summaryrefslogtreecommitdiff
path: root/pdf-over-gui/src/main/java/at/asit/pdfover/gui/bku
diff options
context:
space:
mode:
authorTobias Kellner <imcybot@gmail.com>2016-01-15 00:45:15 +0100
committerTobias Kellner <tobias.kellner@iaik.tugraz.at>2016-03-14 17:23:00 +0100
commit9cc4fcbe2eab39846d8cd7532bcab26bad85d59d (patch)
treec0b53464f257b621134fcb85f7b23ea754bce711 /pdf-over-gui/src/main/java/at/asit/pdfover/gui/bku
parentf3270ff28da75e0afdcdfa515b1b6807df452752 (diff)
downloadmocca-9cc4fcbe2eab39846d8cd7532bcab26bad85d59d.tar.gz
mocca-9cc4fcbe2eab39846d8cd7532bcab26bad85d59d.tar.bz2
mocca-9cc4fcbe2eab39846d8cd7532bcab26bad85d59d.zip
Add QR code display for A-Trust Handy-Signatur app
Diffstat (limited to 'pdf-over-gui/src/main/java/at/asit/pdfover/gui/bku')
-rw-r--r--pdf-over-gui/src/main/java/at/asit/pdfover/gui/bku/MobileBKUConnector.java67
-rw-r--r--pdf-over-gui/src/main/java/at/asit/pdfover/gui/bku/mobile/ATrustHandler.java108
-rw-r--r--pdf-over-gui/src/main/java/at/asit/pdfover/gui/bku/mobile/ATrustStatus.java19
-rw-r--r--pdf-over-gui/src/main/java/at/asit/pdfover/gui/bku/mobile/MobileBKUHandler.java87
4 files changed, 255 insertions, 26 deletions
diff --git a/pdf-over-gui/src/main/java/at/asit/pdfover/gui/bku/MobileBKUConnector.java b/pdf-over-gui/src/main/java/at/asit/pdfover/gui/bku/MobileBKUConnector.java
index c97a59c3..06b60155 100644
--- a/pdf-over-gui/src/main/java/at/asit/pdfover/gui/bku/MobileBKUConnector.java
+++ b/pdf-over-gui/src/main/java/at/asit/pdfover/gui/bku/MobileBKUConnector.java
@@ -19,7 +19,10 @@ package at.asit.pdfover.gui.bku;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
+import at.asit.pdfover.gui.bku.mobile.ATrustHandler;
+import at.asit.pdfover.gui.bku.mobile.ATrustStatus;
import at.asit.pdfover.gui.bku.mobile.MobileBKUHandler;
+import at.asit.pdfover.gui.bku.mobile.MobileBKUStatus;
import at.asit.pdfover.gui.workflow.states.MobileBKUState;
import at.asit.pdfover.signator.BkuSlConnector;
import at.asit.pdfover.signator.SLRequest;
@@ -105,26 +108,54 @@ public class MobileBKUConnector implements BkuSlConnector {
}
do {
- // Get TAN
- this.state.checkTAN();
+ MobileBKUStatus status = this.state.getStatus();
+ boolean enterTAN = true;
+ String responseData = null;
+ if (status instanceof ATrustStatus) {
+ ATrustStatus aStatus = (ATrustStatus) status;
+ ATrustHandler aHandler = (ATrustHandler) handler;
+ if (aStatus.getQRCode() != null) {
+ this.state.showQR();
+ if (this.state.getStatus().getErrorMessage() != null &&
+ this.state.getStatus().getErrorMessage().equals("cancel")) //$NON-NLS-1$
+ throw new SignatureException(new IllegalStateException());
+ if (aStatus.getQRCode() == null) {
+ try {
+ String response = aHandler.postSMSRequest();
+ log.trace("Response from mobile BKU: " + response); //$NON-NLS-1$
+ handler.handleCredentialsResponse(response);
+ } catch (Exception ex) {
+ log.error("Error in PostCredentialsThread", ex); //$NON-NLS-1$
+ this.state.setThreadException(ex);
+ this.state.displayError(ex);
+ throw new SignatureException(ex);
+ }
+ } else {
+ enterTAN = false;
+ }
+ }
+ }
+ if (enterTAN) {
+ // Get TAN
+ this.state.checkTAN();
- if (this.state.getStatus().getErrorMessage() != null &&
- this.state.getStatus().getErrorMessage().equals("cancel")) //$NON-NLS-1$
- throw new SignatureException(new IllegalStateException());
+ if (this.state.getStatus().getErrorMessage() != null &&
+ this.state.getStatus().getErrorMessage().equals("cancel")) //$NON-NLS-1$
+ throw new SignatureException(new IllegalStateException());
- // Post TAN
- try {
- String responseData = handler.postTAN();
-
- // Now we have received some data lets check it:
- log.trace("Response from mobile BKU: " + responseData); //$NON-NLS-1$
-
- handler.handleTANResponse(responseData);
- } catch (Exception ex) {
- log.error("Error in PostTanThread", ex); //$NON-NLS-1$
- this.state.setThreadException(ex);
- this.state.displayError(ex);
- throw new SignatureException(ex);
+ // Post TAN
+ try {
+ responseData = handler.postTAN();
+ log.trace("Response from mobile BKU: " + responseData); //$NON-NLS-1$
+
+ // Now we have received some data lets check it:
+ handler.handleTANResponse(responseData);
+ } catch (Exception ex) {
+ log.error("Error in PostTanThread", ex); //$NON-NLS-1$
+ this.state.setThreadException(ex);
+ this.state.displayError(ex);
+ throw new SignatureException(ex);
+ }
}
} while (this.state.getStatus().getErrorMessage() != null);
if (this.state.getStatus().getTanTries() == -1)
diff --git a/pdf-over-gui/src/main/java/at/asit/pdfover/gui/bku/mobile/ATrustHandler.java b/pdf-over-gui/src/main/java/at/asit/pdfover/gui/bku/mobile/ATrustHandler.java
index 1a796565..b7e457c3 100644
--- a/pdf-over-gui/src/main/java/at/asit/pdfover/gui/bku/mobile/ATrustHandler.java
+++ b/pdf-over-gui/src/main/java/at/asit/pdfover/gui/bku/mobile/ATrustHandler.java
@@ -18,9 +18,12 @@ package at.asit.pdfover.gui.bku.mobile;
// Imports
import java.awt.Desktop;
import java.io.IOException;
+import java.io.InputStream;
import java.net.URI;
import org.apache.commons.httpclient.HttpClient;
+import org.apache.commons.httpclient.HttpStatus;
+import org.apache.commons.httpclient.methods.GetMethod;
import org.apache.commons.httpclient.methods.PostMethod;
import org.apache.commons.lang3.StringEscapeUtils;
import org.eclipse.swt.SWT;
@@ -137,6 +140,7 @@ public class ATrustHandler extends MobileBKUHandler {
String sessionID = status.getSessionID();
String refVal = null;
String signatureDataURL = null;
+ String qrCode = null;
status.setErrorMessage(null);
@@ -192,11 +196,18 @@ public class ATrustHandler extends MobileBKUHandler {
// credentials ok! TAN entry
log.debug("Credentials accepted - TAN required"); //$NON-NLS-1$
sessionID = MobileBKUHelper.extractTag(responseData, "signature.aspx?sid=", "\""); //$NON-NLS-1$ //$NON-NLS-2$
- viewState = MobileBKUHelper.extractTag(responseData, "id=\"__VIEWSTATE\" value=\"", "\""); //$NON-NLS-1$ //$NON-NLS-2$
- eventValidation = MobileBKUHelper.extractTag(responseData, "id=\"__EVENTVALIDATION\" value=\"", "\""); //$NON-NLS-1$ //$NON-NLS-2$
- refVal = MobileBKUHelper.extractTag(responseData, "id='vergleichswert'><b>Vergleichswert:</b>", "</div>"); //$NON-NLS-1$//$NON-NLS-2$
- signatureDataURL = status.getBaseURL() + "/ShowSigobj.aspx" + //$NON-NLS-1$
- MobileBKUHelper.extractTag(responseData, "ShowSigobj.aspx", "'"); //$NON-NLS-1$//$NON-NLS-2$
+ viewState = MobileBKUHelper.extractTag(responseData, "id=\"__VIEWSTATE\" value=\"", "\""); //$NON-NLS-1$ //$NON-NLS-2$
+ eventValidation = MobileBKUHelper.extractTag(responseData, "id=\"__EVENTVALIDATION\" value=\"", "\""); //$NON-NLS-1$ //$NON-NLS-2$
+ refVal = MobileBKUHelper.extractTag(responseData, "id='vergleichswert'><b>Vergleichswert:</b>", "</div>"); //$NON-NLS-1$ //$NON-NLS-2$
+ signatureDataURL = status.getBaseURL() + "/ShowSigobj.aspx" + //$NON-NLS-1$
+ MobileBKUHelper.extractTag(responseData, "ShowSigobj.aspx", "'"); //$NON-NLS-1$ //$NON-NLS-2$
+ try {
+ qrCode = MobileBKUHelper.extractTag(responseData, "<img class='qrcode' src='", "'"); //$NON-NLS-1$ //$NON-NLS-2$
+ log.debug("QR Code found: " + qrCode); //$NON-NLS-1$
+ status.setQRCode(qrCode);
+ } catch (Exception e) {
+ log.debug("No QR Code found"); //$NON-NLS-1$
+ }
} else if (responseData.contains("sl:InfoboxReadResponse")) { //$NON-NLS-1$
// credentials ok! InfoboxReadResponse
log.debug("Credentials accepted - Response given"); //$NON-NLS-1$
@@ -298,6 +309,93 @@ public class ATrustHandler extends MobileBKUHandler {
}
}
+ /**
+ * Cancel QR process, request SMS TAN
+ * @return the response
+ * @throws IOException Error during posting
+ */
+ public String postSMSRequest() throws IOException {
+ ATrustStatus status = getStatus();
+
+ MobileBKUHelper.registerTrustedSocketFactory();
+ HttpClient client = BKUHelper.getHttpClient();
+
+ PostMethod post = new PostMethod(status.getBaseURL()
+ + "/signature.aspx?sid=" + status.getSessionID()); //$NON-NLS-1$
+ post.getParams().setContentCharset("utf-8"); //$NON-NLS-1$
+ post.addParameter("__VIEWSTATE", status.getViewstate()); //$NON-NLS-1$
+ post.addParameter(
+ "__EVENTVALIDATION", status.getEventvalidation()); //$NON-NLS-1$
+ post.addParameter("__EVENTTARGET", "SmsButton"); //$NON-NLS-1$ //$NON-NLS-2$
+ post.addParameter("__EVENTARGUMENT", ""); //$NON-NLS-1$ //$NON-NLS-2$
+
+ return executePost(client, post);
+ }
+
+ /**
+ * Get the QR code image
+ * @return the QR code image as a String
+ */
+ public InputStream getQRCode() {
+ ATrustStatus status = getStatus();
+
+ MobileBKUHelper.registerTrustedSocketFactory();
+ HttpClient client = BKUHelper.getHttpClient();
+
+ GetMethod get = new GetMethod(status.getBaseURL() + "/" + //$NON-NLS-1$
+ status.getQRCode());
+
+ try {
+ log.debug("Getting " + get.getURI()); //$NON-NLS-1$
+ int returnCode = client.executeMethod(get);
+
+ if (returnCode != HttpStatus.SC_OK) {
+ log.error("Error getting QR code"); //$NON-NLS-1$
+ return null;
+ }
+
+ return get.getResponseBodyAsStream();
+ } catch (Exception e) {
+ log.error("Error getting QR code", e); //$NON-NLS-1$
+ return null;
+ }
+ }
+
+ /**
+ * Get Signature page after scanning QR code
+ * @return the response
+ * @throws IOException Error during get
+ */
+ public String getSignaturePage() throws IOException {
+ ATrustStatus status = getStatus();
+
+ MobileBKUHelper.registerTrustedSocketFactory();
+ HttpClient client = BKUHelper.getHttpClient();
+
+ GetMethod get = new GetMethod(status.getBaseURL()
+ + "/signature.aspx?sid=" + status.getSessionID()); //$NON-NLS-1$
+
+ return executeGet(client, get);
+ }
+
+ /**
+ * Parse QR code response
+ * @param responseData
+ * @return whether a SL response was received
+ */
+ public boolean handleQRResponse(String responseData) {
+ getStatus().setErrorMessage(null);
+ if (responseData.contains("sl:CreateXMLSignatureResponse xmlns:sl") || //$NON-NLS-1$
+ responseData.contains("sl:CreateCMSSignatureResponse xmlns:sl")) { //$NON-NLS-1$
+ // success !!
+
+ getSigningState().setSignatureResponse(
+ new SLResponse(responseData, getStatus().getServer(), null, null));
+ return true;
+ }
+ return false;
+ }
+
@Override
public ATrustStatus getStatus() {
return (ATrustStatus) getState().getStatus();
diff --git a/pdf-over-gui/src/main/java/at/asit/pdfover/gui/bku/mobile/ATrustStatus.java b/pdf-over-gui/src/main/java/at/asit/pdfover/gui/bku/mobile/ATrustStatus.java
index 3fedf73e..a97826b2 100644
--- a/pdf-over-gui/src/main/java/at/asit/pdfover/gui/bku/mobile/ATrustStatus.java
+++ b/pdf-over-gui/src/main/java/at/asit/pdfover/gui/bku/mobile/ATrustStatus.java
@@ -37,6 +37,7 @@ public class ATrustStatus extends AbstractMobileBKUStatusImpl {
private String viewstate;
private String eventvalidation;
+ private String qrcode = null;
/**
* Constructor
@@ -69,7 +70,7 @@ public class ATrustStatus extends AbstractMobileBKUStatusImpl {
public void setViewstate(String viewstate) {
this.viewstate = viewstate;
}
-
+
/**
* @return the eventvalidation
*/
@@ -83,4 +84,20 @@ public class ATrustStatus extends AbstractMobileBKUStatusImpl {
public void setEventvalidation(String eventvalidation) {
this.eventvalidation = eventvalidation;
}
+
+ /**
+ * @return the QR code
+ */
+ public String getQRCode() {
+ return this.qrcode;
+ }
+
+ /**
+ * @param qrcode
+ * the QR code to set
+ */
+ public void setQRCode(String qrcode) {
+ this.qrcode = qrcode;
+ }
+
}
diff --git a/pdf-over-gui/src/main/java/at/asit/pdfover/gui/bku/mobile/MobileBKUHandler.java b/pdf-over-gui/src/main/java/at/asit/pdfover/gui/bku/mobile/MobileBKUHandler.java
index 429000f1..6c6b9f84 100644
--- a/pdf-over-gui/src/main/java/at/asit/pdfover/gui/bku/mobile/MobileBKUHandler.java
+++ b/pdf-over-gui/src/main/java/at/asit/pdfover/gui/bku/mobile/MobileBKUHandler.java
@@ -238,8 +238,11 @@ public abstract class MobileBKUHandler {
Matcher m = pat.matcher(responseData);
if (m.find()) {
String content = m.group(1);
- int start = content.indexOf("URL=") +9; //$NON-NLS-1$
- redirectLocation = content.substring(start, content.length() - 5);
+ int start = content.indexOf("URL="); //$NON-NLS-1$
+ if (start != -1) {
+ start += 9;
+ redirectLocation = content.substring(start, content.length() - 5);
+ }
}
} else {
throw new HttpException(
@@ -261,4 +264,84 @@ public abstract class MobileBKUHandler {
return responseData;
}
+
+ /**
+ * Execute a get from the mobile BKU, following redirects
+ * @param client the HttpClient
+ * @param get the GetMethod
+ * @return the response
+ * @throws IOException IO error
+ */
+ protected String executeGet(HttpClient client, GetMethod get) throws IOException {
+ log.debug("Getting " + get.getURI()); //$NON-NLS-1$
+ int returnCode = client.executeMethod(get);
+
+ String redirectLocation = null;
+
+ GetMethod get2 = null;
+
+ String responseData = null;
+
+ String server = null;
+
+ // Follow redirects
+ do {
+ // check return code
+ if (returnCode == HttpStatus.SC_MOVED_TEMPORARILY ||
+ returnCode == HttpStatus.SC_MOVED_PERMANENTLY) {
+
+ Header locationHeader = get.getResponseHeader("location"); //$NON-NLS-1$
+ if (locationHeader != null) {
+ redirectLocation = locationHeader.getValue();
+ } else {
+ throw new IOException(
+ "Got HTTP 302 but no location to follow!"); //$NON-NLS-1$
+ }
+ } else if (returnCode == HttpStatus.SC_OK) {
+ if (get2 != null) {
+ responseData = get2.getResponseBodyAsString();
+ Header serverHeader = get2.getResponseHeader(
+ LocalBKUState.BKU_RESPONSE_HEADER_SERVER);
+ if (serverHeader != null)
+ server = serverHeader.getValue();
+ } else {
+ responseData = get.getResponseBodyAsString();
+
+ Header serverHeader = get.getResponseHeader(
+ LocalBKUState.BKU_RESPONSE_HEADER_SERVER);
+ if (serverHeader != null)
+ server = serverHeader.getValue();
+ }
+ redirectLocation = null;
+ String p = "<meta [^>]*http-equiv=\"refresh\" [^>]*content=\"([^\"]*)\""; //$NON-NLS-1$
+ Pattern pat = Pattern.compile(p);
+ Matcher m = pat.matcher(responseData);
+ if (m.find()) {
+ String content = m.group(1);
+ int start = content.indexOf("URL="); //$NON-NLS-1$
+ if (start != -1) {
+ start += 9;
+ redirectLocation = content.substring(start, content.length() - 5);
+ }
+ }
+ } else {
+ throw new HttpException(
+ HttpStatus.getStatusText(returnCode));
+ }
+
+ if (redirectLocation != null) {
+ redirectLocation = getStatus().ensureSessionID(redirectLocation);
+ log.debug("Redirected to " + redirectLocation); //$NON-NLS-1$
+ get2 = new GetMethod(redirectLocation);
+ get2.setFollowRedirects(true);
+ returnCode = client.executeMethod(get2);
+ }
+ } while (redirectLocation != null);
+
+ getStatus().setServer(server);
+ if (server != null)
+ log.info("Server: " + server); //$NON-NLS-1$
+
+ return responseData;
+ }
}