/** * Copyright (c) 2006 by Know-Center, Graz, Austria * * This software is the confidential and proprietary information of Know-Center, * Graz, Austria. You shall not disclose such Confidential Information and shall * use it only in accordance with the terms of the license agreement you entered * into with Know-Center. * * KNOW-CENTER MAKES NO REPRESENTATIONS OR WARRANTIES ABOUT THE SUITABILITY OF * THE SOFTWARE, EITHER EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE * IMPLIED WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE, OR * NON-INFRINGEMENT. KNOW-CENTER SHALL NOT BE LIABLE FOR ANY DAMAGES SUFFERED BY * LICENSEE AS A RESULT OF USING, MODIFYING OR DISTRIBUTING THIS SOFTWARE OR ITS * DERIVATIVES. * * $Id: LocalRequestHelper.java,v 1.6 2006/10/31 08:22:04 wprinz Exp $ */ package at.knowcenter.wag.egov.egiz.web; import java.io.IOException; import java.net.MalformedURLException; import java.net.URL; import java.util.ArrayList; import java.util.List; import java.util.Properties; import javax.servlet.http.HttpServletRequest; import javax.servlet.http.HttpServletResponse; import org.apache.commons.logging.Log; import org.apache.commons.logging.LogFactory; import at.knowcenter.wag.egov.egiz.exceptions.ConnectorFactoryException; import at.knowcenter.wag.egov.egiz.exceptions.NormalizeException; import at.knowcenter.wag.egov.egiz.exceptions.PresentableException; import at.knowcenter.wag.egov.egiz.exceptions.SignatureException; import at.knowcenter.wag.egov.egiz.pdf.SignatureHolder; import at.knowcenter.wag.egov.egiz.sig.SignatureData; import at.knowcenter.wag.egov.egiz.sig.SignatureDataImpl; import at.knowcenter.wag.egov.egiz.sig.SignatureObject; import at.knowcenter.wag.egov.egiz.sig.connectors.ConnectorChooser; import at.knowcenter.wag.egov.egiz.sig.connectors.LocalConnector; import at.knowcenter.wag.egov.egiz.sig.connectors.bku.SignSignatureObject; import at.knowcenter.wag.egov.egiz.sig.signatureobject.SignatureObjectHelper; import at.knowcenter.wag.egov.egiz.tools.CodingHelper; import at.knowcenter.wag.egov.egiz.web.servlets.SignServlet; /** * Contains commonly used helper functions for the local request procedure. * * @author wprinz */ public abstract class LocalRequestHelper { /** * The resource of the null request page jsp. */ public static final String NULL_REQUEST_PAGE_JSP = "/jsp/null_request_page.jsp"; /** * The resource of the local connection page jsp. */ public static final String LOCAL_CONNECTION_PAGE_JSP = "/jsp/local_connection_page.jsp"; /** * The resource of the redirect refresh page jsp. */ public static final String REDIRECT_REFRESH_PAGE_JSP = "/jsp/redirect_refresh_page.jsp"; private static Log log = LogFactory.getLog(LocalRequestHelper.class); /** * Sets up the local sign procedure. * * @param response * The HttpServletResponse the local request page is written to. * @throws IOException * Forwarded exception. * @throws PresentableException * Forwarded exception. */ public static String processLocalSign(SessionInformation si, HttpServletRequest request, HttpServletResponse response) throws IOException, PresentableException { String host = request.getServerName(); // "129.27.153.77" URL loc_ref_URL = new URL(request.getScheme(), host, request.getServerPort(), request.getContextPath() + "/RetrieveSignatureData"); String loc_ref_url = response.encodeURL(loc_ref_URL.toString()); LocalConnector c = ConnectorChooser.chooseLocalConnectorForSign(si.connector, si.type, loc_ref_url); String sign_request = c.prepareSignRequest(si.iui.signature_data); // TODO local URL String local_request_url = "http://127.0.0.1:3495/http-security-layer-request"; si.requests = new LocalRequest[1]; si.requests[0] = new LocalRequest(local_request_url, sign_request); si.current_operation = 0; si.response_properties = new Properties[1]; si.response_properties[0] = null; URL data_URL = new URL(request.getScheme(), host, request.getServerPort(), request.getContextPath() + "/DataURL"); String data_url = response.encodeURL(data_URL.toString()); request.setAttribute("local_request_url", local_request_url); request.setAttribute("data_url", data_url); return NULL_REQUEST_PAGE_JSP; // TODO make better // // LocalConnector local_conn = (LocalConnector) // ConnectorFactory.createConnector(si.connector); // // // // FIXME refactor WEB // String document_text = "fixme"; //si.iui.document_text; // String request_string = local_conn.prepareSignRequest(si.user_name, // document_text, si.type); // String request_url = local_conn.getSignURL(si.type); // // LocalRequest local_request = new LocalRequest(request_url, // request_string); // List local_requests = new ArrayList(); // local_requests.add(local_request); // // // ByteArrayOutputStream baos = new ByteArrayOutputStream(); // // ObjectOutputStream oos = new ObjectOutputStream(baos); // // oos.writeObject(local_requests); // // oos.close(); // // baos.close(); // // si.requests = new LocalRequest[1]; // si.requests[0] = new LocalRequest(local_conn.getSignURL(si.type), // request_string); // si.current_operation = 0; // si.response_properties = new Properties[1]; // si.response_properties[0] = null; // // // SessionTable.put(si); // request.getSession().setAttribute(SessionAttributes.ATTRIBUTE_SESSION_INFORMATION, // si); // // // byte [] requests_bytes = baos.toByteArray(); // // String base64 = CodingHelper.encodeBase64(requests_bytes); // // LocalRequestHelper.prepareDispatchToLocalConnectionPage(si.requests[0], // request, response); } /** * Sets up the local verify procedure. * * @param response * The HttpServletResponse the local request page is written to. * @return Returns the JSP location where the calling servlet should dispatch * to. * @throws SignatureException * Forwarded exception. * @throws NormalizeException * Forwarded exception. * @throws IOException * Forwarded exception. * @throws ConnectorFactoryException * Forwarded exception. */ public static String processLocalVerify(SessionInformation si, List holders_to_verify, HttpServletRequest request, HttpServletResponse response) throws SignatureException, NormalizeException, IOException, ConnectorFactoryException { si.requests = new LocalRequest[holders_to_verify.size()]; si.response_properties = new Properties[si.requests.length]; si.current_operation = 0; si.finished = false; String host = request.getServerName(); URL loc_ref_URL = new URL(request.getScheme(), host, request.getServerPort(), request.getContextPath() + "/RetrieveSignatureData"); String loc_ref_url = response.encodeURL(loc_ref_URL.toString()); for (int i = 0; i < si.requests.length; i++) { SignatureHolder holder = (SignatureHolder) holders_to_verify.get(i); SignatureObject s = holder.getSignatureObject(); // TODO This whole processing is unnecessary here because only the mime // type is used. String text_to_be_verified = holder.getSignedText(); SignatureData sd = null; if (holder.getSignatureObject().isBinary()) { byte[] data = CodingHelper.decodeBase64(text_to_be_verified); sd = new SignatureDataImpl(data, "application/pdf"); } else { sd = new SignatureDataImpl(text_to_be_verified.getBytes("UTF-8"), "text/plain", "UTF-8"); } SignSignatureObject so = SignatureObjectHelper.convertSignatureObjectToSignSignatureObject(s); LocalConnector local_conn = ConnectorChooser.chooseLocalConnectorForVerify(si.connector, s.getKZ(), so.id, si.type, loc_ref_url); String request_string = local_conn.prepareVerifyRequest(sd, so); LocalRequest local_request = new LocalRequest("not-needed", request_string); si.requests[i] = local_request; si.response_properties[i] = null; } // TODO read from config String local_request_url = "http://127.0.0.1:3495/http-security-layer-request"; URL data_URL = new URL(request.getScheme(), host, request.getServerPort(), request.getContextPath() + "/DataURL"); String data_url = response.encodeURL(data_URL.toString()); request.setAttribute("local_request_url", local_request_url); request.setAttribute("data_url", data_url); return NULL_REQUEST_PAGE_JSP; // si.requests = new LocalRequest[holders_to_verify.size()]; // si.response_properties = new Properties[si.requests.length]; // si.current_operation = 0; // si.finished = false; // // request.getSession().setAttribute(SessionAttributes.ATTRIBUTE_SESSION_INFORMATION, // si); // // SessionTable.put(si); // // LocalConnector local_conn = (LocalConnector) // ConnectorFactory.createConnector(si.connector); // // for (int i = 0; i < si.requests.length; i++) // { // SignatureHolder holder = (SignatureHolder) holders_to_verify.get(i); // // String text_to_be_verified = holder.getSignedText(); // // Normalizer normalizer = new Normalizer(); // // String normalized = normalizer.normalize(holder.signed_text); // // String request_string = // local_conn.prepareVerifyRequest(text_to_be_verified, // holder.getSignatureObject()); // // LocalRequest local_request = new // LocalRequest(local_conn.getVerifyURL(holder.getSignatureObject().getSignationType()), // request_string); // si.requests[i] = local_request; // si.response_properties[i] = null; // } // // // ByteArrayOutputStream baos = new ByteArrayOutputStream(); // // ObjectOutputStream oos = new ObjectOutputStream(baos); // // oos.writeObject(local_requests); // // oos.close(); // // baos.close(); // // // byte [] requests_bytes = baos.toByteArray(); // // String base64 = CodingHelper.encodeBase64(requests_bytes); // // prepareDispatchToLocalConnectionPage(si.requests[0], request, response); } /** * Sets up the local verify procedure. * * @param response * The HttpServletResponse the local request page is written to. * @return Returns the JSP location where the calling servlet should dispatch * to. * @throws SignatureException * Forwarded exception. * @throws NormalizeException * Forwarded exception. * @throws IOException * Forwarded exception. * @throws ConnectorFactoryException * Forwarded exception. */ public static String processLocalVerifyForSingleSignature(SessionInformation si, List holders_to_verify, HttpServletRequest request, HttpServletResponse response) throws SignatureException, NormalizeException, IOException, ConnectorFactoryException { si.requests = new LocalRequest[1]; si.response_properties = new Properties[1]; si.current_operation = 0; si.finished = false; String host = request.getServerName(); URL loc_ref_URL = new URL(request.getScheme(), host, request.getServerPort(), request.getContextPath() + "/RetrieveSignatureData"); String loc_ref_url = response.encodeURL(loc_ref_URL.toString()); SignatureHolder holder = (SignatureHolder) holders_to_verify.get(0); SignatureObject s = holder.getSignatureObject(); // TODO This whole processing is unnecessary here because only the mime // type is used. String text_to_be_verified = holder.getSignedText(); SignatureData sd = null; if (holder.getSignatureObject().isBinary()) { byte[] data = CodingHelper.decodeBase64(text_to_be_verified); sd = new SignatureDataImpl(data, "application/pdf"); } else { sd = new SignatureDataImpl(text_to_be_verified.getBytes("UTF-8"), "text/plain", "UTF-8"); } SignSignatureObject so = SignatureObjectHelper.convertSignatureObjectToSignSignatureObject(s); LocalConnector local_conn = ConnectorChooser.chooseLocalConnectorForVerify(si.connector, s.getKZ(), so.id, si.type, loc_ref_url); String request_string = local_conn.prepareVerifyRequest(sd, so); LocalRequest local_request = new LocalRequest("not-needed", request_string); si.requests[0] = local_request; si.response_properties[0] = null; // TODO read from config String local_request_url = "http://127.0.0.1:3495/http-security-layer-request"; URL data_URL = new URL(request.getScheme(), host, request.getServerPort(), request.getContextPath() + "/DataURL"); String data_url = response.encodeURL(data_URL.toString()); request.setAttribute("local_request_url", local_request_url); request.setAttribute("data_url", data_url); return NULL_REQUEST_PAGE_JSP; } /** * Formats the OK response from the web application back to the local BKU. * *

* As stated in the BKU tutorial, this response must be plain text "". * Otherwise BKU will assume a failure. *

* * @param response * The HttpServletResponse to answer to. * @throws IOException * Forwarded exception. */ protected static void formatBKUOkResponse(HttpServletResponse response) throws IOException { response.setContentType("text/plain"); response.setCharacterEncoding("ISO-8859-1"); response.getWriter().println(""); } /** * Prepares the dispatch to the local data connection page. * *

* The calling servlet just has to dispatch to the jsp after calling this * method. *

* * @param local_request * The local request. Basically this contains the local service's * target URL and the XML request string. * @param response * The HttpServletResponse to write this page to. * @throws IOException * Forwarded exception. * @throws SignatureException * Forwarded exception. * @throws NormalizeException * Forwarded exception. */ public static void prepareDispatchToLocalConnectionPage( LocalRequest local_request, HttpServletRequest request, HttpServletResponse response) throws IOException, SignatureException, NormalizeException { response.setContentType("text/html"); response.setCharacterEncoding("UTF-8"); String local_request_url = local_request.getUrl(); String quoted_request = makeStringHTMLReady(local_request.getRequestString()); String host = request.getServerName(); // "129.27.153.77" URL data_URL = new URL(request.getScheme(), host, request.getServerPort(), request.getContextPath() + "/AsynchronousDataResponder"); String data_url = response.encodeURL(data_URL.toString()); URL redirect_URL = new URL(request.getScheme(), host, request.getServerPort(), request.getContextPath() + "/AsynchronousRedirectResponder"); String redirect_url = response.encodeURL(redirect_URL.toString()); request.setAttribute("local_request_url", local_request_url); request.setAttribute("quoted_request", quoted_request); request.setAttribute("data_url", data_url); request.setAttribute("redirect_url", redirect_url); } public static String makeStringHTMLReady(String input) { String output = input; output = output.replaceAll("&", "&"); output = output.replaceAll("\"", """); output = output.replaceAll("<", "<"); output = output.replaceAll(">", ">"); return output; } public static String getLocalServerAddress(HttpServletRequest request, HttpServletResponse response) { String host = request.getServerName(); URL local_server = null; try { local_server = new URL(request.getScheme(), host, request.getServerPort(), "/"); } catch (MalformedURLException e) { // TODO Auto-generated catch block e.printStackTrace(); } String loc_server = response.encodeURL(local_server.toString()); return loc_server; } }