresponding + * values fails + */ + protected InfoboxReadResult readValue(ReadValue readValue, SLCommandContext cmdCtx) throws SLCommandException { + + if (readValue.isValueIsXMLEntity() && !isValuesAreXMLEntities()) { + log.info("Got valuesAreXMLEntities=" + readValue.isValueIsXMLEntity() + " but infobox type is binary."); + throw new SLCommandException(4010); + } + + List<String> selectedKeys; + + if (Arrays.asList(getKeys()).contains(readValue.getKey())) { + selectedKeys = Collections.singletonList(readValue.getKey()); + } else { + selectedKeys = Collections.emptyList(); + } + + return new InfoboxReadResultImpl(marshallPairs(selectedKeys, getValues( + selectedKeys, cmdCtx), readValue.isValueIsXMLEntity())); + + } + + protected InfoboxReadDataAssocArrayType marshallPairs(List<String> selectedKeys, Map<String, Object> values, boolean areXMLEntities) throws SLCommandException { + + ObjectFactory objectFactory = new ObjectFactory(); + + InfoboxReadDataAssocArrayType infoboxReadDataAssocArrayType = objectFactory.createInfoboxReadDataAssocArrayType(); + + for (String key : selectedKeys) { + InfoboxAssocArrayPairType infoboxAssocArrayPairType = objectFactory.createInfoboxAssocArrayPairType(); + infoboxAssocArrayPairType.setKey(key); + + Object value = values.get(key); + if (areXMLEntities) { + if (value instanceof byte[]) { + log.info("Got valuesAreXMLEntities=" + areXMLEntities + " but infobox type is binary."); + throw new SLCommandException(4122); + } else { + XMLContentType contentType = objectFactory.createXMLContentType(); + contentType.getContent().add(value); + infoboxAssocArrayPairType.setXMLContent(contentType); + } + } else { + infoboxAssocArrayPairType.setBase64Content((value instanceof byte[]) ? (byte[]) value : marshallValue(value)); + } + + infoboxReadDataAssocArrayType.getPair().add(infoboxAssocArrayPairType); + } + + return infoboxReadDataAssocArrayType; + + } + + protected byte[] marshallValue(Object jaxbElement) throws SLCommandException { + SLCommandFactory commandFactory = SLCommandFactory.getInstance(); + JAXBContext jaxbContext = commandFactory.getJaxbContext(); + + ByteArrayOutputStream result; + try { + Marshaller marshaller = jaxbContext.createMarshaller(); + + result = new ByteArrayOutputStream(); + marshaller.marshal(jaxbElement, result); + } catch (JAXBException e) { + log.info("Failed to marshall infobox content.", e); + throw new SLCommandException(4122); + } + + return result.toByteArray(); + + } + + @Override + public InfoboxReadResult read(InfoboxReadRequestType req, + SLCommandContext cmdCtx) throws SLCommandException { + + InfoboxReadParamsAssocArrayType assocArrayParameters = req + .getAssocArrayParameters(); + + if (assocArrayParameters == null) { + log.info("Infobox type is AssocArray but got no AssocArrayParameters."); + throw new SLCommandException(4010); + } + + if (assocArrayParameters.getReadKeys() != null) { + return readKeys(assocArrayParameters.getReadKeys(), cmdCtx); + } + + if (assocArrayParameters.getReadPairs() != null) { + return readPairs(assocArrayParameters.getReadPairs(), cmdCtx); + } + + // ReadValue + if (assocArrayParameters.getReadValue() != null) { + return readValue(assocArrayParameters.getReadValue(), cmdCtx); + } + + log + .info("Infobox type is AssocArray but got invalid AssocArrayParameters."); + throw new SLCommandException(4010); + + } + +} diff --git a/bkucommon/src/main/java/at/gv/egiz/bku/slcommands/impl/AbstractBinaryFileInfobox.java b/bkucommon/src/main/java/at/gv/egiz/bku/slcommands/impl/AbstractBinaryFileInfobox.java new file mode 100644 index 00000000..23394bd5 --- /dev/null +++ b/bkucommon/src/main/java/at/gv/egiz/bku/slcommands/impl/AbstractBinaryFileInfobox.java @@ -0,0 +1,66 @@ +/* +* Copyright 2008 Federal Chancellery Austria and +* Graz University of Technology +* +* Licensed under the Apache License, Version 2.0 (the "License"); +* you may not use this file except in compliance with the License. +* You may obtain a copy of the License at +* +* http://www.apache.org/licenses/LICENSE-2.0 +* +* Unless required by applicable law or agreed to in writing, software +* distributed under the License is distributed on an "AS IS" BASIS, +* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +* See the License for the specific language governing permissions and +* limitations under the License. +*/ +package at.gv.egiz.bku.slcommands.impl; + +import org.apache.commons.logging.Log; +import org.apache.commons.logging.LogFactory; + +import at.buergerkarte.namespaces.securitylayer._1.InfoboxReadParamsBinaryFileType; +import at.buergerkarte.namespaces.securitylayer._1.InfoboxReadRequestType; + +/** + * An abstract base class for {@link Infobox} implementations of type binary file. + * + * @author mcentner + */ +public abstract class AbstractBinaryFileInfobox extends AbstractInfoboxImpl implements BinaryFileInfobox { + + /** + * Logging facility. + */ + private static Log log = LogFactory.getLog(AbstractBinaryFileInfobox.class); + + /** + * Is this infobox' content an XML entity? + */ + protected boolean isXMLEntity = false; + + /** + * @return <code>true</code> if this infobox' content is an XML entity or <code>false</code> otherwise. + */ + public boolean isXMLEntity() { + return isXMLEntity; + } + + /** + * Sets the value returned by {@link #isXMLEntity()} according to the given + * <code>request</code>. + * + * @param request the InfoboxReadRequest + */ + public void setIsXMLEntity(InfoboxReadRequestType request) { + + InfoboxReadParamsBinaryFileType binaryFileParameters = request.getBinaryFileParameters(); + if (binaryFileParameters != null) { + isXMLEntity = binaryFileParameters.isContentIsXMLEntity(); + log.debug("Got ContentIsXMLEntity=" + isXMLEntity + "."); + } + + } + + +} diff --git a/bkucommon/src/main/java/at/gv/egiz/bku/slcommands/impl/AbstractInfoboxCommandImpl.java b/bkucommon/src/main/java/at/gv/egiz/bku/slcommands/impl/AbstractInfoboxCommandImpl.java new file mode 100644 index 00000000..8a7edb71 --- /dev/null +++ b/bkucommon/src/main/java/at/gv/egiz/bku/slcommands/impl/AbstractInfoboxCommandImpl.java @@ -0,0 +1,64 @@ +/* +* Copyright 2008 Federal Chancellery Austria and +* Graz University of Technology +* +* Licensed under the Apache License, Version 2.0 (the "License"); +* you may not use this file except in compliance with the License. +* You may obtain a copy of the License at +* +* http://www.apache.org/licenses/LICENSE-2.0 +* +* Unless required by applicable law or agreed to in writing, software +* distributed under the License is distributed on an "AS IS" BASIS, +* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +* See the License for the specific language governing permissions and +* limitations under the License. +*/ +package at.gv.egiz.bku.slcommands.impl; + +import at.gv.egiz.bku.slcommands.SLCommandContext; +import at.gv.egiz.bku.slexceptions.SLCommandException; + +/** + * An abstract base class for implementations of security layer infobox requests. + * + * @author mcentner + * + * @param <T> + */ +public abstract class AbstractInfoboxCommandImpl<T> extends SLCommandImpl<T> { + + /** + * The infobox implementation. + */ + protected Infobox infobox; + + @Override + public void init(SLCommandContext ctx, Object request) + throws SLCommandException { + super.init(ctx, request); + + String infoboxIdentifier = getInfoboxIdentifier(getRequestValue()); + + infobox = InfoboxFactory.getInstance().createInfobox(infoboxIdentifier); + } + + /** + * Returns the infobox identifier given in <code>request</code>. + * + * @param request the request value + * + * @return the infobox identifier givne in <code>request</code> + */ + protected abstract String getInfoboxIdentifier(T request); + + + public String getInfoboxIdentifier() { + if (infobox != null) { + return infobox.getIdentifier(); + } else { + return null; + } + } + +} diff --git a/bkucommon/src/main/java/at/gv/egiz/bku/slcommands/impl/AbstractInfoboxImpl.java b/bkucommon/src/main/java/at/gv/egiz/bku/slcommands/impl/AbstractInfoboxImpl.java new file mode 100644 index 00000000..564cb8ff --- /dev/null +++ b/bkucommon/src/main/java/at/gv/egiz/bku/slcommands/impl/AbstractInfoboxImpl.java @@ -0,0 +1,45 @@ +/* + * Copyright 2008 Federal Chancellery Austria and + * Graz University of Technology + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ +package at.gv.egiz.bku.slcommands.impl; + +import at.buergerkarte.namespaces.securitylayer._1.InfoboxReadRequestType; +import at.buergerkarte.namespaces.securitylayer._1.InfoboxUpdateRequestType; +import at.gv.egiz.bku.slcommands.InfoboxReadResult; +import at.gv.egiz.bku.slcommands.InfoboxUpdateResult; +import at.gv.egiz.bku.slcommands.SLCommandContext; +import at.gv.egiz.bku.slexceptions.SLCommandException; + +/** + * An abstract base class for {@link Infobox} implementations. + * + * @author mcentner + */ +public abstract class AbstractInfoboxImpl implements Infobox { + + @Override + public InfoboxReadResult read(InfoboxReadRequestType request, + SLCommandContext cmdCtx) throws SLCommandException { + throw new SLCommandException(4011); + } + + @Override + public InfoboxUpdateResult update(InfoboxUpdateRequestType request, + SLCommandContext cmdCtx) throws SLCommandException { + throw new SLCommandException(4011); + } + +} diff --git a/bkucommon/src/main/java/at/gv/egiz/bku/slcommands/impl/AssocArrayInfobox.java b/bkucommon/src/main/java/at/gv/egiz/bku/slcommands/impl/AssocArrayInfobox.java new file mode 100644 index 00000000..908d95da --- /dev/null +++ b/bkucommon/src/main/java/at/gv/egiz/bku/slcommands/impl/AssocArrayInfobox.java @@ -0,0 +1,27 @@ +/* + * Copyright 2008 Federal Chancellery Austria and + * Graz University of Technology + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ +package at.gv.egiz.bku.slcommands.impl; + +/** + * An {@link Infobox} of type associative array as defined in Security Layer + * 1.2. + * + * @author mcentner + */ +public interface AssocArrayInfobox extends Infobox { + +} diff --git a/bkucommon/src/main/java/at/gv/egiz/bku/slcommands/impl/BinaryFileInfobox.java b/bkucommon/src/main/java/at/gv/egiz/bku/slcommands/impl/BinaryFileInfobox.java new file mode 100644 index 00000000..c27f9446 --- /dev/null +++ b/bkucommon/src/main/java/at/gv/egiz/bku/slcommands/impl/BinaryFileInfobox.java @@ -0,0 +1,27 @@ +/* +* Copyright 2008 Federal Chancellery Austria and +* Graz University of Technology +* +* Licensed under the Apache License, Version 2.0 (the "License"); +* you may not use this file except in compliance with the License. +* You may obtain a copy of the License at +* +* http://www.apache.org/licenses/LICENSE-2.0 +* +* Unless required by applicable law or agreed to in writing, software +* distributed under the License is distributed on an "AS IS" BASIS, +* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +* See the License for the specific language governing permissions and +* limitations under the License. +*/ +package at.gv.egiz.bku.slcommands.impl; + +/** + * An {@link Infobox} of type binary file as defined in Security Layer + * 1.2. + * + * @author mcentner + */ +public interface BinaryFileInfobox extends Infobox { + +} diff --git a/bkucommon/src/main/java/at/gv/egiz/bku/slcommands/impl/CardChannelInfoboxImpl.java b/bkucommon/src/main/java/at/gv/egiz/bku/slcommands/impl/CardChannelInfoboxImpl.java new file mode 100644 index 00000000..4b1cc779 --- /dev/null +++ b/bkucommon/src/main/java/at/gv/egiz/bku/slcommands/impl/CardChannelInfoboxImpl.java @@ -0,0 +1,235 @@ +/* +* Copyright 2008 Federal Chancellery Austria and +* Graz University of Technology +* +* Licensed under the Apache License, Version 2.0 (the "License"); +* you may not use this file except in compliance with the License. +* You may obtain a copy of the License at +* +* http://www.apache.org/licenses/LICENSE-2.0 +* +* Unless required by applicable law or agreed to in writing, software +* distributed under the License is distributed on an "AS IS" BASIS, +* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +* See the License for the specific language governing permissions and +* limitations under the License. +*/ +package at.gv.egiz.bku.slcommands.impl; + +import java.io.ByteArrayInputStream; +import java.io.ByteArrayOutputStream; +import java.io.UnsupportedEncodingException; +import java.math.BigInteger; +import java.util.ArrayList; +import java.util.Collections; +import java.util.List; +import java.util.WeakHashMap; + +import javax.xml.bind.JAXBContext; +import javax.xml.bind.JAXBElement; +import javax.xml.bind.JAXBException; +import javax.xml.bind.Unmarshaller; + +import org.apache.commons.logging.Log; +import org.apache.commons.logging.LogFactory; + +import at.buergerkarte.namespaces.cardchannel.ATRType; +import at.buergerkarte.namespaces.cardchannel.CommandAPDUType; +import at.buergerkarte.namespaces.cardchannel.ObjectFactory; +import at.buergerkarte.namespaces.cardchannel.ResetType; +import at.buergerkarte.namespaces.cardchannel.ResponseAPDUType; +import at.buergerkarte.namespaces.cardchannel.ResponseType; +import at.buergerkarte.namespaces.cardchannel.ScriptType; +import at.buergerkarte.namespaces.cardchannel.VerifyAPDUType; +import at.buergerkarte.namespaces.securitylayer._1.Base64XMLContentType; +import at.buergerkarte.namespaces.securitylayer._1.InfoboxReadRequestType; +import at.buergerkarte.namespaces.securitylayer._1.InfoboxUpdateRequestType; +import at.buergerkarte.namespaces.securitylayer._1.XMLContentType; +import at.gv.egiz.bku.slcommands.InfoboxReadResult; +import at.gv.egiz.bku.slcommands.InfoboxUpdateResult; +import at.gv.egiz.bku.slcommands.SLCommandContext; +import at.gv.egiz.bku.slexceptions.SLCommandException; +import at.gv.egiz.bku.slexceptions.SLRuntimeException; +import at.gv.egiz.stal.STAL; +import at.gv.egiz.stal.ext.APDUScriptRequest; +import at.gv.egiz.stal.ext.APDUScriptResponse; +import at.gv.egiz.stal.ext.APDUScriptRequest.RequestScriptElement; +import at.gv.egiz.stal.ext.APDUScriptResponse.ResponseScriptElement; + +public class CardChannelInfoboxImpl extends AbstractBinaryFileInfobox { + + private static Log log = LogFactory.getLog(CardChannelInfoboxImpl.class); + + private static WeakHashMap<STAL, JAXBElement<ResponseType>> scriptResults = new WeakHashMap<STAL, JAXBElement<ResponseType>>(); + + private static JAXBContext jaxbContext; + + static { + try { + jaxbContext = JAXBContext.newInstance(ObjectFactory.class.getPackage().getName()); + } catch (JAXBException e) { + throw new SLRuntimeException("Failed to initalize CardChannel infobox.", e); + } + } + + public CardChannelInfoboxImpl() { + isXMLEntity = true; + } + + @Override + public String getIdentifier() { + return "CardChannel"; + } + + @Override + public InfoboxReadResult read(InfoboxReadRequestType request, + SLCommandContext cmdCtx) throws SLCommandException { + + at.buergerkarte.namespaces.securitylayer._1.ObjectFactory objectFactory + = new at.buergerkarte.namespaces.securitylayer._1.ObjectFactory(); + + Base64XMLContentType content = objectFactory.createBase64XMLContentType(); + XMLContentType xmlContent = objectFactory.createXMLContentType(); + content.setXMLContent(xmlContent); + + JAXBElement<ResponseType> response = scriptResults.get(cmdCtx.getSTAL()); + if (response != null) { + xmlContent.getContent().add(response); + } + + return new InfoboxReadResultImpl(content); + + } + + @SuppressWarnings("unchecked") + @Override + public InfoboxUpdateResult update(InfoboxUpdateRequestType request, + SLCommandContext cmdCtx) throws SLCommandException { + + Base64XMLContentType binaryFileParameters = request.getBinaryFileParameters(); + + if (binaryFileParameters.getBase64Content() != null) { + log.info("Got Base64Content but ContentIsXMLEntity is true."); + throw new SLCommandException(4010); + } + + XMLContentType content = binaryFileParameters.getXMLContent(); + if (content instanceof at.gv.egiz.slbinding.impl.XMLContentType) { + + ByteArrayOutputStream redirectedStream = ((at.gv.egiz.slbinding.impl.XMLContentType) content).getRedirectedStream(); + if (redirectedStream != null) { + + if (log.isDebugEnabled()) { + + StringBuilder sb = new StringBuilder(); + sb.append("CardChannel script:\n"); + try { + sb.append(new String(redirectedStream.toByteArray(), "UTF-8")); + } catch (UnsupportedEncodingException e) { + sb.append(e.getMessage()); + } + log.debug(sb.toString()); + } + + Object object; + try { + Unmarshaller unmarshaller = jaxbContext.createUnmarshaller(); + object = unmarshaller.unmarshal(new ByteArrayInputStream(redirectedStream.toByteArray())); + } catch (JAXBException e) { + log.info("Failed to parse CardChannel script.", e); + throw new SLCommandException(4011); + } + + if (object instanceof JAXBElement) { + executeCardChannelScript(((JAXBElement<ScriptType>) object).getValue(), cmdCtx); + return new InfoboxUpdateResultImpl(); + } + + } + + + } + log.info("Infobox identifier is '" + getIdentifier() + "' but XMLContent does not contain 'Script'."); + throw new SLCommandException(4010); + + } + + protected void executeCardChannelScript(ScriptType script, + SLCommandContext cmdCtx) throws SLCommandException { + + List<Object> resetOrCommandAPDUOrVerifyAPDU = script.getResetOrCommandAPDUOrVerifyAPDU(); + List<RequestScriptElement> requestScript = new ArrayList<RequestScriptElement>(); + + for (Object element : resetOrCommandAPDUOrVerifyAPDU) { + + if (element instanceof ResetType) { + + requestScript.add(new APDUScriptRequest.Reset()); + + } else if (element instanceof CommandAPDUType) { + + CommandAPDUType commandAPDU = (CommandAPDUType) element; + int sequence = (commandAPDU.getSequence() != null) + ? commandAPDU.getSequence().intValue() + : 0; + + requestScript.add( + new APDUScriptRequest.Command( + sequence, + commandAPDU.getValue(), + commandAPDU.getExpectedSW())); + + } else if (element instanceof VerifyAPDUType) { + log.warn("CardChannel script command 'VerifyAPDU' not implemented."); + throw new SLCommandException(4011); + } + } + + APDUScriptRequest scriptRequest = new APDUScriptRequest(requestScript); + + STAL stal = cmdCtx.getSTAL(); + STALHelper helper = new STALHelper(stal); + + helper.transmitSTALRequest(Collections.singletonList(scriptRequest)); + + List<ResponseScriptElement> responseScript = ((APDUScriptResponse) helper + .nextResponse(APDUScriptResponse.class)).getScript(); + + ObjectFactory objectFactory = new ObjectFactory(); + + ResponseType responseType = objectFactory.createResponseType(); + + + for (ResponseScriptElement element : responseScript) { + + if (element instanceof APDUScriptResponse.ATR) { + + byte[] atr = ((APDUScriptResponse.ATR) element).getAtr(); + + ATRType atrType = objectFactory.createATRType(); + atrType.setValue(atr); + atrType.setRc(BigInteger.ZERO); + responseType.getATROrResponseAPDU().add(atrType); + + } else if (element instanceof APDUScriptResponse.Response) { + + APDUScriptResponse.Response response = (APDUScriptResponse.Response) element; + + ResponseAPDUType responseAPDUType = objectFactory.createResponseAPDUType(); + responseAPDUType.setSequence(BigInteger.valueOf(response.getSequence())); +// if (response.getRc() != 0) { + responseAPDUType.setRc(BigInteger.valueOf(response.getRc())); +// } + responseAPDUType.setSw(response.getSw()); + responseAPDUType.setValue(response.getApdu()); + + responseType.getATROrResponseAPDU().add(responseAPDUType); + } + + } + + scriptResults.put(stal, objectFactory.createResponse(responseType)); + } + + +} diff --git a/bkucommon/src/main/java/at/gv/egiz/bku/slcommands/impl/CertificatesInfoboxImpl.java b/bkucommon/src/main/java/at/gv/egiz/bku/slcommands/impl/CertificatesInfoboxImpl.java new file mode 100644 index 00000000..0208f137 --- /dev/null +++ b/bkucommon/src/main/java/at/gv/egiz/bku/slcommands/impl/CertificatesInfoboxImpl.java @@ -0,0 +1,112 @@ +/* +* Copyright 2008 Federal Chancellery Austria and +* Graz University of Technology +* +* Licensed under the Apache License, Version 2.0 (the "License"); +* you may not use this file except in compliance with the License. +* You may obtain a copy of the License at +* +* http://www.apache.org/licenses/LICENSE-2.0 +* +* Unless required by applicable law or agreed to in writing, software +* distributed under the License is distributed on an "AS IS" BASIS, +* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +* See the License for the specific language governing permissions and +* limitations under the License. +*/ +package at.gv.egiz.bku.slcommands.impl; + +import java.security.cert.CertificateEncodingException; +import java.security.cert.X509Certificate; +import java.util.ArrayList; +import java.util.HashMap; +import java.util.List; +import java.util.Map; + +import org.apache.commons.logging.Log; +import org.apache.commons.logging.LogFactory; + +import at.gv.egiz.bku.slcommands.SLCommandContext; +import at.gv.egiz.bku.slexceptions.SLCommandException; +import at.gv.egiz.stal.InfoboxReadRequest; +import at.gv.egiz.stal.STALRequest; + +/** + * An implementation of the {@link Infobox} <em>Certificates</em> as + * specified in Security Layer 1.2. + * + * @author mcentner + */ +public class CertificatesInfoboxImpl extends AbstractAssocArrayInfobox { + + /** + * Logging facility. + */ + private static Log log = LogFactory.getLog(CertificatesInfoboxImpl.class); + + /** + * The valid keys. + */ + public static final String[] CERTIFICATES_KEYS = new String[] { + "SecureSignatureKeypair", + "CertifiedKeypair" }; + + @Override + public String getIdentifier() { + return "Certificates"; + } + + @Override + public String[] getKeys() { + return CERTIFICATES_KEYS; + } + + @Override + public boolean isValuesAreXMLEntities() { + return false; + } + + @Override + public Map<String, Object> getValues(List<String> certificates, SLCommandContext cmdCtx) throws SLCommandException { + + STALHelper stalHelper = new STALHelper(cmdCtx.getSTAL()); + + if (certificates != null && !certificates.isEmpty()) { + + List<STALRequest> stalRequests = new ArrayList<STALRequest>(); + + // get certificates + InfoboxReadRequest infoboxReadRequest; + for (int i = 0; i < certificates.size(); i++) { + infoboxReadRequest = new InfoboxReadRequest(); + infoboxReadRequest.setInfoboxIdentifier(certificates.get(i)); + stalRequests.add(infoboxReadRequest); + } + + stalHelper.transmitSTALRequest(stalRequests); + + List<X509Certificate> x509Certs = stalHelper.getCertificatesFromResponses(); + + Map<String, Object> values = new HashMap<String, Object>(); + + for (int i = 0; i < certificates.size(); i++) { + try { + values.put(certificates.get(i), x509Certs.get(i).getEncoded()); + } catch (CertificateEncodingException e) { + log.error("Failed to encode certificate.", e); + throw new SLCommandException(4000); + } + } + + return values; + + } else { + + return new HashMap<String, Object>(); + + } + + + } + +} diff --git a/bkucommon/src/main/java/at/gv/egiz/bku/slcommands/impl/CreateXMLSignatureCommandImpl.java b/bkucommon/src/main/java/at/gv/egiz/bku/slcommands/impl/CreateXMLSignatureCommandImpl.java index b2e3b303..01686641 100644 --- a/bkucommon/src/main/java/at/gv/egiz/bku/slcommands/impl/CreateXMLSignatureCommandImpl.java +++ b/bkucommon/src/main/java/at/gv/egiz/bku/slcommands/impl/CreateXMLSignatureCommandImpl.java @@ -16,13 +16,11 @@ */ package at.gv.egiz.bku.slcommands.impl; -import java.io.ByteArrayInputStream; import java.security.NoSuchAlgorithmException; -import java.security.cert.CertificateException; -import java.security.cert.CertificateFactory; import java.security.cert.X509Certificate; import java.util.Collections; import java.util.Date; +import java.util.List; import javax.xml.crypto.MarshalException; import javax.xml.crypto.URIReferenceException; @@ -48,11 +46,8 @@ import at.gv.egiz.bku.slexceptions.SLException; import at.gv.egiz.bku.slexceptions.SLRequestException; import at.gv.egiz.bku.slexceptions.SLViewerException; import at.gv.egiz.dom.DOMUtils; -import at.gv.egiz.stal.ErrorResponse; import at.gv.egiz.stal.InfoboxReadRequest; -import at.gv.egiz.stal.InfoboxReadResponse; import at.gv.egiz.stal.STALRequest; -import at.gv.egiz.stal.STALResponse; /** * This class implements the security layer command @@ -147,33 +142,13 @@ public class CreateXMLSignatureCommandImpl extends InfoboxReadRequest stalRequest = new InfoboxReadRequest(); stalRequest.setInfoboxIdentifier(keyboxIdentifier); - requestSTAL(Collections.singletonList((STALRequest) stalRequest)); - - STALResponse stalResponse = stalResponses.next(); - - if (stalResponse instanceof InfoboxReadResponse) { - byte[] infobox = ((InfoboxReadResponse) stalResponse).getInfoboxValue(); - - try { - CertificateFactory certFactory = CertificateFactory.getInstance("X509"); - signingCertificate = (X509Certificate) certFactory - .generateCertificate(new ByteArrayInputStream(infobox)); - } catch (CertificateException e) { - log.info("Failed to decode signing certificate.", e); - // TODO: issue appropriate error
- throw new SLCommandException(4000); - } - - } else if (stalResponse instanceof ErrorResponse) { - ErrorResponse err = (ErrorResponse) stalResponse; - log.info("Received an error response from STAL with code: " - + err.getErrorCode()); - throw new SLCommandException(err.getErrorCode()); - - } else { - log.info("Failed to get signing certificate."); + stalHelper.transmitSTALRequest(Collections.singletonList((STALRequest) stalRequest)); + List<X509Certificate> certificates = stalHelper.getCertificatesFromResponses(); + if (certificates == null || certificates.size() != 1) { + log.info("Got an unexpected number of certificates from STAL."); throw new SLCommandException(4000); } + signingCertificate = certificates.get(0); } diff --git a/bkucommon/src/main/java/at/gv/egiz/bku/slcommands/impl/CreateXMLSignatureResultImpl.java b/bkucommon/src/main/java/at/gv/egiz/bku/slcommands/impl/CreateXMLSignatureResultImpl.java index 092a13c4..4969c85a 100644 --- a/bkucommon/src/main/java/at/gv/egiz/bku/slcommands/impl/CreateXMLSignatureResultImpl.java +++ b/bkucommon/src/main/java/at/gv/egiz/bku/slcommands/impl/CreateXMLSignatureResultImpl.java @@ -84,7 +84,7 @@ public class CreateXMLSignatureResultImpl extends SLResultImpl { DocumentFragment fragment = doc.createDocumentFragment();
- JAXBContext jaxbContext = SLCommandFactory.getJaxbContext();
+ JAXBContext jaxbContext = SLCommandFactory.getInstance().getJaxbContext();
try {
Marshaller marshaller = jaxbContext.createMarshaller();
marshaller.marshal(createCreateXMLSignatureResponse, fragment);
diff --git a/bkucommon/src/main/java/at/gv/egiz/bku/slcommands/impl/IdentityLinkInfoboxImpl.java b/bkucommon/src/main/java/at/gv/egiz/bku/slcommands/impl/IdentityLinkInfoboxImpl.java new file mode 100644 index 00000000..20d20c9d --- /dev/null +++ b/bkucommon/src/main/java/at/gv/egiz/bku/slcommands/impl/IdentityLinkInfoboxImpl.java @@ -0,0 +1,291 @@ +/* +* Copyright 2008 Federal Chancellery Austria and +* Graz University of Technology +* +* Licensed under the Apache License, Version 2.0 (the "License"); +* you may not use this file except in compliance with the License. +* You may obtain a copy of the License at +* +* http://www.apache.org/licenses/LICENSE-2.0 +* +* Unless required by applicable law or agreed to in writing, software +* distributed under the License is distributed on an "AS IS" BASIS, +* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +* See the License for the specific language governing permissions and +* limitations under the License. +*/ +package at.gv.egiz.bku.slcommands.impl; + +import java.io.ByteArrayOutputStream; +import java.io.IOException; +import java.io.OutputStream; +import java.net.MalformedURLException; +import java.security.cert.X509Certificate; +import java.util.ArrayList; +import java.util.List; + +import javax.xml.bind.JAXBElement; +import javax.xml.bind.JAXBException; +import javax.xml.parsers.DocumentBuilder; +import javax.xml.parsers.DocumentBuilderFactory; +import javax.xml.parsers.ParserConfigurationException; +import javax.xml.transform.Result; +import javax.xml.transform.Transformer; +import javax.xml.transform.TransformerConfigurationException; +import javax.xml.transform.TransformerException; +import javax.xml.transform.TransformerFactory; +import javax.xml.transform.dom.DOMResult; +import javax.xml.transform.dom.DOMSource; +import javax.xml.transform.stream.StreamResult; + +import org.apache.commons.logging.Log; +import org.apache.commons.logging.LogFactory; +import org.w3c.dom.Document; +import org.w3c.dom.Node; + +import at.buergerkarte.namespaces.personenbindung._20020506_.CompressedIdentityLinkType; +import at.buergerkarte.namespaces.securitylayer._1.AnyChildrenType; +import at.buergerkarte.namespaces.securitylayer._1.InfoboxReadRequestType; +import at.gv.egiz.bku.slcommands.InfoboxReadResult; +import at.gv.egiz.bku.slcommands.SLCommand; +import at.gv.egiz.bku.slcommands.SLCommandContext; +import at.gv.egiz.bku.slexceptions.SLCommandException; +import at.gv.egiz.bku.slexceptions.SLExceptionMessages; +import at.gv.egiz.bku.slexceptions.SLRuntimeException; +import at.gv.egiz.idlink.CompressedIdentityLinkFactory; +import at.gv.egiz.idlink.IdentityLinkTransformer; +import at.gv.egiz.idlink.ans1.IdentityLink; +import at.gv.egiz.stal.InfoboxReadRequest; +import at.gv.egiz.stal.STALRequest; + +/** + * An implementation of the {@link Infobox} <em>IdentityLink</em> as + * specified in Security Layer 1.2 + * + * @author mcentner + */ +public class IdentityLinkInfoboxImpl extends AbstractBinaryFileInfobox { + + /** + * Logging facility. + */ + private static Log log = LogFactory.getLog(IdentityLinkInfoboxImpl.class); + + /** + * The box specific parameter <code>IdentityLinkDomainIdentifier</code>. + */ + public static final String BOX_SPECIFIC_PARAMETER_IDENTITY_LINK_DOMAIN_IDENTIFIER = "IdentityLinkDomainIdentifier"; + + /** + * The value of the box specific parameter <code>IdentityLinkDomainIdentifier</code>. + */ + private String domainIdentifier; + + @Override + public String getIdentifier() { + return "IdentityLink"; + } + + /** + * @return the value of the box specific parameter <code>IdentityLinkDomainIdentifier</code> + */ + public String getDomainIdentifier() { + return domainIdentifier; + } + + @Override + public InfoboxReadResult read(InfoboxReadRequestType req, SLCommandContext cmdCtx) throws SLCommandException { + + AnyChildrenType boxSpecificParameters = req.getBoxSpecificParameters(); + + if (boxSpecificParameters != null) { + // check BoxSpecificParameters + List<Object> parameter = boxSpecificParameters.getAny(); + JAXBElement<?> element; + if (parameter != null + && parameter.size() == 1 + && parameter.get(0) instanceof JAXBElement<?> + && SLCommand.NAMESPACE_URI.equals((element = (JAXBElement<?>) parameter.get(0)).getName().getNamespaceURI()) + && BOX_SPECIFIC_PARAMETER_IDENTITY_LINK_DOMAIN_IDENTIFIER.equals(element.getName().getLocalPart()) + && element.getValue() instanceof String) { + domainIdentifier = (String) element.getValue(); + log.debug("Got sl:IdentityLinkDomainIdentifier: " + domainIdentifier); + } else { + log.info("Got invalid BoxSpecificParameters."); + throw new SLCommandException(4010); + } + } + + setIsXMLEntity(req); + + STALHelper stalHelper = new STALHelper(cmdCtx.getSTAL()); + + List<STALRequest> stalRequests = new ArrayList<STALRequest>(); + + InfoboxReadRequest infoboxReadRequest; + // get raw identity link + infoboxReadRequest = new InfoboxReadRequest(); + infoboxReadRequest.setInfoboxIdentifier(getIdentifier()); + infoboxReadRequest.setDomainIdentifier(domainIdentifier); + stalRequests.add(infoboxReadRequest); + + // get certificates + infoboxReadRequest = new InfoboxReadRequest(); + infoboxReadRequest.setInfoboxIdentifier("SecureSignatureKeypair"); + stalRequests.add(infoboxReadRequest); + infoboxReadRequest = new InfoboxReadRequest(); + infoboxReadRequest.setInfoboxIdentifier("CertifiedKeypair"); + stalRequests.add(infoboxReadRequest); + + stalHelper.transmitSTALRequest(stalRequests); + log.trace("Got STAL response"); + + IdentityLink identityLink = stalHelper.getIdentityLinkFromResponses(); + List<X509Certificate> certificates = stalHelper.getCertificatesFromResponses(); + + + CompressedIdentityLinkFactory idLinkFactory = CompressedIdentityLinkFactory.getInstance(); + JAXBElement<CompressedIdentityLinkType> compressedIdentityLink = idLinkFactory + .createCompressedIdentityLink(identityLink, certificates, getDomainIdentifier()); + + IdentityLinkTransformer identityLinkTransformer = IdentityLinkTransformer.getInstance(); + String issuerTemplate = identityLink.getIssuerTemplate(); + + DocumentBuilderFactory dbf = DocumentBuilderFactory.newInstance(); + DocumentBuilder db; + try { + db = dbf.newDocumentBuilder(); + } catch (ParserConfigurationException e) { + log.error("Failed to create XML document.", e); + throw new SLRuntimeException(e); + } + + Document document = db.newDocument(); + try { + idLinkFactory.marshallCompressedIdentityLink(compressedIdentityLink, document, null, true); + } catch (JAXBException e) { + log.info("Failed to marshall CompressedIdentityLink.", e); + throw new SLCommandException(4000, + SLExceptionMessages.EC4000_UNCLASSIFIED_INFOBOX_INVALID, + new Object[] { getIdentifier() }); + } + + InfoboxReadResultFileImpl result = new InfoboxReadResultFileImpl(); + ByteArrayOutputStream resultBytes = null; + Result xmlResult = (isXMLEntity() || getDomainIdentifier() != null) + ? result.getXmlResult(true) + : new StreamResult((resultBytes = new ByteArrayOutputStream())); + try { + log.trace("Trying to transform identitylink"); + identityLinkTransformer.transformIdLink(issuerTemplate, new DOMSource(document), xmlResult); + } catch (MalformedURLException e) { + log.warn("Malformed issuer template URL '" + issuerTemplate + "'."); + throw new SLCommandException(4000, + SLExceptionMessages.EC4000_UNCLASSIFIED_IDLINK_TRANSFORMATION_FAILED, + new Object[] { issuerTemplate }); + } catch (IOException e) { + log.warn("Failed to dereferene issuer template URL '" + issuerTemplate + "'." ,e); + throw new SLCommandException(4000, + SLExceptionMessages.EC4000_UNCLASSIFIED_IDLINK_TRANSFORMATION_FAILED, + new Object[] { issuerTemplate }); + } catch (TransformerConfigurationException e) { + log.warn("Failed to create transformation template from issuer template URL '" + issuerTemplate + "'", e); + throw new SLCommandException(4000, + SLExceptionMessages.EC4000_UNCLASSIFIED_IDLINK_TRANSFORMATION_FAILED, + new Object[] { issuerTemplate }); + } catch (TransformerException e) { + log.info("Faild to transform CompressedIdentityLink.", e); + throw new SLCommandException(4000, + SLExceptionMessages.EC4000_UNCLASSIFIED_IDLINK_TRANSFORMATION_FAILED, + new Object[] { issuerTemplate }); + } + + // TODO: Report BUG in IssuerTemplates + // Some IssuerTemplate stylesheets do not consider the pr:Type-Element of the CompressedIdentityLink ... + if (getDomainIdentifier() != null) { + if (xmlResult instanceof DOMResult) { + Node node = ((DOMResult) xmlResult).getNode(); + Node nextSibling = ((DOMResult) xmlResult).getNextSibling(); + Node idLinkNode; + if (nextSibling != null) { + idLinkNode = nextSibling.getPreviousSibling(); + } else if (node != null) { + idLinkNode = node.getFirstChild(); + } else { + log + .error("An IdentityLinkDomainIdentifier of '" + + getDomainIdentifier() + + "' has been given. However, it cannot be set, as the transformation result does not contain a node."); + throw new SLCommandException(4000, + SLExceptionMessages.EC4000_UNCLASSIFIED_IDLINK_TRANSFORMATION_FAILED, + new Object[] { issuerTemplate }); + } + IdentityLinkTransformer.setDomainIdentifier(idLinkNode, getDomainIdentifier()); + } else { + log + .error("An IdentityLinkDomainIdentifier of '" + + getDomainIdentifier() + + "' has been given. However, it cannot be set, as the transformation result is not of type DOM."); + throw new SLCommandException(4000, + SLExceptionMessages.EC4000_UNCLASSIFIED_IDLINK_TRANSFORMATION_FAILED, + new Object[] { issuerTemplate }); + } + } + + if (!isXMLEntity()) { + if (resultBytes == null) { + resultBytes = new ByteArrayOutputStream(); + + if (xmlResult instanceof DOMResult) { + Node node = ((DOMResult) xmlResult).getNode(); + Node nextSibling = ((DOMResult) xmlResult).getNextSibling(); + + DOMSource xmlSource; + if (nextSibling != null) { + xmlSource = new DOMSource(nextSibling.getPreviousSibling()); + } else if (node != null) { + xmlSource = new DOMSource(node.getFirstChild()); + } else { + log + .error("IssuerTemplate transformation returned no node."); + throw new SLCommandException(4000, + SLExceptionMessages.EC4000_UNCLASSIFIED_IDLINK_TRANSFORMATION_FAILED, + new Object[] { issuerTemplate }); + } + TransformerFactory transformerFactory = TransformerFactory.newInstance(); + try { + Transformer transformer = transformerFactory.newTransformer(); + transformer.transform(xmlSource, new StreamResult(resultBytes)); + } catch (TransformerConfigurationException e) { + log.error(e); + throw new SLCommandException(4000, + SLExceptionMessages.EC4000_UNCLASSIFIED_IDLINK_TRANSFORMATION_FAILED, + new Object[] { issuerTemplate }); + } catch (TransformerException e) { + log.error(e); + throw new SLCommandException(4000, + SLExceptionMessages.EC4000_UNCLASSIFIED_IDLINK_TRANSFORMATION_FAILED, + new Object[] { issuerTemplate }); + } + } else if (xmlResult instanceof StreamResult) { + OutputStream outputStream = ((StreamResult) xmlResult).getOutputStream(); + if (outputStream instanceof ByteArrayOutputStream) { + result.setResultBytes(((ByteArrayOutputStream) outputStream).toByteArray()); + } else { + log.error("ContentIsXMLEntity is set to 'false'. However, an XMLResult has already been set."); + throw new SLCommandException(4000, + SLExceptionMessages.EC4000_UNCLASSIFIED_IDLINK_TRANSFORMATION_FAILED, + new Object[] { issuerTemplate }); + } + } + } else { + result.setResultBytes(resultBytes.toByteArray()); + } + } + + return result; + + } + + +} diff --git a/bkucommon/src/main/java/at/gv/egiz/bku/slcommands/impl/Infobox.java b/bkucommon/src/main/java/at/gv/egiz/bku/slcommands/impl/Infobox.java new file mode 100644 index 00000000..99d62721 --- /dev/null +++ b/bkucommon/src/main/java/at/gv/egiz/bku/slcommands/impl/Infobox.java @@ -0,0 +1,70 @@ +/* + * Copyright 2008 Federal Chancellery Austria and + * Graz University of Technology + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ +package at.gv.egiz.bku.slcommands.impl; + +import at.buergerkarte.namespaces.securitylayer._1.InfoboxReadRequestType; +import at.buergerkarte.namespaces.securitylayer._1.InfoboxUpdateRequestType; +import at.gv.egiz.bku.slcommands.InfoboxReadResult; +import at.gv.egiz.bku.slcommands.InfoboxUpdateResult; +import at.gv.egiz.bku.slcommands.SLCommandContext; +import at.gv.egiz.bku.slexceptions.SLCommandException; + +/** + * An implementation of this interface represents a infobox as defined in + * Security-Layer 1.2. + * + * @author mcentner + */ +public interface Infobox { + + /** + * @return the identifier of this infobox + */ + public String getIdentifier(); + + /** + * Read data from this infobox. + * + * @param request + * the InfoboxReadRequest + * @param cmdCtx + * the command context + * + * @return the data read from this infobox as InfoboxReadResult + * + * @throws SLCommandException + * + * if reading from this infobox fails + */ + public InfoboxReadResult read(InfoboxReadRequestType request, + SLCommandContext cmdCtx) throws SLCommandException; + + /** + * Update data in this infobox. + * + * @param request + * the InfoboxUpdateRequest + * @param cmdCtx + * the command context + * @return a corresponding InfoboxUpdateResult + * @throws SLCommandException + * if updating this infobox fails + */ + public InfoboxUpdateResult update(InfoboxUpdateRequestType request, + SLCommandContext cmdCtx) throws SLCommandException; + +} diff --git a/bkucommon/src/main/java/at/gv/egiz/bku/slcommands/impl/InfoboxFactory.java b/bkucommon/src/main/java/at/gv/egiz/bku/slcommands/impl/InfoboxFactory.java new file mode 100644 index 00000000..e9736f6d --- /dev/null +++ b/bkucommon/src/main/java/at/gv/egiz/bku/slcommands/impl/InfoboxFactory.java @@ -0,0 +1,151 @@ +/* +* Copyright 2008 Federal Chancellery Austria and +* Graz University of Technology +* +* Licensed under the Apache License, Version 2.0 (the "License"); +* you may not use this file except in compliance with the License. +* You may obtain a copy of the License at +* +* http://www.apache.org/licenses/LICENSE-2.0 +* +* Unless required by applicable law or agreed to in writing, software +* distributed under the License is distributed on an "AS IS" BASIS, +* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +* See the License for the specific language governing permissions and +* limitations under the License. +*/ +package at.gv.egiz.bku.slcommands.impl; + +import java.util.HashMap; +import java.util.Map; + +import org.apache.commons.logging.Log; +import org.apache.commons.logging.LogFactory; + +import at.gv.egiz.bku.slexceptions.SLCommandException; +import at.gv.egiz.bku.slexceptions.SLExceptionMessages; +import at.gv.egiz.bku.slexceptions.SLRuntimeException; + +/** + * A factory for creating {@link Infobox}es. + * + * @author mcentner + */ +public class InfoboxFactory { + + /** + * Logging facility. + */ + private static Log log = LogFactory.getLog(InfoboxFactory.class); + + /** + * The singleton instance of this InfoboxFactory. + */ + private static InfoboxFactory instance; + + /** + * @return an instance of this InfoboxFactory + */ + public synchronized static InfoboxFactory getInstance() { + if (instance == null) { + instance = new InfoboxFactory(); + } + return instance; + } + + /** + * The mapping of infobox identifier to implementation class. + */ + private HashMap<String, Class<? extends Infobox>> implementations; + + /** + * Private constructor. + */ + private InfoboxFactory() { + } + + /** + * Sets the mapping of infobox identifier to implementation class name. + * + * @param infoboxImplMap + * a mapping of infobox identifiers to implementation class names + * + * @throws ClassNotFoundException + * if implementation class is not an instance of {@link Infobox} + */ + @SuppressWarnings("unchecked") + public void setInfoboxImpl(Map<String, String> infoboxImplMap) throws ClassNotFoundException { + HashMap<String, Class<? extends Infobox>> implMap = new HashMap<String, Class<? extends Infobox>>(); + ClassLoader cl = getClass().getClassLoader(); + for (String key : infoboxImplMap.keySet()) { + Class<? extends Infobox> impl = (Class<? extends Infobox>) cl.loadClass(infoboxImplMap.get(key)); + log.debug("Registering infobox '" + key + "' implementation '" + impl.getCanonicalName() + "'."); + implMap.put(key, impl); + } + implementations = implMap; + } + + /** + * Returns the configured implementation class for the given + * <code>infoboxIdentifier</code>. + * + * @param infoboxIdentifier + * the infobox identifier + * + * @return the implementation class for the given infobox identifier or + * <code>null</code> if there is no implementation class configured + */ + public Class<? extends Infobox> getImplClass(String infoboxIdentifier) { + if (implementations != null) { + return implementations.get(infoboxIdentifier); + } else { + return null; + } + } + + /** + * Create a new {@link Infobox} instance for the given + * <code>infoboxIdentifier</code>. + * + * @param infoboxIdentifier + * the infobox identifier + * + * @return an {@link Infobox} implementation for the given infobox identifier + * + * @throws SLCommandException + * if there is no implementation for the given infobox identifier + * @throws SLRuntimeException + * if creating an {@link Infobox} instance fails + */ + public Infobox createInfobox(String infoboxIdentifier) throws SLCommandException, SLRuntimeException { + + Class<? extends Infobox> implClass = getImplClass(infoboxIdentifier); + if (implClass == null) { + // infobox not supported + log.info("Unsupported infobox '" + infoboxIdentifier + "."); + throw new SLCommandException(4002, + SLExceptionMessages.EC4002_INFOBOX_UNKNOWN, + new Object[] { infoboxIdentifier }); + } + + // try to instantiate + Infobox infobox; + try { + infobox = implClass.newInstance(); + log.debug("Infobox '" + infobox.getIdentifier() + "' created."); + } catch (InstantiationException e) { + // unexpected error + log.error("Failed to instantiate infobox implementation.", e); + throw new SLRuntimeException(e); + } catch (IllegalAccessException e) { + // unexpected error + log.error("Failed to instantiate infobox implementation.", e); + throw new SLRuntimeException(e); + } + + return infobox; + + } + + +} diff --git a/bkucommon/src/main/java/at/gv/egiz/bku/slcommands/impl/InfoboxReadCommandImpl.java b/bkucommon/src/main/java/at/gv/egiz/bku/slcommands/impl/InfoboxReadCommandImpl.java index c7bb5205..693f444f 100644 --- a/bkucommon/src/main/java/at/gv/egiz/bku/slcommands/impl/InfoboxReadCommandImpl.java +++ b/bkucommon/src/main/java/at/gv/egiz/bku/slcommands/impl/InfoboxReadCommandImpl.java @@ -16,67 +16,14 @@ */ package at.gv.egiz.bku.slcommands.impl;
-import iaik.asn1.CodingException; -import iaik.asn1.DerCoder; - -import java.io.ByteArrayInputStream; -import java.io.ByteArrayOutputStream; -import java.io.IOException; -import java.io.OutputStream; -import java.net.MalformedURLException; -import java.security.cert.CertificateEncodingException; -import java.security.cert.CertificateException; -import java.security.cert.CertificateFactory; -import java.security.cert.X509Certificate; -import java.util.ArrayList; -import java.util.Arrays; -import java.util.Collections; -import java.util.List; -import java.util.regex.Pattern; - -import javax.xml.bind.JAXBElement; -import javax.xml.bind.JAXBException; -import javax.xml.parsers.DocumentBuilder; -import javax.xml.parsers.DocumentBuilderFactory; -import javax.xml.parsers.ParserConfigurationException; -import javax.xml.transform.Result; -import javax.xml.transform.Transformer; -import javax.xml.transform.TransformerConfigurationException; -import javax.xml.transform.TransformerException; -import javax.xml.transform.TransformerFactory; -import javax.xml.transform.dom.DOMResult; -import javax.xml.transform.dom.DOMSource; -import javax.xml.transform.stream.StreamResult; - import org.apache.commons.logging.Log; import org.apache.commons.logging.LogFactory; -import org.w3c.dom.Document; -import org.w3c.dom.Node; -import at.buergerkarte.namespaces.personenbindung._20020506_.CompressedIdentityLinkType; -import at.buergerkarte.namespaces.securitylayer._1.AnyChildrenType; -import at.buergerkarte.namespaces.securitylayer._1.InfoboxAssocArrayPairType; -import at.buergerkarte.namespaces.securitylayer._1.InfoboxReadDataAssocArrayType; -import at.buergerkarte.namespaces.securitylayer._1.InfoboxReadParamsAssocArrayType; -import at.buergerkarte.namespaces.securitylayer._1.InfoboxReadParamsBinaryFileType; import at.buergerkarte.namespaces.securitylayer._1.InfoboxReadRequestType; -import at.buergerkarte.namespaces.securitylayer._1.ObjectFactory; -import at.buergerkarte.namespaces.securitylayer._1.InfoboxReadParamsAssocArrayType.ReadKeys; -import at.buergerkarte.namespaces.securitylayer._1.InfoboxReadParamsAssocArrayType.ReadPairs; -import at.buergerkarte.namespaces.securitylayer._1.InfoboxReadParamsAssocArrayType.ReadValue; import at.gv.egiz.bku.slcommands.InfoboxReadCommand; -import at.gv.egiz.bku.slcommands.SLCommand; import at.gv.egiz.bku.slcommands.SLCommandContext; import at.gv.egiz.bku.slcommands.SLResult; import at.gv.egiz.bku.slexceptions.SLCommandException; -import at.gv.egiz.bku.slexceptions.SLExceptionMessages; -import at.gv.egiz.bku.slexceptions.SLRuntimeException; -import at.gv.egiz.idlink.CompressedIdentityLinkFactory; -import at.gv.egiz.idlink.IdentityLinkTransformer; -import at.gv.egiz.idlink.ans1.IdentityLink; -import at.gv.egiz.stal.InfoboxReadRequest; -import at.gv.egiz.stal.InfoboxReadResponse; -import at.gv.egiz.stal.STALRequest; /**
* This class implements the security layer command
@@ -88,7 +35,7 @@ import at.gv.egiz.stal.STALRequest; *
* @author mcentner
*/
-public class InfoboxReadCommandImpl extends SLCommandImpl<InfoboxReadRequestType> implements
+public class InfoboxReadCommandImpl extends AbstractInfoboxCommandImpl<InfoboxReadRequestType> implements
InfoboxReadCommand {
/**
@@ -96,511 +43,54 @@ public class InfoboxReadCommandImpl extends SLCommandImpl<InfoboxReadRequestType */
protected static Log log = LogFactory.getLog(InfoboxReadCommandImpl.class); - public static final String SEARCH_STRING_PATTERN = ".&&[^/](/.&&[^/])*";
-
- public static final String INFOBOX_IDENTIFIER_CERTIFICATES = "Certificates"; - - public static final String BOX_SPECIFIC_PARAMETER_IDENTITY_LINK_DOMAIN_IDENTIFIER = "IdentityLinkDomainIdentifier"; - - public static final String INFOBOX_IDENTIFIER_IDENTITY_LINK = "IdentityLink"; - - public static final String[] INFOXBOX_CERTIFICATES_KEYS = new String[] { - "SecureSignatureKeypair", - "CertifiedKeypair" }; - - private static final int ASSOC_ARRAY_READ_KEYS = 1; - - private static final int ASSOC_ARRAY_READ_PAIRS = 2; - - private static final int ASSOC_ARRAY_READ_VALUE = 3;
- - /**
- * The <code>InfoboxIdentifier</code>
- */
- protected String infoboxIdentifier;
-
- /**
- * The <code>IdentityLinkDomainIdentifier</code> value of an <code>IdentyLink</code> infobox.
- */
- protected String identityLinkDomainIdentifier; - - /** - * The list of certificates to be read from an <code>Certificates</code> infobox. - */ - protected List<String> certificates; - - /** - * The result type. - */ - protected int assocArrayResult;
-
- /**
- * Is content XML entity?
- */
- protected boolean isXMLEntity;
-
@Override
public String getName() {
return "InfoboxReadRequest";
}
- /**
- * @return the infoboxIdentifier
- */
- public String getInfoboxIdentifier() {
- return infoboxIdentifier;
- }
-
+ @Override + protected String getInfoboxIdentifier(InfoboxReadRequestType request) { + return request.getInfoboxIdentifier(); + } + @Override
public void init(SLCommandContext ctx, Object request) throws SLCommandException {
super.init(ctx, request);
InfoboxReadRequestType req = getRequestValue();
-
- infoboxIdentifier = req.getInfoboxIdentifier();
-
- if (INFOBOX_IDENTIFIER_IDENTITY_LINK.equals(infoboxIdentifier)) {
-
- if (req.getAssocArrayParameters() != null) {
- log.info("Got AssocArrayParameters but Infobox type is BinaryFile.");
- throw new SLCommandException(4010);
- }
-
- InfoboxReadParamsBinaryFileType binaryFileParameters = req.getBinaryFileParameters(); - if (binaryFileParameters != null) { - isXMLEntity = binaryFileParameters.isContentIsXMLEntity(); - log.debug("Got ContentIsXMLEntity=" + isXMLEntity + "."); - } -
- AnyChildrenType boxSpecificParameters = req.getBoxSpecificParameters();
-
- if (boxSpecificParameters != null) {
- // check BoxSpecificParameters
- List<Object> parameter = boxSpecificParameters.getAny();
- JAXBElement<?> element;
- if (parameter != null
- && parameter.size() == 1
- && parameter.get(0) instanceof JAXBElement<?>
- && SLCommand.NAMESPACE_URI.equals((element = (JAXBElement<?>) parameter.get(0)).getName().getNamespaceURI())
- && BOX_SPECIFIC_PARAMETER_IDENTITY_LINK_DOMAIN_IDENTIFIER.equals(element.getName().getLocalPart())
- && element.getValue() instanceof String) {
- identityLinkDomainIdentifier = (String) element.getValue();
- log.debug("Got sl:IdentityLinkDomainIdentifier: " + identityLinkDomainIdentifier);
- } else {
- log.info("Got invalid BoxSpecificParameters.");
- throw new SLCommandException(4010);
- }
- }
- } else if (INFOBOX_IDENTIFIER_CERTIFICATES.equals(infoboxIdentifier)) { - - if (req.getBinaryFileParameters() != null) { - log.info("Got BinaryFileParameters but Infobox type is AssocArray."); - throw new SLCommandException(4010); - } - - if (req.getBoxSpecificParameters() != null) { - log.info("Got invalid BoxSpecificParameters."); - throw new SLCommandException(4010); - } - - InfoboxReadParamsAssocArrayType assocArrayParameters = req - .getAssocArrayParameters(); - if (assocArrayParameters == null) { - log.info("Infobox type is AssocArray but got no AssocArrayParameters."); - throw new SLCommandException(4010); - } - - // RreadKeys? - if (assocArrayParameters.getReadKeys() != null) { - assocArrayResult = ASSOC_ARRAY_READ_KEYS; - ReadKeys readKeys = assocArrayParameters.getReadKeys(); - certificates = findCertificates(readKeys.getSearchString()); - if (readKeys.isUserMakesUnique() && certificates.size() > 1) { - log.info("UserMakesUnique not supported"); - // TODO: give more specific error message - throw new SLCommandException(4010); - } - } - - // ReadPairs? - if (assocArrayParameters.getReadPairs() != null) { - assocArrayResult = ASSOC_ARRAY_READ_PAIRS; - ReadPairs readPairs = assocArrayParameters.getReadPairs(); - if (readPairs.isValuesAreXMLEntities()) { - log.info("Got valuesAreXMLEntities but infobox type is binary."); - throw new SLCommandException(4010); - } - certificates = findCertificates(readPairs.getSearchString()); - if (readPairs.isUserMakesUnique() && certificates.size() > 1) { - log.info("UserMakesUnique not supported"); - // TODO: give more specific error message - throw new SLCommandException(4010); - } - } - - // ReadValue - if (assocArrayParameters.getReadValue() != null) { - assocArrayResult = ASSOC_ARRAY_READ_VALUE; - ReadValue readValue = assocArrayParameters.getReadValue(); - if (readValue.isValueIsXMLEntity()) { - log.info("Got valuesAreXMLEntities but infobox type is binary."); - throw new SLCommandException(4010); - } - String key = readValue.getKey(); - if (Arrays.asList(INFOXBOX_CERTIFICATES_KEYS).contains(key)) { - certificates = Collections.singletonList(key); - } else { - certificates = Collections.emptyList(); - } - } - - if (assocArrayResult == 0) { - log.info("Infobox type is AssocArray but got invalid AssocArrayParameters."); - throw new SLCommandException(4010); - } -
- } else {
- throw new SLCommandException(4002,
- SLExceptionMessages.EC4002_INFOBOX_UNKNOWN,
- new Object[] { infoboxIdentifier });
- }
+ if (req.getAssocArrayParameters() != null && + !(infobox instanceof AssocArrayInfobox)) { + log.info("Got AssocArrayParameters but Infobox type is not AssocArray."); + throw new SLCommandException(4010); + } + + if (req.getBinaryFileParameters() != null && + !(infobox instanceof BinaryFileInfobox)) { + log.info("Got BinaryFileParameters but Infobox type is not BinaryFile."); + throw new SLCommandException(4010); + } }
@Override
public SLResult execute() { - try {
- if (INFOBOX_IDENTIFIER_IDENTITY_LINK.equals(infoboxIdentifier)) { - return readIdentityLink(); - } else if (INFOBOX_IDENTIFIER_CERTIFICATES.equals(infoboxIdentifier)) { - return readCertificates(); - } else { - throw new SLCommandException(4000); - } - } catch (SLCommandException e) {
- return new ErrorResultImpl(e, cmdCtx.getLocale());
- }
- }
-
- /**
- * Gets the IdentitiyLink form the next STAL response.
- *
- * @return the IdentityLink
- *
- * @throws SLCommandException if getting the IdentitiyLink fails
- */
- private IdentityLink getIdentityLinkFromResponses() throws SLCommandException {
-
- // IdentityLink
- InfoboxReadResponse response;
- if (hasNextResponse()) {
- response = (InfoboxReadResponse) nextResponse(InfoboxReadResponse.class);
- byte[] idLink = response.getInfoboxValue();
- try {
- return new IdentityLink(DerCoder.decode(idLink));
- } catch (CodingException e) {
- log.info("Failed to decode infobox '" + INFOBOX_IDENTIFIER_IDENTITY_LINK + "'.", e);
- throw new SLCommandException(4000,
- SLExceptionMessages.EC4000_UNCLASSIFIED_INFOBOX_INVALID,
- new Object[] { INFOBOX_IDENTIFIER_IDENTITY_LINK });
- }
- } else {
- log.info("No infobox '" + INFOBOX_IDENTIFIER_IDENTITY_LINK + "' returned from STAL.");
- throw new SLCommandException(4000);
- }
-
- }
-
- /**
- * Gets the list of certificates from the next STAL responses.
- *
- * @return the list of certificates
- *
- * @throws SLCommandException if getting the list of certificates fails
- */
- private List<X509Certificate> getCertificatesFromResponses() throws SLCommandException {
-
- List<X509Certificate> certificates = new ArrayList<X509Certificate>();
-
- CertificateFactory certFactory;
- try {
- certFactory = CertificateFactory.getInstance("X509");
- } catch (CertificateException e) {
- // we should always be able to get an X509 certificate factory
- log.error("CertificateFactory.getInstance(\"X509\") failed.", e);
- throw new SLRuntimeException(e);
- }
-
- InfoboxReadResponse response;
- while(hasNextResponse()) {
- response = (InfoboxReadResponse) nextResponse(InfoboxReadResponse.class);
- byte[] cert = response.getInfoboxValue();
- try {
- certificates.add((X509Certificate) certFactory.generateCertificate(new ByteArrayInputStream(cert)));
- } catch (CertificateException e) {
- log.info("Failed to decode certificate.", e);
- throw new SLCommandException(4000,
- SLExceptionMessages.EC4000_UNCLASSIFIED_INFOBOX_INVALID,
- new Object[] { INFOBOX_IDENTIFIER_CERTIFICATES });
- }
- }
-
- return certificates;
-
- }
-
- /**
- * Uses STAL to read the IdentityLink.
- *
- * @return the corresponding security layer result
- *
- * @throws SLCommandException if reading the IdentityLink fails
- */
- private SLResult readIdentityLink() throws SLCommandException {
-
- List<STALRequest> stalRequests = new ArrayList<STALRequest>();
-
- InfoboxReadRequest infoboxReadRequest;
- // get raw identity link
- infoboxReadRequest = new InfoboxReadRequest();
- infoboxReadRequest.setInfoboxIdentifier(INFOBOX_IDENTIFIER_IDENTITY_LINK);
- infoboxReadRequest.setDomainIdentifier(identityLinkDomainIdentifier);
- stalRequests.add(infoboxReadRequest);
-
- // get certificates
- infoboxReadRequest = new InfoboxReadRequest();
- infoboxReadRequest.setInfoboxIdentifier("SecureSignatureKeypair");
- stalRequests.add(infoboxReadRequest);
- infoboxReadRequest = new InfoboxReadRequest();
- infoboxReadRequest.setInfoboxIdentifier("CertifiedKeypair");
- stalRequests.add(infoboxReadRequest);
-
- requestSTAL(stalRequests);
- log.trace("Got STAL response");
-
- IdentityLink identityLink = getIdentityLinkFromResponses();
- List<X509Certificate> certificates = getCertificatesFromResponses();
-
-
- CompressedIdentityLinkFactory idLinkFactory = CompressedIdentityLinkFactory.getInstance();
- JAXBElement<CompressedIdentityLinkType> compressedIdentityLink = idLinkFactory
- .createCompressedIdentityLink(identityLink, certificates, identityLinkDomainIdentifier);
-
- IdentityLinkTransformer identityLinkTransformer = IdentityLinkTransformer.getInstance();
- String issuerTemplate = identityLink.getIssuerTemplate();
-
- DocumentBuilderFactory dbf = DocumentBuilderFactory.newInstance();
- DocumentBuilder db;
- try {
- db = dbf.newDocumentBuilder();
- } catch (ParserConfigurationException e) {
- log.error("Failed to create XML document.", e);
- throw new SLRuntimeException(e);
- }
-
- Document document = db.newDocument();
- try {
- idLinkFactory.marshallCompressedIdentityLink(compressedIdentityLink, document, null, true);
- } catch (JAXBException e) {
- log.info("Failed to marshall CompressedIdentityLink.", e);
- throw new SLCommandException(4000,
- SLExceptionMessages.EC4000_UNCLASSIFIED_INFOBOX_INVALID,
- new Object[] { INFOBOX_IDENTIFIER_IDENTITY_LINK });
- }
-
- InfoboxReadResultFileImpl result = new InfoboxReadResultFileImpl();
- ByteArrayOutputStream resultBytes = null;
- Result xmlResult = (isXMLEntity || identityLinkDomainIdentifier != null)
- ? result.getXmlResult(true)
- : new StreamResult((resultBytes = new ByteArrayOutputStream()));
+ try { - log.trace("Trying to transform identitylink");
- identityLinkTransformer.transformIdLink(issuerTemplate, new DOMSource(document), xmlResult); - } catch (MalformedURLException e) { - log.warn("Malformed issuer template URL '" + issuerTemplate + "'."); - throw new SLCommandException(4000, - SLExceptionMessages.EC4000_UNCLASSIFIED_IDLINK_TRANSFORMATION_FAILED, - new Object[] { issuerTemplate }); - } catch (IOException e) {
- log.warn("Failed to dereferene issuer template URL '" + issuerTemplate + "'." ,e);
- throw new SLCommandException(4000, - SLExceptionMessages.EC4000_UNCLASSIFIED_IDLINK_TRANSFORMATION_FAILED, - new Object[] { issuerTemplate }); - } catch (TransformerConfigurationException e) { - log.warn("Failed to create transformation template from issuer template URL '" + issuerTemplate + "'", e); - throw new SLCommandException(4000, - SLExceptionMessages.EC4000_UNCLASSIFIED_IDLINK_TRANSFORMATION_FAILED, - new Object[] { issuerTemplate }); - } catch (TransformerException e) {
- log.info("Faild to transform CompressedIdentityLink.", e);
- throw new SLCommandException(4000,
- SLExceptionMessages.EC4000_UNCLASSIFIED_IDLINK_TRANSFORMATION_FAILED,
- new Object[] { issuerTemplate });
- }
-
- // TODO: Report BUG in IssuerTemplates
- // Some IssuerTemplate stylesheets do not consider the pr:Type-Element of the CompressedIdentityLink ...
- if (identityLinkDomainIdentifier != null) {
- if (xmlResult instanceof DOMResult) {
- Node node = ((DOMResult) xmlResult).getNode();
- Node nextSibling = ((DOMResult) xmlResult).getNextSibling();
- Node idLinkNode;
- if (nextSibling != null) {
- idLinkNode = nextSibling.getPreviousSibling();
- } else if (node != null) {
- idLinkNode = node.getFirstChild();
- } else {
- log
- .error("An IdentityLinkDomainIdentifier of '"
- + identityLinkDomainIdentifier
- + "' has been given. However, it cannot be set, as the transformation result does not contain a node.");
- throw new SLCommandException(4000,
- SLExceptionMessages.EC4000_UNCLASSIFIED_IDLINK_TRANSFORMATION_FAILED,
- new Object[] { issuerTemplate });
- }
- IdentityLinkTransformer.setDomainIdentifier(idLinkNode, identityLinkDomainIdentifier);
- } else {
- log
- .error("An IdentityLinkDomainIdentifier of '"
- + identityLinkDomainIdentifier
- + "' has been given. However, it cannot be set, as the transformation result is not of type DOM.");
- throw new SLCommandException(4000,
- SLExceptionMessages.EC4000_UNCLASSIFIED_IDLINK_TRANSFORMATION_FAILED,
- new Object[] { issuerTemplate });
- }
- }
-
- if (!isXMLEntity) {
- if (resultBytes == null) {
- resultBytes = new ByteArrayOutputStream();
-
- if (xmlResult instanceof DOMResult) {
- Node node = ((DOMResult) xmlResult).getNode();
- Node nextSibling = ((DOMResult) xmlResult).getNextSibling();
-
- DOMSource xmlSource;
- if (nextSibling != null) {
- xmlSource = new DOMSource(nextSibling.getPreviousSibling());
- } else if (node != null) {
- xmlSource = new DOMSource(node.getFirstChild());
- } else {
- log
- .error("IssuerTemplate transformation returned no node.");
- throw new SLCommandException(4000,
- SLExceptionMessages.EC4000_UNCLASSIFIED_IDLINK_TRANSFORMATION_FAILED,
- new Object[] { issuerTemplate });
- }
- TransformerFactory transformerFactory = TransformerFactory.newInstance();
- try {
- Transformer transformer = transformerFactory.newTransformer();
- transformer.transform(xmlSource, new StreamResult(resultBytes));
- } catch (TransformerConfigurationException e) {
- log.error(e);
- throw new SLCommandException(4000,
- SLExceptionMessages.EC4000_UNCLASSIFIED_IDLINK_TRANSFORMATION_FAILED,
- new Object[] { issuerTemplate });
- } catch (TransformerException e) {
- log.error(e);
- throw new SLCommandException(4000,
- SLExceptionMessages.EC4000_UNCLASSIFIED_IDLINK_TRANSFORMATION_FAILED,
- new Object[] { issuerTemplate });
- }
- } else if (xmlResult instanceof StreamResult) {
- OutputStream outputStream = ((StreamResult) xmlResult).getOutputStream();
- if (outputStream instanceof ByteArrayOutputStream) {
- result.setResultBytes(((ByteArrayOutputStream) outputStream).toByteArray());
- } else {
- log.error("ContentIsXMLEntity is set to 'false'. However, an XMLResult has already been set.");
- throw new SLCommandException(4000,
- SLExceptionMessages.EC4000_UNCLASSIFIED_IDLINK_TRANSFORMATION_FAILED,
- new Object[] { issuerTemplate });
- }
- }
- } else {
- result.setResultBytes(resultBytes.toByteArray());
- }
- }
-
-
- return result;
-
- } - - protected List<String> findCertificates(String searchString) throws SLCommandException { - - if ("*".equals(searchString) || "**".equals(searchString)) { - return Arrays.asList(INFOXBOX_CERTIFICATES_KEYS); + return infobox.read(getRequestValue(), getCmdCtx()); + } catch (SLCommandException e) { + return new ErrorResultImpl(e, getCmdCtx().getLocale()); } - if (Pattern.matches(SEARCH_STRING_PATTERN, searchString)) { - -// for (int i = 0; i < searchString.length(); i++) { -// int codePoint = searchString.codePointAt(i); -// -// } - - // TODO : build pattern - return Collections.emptyList(); + }
+
+ @Override + public String getIdentityLinkDomainId() { + if (infobox instanceof IdentityLinkInfoboxImpl) { + return ((IdentityLinkInfoboxImpl) infobox).getDomainIdentifier(); } else { - log.info("Got invalid search string '" + searchString + "'"); - throw new SLCommandException(4010); + return null; } - } - private SLResult readCertificates() throws SLCommandException { - - ObjectFactory objectFactory = new ObjectFactory(); - - InfoboxReadDataAssocArrayType infoboxReadDataAssocArrayType = objectFactory - .createInfoboxReadDataAssocArrayType(); - - if (assocArrayResult == ASSOC_ARRAY_READ_KEYS) { - - List<String> keys = infoboxReadDataAssocArrayType.getKey(); - keys.addAll(certificates); - - } else { - - if (certificates != null && !certificates.isEmpty()) { - - List<STALRequest> stalRequests = new ArrayList<STALRequest>(); - - // get certificates - InfoboxReadRequest infoboxReadRequest; - for (int i = 0; i < certificates.size(); i++) { - infoboxReadRequest = new InfoboxReadRequest(); - infoboxReadRequest.setInfoboxIdentifier(certificates.get(i)); - stalRequests.add(infoboxReadRequest); - } - - requestSTAL(stalRequests); - - List<X509Certificate> x509Certs = getCertificatesFromResponses(); - - for (int i = 0; i < certificates.size(); i++) { - InfoboxAssocArrayPairType infoboxAssocArrayPairType = objectFactory.createInfoboxAssocArrayPairType(); - infoboxAssocArrayPairType.setKey(certificates.get(i)); - try { - infoboxAssocArrayPairType.setBase64Content(x509Certs.get(i).getEncoded()); - } catch (CertificateEncodingException e) { - log.error("Failed to encode certificate.", e); - throw new SLCommandException(4000); - } - infoboxReadDataAssocArrayType.getPair().add(infoboxAssocArrayPairType); - } - - } - - } - - return new InfoboxReadResultImpl(infoboxReadDataAssocArrayType); - - } - - @Override - public String getIdentityLinkDomainId() { - return identityLinkDomainIdentifier; - } }
diff --git a/bkucommon/src/main/java/at/gv/egiz/bku/slcommands/impl/InfoboxReadResultFileImpl.java b/bkucommon/src/main/java/at/gv/egiz/bku/slcommands/impl/InfoboxReadResultFileImpl.java index 6f41b562..d8295227 100644 --- a/bkucommon/src/main/java/at/gv/egiz/bku/slcommands/impl/InfoboxReadResultFileImpl.java +++ b/bkucommon/src/main/java/at/gv/egiz/bku/slcommands/impl/InfoboxReadResultFileImpl.java @@ -29,6 +29,7 @@ import javax.xml.transform.dom.DOMResult; import org.apache.commons.logging.Log; import org.apache.commons.logging.LogFactory; import org.w3c.dom.Document; +import org.w3c.dom.Node; import org.w3c.dom.NodeList; import at.buergerkarte.namespaces.securitylayer._1.Base64XMLContentType; @@ -56,7 +57,7 @@ public class InfoboxReadResultFileImpl extends SLResultImpl implements /**
* The XML document containing the infobox content.
*/
- Document xmlDocument;
+ protected Document xmlDocument;
/**
* Creates the response document from the given <code>binaryContent</code>.
@@ -95,7 +96,7 @@ public class InfoboxReadResultFileImpl extends SLResultImpl implements JAXBElement<InfoboxReadResponseType> infoboxReadResponse = factory.createInfoboxReadResponse(infoboxReadResponseType);
- JAXBContext context = SLCommandFactory.getJaxbContext();
+ JAXBContext context = SLCommandFactory.getInstance().getJaxbContext();
try {
Marshaller marshaller = context.createMarshaller();
marshaller.marshal(infoboxReadResponse, doc);
@@ -112,22 +113,42 @@ public class InfoboxReadResultFileImpl extends SLResultImpl implements /**
* @return an XMLResult for marshalling the infobox to
*/
- Result getXmlResult(boolean preserveSpace) {
+ public Result getXmlResult(boolean preserveSpace) {
xmlDocument = createResponseDocument(null, preserveSpace);
NodeList nodeList = xmlDocument.getElementsByTagNameNS(SLCommand.NAMESPACE_URI, "XMLContent");
return new DOMResult(nodeList.item(0));
- }
-
+ } + + /** + * Creates a new <code>InfoboxReadResponse</code> document and appends + * the given <code>node</code> as child node of the <code>XMLContent</code> element. + * + * @param node the node to be appended as child node of the <code>XMLContnet</code> element + * @param preserveSpace if <code>true</code> the value of the <code>XMLContent</code>'s <code>space</code> + * attribute is set to <code>preserve</code>. + */ + public void setResultXMLContent(Node node, boolean preserveSpace) { + + xmlDocument = createResponseDocument(null, preserveSpace); + + NodeList nodeList = xmlDocument.getElementsByTagNameNS(SLCommand.NAMESPACE_URI, "XMLContent"); + if (node.getOwnerDocument() != xmlDocument) { + node = xmlDocument.importNode(node, true); + } + nodeList.item(0).appendChild(node); + + } + /**
* Creates a new result document for this <code>InfoboxReadResult</code>
* and sets the given <code>resultBytes</code> as content.
*
* @param resultBytes
*/
- void setResultBytes(byte[] resultBytes) {
+ public void setResultBytes(byte[] resultBytes) {
xmlDocument = createResponseDocument(resultBytes, false);
diff --git a/bkucommon/src/main/java/at/gv/egiz/bku/slcommands/impl/InfoboxReadResultImpl.java b/bkucommon/src/main/java/at/gv/egiz/bku/slcommands/impl/InfoboxReadResultImpl.java index 8904eac6..e508941d 100644 --- a/bkucommon/src/main/java/at/gv/egiz/bku/slcommands/impl/InfoboxReadResultImpl.java +++ b/bkucommon/src/main/java/at/gv/egiz/bku/slcommands/impl/InfoboxReadResultImpl.java @@ -20,11 +20,13 @@ import javax.xml.bind.JAXBElement; import javax.xml.transform.Result; import javax.xml.transform.Templates; +import at.buergerkarte.namespaces.securitylayer._1.Base64XMLContentType; import at.buergerkarte.namespaces.securitylayer._1.InfoboxReadDataAssocArrayType; import at.buergerkarte.namespaces.securitylayer._1.InfoboxReadResponseType; import at.buergerkarte.namespaces.securitylayer._1.ObjectFactory; +import at.gv.egiz.bku.slcommands.InfoboxReadResult; -public class InfoboxReadResultImpl extends SLResultImpl { +public class InfoboxReadResultImpl extends SLResultImpl implements InfoboxReadResult { /** * The <code>InfoboxReadResponse</code> @@ -40,6 +42,17 @@ public class InfoboxReadResultImpl extends SLResultImpl { this.infoboxReadResponse = infoboxReadResponseType; } + + public InfoboxReadResultImpl(Base64XMLContentType value) { + + ObjectFactory objectFactory = new ObjectFactory(); + InfoboxReadResponseType infoboxReadResponseType = objectFactory.createInfoboxReadResponseType(); + + infoboxReadResponseType.setBinaryFileData(value); + + this.infoboxReadResponse = infoboxReadResponseType; + + } @Override public void writeTo(Result result, Templates templates) { diff --git a/bkucommon/src/main/java/at/gv/egiz/bku/slcommands/impl/InfoboxUpdateCommandImpl.java b/bkucommon/src/main/java/at/gv/egiz/bku/slcommands/impl/InfoboxUpdateCommandImpl.java new file mode 100644 index 00000000..1cdeda94 --- /dev/null +++ b/bkucommon/src/main/java/at/gv/egiz/bku/slcommands/impl/InfoboxUpdateCommandImpl.java @@ -0,0 +1,74 @@ +/* +* Copyright 2008 Federal Chancellery Austria and +* Graz University of Technology +* +* Licensed under the Apache License, Version 2.0 (the "License"); +* you may not use this file except in compliance with the License. +* You may obtain a copy of the License at +* +* http://www.apache.org/licenses/LICENSE-2.0 +* +* Unless required by applicable law or agreed to in writing, software +* distributed under the License is distributed on an "AS IS" BASIS, +* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +* See the License for the specific language governing permissions and +* limitations under the License. +*/ +package at.gv.egiz.bku.slcommands.impl; + +import org.apache.commons.logging.Log; +import org.apache.commons.logging.LogFactory; + +import at.buergerkarte.namespaces.securitylayer._1.InfoboxUpdateRequestType; +import at.gv.egiz.bku.slcommands.InfoboxUpdateCommand; +import at.gv.egiz.bku.slcommands.SLCommandContext; +import at.gv.egiz.bku.slcommands.SLResult; +import at.gv.egiz.bku.slexceptions.SLCommandException; + +public class InfoboxUpdateCommandImpl extends + AbstractInfoboxCommandImpl<InfoboxUpdateRequestType> implements InfoboxUpdateCommand { + + private static Log log = LogFactory.getLog(InfoboxUpdateCommandImpl.class); + + @Override + public String getName() { + return "InfoboxUpdateRequest"; + } + + @Override + protected String getInfoboxIdentifier(InfoboxUpdateRequestType request) { + return request.getInfoboxIdentifier(); + } + + @Override + public void init(SLCommandContext ctx, Object request) throws SLCommandException { + super.init(ctx, request); + + InfoboxUpdateRequestType req = getRequestValue(); + + if (req.getAssocArrayParameters() != null && + !(infobox instanceof AssocArrayInfobox)) { + log.info("Got AssocArrayParameters but Infobox type is not AssocArray."); + throw new SLCommandException(4010); + } + + if (req.getBinaryFileParameters() != null && + !(infobox instanceof BinaryFileInfobox)) { + log.info("Got BinaryFileParameters but Infobox type is not BinaryFile."); + throw new SLCommandException(4010); + } + + } + + @Override + public SLResult execute() { + + try { + return infobox.update(getRequestValue(), getCmdCtx()); + } catch (SLCommandException e) { + return new ErrorResultImpl(e, getCmdCtx().getLocale()); + } + + } + +} diff --git a/bkucommon/src/main/java/at/gv/egiz/bku/slcommands/impl/InfoboxUpdateResultImpl.java b/bkucommon/src/main/java/at/gv/egiz/bku/slcommands/impl/InfoboxUpdateResultImpl.java new file mode 100644 index 00000000..15064756 --- /dev/null +++ b/bkucommon/src/main/java/at/gv/egiz/bku/slcommands/impl/InfoboxUpdateResultImpl.java @@ -0,0 +1,43 @@ +/* +* Copyright 2008 Federal Chancellery Austria and +* Graz University of Technology +* +* Licensed under the Apache License, Version 2.0 (the "License"); +* you may not use this file except in compliance with the License. +* You may obtain a copy of the License at +* +* http://www.apache.org/licenses/LICENSE-2.0 +* +* Unless required by applicable law or agreed to in writing, software +* distributed under the License is distributed on an "AS IS" BASIS, +* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +* See the License for the specific language governing permissions and +* limitations under the License. +*/ +package at.gv.egiz.bku.slcommands.impl; + +import javax.xml.bind.JAXBElement; +import javax.xml.transform.Result; +import javax.xml.transform.Templates; + +import at.buergerkarte.namespaces.securitylayer._1.InfoboxUpdateResponseType; +import at.buergerkarte.namespaces.securitylayer._1.ObjectFactory; +import at.gv.egiz.bku.slcommands.InfoboxUpdateResult; + +public class InfoboxUpdateResultImpl extends SLResultImpl implements + InfoboxUpdateResult { + + protected static JAXBElement<InfoboxUpdateResponseType> RESPONSE; + + static { + ObjectFactory factory = new ObjectFactory(); + InfoboxUpdateResponseType type = factory.createInfoboxUpdateResponseType(); + RESPONSE = factory.createInfoboxUpdateResponse(type); + } + + @Override + public void writeTo(Result result, Templates templates) { + writeTo(RESPONSE, result, templates); + } + +} diff --git a/bkucommon/src/main/java/at/gv/egiz/bku/slcommands/impl/SLCommandImpl.java b/bkucommon/src/main/java/at/gv/egiz/bku/slcommands/impl/SLCommandImpl.java index 9a3a2984..ed055b69 100644 --- a/bkucommon/src/main/java/at/gv/egiz/bku/slcommands/impl/SLCommandImpl.java +++ b/bkucommon/src/main/java/at/gv/egiz/bku/slcommands/impl/SLCommandImpl.java @@ -16,22 +16,11 @@ */ package at.gv.egiz.bku.slcommands.impl;
-import java.util.Iterator;
-import java.util.List;
-import java.util.NoSuchElementException;
-
-import javax.xml.bind.JAXBElement;
-
-import org.apache.commons.logging.Log;
-import org.apache.commons.logging.LogFactory;
-
-import at.gv.egiz.bku.slcommands.SLCommand;
-import at.gv.egiz.bku.slcommands.SLCommandContext;
-import at.gv.egiz.bku.slexceptions.SLCommandException;
-import at.gv.egiz.stal.ErrorResponse;
-import at.gv.egiz.stal.STAL;
-import at.gv.egiz.stal.STALRequest;
-import at.gv.egiz.stal.STALResponse;
+import javax.xml.bind.JAXBElement; + +import at.gv.egiz.bku.slcommands.SLCommand; +import at.gv.egiz.bku.slcommands.SLCommandContext; +import at.gv.egiz.bku.slexceptions.SLCommandException; /**
* This class serves as abstract base class for the implementation of a security
@@ -47,19 +36,18 @@ public abstract class SLCommandImpl<T> implements SLCommand { /**
* The <code>SLCommandContext</code> for this <code>SLCommand</code>.
*/
- protected SLCommandContext cmdCtx;
+ protected SLCommandContext cmdCtx; + + /** + * The STAL helper. + */ + protected STALHelper stalHelper;
/**
* The request element of this command.
*/
protected JAXBElement<T> request;
- /**
- * An iterator over the <code>STALResponse</code>s received in
- * {@link SLCommandImpl#requestSTAL(List)}.
- */
- protected Iterator<STALResponse> stalResponses;
-
@SuppressWarnings("unchecked")
@Override
public void init(SLCommandContext ctx, Object request)
@@ -67,8 +55,8 @@ public abstract class SLCommandImpl<T> implements SLCommand { this.request = (JAXBElement<T>) request;
- this.cmdCtx = ctx;
- assert this.cmdCtx != null;
+ this.cmdCtx = ctx; + stalHelper = new STALHelper(cmdCtx.getSTAL());
}
@@ -90,73 +78,4 @@ public abstract class SLCommandImpl<T> implements SLCommand { protected SLCommandContext getCmdCtx() {
return cmdCtx;
}
-
- /**
- * Calls {@link STAL#handleRequest(List)} with the given
- * <code>stalRequests</code>.
- *
- * @param stalRequests
- * @throws SLCommandException
- */
- protected void requestSTAL(List<STALRequest> stalRequests) throws SLCommandException {
- List<STALResponse> responses = cmdCtx.getSTAL().handleRequest(stalRequests);
- if (responses == null) {
- Log log = LogFactory.getLog(this.getClass());
- log.info("Received no responses from STAL.");
- throw new SLCommandException(4000);
- } else if (responses.size() != stalRequests.size()) {
- Log log = LogFactory.getLog(this.getClass());
- log.info("Received invalid count of responses from STAL. Expected "
- + stalRequests.size() + ", but got " + responses.size() + ".");
- // throw new SLCommandException(4000);
- }
- stalResponses = responses.iterator();
- }
-
- /**
- * @return <code>true</code> if there are more {@link STALResponse}s to be
- * fetched with {@link #nextResponse(Class)}, or <code>false</code>
- * otherwise.
- */
- protected boolean hasNextResponse() {
- return (stalResponses != null) ? stalResponses.hasNext() : false;
- }
-
- /**
- * Returns the next response of type <code>responseClass</code> that has been
- * received by {@link #requestSTAL(List)}.
- *
- * @param responseClass
- * the response must be an instance of
- * @return the next response of type <code>responseClass</code>
- *
- * @throws NoSuchElementException
- * if there is no more response
- * @throws SLCommandException
- * if the next response is of type {@link ErrorResponse} or not of
- * type <code>responseClass</code>
- */
- protected STALResponse nextResponse(
- Class<? extends STALResponse> responseClass) throws SLCommandException {
-
- if (stalResponses == null) {
- throw new NoSuchElementException();
- }
-
- STALResponse response = stalResponses.next();
-
- if (response instanceof ErrorResponse) {
- throw new SLCommandException(((ErrorResponse) response).getErrorCode());
- }
-
- if (!(responseClass.isAssignableFrom(response.getClass()))) {
- Log log = LogFactory.getLog(this.getClass());
- log.info("Received " + response.getClass() + " from STAL but expected "
- + responseClass);
- throw new SLCommandException(4000);
- }
-
- return response;
-
- }
}
diff --git a/bkucommon/src/main/java/at/gv/egiz/bku/slcommands/impl/SLResultImpl.java b/bkucommon/src/main/java/at/gv/egiz/bku/slcommands/impl/SLResultImpl.java index 7306b237..99a3b119 100644 --- a/bkucommon/src/main/java/at/gv/egiz/bku/slcommands/impl/SLResultImpl.java +++ b/bkucommon/src/main/java/at/gv/egiz/bku/slcommands/impl/SLResultImpl.java @@ -16,6 +16,7 @@ */ package at.gv.egiz.bku.slcommands.impl; +import java.io.UnsupportedEncodingException; import java.util.Locale; import javax.xml.bind.JAXBContext; @@ -32,6 +33,7 @@ import javax.xml.transform.TransformerFactoryConfigurationError; import javax.xml.transform.dom.DOMSource; import javax.xml.transform.sax.SAXTransformerFactory; import javax.xml.transform.sax.TransformerHandler; +import javax.xml.transform.stream.StreamResult; import org.apache.commons.logging.Log; import org.apache.commons.logging.LogFactory; @@ -45,6 +47,8 @@ import at.gv.egiz.bku.slexceptions.SLBindingException; import at.gv.egiz.bku.slexceptions.SLCommandException; import at.gv.egiz.bku.slexceptions.SLException; import at.gv.egiz.bku.slexceptions.SLRuntimeException; +import at.gv.egiz.bku.utils.DebugOutputStream; +import at.gv.egiz.bku.utils.DebugWriter; /** * This class serves as an abstract base class for the implementation of a @@ -85,7 +89,7 @@ public abstract class SLResultImpl implements SLResult { private Marshaller getMarshaller() { try { - JAXBContext context = SLCommandFactory.getJaxbContext(); + JAXBContext context = SLCommandFactory.getInstance().getJaxbContext(); Marshaller marshaller = context.createMarshaller(); marshaller.setProperty(Marshaller.JAXB_FORMATTED_OUTPUT, Boolean.TRUE); return marshaller; @@ -128,6 +132,20 @@ public abstract class SLResultImpl implements SLResult { * @param templates */ protected void writeTo(JAXBElement<?> response, Result result, Templates templates) { + + DebugWriter dw = null; + DebugOutputStream ds = null; + if (log.isTraceEnabled() && result instanceof StreamResult) { + StreamResult streamResult = (StreamResult) result; + if (streamResult.getOutputStream() != null) { + ds = new DebugOutputStream(streamResult.getOutputStream()); + streamResult.setOutputStream(ds); + } + if (streamResult.getWriter() != null) { + dw = new DebugWriter(streamResult.getWriter()); + streamResult.setWriter(dw); + } + } TransformerHandler transformerHandler = null; if (templates != null) { @@ -151,10 +169,36 @@ public abstract class SLResultImpl implements SLResult { writeErrorTo(commandException, result, templates); } + if (ds != null) { + try { + log.trace("Marshalled result:\n" + new String(ds.getBufferedBytes(), "UTF-8")); + } catch (UnsupportedEncodingException e) { + log.trace(e.getMessage()); + } + } + + if (dw != null) { + log.trace("Marshalled result:\n" + dw.getBufferedString()); + } + } protected void writeTo(Node node, Result result, Templates templates) { + DebugWriter dw = null; + DebugOutputStream ds = null; + if (log.isTraceEnabled() && result instanceof StreamResult) { + StreamResult streamResult = (StreamResult) result; + if (streamResult.getOutputStream() != null) { + ds = new DebugOutputStream(streamResult.getOutputStream()); + streamResult.setOutputStream(ds); + } + if (streamResult.getWriter() != null) { + dw = new DebugWriter(streamResult.getWriter()); + streamResult.setWriter(dw); + } + } + if (templates == null) { try { TransformerFactory transformerFactory = TransformerFactory.newInstance(); @@ -179,7 +223,19 @@ public abstract class SLResultImpl implements SLResult { writeErrorTo(new SLException(2008), result, templates); } } + + if (ds != null) { + try { + log.trace("Marshalled result:\n" + new String(ds.getBufferedBytes(), "UTF-8")); + } catch (UnsupportedEncodingException e) { + log.trace(e.getMessage()); + } + } + if (dw != null) { + log.trace("Marshalled result:\n" + dw.getBufferedString()); + } + } protected void writeErrorTo(SLException slException, Result result, Templates templates) { diff --git a/bkucommon/src/main/java/at/gv/egiz/bku/slcommands/impl/STALHelper.java b/bkucommon/src/main/java/at/gv/egiz/bku/slcommands/impl/STALHelper.java new file mode 100644 index 00000000..0c7ce3f5 --- /dev/null +++ b/bkucommon/src/main/java/at/gv/egiz/bku/slcommands/impl/STALHelper.java @@ -0,0 +1,218 @@ +/* +* Copyright 2008 Federal Chancellery Austria and +* Graz University of Technology +* +* Licensed under the Apache License, Version 2.0 (the "License"); +* you may not use this file except in compliance with the License. +* You may obtain a copy of the License at +* +* http://www.apache.org/licenses/LICENSE-2.0 +* +* Unless required by applicable law or agreed to in writing, software +* distributed under the License is distributed on an "AS IS" BASIS, +* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +* See the License for the specific language governing permissions and +* limitations under the License. +*/ +package at.gv.egiz.bku.slcommands.impl; + +import iaik.asn1.CodingException; +import iaik.asn1.DerCoder; + +import java.io.ByteArrayInputStream; +import java.security.cert.CertificateException; +import java.security.cert.CertificateFactory; +import java.security.cert.X509Certificate; +import java.util.ArrayList; +import java.util.Iterator; +import java.util.List; +import java.util.NoSuchElementException; + +import org.apache.commons.logging.Log; +import org.apache.commons.logging.LogFactory; + +import at.gv.egiz.bku.slexceptions.SLCommandException; +import at.gv.egiz.bku.slexceptions.SLExceptionMessages; +import at.gv.egiz.bku.slexceptions.SLRuntimeException; +import at.gv.egiz.idlink.ans1.IdentityLink; +import at.gv.egiz.stal.ErrorResponse; +import at.gv.egiz.stal.InfoboxReadResponse; +import at.gv.egiz.stal.STAL; +import at.gv.egiz.stal.STALRequest; +import at.gv.egiz.stal.STALResponse; + +/** + * A helper class for transmitting {@link STALRequest}s and obtaining their + * respective {@link STALResponse}s. + * + * @author mcentner + */ +public class STALHelper { + + /** + * Logging facility. + */ + private static Log log = LogFactory.getLog(STALHelper.class); + + /** + * The STAL implementation. + */ + private STAL stal; + + /** + * An iterator over the <code>STALResponse</code>s received in + * {@link SLCommandImpl#transmitSTALRequest(List)}. + */ + protected Iterator<STALResponse> stalResponses; + + /** + * Creates a new instance of this STALHelper with the given + * <code>stal</code>. + * + * @param stal the STAL to be used + */ + public STALHelper(STAL stal) { + if (stal == null) { + throw new NullPointerException("Argument 'stal' must not be null."); + } + this.stal = stal; + } + + /** + * Calls {@link STAL#handleRequest(List)} with the given + * <code>stalRequests</code>. + * + * @param stalRequests + * @throws SLCommandException + */ + public void transmitSTALRequest(List<? extends STALRequest> stalRequests) throws SLCommandException { + List<STALResponse> responses = stal.handleRequest(stalRequests); + if (responses == null) { + Log log = LogFactory.getLog(this.getClass()); + log.info("Received no responses from STAL."); + throw new SLCommandException(4000); + } else if (responses.size() != stalRequests.size()) { + Log log = LogFactory.getLog(this.getClass()); + log.info("Received invalid count of responses from STAL. Expected " + + stalRequests.size() + ", but got " + responses.size() + "."); + // throw new SLCommandException(4000); + } + stalResponses = responses.iterator(); + } + + /** + * @return <code>true</code> if there are more {@link STALResponse}s to be + * fetched with {@link #nextResponse(Class)}, or <code>false</code> + * otherwise. + */ + public boolean hasNextResponse() { + return (stalResponses != null) ? stalResponses.hasNext() : false; + } + + /** + * Returns the next response of type <code>responseClass</code> that has been + * received by {@link #transmitSTALRequest(List)}. + * + * @param responseClass + * the response must be an instance of + * @return the next response of type <code>responseClass</code> + * + * @throws NoSuchElementException + * if there is no more response + * @throws SLCommandException + * if the next response is of type {@link ErrorResponse} or not of + * type <code>responseClass</code> + */ + public STALResponse nextResponse( + Class<? extends STALResponse> responseClass) throws SLCommandException { + + if (stalResponses == null) { + throw new NoSuchElementException(); + } + + STALResponse response = stalResponses.next(); + + if (response instanceof ErrorResponse) { + throw new SLCommandException(((ErrorResponse) response).getErrorCode()); + } + + if (!(responseClass.isAssignableFrom(response.getClass()))) { + Log log = LogFactory.getLog(this.getClass()); + log.info("Received " + response.getClass() + " from STAL but expected " + + responseClass); + throw new SLCommandException(4000); + } + + return response; + + } + + /** + * Gets the list of certificates from the next STAL responses. + * + * @return the list of certificates + * + * @throws SLCommandException if getting the list of certificates fails + */ + public List<X509Certificate> getCertificatesFromResponses() throws SLCommandException { + + List<X509Certificate> certificates = new ArrayList<X509Certificate>(); + + CertificateFactory certFactory; + try { + certFactory = CertificateFactory.getInstance("X509"); + } catch (CertificateException e) { + // we should always be able to get an X509 certificate factory + log.error("CertificateFactory.getInstance(\"X509\") failed.", e); + throw new SLRuntimeException(e); + } + + InfoboxReadResponse response; + while(hasNextResponse()) { + response = (InfoboxReadResponse) nextResponse(InfoboxReadResponse.class); + byte[] cert = response.getInfoboxValue(); + try { + certificates.add((X509Certificate) certFactory.generateCertificate(new ByteArrayInputStream(cert))); + } catch (CertificateException e) { + log.info("Failed to decode certificate.", e); + throw new SLCommandException(4000, + SLExceptionMessages.EC4000_UNCLASSIFIED_INFOBOX_INVALID, + new Object[] { "Certificates" }); + } + } + + return certificates; + + } + + /** + * Gets the IdentitiyLink form the next STAL response. + * + * @return the IdentityLink + * + * @throws SLCommandException if getting the IdentitiyLink fails + */ + public IdentityLink getIdentityLinkFromResponses() throws SLCommandException { + + // IdentityLink + InfoboxReadResponse response; + if (hasNextResponse()) { + response = (InfoboxReadResponse) nextResponse(InfoboxReadResponse.class); + byte[] idLink = response.getInfoboxValue(); + try { + return new IdentityLink(DerCoder.decode(idLink)); + } catch (CodingException e) { + log.info("Failed to decode infobox 'IdentityLink'.", e); + throw new SLCommandException(4000, + SLExceptionMessages.EC4000_UNCLASSIFIED_INFOBOX_INVALID, + new Object[] { "IdentityLink" }); + } + } else { + log.info("No infobox 'IdentityLink' returned from STAL."); + throw new SLCommandException(4000); + } + + } + + +} diff --git a/bkucommon/src/main/java/at/gv/egiz/bku/slcommands/impl/SVPersonendatenInfoboxImpl.java b/bkucommon/src/main/java/at/gv/egiz/bku/slcommands/impl/SVPersonendatenInfoboxImpl.java new file mode 100644 index 00000000..7e204632 --- /dev/null +++ b/bkucommon/src/main/java/at/gv/egiz/bku/slcommands/impl/SVPersonendatenInfoboxImpl.java @@ -0,0 +1,323 @@ +/* +* Copyright 2008 Federal Chancellery Austria and +* Graz University of Technology +* +* Licensed under the Apache License, Version 2.0 (the "License"); +* you may not use this file except in compliance with the License. +* You may obtain a copy of the License at +* +* http://www.apache.org/licenses/LICENSE-2.0 +* +* Unless required by applicable law or agreed to in writing, software +* distributed under the License is distributed on an "AS IS" BASIS, +* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +* See the License for the specific language governing permissions and +* limitations under the License. +*/ +package at.gv.egiz.bku.slcommands.impl; + +import iaik.asn1.ASN; +import iaik.asn1.ASN1Object; +import iaik.asn1.CodingException; +import iaik.asn1.DerCoder; +import iaik.asn1.NumericString; +import iaik.asn1.OCTET_STRING; +import iaik.asn1.ObjectID; +import iaik.asn1.SEQUENCE; +import iaik.asn1.SET; +import iaik.asn1.UNKNOWN; +import iaik.asn1.structures.ChoiceOfTime; + +import java.io.IOException; +import java.math.BigInteger; +import java.nio.charset.Charset; +import java.text.SimpleDateFormat; +import java.util.ArrayList; +import java.util.Arrays; +import java.util.Date; +import java.util.GregorianCalendar; +import java.util.HashMap; +import java.util.List; +import java.util.Map; +import java.util.TimeZone; + +import javax.xml.datatype.DatatypeFactory; +import javax.xml.datatype.XMLGregorianCalendar; + +import org.apache.commons.logging.Log; +import org.apache.commons.logging.LogFactory; + +import at.buergerkarte.namespaces.cardchannel.AttributeList; +import at.buergerkarte.namespaces.cardchannel.AttributeType; +import at.buergerkarte.namespaces.cardchannel.ObjectFactory; +import at.gv.egiz.bku.slcommands.SLCommandContext; +import at.gv.egiz.bku.slexceptions.SLCommandException; +import at.gv.egiz.bku.slexceptions.SLExceptionMessages; +import at.gv.egiz.stal.InfoboxReadRequest; +import at.gv.egiz.stal.InfoboxReadResponse; +import at.gv.egiz.stal.STALRequest; + +/** + * An implementation of the {@link Infobox} <em>Certificates</em> as + * specified in Security Layer 1.2. + * + * @author mcentner + */ +public class SVPersonendatenInfoboxImpl extends AbstractAssocArrayInfobox { + + /** + * Logging facility. + */ + private static Log log = LogFactory.getLog(SVPersonendatenInfoboxImpl.class); + + public static final String EHIC = "EHIC"; + + public static final String GRUNDDATEN = "Grunddaten"; + + public static final String STATUS = "Status"; + + public static final String SV_PERSONENBINDUNG = "SV-Personenbindung"; + + /** + * The valid keys. + */ + public static final String[] KEYS = new String[] { + GRUNDDATEN, EHIC, STATUS, SV_PERSONENBINDUNG + }; + + @Override + public String getIdentifier() { + return "SV-Personendaten"; + } + + @Override + public String[] getKeys() { + return KEYS; + } + + @Override + public boolean isValuesAreXMLEntities() { + return true; + } + + @Override + public Map<String, Object> getValues(List<String> keys, SLCommandContext cmdCtx) throws SLCommandException { + + STALHelper stalHelper = new STALHelper(cmdCtx.getSTAL()); + + if (keys != null && !keys.isEmpty()) { + + List<STALRequest> stalRequests = new ArrayList<STALRequest>(); + + // get values + InfoboxReadRequest infoboxReadRequest; + for (int i = 0; i < keys.size(); i++) { + infoboxReadRequest = new InfoboxReadRequest(); + infoboxReadRequest.setInfoboxIdentifier(keys.get(i)); + stalRequests.add(infoboxReadRequest); + } + + stalHelper.transmitSTALRequest(stalRequests); + + Map<String, Object> values = new HashMap<String, Object>(); + + try { + for (int i = 0; i < keys.size(); i++) { + + String key = keys.get(i); + InfoboxReadResponse nextResponse = (InfoboxReadResponse) stalHelper.nextResponse(InfoboxReadResponse.class); + + + ObjectFactory objectFactory = new ObjectFactory(); + + if (EHIC.equals(key)) { + AttributeList attributeList = createAttributeList(nextResponse.getInfoboxValue()); + values.put(key, objectFactory.createEHIC(attributeList)); + } else if (GRUNDDATEN.equals(key)) { + AttributeList attributeList = createAttributeList(nextResponse.getInfoboxValue()); + values.put(key, objectFactory.createGrunddaten(attributeList)); + } else if (SV_PERSONENBINDUNG.equals(key)) { + values.put(key, objectFactory.createSVPersonenbindung(nextResponse.getInfoboxValue())); + } else if (STATUS.equals(key)) { + AttributeList attributeList = createAttributeListFromRecords(nextResponse.getInfoboxValue()); + values.put(key, objectFactory.createStatus(attributeList)); + } + + } + } catch (CodingException e) { + log.info("Failed to decode '" + getIdentifier() + "' infobox.", e); + throw new SLCommandException(4000, + SLExceptionMessages.EC4000_UNCLASSIFIED_INFOBOX_INVALID, + new Object[] { "IdentityLink" }); + + } + + return values; + + } else { + + return new HashMap<String, Object>(); + + } + + + } + + public static AttributeList createAttributeList(byte[] infoboxValue) throws CodingException { + + ObjectFactory objectFactory = new ObjectFactory(); + + ASN1Object asn1 = DerCoder.decode(infoboxValue); + + AttributeList attributeList = objectFactory.createAttributeList(); + List<AttributeType> attributes = attributeList.getAttribute(); + + if (asn1.isA(ASN.SEQUENCE)) { + for (int i = 0; i < ((SEQUENCE) asn1).countComponents(); i++) { + + AttributeType attributeType = objectFactory.createAttributeType(); + + if (asn1.getComponentAt(i).isA(ASN.SEQUENCE)) { + SEQUENCE attribute = (SEQUENCE) asn1.getComponentAt(i); + if (attribute.getComponentAt(0).isA(ASN.ObjectID)) { + ObjectID objectId = (ObjectID) attribute.getComponentAt(0); + attributeType.setOid("urn:oid:" + objectId.getID()); + } + if (attribute.getComponentAt(1).isA(ASN.SET)) { + SET values = (SET) attribute.getComponentAt(1); + for (int j = 0; j < values.countComponents(); j++) { + setAttributeValue(attributeType, values.getComponentAt(j)); + } + } + } + + attributes.add(attributeType); + + } + + } + + return attributeList; + + } + + public static AttributeList createAttributeListFromRecords(byte[] infoboxValue) throws CodingException { + + ObjectFactory objectFactory = new ObjectFactory(); + + AttributeList attributeList = objectFactory.createAttributeList(); + List<AttributeType> attributes = attributeList.getAttribute(); + + byte[] records = infoboxValue; + + while (records != null && records.length > 0) { + + int length; + + if (records[0] != 0x00) { + + ASN1Object asn1 = DerCoder.decode(records); + + AttributeType attributeType = objectFactory.createAttributeType(); + + if (asn1.isA(ASN.SEQUENCE)) { + SEQUENCE attribute = (SEQUENCE) asn1; + if (attribute.getComponentAt(0).isA(ASN.ObjectID)) { + ObjectID objectId = (ObjectID) attribute.getComponentAt(0); + attributeType.setOid("urn:oid:" + objectId.getID()); + } + if (attribute.getComponentAt(1).isA(ASN.SET)) { + SET values = (SET) attribute.getComponentAt(1); + for (int j = 0; j < values.countComponents(); j++) { + setAttributeValue(attributeType, values.getComponentAt(j)); + } + } + } + + attributes.add(attributeType); + + length = DerCoder.encode(asn1).length; + + } else { + length = 1; + } + + if (length < records.length) { + records = Arrays.copyOfRange(records, length + 1, records.length); + } else { + records = null; + } + + } + + return attributeList; + + } + + private static void setAttributeValue(AttributeType attributeType, ASN1Object value) { + + if (value.isA(ASN.OCTET_STRING)) { + + try { + byte[] octets = ((OCTET_STRING) value).getWholeValue(); + attributeType.setLatin1String(new String(octets, Charset.forName("ISO-8859-1"))); + } catch (IOException e) { + log.info("Failed to set Latin1String.", e); + } + + } else if (value.isA(ASN.NumericString)) { + + attributeType.setNumericString((String) ((NumericString) value).getValue()); + + } else if (value.isA(ASN.GeneralizedTime)) { + + try { + ChoiceOfTime choiceOfTime = new ChoiceOfTime(value); + + GregorianCalendar gregorianCalendar = new GregorianCalendar(); + gregorianCalendar.setTimeZone(TimeZone.getTimeZone("UTC")); + gregorianCalendar.setTime(choiceOfTime.getDate()); + + DatatypeFactory datatypeFactory = DatatypeFactory.newInstance(); + XMLGregorianCalendar xmlGregorianCalendar = datatypeFactory.newXMLGregorianCalendar(gregorianCalendar); + xmlGregorianCalendar.setTimezone(0); + + attributeType.setGeneralizedTime(xmlGregorianCalendar); + } catch (Exception e) { + log.info("Failed to set GeneralizedTime.", e); + } + + } else if (value.isA(ASN.INTEGER)) { + + attributeType.setInteger((BigInteger) value.getValue()); + + } else if (value.isA(ASN.UTF8String)) { + + attributeType.setUTF8String((String) value.getValue()); + + } else if (value.isA(ASN.PrintableString)) { + + attributeType.setPrintableString((String) value.getValue()); + + } else if (value.isA(ASN.UNKNOWN)) { + + byte[] bytes = (byte[]) ((UNKNOWN) value).getValue(); + + try { + BigInteger bigInteger = new BigInteger(bytes); + String string = bigInteger.toString(16); + + Date date = new SimpleDateFormat("yyyyMMdd").parse(string); + attributeType.setDate(new SimpleDateFormat("yyyy-MM-dd").format(date)); + } catch (Exception e) { + log.info("Failed to set Date.", e); + } + } + + } + + + + + +} |