diff options
author | Thomas Lenz <thomas.lenz@egiz.gv.at> | 2019-04-23 15:00:13 +0200 |
---|---|---|
committer | Thomas Lenz <thomas.lenz@egiz.gv.at> | 2019-04-23 15:00:13 +0200 |
commit | 5c1b5b863fe8d6c08cfe0749fed7ce9594827f8a (patch) | |
tree | e96cf3ae1f3ed011b0588fd7a341038484c55017 /eaaf_core/src/main/java/at/gv/egiz/eaaf/core/impl/idp/controller | |
parent | f689c1e404b5cf22d17346da75a296c825a3ba03 (diff) | |
download | EAAF-Components-5c1b5b863fe8d6c08cfe0749fed7ce9594827f8a.tar.gz EAAF-Components-5c1b5b863fe8d6c08cfe0749fed7ce9594827f8a.tar.bz2 EAAF-Components-5c1b5b863fe8d6c08cfe0749fed7ce9594827f8a.zip |
add different strategies for pendingRequestId generation
Diffstat (limited to 'eaaf_core/src/main/java/at/gv/egiz/eaaf/core/impl/idp/controller')
2 files changed, 34 insertions, 21 deletions
diff --git a/eaaf_core/src/main/java/at/gv/egiz/eaaf/core/impl/idp/controller/AbstractController.java b/eaaf_core/src/main/java/at/gv/egiz/eaaf/core/impl/idp/controller/AbstractController.java index 4e58868b..1da8036c 100644 --- a/eaaf_core/src/main/java/at/gv/egiz/eaaf/core/impl/idp/controller/AbstractController.java +++ b/eaaf_core/src/main/java/at/gv/egiz/eaaf/core/impl/idp/controller/AbstractController.java @@ -27,6 +27,7 @@ package at.gv.egiz.eaaf.core.impl.idp.controller; import java.io.IOException; + import javax.servlet.http.HttpServletRequest; import javax.servlet.http.HttpServletResponse; @@ -47,6 +48,7 @@ import at.gv.egiz.eaaf.core.api.idp.auth.services.IProtocolAuthenticationService import at.gv.egiz.eaaf.core.api.logging.IRevisionLogger; import at.gv.egiz.eaaf.core.api.storage.ITransactionStorage; import at.gv.egiz.eaaf.core.exceptions.EAAFException; +import at.gv.egiz.eaaf.core.exceptions.PendingReqIdValidationException; import at.gv.egiz.eaaf.core.exceptions.ProcessExecutionException; import at.gv.egiz.eaaf.core.exceptions.TaskExecutionException; import at.gv.egiz.eaaf.core.impl.utils.Random; @@ -105,7 +107,7 @@ public abstract class AbstractController { } protected void handleError(final String errorMessage, final Throwable exceptionThrown, - final HttpServletRequest req, final HttpServletResponse resp, final IRequest pendingReq) throws IOException, EAAFException { + final HttpServletRequest req, final HttpServletResponse resp, IRequest pendingReq) throws IOException, EAAFException { Throwable loggedException = null; final Throwable extractedException = extractOriginalExceptionFromProcessException(exceptionThrown); @@ -115,13 +117,17 @@ public abstract class AbstractController { //set original exception loggedException = ((TaskExecutionException) extractedException).getOriginalException(); - //use TaskExecutionException directly, if no Original Exeception is included - if (loggedException == null) - loggedException = exceptionThrown; - - } else + } else if (exceptionThrown instanceof PendingReqIdValidationException) { + log.trace("Find pendingRequestId validation exception. Looking for invalid pending-request ... "); + if (((PendingReqIdValidationException) exceptionThrown).getInvalidPendingReq() != null) + pendingReq = ((PendingReqIdValidationException) exceptionThrown).getInvalidPendingReq(); + + } + + //use TaskExecutionException directly, if no Original Exeception is included + if (loggedException == null) loggedException = exceptionThrown; - + try { //switch to protocol-finalize method to generate a protocol-specific error message diff --git a/eaaf_core/src/main/java/at/gv/egiz/eaaf/core/impl/idp/controller/protocols/RequestImpl.java b/eaaf_core/src/main/java/at/gv/egiz/eaaf/core/impl/idp/controller/protocols/RequestImpl.java index 527b79a1..5667fad7 100644 --- a/eaaf_core/src/main/java/at/gv/egiz/eaaf/core/impl/idp/controller/protocols/RequestImpl.java +++ b/eaaf_core/src/main/java/at/gv/egiz/eaaf/core/impl/idp/controller/protocols/RequestImpl.java @@ -41,6 +41,7 @@ import javax.servlet.http.HttpServletRequest; import org.apache.commons.lang3.StringUtils; import org.slf4j.Logger; import org.slf4j.LoggerFactory; +import org.springframework.lang.NonNull; import at.gv.egiz.eaaf.core.api.IRequest; import at.gv.egiz.eaaf.core.api.data.EAAFConstants; @@ -61,11 +62,11 @@ public abstract class RequestImpl implements IRequest, Serializable{ public static final String DATAID_REQUESTER_IP_ADDRESS = "reqestImpl_requesterIPAddr"; private static final long serialVersionUID = 1L; - + private String module = null; private String action = null; - private String pendingRequestId; + private String pendingRequestId = null; private String processInstanceId; private String internalSSOSessionId; @@ -92,7 +93,7 @@ public abstract class RequestImpl implements IRequest, Serializable{ private boolean needUserConsent = false; - private Map<String, Object> genericDataStorage = new HashMap<String, Object>(); + private final Map<String, Object> genericDataStorage = new HashMap<String, Object>(); @@ -100,10 +101,7 @@ public abstract class RequestImpl implements IRequest, Serializable{ * @throws ConfigurationException * */ - public final void initialize(HttpServletRequest req, IConfiguration authConfig) throws EAAFException { - //set pendingRequestId - pendingRequestId = Random.nextLongRandom(); - + public final void initialize(HttpServletRequest req, IConfiguration authConfig) throws EAAFException { //set unique transaction identifier for logging uniqueTransactionIdentifer = Random.nextLongRandom(); TransactionIDUtils.setTransactionId(uniqueTransactionIdentifer); @@ -113,12 +111,12 @@ public abstract class RequestImpl implements IRequest, Serializable{ //genericDataStorage.put(EAAFConstants.VALUE_SESSIONID, Random.nextLongRandom()); //check if End-Point is valid - String authURLString = HTTPUtils.extractAuthURLFromRequest(req); + final String authURLString = HTTPUtils.extractAuthURLFromRequest(req); URL authReqURL; try { authReqURL = new URL(authURLString); - } catch (MalformedURLException e) { + } catch (final MalformedURLException e) { log.error("IDP AuthenticationServiceURL Prefix is not a valid URL." + authURLString, e); throw new EAAFAuthenticationException("errorId", new Object[]{authURLString}, e); @@ -131,7 +129,7 @@ public abstract class RequestImpl implements IRequest, Serializable{ } //set unique session identifier - String uniqueID = (String) req.getAttribute(EAAFConstants.UNIQUESESSIONIDENTIFIER); + final String uniqueID = (String) req.getAttribute(EAAFConstants.UNIQUESESSIONIDENTIFIER); if (StringUtils.isNotEmpty(uniqueID)) this.uniqueSessionIdentifer = uniqueID; @@ -145,7 +143,7 @@ public abstract class RequestImpl implements IRequest, Serializable{ try { setRawDataToTransaction(DATAID_REQUESTER_IP_ADDRESS, req.getRemoteAddr()); - } catch (EAAFStorageException e) { + } catch (final EAAFStorageException e) { log.info("Can NOT store remote IP address into 'pendingRequest'." , e); } @@ -203,7 +201,11 @@ public abstract class RequestImpl implements IRequest, Serializable{ } @Override + @NonNull public final String getPendingRequestId() { + if (pendingRequestId == null) + throw new IllegalStateException("No PendingRequestId set!!!"); + return pendingRequestId; } @@ -333,6 +335,7 @@ public abstract class RequestImpl implements IRequest, Serializable{ return isAuthenticated; } + @Override public final void setAuthenticated(boolean isAuthenticated) { this.isAuthenticated = isAuthenticated; } @@ -341,6 +344,7 @@ public abstract class RequestImpl implements IRequest, Serializable{ public final boolean needSingleSignOnFunctionality() { return needSSO; } + @Override public final void setNeedSingleSignOnFunctionality(boolean needSSO) { this.needSSO = needSSO; @@ -352,6 +356,7 @@ public abstract class RequestImpl implements IRequest, Serializable{ } + @Override public final void setNeedUserConsent(boolean needConsent) { this.needUserConsent = needConsent; @@ -362,6 +367,7 @@ public abstract class RequestImpl implements IRequest, Serializable{ return this.isAbortedByUser; } + @Override public final void setAbortedByUser(boolean isAborted) { this.isAbortedByUser = isAborted; @@ -381,17 +387,18 @@ public abstract class RequestImpl implements IRequest, Serializable{ @Override public final <T> T getRawData(String key, final Class<T> clazz) { if (StringUtils.isNotEmpty(key)) { - Object data = genericDataStorage.get(key); + final Object data = genericDataStorage.get(key); if (data == null) return null; try { @SuppressWarnings("unchecked") + final T test = (T) data; return test; - } catch (Exception e) { + } catch (final Exception e) { log.warn("Generic request-data object can not be casted to requested type", e); return null; @@ -438,7 +445,7 @@ public abstract class RequestImpl implements IRequest, Serializable{ } //validate and store values - for (Entry<String, Object> el : map.entrySet()) + for (final Entry<String, Object> el : map.entrySet()) setRawDataToTransaction(el.getKey(), el.getValue()); } |