diff options
| author | lalber <lukas.alber@iaik.tugraz.at> | 2021-03-10 10:24:40 +0100 | 
|---|---|---|
| committer | lalber <lukas.alber@iaik.tugraz.at> | 2021-03-10 10:24:40 +0100 | 
| commit | b8119f581482297d3142d2a4c6b0405a15afaa26 (patch) | |
| tree | ce6982dd6cc9208947d22e52f99a9405dfc381af | |
| parent | d025ac30b9c65a19535c7d6955b084960b4d0621 (diff) | |
| download | EAAF-Components-b8119f581482297d3142d2a4c6b0405a15afaa26.tar.gz EAAF-Components-b8119f581482297d3142d2a4c6b0405a15afaa26.tar.bz2 EAAF-Components-b8119f581482297d3142d2a4c6b0405a15afaa26.zip | |
Second version of feature
2 files changed, 71 insertions, 53 deletions
| diff --git a/eaaf_core/src/main/java/at/gv/egiz/eaaf/core/impl/idp/auth/services/ProtocolAuthenticationService.java b/eaaf_core/src/main/java/at/gv/egiz/eaaf/core/impl/idp/auth/services/ProtocolAuthenticationService.java index 9b7fcce4..63e84dcb 100644 --- a/eaaf_core/src/main/java/at/gv/egiz/eaaf/core/impl/idp/auth/services/ProtocolAuthenticationService.java +++ b/eaaf_core/src/main/java/at/gv/egiz/eaaf/core/impl/idp/auth/services/ProtocolAuthenticationService.java @@ -24,6 +24,7 @@ import at.gv.egiz.eaaf.core.api.IRequest;  import at.gv.egiz.eaaf.core.api.IRequestStorage;  import at.gv.egiz.eaaf.core.api.IStatusMessenger;  import at.gv.egiz.eaaf.core.api.data.EaafConstants; +import at.gv.egiz.eaaf.core.api.data.ExceptionContainer;  import at.gv.egiz.eaaf.core.api.gui.IGuiBuilderConfiguration;  import at.gv.egiz.eaaf.core.api.gui.IGuiBuilderConfigurationFactory;  import at.gv.egiz.eaaf.core.api.gui.IGuiFormBuilder; @@ -39,6 +40,7 @@ import at.gv.egiz.eaaf.core.api.idp.auth.services.IProtocolAuthenticationService  import at.gv.egiz.eaaf.core.api.idp.slo.SloInformationInterface;  import at.gv.egiz.eaaf.core.api.logging.IRevisionLogger;  import at.gv.egiz.eaaf.core.api.logging.IStatisticLogger; +import at.gv.egiz.eaaf.core.api.storage.ITransactionStorage;  import at.gv.egiz.eaaf.core.api.utils.IPendingRequestIdGenerationStrategy;  import at.gv.egiz.eaaf.core.exceptions.AuthnRequestValidatorException;  import at.gv.egiz.eaaf.core.exceptions.EaafAuthenticationException; @@ -66,6 +68,7 @@ import org.springframework.context.ApplicationContext;  import org.springframework.lang.NonNull;  import org.springframework.lang.Nullable;  import org.springframework.stereotype.Service; +import org.springframework.util.SerializationUtils;  import javax.annotation.PostConstruct;  import javax.naming.ConfigurationException; @@ -107,6 +110,12 @@ public class ProtocolAuthenticationService implements IProtocolAuthenticationSer    @Autowired    private IRevisionLogger revisionsLogger; +  @Autowired(required = true) +  protected ITransactionStorage transactionStorage; + +  @Autowired IPendingRequestIdGenerationStrategy requestIdValidationStragegy; + +    private IGuiFormBuilder guiBuilder;    private final HashSet<String> logOnInfoLevel = new HashSet<>(); @@ -229,6 +238,14 @@ public class ProtocolAuthenticationService implements IProtocolAuthenticationSer          displayException(req, resp, errorData); +        // Put pending request +        ExceptionContainer exceptionContainer = new ExceptionContainer(protocolRequest, throwable); +        byte[] serialized = SerializationUtils.serialize(exceptionContainer); +//        transactionStorage.put(req.getParameter(EaafConstants.PARAM_HTTP_ERROR_CODE), serialized, -1); +        String errorId = requestIdValidationStragegy.validateAndGetPendingRequestId(req.getParameter(EaafConstants.PARAM_HTTP_ERROR_CODE)); +        transactionStorage.put(errorId, serialized, -1); + +          // log Error to technical log          logExceptionToTechnicalLog(errorData); diff --git a/eaaf_core/src/main/java/at/gv/egiz/eaaf/core/impl/idp/controller/ProtocolFinalizationController.java b/eaaf_core/src/main/java/at/gv/egiz/eaaf/core/impl/idp/controller/ProtocolFinalizationController.java index f0be9a5e..37aab8df 100644 --- a/eaaf_core/src/main/java/at/gv/egiz/eaaf/core/impl/idp/controller/ProtocolFinalizationController.java +++ b/eaaf_core/src/main/java/at/gv/egiz/eaaf/core/impl/idp/controller/ProtocolFinalizationController.java @@ -15,7 +15,7 @@   * This product combines work with different licenses. See the "NOTICE" text file for details on the   * various modules and licenses. The "NOTICE" text file is part of the distribution. Any derivative   * works that you distribute must include a readable copy of the "NOTICE" text file. -*/ + */  package at.gv.egiz.eaaf.core.impl.idp.controller; @@ -25,6 +25,7 @@ import at.gv.egiz.eaaf.core.api.IRequestStorage;  import at.gv.egiz.eaaf.core.api.IStatusMessenger;  import at.gv.egiz.eaaf.core.api.data.EaafConstants;  import at.gv.egiz.eaaf.core.api.data.ExceptionContainer; +import at.gv.egiz.eaaf.core.api.idp.IModulInfo;  import at.gv.egiz.eaaf.core.api.utils.IPendingRequestIdGenerationStrategy;  import at.gv.egiz.eaaf.core.exceptions.EaafException;  import at.gv.egiz.eaaf.core.impl.utils.TransactionIdUtils; @@ -45,7 +46,6 @@ import java.io.IOException;   * Protocol finialization end-point.   *   * @author tlenz - *   */  @Controller  public class ProtocolFinalizationController extends AbstractController { @@ -56,14 +56,14 @@ public class ProtocolFinalizationController extends AbstractController {    @Autowired(required = true)    IRequestStorage requestStorage; -  @Autowired IPendingRequestIdGenerationStrategy requestIdValidationStragegy; +  @Autowired +  IPendingRequestIdGenerationStrategy requestIdValidationStragegy; -  @RequestMapping(value = ENDPOINT_ERROR_REDIRECT, method = { RequestMethod.GET, RequestMethod.POST }) +  @RequestMapping(value = ENDPOINT_ERROR_REDIRECT, method = {RequestMethod.GET, RequestMethod.POST})    public void errorRedirect(final HttpServletRequest req, final HttpServletResponse resp)        throws EaafException, IOException { -    final String errorToken = -        StringEscapeUtils.escapeHtml4(req.getParameter(EaafConstants.PARAM_HTTP_ERROR_CODE)); +    final String errorToken = StringEscapeUtils.escapeHtml4(req.getParameter(EaafConstants.PARAM_HTTP_ERROR_CODE));      if (errorToken != null) {        IRequest pendingReq = null;        try { @@ -89,29 +89,34 @@ public class ProtocolFinalizationController extends AbstractController {              pendingReq = container.getPendingRequest();              if (pendingReq != null) { +              //TODO finish +              final Class<?> clazz = Class.forName(pendingReq.requestedModule()); + +              if (clazz == null || !IModulInfo.class.isAssignableFrom(clazz)) { +                log.error("Requested protocol module Class is NULL or does not implement the IModulInfo interface."); +                throw new ClassCastException( +                    "Requested protocol module Class is NULL or does not implement the IModulInfo interface."); + +              } +              final IModulInfo handlingModule = (IModulInfo) applicationContext.getBean(clazz); + +              handlingModule.generateErrorMessage(throwable, req, resp, pendingReq);              }            }          } -      } catch (Exception e) { +      } catch (Throwable e) { +        log.error(e.getMessage(), e); +        protAuthService.handleErrorNoRedirect(e, req, resp, false); +      } finally { +        // remove pending-request +        if (pendingReq != null) { +          requestStorage.removePendingRequest(pendingReq.getPendingRequestId()); +          revisionsLogger.logEvent(EventConstants.TRANSACTION_DESTROYED, pendingReq.getUniqueTransactionIdentifier()); + +        }        }      } - -    //TODO finish -//    final Class<?> clazz = Class.forName(req.requestedModule()); -// -//    if (clazz == null || !IModulInfo.class.isAssignableFrom(clazz)) { -//      log.error( -//          "Requested protocol module Class is NULL or does not implement the IModulInfo interface."); -//      throw new ClassCastException( -//          "Requested protocol module Class is NULL or does not implement the IModulInfo interface."); -// -//    } -// -//    final IModulInfo handlingModule = (IModulInfo) applicationContext.getBean(clazz); -// -//    handlingModule.generateErrorMessage(throwable, req, resp, protocolRequest); -    }    /** @@ -123,32 +128,30 @@ public class ProtocolFinalizationController extends AbstractController {     * @throws IOException   In case of a servlet error     */    // TODO reuse for the redirection to SP or own enpoint -  @RequestMapping(value = ENDPOINT_ERRORHANDLING, method = { RequestMethod.GET, RequestMethod.POST }) +  @RequestMapping(value = ENDPOINT_ERRORHANDLING, method = {RequestMethod.GET, RequestMethod.POST})    public void errorHandling(final HttpServletRequest req, final HttpServletResponse resp)        throws EaafException, IOException {      // receive an authentication error -    final String errorToken = -        StringEscapeUtils.escapeHtml4(req.getParameter(EaafConstants.PARAM_HTTP_ERROR_CODE)); +    final String errorToken = StringEscapeUtils.escapeHtml4(req.getParameter(EaafConstants.PARAM_HTTP_ERROR_CODE));      if (errorToken != null) {        IRequest pendingReq = null; -      try {        -        String errorId = requestIdValidationStragegy.validateAndGetPendingRequestId(errorToken);                 +      try { +        String errorId = requestIdValidationStragegy.validateAndGetPendingRequestId(errorToken);          log.debug("Searching exception with internal error-token: {}", errorId); -         +          // load stored exception from database -        final byte[] containerSerialized = -            transactionStorage.get(errorId, byte[].class); +        final byte[] containerSerialized = transactionStorage.get(errorId, byte[].class);          if (containerSerialized != null) {            // remove exception if it was found            transactionStorage.remove(errorId);            log.trace("Find exception with internal error-token: {}", errorId); -           +            //final Object containerObj = EaafSerializationUtils.deserialize(containerSerialized,             //    Arrays.asList(            //        ExceptionContainer.class.getName()            //        ));            final Object containerObj = SerializationUtils.deserialize(containerSerialized); -           +            if (containerObj instanceof ExceptionContainer) {              final ExceptionContainer container = (ExceptionContainer) containerObj;              final Throwable throwable = container.getExceptionThrown(); @@ -157,7 +160,7 @@ public class ProtocolFinalizationController extends AbstractController {              if (pendingReq != null) {                //set MDC variables                TransactionIdUtils.setAllLoggingVariables(pendingReq); -               +                // build protocol-specific error message if possible                protAuthService.buildProtocolSpecificErrorResponse(throwable, req, resp, pendingReq); @@ -170,17 +173,17 @@ public class ProtocolFinalizationController extends AbstractController {              }            } else { -            protAuthService.handleErrorNoRedirect( -                new EaafException(IStatusMessenger.CODES_INTERNAL_ERROR_GENERIC, null), -                req, resp, false); +            protAuthService +                .handleErrorNoRedirect(new EaafException(IStatusMessenger.CODES_INTERNAL_ERROR_GENERIC, null), req, +                    resp, false);            }          } else {            log.info("Find no exception with internal error-token: {}", errorId); -          protAuthService.handleErrorNoRedirect( -              new EaafException(IStatusMessenger.CODES_INTERNAL_ERROR_AUTH_NOPENDIGREQID, null), -              req, resp, false); +          protAuthService +              .handleErrorNoRedirect(new EaafException(IStatusMessenger.CODES_INTERNAL_ERROR_AUTH_NOPENDIGREQID, null), +                  req, resp, false);          } @@ -192,11 +195,10 @@ public class ProtocolFinalizationController extends AbstractController {          // remove pending-request          if (pendingReq != null) {            requestStorage.removePendingRequest(pendingReq.getPendingRequestId()); -          revisionsLogger.logEvent(EventConstants.TRANSACTION_DESTROYED, -              pendingReq.getUniqueTransactionIdentifier()); +          revisionsLogger.logEvent(EventConstants.TRANSACTION_DESTROYED, pendingReq.getUniqueTransactionIdentifier());          } -         +          //remove all Logger variables          TransactionIdUtils.removeAllLoggingVariables(); @@ -204,9 +206,9 @@ public class ProtocolFinalizationController extends AbstractController {      } else {        log.debug("Request contains NO ErrorId"); -      protAuthService.handleErrorNoRedirect( -          new EaafException(IStatusMessenger.CODES_INTERNAL_ERROR_AUTH_NOPENDIGREQID, null), req, -          resp, false); +      protAuthService +          .handleErrorNoRedirect(new EaafException(IStatusMessenger.CODES_INTERNAL_ERROR_AUTH_NOPENDIGREQID, null), req, +              resp, false);      } @@ -220,7 +222,7 @@ public class ProtocolFinalizationController extends AbstractController {     * @throws EaafException In case of an internal error     * @throws IOException   In case of a servlet error     */ -  @RequestMapping(value = ENDPOINT_FINALIZEPROTOCOL, method = { RequestMethod.GET }) +  @RequestMapping(value = ENDPOINT_FINALIZEPROTOCOL, method = {RequestMethod.GET})    public void finalizeAuthProtocol(final HttpServletRequest req, final HttpServletResponse resp)        throws EaafException, IOException { @@ -232,19 +234,18 @@ public class ProtocolFinalizationController extends AbstractController {      if (pendingReq == null) {        log.error("No PendingRequest with ID " + pendingRequestID + " found.!");        protAuthService.handleErrorNoRedirect( -          new EaafException(IStatusMessenger.CODES_INTERNAL_ERROR_AUTH_TIMEOUT, -              new Object[] { pendingRequestID, }), -          req, resp, false); +          new EaafException(IStatusMessenger.CODES_INTERNAL_ERROR_AUTH_TIMEOUT, new Object[]{pendingRequestID,}), req, +          resp, false);      } else {        //set MDC variables        TransactionIdUtils.setAllLoggingVariables(pendingReq); -       +        //perform protocol finalization steps        protAuthService.finalizeAuthentication(req, resp, pendingReq); -                   +      } -     +    }  } | 
