/** * Copyright (c) 2006 by Know-Center, Graz, Austria * * This software is the confidential and proprietary information of Know-Center, * Graz, Austria. You shall not disclose such Confidential Information and shall * use it only in accordance with the terms of the license agreement you entered * into with Know-Center. * * KNOW-CENTER MAKES NO REPRESENTATIONS OR WARRANTIES ABOUT THE SUITABILITY OF * THE SOFTWARE, EITHER EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE * IMPLIED WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE, OR * NON-INFRINGEMENT. KNOW-CENTER SHALL NOT BE LIABLE FOR ANY DAMAGES SUFFERED BY * LICENSEE AS A RESULT OF USING, MODIFYING OR DISTRIBUTING THIS SOFTWARE OR ITS * DERIVATIVES. * * $Id: LocalRequestHelper.java,v 1.6 2006/10/31 08:22:04 wprinz Exp $ */ package at.knowcenter.wag.egov.egiz.web; import java.io.IOException; import java.net.MalformedURLException; import java.net.URL; import java.util.List; import java.util.Properties; import javax.servlet.http.HttpServletRequest; import javax.servlet.http.HttpServletResponse; import org.apache.commons.logging.Log; import org.apache.commons.logging.LogFactory; import at.gv.egiz.pdfas.utils.WebUtils; import at.gv.egiz.pdfas.web.CurrentLocalOperation; import at.gv.egiz.pdfas.web.SignSessionInformation; import at.gv.egiz.pdfas.web.VerifySessionInformation; import at.knowcenter.wag.egov.egiz.PdfAS; import at.knowcenter.wag.egov.egiz.cfg.SettingsReader; import at.knowcenter.wag.egov.egiz.exceptions.ConnectorException; import at.knowcenter.wag.egov.egiz.exceptions.ConnectorFactoryException; import at.knowcenter.wag.egov.egiz.exceptions.NormalizeException; import at.knowcenter.wag.egov.egiz.exceptions.PresentableException; import at.knowcenter.wag.egov.egiz.exceptions.SettingsException; import at.knowcenter.wag.egov.egiz.exceptions.SignatureException; import at.knowcenter.wag.egov.egiz.pdf.SignatureHolder; import at.knowcenter.wag.egov.egiz.sig.SignatureData; import at.knowcenter.wag.egov.egiz.sig.SignatureObject; import at.knowcenter.wag.egov.egiz.sig.connectors.ConnectorChooser; import at.knowcenter.wag.egov.egiz.sig.connectors.LocalConnector; import at.knowcenter.wag.egov.egiz.sig.connectors.bku.SignSignatureObject; import at.knowcenter.wag.egov.egiz.sig.signatureobject.SignatureObjectHelper; /** * Contains commonly used helper functions for the local request procedure. * * @author wprinz */ public abstract class LocalRequestHelper { /** * The logger. */ protected static Log logger = LogFactory.getLog(LocalRequestHelper.class); /** * The resource of the null request page jsp. */ public static final String NULL_REQUEST_PAGE_JSP = "/jsp/null_request_page.jsp"; /** * The resource of the local connection page jsp. */ public static final String LOCAL_CONNECTION_PAGE_JSP = "/jsp/local_connection_page.jsp"; /** * The resource of the redirect refresh page jsp. */ public static final String REDIRECT_REFRESH_PAGE_JSP = "/jsp/redirect_refresh_page.jsp"; /** * Sets up the local sign procedure. * * @param response * The HttpServletResponse the local request page is written to. * @throws IOException * Forwarded exception. * @throws PresentableException * Forwarded exception. */ public static String processLocalSign(SignSessionInformation si, HttpServletRequest request, HttpServletResponse response) throws IOException, PresentableException { String host = request.getServerName(); // URL loc_ref_URL = new URL(WebUtils.addJSessionID(getLocalContextAddress(request, response) + "/RetrieveSignatureData", request)); URL loc_ref_URL = new URL(WebUtils.buildRetrieveSignatureDataURL(request, response)); String loc_ref_url = response.encodeURL(loc_ref_URL.toString()); LocalConnector c = ConnectorChooser.chooseLocalConnectorForSign(si.connector, si.type, loc_ref_url); String sign_request = c.prepareSignRequest(si.si.getSignatureData()); String local_request_url = getLocalServiceAddress(si.type, si.connector); si.localRequest = new LocalRequest(local_request_url, sign_request); si.outputAvailable = false; si.response_properties = null; URL data_URL = new URL(request.getScheme(), host, request.getServerPort(), WebUtils.addJSessionID(request.getContextPath() + "/DataURL", request)); String data_url = response.encodeURL(data_URL.toString()); logger.debug("data_url = " + data_url); request.setAttribute("local_request_url", local_request_url); request.setAttribute("data_url", data_url); return NULL_REQUEST_PAGE_JSP; // TODO old code - remove // // LocalConnector local_conn = (LocalConnector) // ConnectorFactory.createConnector(si.connector); // // // // refactor WEB // String document_text = "fixme"; //si.iui.document_text; // String request_string = local_conn.prepareSignRequest(si.user_name, // document_text, si.type); // String request_url = local_conn.getSignURL(si.type); // // LocalRequest local_request = new LocalRequest(request_url, // request_string); // List local_requests = new ArrayList(); // local_requests.add(local_request); // // // ByteArrayOutputStream baos = new ByteArrayOutputStream(); // // ObjectOutputStream oos = new ObjectOutputStream(baos); // // oos.writeObject(local_requests); // // oos.close(); // // baos.close(); // // si.requests = new LocalRequest[1]; // si.requests[0] = new LocalRequest(local_conn.getSignURL(si.type), // request_string); // si.current_operation = 0; // si.response_properties = new Properties[1]; // si.response_properties[0] = null; // // // SessionTable.put(si); // request.getSession().setAttribute(SessionAttributes.ATTRIBUTE_SESSION_INFORMATION, // si); // // // byte [] requests_bytes = baos.toByteArray(); // // String base64 = CodingHelper.encodeBase64(requests_bytes); // // LocalRequestHelper.prepareDispatchToLocalConnectionPage(si.requests[0], // request, response); } /** * Sets up the local verify procedure. * * @param response * The HttpServletResponse the local request page is written to. * @return Returns the JSP location where the calling servlet should dispatch * to. * @throws SignatureException * Forwarded exception. * @throws NormalizeException * Forwarded exception. * @throws IOException * Forwarded exception. * @throws ConnectorFactoryException * Forwarded exception. * @throws SettingsException * @throws ConnectorException */ public static String processLocalVerify(VerifySessionInformation si, List holders_to_verify, HttpServletRequest request, HttpServletResponse response) throws SignatureException, NormalizeException, IOException, ConnectorFactoryException, SettingsException, ConnectorException { si.currentLocalOperation = new CurrentLocalOperation(); si.currentLocalOperation.holders_to_be_verified = holders_to_verify; si.currentLocalOperation.requests = new LocalRequest[holders_to_verify.size()]; si.currentLocalOperation.response_properties = new Properties[si.currentLocalOperation.requests.length]; si.currentLocalOperation.current_operation = 0; // si.finished = false; String host = request.getServerName(); // URL loc_ref_URL = new URL(WebUtils.addJSessionID(getLocalContextAddress(request, response) + "/RetrieveSignatureData", request)); URL loc_ref_URL = new URL(WebUtils.buildRetrieveSignatureDataURL(request, response)); String loc_ref_url = response.encodeURL(loc_ref_URL.toString()); for (int i = 0; i < si.currentLocalOperation.requests.length; i++) { SignatureHolder holder = (SignatureHolder) holders_to_verify.get(i); SignatureObject s = holder.getSignatureObject(); SignatureData sd = PdfAS.convertSignatureHolderToSignatureData(holder); // if (holder.getSignatureObject().isBinary()) // { // BinarySignatureHolder bsh = (BinarySignatureHolder) holder; // // byte[] data = CodingHelper.decodeBase64(text_to_be_verified); // // TODO what about the length of the PDF? is this correct - already deprecated // sd = new SignatureDataImpl(bsh.getSignedPdf(), "application/pdf"); // } // else // { // String text_to_be_verified = holder.getSignedText(); // DataSource ds = new TextDataSourceImpl(text_to_be_verified); // sd = new SignatureDataImpl(ds, "text/plain", "UTF-8"); // } SignSignatureObject so = SignatureObjectHelper.convertSignatureObjectToSignSignatureObject(s); LocalConnector local_conn = ConnectorChooser.chooseLocalConnectorForVerify(si.connector, s.getKZ(), so.id, si.type, loc_ref_url); String request_string = local_conn.prepareVerifyRequest(sd, so, null); LocalRequest local_request = new LocalRequest("not-needed", request_string); si.currentLocalOperation.requests[i] = local_request; si.currentLocalOperation.response_properties[i] = null; } String local_request_url = getLocalServiceAddress(si.type, si.connector); URL data_URL = new URL(request.getScheme(), host, request.getServerPort(), WebUtils.addJSessionID(request.getContextPath() + "/DataURL", request)); String data_url = response.encodeURL(data_URL.toString()); request.setAttribute("local_request_url", local_request_url); request.setAttribute("data_url", data_url); return NULL_REQUEST_PAGE_JSP; // si.requests = new LocalRequest[holders_to_verify.size()]; // si.response_properties = new Properties[si.requests.length]; // si.current_operation = 0; // si.finished = false; // // request.getSession().setAttribute(SessionAttributes.ATTRIBUTE_SESSION_INFORMATION, // si); // // SessionTable.put(si); // // LocalConnector local_conn = (LocalConnector) // ConnectorFactory.createConnector(si.connector); // // for (int i = 0; i < si.requests.length; i++) // { // SignatureHolder holder = (SignatureHolder) holders_to_verify.get(i); // // String text_to_be_verified = holder.getSignedText(); // // Normalizer normalizer = new Normalizer(); // // String normalized = normalizer.normalize(holder.signed_text); // // String request_string = // local_conn.prepareVerifyRequest(text_to_be_verified, // holder.getSignatureObject()); // // LocalRequest local_request = new // LocalRequest(local_conn.getVerifyURL(holder.getSignatureObject().getSignationType()), // request_string); // si.requests[i] = local_request; // si.response_properties[i] = null; // } // // // ByteArrayOutputStream baos = new ByteArrayOutputStream(); // // ObjectOutputStream oos = new ObjectOutputStream(baos); // // oos.writeObject(local_requests); // // oos.close(); // // baos.close(); // // // byte [] requests_bytes = baos.toByteArray(); // // String base64 = CodingHelper.encodeBase64(requests_bytes); // // prepareDispatchToLocalConnectionPage(si.requests[0], request, response); } // what is this for? // /** // * Sets up the local verify procedure. // * // * @param response // * The HttpServletResponse the local request page is written to. // * @return Returns the JSP location where the calling servlet should dispatch // * to. // * @throws SignatureException // * Forwarded exception. // * @throws NormalizeException // * Forwarded exception. // * @throws IOException // * Forwarded exception. // * @throws ConnectorFactoryException // * Forwarded exception. // * @throws SettingsException Forwarded exception. // */ // public static String processLocalVerifyForSingleSignature(VerifySessionInformation si, List holders_to_verify, HttpServletRequest request, HttpServletResponse response) throws SignatureException, // NormalizeException, IOException, ConnectorFactoryException, SettingsException // { // si.requests = new LocalRequest[1]; // si.response_properties = new Properties[1]; // si.current_operation = 0; // si.finished = false; // // String host = request.getServerName(); // URL loc_ref_URL = new URL(request.getScheme(), host, request.getServerPort(), request.getContextPath() + "/RetrieveSignatureData"); // String loc_ref_url = response.encodeURL(loc_ref_URL.toString()); // // SignatureHolder holder = (SignatureHolder) holders_to_verify.get(0); // // SignatureObject s = holder.getSignatureObject(); // // // TODO This whole processing is unnecessary here because only the mime type is used. - already deprecated // // String text_to_be_verified = holder.getSignedText(); // SignatureData sd = null; // // if (holder.getSignatureObject().isBinary()) // { // BinarySignatureHolder bsh = (BinarySignatureHolder) holder; // // byte[] data = CodingHelper.decodeBase64(text_to_be_verified); // sd = new SignatureDataImpl(bsh.getSignedPdf(), "application/pdf"); // } // else // { // String text_to_be_verified = holder.getSignedText(); // DataSource ds = new TextDataSourceImpl(text_to_be_verified); // sd = new SignatureDataImpl(ds, "text/plain", "UTF-8"); // } // // SignSignatureObject so = SignatureObjectHelper.convertSignatureObjectToSignSignatureObject(s); // // LocalConnector local_conn = ConnectorChooser.chooseLocalConnectorForVerify(si.connector, s.getKZ(), so.id, si.type, loc_ref_url); // String request_string = local_conn.prepareVerifyRequest(sd, so); // // LocalRequest local_request = new LocalRequest("not-needed", request_string); // si.requests[0] = local_request; // si.response_properties[0] = null; // // // TODO read from config - already deprecated // String local_request_url = getLocalServiceAddress(si.type, si.connector); // // URL data_URL = new URL(request.getScheme(), host, request.getServerPort(), request.getContextPath() + "/DataURL"); // String data_url = response.encodeURL(data_URL.toString()); // // request.setAttribute("local_request_url", local_request_url); // request.setAttribute("data_url", data_url); // // return NULL_REQUEST_PAGE_JSP; // } /** * Formats the OK response from the web application back to the local BKU. * *

* As stated in the BKU tutorial, this response must be plain text "". * Otherwise BKU will assume a failure. *

* * @param response * The HttpServletResponse to answer to. * @throws IOException * Forwarded exception. */ protected static void formatBKUOkResponse(HttpServletResponse response) throws IOException { response.setContentType("text/plain"); response.setCharacterEncoding("ISO-8859-1"); response.getWriter().println(""); } /** * Prepares the dispatch to the local data connection page. * *

* The calling servlet just has to dispatch to the jsp after calling this * method. *

* * @param local_request * The local request. Basically this contains the local service's * target URL and the XML request string. * @param response * The HttpServletResponse to write this page to. * @throws IOException * Forwarded exception. * @throws SignatureException * Forwarded exception. * @throws NormalizeException * Forwarded exception. */ public static void prepareDispatchToLocalConnectionPage(LocalRequest local_request, HttpServletRequest request, HttpServletResponse response) throws IOException, SignatureException, NormalizeException { response.setContentType("text/html"); response.setCharacterEncoding("UTF-8"); String local_request_url = local_request.getUrl(); String quoted_request = makeStringHTMLReady(local_request.getRequestString()); String host = request.getServerName(); // "129.27.153.77" URL data_URL = new URL(request.getScheme(), host, request.getServerPort(), request.getContextPath() + "/AsynchronousDataResponder"); String data_url = response.encodeURL(data_URL.toString()); URL redirect_URL = new URL(request.getScheme(), host, request.getServerPort(), request.getContextPath() + "/AsynchronousRedirectResponder"); String redirect_url = response.encodeURL(redirect_URL.toString()); request.setAttribute("local_request_url", local_request_url); request.setAttribute("quoted_request", quoted_request); request.setAttribute("data_url", data_url); request.setAttribute("redirect_url", redirect_url); } public static String makeStringHTMLReady(String input) { String output = input; output = output.replaceAll("&", "&"); output = output.replaceAll("\"", """); output = output.replaceAll("<", "<"); output = output.replaceAll(">", ">"); return output; } public static String getLocalServerAddress(HttpServletRequest request, HttpServletResponse response) { String host = request.getServerName(); URL local_server = null; try { String scheme = request.getScheme(); int port = request.getServerPort(); if ("http".equalsIgnoreCase(scheme) && port == 80) { local_server = new URL(scheme, host, "/"); } else if ("https".equalsIgnoreCase(scheme) && port == 443) { local_server = new URL(scheme, host, "/"); } else { local_server = new URL(scheme, host, port, "/"); } } catch (MalformedURLException e) { logger.error(e.getMessage(), e); } String loc_server = response.encodeURL(local_server.toString()); return loc_server; } public static String getLocalContextAddress(HttpServletRequest request, HttpServletResponse response) { String serverURL = getLocalServerAddress(request, response); String context = request.getContextPath(); if (serverURL.endsWith("/") && context.startsWith("/")) { context = context.substring(1); } return serverURL + context; } /** * Returns the URL for accessing the local service. *

* This information is taken from the profile and if not defined from the * defaults. *

* E.g. http://127.0.0.1:3495/http-security-layer-request *

* * @param profile * The profile to take the data from. * @param device * The service device to be accessed. E.g. bku. * @return Returns the URL for accessing the local service. * @throws SettingsException F.e. */ public static String getLocalServiceAddress(String profile, String device) throws SettingsException { SettingsReader settings = SettingsReader.getInstance(); String url = getConnectorValueFromProfile(settings, profile, device + ".sign.url"); return url; //"http://127.0.0.1:3495/http-security-layer-request"; } /** * Reads the configuration entry given by the key, first from the given * profile, if not found from the defaults. * * @param settings * The settings. * @param profile * The profile. * @param key * The configuration key. * @return Returns the configuration entry. */ public static String getConnectorValueFromProfile(SettingsReader settings, String profile, String key) { String value = settings.getValueFromKey("sig_obj." + profile + "." + key); //$NON-NLS-1$//$NON-NLS-2$ if (value == null) { value = settings.getValueFromKey(key); } return value; } }