summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
-rw-r--r--eaaf_core/src/main/java/at/gv/egiz/eaaf/core/impl/idp/controller/protocols/RequestImpl.java65
-rw-r--r--eaaf_core/src/test/java/at/gv/egiz/eaaf/core/impl/idp/module/test/TestRequestImpl.java16
-rw-r--r--eaaf_core_api/src/main/java/at/gv/egiz/eaaf/core/api/IRequest.java10
-rw-r--r--eaaf_core_utils/src/main/java/at/gv/egiz/eaaf/core/impl/utils/TransactionIdUtils.java53
4 files changed, 133 insertions, 11 deletions
diff --git a/eaaf_core/src/main/java/at/gv/egiz/eaaf/core/impl/idp/controller/protocols/RequestImpl.java b/eaaf_core/src/main/java/at/gv/egiz/eaaf/core/impl/idp/controller/protocols/RequestImpl.java
index 5110d2bf..adc8774a 100644
--- a/eaaf_core/src/main/java/at/gv/egiz/eaaf/core/impl/idp/controller/protocols/RequestImpl.java
+++ b/eaaf_core/src/main/java/at/gv/egiz/eaaf/core/impl/idp/controller/protocols/RequestImpl.java
@@ -42,7 +42,6 @@ import at.gv.egiz.eaaf.core.exceptions.EaafException;
import at.gv.egiz.eaaf.core.exceptions.EaafStorageException;
import at.gv.egiz.eaaf.core.impl.idp.auth.data.AuthProcessDataWrapper;
import at.gv.egiz.eaaf.core.impl.utils.HttpUtils;
-import at.gv.egiz.eaaf.core.impl.utils.Random;
import at.gv.egiz.eaaf.core.impl.utils.TransactionIdUtils;
import org.apache.commons.lang3.StringUtils;
@@ -71,6 +70,7 @@ public abstract class RequestImpl implements IRequest, Serializable {
private String uniqueTransactionIdentifer;
private String uniqueSessionIdentifer;
+ private String uniquePiiTransactionIdentifier;
private String requestedServiceProviderIdentifer;
private String idpAuthUrl = null;
@@ -104,7 +104,22 @@ public abstract class RequestImpl implements IRequest, Serializable {
*/
public final void initialize(final HttpServletRequest req, final IConfigurationWithSP authConfig)
throws EaafException {
- initialize(req, authConfig, null);
+ initialize(req, authConfig, null, null);
+
+ }
+
+ /**
+ * Initialize this pendingRequest object.
+ *
+ * @param req {@link HttpServletRequest}
+ * @param authConfig {@link IConfiguration}
+ * @param transactionId Unique ID for technical log correlation that should be used in this pendingRequest
+ * @throws EaafException
+ *
+ */
+ public final void initialize(final HttpServletRequest req, final IConfigurationWithSP authConfig,
+ @Nullable final String transactionId) throws EaafException {
+ initialize(req, authConfig, transactionId, null);
}
@@ -113,25 +128,35 @@ public abstract class RequestImpl implements IRequest, Serializable {
*
* @param req {@link HttpServletRequest}
* @param authConfig {@link IConfiguration}
- * @param transactionId transactionId that should be used in this pendingRequest
+ * @param transactionId Unique ID for technical log correlation that should be used in this pendingRequest
+ * @param piiTransactionId Unique ID for PII data correlation that should be used in this pendingRequest
* for logging. If 'null' a new one will be generated
*
* @throws EaafException
*
*/
public final void initialize(@NonNull final HttpServletRequest req,
- @NonNull final IConfigurationWithSP authConfig, @Nullable final String transactionId)
+ @NonNull final IConfigurationWithSP authConfig, @Nullable final String transactionId,
+ @Nullable final String piiTransactionId)
throws EaafException {
// use external transactionId or create new one if empty or null
if (StringUtils.isNotEmpty(transactionId)) {
uniqueTransactionIdentifer = transactionId;
} else {
- uniqueTransactionIdentifer = Random.nextLongRandom();
+ uniqueTransactionIdentifer = UUID.randomUUID().toString();
}
// set unique transaction identifier for logging
TransactionIdUtils.setTransactionId(uniqueTransactionIdentifer);
+ // use external piiTransactionId or create new one if empty or null
+ if (StringUtils.isNotEmpty(piiTransactionId)) {
+ uniquePiiTransactionIdentifier = piiTransactionId;
+ } else {
+ uniquePiiTransactionIdentifier = UUID.randomUUID().toString();
+ }
+
+
// initialize session object
genericDataStorage.put(EaafConstants.AUTH_DATA_CREATED, new Date());
// genericDataStorage.put(EAAFConstants.VALUE_SESSIONID,
@@ -313,21 +338,51 @@ public abstract class RequestImpl implements IRequest, Serializable {
}
@Override
+ public final String getUniquePiiTransactionIdentifier() {
+ return uniquePiiTransactionIdentifier;
+ }
+
+ @Override
public final String getProcessInstanceId() {
return this.processInstanceId;
}
+ /**
+ * Set an unique transaction identifier to correlate technical logging
+ * in one single transaction.
+ *
+ * @param id Unique identifier
+ */
public final void setUniqueTransactionIdentifier(final String id) {
this.uniqueTransactionIdentifer = id;
}
+ /**
+ * Set an unique session identifier to correlate technical logging over a set of transactions,
+ * like SSO as one example.
+ *
+ * @param id Unique identifier
+ */
public final void setUniqueSessionIdentifier(final String id) {
this.uniqueSessionIdentifer = id;
}
+ /**
+ * Set an unique transaction identifier to correlate PII related data.
+ *
+ * <p>This identifier will be not used for technical logging.</p>
+ *
+ * @param id Unique identifier
+ */
+ public void setUniquePiiTransactionIdentifier(String id) {
+ this.uniquePiiTransactionIdentifier = id;
+
+ }
+
+
public void setProcessInstanceId(final String id) {
this.processInstanceId = id;
diff --git a/eaaf_core/src/test/java/at/gv/egiz/eaaf/core/impl/idp/module/test/TestRequestImpl.java b/eaaf_core/src/test/java/at/gv/egiz/eaaf/core/impl/idp/module/test/TestRequestImpl.java
index 656e8d29..8f8f8114 100644
--- a/eaaf_core/src/test/java/at/gv/egiz/eaaf/core/impl/idp/module/test/TestRequestImpl.java
+++ b/eaaf_core/src/test/java/at/gv/egiz/eaaf/core/impl/idp/module/test/TestRequestImpl.java
@@ -24,13 +24,13 @@ import java.lang.reflect.InvocationTargetException;
import java.util.HashMap;
import java.util.Map;
-import org.apache.commons.lang3.StringUtils;
-
import at.gv.egiz.eaaf.core.api.IRequest;
import at.gv.egiz.eaaf.core.api.idp.ISpConfiguration;
import at.gv.egiz.eaaf.core.exceptions.EaafStorageException;
import at.gv.egiz.eaaf.core.impl.idp.auth.data.AuthProcessDataWrapper;
+import org.apache.commons.lang3.StringUtils;
+
/**
* Test pending-request for jUnit tests.
*
@@ -49,6 +49,7 @@ public class TestRequestImpl implements IRequest {
private boolean authenticated;
private boolean needAuthentication = false;
private boolean stoppedByUser;
+ private String piiTransactionId;
/*
* (non-Javadoc)
@@ -139,6 +140,11 @@ public class TestRequestImpl implements IRequest {
return null;
}
+ @Override
+ public String getUniquePiiTransactionIdentifier() {
+ return this.piiTransactionId;
+ }
+
/*
* (non-Javadoc)
*
@@ -247,7 +253,7 @@ public class TestRequestImpl implements IRequest {
@Override
public boolean isAbortedByUser() {
return this.stoppedByUser;
-
+
}
/*
@@ -370,6 +376,10 @@ public class TestRequestImpl implements IRequest {
this.pendingReqId = pendingReqId;
}
+ public void setPiiTransactionId(String piiTransactionId) {
+ this.piiTransactionId = piiTransactionId;
+ }
+
public void setAuthUrl(final String authUrl) {
this.authUrl = authUrl;
}
diff --git a/eaaf_core_api/src/main/java/at/gv/egiz/eaaf/core/api/IRequest.java b/eaaf_core_api/src/main/java/at/gv/egiz/eaaf/core/api/IRequest.java
index dd18d04f..99541cd6 100644
--- a/eaaf_core_api/src/main/java/at/gv/egiz/eaaf/core/api/IRequest.java
+++ b/eaaf_core_api/src/main/java/at/gv/egiz/eaaf/core/api/IRequest.java
@@ -159,6 +159,16 @@ public interface IRequest extends Serializable {
*/
String getUniqueSessionIdentifier();
+
+ /**
+ * Holds a unique transaction identifier for PII related information,
+ * like DSGVO data.
+ * <br>
+ * <p><b>This transaction identifier SHALL NOT be used for technical log-correlation</b></p>
+ * @return
+ */
+ String getUniquePiiTransactionIdentifier();
+
/**
* Hold the identifier if the process instance, which is associated with this
* request.
diff --git a/eaaf_core_utils/src/main/java/at/gv/egiz/eaaf/core/impl/utils/TransactionIdUtils.java b/eaaf_core_utils/src/main/java/at/gv/egiz/eaaf/core/impl/utils/TransactionIdUtils.java
index d8976548..4cbcfa70 100644
--- a/eaaf_core_utils/src/main/java/at/gv/egiz/eaaf/core/impl/utils/TransactionIdUtils.java
+++ b/eaaf_core_utils/src/main/java/at/gv/egiz/eaaf/core/impl/utils/TransactionIdUtils.java
@@ -30,8 +30,19 @@ import at.gv.egiz.eaaf.core.api.IRequest;
public class TransactionIdUtils {
// MDC variables for logging
+ /**
+ * To correlate technical logs over one single transactions.
+ */
public static final String MDC_TRANSACTION_ID = "transactionId";
+
+ /**
+ * To correlate technical logs over a set of transactions, like SSO.
+ */
public static final String MDC_SESSION_ID = "sessionId";
+
+ /**
+ * Unique application identifier that is processed in this transaction.
+ */
public static final String MDC_SERVICEPROVIDER_ID = "oaId";
/**
@@ -59,34 +70,70 @@ public class TransactionIdUtils {
}
+ /**
+ * Set unique service-provider identifier for Logging purposes.
+ *
+ * @param oaUniqueId Unique application Id
+ */
public static void setServiceProviderId(final String oaUniqueId) {
org.slf4j.MDC.put(MDC_SERVICEPROVIDER_ID, oaUniqueId);
}
+ /**
+ * Remove service-provider identifier for Logging.
+ */
public static void removeServiceProviderId() {
org.slf4j.MDC.remove(MDC_SERVICEPROVIDER_ID);
}
- public static void setTransactionId(final String pendingRequestID) {
- org.slf4j.MDC.put(MDC_TRANSACTION_ID, "TID-" + pendingRequestID);
+ /**
+ * Get Id to correlate technical logs over one single transactions.
+ *
+ * @return Unique transaction Id
+ */
+ public static String getTransactionId() {
+ return org.slf4j.MDC.get(MDC_TRANSACTION_ID);
}
+ /**
+ * Set Id to correlate technical logs over one single transactions.
+ *
+ * @param transactionId Unique transaction Id
+ */
+ public static void setTransactionId(final String transactionId) {
+ org.slf4j.MDC.put(MDC_TRANSACTION_ID, transactionId);
+
+ }
+
+ /**
+ * Remove transactionId for Logging.
+ */
public static void removeTransactionId() {
org.slf4j.MDC.remove(MDC_TRANSACTION_ID);
}
+ /**
+ * Set Id to correlate technical logs over a set of transactions, like SSO.
+ *
+ * @param uniqueSessionId Unique Id
+ */
public static void setSessionId(final String uniqueSessionId) {
- org.slf4j.MDC.put(MDC_SESSION_ID, "SID-" + uniqueSessionId);
+ org.slf4j.MDC.put(MDC_SESSION_ID, uniqueSessionId);
}
+ /**
+ * Remove sessionId for Logging.
+ *
+ */
public static void removeSessionId() {
org.slf4j.MDC.remove(MDC_SESSION_ID);
}
+
}