From 7b3d85e31537acc7da994aebeece26bbdf2ecc7a Mon Sep 17 00:00:00 2001 From: tkellner Date: Wed, 10 Apr 2013 18:59:11 +0000 Subject: + Fixed unverifyable Handy signature signatures ... (A-Trust cuts away base64 encoded signature data!) + Moved logfile to {user.home}/.pdfover + temporary pdf files will be saved into {user.home}/.pdfover (no write access in Program folder of windows!) git-svn-id: https://joinup.ec.europa.eu/svn/pdf-over/trunk@67 174cde9d-5d70-4d2a-aa98-46368bc2aaf7 --- .../pdfover/gui/composites/OutputComposite.java | 11 +- .../asit/pdfover/gui/workflow/ConfigProvider.java | 6 + .../pdfover/gui/workflow/ConfigProviderImpl.java | 14 +++ .../pdfover/gui/workflow/states/OutputState.java | 8 ++ .../workflow/states/PrepareConfigurationState.java | 19 ++- .../states/mobilebku/PostSLRequestThread.java | 135 +++++++++++++++------ .../workflow/states/mobilebku/PostTanThread.java | 2 +- pdf-over-gui/src/main/resources/log4j.properties | 17 ++- 8 files changed, 157 insertions(+), 55 deletions(-) (limited to 'pdf-over-gui/src') diff --git a/pdf-over-gui/src/main/java/at/asit/pdfover/gui/composites/OutputComposite.java b/pdf-over-gui/src/main/java/at/asit/pdfover/gui/composites/OutputComposite.java index 84801702..1b24b678 100644 --- a/pdf-over-gui/src/main/java/at/asit/pdfover/gui/composites/OutputComposite.java +++ b/pdf-over-gui/src/main/java/at/asit/pdfover/gui/composites/OutputComposite.java @@ -107,7 +107,7 @@ public class OutputComposite extends StateComposite { // Save as temp file ... java.util.Date date= new java.util.Date(); String fileName = String.format("%d_tmp_signed.pdf", date.getTime()); //$NON-NLS-1$ - open = new File(fileName); + open = new File(OutputComposite.this.tempDirectory + "/" + fileName); //$NON-NLS-1$ FileOutputStream outstream = new FileOutputStream(open); outstream.write(source.getByteArray(), 0, source.getByteArray().length); @@ -180,6 +180,15 @@ public class OutputComposite extends StateComposite { this.pack(); } + String tempDirectory; + + /** + * @param tempDirectory + */ + public void setTempDirectory(String tempDirectory) { + this.tempDirectory = tempDirectory; + } + /** * Gets the signed document * @return the signed document diff --git a/pdf-over-gui/src/main/java/at/asit/pdfover/gui/workflow/ConfigProvider.java b/pdf-over-gui/src/main/java/at/asit/pdfover/gui/workflow/ConfigProvider.java index 7d41a080..0ee116ad 100644 --- a/pdf-over-gui/src/main/java/at/asit/pdfover/gui/workflow/ConfigProvider.java +++ b/pdf-over-gui/src/main/java/at/asit/pdfover/gui/workflow/ConfigProvider.java @@ -37,6 +37,12 @@ public interface ConfigProvider { */ public String getConfigurationFile(); + /** + * Gets the configuration directory + * @return the configuration directory + */ + public String getConfigurationDirectory(); + /** * Gets the default Mobile number * @return the default mobile number diff --git a/pdf-over-gui/src/main/java/at/asit/pdfover/gui/workflow/ConfigProviderImpl.java b/pdf-over-gui/src/main/java/at/asit/pdfover/gui/workflow/ConfigProviderImpl.java index a95423e3..a5cb5d68 100644 --- a/pdf-over-gui/src/main/java/at/asit/pdfover/gui/workflow/ConfigProviderImpl.java +++ b/pdf-over-gui/src/main/java/at/asit/pdfover/gui/workflow/ConfigProviderImpl.java @@ -42,6 +42,12 @@ public class ConfigProviderImpl implements ConfigProvider, ConfigManipulator { private BKUs defaultBKU = BKUs.NONE; + /** + * PDFOver config directory + */ + public static String CONFIG_DIRECTORY = System.getProperty("user.home") + "/.pdfover"; //$NON-NLS-1$ //$NON-NLS-2$ + + /** * Gets the Default Mobile URL */ @@ -460,4 +466,12 @@ public class ConfigProviderImpl implements ConfigProvider, ConfigManipulator { return this.mobileBKU; } + /* (non-Javadoc) + * @see at.asit.pdfover.gui.workflow.ConfigProvider#getConfigurationDirectory() + */ + @Override + public String getConfigurationDirectory() { + return CONFIG_DIRECTORY; + } + } diff --git a/pdf-over-gui/src/main/java/at/asit/pdfover/gui/workflow/states/OutputState.java b/pdf-over-gui/src/main/java/at/asit/pdfover/gui/workflow/states/OutputState.java index f42473a9..47f3d4f8 100644 --- a/pdf-over-gui/src/main/java/at/asit/pdfover/gui/workflow/states/OutputState.java +++ b/pdf-over-gui/src/main/java/at/asit/pdfover/gui/workflow/states/OutputState.java @@ -57,6 +57,14 @@ public class OutputState extends State { if (this.outputComposite == null) { this.outputComposite = this.stateMachine.getGUIProvider() .createComposite(OutputComposite.class, SWT.RESIZE, this); + + File tmpDir = new File(this.stateMachine.getConfigProvider().getConfigurationDirectory() + "/tmp"); //$NON-NLS-1$ + + if(!tmpDir.exists()) { + tmpDir.mkdir(); + } + + this.outputComposite.setTempDirectory(tmpDir.getAbsolutePath()); } return this.outputComposite; diff --git a/pdf-over-gui/src/main/java/at/asit/pdfover/gui/workflow/states/PrepareConfigurationState.java b/pdf-over-gui/src/main/java/at/asit/pdfover/gui/workflow/states/PrepareConfigurationState.java index 237dffa9..92cdb774 100644 --- a/pdf-over-gui/src/main/java/at/asit/pdfover/gui/workflow/states/PrepareConfigurationState.java +++ b/pdf-over-gui/src/main/java/at/asit/pdfover/gui/workflow/states/PrepareConfigurationState.java @@ -16,14 +16,12 @@ package at.asit.pdfover.gui.workflow.states; //Imports -import java.io.BufferedInputStream; import java.io.File; import java.io.FileInputStream; import java.io.FileNotFoundException; import java.io.FileOutputStream; import java.io.IOException; import java.io.InputStream; -import java.net.URL; import org.eclipse.swt.SWT; import org.slf4j.Logger; @@ -55,11 +53,7 @@ import at.asit.pdfover.signator.Signator; */ public class PrepareConfigurationState extends State { - /** - * PDFOver config directory - */ - public static String CONFIG_DIRECTORY = System.getProperty("user.home") + "/.pdfover"; //$NON-NLS-1$ //$NON-NLS-2$ - + /** * @param stateMachine */ @@ -98,7 +92,8 @@ public class PrepareConfigurationState extends State { try { this.stateMachine.getConfigProvider().loadConfiguration( - new FileInputStream(CONFIG_DIRECTORY + "/" + filename)); //$NON-NLS-1$ + new FileInputStream( + this.stateMachine.getConfigProvider().getConfigurationDirectory() + "/" + filename)); //$NON-NLS-1$ log.info("Loaded config from file : " + filename); //$NON-NLS-1$ @@ -141,8 +136,8 @@ public class PrepareConfigurationState extends State { // Read config file try { - File configDir = new File(CONFIG_DIRECTORY); - File configFile = new File(CONFIG_DIRECTORY + "/" //$NON-NLS-1$ + File configDir = new File(this.stateMachine.getConfigProvider().getConfigurationDirectory()); + File configFile = new File(this.stateMachine.getConfigProvider().getConfigurationDirectory() + "/" //$NON-NLS-1$ + ConfigManipulator.DEFAULT_CONFIG_FILE); if (!configDir.exists() || !configFile.exists()) { boolean allOK = false; @@ -164,7 +159,7 @@ public class PrepareConfigurationState extends State { try { inputStream = this.getClass().getResourceAsStream( "/" + ConfigManipulator.DEFAULT_CONFIG_FILE); //$NON-NLS-1$ - pdfOverConfig = new FileOutputStream(CONFIG_DIRECTORY + pdfOverConfig = new FileOutputStream(this.stateMachine.getConfigProvider().getConfigurationDirectory() + "/" //$NON-NLS-1$ + ConfigManipulator.DEFAULT_CONFIG_FILE); @@ -216,7 +211,7 @@ public class PrepareConfigurationState extends State { } } } else { - log.debug("Configuration directory exists!"); + log.debug("Configuration directory exists!"); //$NON-NLS-1$ } // Read cli arguments with for config file! diff --git a/pdf-over-gui/src/main/java/at/asit/pdfover/gui/workflow/states/mobilebku/PostSLRequestThread.java b/pdf-over-gui/src/main/java/at/asit/pdfover/gui/workflow/states/mobilebku/PostSLRequestThread.java index 789fafac..260f49d6 100644 --- a/pdf-over-gui/src/main/java/at/asit/pdfover/gui/workflow/states/mobilebku/PostSLRequestThread.java +++ b/pdf-over-gui/src/main/java/at/asit/pdfover/gui/workflow/states/mobilebku/PostSLRequestThread.java @@ -17,6 +17,7 @@ package at.asit.pdfover.gui.workflow.states.mobilebku; // Imports import java.io.IOException; +import java.io.InputStream; import org.apache.commons.httpclient.Header; import org.apache.commons.httpclient.HttpClient; @@ -24,6 +25,11 @@ import org.apache.commons.httpclient.HttpException; import org.apache.commons.httpclient.HttpStatus; import org.apache.commons.httpclient.methods.GetMethod; import org.apache.commons.httpclient.methods.PostMethod; +import org.apache.commons.httpclient.methods.multipart.FilePart; +import org.apache.commons.httpclient.methods.multipart.MultipartRequestEntity; +import org.apache.commons.httpclient.methods.multipart.Part; +import org.apache.commons.httpclient.methods.multipart.PartSource; +import org.apache.commons.httpclient.methods.multipart.StringPart; import org.apache.commons.httpclient.protocol.Protocol; import org.slf4j.Logger; import org.slf4j.LoggerFactory; @@ -31,11 +37,46 @@ import org.slf4j.LoggerFactory; import at.asit.pdfover.gui.workflow.ConfigManipulator; import at.asit.pdfover.gui.workflow.states.LocalBKUState; import at.asit.pdfover.gui.workflow.states.MobileBKUState; +import at.asit.pdfover.signator.DocumentSource; /** * */ public class PostSLRequestThread implements Runnable { + /** + * + */ + private final class FileUploadSource implements PartSource { + + private DocumentSource source; + + /** + * Constructor + * + * @param source + * the source + */ + public FileUploadSource(DocumentSource source) { + this.source = source; + } + + @Override + public long getLength() { + // TODO Auto-generated method stub + return this.source.getLength(); + } + + @Override + public String getFileName() { + return "sign.pdf"; //$NON-NLS-1$ + } + + @Override + public InputStream createInputStream() throws IOException { + return this.source.getInputStream(); + } + } + /** * SLF4J Logger instance **/ @@ -45,12 +86,12 @@ public class PostSLRequestThread implements Runnable { private MobileBKUState state; private String mobileBKUUrl = ConfigManipulator.MOBILE_BKU_URL_CONFIG; - + /** * Constructor * * @param state - * @param mobileBKUUrl + * @param mobileBKUUrl */ public PostSLRequestThread(MobileBKUState state, String mobileBKUUrl) { this.state = state; @@ -65,8 +106,14 @@ public class PostSLRequestThread implements Runnable { @Override public void run() { try { + /* + * String sl_request = this.state.getSigningState() + * .getSignatureRequest().getBase64Request(); + */ String sl_request = this.state.getSigningState() - .getSignatureRequest().getBase64Request(); + .getSignatureRequest().getFileUploadRequest(); + + log.debug("SL Request: " + sl_request); //$NON-NLS-1$ Protocol.registerProtocol("https", //$NON-NLS-1$ new Protocol("https", new TrustedSocketFactory(), 443)); //$NON-NLS-1$ @@ -74,78 +121,94 @@ public class PostSLRequestThread implements Runnable { HttpClient client = new HttpClient(); client.getParams().setParameter("http.useragent", //$NON-NLS-1$ LocalBKUState.PDF_OVER_USER_AGENT_STRING); - + String url = this.mobileBKUUrl; - + PostMethod method = new PostMethod(url); - method.addParameter("XMLRequest", sl_request); //$NON-NLS-1$ - + //method.addParameter("XMLRequest", sl_request); //$NON-NLS-1$ + + StringPart xmlpart = new StringPart( + "XMLRequest", sl_request, "UTF-8"); //$NON-NLS-1$ //$NON-NLS-2$ + + FilePart filepart = new FilePart("fileupload", //$NON-NLS-1$ + new FileUploadSource(this.state.getSigningState() + .getSignatureRequest().getSignatureData())); + + Part[] parts = { xmlpart, filepart }; + + method.setRequestEntity(new MultipartRequestEntity(parts, method + .getParams())); int returnCode = client.executeMethod(method); String redirectLocation = null; GetMethod gmethod = null; - + String responseData = null; - - this.state.getStatus().setBaseURL(ATrustHelper.stripQueryString(url)); - + + this.state.getStatus().setBaseURL( + ATrustHelper.stripQueryString(url)); + // Follow redirects do { // check return code - if (returnCode == HttpStatus.SC_MOVED_TEMPORARILY || - returnCode == HttpStatus.SC_MOVED_PERMANENTLY) { + if (returnCode == HttpStatus.SC_MOVED_TEMPORARILY + || returnCode == HttpStatus.SC_MOVED_PERMANENTLY) { Header locationHeader = method - .getResponseHeader("location"); //$NON-NLS-1$ + .getResponseHeader("location"); //$NON-NLS-1$ if (locationHeader != null) { redirectLocation = locationHeader.getValue(); } else { throw new IOException( - "Got HTTP 302 but no location to follow!"); //$NON-NLS-1$ + "Got HTTP 302 but no location to follow!"); //$NON-NLS-1$ } - } else if(returnCode == HttpStatus.SC_OK) { - if(gmethod != null) { + } else if (returnCode == HttpStatus.SC_OK) { + if (gmethod != null) { responseData = gmethod.getResponseBodyAsString(); } else { responseData = method.getResponseBodyAsString(); - } + } redirectLocation = null; } else { - throw new HttpException(HttpStatus.getStatusText(returnCode)); + throw new HttpException( + HttpStatus.getStatusText(returnCode)); } - - if(redirectLocation != null) { + + if (redirectLocation != null) { gmethod = new GetMethod(redirectLocation); gmethod.setFollowRedirects(true); returnCode = client.executeMethod(gmethod); } - - } while(redirectLocation != null); + + } while (redirectLocation != null); // Now we have received some data lets check it: - + log.debug("Repsonse from A-Trust: " + responseData); //$NON-NLS-1$ - + // Extract infos: - - String sessionID = ATrustHelper.extractTag(responseData, "identification.aspx?sid=", "\""); //$NON-NLS-1$ //$NON-NLS-2$ - - String viewState = ATrustHelper.extractTag(responseData, "id=\"__VIEWSTATE\" value=\"", "\""); //$NON-NLS-1$ //$NON-NLS-2$ - - String eventValidation = ATrustHelper.extractTag(responseData, "id=\"__EVENTVALIDATION\" value=\"", "\""); //$NON-NLS-1$ //$NON-NLS-2$ - + + String sessionID = ATrustHelper.extractTag(responseData, + "identification.aspx?sid=", "\""); //$NON-NLS-1$ //$NON-NLS-2$ + + String viewState = ATrustHelper.extractTag(responseData, + "id=\"__VIEWSTATE\" value=\"", "\""); //$NON-NLS-1$ //$NON-NLS-2$ + + String eventValidation = ATrustHelper.extractTag(responseData, + "id=\"__EVENTVALIDATION\" value=\"", "\""); //$NON-NLS-1$ //$NON-NLS-2$ + log.info("sessionID: " + sessionID); //$NON-NLS-1$ log.info("viewState: " + viewState); //$NON-NLS-1$ log.info("eventValidation: " + eventValidation); //$NON-NLS-1$ - + this.state.getStatus().setSessionID(sessionID); - + this.state.getStatus().setViewstate(viewState); - + this.state.getStatus().setEventvalidation(eventValidation); - + /* * If all went well we can set the communication state to the new * state diff --git a/pdf-over-gui/src/main/java/at/asit/pdfover/gui/workflow/states/mobilebku/PostTanThread.java b/pdf-over-gui/src/main/java/at/asit/pdfover/gui/workflow/states/mobilebku/PostTanThread.java index e4a2242a..afe29ccf 100644 --- a/pdf-over-gui/src/main/java/at/asit/pdfover/gui/workflow/states/mobilebku/PostTanThread.java +++ b/pdf-over-gui/src/main/java/at/asit/pdfover/gui/workflow/states/mobilebku/PostTanThread.java @@ -149,7 +149,7 @@ public class PostTanThread implements Runnable { if (responseData.contains("sl:CreateXMLSignatureResponse xmlns:sl")) { //$NON-NLS-1$ // success !! - + this.state.getSigningState().setSignatureResponse( new SLResponse(responseData, server, null, null)); this.state diff --git a/pdf-over-gui/src/main/resources/log4j.properties b/pdf-over-gui/src/main/resources/log4j.properties index 626c7e3a..74a980b2 100644 --- a/pdf-over-gui/src/main/resources/log4j.properties +++ b/pdf-over-gui/src/main/resources/log4j.properties @@ -1,10 +1,17 @@ -log4j.rootLogger=TRACE, STDOUT +log4j.rootLogger=TRACE, STDOUT, LOGFILE # STDOUT appender log4j.appender.STDOUT=org.apache.log4j.ConsoleAppender log4j.appender.STDOUT.layout=org.apache.log4j.PatternLayout log4j.appender.STDOUT.layout.ConversionPattern=%-5p | %d | %t | %c %x- %m%n +log4j.appender.LOGFILE=org.apache.log4j.RollingFileAppender +log4j.appender.LOGFILE.file=${user.home}/.pdfover/pdfover.log +log4j.appender.LOGFILE.MaxFileSize=100KB +log4j.appender.LOGFILE.MaxBackupIndex=10 +log4j.appender.LOGFILE.layout=org.apache.log4j.PatternLayout +log4j.appender.LOGFILE.layout.ConversionPattern=%-5p | %d | %t | %c %x- %m%n + log4j.logger = INFO # DETAIL LEVELS PDF-Over @@ -17,9 +24,9 @@ log4j.logger.httpclient.wire = ERROR # DETAIL LEVELS PDF-AS -log4j.logger.org.pdfbox = INFO -log4j.logger.org.apache.pdfbox.util = INFO -log4j.logger.at.gv.egiz.pdfas = INFO -log4j.logger.at.knowcenter = INFO +log4j.logger.org.pdfbox = DEBUG +log4j.logger.org.apache.pdfbox.util = DEBUG +log4j.logger.at.gv.egiz.pdfas = DEBUG +log4j.logger.at.knowcenter = DEBUG log4j.logger.at.knowcenter.wag.egov.egiz.ldap = DEBUG log4j.logger.org.apache.commons.httpclient = ERROR \ No newline at end of file -- cgit v1.2.3