From 6d3b9d99b0e708d2516caf0f098c58c8a9585114 Mon Sep 17 00:00:00 2001
From: tkellner <tkellner@174cde9d-5d70-4d2a-aa98-46368bc2aaf7>
Date: Wed, 10 Apr 2013 18:54:34 +0000
Subject: Mobile BKU first working (currently set to work with test mobile BKU
 from A-Trust

git-svn-id: https://joinup.ec.europa.eu/svn/pdf-over/trunk@31 174cde9d-5d70-4d2a-aa98-46368bc2aaf7
---
 .../states/mobilebku/PostCredentialsThread.java    | 176 +++++++++++++++++++++
 1 file changed, 176 insertions(+)
 create mode 100644 pdf-over-gui/src/main/java/at/asit/pdfover/gui/workflow/states/mobilebku/PostCredentialsThread.java

(limited to 'pdf-over-gui/src/main/java/at/asit/pdfover/gui/workflow/states/mobilebku/PostCredentialsThread.java')

diff --git a/pdf-over-gui/src/main/java/at/asit/pdfover/gui/workflow/states/mobilebku/PostCredentialsThread.java b/pdf-over-gui/src/main/java/at/asit/pdfover/gui/workflow/states/mobilebku/PostCredentialsThread.java
new file mode 100644
index 00000000..df18c231
--- /dev/null
+++ b/pdf-over-gui/src/main/java/at/asit/pdfover/gui/workflow/states/mobilebku/PostCredentialsThread.java
@@ -0,0 +1,176 @@
+/*
+ * Copyright 2012 by A-SIT, Secure Information Technology Center Austria
+ *
+ * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by
+ * the European Commission - subsequent versions of the EUPL (the "Licence");
+ * You may not use this work except in compliance with the Licence.
+ * You may obtain a copy of the Licence at:
+ * http://joinup.ec.europa.eu/software/page/eupl
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the Licence is distributed on an "AS IS" basis,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the Licence for the specific language governing permissions and
+ * limitations under the Licence.
+ */
+package at.asit.pdfover.gui.workflow.states.mobilebku;
+
+// Imports
+import java.io.IOException;
+
+import org.apache.commons.httpclient.Header;
+import org.apache.commons.httpclient.HttpClient;
+import org.apache.commons.httpclient.HttpException;
+import org.apache.commons.httpclient.HttpStatus;
+import org.apache.commons.httpclient.methods.GetMethod;
+import org.apache.commons.httpclient.methods.PostMethod;
+import org.apache.commons.httpclient.protocol.Protocol;
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
+
+import at.asit.pdfover.gui.workflow.states.LocalBKUState;
+import at.asit.pdfover.gui.workflow.states.MobileBKUState;
+
+/**
+ * 
+ */
+public class PostCredentialsThread implements Runnable {
+	/**
+	 * SLF4J Logger instance
+	 **/
+	private static final Logger log = LoggerFactory
+			.getLogger(PostCredentialsThread.class);
+
+	private MobileBKUState state;
+
+	/**
+	 * Constructor
+	 * 
+	 * @param state
+	 */
+	public PostCredentialsThread(MobileBKUState state) {
+		this.state = state;
+	}
+	
+	/* (non-Javadoc)
+	 * @see java.lang.Runnable#run()
+	 */
+	@Override
+	public void run() {
+		try {
+			MobileBKUStatus status = this.state.getStatus();
+			
+			
+			Protocol.registerProtocol("https", //$NON-NLS-1$
+					new Protocol("https", new TrustedSocketFactory(), 443)); //$NON-NLS-1$
+
+			HttpClient client = new HttpClient();
+			client.getParams().setParameter("http.useragent", //$NON-NLS-1$
+					LocalBKUState.PDF_OVER_USER_AGENT_STRING);
+			
+			PostMethod method = new PostMethod(status.getBaseURL() + "/identification.aspx?sid=" + status.getSessionID());
+			
+			method.addParameter("__VIEWSTATE", status.getViewstate()); //$NON-NLS-1$
+			method.addParameter("__EVENTVALIDATION", status.getEventvalidation()); //$NON-NLS-1$
+			method.addParameter("handynummer", status.getPhoneNumber()); //$NON-NLS-1$
+			method.addParameter("signaturpasswort", status.getMobilePassword()); //$NON-NLS-1$
+			method.addParameter("Button_Identification", "Identifizieren"); //$NON-NLS-1$ //$NON-NLS-2$
+			
+			int returnCode = client.executeMethod(method);
+
+			String redirectLocation = null;
+
+			GetMethod gmethod = null;
+			
+			String responseData = null;
+			
+			// Follow redirects
+			do {
+				// check return code
+				if (returnCode == HttpStatus.SC_MOVED_TEMPORARILY ||
+					returnCode == HttpStatus.SC_MOVED_PERMANENTLY) {
+
+					Header locationHeader = method
+							.getResponseHeader("location");  //$NON-NLS-1$
+					if (locationHeader != null) {
+						redirectLocation = locationHeader.getValue();
+					} else {
+						throw new IOException(
+								"Got HTTP 302 but no location to follow!");  //$NON-NLS-1$
+					}
+				} else if(returnCode == HttpStatus.SC_OK) {
+					if(gmethod != null) {
+						responseData = gmethod.getResponseBodyAsString();
+					} else {
+						responseData = method.getResponseBodyAsString();
+					} 
+					redirectLocation = null;
+				} else {
+					throw new HttpException(HttpStatus.getStatusText(returnCode));
+				}
+				
+				if(redirectLocation != null) {
+					gmethod = new GetMethod(redirectLocation);
+					gmethod.setFollowRedirects(true);
+					returnCode = client.executeMethod(gmethod);
+				}
+				
+			} while(redirectLocation != null);
+
+			// Now we have received some data lets check it:
+			
+			log.debug("Repsonse from A-Trust: " + responseData); //$NON-NLS-1$
+			
+			String viewState = status.getViewstate();
+			String eventValidation = status.getEventvalidation();
+			String sessionID = status.getSessionID();
+			
+			String vergleichswert = null;
+			
+			status.setVergleichswert(null);
+			status.setErrorMessage(null);
+			
+			if(responseData.contains("signature.aspx?sid=")) { //$NON-NLS-1$
+				// credentials ok! TAN eingabe
+				sessionID = ATrustHelper.extractTag(responseData, "signature.aspx?sid=", "\""); //$NON-NLS-1$ //$NON-NLS-2$
+				viewState = ATrustHelper.extractTag(responseData, "id=\"__VIEWSTATE\" value=\"", "\""); //$NON-NLS-1$  //$NON-NLS-2$
+				
+				eventValidation = ATrustHelper.extractTag(responseData, "id=\"__EVENTVALIDATION\" value=\"", "\""); //$NON-NLS-1$  //$NON-NLS-2$
+				
+				vergleichswert = ATrustHelper.extractTag(responseData, "id='vergleichswert'><b>Vergleichswert:</b>", "</div>");  //$NON-NLS-1$//$NON-NLS-2$
+				
+				status.setVergleichswert(vergleichswert);
+				
+				this.state.setCommunicationState(MobileBKUCommunicationState.POST_TAN);
+			} else {
+				// error seite
+				// extract error text!
+				
+				String errorMessage = ATrustHelper.extractTag(responseData, "<span id=\"Label1\" class=\"ErrorClass\">", "</span>"); //$NON-NLS-1$ //$NON-NLS-2$
+				
+				this.state.getStatus().setErrorMessage(errorMessage);
+				
+				// force UI again!
+				status.setMobilePassword(null);
+			}
+			
+			log.info("sessionID: " + sessionID); //$NON-NLS-1$
+			log.info("Vergleichswert: " + vergleichswert); //$NON-NLS-1$
+			log.info("viewState: " + viewState); //$NON-NLS-1$
+			log.info("eventValidation: " + eventValidation); //$NON-NLS-1$
+			
+			status.setSessionID(sessionID);
+			
+			status.setViewstate(viewState);
+			
+			status.setEventvalidation(eventValidation);
+			
+		} catch (Exception ex) {
+			log.error("Error in PostCredentialsThread", ex); //$NON-NLS-1$
+			this.state.setThreadException(ex);
+		} finally {
+			this.state.invokeUpdate();
+		}
+	}
+
+}
-- 
cgit v1.2.3