/**
* Copyright (c) 2006 by Know-Center, Graz, Austria
*
* This software is the confidential and proprietary information of Know-Center,
* Graz, Austria. You shall not disclose such Confidential Information and shall
* use it only in accordance with the terms of the license agreement you entered
* into with Know-Center.
*
* KNOW-CENTER MAKES NO REPRESENTATIONS OR WARRANTIES ABOUT THE SUITABILITY OF
* THE SOFTWARE, EITHER EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE
* IMPLIED WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE, OR
* NON-INFRINGEMENT. KNOW-CENTER SHALL NOT BE LIABLE FOR ANY DAMAGES SUFFERED BY
* LICENSEE AS A RESULT OF USING, MODIFYING OR DISTRIBUTING THIS SOFTWARE OR ITS
* DERIVATIVES.
*
* $Id: LocalRequestHelper.java,v 1.6 2006/10/31 08:22:04 wprinz Exp $
*/
package at.knowcenter.wag.egov.egiz.web;
import java.io.IOException;
import java.net.MalformedURLException;
import java.net.URL;
import java.util.List;
import java.util.Properties;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import at.gv.egiz.pdfas.impl.input.TextDataSourceImpl;
import at.gv.egiz.pdfas.framework.input.DataSource;
import at.gv.egiz.pdfas.web.CurrentLocalOperation;
import at.gv.egiz.pdfas.web.SignSessionInformation;
import at.gv.egiz.pdfas.web.VerifySessionInformation;
import at.knowcenter.wag.egov.egiz.PdfAS;
import at.knowcenter.wag.egov.egiz.cfg.SettingsReader;
import at.knowcenter.wag.egov.egiz.exceptions.ConnectorException;
import at.knowcenter.wag.egov.egiz.exceptions.ConnectorFactoryException;
import at.knowcenter.wag.egov.egiz.exceptions.NormalizeException;
import at.knowcenter.wag.egov.egiz.exceptions.PresentableException;
import at.knowcenter.wag.egov.egiz.exceptions.SettingsException;
import at.knowcenter.wag.egov.egiz.exceptions.SignatureException;
import at.knowcenter.wag.egov.egiz.pdf.BinarySignatureHolder;
import at.knowcenter.wag.egov.egiz.pdf.SignatureHolder;
import at.knowcenter.wag.egov.egiz.sig.SignatureData;
import at.knowcenter.wag.egov.egiz.sig.SignatureDataImpl;
import at.knowcenter.wag.egov.egiz.sig.SignatureObject;
import at.knowcenter.wag.egov.egiz.sig.connectors.ConnectorChooser;
import at.knowcenter.wag.egov.egiz.sig.connectors.LocalConnector;
import at.knowcenter.wag.egov.egiz.sig.connectors.bku.SignSignatureObject;
import at.knowcenter.wag.egov.egiz.sig.signatureobject.SignatureObjectHelper;
/**
* Contains commonly used helper functions for the local request procedure.
*
* @author wprinz
*/
public abstract class LocalRequestHelper
{
/**
* The resource of the null request page jsp.
*/
public static final String NULL_REQUEST_PAGE_JSP = "/jsp/null_request_page.jsp";
/**
* The resource of the local connection page jsp.
*/
public static final String LOCAL_CONNECTION_PAGE_JSP = "/jsp/local_connection_page.jsp";
/**
* The resource of the redirect refresh page jsp.
*/
public static final String REDIRECT_REFRESH_PAGE_JSP = "/jsp/redirect_refresh_page.jsp";
/**
* Sets up the local sign procedure.
*
* @param response
* The HttpServletResponse the local request page is written to.
* @throws IOException
* Forwarded exception.
* @throws PresentableException
* Forwarded exception.
*/
public static String processLocalSign(SignSessionInformation si, HttpServletRequest request, HttpServletResponse response) throws IOException, PresentableException
{
String host = request.getServerName(); // "129.27.153.77"
URL loc_ref_URL = new URL(getLocalContextAddress(request, response) + "/RetrieveSignatureData");
String loc_ref_url = response.encodeURL(loc_ref_URL.toString());
LocalConnector c = ConnectorChooser.chooseLocalConnectorForSign(si.connector, si.type, loc_ref_url);
String sign_request = c.prepareSignRequest(si.si.getSignatureData());
String local_request_url = getLocalServiceAddress(si.type, si.connector);
si.localRequest = new LocalRequest(local_request_url, sign_request);
si.outputAvailable = false;
si.response_properties = null;
URL data_URL = new URL(request.getScheme(), host, request.getServerPort(), request.getContextPath() + "/DataURL");
String data_url = response.encodeURL(data_URL.toString());
request.setAttribute("local_request_url", local_request_url);
request.setAttribute("data_url", data_url);
return NULL_REQUEST_PAGE_JSP;
// TODO old code - remove
//
// LocalConnector local_conn = (LocalConnector)
// ConnectorFactory.createConnector(si.connector);
//
//
// // refactor WEB
// String document_text = "fixme"; //si.iui.document_text;
// String request_string = local_conn.prepareSignRequest(si.user_name,
// document_text, si.type);
// String request_url = local_conn.getSignURL(si.type);
//
// LocalRequest local_request = new LocalRequest(request_url,
// request_string);
// List local_requests = new ArrayList();
// local_requests.add(local_request);
//
// // ByteArrayOutputStream baos = new ByteArrayOutputStream();
// // ObjectOutputStream oos = new ObjectOutputStream(baos);
// // oos.writeObject(local_requests);
// // oos.close();
// // baos.close();
//
// si.requests = new LocalRequest[1];
// si.requests[0] = new LocalRequest(local_conn.getSignURL(si.type),
// request_string);
// si.current_operation = 0;
// si.response_properties = new Properties[1];
// si.response_properties[0] = null;
//
// // SessionTable.put(si);
// request.getSession().setAttribute(SessionAttributes.ATTRIBUTE_SESSION_INFORMATION,
// si);
//
// // byte [] requests_bytes = baos.toByteArray();
// // String base64 = CodingHelper.encodeBase64(requests_bytes);
//
// LocalRequestHelper.prepareDispatchToLocalConnectionPage(si.requests[0],
// request, response);
}
/**
* Sets up the local verify procedure.
*
* @param response
* The HttpServletResponse the local request page is written to.
* @return Returns the JSP location where the calling servlet should dispatch
* to.
* @throws SignatureException
* Forwarded exception.
* @throws NormalizeException
* Forwarded exception.
* @throws IOException
* Forwarded exception.
* @throws ConnectorFactoryException
* Forwarded exception.
* @throws SettingsException
* @throws ConnectorException
*/
public static String processLocalVerify(VerifySessionInformation si, List holders_to_verify, HttpServletRequest request, HttpServletResponse response) throws SignatureException, NormalizeException,
IOException, ConnectorFactoryException, SettingsException, ConnectorException
{
si.currentLocalOperation = new CurrentLocalOperation();
si.currentLocalOperation.holders_to_be_verified = holders_to_verify;
si.currentLocalOperation.requests = new LocalRequest[holders_to_verify.size()];
si.currentLocalOperation.response_properties = new Properties[si.currentLocalOperation.requests.length];
si.currentLocalOperation.current_operation = 0;
// si.finished = false;
String host = request.getServerName();
URL loc_ref_URL = new URL(getLocalContextAddress(request, response) + "/RetrieveSignatureData");
String loc_ref_url = response.encodeURL(loc_ref_URL.toString());
for (int i = 0; i < si.currentLocalOperation.requests.length; i++)
{
SignatureHolder holder = (SignatureHolder) holders_to_verify.get(i);
SignatureObject s = holder.getSignatureObject();
SignatureData sd = PdfAS.convertSignatureHolderToSignatureData(holder);
// if (holder.getSignatureObject().isBinary())
// {
// BinarySignatureHolder bsh = (BinarySignatureHolder) holder;
// // byte[] data = CodingHelper.decodeBase64(text_to_be_verified);
// // TODO what about the length of the PDF? is this correct - already deprecated
// sd = new SignatureDataImpl(bsh.getSignedPdf(), "application/pdf");
// }
// else
// {
// String text_to_be_verified = holder.getSignedText();
// DataSource ds = new TextDataSourceImpl(text_to_be_verified);
// sd = new SignatureDataImpl(ds, "text/plain", "UTF-8");
// }
SignSignatureObject so = SignatureObjectHelper.convertSignatureObjectToSignSignatureObject(s);
LocalConnector local_conn = ConnectorChooser.chooseLocalConnectorForVerify(si.connector, s.getKZ(), so.id, si.type, loc_ref_url);
String request_string = local_conn.prepareVerifyRequest(sd, so);
LocalRequest local_request = new LocalRequest("not-needed", request_string);
si.currentLocalOperation.requests[i] = local_request;
si.currentLocalOperation.response_properties[i] = null;
}
String local_request_url = getLocalServiceAddress(si.type, si.connector);
URL data_URL = new URL(request.getScheme(), host, request.getServerPort(), request.getContextPath() + "/DataURL");
String data_url = response.encodeURL(data_URL.toString());
request.setAttribute("local_request_url", local_request_url);
request.setAttribute("data_url", data_url);
return NULL_REQUEST_PAGE_JSP;
// si.requests = new LocalRequest[holders_to_verify.size()];
// si.response_properties = new Properties[si.requests.length];
// si.current_operation = 0;
// si.finished = false;
//
// request.getSession().setAttribute(SessionAttributes.ATTRIBUTE_SESSION_INFORMATION,
// si);
// // SessionTable.put(si);
//
// LocalConnector local_conn = (LocalConnector)
// ConnectorFactory.createConnector(si.connector);
//
// for (int i = 0; i < si.requests.length; i++)
// {
// SignatureHolder holder = (SignatureHolder) holders_to_verify.get(i);
//
// String text_to_be_verified = holder.getSignedText();
// // Normalizer normalizer = new Normalizer();
// // String normalized = normalizer.normalize(holder.signed_text);
//
// String request_string =
// local_conn.prepareVerifyRequest(text_to_be_verified,
// holder.getSignatureObject());
//
// LocalRequest local_request = new
// LocalRequest(local_conn.getVerifyURL(holder.getSignatureObject().getSignationType()),
// request_string);
// si.requests[i] = local_request;
// si.response_properties[i] = null;
// }
//
// // ByteArrayOutputStream baos = new ByteArrayOutputStream();
// // ObjectOutputStream oos = new ObjectOutputStream(baos);
// // oos.writeObject(local_requests);
// // oos.close();
// // baos.close();
//
// // byte [] requests_bytes = baos.toByteArray();
// // String base64 = CodingHelper.encodeBase64(requests_bytes);
//
// prepareDispatchToLocalConnectionPage(si.requests[0], request, response);
}
// what is this for?
// /**
// * Sets up the local verify procedure.
// *
// * @param response
// * The HttpServletResponse the local request page is written to.
// * @return Returns the JSP location where the calling servlet should dispatch
// * to.
// * @throws SignatureException
// * Forwarded exception.
// * @throws NormalizeException
// * Forwarded exception.
// * @throws IOException
// * Forwarded exception.
// * @throws ConnectorFactoryException
// * Forwarded exception.
// * @throws SettingsException Forwarded exception.
// */
// public static String processLocalVerifyForSingleSignature(VerifySessionInformation si, List holders_to_verify, HttpServletRequest request, HttpServletResponse response) throws SignatureException,
// NormalizeException, IOException, ConnectorFactoryException, SettingsException
// {
// si.requests = new LocalRequest[1];
// si.response_properties = new Properties[1];
// si.current_operation = 0;
// si.finished = false;
//
// String host = request.getServerName();
// URL loc_ref_URL = new URL(request.getScheme(), host, request.getServerPort(), request.getContextPath() + "/RetrieveSignatureData");
// String loc_ref_url = response.encodeURL(loc_ref_URL.toString());
//
// SignatureHolder holder = (SignatureHolder) holders_to_verify.get(0);
//
// SignatureObject s = holder.getSignatureObject();
//
// // TODO This whole processing is unnecessary here because only the mime type is used. - already deprecated
// // String text_to_be_verified = holder.getSignedText();
// SignatureData sd = null;
//
// if (holder.getSignatureObject().isBinary())
// {
// BinarySignatureHolder bsh = (BinarySignatureHolder) holder;
// // byte[] data = CodingHelper.decodeBase64(text_to_be_verified);
// sd = new SignatureDataImpl(bsh.getSignedPdf(), "application/pdf");
// }
// else
// {
// String text_to_be_verified = holder.getSignedText();
// DataSource ds = new TextDataSourceImpl(text_to_be_verified);
// sd = new SignatureDataImpl(ds, "text/plain", "UTF-8");
// }
//
// SignSignatureObject so = SignatureObjectHelper.convertSignatureObjectToSignSignatureObject(s);
//
// LocalConnector local_conn = ConnectorChooser.chooseLocalConnectorForVerify(si.connector, s.getKZ(), so.id, si.type, loc_ref_url);
// String request_string = local_conn.prepareVerifyRequest(sd, so);
//
// LocalRequest local_request = new LocalRequest("not-needed", request_string);
// si.requests[0] = local_request;
// si.response_properties[0] = null;
//
// // TODO read from config - already deprecated
// String local_request_url = getLocalServiceAddress(si.type, si.connector);
//
// URL data_URL = new URL(request.getScheme(), host, request.getServerPort(), request.getContextPath() + "/DataURL");
// String data_url = response.encodeURL(data_URL.toString());
//
// request.setAttribute("local_request_url", local_request_url);
// request.setAttribute("data_url", data_url);
//
// return NULL_REQUEST_PAGE_JSP;
// }
/**
* Formats the OK response from the web application back to the local BKU.
*
*
* As stated in the BKU tutorial, this response must be plain text "".
* Otherwise BKU will assume a failure.
*
*
* @param response
* The HttpServletResponse to answer to.
* @throws IOException
* Forwarded exception.
*/
protected static void formatBKUOkResponse(HttpServletResponse response) throws IOException
{
response.setContentType("text/plain");
response.setCharacterEncoding("ISO-8859-1");
response.getWriter().println("");
}
/**
* Prepares the dispatch to the local data connection page.
*
*
* The calling servlet just has to dispatch to the jsp after calling this
* method.
*
*
* @param local_request
* The local request. Basically this contains the local service's
* target URL and the XML request string.
* @param response
* The HttpServletResponse to write this page to.
* @throws IOException
* Forwarded exception.
* @throws SignatureException
* Forwarded exception.
* @throws NormalizeException
* Forwarded exception.
*/
public static void prepareDispatchToLocalConnectionPage(LocalRequest local_request, HttpServletRequest request, HttpServletResponse response) throws IOException, SignatureException,
NormalizeException
{
response.setContentType("text/html");
response.setCharacterEncoding("UTF-8");
String local_request_url = local_request.getUrl();
String quoted_request = makeStringHTMLReady(local_request.getRequestString());
String host = request.getServerName(); // "129.27.153.77"
URL data_URL = new URL(request.getScheme(), host, request.getServerPort(), request.getContextPath() + "/AsynchronousDataResponder");
String data_url = response.encodeURL(data_URL.toString());
URL redirect_URL = new URL(request.getScheme(), host, request.getServerPort(), request.getContextPath() + "/AsynchronousRedirectResponder");
String redirect_url = response.encodeURL(redirect_URL.toString());
request.setAttribute("local_request_url", local_request_url);
request.setAttribute("quoted_request", quoted_request);
request.setAttribute("data_url", data_url);
request.setAttribute("redirect_url", redirect_url);
}
public static String makeStringHTMLReady(String input)
{
String output = input;
output = output.replaceAll("&", "&");
output = output.replaceAll("\"", """);
output = output.replaceAll("<", "<");
output = output.replaceAll(">", ">");
return output;
}
public static String getLocalServerAddress(HttpServletRequest request, HttpServletResponse response)
{
String host = request.getServerName();
URL local_server = null;
try
{
String scheme = request.getScheme();
int port = request.getServerPort();
if ("http".equalsIgnoreCase(scheme) && port == 80) {
local_server = new URL(scheme, host, "/");
} else if ("https".equalsIgnoreCase(scheme) && port == 443) {
local_server = new URL(scheme, host, "/");
} else {
local_server = new URL(scheme, host, port, "/");
}
}
catch (MalformedURLException e)
{
e.printStackTrace();
}
String loc_server = response.encodeURL(local_server.toString());
return loc_server;
}
public static String getLocalContextAddress(HttpServletRequest request, HttpServletResponse response) {
String serverURL = getLocalServerAddress(request, response);
String context = request.getContextPath();
if (serverURL.endsWith("/") && context.startsWith("/")) {
context = context.substring(1);
}
return serverURL + context;
}
/**
* Returns the URL for accessing the local service.
*
* This information is taken from the profile and if not defined from the
* defaults.
*
*
* E.g. http://127.0.0.1:3495/http-security-layer-request
*
*
* @param profile
* The profile to take the data from.
* @param device
* The service device to be accessed. E.g. bku.
* @return Returns the URL for accessing the local service.
* @throws SettingsException F.e.
*/
public static String getLocalServiceAddress(String profile, String device) throws SettingsException
{
SettingsReader settings = SettingsReader.getInstance();
String url = getConnectorValueFromProfile(settings, profile, device + ".sign.url");
return url; //"http://127.0.0.1:3495/http-security-layer-request";
}
/**
* Reads the configuration entry given by the key, first from the given
* profile, if not found from the defaults.
*
* @param settings
* The settings.
* @param profile
* The profile.
* @param key
* The configuration key.
* @return Returns the configuration entry.
*/
public static String getConnectorValueFromProfile(SettingsReader settings,
String profile, String key)
{
String value = settings.getValueFromKey("sig_obj." + profile + "." + key); //$NON-NLS-1$//$NON-NLS-2$
if (value == null)
{
value = settings.getValueFromKey(key);
}
return value;
}
}