diff options
author | Thomas Lenz <thomas.lenz@egiz.gv.at> | 2019-04-23 15:00:13 +0200 |
---|---|---|
committer | Thomas Lenz <thomas.lenz@egiz.gv.at> | 2019-04-23 15:00:13 +0200 |
commit | 5c1b5b863fe8d6c08cfe0749fed7ce9594827f8a (patch) | |
tree | e96cf3ae1f3ed011b0588fd7a341038484c55017 /eaaf_core/src/main/java/at/gv/egiz/eaaf/core/impl/idp | |
parent | f689c1e404b5cf22d17346da75a296c825a3ba03 (diff) | |
download | EAAF-Components-5c1b5b863fe8d6c08cfe0749fed7ce9594827f8a.tar.gz EAAF-Components-5c1b5b863fe8d6c08cfe0749fed7ce9594827f8a.tar.bz2 EAAF-Components-5c1b5b863fe8d6c08cfe0749fed7ce9594827f8a.zip |
add different strategies for pendingRequestId generation
Diffstat (limited to 'eaaf_core/src/main/java/at/gv/egiz/eaaf/core/impl/idp')
3 files changed, 152 insertions, 64 deletions
diff --git a/eaaf_core/src/main/java/at/gv/egiz/eaaf/core/impl/idp/auth/RequestStorage.java b/eaaf_core/src/main/java/at/gv/egiz/eaaf/core/impl/idp/auth/RequestStorage.java index e4288e62..2115d9b0 100644 --- a/eaaf_core/src/main/java/at/gv/egiz/eaaf/core/impl/idp/auth/RequestStorage.java +++ b/eaaf_core/src/main/java/at/gv/egiz/eaaf/core/impl/idp/auth/RequestStorage.java @@ -26,6 +26,7 @@ *******************************************************************************/ package at.gv.egiz.eaaf.core.impl.idp.auth; +import org.apache.commons.lang3.StringUtils; import org.slf4j.Logger; import org.slf4j.LoggerFactory; import org.springframework.beans.factory.annotation.Autowired; @@ -35,35 +36,55 @@ import at.gv.egiz.eaaf.core.api.IRequest; import at.gv.egiz.eaaf.core.api.IRequestStorage; import at.gv.egiz.eaaf.core.api.idp.process.ProcessInstanceStoreDAO; import at.gv.egiz.eaaf.core.api.storage.ITransactionStorage; +import at.gv.egiz.eaaf.core.api.utils.IPendingRequestIdGenerationStrategy; import at.gv.egiz.eaaf.core.exceptions.EAAFException; import at.gv.egiz.eaaf.core.exceptions.EAAFStorageException; +import at.gv.egiz.eaaf.core.exceptions.PendingReqIdValidationException; import at.gv.egiz.eaaf.core.impl.idp.controller.protocols.RequestImpl; -import at.gv.egiz.eaaf.core.impl.utils.Random; import at.gv.egiz.eaaf.core.impl.utils.TransactionIDUtils; @Service("RequestStorage") public class RequestStorage implements IRequestStorage{ private static final Logger log = LoggerFactory.getLogger(RequestStorage.class); - @Autowired ITransactionStorage transactionStorage; - @Autowired ProcessInstanceStoreDAO processInstanceStore; - + @Autowired(required=true) ITransactionStorage transactionStorage; + @Autowired(required=true) ProcessInstanceStoreDAO processInstanceStore; + @Autowired(required=true) IPendingRequestIdGenerationStrategy pendingReqIdGenerationStrategy; + @Override - public IRequest getPendingRequest(String pendingReqID) { + public IRequest getPendingRequest(String pendingReqID) throws PendingReqIdValidationException { try { - IRequest pendingRequest = transactionStorage.get(pendingReqID, IRequest.class); - if (pendingRequest == null) { - log.info("No PendingRequst found with pendingRequestID " + pendingReqID); - return null; - - } + final String internalPendingReqId = + pendingReqIdGenerationStrategy.validateAndGetPendingRequestId(pendingReqID); + log.debug("PendingReqId is valid"); + + //get pending-request from storage + final IRequest pendingRequest = getInternalPendingRequest(internalPendingReqId); //set transactionID and sessionID to Logger TransactionIDUtils.setAllLoggingVariables(pendingRequest); return pendingRequest; - + + } catch (final PendingReqIdValidationException e) { + log.info("PendingRequestId is invalid. Reason: {} ", e.getMessage()); + + // search invalid pending-request for errorHandling + IRequest invalidPendingRequest = null; + try { + if (StringUtils.isNotEmpty(e.getInvalidInternalPendingReqId())) + invalidPendingRequest = transactionStorage.get(e.getInvalidInternalPendingReqId(), IRequest.class); + + } catch (final EAAFException e1) { + log.info("No PendingRequst found with pendingRequestID " + pendingReqID); + return null; + + } + + e.setInvalidPendingReq(invalidPendingRequest); + throw e; + } catch (EAAFException | NullPointerException e) { log.info("No PendingRequst found with pendingRequestID " + pendingReqID); return null; @@ -74,17 +95,27 @@ public class RequestStorage implements IRequestStorage{ @Override public void storePendingRequest(IRequest pendingRequest) throws EAAFException { try { - if (pendingRequest instanceof IRequest) - transactionStorage.put(((IRequest)pendingRequest).getPendingRequestId(), pendingRequest, -1); - - else + if (pendingRequest instanceof IRequest) { + try { + //validate pending-requestId + final String internalPendingRequestId = pendingReqIdGenerationStrategy.validateAndGetPendingRequestId(pendingRequest.getPendingRequestId()); + + //store pending request + transactionStorage.put(internalPendingRequestId, pendingRequest, -1); + + } catch (final PendingReqIdValidationException e) { + log.warn("Invalid pending-request-Id. Reason: {}", e.getMessage()); + log.warn("Do NOT store pending-request with invalid pending-request-Id. The process will break soon!"); + + } + + } else throw new EAAFException("PendigRequest is NOT of type 'IRequest'", null); - - - } catch (EAAFException e) { - log.warn("PendingRequest with ID=" + ((IRequest)pendingRequest).getPendingRequestId() + + + } catch (final EAAFException e) { + log.warn("PendingRequest with ID=" + pendingRequest.getPendingRequestId() + " can not stored.", e); - throw new EAAFStorageException("PendingRequest with Id: " + ((IRequest)pendingRequest).getPendingRequestId() + throw new EAAFStorageException("PendingRequest with Id: " + pendingRequest.getPendingRequestId() + " can not be stored", e); } @@ -92,25 +123,35 @@ public class RequestStorage implements IRequestStorage{ } @Override - public void removePendingRequest(String requestID) { + public void removePendingRequest(String pendingReqID) { - if (requestID != null) { - - //remove process-management execution instance + if (pendingReqID != null) { + String internalPendingReqId = null; try { - IRequest pendingReq = getPendingRequest(requestID); - - if (pendingReq != null && - pendingReq.getProcessInstanceId() != null) - processInstanceStore.remove(pendingReq.getProcessInstanceId()); - - } catch (EAAFException e) { - log.warn("Removing process associated with pending-request:" + requestID + " FAILED.", e); + internalPendingReqId = pendingReqIdGenerationStrategy.validateAndGetPendingRequestId(pendingReqID); + + } catch (final PendingReqIdValidationException e) { + internalPendingReqId = e.getInvalidInternalPendingReqId(); } - - transactionStorage.remove(requestID); + try { + //remove process-management execution instance# + if (internalPendingReqId != null) { + final IRequest pendingReq = getInternalPendingRequest(internalPendingReqId); + if (pendingReq != null && + pendingReq.getProcessInstanceId() != null) + processInstanceStore.remove(pendingReq.getProcessInstanceId()); + + //remove pending-request + transactionStorage.remove(internalPendingReqId); + } + + } catch (final EAAFException e) { + log.warn("Removing process associated with pending-request:" + pendingReqID + " FAILED.", e); + + } + } } @@ -119,25 +160,59 @@ public class RequestStorage implements IRequestStorage{ */ @Override public String changePendingRequestID(IRequest pendingRequest) throws EAAFException { - + + //TODO!!!! + if (pendingRequest instanceof RequestImpl) { - String newRequestID = Random.nextHexRandom32(); - String oldRequestID = pendingRequest.getPendingRequestId(); + //final String newRequestID = Random.nextHexRandom32(); + final String newRequestID = pendingReqIdGenerationStrategy.generateExternalPendingRequestId(); + ((RequestImpl)pendingRequest).setPendingRequestId(newRequestID); - log.debug("Change pendingRequestID from " + pendingRequest.getPendingRequestId() - + " to " + newRequestID); + String newInternalPendingRequestId = null; + try { + newInternalPendingRequestId = pendingReqIdGenerationStrategy.validateAndGetPendingRequestId(newRequestID); + + } catch (final PendingReqIdValidationException e) { + throw new EAAFException("internal.99", new Object[]{"Generate invalid pendingRequestId. Something looks WRONG"}, e); + + } + + String oldInternalRequestID = null; + try { + oldInternalRequestID = + pendingReqIdGenerationStrategy.validateAndGetPendingRequestId(pendingRequest.getPendingRequestId()); - ((RequestImpl)pendingRequest).setPendingRequestId(newRequestID); - transactionStorage.changeKey(oldRequestID, newRequestID, pendingRequest); + } catch (final PendingReqIdValidationException e) { + //it's no problem, because it must be valid before when pending-request was loaded and we change it now + oldInternalRequestID = e.getInvalidInternalPendingReqId(); + + } - //only delete oldRequestID, no change. + log.debug("Change pendingRequestID from " + pendingRequest.getPendingRequestId() + + " to " + newRequestID); + + transactionStorage.changeKey(oldInternalRequestID, newInternalPendingRequestId, pendingRequest); + //only delete oldRequestID, no change. return newRequestID; } else { log.error("PendingRequest object is not of type 'RequestImpl.class'"); throw new EAAFException("PendingRequest object is not of type 'RequestImpl.class'", null); + } } + + private IRequest getInternalPendingRequest(String internalPendingReqId) throws EAAFException { + final IRequest pendingRequest = transactionStorage.get(internalPendingReqId, IRequest.class); + if (pendingRequest == null) { + log.info("No PendingRequst found with pendingRequestID " + internalPendingReqId); + return null; + + } + + return pendingRequest; + + } } diff --git a/eaaf_core/src/main/java/at/gv/egiz/eaaf/core/impl/idp/controller/AbstractController.java b/eaaf_core/src/main/java/at/gv/egiz/eaaf/core/impl/idp/controller/AbstractController.java index 4e58868b..1da8036c 100644 --- a/eaaf_core/src/main/java/at/gv/egiz/eaaf/core/impl/idp/controller/AbstractController.java +++ b/eaaf_core/src/main/java/at/gv/egiz/eaaf/core/impl/idp/controller/AbstractController.java @@ -27,6 +27,7 @@ package at.gv.egiz.eaaf.core.impl.idp.controller; import java.io.IOException; + import javax.servlet.http.HttpServletRequest; import javax.servlet.http.HttpServletResponse; @@ -47,6 +48,7 @@ import at.gv.egiz.eaaf.core.api.idp.auth.services.IProtocolAuthenticationService import at.gv.egiz.eaaf.core.api.logging.IRevisionLogger; import at.gv.egiz.eaaf.core.api.storage.ITransactionStorage; import at.gv.egiz.eaaf.core.exceptions.EAAFException; +import at.gv.egiz.eaaf.core.exceptions.PendingReqIdValidationException; import at.gv.egiz.eaaf.core.exceptions.ProcessExecutionException; import at.gv.egiz.eaaf.core.exceptions.TaskExecutionException; import at.gv.egiz.eaaf.core.impl.utils.Random; @@ -105,7 +107,7 @@ public abstract class AbstractController { } protected void handleError(final String errorMessage, final Throwable exceptionThrown, - final HttpServletRequest req, final HttpServletResponse resp, final IRequest pendingReq) throws IOException, EAAFException { + final HttpServletRequest req, final HttpServletResponse resp, IRequest pendingReq) throws IOException, EAAFException { Throwable loggedException = null; final Throwable extractedException = extractOriginalExceptionFromProcessException(exceptionThrown); @@ -115,13 +117,17 @@ public abstract class AbstractController { //set original exception loggedException = ((TaskExecutionException) extractedException).getOriginalException(); - //use TaskExecutionException directly, if no Original Exeception is included - if (loggedException == null) - loggedException = exceptionThrown; - - } else + } else if (exceptionThrown instanceof PendingReqIdValidationException) { + log.trace("Find pendingRequestId validation exception. Looking for invalid pending-request ... "); + if (((PendingReqIdValidationException) exceptionThrown).getInvalidPendingReq() != null) + pendingReq = ((PendingReqIdValidationException) exceptionThrown).getInvalidPendingReq(); + + } + + //use TaskExecutionException directly, if no Original Exeception is included + if (loggedException == null) loggedException = exceptionThrown; - + try { //switch to protocol-finalize method to generate a protocol-specific error message diff --git a/eaaf_core/src/main/java/at/gv/egiz/eaaf/core/impl/idp/controller/protocols/RequestImpl.java b/eaaf_core/src/main/java/at/gv/egiz/eaaf/core/impl/idp/controller/protocols/RequestImpl.java index 527b79a1..5667fad7 100644 --- a/eaaf_core/src/main/java/at/gv/egiz/eaaf/core/impl/idp/controller/protocols/RequestImpl.java +++ b/eaaf_core/src/main/java/at/gv/egiz/eaaf/core/impl/idp/controller/protocols/RequestImpl.java @@ -41,6 +41,7 @@ import javax.servlet.http.HttpServletRequest; import org.apache.commons.lang3.StringUtils; import org.slf4j.Logger; import org.slf4j.LoggerFactory; +import org.springframework.lang.NonNull; import at.gv.egiz.eaaf.core.api.IRequest; import at.gv.egiz.eaaf.core.api.data.EAAFConstants; @@ -61,11 +62,11 @@ public abstract class RequestImpl implements IRequest, Serializable{ public static final String DATAID_REQUESTER_IP_ADDRESS = "reqestImpl_requesterIPAddr"; private static final long serialVersionUID = 1L; - + private String module = null; private String action = null; - private String pendingRequestId; + private String pendingRequestId = null; private String processInstanceId; private String internalSSOSessionId; @@ -92,7 +93,7 @@ public abstract class RequestImpl implements IRequest, Serializable{ private boolean needUserConsent = false; - private Map<String, Object> genericDataStorage = new HashMap<String, Object>(); + private final Map<String, Object> genericDataStorage = new HashMap<String, Object>(); @@ -100,10 +101,7 @@ public abstract class RequestImpl implements IRequest, Serializable{ * @throws ConfigurationException * */ - public final void initialize(HttpServletRequest req, IConfiguration authConfig) throws EAAFException { - //set pendingRequestId - pendingRequestId = Random.nextLongRandom(); - + public final void initialize(HttpServletRequest req, IConfiguration authConfig) throws EAAFException { //set unique transaction identifier for logging uniqueTransactionIdentifer = Random.nextLongRandom(); TransactionIDUtils.setTransactionId(uniqueTransactionIdentifer); @@ -113,12 +111,12 @@ public abstract class RequestImpl implements IRequest, Serializable{ //genericDataStorage.put(EAAFConstants.VALUE_SESSIONID, Random.nextLongRandom()); //check if End-Point is valid - String authURLString = HTTPUtils.extractAuthURLFromRequest(req); + final String authURLString = HTTPUtils.extractAuthURLFromRequest(req); URL authReqURL; try { authReqURL = new URL(authURLString); - } catch (MalformedURLException e) { + } catch (final MalformedURLException e) { log.error("IDP AuthenticationServiceURL Prefix is not a valid URL." + authURLString, e); throw new EAAFAuthenticationException("errorId", new Object[]{authURLString}, e); @@ -131,7 +129,7 @@ public abstract class RequestImpl implements IRequest, Serializable{ } //set unique session identifier - String uniqueID = (String) req.getAttribute(EAAFConstants.UNIQUESESSIONIDENTIFIER); + final String uniqueID = (String) req.getAttribute(EAAFConstants.UNIQUESESSIONIDENTIFIER); if (StringUtils.isNotEmpty(uniqueID)) this.uniqueSessionIdentifer = uniqueID; @@ -145,7 +143,7 @@ public abstract class RequestImpl implements IRequest, Serializable{ try { setRawDataToTransaction(DATAID_REQUESTER_IP_ADDRESS, req.getRemoteAddr()); - } catch (EAAFStorageException e) { + } catch (final EAAFStorageException e) { log.info("Can NOT store remote IP address into 'pendingRequest'." , e); } @@ -203,7 +201,11 @@ public abstract class RequestImpl implements IRequest, Serializable{ } @Override + @NonNull public final String getPendingRequestId() { + if (pendingRequestId == null) + throw new IllegalStateException("No PendingRequestId set!!!"); + return pendingRequestId; } @@ -333,6 +335,7 @@ public abstract class RequestImpl implements IRequest, Serializable{ return isAuthenticated; } + @Override public final void setAuthenticated(boolean isAuthenticated) { this.isAuthenticated = isAuthenticated; } @@ -341,6 +344,7 @@ public abstract class RequestImpl implements IRequest, Serializable{ public final boolean needSingleSignOnFunctionality() { return needSSO; } + @Override public final void setNeedSingleSignOnFunctionality(boolean needSSO) { this.needSSO = needSSO; @@ -352,6 +356,7 @@ public abstract class RequestImpl implements IRequest, Serializable{ } + @Override public final void setNeedUserConsent(boolean needConsent) { this.needUserConsent = needConsent; @@ -362,6 +367,7 @@ public abstract class RequestImpl implements IRequest, Serializable{ return this.isAbortedByUser; } + @Override public final void setAbortedByUser(boolean isAborted) { this.isAbortedByUser = isAborted; @@ -381,17 +387,18 @@ public abstract class RequestImpl implements IRequest, Serializable{ @Override public final <T> T getRawData(String key, final Class<T> clazz) { if (StringUtils.isNotEmpty(key)) { - Object data = genericDataStorage.get(key); + final Object data = genericDataStorage.get(key); if (data == null) return null; try { @SuppressWarnings("unchecked") + final T test = (T) data; return test; - } catch (Exception e) { + } catch (final Exception e) { log.warn("Generic request-data object can not be casted to requested type", e); return null; @@ -438,7 +445,7 @@ public abstract class RequestImpl implements IRequest, Serializable{ } //validate and store values - for (Entry<String, Object> el : map.entrySet()) + for (final Entry<String, Object> el : map.entrySet()) setRawDataToTransaction(el.getKey(), el.getValue()); } |