aboutsummaryrefslogtreecommitdiff
path: root/pdf-as-web/src/main/java/at/gv/egiz/pdfas/web
diff options
context:
space:
mode:
Diffstat (limited to 'pdf-as-web/src/main/java/at/gv/egiz/pdfas/web')
-rw-r--r--pdf-as-web/src/main/java/at/gv/egiz/pdfas/web/config/WebConfiguration.java13
-rw-r--r--pdf-as-web/src/main/java/at/gv/egiz/pdfas/web/exception/PdfAsStoreException.java17
-rw-r--r--pdf-as-web/src/main/java/at/gv/egiz/pdfas/web/helper/PdfAsHelper.java44
-rw-r--r--pdf-as-web/src/main/java/at/gv/egiz/pdfas/web/helper/PdfAsParameterExtractor.java6
-rw-r--r--pdf-as-web/src/main/java/at/gv/egiz/pdfas/web/servlets/ExternSignServlet.java4
-rw-r--r--pdf-as-web/src/main/java/at/gv/egiz/pdfas/web/servlets/UIEntryPointServlet.java117
-rw-r--r--pdf-as-web/src/main/java/at/gv/egiz/pdfas/web/store/IRequestStore.java8
-rw-r--r--pdf-as-web/src/main/java/at/gv/egiz/pdfas/web/store/InMemoryRequestStore.java31
-rw-r--r--pdf-as-web/src/main/java/at/gv/egiz/pdfas/web/store/RequestStore.java35
-rw-r--r--pdf-as-web/src/main/java/at/gv/egiz/pdfas/web/ws/PDFASSigningImpl.java22
10 files changed, 287 insertions, 10 deletions
diff --git a/pdf-as-web/src/main/java/at/gv/egiz/pdfas/web/config/WebConfiguration.java b/pdf-as-web/src/main/java/at/gv/egiz/pdfas/web/config/WebConfiguration.java
index 4555d6a1..299c166f 100644
--- a/pdf-as-web/src/main/java/at/gv/egiz/pdfas/web/config/WebConfiguration.java
+++ b/pdf-as-web/src/main/java/at/gv/egiz/pdfas/web/config/WebConfiguration.java
@@ -56,6 +56,9 @@ public class WebConfiguration {
public static final String WHITELIST_ENABLED = "whitelist.enabled";
public static final String WHITELIST_VALUE_PRE = "whitelist.url.";
+ public static final String REQUEST_STORE = "request.store";
+ public static final String REQUEST_STORE_INMEM = "at.gv.egiz.pdfas.web.store.InMemoryRequestStore";
+
private static Properties properties = new Properties();
private static final Logger logger = LoggerFactory
@@ -211,4 +214,14 @@ public class WebConfiguration {
}
return true;
}
+
+ public static String getStoreClass() {
+ String cls = properties.getProperty(REQUEST_STORE);
+
+ if(cls != null) {
+ return cls;
+ }
+
+ return REQUEST_STORE_INMEM;
+ }
}
diff --git a/pdf-as-web/src/main/java/at/gv/egiz/pdfas/web/exception/PdfAsStoreException.java b/pdf-as-web/src/main/java/at/gv/egiz/pdfas/web/exception/PdfAsStoreException.java
new file mode 100644
index 00000000..f4c70278
--- /dev/null
+++ b/pdf-as-web/src/main/java/at/gv/egiz/pdfas/web/exception/PdfAsStoreException.java
@@ -0,0 +1,17 @@
+package at.gv.egiz.pdfas.web.exception;
+
+public class PdfAsStoreException extends Exception {
+
+ /**
+ *
+ */
+ private static final long serialVersionUID = -6704586769888839023L;
+
+ public PdfAsStoreException(String message) {
+ super(message);
+ }
+
+ public PdfAsStoreException(String message, Throwable e) {
+ super(message, e);
+ }
+}
diff --git a/pdf-as-web/src/main/java/at/gv/egiz/pdfas/web/helper/PdfAsHelper.java b/pdf-as-web/src/main/java/at/gv/egiz/pdfas/web/helper/PdfAsHelper.java
index ee67985b..421edff4 100644
--- a/pdf-as-web/src/main/java/at/gv/egiz/pdfas/web/helper/PdfAsHelper.java
+++ b/pdf-as-web/src/main/java/at/gv/egiz/pdfas/web/helper/PdfAsHelper.java
@@ -25,6 +25,8 @@ package at.gv.egiz.pdfas.web.helper;
import java.io.File;
import java.io.IOException;
+import java.io.UnsupportedEncodingException;
+import java.net.URLEncoder;
import java.util.Iterator;
import java.util.List;
@@ -57,9 +59,9 @@ import at.gv.egiz.pdfas.lib.api.verify.VerifyParameter;
import at.gv.egiz.pdfas.lib.api.verify.VerifyResult;
import at.gv.egiz.pdfas.sigs.pades.PAdESSigner;
import at.gv.egiz.pdfas.sigs.pades.PAdESSignerKeystore;
-import at.gv.egiz.pdfas.sigs.pkcs7detached.PKCS7DetachedSigner;
import at.gv.egiz.pdfas.web.config.WebConfiguration;
import at.gv.egiz.pdfas.web.exception.PdfAsWebException;
+import at.gv.egiz.pdfas.web.servlets.UIEntryPointServlet;
import at.gv.egiz.sl.schema.CreateCMSSignatureResponseType;
import at.gv.egiz.sl.schema.InfoboxAssocArrayPairType;
import at.gv.egiz.sl.schema.InfoboxReadRequestType;
@@ -84,6 +86,7 @@ public class PdfAsHelper {
private static final String PDF_PROVIDE_PAGE = "/ProvidePDF";
private static final String PDF_PDFDATA_PAGE = "/PDFData";
private static final String PDF_DATAURL_PAGE = "/DataURL";
+ private static final String PDF_USERENTRY_PAGE = "/userentry";
private static final String PDF_ERR_URL = "PDF_ERR_URL";
private static final String PDF_FILE_NAME = "PDF_FILE_NAME";
private static final String PDF_INVOKE_URL = "PDF_INVOKE_URL";
@@ -384,7 +387,8 @@ public class PdfAsHelper {
}
public static void startSignature(HttpServletRequest request,
- HttpServletResponse response, ServletContext context, byte[] pdfData)
+ HttpServletResponse response, ServletContext context, byte[] pdfData,
+ String connector, String transactionId)
throws Exception {
// TODO: Protect session so that only one PDF can be signed during one
@@ -409,9 +413,10 @@ public class PdfAsHelper {
SignParameter signParameter = PdfAsFactory.createSignParameter(config,
new ByteArrayDataSource(pdfData));
- // Get Connector
- String connector = PdfAsParameterExtractor.getConnector(request);
-
+ logger.info("Setting TransactionID: " + transactionId);
+
+ signParameter.setTransactionId(transactionId);
+
IPlainSigner signer;
if (connector.equals("bku") || connector.equals("onlinebku")
|| connector.equals("mobilebku")) {
@@ -535,7 +540,7 @@ public class PdfAsHelper {
logger.debug("Needing Certificate from BKU");
// build SL Request to read certificate
InfoboxReadRequestType readCertificateRequest = bkuSLConnector
- .createInfoboxReadRequest();
+ .createInfoboxReadRequest(statusRequest.getSignParameter());
JAXBElement<InfoboxReadRequestType> readRequest = of
.createInfoboxReadRequest(readCertificateRequest);
@@ -548,6 +553,14 @@ public class PdfAsHelper {
template = template.replace("##XMLRequest##",
StringEscapeUtils.escapeHtml4(slRequest));
template = template.replace("##DataURL##", url);
+
+ if(statusRequest.getSignParameter().getTransactionId() != null) {
+ template = template.replace("##ADDITIONAL##", "<input type=\"hidden\" name=\"TransactionId_\" value=\"" +
+ StringEscapeUtils.escapeHtml4(statusRequest.getSignParameter().getTransactionId()) + "\">");
+ } else {
+ template = template.replace("##ADDITIONAL##", "");
+ }
+
response.getWriter().write(template);
//TODO: set content type of response!!
response.setContentType("text/html");
@@ -557,7 +570,8 @@ public class PdfAsHelper {
// build SL Request for cms signature
RequestPackage pack = bkuSLConnector
.createCMSRequest(statusRequest.getSignatureData(),
- statusRequest.getSignatureDataByteRange());
+ statusRequest.getSignatureDataByteRange(),
+ statusRequest.getSignParameter());
String slRequest = SLMarschaller
.marshalToString(of
@@ -775,6 +789,22 @@ public class PdfAsHelper {
HttpServletResponse response) {
return generateURL(request, response, PDF_PDFDATA_PAGE);
}
+
+ public static String generateUserEntryURL(String storeId) {
+ String publicURL = WebConfiguration.getPublicURL();
+ if(publicURL == null) {
+ logger.error("To use this functionality " + WebConfiguration.PUBLIC_URL + " has to be configured in the web configuration");
+ return null;
+ }
+
+ String baseURL = publicURL + PDF_USERENTRY_PAGE;
+ try {
+ return baseURL + "?" + UIEntryPointServlet.REQUEST_ID_PARAM + "=" + URLEncoder.encode(storeId, "UTF-8");
+ } catch(UnsupportedEncodingException e) {
+ logger.warn("Encoding not supported for URL encoding", e);
+ }
+ return baseURL + "?" + UIEntryPointServlet.REQUEST_ID_PARAM + "=" + storeId;
+ }
public static String generateBKUURL(String connector) {
if (connector.equals("bku")) {
diff --git a/pdf-as-web/src/main/java/at/gv/egiz/pdfas/web/helper/PdfAsParameterExtractor.java b/pdf-as-web/src/main/java/at/gv/egiz/pdfas/web/helper/PdfAsParameterExtractor.java
index 730fe9ad..126b10ce 100644
--- a/pdf-as-web/src/main/java/at/gv/egiz/pdfas/web/helper/PdfAsParameterExtractor.java
+++ b/pdf-as-web/src/main/java/at/gv/egiz/pdfas/web/helper/PdfAsParameterExtractor.java
@@ -28,6 +28,7 @@ import javax.servlet.http.HttpServletRequest;
public class PdfAsParameterExtractor {
public static final String PARAM_CONNECTOR = "connector";
+ public static final String PARAM_TRANSACTION_ID = "transactionId";
public static final String PARAM_CONNECTOR_DEFAULT = "bku";
@@ -53,6 +54,11 @@ public class PdfAsParameterExtractor {
return PARAM_CONNECTOR_DEFAULT;
}
+ public static String getTransactionId(HttpServletRequest request) {
+ String transactionId = (String)request.getAttribute(PARAM_TRANSACTION_ID);
+ return transactionId;
+ }
+
public static String getInvokeURL(HttpServletRequest request) {
return (String)request.getAttribute(PARAM_INVOKE_URL);
}
diff --git a/pdf-as-web/src/main/java/at/gv/egiz/pdfas/web/servlets/ExternSignServlet.java b/pdf-as-web/src/main/java/at/gv/egiz/pdfas/web/servlets/ExternSignServlet.java
index 153a69fe..a7d82c3e 100644
--- a/pdf-as-web/src/main/java/at/gv/egiz/pdfas/web/servlets/ExternSignServlet.java
+++ b/pdf-as-web/src/main/java/at/gv/egiz/pdfas/web/servlets/ExternSignServlet.java
@@ -238,6 +238,8 @@ public class ExternSignServlet extends HttpServlet {
HttpServletResponse response, byte[] pdfData) throws Exception {
// Get Connector
String connector = PdfAsParameterExtractor.getConnector(request);
+
+ String transactionId = PdfAsParameterExtractor.getTransactionId(request);
String invokeUrl = PdfAsParameterExtractor.getInvokeURL(request);
PdfAsHelper.setInvokeURL(request, response, invokeUrl);
@@ -278,7 +280,7 @@ public class ExternSignServlet extends HttpServlet {
}
}
- PdfAsHelper.startSignature(request, response, getServletContext(), pdfData);
+ PdfAsHelper.startSignature(request, response, getServletContext(), pdfData, connector, transactionId);
} else if (connector.equals("jks") || connector.equals("moa")) {
// start synchronous siganture creation
diff --git a/pdf-as-web/src/main/java/at/gv/egiz/pdfas/web/servlets/UIEntryPointServlet.java b/pdf-as-web/src/main/java/at/gv/egiz/pdfas/web/servlets/UIEntryPointServlet.java
new file mode 100644
index 00000000..3aad5abb
--- /dev/null
+++ b/pdf-as-web/src/main/java/at/gv/egiz/pdfas/web/servlets/UIEntryPointServlet.java
@@ -0,0 +1,117 @@
+package at.gv.egiz.pdfas.web.servlets;
+
+import java.io.IOException;
+
+import javax.servlet.ServletException;
+import javax.servlet.http.HttpServlet;
+import javax.servlet.http.HttpServletRequest;
+import javax.servlet.http.HttpServletResponse;
+
+import org.apache.http.HttpStatus;
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
+
+import at.gv.egiz.pdfas.api.ws.PDFASSignRequest;
+import at.gv.egiz.pdfas.api.ws.PDFASSignParameters.Connector;
+import at.gv.egiz.pdfas.common.exceptions.PdfAsException;
+import at.gv.egiz.pdfas.web.config.WebConfiguration;
+import at.gv.egiz.pdfas.web.exception.PdfAsStoreException;
+import at.gv.egiz.pdfas.web.exception.PdfAsWebException;
+import at.gv.egiz.pdfas.web.helper.DigestHelper;
+import at.gv.egiz.pdfas.web.helper.PdfAsHelper;
+import at.gv.egiz.pdfas.web.helper.PdfAsParameterExtractor;
+import at.gv.egiz.pdfas.web.store.RequestStore;
+
+public class UIEntryPointServlet extends HttpServlet {
+ private static final long serialVersionUID = 1L;
+
+ public static final String REQUEST_ID_PARAM = "reqId";
+
+ private static final Logger logger = LoggerFactory
+ .getLogger(UIEntryPointServlet.class);
+
+ public UIEntryPointServlet() {
+ }
+
+ @Override
+ protected void doGet(HttpServletRequest req, HttpServletResponse resp)
+ throws ServletException, IOException {
+ doProcess(req, resp);
+ }
+
+ @Override
+ protected void doPost(HttpServletRequest req, HttpServletResponse resp)
+ throws ServletException, IOException {
+ doProcess(req, resp);
+ }
+
+ protected void doProcess(HttpServletRequest req, HttpServletResponse resp)
+ throws ServletException, IOException {
+ try {
+ String storeId = req.getParameter(REQUEST_ID_PARAM);
+
+ if (storeId == null) {
+ throw new PdfAsStoreException("Wrong Parameters");
+ }
+
+ PDFASSignRequest pdfAsRequest = RequestStore.getInstance()
+ .fetchStoreEntry(storeId);
+
+ if(pdfAsRequest == null) {
+ throw new PdfAsStoreException("Invalid " + REQUEST_ID_PARAM + " value");
+ }
+
+ Connector connector = pdfAsRequest.getParameters().getConnector();
+
+ String invokeUrl = pdfAsRequest.getParameters().getInvokeURL();
+ PdfAsHelper.setInvokeURL(req, resp, invokeUrl);
+
+ String errorUrl = pdfAsRequest.getParameters().getInvokeErrorURL();
+ PdfAsHelper.setErrorURL(req, resp, errorUrl);
+
+ if(pdfAsRequest.getInputData() == null) {
+ throw new PdfAsException("No Signature data available");
+ }
+
+ String pdfDataHash = DigestHelper.getHexEncodedHash(pdfAsRequest.getInputData());
+
+ PdfAsHelper.setSignatureDataHash(req, pdfDataHash);
+ logger.debug("Storing signatures data hash: " + pdfDataHash);
+
+ logger.debug("Starting signature creation with: " + connector);
+
+ //IPlainSigner signer;
+ if (connector.equals(Connector.BKU) || connector.equals(Connector.ONLINEBKU) || connector.equals(Connector.MOBILEBKU)) {
+ // start asynchronous signature creation
+
+ if(connector.equals(Connector.BKU)) {
+ if(WebConfiguration.getLocalBKUURL() == null) {
+ throw new PdfAsWebException("Invalid connector bku is not supported");
+ }
+ }
+
+ if(connector.equals(Connector.ONLINEBKU)) {
+ if(WebConfiguration.getLocalBKUURL() == null) {
+ throw new PdfAsWebException("Invalid connector onlinebku is not supported");
+ }
+ }
+
+ if(connector.equals(Connector.MOBILEBKU)) {
+ if(WebConfiguration.getLocalBKUURL() == null) {
+ throw new PdfAsWebException("Invalid connector mobilebku is not supported");
+ }
+ }
+
+ PdfAsHelper.startSignature(req, resp, getServletContext(), pdfAsRequest.getInputData(),
+ connector.toString(), pdfAsRequest.getParameters().getTransactionId());
+ } else {
+ throw new PdfAsWebException("Invalid connector (" + Connector.BKU + " | " + Connector.ONLINEBKU + " | " + Connector.MOBILEBKU + ")");
+ }
+
+
+ } catch (Throwable e) {
+ PdfAsHelper.setSessionException(req, resp, e.getMessage(), e);
+ PdfAsHelper.gotoError(getServletContext(), req, resp);
+ }
+ }
+}
diff --git a/pdf-as-web/src/main/java/at/gv/egiz/pdfas/web/store/IRequestStore.java b/pdf-as-web/src/main/java/at/gv/egiz/pdfas/web/store/IRequestStore.java
new file mode 100644
index 00000000..6623004b
--- /dev/null
+++ b/pdf-as-web/src/main/java/at/gv/egiz/pdfas/web/store/IRequestStore.java
@@ -0,0 +1,8 @@
+package at.gv.egiz.pdfas.web.store;
+
+import at.gv.egiz.pdfas.api.ws.PDFASSignRequest;
+
+public interface IRequestStore {
+ public String createNewStoreEntry(PDFASSignRequest request);
+ public PDFASSignRequest fetchStoreEntry(String id);
+}
diff --git a/pdf-as-web/src/main/java/at/gv/egiz/pdfas/web/store/InMemoryRequestStore.java b/pdf-as-web/src/main/java/at/gv/egiz/pdfas/web/store/InMemoryRequestStore.java
new file mode 100644
index 00000000..df9ab676
--- /dev/null
+++ b/pdf-as-web/src/main/java/at/gv/egiz/pdfas/web/store/InMemoryRequestStore.java
@@ -0,0 +1,31 @@
+package at.gv.egiz.pdfas.web.store;
+
+import java.util.HashMap;
+import java.util.UUID;
+
+import at.gv.egiz.pdfas.api.ws.PDFASSignRequest;
+
+public class InMemoryRequestStore implements IRequestStore {
+
+ public InMemoryRequestStore() {
+ }
+
+ private HashMap<String, PDFASSignRequest> store = new HashMap<String, PDFASSignRequest>();
+
+ public String createNewStoreEntry(PDFASSignRequest request) {
+ UUID id = UUID.randomUUID();
+ String sid = id.toString();
+ this.store.put(sid, request);
+ return sid;
+ }
+
+ public PDFASSignRequest fetchStoreEntry(String id) {
+ if(store.containsKey(id)) {
+ PDFASSignRequest request = store.get(id);
+ store.remove(id);
+ return request;
+ }
+ return null;
+ }
+
+}
diff --git a/pdf-as-web/src/main/java/at/gv/egiz/pdfas/web/store/RequestStore.java b/pdf-as-web/src/main/java/at/gv/egiz/pdfas/web/store/RequestStore.java
new file mode 100644
index 00000000..a4eba2e6
--- /dev/null
+++ b/pdf-as-web/src/main/java/at/gv/egiz/pdfas/web/store/RequestStore.java
@@ -0,0 +1,35 @@
+package at.gv.egiz.pdfas.web.store;
+
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
+
+import at.gv.egiz.pdfas.web.config.WebConfiguration;
+import at.gv.egiz.pdfas.web.exception.PdfAsStoreException;
+
+public class RequestStore {
+ private static IRequestStore instance = null;
+
+ private static final Logger logger = LoggerFactory
+ .getLogger(RequestStore.class);
+
+ public synchronized static IRequestStore getInstance() throws PdfAsStoreException {
+ if (instance == null) {
+ try {
+ String storeClass = WebConfiguration.getStoreClass();
+ logger.info("Using Request Store: " + storeClass);
+
+ Class<?> clazz = Class.forName(storeClass);
+ Object store = clazz.newInstance();
+ if(store instanceof IRequestStore) {
+ instance = (IRequestStore)store;
+ } else {
+ throw new PdfAsStoreException("Failed to instanciate Request Store from " + storeClass);
+ }
+ } catch (Throwable e) {
+ e.printStackTrace();
+ throw new PdfAsStoreException("Failed to instanciate Request Store", e);
+ }
+ }
+ return instance;
+ }
+}
diff --git a/pdf-as-web/src/main/java/at/gv/egiz/pdfas/web/ws/PDFASSigningImpl.java b/pdf-as-web/src/main/java/at/gv/egiz/pdfas/web/ws/PDFASSigningImpl.java
index 07ffd7c4..5304f918 100644
--- a/pdf-as-web/src/main/java/at/gv/egiz/pdfas/web/ws/PDFASSigningImpl.java
+++ b/pdf-as-web/src/main/java/at/gv/egiz/pdfas/web/ws/PDFASSigningImpl.java
@@ -16,8 +16,10 @@ import at.gv.egiz.pdfas.api.ws.PDFASSignParameters;
import at.gv.egiz.pdfas.api.ws.PDFASSignRequest;
import at.gv.egiz.pdfas.api.ws.PDFASSignResponse;
import at.gv.egiz.pdfas.api.ws.PDFASSigning;
+import at.gv.egiz.pdfas.api.ws.PDFASSignParameters.Connector;
import at.gv.egiz.pdfas.web.config.WebConfiguration;
import at.gv.egiz.pdfas.web.helper.PdfAsHelper;
+import at.gv.egiz.pdfas.web.store.RequestStore;
@MTOM
@WebService(endpointInterface = "at.gv.egiz.pdfas.api.ws.PDFASSigning")
@@ -25,7 +27,7 @@ public class PDFASSigningImpl implements PDFASSigning {
private static final Logger logger = LoggerFactory
.getLogger(PDFASSigningImpl.class);
-
+
public byte[] signPDFDokument(byte[] inputDocument,
PDFASSignParameters parameters) {
checkSoapSignEnabled();
@@ -50,8 +52,24 @@ public class PDFASSigningImpl implements PDFASSigning {
}
PDFASSignResponse response = new PDFASSignResponse();
try {
- response.setSignedPDF(signPDFDokument(request.getInputData(),
+ if(request.getParameters().getConnector().equals(Connector.MOA) ||
+ request.getParameters().getConnector().equals(Connector.JKS)) {
+ // Plain server based signatures!!
+ response.setSignedPDF(signPDFDokument(request.getInputData(),
request.getParameters()));
+ } else {
+ // Signatures with user interaction!!
+ String id = RequestStore.getInstance().createNewStoreEntry(request);
+ String userEntryURL = PdfAsHelper.generateUserEntryURL(id);
+ logger.debug("Generated request store: " + id);
+ logger.debug("Generated UI URL: " + userEntryURL);
+
+ if(userEntryURL == null) {
+ throw new WebServiceException("Failed to generate User Entry URL");
+ }
+
+ response.setRedirectUrl(userEntryURL);
+ }
} catch (Throwable e) {
if (e.getCause() != null) {
response.setError(e.getCause().getMessage());