aboutsummaryrefslogtreecommitdiff
diff options
context:
space:
mode:
-rw-r--r--pdf-as-web/src/main/java/at/gv/egiz/pdfas/web/servlets/ExternSignServlet.java349
1 files changed, 178 insertions, 171 deletions
diff --git a/pdf-as-web/src/main/java/at/gv/egiz/pdfas/web/servlets/ExternSignServlet.java b/pdf-as-web/src/main/java/at/gv/egiz/pdfas/web/servlets/ExternSignServlet.java
index a06177e3..f8d6e245 100644
--- a/pdf-as-web/src/main/java/at/gv/egiz/pdfas/web/servlets/ExternSignServlet.java
+++ b/pdf-as-web/src/main/java/at/gv/egiz/pdfas/web/servlets/ExternSignServlet.java
@@ -33,6 +33,7 @@ import javax.servlet.http.HttpServlet;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
+import org.apache.commons.codec.binary.Base64;
import org.apache.commons.fileupload.FileItem;
import org.apache.commons.fileupload.disk.DiskFileItemFactory;
import org.apache.commons.fileupload.servlet.ServletFileUpload;
@@ -63,44 +64,58 @@ public class ExternSignServlet extends HttpServlet {
private static final long serialVersionUID = 1L;
public static final String PDF_AS_WEB_CONF = "pdf-as-web.conf";
-
+
private static final String UPLOAD_PDF_DATA = "pdf-file";
+ private static final String UPLOAD_PDF_DATA_BASE64 = "pdf-file-b64";
private static final String UPLOAD_DIRECTORY = "upload";
- private static final Logger logger = LoggerFactory
- .getLogger(ExternSignServlet.class);
-
+ private static final Logger logger = LoggerFactory.getLogger(ExternSignServlet.class);
+
/**
* Default constructor.
*/
public ExternSignServlet() {
String webconfig = System.getProperty(PDF_AS_WEB_CONF);
-
- if(webconfig == null) {
+
+ if (webconfig == null) {
logger.error("No web configuration provided! Please specify: " + PDF_AS_WEB_CONF);
throw new RuntimeException("No web configuration provided! Please specify: " + PDF_AS_WEB_CONF);
}
-
+
WebConfiguration.configure(webconfig);
PdfAsHelper.init();
}
- protected void doGet(HttpServletRequest request,
- HttpServletResponse response) throws ServletException, IOException {
-
- //PdfAsHelper.regenerateSession(request);
-
+ private byte[] getPDFBase64File(HttpServletRequest request) {
+ Object object = request.getAttribute(UPLOAD_PDF_DATA_BASE64);
+ if (object != null && object instanceof String) {
+ try {
+ synchronized (Base64.class) {
+ return Base64.decodeBase64((String) object);
+ }
+ } catch (Throwable e) {
+ logger.warn("Failed to decode base64 pdf file!", e);
+ }
+ }
+ return null;
+ }
+
+ protected void doGet(HttpServletRequest request, HttpServletResponse response)
+ throws ServletException, IOException {
+
+ // PdfAsHelper.regenerateSession(request);
+
logger.debug("Get signing request");
-
+
String errorUrl = PdfAsParameterExtractor.getInvokeErrorURL(request);
PdfAsHelper.setErrorURL(request, response, errorUrl);
-
+
StatisticEvent statisticEvent = new StatisticEvent();
statisticEvent.setStartNow();
statisticEvent.setSource(Source.WEB);
statisticEvent.setOperation(Operation.SIGN);
statisticEvent.setUserAgent(UserAgentFilter.getUserAgent());
-
+
try {
// Mandatory Parameters on Get Request:
String invokeUrl = PdfAsParameterExtractor.getInvokeURL(request);
@@ -108,30 +123,28 @@ public class ExternSignServlet extends HttpServlet {
String invokeTarget = PdfAsParameterExtractor.getInvokeTarget(request);
PdfAsHelper.setInvokeTarget(request, response, invokeTarget);
-
+
String pdfUrl = PdfAsParameterExtractor.getPdfUrl(request);
if (pdfUrl == null) {
- throw new PdfAsWebException(
- "No PDF URL given! Use POST request to sign without PDF URL.");
+ throw new PdfAsWebException("No PDF URL given! Use POST request to sign without PDF URL.");
}
byte[] pdfData = RemotePDFFetcher.fetchPdfFile(pdfUrl);
doSignature(request, response, pdfData, statisticEvent);
} catch (Exception e) {
-
+
statisticEvent.setStatus(Status.ERROR);
statisticEvent.setException(e);
- if(e instanceof PDFASError) {
- statisticEvent.setErrorCode(((PDFASError)e).getCode());
+ if (e instanceof PDFASError) {
+ statisticEvent.setErrorCode(((PDFASError) e).getCode());
}
statisticEvent.setEndNow();
statisticEvent.setTimestampNow();
StatisticFrontend.getInstance().storeEvent(statisticEvent);
statisticEvent.setLogged(true);
-
- PdfAsHelper.setSessionException(request, response, e.getMessage(),
- e);
+
+ PdfAsHelper.setSessionException(request, response, e.getMessage(), e);
PdfAsHelper.gotoError(getServletContext(), request, response);
}
}
@@ -140,247 +153,243 @@ public class ExternSignServlet extends HttpServlet {
* @see HttpServlet#doPost(HttpServletRequest request, HttpServletResponse
* response)
*/
- protected void doPost(HttpServletRequest request,
- HttpServletResponse response) throws ServletException, IOException {
-
- //PdfAsHelper.regenerateSession(request);
-
+ protected void doPost(HttpServletRequest request, HttpServletResponse response)
+ throws ServletException, IOException {
+
+ // PdfAsHelper.regenerateSession(request);
+
logger.debug("Post signing request");
-
+
String errorUrl = PdfAsParameterExtractor.getInvokeErrorURL(request);
PdfAsHelper.setErrorURL(request, response, errorUrl);
-
+
StatisticEvent statisticEvent = new StatisticEvent();
statisticEvent.setStartNow();
statisticEvent.setSource(Source.WEB);
statisticEvent.setOperation(Operation.SIGN);
statisticEvent.setUserAgent(UserAgentFilter.getUserAgent());
-
- try {
- byte[] filecontent = null;
- // checks if the request actually contains upload file
- if (!ServletFileUpload.isMultipartContent(request)) {
- // No Uploaded data!
- if (PdfAsParameterExtractor.getPdfUrl(request) != null) {
- doGet(request, response);
- return;
- } else {
- throw new PdfAsWebException("No Signature data defined!");
- }
- } else {
- // configures upload settings
- DiskFileItemFactory factory = new DiskFileItemFactory();
- factory.setSizeThreshold(WebConfiguration.getFilesizeThreshold());
- factory.setRepository(new File(System
- .getProperty("java.io.tmpdir")));
-
- ServletFileUpload upload = new ServletFileUpload(factory);
- upload.setFileSizeMax(WebConfiguration.getMaxFilesize());
- upload.setSizeMax(WebConfiguration.getMaxRequestsize());
-
- // constructs the directory path to store upload file
- String uploadPath = getServletContext().getRealPath("")
- + File.separator + UPLOAD_DIRECTORY;
- // creates the directory if it does not exist
- File uploadDir = new File(uploadPath);
- if (!uploadDir.exists()) {
- uploadDir.mkdir();
- }
+ try {
+ byte[] filecontent = this.getPDFBase64File(request);
- List<?> formItems = upload.parseRequest(request);
- logger.debug(formItems.size() + " Items in form data");
- if (formItems.size() < 1) {
- // No Uploaded data!
- // Try do get
+ if (filecontent == null) {
+ // checks if the request actually contains upload file
+ if (!ServletFileUpload.isMultipartContent(request)) {
// No Uploaded data!
if (PdfAsParameterExtractor.getPdfUrl(request) != null) {
doGet(request, response);
return;
} else {
- throw new PdfAsWebException(
- "No Signature data defined!");
+ throw new PdfAsWebException("No Signature data defined!");
}
} else {
- for(int i = 0; i < formItems.size(); i++) {
- Object obj = formItems.get(i);
- if(obj instanceof FileItem) {
- FileItem item = (FileItem) obj;
- if(item.getFieldName().equals(UPLOAD_PDF_DATA)) {
- filecontent = item.get();
- try {
- File f = new File(item.getName());
- String name = f.getName();
- logger.debug("Got upload: " + item.getName());
- if(name != null) {
- if(!(name.endsWith(".pdf") || name.endsWith(".PDF"))) {
- name += ".pdf";
+ // configures upload settings
+ DiskFileItemFactory factory = new DiskFileItemFactory();
+ factory.setSizeThreshold(WebConfiguration.getFilesizeThreshold());
+ factory.setRepository(new File(System.getProperty("java.io.tmpdir")));
+
+ ServletFileUpload upload = new ServletFileUpload(factory);
+ upload.setFileSizeMax(WebConfiguration.getMaxFilesize());
+ upload.setSizeMax(WebConfiguration.getMaxRequestsize());
+
+ // constructs the directory path to store upload file
+ String uploadPath = getServletContext().getRealPath("") + File.separator + UPLOAD_DIRECTORY;
+ // creates the directory if it does not exist
+ File uploadDir = new File(uploadPath);
+ if (!uploadDir.exists()) {
+ uploadDir.mkdir();
+ }
+
+ List<?> formItems = upload.parseRequest(request);
+ logger.debug(formItems.size() + " Items in form data");
+ if (formItems.size() < 1) {
+ // No Uploaded data!
+ // Try do get
+ // No Uploaded data!
+ if (PdfAsParameterExtractor.getPdfUrl(request) != null) {
+ doGet(request, response);
+ return;
+ } else {
+ throw new PdfAsWebException("No Signature data defined!");
+ }
+ } else {
+ for (int i = 0; i < formItems.size(); i++) {
+ Object obj = formItems.get(i);
+ if (obj instanceof FileItem) {
+ FileItem item = (FileItem) obj;
+ if (item.getFieldName().equals(UPLOAD_PDF_DATA)) {
+ filecontent = item.get();
+ try {
+ File f = new File(item.getName());
+ String name = f.getName();
+ logger.debug("Got upload: " + item.getName());
+ if (name != null) {
+ if (!(name.endsWith(".pdf") || name.endsWith(".PDF"))) {
+ name += ".pdf";
+ }
+
+ logger.debug("Setting Filename in session: " + name);
+ PdfAsHelper.setPDFFileName(request, name);
}
-
- logger.debug("Setting Filename in session: " + name);
- PdfAsHelper.setPDFFileName(request, name);
+ } catch (Throwable e) {
+ logger.warn("In resolving filename", e);
+ }
+ if (filecontent.length < 10) {
+ filecontent = null;
+ } else {
+ logger.debug("Found pdf Data! Size: " + filecontent.length);
}
- }
- catch(Throwable e) {
- logger.warn("In resolving filename", e);
- }
- if(filecontent.length < 10) {
- filecontent = null;
} else {
- logger.debug("Found pdf Data! Size: " + filecontent.length);
+ request.setAttribute(item.getFieldName(), item.getString());
+ logger.debug("Setting " + item.getFieldName() + " = " + item.getString());
}
} else {
- request.setAttribute(item.getFieldName(), item.getString());
- logger.debug("Setting " + item.getFieldName() + " = " + item.getString());
+ logger.debug(obj.getClass().getName() + " - " + obj.toString());
}
- } else {
- logger.debug(obj.getClass().getName() + " - " + obj.toString());
}
}
}
}
-
- if(filecontent == null) {
+
+ if (filecontent == null) {
if (PdfAsParameterExtractor.getPdfUrl(request) != null) {
filecontent = RemotePDFFetcher.fetchPdfFile(PdfAsParameterExtractor.getPdfUrl(request));
}
}
- if(filecontent == null) {
+ if (filecontent == null) {
Object sourceObj = request.getAttribute("source");
- if(sourceObj != null) {
+ if (sourceObj != null) {
String source = sourceObj.toString();
- if(source.equals("internal")) {
+ if (source.equals("internal")) {
request.setAttribute("FILEERR", true);
request.getRequestDispatcher("index.jsp").forward(request, response);
-
+
statisticEvent.setStatus(Status.ERROR);
statisticEvent.setException(new Exception("No file uploaded"));
statisticEvent.setEndNow();
statisticEvent.setTimestampNow();
StatisticFrontend.getInstance().storeEvent(statisticEvent);
statisticEvent.setLogged(true);
-
+
return;
}
}
throw new PdfAsException("No Signature data available");
}
-
+
doSignature(request, response, filecontent, statisticEvent);
} catch (Exception e) {
-
+
statisticEvent.setStatus(Status.ERROR);
statisticEvent.setException(e);
- if(e instanceof PDFASError) {
- statisticEvent.setErrorCode(((PDFASError)e).getCode());
+ if (e instanceof PDFASError) {
+ statisticEvent.setErrorCode(((PDFASError) e).getCode());
}
statisticEvent.setEndNow();
statisticEvent.setTimestampNow();
StatisticFrontend.getInstance().storeEvent(statisticEvent);
statisticEvent.setLogged(true);
-
- PdfAsHelper.setSessionException(request, response, e.getMessage(),
- e);
+
+ PdfAsHelper.setSessionException(request, response, e.getMessage(), e);
PdfAsHelper.gotoError(getServletContext(), request, response);
}
}
- protected void doSignature(HttpServletRequest request,
- HttpServletResponse response, byte[] pdfData, StatisticEvent statisticEvent) throws Exception {
+ protected void doSignature(HttpServletRequest request, HttpServletResponse response, byte[] pdfData,
+ StatisticEvent statisticEvent) throws Exception {
// Get Connector
String connector = PdfAsParameterExtractor.getConnector(request);
PdfAsHelper.setConnector(request, connector);
-
+
String transactionId = PdfAsParameterExtractor.getTransactionId(request);
PdfAsHelper.setTransactionid(request, transactionId);
-
+
statisticEvent.setFilesize(pdfData.length);
statisticEvent.setProfileId(null);
statisticEvent.setDevice(connector);
String invokeUrl = PdfAsParameterExtractor.getInvokeURL(request);
PdfAsHelper.setInvokeURL(request, response, invokeUrl);
-
+
SignatureVerificationLevel lvl = PdfAsParameterExtractor.getVerificationLevel(request);
PdfAsHelper.setVerificationLevel(request, lvl);
-
+
String qrcodeContent = PdfAsParameterExtractor.getQRCodeContent(request);
PdfAsHelper.setQRCodeContent(request, qrcodeContent);
-
+
String invokeTarget = PdfAsParameterExtractor.getInvokeTarget(request);
PdfAsHelper.setInvokeTarget(request, response, invokeTarget);
-
+
String errorUrl = PdfAsParameterExtractor.getInvokeErrorURL(request);
PdfAsHelper.setErrorURL(request, response, errorUrl);
-
+
String locale = PdfAsParameterExtractor.getLocale(request);
PdfAsHelper.setLocale(request, response, locale);
-
+
String filename = PdfAsParameterExtractor.getFilename(request);
- if(filename != null) {
+ if (filename != null) {
logger.debug("Setting Filename in session: " + filename);
PdfAsHelper.setPDFFileName(request, filename);
}
-
- if(pdfData == null) {
+
+ if (pdfData == null) {
throw new PdfAsException("No Signature data available");
}
-
+
String pdfDataHash = DigestHelper.getHexEncodedHash(pdfData);
-
+
PdfAsHelper.setSignatureDataHash(request, pdfDataHash);
logger.debug("Storing signatures data hash: " + pdfDataHash);
-
+
boolean manualPositioning = PdfAsParameterExtractor.isUserPositioning(request);
-
+
logger.debug("Starting signature creation with: " + connector);
-
- String sigType = PdfAsParameterExtractor
- .getSigType(request);
+
+ String sigType = PdfAsParameterExtractor.getSigType(request);
PdfAsHelper.setSignatureType(request, sigType);
-
+
Map<String, String> preProcessorMap = PdfAsParameterExtractor.getPreProcessorMap(request);
PdfAsHelper.setPreProcessorMap(request, preProcessorMap);
-
+
Map<String, String> overwriteMap = PdfAsParameterExtractor.getOverwriteMap(request);
PdfAsHelper.setOverwriteMap(request, overwriteMap);
-
+
String keyIdentifier = PdfAsParameterExtractor.getKeyIdentifier(request);
PdfAsHelper.setKeyIdentifier(request, keyIdentifier);
-
+
PdfAsHelper.setStatisticEvent(request, response, statisticEvent);
-
- //IPlainSigner signer;
+
+ // IPlainSigner signer;
if (connector.equals("bku") || connector.equals("onlinebku") || connector.equals("mobilebku")) {
// start asynchronous signature creation
-
- if(connector.equals("bku")) {
- if(WebConfiguration.getLocalBKUURL() == null) {
+
+ if (connector.equals("bku")) {
+ if (WebConfiguration.getLocalBKUURL() == null) {
throw new PdfAsWebException("Invalid connector bku is not supported");
}
}
-
- if(connector.equals("onlinebku")) {
- if(WebConfiguration.getLocalBKUURL() == null) {
+
+ if (connector.equals("onlinebku")) {
+ if (WebConfiguration.getLocalBKUURL() == null) {
throw new PdfAsWebException("Invalid connector onlinebku is not supported");
}
}
-
- if(connector.equals("mobilebku")) {
- if(WebConfiguration.getLocalBKUURL() == null) {
+
+ if (connector.equals("mobilebku")) {
+ if (WebConfiguration.getLocalBKUURL() == null) {
throw new PdfAsWebException("Invalid connector mobilebku is not supported");
}
- }
-
- if(manualPositioning) {
+ }
+
+ if (manualPositioning) {
// store pdf data
// redirect to viewer html
String token = PdfAsHelper.storePdfData(pdfData, request);
-
+
String pdfDataUrl = PdfAsHelper.generatePositioningURL(token, request, response);
-
- if(pdfDataUrl != null) {
+
+ if (pdfDataUrl != null) {
response.sendRedirect(response.encodeRedirectURL(pdfDataUrl));
return;
} else {
@@ -388,16 +397,15 @@ public class ExternSignServlet extends HttpServlet {
PdfAsHelper.getPdfData(token, request);
}
}
-
- PdfAsHelper.startSignature(request, response, getServletContext(), pdfData, connector,
- PdfAsHelper.buildPosString(request, response), transactionId, sigType,
- preProcessorMap,
+
+ PdfAsHelper.startSignature(request, response, getServletContext(), pdfData, connector,
+ PdfAsHelper.buildPosString(request, response), transactionId, sigType, preProcessorMap,
overwriteMap);
return;
} else if (connector.equals("jks") || connector.equals("moa")) {
// start synchronous siganture creation
-
- if(connector.equals("jks")) {
+
+ if (connector.equals("jks")) {
boolean ksEnabled = false;
@@ -408,28 +416,28 @@ public class ExternSignServlet extends HttpServlet {
}
if (!ksEnabled) {
- if(keyIdentifier != null) {
+ if (keyIdentifier != null) {
throw new PdfAsWebException("JKS connector [" + keyIdentifier + "] disabled or not existing.");
} else {
throw new PdfAsWebException("DEFAULT JKS connector disabled.");
}
}
}
-
- if(connector.equals("moa")) {
- if(!WebConfiguration.getMOASSEnabled()) {
+
+ if (connector.equals("moa")) {
+ if (!WebConfiguration.getMOASSEnabled()) {
throw new PdfAsWebException("Invalid connector moa is not supported");
}
}
-
- if(manualPositioning) {
+
+ if (manualPositioning) {
// store pdf data
// redirect to viewer html
String token = PdfAsHelper.storePdfData(pdfData, request);
-
+
String pdfDataUrl = PdfAsHelper.generatePositioningURL(token, request, response);
-
- if(pdfDataUrl != null) {
+
+ if (pdfDataUrl != null) {
response.sendRedirect(response.encodeRedirectURL(pdfDataUrl));
return;
} else {
@@ -437,17 +445,16 @@ public class ExternSignServlet extends HttpServlet {
PdfAsHelper.getPdfData(token, request);
}
}
-
- byte[] pdfSignedData = PdfAsHelper.synchornousSignature(request,
- response, pdfData);
+
+ byte[] pdfSignedData = PdfAsHelper.synchornousSignature(request, response, pdfData);
PdfAsHelper.setSignedPdf(request, response, pdfSignedData);
-
+
statisticEvent.setStatus(Status.OK);
statisticEvent.setEndNow();
statisticEvent.setTimestampNow();
StatisticFrontend.getInstance().storeEvent(statisticEvent);
statisticEvent.setLogged(true);
-
+
PdfAsHelper.gotoProvidePdf(getServletContext(), request, response);
return;
} else {