diff options
Diffstat (limited to 'eaaf_core/src/main/java/at/gv/egiz/eaaf/core/impl/idp/auth/services')
2 files changed, 273 insertions, 24 deletions
diff --git a/eaaf_core/src/main/java/at/gv/egiz/eaaf/core/impl/idp/auth/services/ErrorTicketService.java b/eaaf_core/src/main/java/at/gv/egiz/eaaf/core/impl/idp/auth/services/ErrorTicketService.java new file mode 100644 index 00000000..0834aa27 --- /dev/null +++ b/eaaf_core/src/main/java/at/gv/egiz/eaaf/core/impl/idp/auth/services/ErrorTicketService.java @@ -0,0 +1,243 @@ +package at.gv.egiz.eaaf.core.impl.idp.auth.services; + +import java.io.InputStream; +import java.util.HashMap; +import java.util.Map; +import java.util.Properties; + +import javax.annotation.PostConstruct; +import javax.servlet.http.HttpServletRequest; + +import org.apache.commons.lang3.RandomStringUtils; +import org.apache.commons.lang3.StringUtils; +import org.apache.commons.text.StringEscapeUtils; +import org.slf4j.Logger; +import org.slf4j.LoggerFactory; +import org.springframework.beans.factory.annotation.Autowired; +import org.springframework.core.io.Resource; +import org.springframework.core.io.ResourceLoader; +import org.springframework.stereotype.Service; + +import at.gv.egiz.eaaf.core.api.IStatusMessenger; +import at.gv.egiz.eaaf.core.api.data.EaafConstants; +import at.gv.egiz.eaaf.core.api.idp.IConfiguration; +import at.gv.egiz.eaaf.core.exceptions.EaafException; +import at.gv.egiz.eaaf.core.exceptions.TaskExecutionException; +import at.gv.egiz.eaaf.core.impl.idp.controller.ProtocolFinalizationController; +import at.gv.egiz.eaaf.core.impl.utils.FileUtils; +import at.gv.egiz.eaaf.core.impl.utils.ServletUtils; +import lombok.Getter; + +@Service() +public class ErrorTicketService { + private static final Logger log = LoggerFactory.getLogger(ErrorTicketService.class); + + private static final String CONFIG_PROP_ERRORHANDLING_ACTION_PATH = "core.errorhandling.action"; + private static final String TECH_LOG_MSG = "errorCode={} Message={}"; + private static final String TICKET_LOG_MSG = "Ticket={} errorCode={} Message={}"; + + private final HashMap<String, String> propertyMap = new HashMap<String, String>(); + + + public enum ActionType { + TICKET_REDIRECT("ticket_redirect"), TICKET_NOREDIRECT("ticket_noredirect"), NOTICKET_REDIRECT( + "noticket_redirect"), NOTICKET_NOREDIRECT("noticket_noredirect"), NOTICKET_AUTOREDIRECT( + "noticket_autoredirect"); + + private final String name; + + ActionType(final String text) { + this.name = text; + } + + @Override + public String toString() { + return name; + } + } + + @Autowired(required = true) + IConfiguration basicConfig; + @Autowired(required = true) + ResourceLoader resourceLoader; + + @PostConstruct + private void initialize() throws EaafException { + log.info("initErrorTicketService"); + + final String ticketConfPath = basicConfig.getBasicConfiguration(CONFIG_PROP_ERRORHANDLING_ACTION_PATH); + log.info("ticketConfPath" + ticketConfPath); + + + if (StringUtils.isEmpty(ticketConfPath)) { + log.error("Error: Path to errorhandling-action mapping not known"); + throw new EaafException("internal.configuration.00", + new Object[]{CONFIG_PROP_ERRORHANDLING_ACTION_PATH}); + } else { + + Properties getProperties = new Properties(); + String fullFilePath = null; + try { + + fullFilePath = FileUtils + .makeAbsoluteUrl(ticketConfPath, basicConfig.getConfigurationRootDirectory()); + final Resource ressource = resourceLoader.getResource(fullFilePath); + final InputStream is = ressource.getInputStream(); + getProperties.load(is); + is.close(); + propertyMap.putAll((Map) getProperties); + + // log.error(propertyMap.toString()); + // log.error("working: " + propertyMap.get("auth.00")); + + } catch (Exception e) { + log.error("Error: could not found file.", e); + throw new EaafException("internal.configuration.01", + new Object[]{CONFIG_PROP_ERRORHANDLING_ACTION_PATH, "File for errorhandling-action mapping cloud " + + "not be found."}); + } + } + } + + /** + * creates error handling data. + * @param throwable error + * @param req http request + * @return eror handle Data + * @throws EaafException In case of an internal error + */ + public HandleData createHandleData(Throwable throwable, HttpServletRequest req) throws EaafException { + HandleData data = new HandleData(throwable, req); + extractErrorCode(data); + setUpErrorData(data); + + return data; + } + + private void extractErrorCode(HandleData data) { + Throwable originalException; + if (data.throwable instanceof TaskExecutionException + && ((TaskExecutionException) data.throwable).getOriginalException() != null) { + originalException = ((TaskExecutionException) data.throwable).getOriginalException(); + + } else { + originalException = data.throwable; + + } + + if (!(originalException instanceof EaafException)) { + data.errorCode = IStatusMessenger.CODES_INTERNAL_ERROR_GENERIC; + + } else { + data.errorCode = ((EaafException) originalException).getErrorId(); + + } + } + + private void setUpErrorData(HandleData data) throws EaafException { + + if (propertyMap.containsKey(data.errorCode)) { + String action = propertyMap.get(data.errorCode); + + if (action.equals(ActionType.TICKET_REDIRECT.toString())) { + data.actionType = ActionType.TICKET_REDIRECT; + data.generateSupportTicket(); + data.generateRedirect(); + + } else if (action.equals(ActionType.TICKET_NOREDIRECT.toString())) { + data.actionType = ActionType.TICKET_NOREDIRECT; + data.generateSupportTicket(); + + } else if (action.equals(ActionType.NOTICKET_REDIRECT.toString())) { + data.actionType = ActionType.NOTICKET_REDIRECT; + data.generateRedirect(); + + } else if (action.equals(ActionType.NOTICKET_AUTOREDIRECT.toString())) { + data.actionType = ActionType.NOTICKET_AUTOREDIRECT; + + } else { // ActionType.NOTICKET_NOREDIRECT -> nothing to be done + data.actionType = ActionType.NOTICKET_NOREDIRECT; + + } + + } else { + data.generateSupportTicket(); + throw new EaafException("internal.configuration.00", + new Object[]{data.errorCode + " in on_error_action" + ".properties"}); + } + } + + static class HandleData { + private final HttpServletRequest req; + @Getter + private String supportTicket; + @Getter + private String redirectUrl; + @Getter + private final Throwable throwable; + @Getter + private String errorCode; + @Getter + private ActionType actionType; + + + private HandleData(Throwable throwable, HttpServletRequest req) { + this.throwable = throwable; + this.req = req; + } + + private void generateRedirect() { + redirectUrl = ServletUtils.getBaseUrl(req); + redirectUrl += + ProtocolFinalizationController.ENDPOINT_ERROR_REDIRECT + "?" + EaafConstants.PARAM_HTTP_ERROR_CODE + "=" + + StringEscapeUtils.escapeHtml4(req.getParameter(EaafConstants.PARAM_HTTP_ERROR_CODE)); + + } + + private void generateSupportTicket() { + + String randomCode = + RandomStringUtils.randomAlphanumeric(4).toUpperCase() + '-' + RandomStringUtils.randomAlphanumeric(4) + .toUpperCase() + '-' + RandomStringUtils.randomAlphanumeric(4).toUpperCase(); + supportTicket = randomCode; + } + + /** + * Logs error to technical log. + */ + public void log_error() { + + if (supportTicket != null) { + log.error(TICKET_LOG_MSG, supportTicket, errorCode, throwable.getMessage(), throwable); + } else { + log.error(TECH_LOG_MSG, errorCode, throwable.getMessage(), throwable); + } + } + + /** + * Logs info to technical log. + */ + public void log_info() { + + if (supportTicket != null) { + log.info(TICKET_LOG_MSG, supportTicket, errorCode, throwable.getMessage(), throwable); + + } else { + log.info(TECH_LOG_MSG, errorCode, throwable.getMessage(), throwable); + } + } + + /** + * Logs warn to technical log. + */ + public void log_warn() { + + if (supportTicket != null) { + log.warn(TICKET_LOG_MSG, supportTicket, errorCode, throwable.getMessage(), throwable); + + } else { + log.warn(TECH_LOG_MSG, errorCode, throwable.getMessage(), throwable); + } + } + } +} diff --git a/eaaf_core/src/main/java/at/gv/egiz/eaaf/core/impl/idp/auth/services/ProtocolAuthenticationService.java b/eaaf_core/src/main/java/at/gv/egiz/eaaf/core/impl/idp/auth/services/ProtocolAuthenticationService.java index ffa1163f..a64ad45e 100644 --- a/eaaf_core/src/main/java/at/gv/egiz/eaaf/core/impl/idp/auth/services/ProtocolAuthenticationService.java +++ b/eaaf_core/src/main/java/at/gv/egiz/eaaf/core/impl/idp/auth/services/ProtocolAuthenticationService.java @@ -19,6 +19,27 @@ package at.gv.egiz.eaaf.core.impl.idp.auth.services; +import java.io.IOException; +import java.util.HashSet; + +import javax.annotation.PostConstruct; +import javax.naming.ConfigurationException; +import javax.servlet.http.HttpServletRequest; +import javax.servlet.http.HttpServletResponse; + +import org.apache.commons.lang3.ArrayUtils; +import org.apache.commons.lang3.StringUtils; +import org.apache.commons.text.StringEscapeUtils; +import org.owasp.encoder.Encode; +import org.slf4j.Logger; +import org.slf4j.LoggerFactory; +import org.springframework.beans.factory.annotation.Autowired; +import org.springframework.context.ApplicationContext; +import org.springframework.lang.NonNull; +import org.springframework.lang.Nullable; +import org.springframework.stereotype.Service; +import org.springframework.util.SerializationUtils; + import at.gv.egiz.components.eventlog.api.EventConstants; import at.gv.egiz.eaaf.core.api.IRequest; import at.gv.egiz.eaaf.core.api.IRequestStorage; @@ -58,25 +79,8 @@ import at.gv.egiz.eaaf.core.impl.idp.controller.ProtocolFinalizationController; import at.gv.egiz.eaaf.core.impl.idp.controller.protocols.RequestImpl; import at.gv.egiz.eaaf.core.impl.utils.KeyValueUtils; import at.gv.egiz.eaaf.core.impl.utils.ServletUtils; -import org.apache.commons.lang3.ArrayUtils; -import org.apache.commons.lang3.StringUtils; -import org.apache.commons.text.StringEscapeUtils; -import org.owasp.encoder.Encode; -import org.slf4j.Logger; -import org.slf4j.LoggerFactory; -import org.springframework.beans.factory.annotation.Autowired; -import org.springframework.context.ApplicationContext; -import org.springframework.lang.NonNull; -import org.springframework.lang.Nullable; -import org.springframework.stereotype.Service; -import org.springframework.util.SerializationUtils; -import javax.annotation.PostConstruct; -import javax.naming.ConfigurationException; -import javax.servlet.http.HttpServletRequest; -import javax.servlet.http.HttpServletResponse; -import java.io.IOException; -import java.util.HashSet; + @Service @@ -107,8 +111,10 @@ public class ProtocolAuthenticationService implements IProtocolAuthenticationSer @Autowired(required = false) private ISsoManager ssoManager; + @Autowired private IStatisticLogger statisticLogger; + @Autowired private IRevisionLogger revisionsLogger; @@ -233,7 +239,7 @@ public class ProtocolAuthenticationService implements IProtocolAuthenticationSer final HttpServletResponse resp, final IRequest protocolRequest) throws EaafException, IOException { try { IErrorService.IHandleData errorData = errorTicketService.createHandleData(throwable, req); - + if (errorData.getActionType().equals(IErrorService.ActionType.TICKET_REDIRECT) || errorData.getActionType() .equals(IErrorService.ActionType.NOTICKET_REDIRECT)) { @@ -245,7 +251,6 @@ public class ProtocolAuthenticationService implements IProtocolAuthenticationSer .validateAndGetPendingRequestId(req.getParameter(EaafConstants.PARAM_HTTP_ERROR_CODE)); transactionStorage.put(errorId, serialized, -1); - // log Error to technical log errorData.logExceptionToTechnicalLog(logOnInfoLevel); @@ -282,7 +287,6 @@ public class ProtocolAuthenticationService implements IProtocolAuthenticationSer } catch (final Throwable e) { // if building error response results in error, we try with with handleErrorNoRedirect handleErrorNoRedirect(e, req, resp, true); - } } @@ -304,10 +308,11 @@ public class ProtocolAuthenticationService implements IProtocolAuthenticationSer "Requested protocol module Class is NULL or does not implement the IModulInfo interface."); } - + return (IModulInfo) applicationContext.getBean(clazz); } + @Override public void handleErrorNoRedirect(final Throwable throwable, final HttpServletRequest req, final HttpServletResponse resp, final boolean writeExceptionToStatisticLog) throws EaafException, IOException { @@ -334,6 +339,7 @@ public class ProtocolAuthenticationService implements IProtocolAuthenticationSer } } + @Override public void forwardToErrorHandler(Pair<IRequest, Throwable> errorToHandle, String errorKey, final HttpServletRequest req, final HttpServletResponse resp) throws GuiBuildException { @@ -413,7 +419,6 @@ public class ProtocolAuthenticationService implements IProtocolAuthenticationSer } - @PostConstruct private void initializer() { log.trace("Initializing {} ...", ProtocolAuthenticationService.class.getName()); @@ -500,6 +505,7 @@ public class ProtocolAuthenticationService implements IProtocolAuthenticationSer PARAM_GUI_ERRORCODEPARAMS, ArrayUtils.toString(errorCodeParams)); errorTicketService.displayErrorData(c, errorData); + } else { log.info("Can not ADD error message, because 'GUIBuilderConfiguration' is not modifieable "); } @@ -558,7 +564,7 @@ public class ProtocolAuthenticationService implements IProtocolAuthenticationSer private String generateErrorRedirectUrl(final HttpServletRequest req, String errorKey) { String redirectUrl = null; redirectUrl = ServletUtils.getBaseUrl(req); - redirectUrl += "/" + ProtocolFinalizationController.ENDPOINT_ERRORHANDLING + "?" + redirectUrl += ProtocolFinalizationController.ENDPOINT_ERRORHANDLING + "?" + EaafConstants.PARAM_HTTP_ERROR_CODE + "=" + errorKey; return redirectUrl; |