From 9cc4fcbe2eab39846d8cd7532bcab26bad85d59d Mon Sep 17 00:00:00 2001
From: Tobias Kellner <imcybot@gmail.com>
Date: Fri, 15 Jan 2016 00:45:15 +0100
Subject: Add QR code display for A-Trust Handy-Signatur app

---
 .../asit/pdfover/gui/bku/MobileBKUConnector.java   |  67 +++++++++----
 .../asit/pdfover/gui/bku/mobile/ATrustHandler.java | 108 ++++++++++++++++++++-
 .../asit/pdfover/gui/bku/mobile/ATrustStatus.java  |  19 +++-
 .../pdfover/gui/bku/mobile/MobileBKUHandler.java   |  87 ++++++++++++++++-
 4 files changed, 255 insertions(+), 26 deletions(-)

(limited to 'pdf-over-gui/src/main/java/at/asit/pdfover/gui/bku')

diff --git a/pdf-over-gui/src/main/java/at/asit/pdfover/gui/bku/MobileBKUConnector.java b/pdf-over-gui/src/main/java/at/asit/pdfover/gui/bku/MobileBKUConnector.java
index c97a59c3..06b60155 100644
--- a/pdf-over-gui/src/main/java/at/asit/pdfover/gui/bku/MobileBKUConnector.java
+++ b/pdf-over-gui/src/main/java/at/asit/pdfover/gui/bku/MobileBKUConnector.java
@@ -19,7 +19,10 @@ package at.asit.pdfover.gui.bku;
 import org.slf4j.Logger;
 import org.slf4j.LoggerFactory;
 
+import at.asit.pdfover.gui.bku.mobile.ATrustHandler;
+import at.asit.pdfover.gui.bku.mobile.ATrustStatus;
 import at.asit.pdfover.gui.bku.mobile.MobileBKUHandler;
+import at.asit.pdfover.gui.bku.mobile.MobileBKUStatus;
 import at.asit.pdfover.gui.workflow.states.MobileBKUState;
 import at.asit.pdfover.signator.BkuSlConnector;
 import at.asit.pdfover.signator.SLRequest;
@@ -105,26 +108,54 @@ public class MobileBKUConnector implements BkuSlConnector {
 			}
 	
 			do {
-				// Get TAN
-				this.state.checkTAN();
+				MobileBKUStatus status = this.state.getStatus();
+				boolean enterTAN = true;
+				String responseData = null;
+				if (status instanceof ATrustStatus) {
+					ATrustStatus aStatus = (ATrustStatus) status;
+					ATrustHandler aHandler = (ATrustHandler) handler;
+					if (aStatus.getQRCode() != null) {
+						this.state.showQR();
+						if (this.state.getStatus().getErrorMessage() != null &&
+								this.state.getStatus().getErrorMessage().equals("cancel")) //$NON-NLS-1$
+							throw new SignatureException(new IllegalStateException());
+						if (aStatus.getQRCode() == null) {
+							try {
+								String response = aHandler.postSMSRequest();
+								log.trace("Response from mobile BKU: " + response); //$NON-NLS-1$
+								handler.handleCredentialsResponse(response);
+							} catch (Exception ex) {
+								log.error("Error in PostCredentialsThread", ex); //$NON-NLS-1$
+								this.state.setThreadException(ex);
+								this.state.displayError(ex);
+								throw new SignatureException(ex);
+							}
+						} else {
+							enterTAN = false;
+						}
+					}
+				}
+				if (enterTAN) {
+					// Get TAN
+					this.state.checkTAN();
 
-				if (this.state.getStatus().getErrorMessage() != null &&
-						this.state.getStatus().getErrorMessage().equals("cancel")) //$NON-NLS-1$
-					throw new SignatureException(new IllegalStateException());
+					if (this.state.getStatus().getErrorMessage() != null &&
+							this.state.getStatus().getErrorMessage().equals("cancel")) //$NON-NLS-1$
+						throw new SignatureException(new IllegalStateException());
 
-				// Post TAN
-				try {
-					String responseData = handler.postTAN();
-		
-					// Now we have received some data lets check it:
-					log.trace("Response from mobile BKU: " + responseData); //$NON-NLS-1$
-		
-					handler.handleTANResponse(responseData);
-				} catch (Exception ex) {
-					log.error("Error in PostTanThread", ex); //$NON-NLS-1$
-					this.state.setThreadException(ex);
-					this.state.displayError(ex);
-					throw new SignatureException(ex);
+					// Post TAN
+					try {
+						responseData = handler.postTAN();
+						log.trace("Response from mobile BKU: " + responseData); //$NON-NLS-1$
+
+						// Now we have received some data lets check it:
+						handler.handleTANResponse(responseData);
+					} catch (Exception ex) {
+						log.error("Error in PostTanThread", ex); //$NON-NLS-1$
+						this.state.setThreadException(ex);
+						this.state.displayError(ex);
+						throw new SignatureException(ex);
+					}
 				}
 			} while (this.state.getStatus().getErrorMessage() != null);
 			if (this.state.getStatus().getTanTries() == -1)
diff --git a/pdf-over-gui/src/main/java/at/asit/pdfover/gui/bku/mobile/ATrustHandler.java b/pdf-over-gui/src/main/java/at/asit/pdfover/gui/bku/mobile/ATrustHandler.java
index 1a796565..b7e457c3 100644
--- a/pdf-over-gui/src/main/java/at/asit/pdfover/gui/bku/mobile/ATrustHandler.java
+++ b/pdf-over-gui/src/main/java/at/asit/pdfover/gui/bku/mobile/ATrustHandler.java
@@ -18,9 +18,12 @@ package at.asit.pdfover.gui.bku.mobile;
 // Imports
 import java.awt.Desktop;
 import java.io.IOException;
+import java.io.InputStream;
 import java.net.URI;
 
 import org.apache.commons.httpclient.HttpClient;
+import org.apache.commons.httpclient.HttpStatus;
+import org.apache.commons.httpclient.methods.GetMethod;
 import org.apache.commons.httpclient.methods.PostMethod;
 import org.apache.commons.lang3.StringEscapeUtils;
 import org.eclipse.swt.SWT;
@@ -137,6 +140,7 @@ public class ATrustHandler extends MobileBKUHandler {
 		String sessionID = status.getSessionID();
 		String refVal = null;
 		String signatureDataURL = null;
+		String qrCode = null;
 
 		status.setErrorMessage(null);
 
@@ -192,11 +196,18 @@ public class ATrustHandler extends MobileBKUHandler {
 			// credentials ok! TAN entry
 			log.debug("Credentials accepted - TAN required"); //$NON-NLS-1$
 			sessionID = MobileBKUHelper.extractTag(responseData, "signature.aspx?sid=", "\""); //$NON-NLS-1$ //$NON-NLS-2$
-			viewState = MobileBKUHelper.extractTag(responseData, "id=\"__VIEWSTATE\" value=\"", "\""); //$NON-NLS-1$  //$NON-NLS-2$
-			eventValidation = MobileBKUHelper.extractTag(responseData, "id=\"__EVENTVALIDATION\" value=\"", "\""); //$NON-NLS-1$  //$NON-NLS-2$
-			refVal = MobileBKUHelper.extractTag(responseData, "id='vergleichswert'><b>Vergleichswert:</b>", "</div>");  //$NON-NLS-1$//$NON-NLS-2$
-			signatureDataURL = status.getBaseURL() + "/ShowSigobj.aspx" +  //$NON-NLS-1$
-					MobileBKUHelper.extractTag(responseData, "ShowSigobj.aspx", "'");  //$NON-NLS-1$//$NON-NLS-2$
+			viewState = MobileBKUHelper.extractTag(responseData, "id=\"__VIEWSTATE\" value=\"", "\""); //$NON-NLS-1$ //$NON-NLS-2$
+			eventValidation = MobileBKUHelper.extractTag(responseData, "id=\"__EVENTVALIDATION\" value=\"", "\""); //$NON-NLS-1$ //$NON-NLS-2$
+			refVal = MobileBKUHelper.extractTag(responseData, "id='vergleichswert'><b>Vergleichswert:</b>", "</div>"); //$NON-NLS-1$ //$NON-NLS-2$
+			signatureDataURL = status.getBaseURL() + "/ShowSigobj.aspx" + //$NON-NLS-1$
+					MobileBKUHelper.extractTag(responseData, "ShowSigobj.aspx", "'"); //$NON-NLS-1$ //$NON-NLS-2$
+			try {
+				qrCode = MobileBKUHelper.extractTag(responseData, "<img class='qrcode' src='", "'"); //$NON-NLS-1$ //$NON-NLS-2$
+				log.debug("QR Code found: " + qrCode); //$NON-NLS-1$
+				status.setQRCode(qrCode);
+			} catch (Exception e) {
+				log.debug("No QR Code found"); //$NON-NLS-1$
+			}
 		} else if (responseData.contains("sl:InfoboxReadResponse")) { //$NON-NLS-1$
 			// credentials ok! InfoboxReadResponse
 			log.debug("Credentials accepted - Response given"); //$NON-NLS-1$
@@ -298,6 +309,93 @@ public class ATrustHandler extends MobileBKUHandler {
 		}
 	}
 
+	/**
+	 * Cancel QR process, request SMS TAN
+	 * @return the response
+	 * @throws IOException Error during posting
+	 */
+	public String postSMSRequest() throws IOException {
+		ATrustStatus status = getStatus();
+
+		MobileBKUHelper.registerTrustedSocketFactory();
+		HttpClient client = BKUHelper.getHttpClient();
+
+		PostMethod post = new PostMethod(status.getBaseURL()
+				+ "/signature.aspx?sid=" + status.getSessionID()); //$NON-NLS-1$
+		post.getParams().setContentCharset("utf-8"); //$NON-NLS-1$
+		post.addParameter("__VIEWSTATE", status.getViewstate()); //$NON-NLS-1$
+		post.addParameter(
+				"__EVENTVALIDATION", status.getEventvalidation()); //$NON-NLS-1$
+		post.addParameter("__EVENTTARGET", "SmsButton"); //$NON-NLS-1$ //$NON-NLS-2$
+		post.addParameter("__EVENTARGUMENT", ""); //$NON-NLS-1$ //$NON-NLS-2$
+
+		return executePost(client, post);
+	}
+
+	/**
+	 * Get the QR code image
+	 * @return the QR code image as a String
+	 */
+	public InputStream getQRCode() {
+		ATrustStatus status = getStatus();
+
+		MobileBKUHelper.registerTrustedSocketFactory();
+		HttpClient client = BKUHelper.getHttpClient();
+
+		GetMethod get = new GetMethod(status.getBaseURL() + "/" + //$NON-NLS-1$
+				status.getQRCode());
+
+		try {
+			log.debug("Getting " + get.getURI()); //$NON-NLS-1$
+			int returnCode = client.executeMethod(get);
+
+			if (returnCode != HttpStatus.SC_OK) {
+				log.error("Error getting QR code"); //$NON-NLS-1$
+				return null;
+			}
+
+			return get.getResponseBodyAsStream();
+		} catch (Exception e) {
+			log.error("Error getting QR code", e); //$NON-NLS-1$
+			return null;
+		}
+	}
+
+	/**
+	 * Get Signature page after scanning QR code
+	 * @return the response
+	 * @throws IOException Error during get
+	 */
+	public String getSignaturePage() throws IOException {
+		ATrustStatus status = getStatus();
+
+		MobileBKUHelper.registerTrustedSocketFactory();
+		HttpClient client = BKUHelper.getHttpClient();
+
+		GetMethod get = new GetMethod(status.getBaseURL()
+				+ "/signature.aspx?sid=" + status.getSessionID()); //$NON-NLS-1$
+
+		return executeGet(client, get);
+	}
+
+	/**
+	 * Parse QR code response
+	 * @param responseData
+	 * @return whether a SL response was received
+	 */
+	public boolean handleQRResponse(String responseData) {
+		getStatus().setErrorMessage(null);
+		if (responseData.contains("sl:CreateXMLSignatureResponse xmlns:sl") || //$NON-NLS-1$
+		    responseData.contains("sl:CreateCMSSignatureResponse xmlns:sl")) { //$NON-NLS-1$
+			// success !!
+
+			getSigningState().setSignatureResponse(
+					new SLResponse(responseData, getStatus().getServer(), null, null));
+			return true;
+		}
+		return false;
+	}
+
 	@Override
 	public ATrustStatus getStatus() {
 		return (ATrustStatus) getState().getStatus();
diff --git a/pdf-over-gui/src/main/java/at/asit/pdfover/gui/bku/mobile/ATrustStatus.java b/pdf-over-gui/src/main/java/at/asit/pdfover/gui/bku/mobile/ATrustStatus.java
index 3fedf73e..a97826b2 100644
--- a/pdf-over-gui/src/main/java/at/asit/pdfover/gui/bku/mobile/ATrustStatus.java
+++ b/pdf-over-gui/src/main/java/at/asit/pdfover/gui/bku/mobile/ATrustStatus.java
@@ -37,6 +37,7 @@ public class ATrustStatus extends AbstractMobileBKUStatusImpl {
 
 	private String viewstate;
 	private String eventvalidation;
+	private String qrcode = null;
 
 	/**
 	 * Constructor
@@ -69,7 +70,7 @@ public class ATrustStatus extends AbstractMobileBKUStatusImpl {
 	public void setViewstate(String viewstate) {
 		this.viewstate = viewstate;
 	}
-	
+
 	/**
 	 * @return the eventvalidation
 	 */
@@ -83,4 +84,20 @@ public class ATrustStatus extends AbstractMobileBKUStatusImpl {
 	public void setEventvalidation(String eventvalidation) {
 		this.eventvalidation = eventvalidation;
 	}
+
+	/**
+	 * @return the QR code
+	 */
+	public String getQRCode() {
+		return this.qrcode;
+	}
+
+	/**
+	 * @param qrcode
+	 *            the QR code to set
+	 */
+	public void setQRCode(String qrcode) {
+		this.qrcode = qrcode;
+	}
+	
 }
diff --git a/pdf-over-gui/src/main/java/at/asit/pdfover/gui/bku/mobile/MobileBKUHandler.java b/pdf-over-gui/src/main/java/at/asit/pdfover/gui/bku/mobile/MobileBKUHandler.java
index 429000f1..6c6b9f84 100644
--- a/pdf-over-gui/src/main/java/at/asit/pdfover/gui/bku/mobile/MobileBKUHandler.java
+++ b/pdf-over-gui/src/main/java/at/asit/pdfover/gui/bku/mobile/MobileBKUHandler.java
@@ -238,8 +238,11 @@ public abstract class MobileBKUHandler {
 				Matcher m = pat.matcher(responseData);
 				if (m.find()) {
 					String content = m.group(1);
-					int start = content.indexOf("URL=") +9; //$NON-NLS-1$
-					redirectLocation  = content.substring(start, content.length() - 5);
+					int start = content.indexOf("URL="); //$NON-NLS-1$
+					if (start != -1) {
+						start += 9;
+						redirectLocation  = content.substring(start, content.length() - 5);
+					}
 				}
 			} else {
 				throw new HttpException(
@@ -261,4 +264,84 @@ public abstract class MobileBKUHandler {
 
 		return responseData;
 	}
+
+	/**
+	 * Execute a get from the mobile BKU, following redirects
+	 * @param client the HttpClient
+	 * @param get the GetMethod
+	 * @return the response
+	 * @throws IOException IO error
+	 */
+	protected String executeGet(HttpClient client, GetMethod get) throws IOException {
+		log.debug("Getting " + get.getURI()); //$NON-NLS-1$
+		int returnCode = client.executeMethod(get);
+
+		String redirectLocation = null;
+
+		GetMethod get2 = null;
+
+		String responseData = null;
+
+		String server = null;
+
+		// Follow redirects
+		do {
+			// check return code
+			if (returnCode == HttpStatus.SC_MOVED_TEMPORARILY ||
+				returnCode == HttpStatus.SC_MOVED_PERMANENTLY) {
+
+				Header locationHeader = get.getResponseHeader("location"); //$NON-NLS-1$
+				if (locationHeader != null) {
+					redirectLocation = locationHeader.getValue();
+				} else {
+					throw new IOException(
+							"Got HTTP 302 but no location to follow!"); //$NON-NLS-1$
+				}
+			} else if (returnCode == HttpStatus.SC_OK) {
+				if (get2 != null) {
+					responseData = get2.getResponseBodyAsString();
+					Header serverHeader = get2.getResponseHeader(
+							LocalBKUState.BKU_RESPONSE_HEADER_SERVER);
+					if (serverHeader != null)
+						server = serverHeader.getValue();
+				} else {
+					responseData = get.getResponseBodyAsString();
+
+					Header serverHeader = get.getResponseHeader(
+							LocalBKUState.BKU_RESPONSE_HEADER_SERVER);
+					if (serverHeader != null)
+						server = serverHeader.getValue();
+				}
+				redirectLocation = null;
+				String p = "<meta [^>]*http-equiv=\"refresh\" [^>]*content=\"([^\"]*)\""; //$NON-NLS-1$
+				Pattern pat = Pattern.compile(p);
+				Matcher m = pat.matcher(responseData);
+				if (m.find()) {
+					String content = m.group(1);
+					int start = content.indexOf("URL="); //$NON-NLS-1$
+					if (start != -1) {
+						start += 9;
+						redirectLocation  = content.substring(start, content.length() - 5);
+					}
+				}
+			} else {
+				throw new HttpException(
+						HttpStatus.getStatusText(returnCode));
+			}
+
+			if (redirectLocation != null) {
+				redirectLocation = getStatus().ensureSessionID(redirectLocation);
+				log.debug("Redirected to " + redirectLocation); //$NON-NLS-1$
+				get2 = new GetMethod(redirectLocation);
+				get2.setFollowRedirects(true);
+				returnCode = client.executeMethod(get2);
+			}
+		} while (redirectLocation != null);
+
+		getStatus().setServer(server);
+		if (server != null)
+			log.info("Server: " + server); //$NON-NLS-1$
+
+		return responseData;
+	}
 }
-- 
cgit v1.2.3