summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
-rw-r--r--eaaf_core/src/main/java/at/gv/egiz/eaaf/core/impl/idp/auth/services/ProtocolAuthenticationService.java142
-rw-r--r--eaaf_core_api/src/main/java/at/gv/egiz/eaaf/core/api/idp/auth/services/IProtocolAuthenticationService.java10
-rw-r--r--eaaf_modules/eaaf_module_auth_sl20/src/main/java/at/gv/egiz/eaaf/modules/auth/sl20/tasks/AbstractReceiveQualEidTask.java25
3 files changed, 89 insertions, 88 deletions
diff --git a/eaaf_core/src/main/java/at/gv/egiz/eaaf/core/impl/idp/auth/services/ProtocolAuthenticationService.java b/eaaf_core/src/main/java/at/gv/egiz/eaaf/core/impl/idp/auth/services/ProtocolAuthenticationService.java
index 72fa1faf..98149957 100644
--- a/eaaf_core/src/main/java/at/gv/egiz/eaaf/core/impl/idp/auth/services/ProtocolAuthenticationService.java
+++ b/eaaf_core/src/main/java/at/gv/egiz/eaaf/core/impl/idp/auth/services/ProtocolAuthenticationService.java
@@ -22,9 +22,9 @@ package at.gv.egiz.eaaf.core.impl.idp.auth.services;
import java.io.IOException;
import java.io.PrintWriter;
import java.io.StringWriter;
-import java.util.Arrays;
-import java.util.List;
+import java.util.HashSet;
+import javax.annotation.PostConstruct;
import javax.naming.ConfigurationException;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
@@ -41,6 +41,7 @@ import at.gv.egiz.eaaf.core.api.gui.ModifyableGuiBuilderConfiguration;
import at.gv.egiz.eaaf.core.api.idp.IAction;
import at.gv.egiz.eaaf.core.api.idp.IAuthData;
import at.gv.egiz.eaaf.core.api.idp.IAuthenticationDataBuilder;
+import at.gv.egiz.eaaf.core.api.idp.IConfiguration;
import at.gv.egiz.eaaf.core.api.idp.IModulInfo;
import at.gv.egiz.eaaf.core.api.idp.ISpConfiguration;
import at.gv.egiz.eaaf.core.api.idp.auth.IAuthenticationManager;
@@ -63,6 +64,7 @@ import at.gv.egiz.eaaf.core.impl.gui.AbstractGuiFormBuilderConfiguration;
import at.gv.egiz.eaaf.core.impl.http.HttpUtils;
import at.gv.egiz.eaaf.core.impl.idp.controller.ProtocolFinalizationController;
import at.gv.egiz.eaaf.core.impl.idp.controller.protocols.RequestImpl;
+import at.gv.egiz.eaaf.core.impl.utils.KeyValueUtils;
import at.gv.egiz.eaaf.core.impl.utils.ServletUtils;
import org.apache.commons.lang3.ArrayUtils;
@@ -80,8 +82,9 @@ import org.springframework.stereotype.Service;
public class ProtocolAuthenticationService implements IProtocolAuthenticationService {
private static final Logger log = LoggerFactory.getLogger(ProtocolAuthenticationService.class);
- private static final List<String> ERROR_LOGGER_ON_INFO_LEVEL =
- Arrays.asList(IStatusMessenger.CODES_INTERNAL_ERROR_AUTH_USERSTOP);
+ private static final String CONFIG_PROP_LOGGER_ON_INFO_LEVEL =
+ "core.logging.level.info.errorcodes";
+ private static final String TECH_LOG_MSG = "errorCode={} Message={}";
@Autowired(required = true)
private ApplicationContext applicationContext;
@@ -97,6 +100,7 @@ public class ProtocolAuthenticationService implements IProtocolAuthenticationSer
private IRequestStorage requestStorage;
@Autowired(required = true)
IPendingRequestIdGenerationStrategy pendingReqIdGenerationStrategy;
+ @Autowired private IConfiguration basicConfig;
@Autowired(required = false)
private ISsoManager ssoManager;
@@ -107,6 +111,8 @@ public class ProtocolAuthenticationService implements IProtocolAuthenticationSer
private IGuiFormBuilder guiBuilder;
+ private final HashSet<String> logOnInfoLevel = new HashSet<>();
+
/*
* (non-Javadoc)
*
@@ -170,7 +176,7 @@ public class ProtocolAuthenticationService implements IProtocolAuthenticationSer
@Override
public void finalizeAuthentication(final HttpServletRequest req, final HttpServletResponse resp,
final IRequest pendingReq) throws EaafException, IOException {
- log.debug("Finalize PendingRequest with ID " + pendingReq.getPendingRequestId());
+ log.debug("Finalize PendingRequest with ID={} ", pendingReq.getPendingRequestId());
try {
// check if pending-request has 'abortedByUser' flag set
@@ -204,7 +210,7 @@ public class ProtocolAuthenticationService implements IProtocolAuthenticationSer
}
} catch (final Exception e) {
- log.error("Finalize authentication protocol FAILED.", e);
+ log.info("Finalize authentication protocol FAILED. Reason: {}", e.getMessage());
buildProtocolSpecificErrorResponse(e, req, resp, pendingReq);
} finally {
@@ -227,7 +233,7 @@ public class ProtocolAuthenticationService implements IProtocolAuthenticationSer
if (clazz == null || !IModulInfo.class.isAssignableFrom(clazz)) {
log.error(
"Requested protocol module Class is NULL or does not implement the IModulInfo interface.");
- throw new Exception(
+ throw new ClassCastException(
"Requested protocol module Class is NULL or does not implement the IModulInfo interface.");
}
@@ -246,8 +252,6 @@ public class ProtocolAuthenticationService implements IProtocolAuthenticationSer
revisionsLogger.logEvent(protocolRequest, EventConstants.TRANSACTION_ERROR,
protocolRequest.getUniqueTransactionIdentifier());
- return;
-
} else {
handleErrorNoRedirect(throwable, req, resp, true);
@@ -302,29 +306,9 @@ public class ProtocolAuthenticationService implements IProtocolAuthenticationSer
resp.setContentType("text/html");
resp.setStatus(302);
resp.addHeader("Location", redirectUrl);
- log.debug("REDIRECT TO: " + redirectUrl);
-
- }
- }
-
- private IGuiBuilderConfiguration evaluateRequiredErrorHandlingMethod(IRequest first, String errorId) {
- if (first != null && first.isProcessInIframe()) {
- return guiConfigFactory.getDefaultIFrameParentHopGui(first,
- "/" + ProtocolFinalizationController.ENDPOINT_ERRORHANDLING,
- errorId);
+ log.debug("REDIRECT TO: {}", redirectUrl);
}
-
- return null;
- }
-
- private String generateErrorRedirectUrl(final HttpServletRequest req, String errorKey) {
- String redirectUrl = null;
- redirectUrl = ServletUtils.getBaseUrl(req);
- redirectUrl += "/" + ProtocolFinalizationController.ENDPOINT_ERRORHANDLING + "?"
- + EaafConstants.PARAM_HTTP_ERROR_CODE + "=" + errorKey;
- return redirectUrl;
-
}
public void setGuiBuilder(final IGuiFormBuilder guiBuilder) {
@@ -391,6 +375,40 @@ public class ProtocolAuthenticationService implements IProtocolAuthenticationSer
}
/**
+ * Write a Exception to the MOA-ID-Auth internal technical log.
+ *
+ * @param loggedException Exception to log
+ */
+ protected void logExceptionToTechnicalLog(final Throwable loggedException) {
+ if (!(loggedException instanceof EaafException
+ || loggedException instanceof ProcessExecutionException)) {
+ log.error(TECH_LOG_MSG, IStatusMessenger.CODES_INTERNAL_ERROR_GENERIC,
+ loggedException.getMessage(), loggedException);
+
+ } else {
+ if (loggedException instanceof EaafException
+ && logOnInfoLevel.contains(((EaafException) loggedException).getErrorId())) {
+ log.info(TECH_LOG_MSG, ((EaafException) loggedException).getErrorId(),
+ loggedException.getMessage(), loggedException);
+
+ } else {
+ log.warn(TECH_LOG_MSG, ((EaafException) loggedException).getErrorId(),
+ loggedException.getMessage(), loggedException);
+
+ }
+ }
+ }
+
+ @PostConstruct
+ private void initializer() {
+ log.trace("Initializing {} ...", ProtocolAuthenticationService.class.getName());
+ logOnInfoLevel.addAll(KeyValueUtils.getListOfCsvValues(
+ basicConfig.getBasicConfiguration(CONFIG_PROP_LOGGER_ON_INFO_LEVEL)));
+ log.info("Set errorCodes={} to LogLevel:INFO", String.join(",", logOnInfoLevel));
+
+ }
+
+ /**
* Executes the requested protocol action.
*
* @param httpReq HttpServletRequest
@@ -411,7 +429,7 @@ public class ProtocolAuthenticationService implements IProtocolAuthenticationSer
if (clazz == null || !IAction.class.isAssignableFrom(clazz)) {
log.error(
"Requested protocol-action processing Class is NULL or does not implement the IAction interface.");
- throw new Exception(
+ throw new ClassCastException(
"Requested protocol-action processing Class is NULL or does not implement the IAction interface.");
}
@@ -422,50 +440,16 @@ public class ProtocolAuthenticationService implements IProtocolAuthenticationSer
} catch (final ClassNotFoundException e) {
log.error(
"Requested Auth. protocol processing Class is NULL or does not implement the IAction interface.");
- throw new Exception(
- "Requested Auth. protocol processing Class is NULL or does not implement the IAction interface.");
+ throw new ClassNotFoundException(
+ "Requested Auth. protocol processing Class is NULL or does not implement the IAction interface.", e);
}
}
- /**
- * Write a Exception to the MOA-ID-Auth internal technical log.
- *
- * @param loggedException Exception to log
- */
- protected void logExceptionToTechnicalLog(final Throwable loggedException) {
- if (!(loggedException instanceof EaafException
- || loggedException instanceof ProcessExecutionException)) {
- log.error("Receive an internal error: Message=" + loggedException.getMessage(),
- loggedException);
-
- } else {
- if (loggedException instanceof EaafAuthenticationException && ERROR_LOGGER_ON_INFO_LEVEL
- .contains(((EaafAuthenticationException) loggedException).getErrorId())) {
- if (log.isDebugEnabled() || log.isTraceEnabled()) {
- log.info(loggedException.getMessage(), loggedException);
-
- } else {
- log.info(loggedException.getMessage());
-
- }
-
- } else {
- if (log.isDebugEnabled() || log.isTraceEnabled()) {
- log.warn(loggedException.getMessage(), loggedException);
-
- } else {
- log.warn(loggedException.getMessage());
-
- }
- }
- }
- }
-
private void writeHtmlErrorResponse(@NonNull final HttpServletRequest httpReq,
@NonNull final HttpServletResponse httpResp, @NonNull final String msg,
@NonNull final String errorCode, @Nullable final Object[] params,
- @NonNull final Exception error) throws IOException, EaafException {
+ @NonNull final Exception error) throws EaafException {
try {
final IGuiBuilderConfiguration config =
@@ -543,13 +527,11 @@ public class ProtocolAuthenticationService implements IProtocolAuthenticationSer
}
// write error message
- // writeBadRequestErrorResponse(req, resp, (EAAFException) e);
writeHtmlErrorResponse(req, resp, e.getMessage(), statusMessager.getResponseErrorCode(e),
null, e);
} else if (e instanceof InvalidProtocolRequestException) {
// send error response
- // writeBadRequestErrorResponse(req, resp, (EAAFException) e);
writeHtmlErrorResponse(req, resp, e.getMessage(), statusMessager.getResponseErrorCode(e),
null, e);
@@ -572,4 +554,24 @@ public class ProtocolAuthenticationService implements IProtocolAuthenticationSer
}
+ private IGuiBuilderConfiguration evaluateRequiredErrorHandlingMethod(IRequest first, String errorId) {
+ if (first != null && first.isProcessInIframe()) {
+ return guiConfigFactory.getDefaultIFrameParentHopGui(first,
+ "/" + ProtocolFinalizationController.ENDPOINT_ERRORHANDLING,
+ errorId);
+
+ }
+
+ return null;
+ }
+
+ private String generateErrorRedirectUrl(final HttpServletRequest req, String errorKey) {
+ String redirectUrl = null;
+ redirectUrl = ServletUtils.getBaseUrl(req);
+ redirectUrl += "/" + ProtocolFinalizationController.ENDPOINT_ERRORHANDLING + "?"
+ + EaafConstants.PARAM_HTTP_ERROR_CODE + "=" + errorKey;
+ return redirectUrl;
+
+ }
+
}
diff --git a/eaaf_core_api/src/main/java/at/gv/egiz/eaaf/core/api/idp/auth/services/IProtocolAuthenticationService.java b/eaaf_core_api/src/main/java/at/gv/egiz/eaaf/core/api/idp/auth/services/IProtocolAuthenticationService.java
index d1d68c2d..2c0fe55f 100644
--- a/eaaf_core_api/src/main/java/at/gv/egiz/eaaf/core/api/idp/auth/services/IProtocolAuthenticationService.java
+++ b/eaaf_core_api/src/main/java/at/gv/egiz/eaaf/core/api/idp/auth/services/IProtocolAuthenticationService.java
@@ -96,16 +96,16 @@ public interface IProtocolAuthenticationService {
/**
* Forward the process to error-handler in case of an error.
- *
+ *
* @param errorToHandle Error to handle
* @param errorKey ErrorId for error-handler
* @param req HTTP response
* @param resp HTTP response
* @throws GuiBuildException In case of an GUI generation error
*/
- void forwardToErrorHandler(Pair<IRequest, Throwable> errorToHandle, String errorKey,
+ void forwardToErrorHandler(Pair<IRequest, Throwable> errorToHandle, String errorKey,
HttpServletRequest req, HttpServletResponse resp) throws GuiBuildException;
-
-
-
+
+
+
}
diff --git a/eaaf_modules/eaaf_module_auth_sl20/src/main/java/at/gv/egiz/eaaf/modules/auth/sl20/tasks/AbstractReceiveQualEidTask.java b/eaaf_modules/eaaf_module_auth_sl20/src/main/java/at/gv/egiz/eaaf/modules/auth/sl20/tasks/AbstractReceiveQualEidTask.java
index 4786ff39..7591b3bd 100644
--- a/eaaf_modules/eaaf_module_auth_sl20/src/main/java/at/gv/egiz/eaaf/modules/auth/sl20/tasks/AbstractReceiveQualEidTask.java
+++ b/eaaf_modules/eaaf_module_auth_sl20/src/main/java/at/gv/egiz/eaaf/modules/auth/sl20/tasks/AbstractReceiveQualEidTask.java
@@ -6,15 +6,6 @@ import java.util.Map;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
-import org.apache.commons.lang3.StringUtils;
-import org.jose4j.base64url.Base64Url;
-import org.slf4j.Logger;
-import org.slf4j.LoggerFactory;
-import org.springframework.beans.factory.annotation.Autowired;
-
-import com.fasterxml.jackson.core.JsonParseException;
-import com.fasterxml.jackson.databind.JsonNode;
-
import at.gv.egiz.eaaf.core.api.idp.process.ExecutionContext;
import at.gv.egiz.eaaf.core.exceptions.EaafAuthenticationException;
import at.gv.egiz.eaaf.core.exceptions.EaafStorageException;
@@ -36,6 +27,15 @@ import at.gv.egiz.eaaf.modules.auth.sl20.utils.SL20Constants;
import at.gv.egiz.eaaf.modules.auth.sl20.utils.SL20JsonExtractorUtils;
import at.gv.egiz.eaaf.modules.auth.sl20.utils.SL20ResponseUtils;
+import org.apache.commons.lang3.StringUtils;
+import org.jose4j.base64url.Base64Url;
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
+import org.springframework.beans.factory.annotation.Autowired;
+
+import com.fasterxml.jackson.core.JsonParseException;
+import com.fasterxml.jackson.databind.JsonNode;
+
public abstract class AbstractReceiveQualEidTask extends AbstractAuthServletTask {
private static final Logger log = LoggerFactory.getLogger(AbstractReceiveQualEidTask.class);
@@ -117,7 +117,7 @@ public abstract class AbstractReceiveQualEidTask extends AbstractAuthServletTask
log.debug("VDA provides an optional sessionId. Inject it to internal error-holder ");
ex.setVdaSessionId(vdaSessionId);
- }
+ }
throw ex;
} else {
@@ -161,7 +161,6 @@ public abstract class AbstractReceiveQualEidTask extends AbstractAuthServletTask
}
} catch (final EaafAuthenticationException e) {
- log.warn("SL2.0 processing error:", e);
if (sl20Result != null) {
log.debug("Received SL2.0 result: " + sl20Result);
}
@@ -170,8 +169,8 @@ public abstract class AbstractReceiveQualEidTask extends AbstractAuthServletTask
new TaskExecutionException(pendingReq, "SL2.0 Authentication FAILED. Msg: " + e.getMessage(), e));
} catch (final Exception e) {
- log.warn("ERROR:", e);
- log.warn("SL2.0 Authentication FAILED with a generic error.", e);
+
+
if (sl20Result != null) {
log.debug("Received SL2.0 result: " + sl20Result);
}