diff options
author | Thomas Lenz <thomas.lenz@egiz.gv.at> | 2020-02-05 15:31:09 +0100 |
---|---|---|
committer | Thomas Lenz <thomas.lenz@egiz.gv.at> | 2020-02-05 15:31:09 +0100 |
commit | 8ebf6c4b08a008a96b4ac60167c26b48c30e97ce (patch) | |
tree | 0b55e8e57dcdfdb99a2bc72eab07a9429fc64af6 /eaaf_core | |
parent | 882789ecf04615abf8d5c80e3a0695d1cfc76fa0 (diff) | |
download | EAAF-Components-8ebf6c4b08a008a96b4ac60167c26b48c30e97ce.tar.gz EAAF-Components-8ebf6c4b08a008a96b4ac60167c26b48c30e97ce.tar.bz2 EAAF-Components-8ebf6c4b08a008a96b4ac60167c26b48c30e97ce.zip |
refactor generic error-handling to solve possible invalid error-response in SL2.0
Diffstat (limited to 'eaaf_core')
-rw-r--r-- | eaaf_core/src/main/java/at/gv/egiz/eaaf/core/impl/idp/controller/AbstractController.java | 120 |
1 files changed, 73 insertions, 47 deletions
diff --git a/eaaf_core/src/main/java/at/gv/egiz/eaaf/core/impl/idp/controller/AbstractController.java b/eaaf_core/src/main/java/at/gv/egiz/eaaf/core/impl/idp/controller/AbstractController.java index c09efc37..dd113907 100644 --- a/eaaf_core/src/main/java/at/gv/egiz/eaaf/core/impl/idp/controller/AbstractController.java +++ b/eaaf_core/src/main/java/at/gv/egiz/eaaf/core/impl/idp/controller/AbstractController.java @@ -21,16 +21,11 @@ package at.gv.egiz.eaaf.core.impl.idp.controller; import java.io.IOException; +import javax.annotation.Nonnull; +import javax.annotation.Nullable; import javax.servlet.http.HttpServletRequest; import javax.servlet.http.HttpServletResponse; -import org.apache.commons.text.StringEscapeUtils; -import org.slf4j.Logger; -import org.slf4j.LoggerFactory; -import org.springframework.beans.factory.annotation.Autowired; -import org.springframework.context.ApplicationContext; -import org.springframework.web.bind.annotation.ExceptionHandler; - import at.gv.egiz.components.eventlog.api.EventConstants; import at.gv.egiz.eaaf.core.api.IRequest; import at.gv.egiz.eaaf.core.api.IStatusMessenger; @@ -44,9 +39,17 @@ import at.gv.egiz.eaaf.core.exceptions.EaafException; import at.gv.egiz.eaaf.core.exceptions.PendingReqIdValidationException; import at.gv.egiz.eaaf.core.exceptions.ProcessExecutionException; import at.gv.egiz.eaaf.core.exceptions.TaskExecutionException; +import at.gv.egiz.eaaf.core.impl.data.Pair; import at.gv.egiz.eaaf.core.impl.utils.Random; import at.gv.egiz.eaaf.core.impl.utils.ServletUtils; +import org.apache.commons.text.StringEscapeUtils; +import org.slf4j.Logger; +import org.slf4j.LoggerFactory; +import org.springframework.beans.factory.annotation.Autowired; +import org.springframework.context.ApplicationContext; +import org.springframework.web.bind.annotation.ExceptionHandler; + /** * Basic application controller that implements core error-handling. * @@ -142,6 +145,65 @@ public abstract class AbstractController { final HttpServletRequest req, final HttpServletResponse resp, IRequest pendingReq) throws IOException, EaafException { + final Pair<IRequest, Throwable> errorToHandle = + exractExceptionThatShouldBeLogged(pendingReq, exceptionThrown); + + try { + final String errorKey = storeErrorAndGetErrorToken(errorToHandle); + + // build up redirect URL + final String redirectUrl = generateErrorRedirectUrl(req, errorKey); + resp.setContentType("text/html"); + resp.setStatus(302); + + resp.addHeader("Location", redirectUrl); + log.debug("REDIRECT TO: " + redirectUrl); + + return; + + } catch (final Exception e) { + log.warn("Default error-handling FAILED. Exception can not be stored ....", e); + log.info("Switch to generic generic backup error-handling ... "); + protAuthService.handleErrorNoRedirect(errorToHandle.getSecond(), req, resp, true); + + } + + } + + protected String generateErrorRedirectUrl(final HttpServletRequest req, String errorKey) { + String redirectUrl = null; + redirectUrl = ServletUtils.getBaseUrl(req); + redirectUrl += "/" + ProtocolFinalizationController.ENDPOINT_ERRORHANDLING + "?" + + EaafConstants.PARAM_HTTP_ERROR_CODE + "=" + errorKey; + return redirectUrl; + + } + + protected String storeErrorAndGetErrorToken(Pair<IRequest, Throwable> errorToHandle) throws EaafException { + // log error directly in debug mode + if (log.isDebugEnabled()) { + log.warn(errorToHandle.getSecond().getMessage(), errorToHandle.getSecond()); + } + + // put exception into transaction store for redirect + final String errorKey = Random.nextLongRandom(); + if (errorToHandle.getFirst() != null) { + revisionsLogger.logEvent(errorToHandle.getFirst(), EventConstants.TRANSACTION_ERROR); + transactionStorage.put(errorKey, new ExceptionContainer(errorToHandle.getFirst(), errorToHandle + .getSecond()), -1); + + } else { + transactionStorage.put(errorKey, new ExceptionContainer(null, errorToHandle.getSecond()), -1); + + } + + return errorKey; + + } + + @Nonnull + protected Pair<IRequest, Throwable> exractExceptionThatShouldBeLogged( + @Nullable IRequest pendingReq, @Nonnull Throwable exceptionThrown) { Throwable loggedException = null; final Throwable extractedException = extractOriginalExceptionFromProcessException(exceptionThrown); @@ -155,8 +217,10 @@ public abstract class AbstractController { } else if (exceptionThrown instanceof PendingReqIdValidationException) { log.trace( "Find pendingRequestId validation exception. Looking for invalid pending-request ... "); + if (((PendingReqIdValidationException) exceptionThrown).getInvalidPendingReq() != null) { pendingReq = ((PendingReqIdValidationException) exceptionThrown).getInvalidPendingReq(); + } } @@ -164,49 +228,11 @@ public abstract class AbstractController { // use TaskExecutionException directly, if no Original Exeception is included if (loggedException == null) { loggedException = exceptionThrown; - } - - try { - // switch to protocol-finalize method to generate a protocol-specific error - // message - - // log error directly in debug mode - if (log.isDebugEnabled()) { - log.warn(loggedException.getMessage(), loggedException); - } - - // put exception into transaction store for redirect - final String key = Random.nextLongRandom(); - if (pendingReq != null) { - revisionsLogger.logEvent(pendingReq, EventConstants.TRANSACTION_ERROR); - transactionStorage.put(key, new ExceptionContainer(pendingReq, loggedException), -1); - - } else { - transactionStorage.put(key, new ExceptionContainer(null, loggedException), -1); - - } - - // build up redirect URL - String redirectUrl = null; - redirectUrl = ServletUtils.getBaseUrl(req); - redirectUrl += "/" + ProtocolFinalizationController.ENDPOINT_ERRORHANDLING + "?" - + EaafConstants.PARAM_HTTP_ERROR_CODE + "=" + key; - - resp.setContentType("text/html"); - resp.setStatus(302); - - resp.addHeader("Location", redirectUrl); - log.debug("REDIRECT TO: " + redirectUrl); - - return; - - } catch (final Exception e) { - log.warn("Default error-handling FAILED. Exception can not be stored ....", e); - log.info("Switch to generic generic backup error-handling ... "); - protAuthService.handleErrorNoRedirect(loggedException, req, resp, true); } + return Pair.newInstance(pendingReq, loggedException); + } /** |