refactor EAAF core to split API and Implementation

2 files changed, 37 insertions, 33 deletions

diff --git a/eaaf_modules/eaaf_module_auth_sl20/src/main/java/at/gv/egiz/eaaf/modules/auth/sl20/tasks/AbstractCreateQualeIDRequestTask.java b/eaaf_modules/eaaf_module_auth_sl20/src/main/java/at/gv/egiz/eaaf/modules/auth/sl20/tasks/AbstractCreateQualeIDRequestTask.java
index 337002c5..3890aaac 100644
--- a/eaaf_modules/eaaf_module_auth_sl20/src/main/java/at/gv/egiz/eaaf/modules/auth/sl20/tasks/AbstractCreateQualeIDRequestTask.java
+++ b/eaaf_modules/eaaf_module_auth_sl20/src/main/java/at/gv/egiz/eaaf/modules/auth/sl20/tasks/AbstractCreateQualeIDRequestTask.java
@@ -1,9 +1,7 @@
 package at.gv.egiz.eaaf.modules.auth.sl20.tasks;
 
 import java.security.cert.CertificateEncodingException;
-import java.security.cert.X509Certificate;
 import java.util.ArrayList;
-import java.util.HashMap;
 import java.util.List;
 import java.util.Map;
 
@@ -25,13 +23,11 @@ import org.springframework.beans.factory.annotation.Autowired;
 import com.fasterxml.jackson.databind.JsonNode;
 import com.fasterxml.jackson.databind.node.ObjectNode;
 
-import at.gv.egiz.eaaf.core.api.idp.IConfiguration;
 import at.gv.egiz.eaaf.core.api.idp.ISPConfiguration;
 import at.gv.egiz.eaaf.core.api.idp.process.ExecutionContext;
 import at.gv.egiz.eaaf.core.exceptions.EAAFAuthenticationException;
 import at.gv.egiz.eaaf.core.exceptions.TaskExecutionException;
 import at.gv.egiz.eaaf.core.impl.idp.auth.modules.AbstractAuthServletTask;
-import at.gv.egiz.eaaf.core.impl.utils.DataURLBuilder;
 import at.gv.egiz.eaaf.core.impl.utils.HttpClientFactory;
 import at.gv.egiz.eaaf.core.impl.utils.KeyValueUtils;
 import at.gv.egiz.eaaf.core.impl.utils.Random;
@@ -42,7 +38,6 @@ import at.gv.egiz.eaaf.modules.auth.sl20.data.VerificationResult;
 import at.gv.egiz.eaaf.modules.auth.sl20.exceptions.SL20Exception;
 import at.gv.egiz.eaaf.modules.auth.sl20.exceptions.SLCommandoBuildException;
 import at.gv.egiz.eaaf.modules.auth.sl20.exceptions.SLCommandoParserException;
-import at.gv.egiz.eaaf.modules.auth.sl20.utils.IJOSETools;
 import at.gv.egiz.eaaf.modules.auth.sl20.utils.SL20Constants;
 import at.gv.egiz.eaaf.modules.auth.sl20.utils.SL20HttpBindingUtils;
 import at.gv.egiz.eaaf.modules.auth.sl20.utils.SL20JSONBuilderUtils;
@@ -51,8 +46,6 @@ import at.gv.egiz.eaaf.modules.auth.sl20.utils.SL20JSONExtractorUtils;
 public abstract class AbstractCreateQualeIDRequestTask extends AbstractAuthServletTask {
 	private static final Logger log = LoggerFactory.getLogger(AbstractCreateQualeIDRequestTask.class);
 	
-	@Autowired(required=true) private IJOSETools joseTools;
-	@Autowired(required=true) private IConfiguration basicConfig;
 	@Autowired(required=true) private HttpClientFactory httpClientFactory;
 	
 	@Override 
@@ -65,28 +58,29 @@ public abstract class AbstractCreateQualeIDRequestTask extends AbstractAuthServl
 			
 			try {
 				//get service-provider configuration
-				ISPConfiguration oaConfig = pendingReq.getServiceProviderConfiguration();
+				final ISPConfiguration oaConfig = pendingReq.getServiceProviderConfiguration();
 				
 				//get basic configuration parameters
-				String vdaQualeIDUrl = extractVDAURLForSpecificOA(oaConfig, executionContext);				
+				final String vdaQualeIDUrl = extractVDAURLForSpecificOA(oaConfig, executionContext);				
 				if (StringUtils.isEmpty(vdaQualeIDUrl)) {
 					log.error("NO VDA URL for qualified eID (" + Constants.CONFIG_PROP_VDA_ENDPOINT_QUALeID_DEFAULT + ")");
 					throw new SL20Exception("sl20.03", new Object[]{"NO VDA URL for qualified eID"});
 					
 				}
 				
+				log.debug("Use {} as VDA end-point") ;
 				revisionsLogger.logEvent(pendingReq, EventCodes.AUTHPROCESS_SL20_ENDPOINT_URL, vdaQualeIDUrl);
 						
 				//create SL2.0 command for qualified eID
-				String signedQualeIDCommand = buildSignedQualifiedEIDCommand();
+				final String signedQualeIDCommand = buildSignedQualifiedEIDCommand();
 						
 				//build request container
-				String qualeIDReqId = Random.nextProcessReferenceValue();
-				ObjectNode sl20Req = SL20JSONBuilderUtils.createGenericRequest(qualeIDReqId, null, null, signedQualeIDCommand);
+				final String qualeIDReqId = Random.nextProcessReferenceValue();
+				final ObjectNode sl20Req = SL20JSONBuilderUtils.createGenericRequest(qualeIDReqId, null, null, signedQualeIDCommand);
 				
 				//build http POST request
-				HttpPost httpReq = new HttpPost(new URIBuilder(vdaQualeIDUrl).build());								
-				List<NameValuePair> parameters = new ArrayList<NameValuePair>();;
+				final HttpPost httpReq = new HttpPost(new URIBuilder(vdaQualeIDUrl).build());								
+				final List<NameValuePair> parameters = new ArrayList<NameValuePair>();;
 				parameters.add(new BasicNameValuePair(SL20Constants.PARAM_SL20_REQ_COMMAND_PARAM, Base64Url.encode(sl20Req.toString().getBytes())));
 				httpReq.setEntity(new UrlEncodedFormEntity(parameters ));				
 				
@@ -101,29 +95,29 @@ public abstract class AbstractCreateQualeIDRequestTask extends AbstractAuthServl
 				log.trace("Request VDA via SL20 with: " + Base64Url.encode(sl20Req.toString().getBytes()));
 				
 				//request VDA
-				HttpResponse httpResp = httpClientFactory.getHttpClient().execute(httpReq);
+				final HttpResponse httpResp = httpClientFactory.getHttpClient().execute(httpReq);
 								
 				//parse response
 				log.info("Receive response from VDA ... ");
-				JsonNode sl20Resp = SL20JSONExtractorUtils.getSL20ContainerFromResponse(httpResp);
-				VerificationResult respPayloadContainer = SL20JSONExtractorUtils.extractSL20PayLoad(sl20Resp, null, false);
+				final JsonNode sl20Resp = SL20JSONExtractorUtils.getSL20ContainerFromResponse(httpResp);
+				final VerificationResult respPayloadContainer = SL20JSONExtractorUtils.extractSL20PayLoad(sl20Resp, null, false);
 				
 				if (respPayloadContainer.isValidSigned() == null) {
 					log.debug("Receive unsigned payLoad from VDA");
 					
 				}
 				
-				JsonNode respPayload = respPayloadContainer.getPayload();
+				final JsonNode respPayload = respPayloadContainer.getPayload();
 				if (respPayload.get(SL20Constants.SL20_COMMAND_CONTAINER_NAME).asText()
 						.equals(SL20Constants.SL20_COMMAND_IDENTIFIER_REDIRECT)) {
 					log.debug("Find 'redirect' command in VDA response ... ");									
-					JsonNode params = SL20JSONExtractorUtils.getJSONObjectValue(respPayload, SL20Constants.SL20_COMMAND_CONTAINER_PARAMS, true);					
-					String redirectURL = SL20JSONExtractorUtils.getStringValue(params, SL20Constants.SL20_COMMAND_PARAM_GENERAL_REDIRECT_URL, true);									
-					JsonNode command = SL20JSONExtractorUtils.getJSONObjectValue(params, SL20Constants.SL20_COMMAND_PARAM_GENERAL_REDIRECT_COMMAND, false);
-					String signedCommand = SL20JSONExtractorUtils.getStringValue(params, SL20Constants.SL20_COMMAND_PARAM_GENERAL_REDIRECT_SIGNEDCOMMAND, false);					
+					final JsonNode params = SL20JSONExtractorUtils.getJSONObjectValue(respPayload, SL20Constants.SL20_COMMAND_CONTAINER_PARAMS, true);					
+					final String redirectURL = SL20JSONExtractorUtils.getStringValue(params, SL20Constants.SL20_COMMAND_PARAM_GENERAL_REDIRECT_URL, true);									
+					final JsonNode command = SL20JSONExtractorUtils.getJSONObjectValue(params, SL20Constants.SL20_COMMAND_PARAM_GENERAL_REDIRECT_COMMAND, false);
+					final String signedCommand = SL20JSONExtractorUtils.getStringValue(params, SL20Constants.SL20_COMMAND_PARAM_GENERAL_REDIRECT_SIGNEDCOMMAND, false);					
 
 					//create forward SL2.0 command
-					ObjectNode sl20Forward = sl20Resp.deepCopy();					
+					final ObjectNode sl20Forward = sl20Resp.deepCopy();					
 					SL20JSONBuilderUtils.addOnlyOnceOfTwo(sl20Forward, 
 							SL20Constants.SL20_PAYLOAD, SL20Constants.SL20_SIGNEDPAYLOAD, 
 							command.deepCopy(), signedCommand);
@@ -143,8 +137,8 @@ public abstract class AbstractCreateQualeIDRequestTask extends AbstractAuthServl
 					if (result  == null)
 						result = SL20JSONExtractorUtils.getJSONObjectValue(respPayload, SL20Constants.SL20_COMMAND_CONTAINER_PARAMS, false);
 					
-					String errorCode = SL20JSONExtractorUtils.getStringValue(result, SL20Constants.SL20_COMMAND_PARAM_GENERAL_RESPONSE_ERRORCODE, true);
-					String errorMsg = SL20JSONExtractorUtils.getStringValue(result, SL20Constants.SL20_COMMAND_PARAM_GENERAL_RESPONSE_ERRORMESSAGE, true);
+					final String errorCode = SL20JSONExtractorUtils.getStringValue(result, SL20Constants.SL20_COMMAND_PARAM_GENERAL_RESPONSE_ERRORCODE, true);
+					final String errorMsg = SL20JSONExtractorUtils.getStringValue(result, SL20Constants.SL20_COMMAND_PARAM_GENERAL_RESPONSE_ERRORMESSAGE, true);
 					
 					log.info("Receive SL2.0 error. Code:" + errorCode + " Msg:" + errorMsg);
 					throw new SL20Exception("sl20.08", new Object[]{errorCode, errorMsg});
@@ -156,10 +150,10 @@ public abstract class AbstractCreateQualeIDRequestTask extends AbstractAuthServl
 				}
 				
 				
-			} catch (EAAFAuthenticationException  e) {
+			} catch (final EAAFAuthenticationException  e) {
 				throw new TaskExecutionException(pendingReq, "SL2.0 Authentication FAILED. Msg: " + e.getMessage(), e);
 				
-			} catch (Exception e) {
+			} catch (final Exception e) {
 				log.warn("SL2.0 Authentication FAILED with a generic error.", e);
 				throw new TaskExecutionException(pendingReq, e.getMessage(), e);
 				
@@ -187,9 +181,9 @@ public abstract class AbstractCreateQualeIDRequestTask extends AbstractAuthServl
 		
 		//TODO: fully remove if not required any more
 		//String spSpecificVDAEndpoints = oaConfig.getConfigurationValue(MOAIDConfigurationConstants.SERVICE_AUTH_SL20_ENDPOINTS);		
-		String spSpecificVDAEndpoints = null;
+		final String spSpecificVDAEndpoints = null;
 		
-		Map<String, String> endPointMap = authConfig.getBasicMOAIDConfigurationWithPrefix(Constants.CONFIG_PROP_VDA_ENDPOINT_QUALeID_LIST);
+		final Map<String, String> endPointMap = authConfig.getBasicMOAIDConfigurationWithPrefix(Constants.CONFIG_PROP_VDA_ENDPOINT_QUALeID_LIST);
 		if (StringUtils.isNotEmpty(spSpecificVDAEndpoints)) {
 			endPointMap.putAll(KeyValueUtils.convertListToMap(
 							KeyValueUtils.getListOfCSVValues(
@@ -201,9 +195,9 @@ public abstract class AbstractCreateQualeIDRequestTask extends AbstractAuthServl
 		log.trace("Find #" + endPointMap.size() + " SL2.0 endpoints ... ");
 		
 		//selection based on request Header
-		String sl20VDATypeHeader = (String)  executionContext.get(SL20Constants.HTTP_HEADER_SL20_VDA_TYPE.toLowerCase());
+		final String sl20VDATypeHeader = (String)  executionContext.get(SL20Constants.HTTP_HEADER_SL20_VDA_TYPE.toLowerCase());
 		if (StringUtils.isNotEmpty(sl20VDATypeHeader)) {
-			String vdaURL = endPointMap.get(sl20VDATypeHeader);
+			final String vdaURL = endPointMap.get(sl20VDATypeHeader);
 			if (StringUtils.isNotEmpty(vdaURL))
 				return vdaURL.trim();
 			
diff --git a/eaaf_modules/eaaf_module_auth_sl20/src/main/java/at/gv/egiz/eaaf/modules/auth/sl20/utils/SL20JSONExtractorUtils.java b/eaaf_modules/eaaf_module_auth_sl20/src/main/java/at/gv/egiz/eaaf/modules/auth/sl20/utils/SL20JSONExtractorUtils.java
index 524c9e80..a5e5a3dc 100644
--- a/eaaf_modules/eaaf_module_auth_sl20/src/main/java/at/gv/egiz/eaaf/modules/auth/sl20/utils/SL20JSONExtractorUtils.java
+++ b/eaaf_modules/eaaf_module_auth_sl20/src/main/java/at/gv/egiz/eaaf/modules/auth/sl20/utils/SL20JSONExtractorUtils.java
@@ -307,8 +307,18 @@ public class SL20JSONExtractorUtils {
 					(httpResp.getStatusLine().getStatusCode() == 401) || 
 					(httpResp.getStatusLine().getStatusCode() == 400) ) {
 				log.info("SL20 response with http-code: " + httpResp.getStatusLine().getStatusCode() 
-						+ ". Search for error message");				
-				sl20Resp = parseSL20ResultFromResponse(httpResp.getEntity());
+						+ ". Search for error message");
+				
+				try {
+					sl20Resp = parseSL20ResultFromResponse(httpResp.getEntity());
+					
+				} catch (final Exception e) {
+					log.warn("SL20 response contains no valid JSON", e);
+					throw new SLCommandoParserException("SL20 response with http-code: " + httpResp.getStatusLine().getStatusCode() 
+							+ " AND NO valid JSON errormsg", e);
+					
+				}
+							
 				
 				
 			} else