summaryrefslogtreecommitdiff
path: root/eaaf_core/src/main
diff options
context:
space:
mode:
Diffstat (limited to 'eaaf_core/src/main')
-rw-r--r--eaaf_core/src/main/java/at/gv/egiz/eaaf/core/impl/idp/auth/AbstractAuthenticationManager.java2
-rw-r--r--eaaf_core/src/main/java/at/gv/egiz/eaaf/core/impl/idp/auth/services/DefaultErrorService.java111
-rw-r--r--eaaf_core/src/main/java/at/gv/egiz/eaaf/core/impl/idp/auth/services/ErrorTicketService.java243
-rw-r--r--eaaf_core/src/main/java/at/gv/egiz/eaaf/core/impl/idp/auth/services/IErrorService.java104
-rw-r--r--eaaf_core/src/main/java/at/gv/egiz/eaaf/core/impl/idp/auth/services/ProtocolAuthenticationService.java201
-rw-r--r--eaaf_core/src/main/java/at/gv/egiz/eaaf/core/impl/idp/controller/ProtocolFinalizationController.java7
-rw-r--r--eaaf_core/src/main/java/at/gv/egiz/eaaf/core/impl/idp/controller/tasks/RestartAuthProzessManagement.java2
-rw-r--r--eaaf_core/src/main/resources/messages/eaaf_core_messages.properties12
8 files changed, 321 insertions, 361 deletions
diff --git a/eaaf_core/src/main/java/at/gv/egiz/eaaf/core/impl/idp/auth/AbstractAuthenticationManager.java b/eaaf_core/src/main/java/at/gv/egiz/eaaf/core/impl/idp/auth/AbstractAuthenticationManager.java
index d2365e4a..2449340d 100644
--- a/eaaf_core/src/main/java/at/gv/egiz/eaaf/core/impl/idp/auth/AbstractAuthenticationManager.java
+++ b/eaaf_core/src/main/java/at/gv/egiz/eaaf/core/impl/idp/auth/AbstractAuthenticationManager.java
@@ -348,7 +348,7 @@ public abstract class AbstractAuthenticationManager implements IAuthenticationMa
if (processDefinitionId == null) {
log.warn("No suitable process found for PendingReqId " + pendingReq.getPendingRequestId());
- throw new EaafException("process.02", new Object[] { pendingReq.getPendingRequestId() });
+ throw new EaafException("process.02", null);
}
diff --git a/eaaf_core/src/main/java/at/gv/egiz/eaaf/core/impl/idp/auth/services/DefaultErrorService.java b/eaaf_core/src/main/java/at/gv/egiz/eaaf/core/impl/idp/auth/services/DefaultErrorService.java
new file mode 100644
index 00000000..e8be535c
--- /dev/null
+++ b/eaaf_core/src/main/java/at/gv/egiz/eaaf/core/impl/idp/auth/services/DefaultErrorService.java
@@ -0,0 +1,111 @@
+package at.gv.egiz.eaaf.core.impl.idp.auth.services;
+
+import java.text.MessageFormat;
+import java.util.HashSet;
+
+import javax.annotation.PostConstruct;
+import javax.servlet.http.HttpServletRequest;
+
+import org.springframework.beans.factory.annotation.Autowired;
+
+import at.gv.egiz.eaaf.core.api.IStatusMessenger;
+import at.gv.egiz.eaaf.core.api.gui.ModifyableGuiBuilderConfiguration;
+import at.gv.egiz.eaaf.core.api.idp.IConfiguration;
+import at.gv.egiz.eaaf.core.exceptions.EaafException;
+import at.gv.egiz.eaaf.core.exceptions.TaskExecutionException;
+import at.gv.egiz.eaaf.core.impl.utils.KeyValueUtils;
+import lombok.Builder;
+import lombok.Getter;
+import lombok.extern.slf4j.Slf4j;
+
+@Slf4j
+public class DefaultErrorService implements IErrorService {
+ private static final String TECH_LOG_MSG = "errorCode={} Message={}";
+ private static final String CONFIG_PROP_LOGGER_ON_INFO_LEVEL = "core.logging.level.info.errorcodes";
+
+ @Autowired IConfiguration basicConfig;
+ @Autowired IStatusMessenger statusMessager;
+
+ private final HashSet<String> logOnInfoLevel = new HashSet<>();
+
+ @Override
+ public String getExternalCodeFromInternal(String internalCode) {
+ return statusMessager.mapInternalErrorToExternalError(internalCode);
+
+ }
+
+ @Override
+ public IHandleData createHandleData(Throwable throwable, boolean supportRedirctToSp) throws EaafException {
+ String internalErrorId = extractInternalErrorCode(throwable);
+
+ return HandleData.builder()
+ .throwable(throwable)
+ .internalErrorCode(internalErrorId)
+ .actionType(ActionType.NO_TICKET)
+ .logLevel(logOnInfoLevel.contains(internalErrorId) ? LogLevel.INFO : LogLevel.WARN)
+ .build();
+
+ }
+
+ @Override
+ public void displayErrorData(ModifyableGuiBuilderConfiguration c, IHandleData errorData,
+ HttpServletRequest httpReq) throws EaafException {
+ log.trace("Do nothing because Tickets are not supported by: {}", DefaultErrorService.class.getName());
+
+ }
+
+ private String extractInternalErrorCode(Throwable throwable) {
+ Throwable originalException;
+ if (throwable instanceof TaskExecutionException
+ && ((TaskExecutionException) throwable).getOriginalException() != null) {
+ originalException = ((TaskExecutionException) throwable).getOriginalException();
+
+ } else {
+ originalException = throwable;
+
+ }
+
+ if (!(originalException instanceof EaafException)) {
+ return IStatusMessenger.CODES_INTERNAL_ERROR_GENERIC;
+
+ } else {
+ return ((EaafException) originalException).getErrorId();
+
+ }
+ }
+
+ @PostConstruct
+ private void initialize() throws EaafException {
+ log.info("initErrorTicketService");
+
+ logOnInfoLevel.addAll(KeyValueUtils.getListOfCsvValues(
+ basicConfig.getBasicConfiguration(CONFIG_PROP_LOGGER_ON_INFO_LEVEL)));
+ log.info("Set errorCodes={} to LogLevel:INFO", String.join(",", logOnInfoLevel));
+
+ }
+
+ @Builder
+ static class HandleData implements IHandleData {
+
+ @Getter
+ private String errorIdTokenForRedirect;
+
+ @Getter
+ private final Throwable throwable;
+
+ @Getter
+ private String internalErrorCode;
+
+ @Getter
+ private ActionType actionType;
+
+ @Getter
+ private LogLevel logLevel;
+
+ public String getPreFormatedErrorMessage() {
+ return MessageFormat.format(TECH_LOG_MSG, internalErrorCode, throwable.getMessage());
+
+ }
+
+ }
+}
diff --git a/eaaf_core/src/main/java/at/gv/egiz/eaaf/core/impl/idp/auth/services/ErrorTicketService.java b/eaaf_core/src/main/java/at/gv/egiz/eaaf/core/impl/idp/auth/services/ErrorTicketService.java
deleted file mode 100644
index 0834aa27..00000000
--- a/eaaf_core/src/main/java/at/gv/egiz/eaaf/core/impl/idp/auth/services/ErrorTicketService.java
+++ /dev/null
@@ -1,243 +0,0 @@
-package at.gv.egiz.eaaf.core.impl.idp.auth.services;
-
-import java.io.InputStream;
-import java.util.HashMap;
-import java.util.Map;
-import java.util.Properties;
-
-import javax.annotation.PostConstruct;
-import javax.servlet.http.HttpServletRequest;
-
-import org.apache.commons.lang3.RandomStringUtils;
-import org.apache.commons.lang3.StringUtils;
-import org.apache.commons.text.StringEscapeUtils;
-import org.slf4j.Logger;
-import org.slf4j.LoggerFactory;
-import org.springframework.beans.factory.annotation.Autowired;
-import org.springframework.core.io.Resource;
-import org.springframework.core.io.ResourceLoader;
-import org.springframework.stereotype.Service;
-
-import at.gv.egiz.eaaf.core.api.IStatusMessenger;
-import at.gv.egiz.eaaf.core.api.data.EaafConstants;
-import at.gv.egiz.eaaf.core.api.idp.IConfiguration;
-import at.gv.egiz.eaaf.core.exceptions.EaafException;
-import at.gv.egiz.eaaf.core.exceptions.TaskExecutionException;
-import at.gv.egiz.eaaf.core.impl.idp.controller.ProtocolFinalizationController;
-import at.gv.egiz.eaaf.core.impl.utils.FileUtils;
-import at.gv.egiz.eaaf.core.impl.utils.ServletUtils;
-import lombok.Getter;
-
-@Service()
-public class ErrorTicketService {
- private static final Logger log = LoggerFactory.getLogger(ErrorTicketService.class);
-
- private static final String CONFIG_PROP_ERRORHANDLING_ACTION_PATH = "core.errorhandling.action";
- private static final String TECH_LOG_MSG = "errorCode={} Message={}";
- private static final String TICKET_LOG_MSG = "Ticket={} errorCode={} Message={}";
-
- private final HashMap<String, String> propertyMap = new HashMap<String, String>();
-
-
- public enum ActionType {
- TICKET_REDIRECT("ticket_redirect"), TICKET_NOREDIRECT("ticket_noredirect"), NOTICKET_REDIRECT(
- "noticket_redirect"), NOTICKET_NOREDIRECT("noticket_noredirect"), NOTICKET_AUTOREDIRECT(
- "noticket_autoredirect");
-
- private final String name;
-
- ActionType(final String text) {
- this.name = text;
- }
-
- @Override
- public String toString() {
- return name;
- }
- }
-
- @Autowired(required = true)
- IConfiguration basicConfig;
- @Autowired(required = true)
- ResourceLoader resourceLoader;
-
- @PostConstruct
- private void initialize() throws EaafException {
- log.info("initErrorTicketService");
-
- final String ticketConfPath = basicConfig.getBasicConfiguration(CONFIG_PROP_ERRORHANDLING_ACTION_PATH);
- log.info("ticketConfPath" + ticketConfPath);
-
-
- if (StringUtils.isEmpty(ticketConfPath)) {
- log.error("Error: Path to errorhandling-action mapping not known");
- throw new EaafException("internal.configuration.00",
- new Object[]{CONFIG_PROP_ERRORHANDLING_ACTION_PATH});
- } else {
-
- Properties getProperties = new Properties();
- String fullFilePath = null;
- try {
-
- fullFilePath = FileUtils
- .makeAbsoluteUrl(ticketConfPath, basicConfig.getConfigurationRootDirectory());
- final Resource ressource = resourceLoader.getResource(fullFilePath);
- final InputStream is = ressource.getInputStream();
- getProperties.load(is);
- is.close();
- propertyMap.putAll((Map) getProperties);
-
- // log.error(propertyMap.toString());
- // log.error("working: " + propertyMap.get("auth.00"));
-
- } catch (Exception e) {
- log.error("Error: could not found file.", e);
- throw new EaafException("internal.configuration.01",
- new Object[]{CONFIG_PROP_ERRORHANDLING_ACTION_PATH, "File for errorhandling-action mapping cloud "
- + "not be found."});
- }
- }
- }
-
- /**
- * creates error handling data.
- * @param throwable error
- * @param req http request
- * @return eror handle Data
- * @throws EaafException In case of an internal error
- */
- public HandleData createHandleData(Throwable throwable, HttpServletRequest req) throws EaafException {
- HandleData data = new HandleData(throwable, req);
- extractErrorCode(data);
- setUpErrorData(data);
-
- return data;
- }
-
- private void extractErrorCode(HandleData data) {
- Throwable originalException;
- if (data.throwable instanceof TaskExecutionException
- && ((TaskExecutionException) data.throwable).getOriginalException() != null) {
- originalException = ((TaskExecutionException) data.throwable).getOriginalException();
-
- } else {
- originalException = data.throwable;
-
- }
-
- if (!(originalException instanceof EaafException)) {
- data.errorCode = IStatusMessenger.CODES_INTERNAL_ERROR_GENERIC;
-
- } else {
- data.errorCode = ((EaafException) originalException).getErrorId();
-
- }
- }
-
- private void setUpErrorData(HandleData data) throws EaafException {
-
- if (propertyMap.containsKey(data.errorCode)) {
- String action = propertyMap.get(data.errorCode);
-
- if (action.equals(ActionType.TICKET_REDIRECT.toString())) {
- data.actionType = ActionType.TICKET_REDIRECT;
- data.generateSupportTicket();
- data.generateRedirect();
-
- } else if (action.equals(ActionType.TICKET_NOREDIRECT.toString())) {
- data.actionType = ActionType.TICKET_NOREDIRECT;
- data.generateSupportTicket();
-
- } else if (action.equals(ActionType.NOTICKET_REDIRECT.toString())) {
- data.actionType = ActionType.NOTICKET_REDIRECT;
- data.generateRedirect();
-
- } else if (action.equals(ActionType.NOTICKET_AUTOREDIRECT.toString())) {
- data.actionType = ActionType.NOTICKET_AUTOREDIRECT;
-
- } else { // ActionType.NOTICKET_NOREDIRECT -> nothing to be done
- data.actionType = ActionType.NOTICKET_NOREDIRECT;
-
- }
-
- } else {
- data.generateSupportTicket();
- throw new EaafException("internal.configuration.00",
- new Object[]{data.errorCode + " in on_error_action" + ".properties"});
- }
- }
-
- static class HandleData {
- private final HttpServletRequest req;
- @Getter
- private String supportTicket;
- @Getter
- private String redirectUrl;
- @Getter
- private final Throwable throwable;
- @Getter
- private String errorCode;
- @Getter
- private ActionType actionType;
-
-
- private HandleData(Throwable throwable, HttpServletRequest req) {
- this.throwable = throwable;
- this.req = req;
- }
-
- private void generateRedirect() {
- redirectUrl = ServletUtils.getBaseUrl(req);
- redirectUrl +=
- ProtocolFinalizationController.ENDPOINT_ERROR_REDIRECT + "?" + EaafConstants.PARAM_HTTP_ERROR_CODE + "="
- + StringEscapeUtils.escapeHtml4(req.getParameter(EaafConstants.PARAM_HTTP_ERROR_CODE));
-
- }
-
- private void generateSupportTicket() {
-
- String randomCode =
- RandomStringUtils.randomAlphanumeric(4).toUpperCase() + '-' + RandomStringUtils.randomAlphanumeric(4)
- .toUpperCase() + '-' + RandomStringUtils.randomAlphanumeric(4).toUpperCase();
- supportTicket = randomCode;
- }
-
- /**
- * Logs error to technical log.
- */
- public void log_error() {
-
- if (supportTicket != null) {
- log.error(TICKET_LOG_MSG, supportTicket, errorCode, throwable.getMessage(), throwable);
- } else {
- log.error(TECH_LOG_MSG, errorCode, throwable.getMessage(), throwable);
- }
- }
-
- /**
- * Logs info to technical log.
- */
- public void log_info() {
-
- if (supportTicket != null) {
- log.info(TICKET_LOG_MSG, supportTicket, errorCode, throwable.getMessage(), throwable);
-
- } else {
- log.info(TECH_LOG_MSG, errorCode, throwable.getMessage(), throwable);
- }
- }
-
- /**
- * Logs warn to technical log.
- */
- public void log_warn() {
-
- if (supportTicket != null) {
- log.warn(TICKET_LOG_MSG, supportTicket, errorCode, throwable.getMessage(), throwable);
-
- } else {
- log.warn(TECH_LOG_MSG, errorCode, throwable.getMessage(), throwable);
- }
- }
- }
-}
diff --git a/eaaf_core/src/main/java/at/gv/egiz/eaaf/core/impl/idp/auth/services/IErrorService.java b/eaaf_core/src/main/java/at/gv/egiz/eaaf/core/impl/idp/auth/services/IErrorService.java
index 4e04a87f..e545cb47 100644
--- a/eaaf_core/src/main/java/at/gv/egiz/eaaf/core/impl/idp/auth/services/IErrorService.java
+++ b/eaaf_core/src/main/java/at/gv/egiz/eaaf/core/impl/idp/auth/services/IErrorService.java
@@ -1,7 +1,5 @@
package at.gv.egiz.eaaf.core.impl.idp.auth.services;
-import java.util.HashSet;
-
import javax.annotation.Nonnull;
import javax.servlet.http.HttpServletRequest;
@@ -9,13 +7,12 @@ import at.gv.egiz.eaaf.core.api.gui.ModifyableGuiBuilderConfiguration;
import at.gv.egiz.eaaf.core.exceptions.EaafException;
public interface IErrorService {
+
/**
* Describes the kind of action that should be taken.
*/
enum ActionType {
- TICKET_REDIRECT("ticket_redirect"), TICKET_NOREDIRECT("ticket_noredirect"), NOTICKET_REDIRECT(
- "noticket_redirect"), NOTICKET_NOREDIRECT("noticket_noredirect"), NOTICKET_AUTOREDIRECT(
- "noticket_autoredirect");
+ TICKET("ticket"), NO_TICKET("no_ticket");
private final String name;
@@ -23,12 +20,66 @@ public interface IErrorService {
this.name = text;
}
+
+ /**
+ * Get flow type for error-handling from String representation.
+ *
+ * @param s Config parameter
+ * @return Error-handling flow
+ */
+ public static ActionType fromString(final String s) {
+ try {
+ return ActionType.valueOf(s.toUpperCase());
+
+ } catch (IllegalArgumentException | NullPointerException e) {
+ return null;
+
+ }
+ }
+
@Override
public String toString() {
return name;
}
}
+ /**
+ * Defines the LogLevel for this types of errors.
+ */
+ enum LogLevel {
+ ERROR("error"), WARN("warn"), INFO("info"), DEBUG("debug");
+
+ private final String level;
+
+ LogLevel(final String logLevel) {
+ this.level = logLevel;
+
+ }
+
+
+ /**
+ * Get the log-level from String representation.
+ *
+ * @param s Config parameter
+ * @return Log-Level from configuration or ERROR as backup
+ */
+ public static LogLevel fromString(final String s) {
+ try {
+ return LogLevel.valueOf(s.toUpperCase());
+
+ } catch (IllegalArgumentException | NullPointerException e) {
+ return LogLevel.ERROR;
+
+ }
+ }
+
+ @Override
+ public String toString() {
+ return level;
+ }
+
+ }
+
String PARAM_GUI_TICKET = "supportTicket";
String PARAM_GUI_REDIRECT = "redirectLink";
@@ -38,33 +89,43 @@ public interface IErrorService {
* @return external error code
*/
@Nonnull
- String getExternalCodeFromInternal(String internalCode);
+ String getExternalCodeFromInternal(@Nonnull String internalCode);
/**
- * creates error handling data.
+ * Creates error handling data.
*
- * @param throwable error
- * @param req http request
- * @return eror handle Data
+ * @param throwable Error that should be handled
+ * @param supportRedirctToSp <code>true</code> if the current process-state supports redirect
+ * to Service-Provider, otherwise <code>false</code>
+ * @return Information how the error should be handled
* @throws EaafException In case of an internal error
*/
@Nonnull
- IHandleData createHandleData(Throwable throwable, HttpServletRequest req) throws EaafException;
+ IHandleData createHandleData(@Nonnull Throwable throwable, boolean supportRedirctToSp) throws EaafException;
/**
* Displays the error using suitable errordata.
*
* @param c guibuilder
* @param errorData Data to handle
+ * @param httpReq Current HTTP request
* @throws EaafException In case of an internal error
*/
- void displayErrorData(ModifyableGuiBuilderConfiguration c, IErrorService.IHandleData errorData)
- throws EaafException;
+ void displayErrorData(@Nonnull ModifyableGuiBuilderConfiguration c, @Nonnull IErrorService.IHandleData errorData,
+ @Nonnull HttpServletRequest httpReq) throws EaafException;
/**
* Contains all the Model data for Error Handling.
*/
interface IHandleData {
+
+ /**
+ * Get a new pendingReqId that can be used to store the error for SP forwarding.
+ *
+ * @return errorToken as pendingRequest
+ */
+ String getErrorIdTokenForRedirect();
+
/**
* Describes the kind of action that should be taken.
*
@@ -85,12 +146,19 @@ public interface IErrorService {
* @return causing throwable
*/
Throwable getThrowable();
-
+
/**
- * Write a Exception to the MOA-ID-Auth internal technical log.
- *
- * @param logOnInfoLevel set of what to log on info logging lvl
+ * Get the log-level for this internal errorId.
+ *
+ * @return Level to Log the error
+ */
+ LogLevel getLogLevel();
+
+ /**
+ * Get pre-formated text for log message.
+ *
+ * @return log message
*/
- void logExceptionToTechnicalLog(HashSet<String> logOnInfoLevel);
+ String getPreFormatedErrorMessage();
}
}
diff --git a/eaaf_core/src/main/java/at/gv/egiz/eaaf/core/impl/idp/auth/services/ProtocolAuthenticationService.java b/eaaf_core/src/main/java/at/gv/egiz/eaaf/core/impl/idp/auth/services/ProtocolAuthenticationService.java
index a64ad45e..4b2cbd0e 100644
--- a/eaaf_core/src/main/java/at/gv/egiz/eaaf/core/impl/idp/auth/services/ProtocolAuthenticationService.java
+++ b/eaaf_core/src/main/java/at/gv/egiz/eaaf/core/impl/idp/auth/services/ProtocolAuthenticationService.java
@@ -20,7 +20,6 @@
package at.gv.egiz.eaaf.core.impl.idp.auth.services;
import java.io.IOException;
-import java.util.HashSet;
import javax.annotation.PostConstruct;
import javax.naming.ConfigurationException;
@@ -53,7 +52,6 @@ import at.gv.egiz.eaaf.core.api.gui.ModifyableGuiBuilderConfiguration;
import at.gv.egiz.eaaf.core.api.idp.IAction;
import at.gv.egiz.eaaf.core.api.idp.IAuthData;
import at.gv.egiz.eaaf.core.api.idp.IAuthenticationDataBuilder;
-import at.gv.egiz.eaaf.core.api.idp.IConfiguration;
import at.gv.egiz.eaaf.core.api.idp.IModulInfo;
import at.gv.egiz.eaaf.core.api.idp.ISpConfiguration;
import at.gv.egiz.eaaf.core.api.idp.auth.IAuthenticationManager;
@@ -75,20 +73,17 @@ import at.gv.egiz.eaaf.core.exceptions.ProtocolNotActiveException;
import at.gv.egiz.eaaf.core.impl.data.Pair;
import at.gv.egiz.eaaf.core.impl.gui.AbstractGuiFormBuilderConfiguration;
import at.gv.egiz.eaaf.core.impl.http.HttpUtils;
+import at.gv.egiz.eaaf.core.impl.idp.auth.services.IErrorService.ActionType;
+import at.gv.egiz.eaaf.core.impl.idp.auth.services.IErrorService.IHandleData;
+import at.gv.egiz.eaaf.core.impl.idp.auth.services.IErrorService.LogLevel;
import at.gv.egiz.eaaf.core.impl.idp.controller.ProtocolFinalizationController;
import at.gv.egiz.eaaf.core.impl.idp.controller.protocols.RequestImpl;
-import at.gv.egiz.eaaf.core.impl.utils.KeyValueUtils;
import at.gv.egiz.eaaf.core.impl.utils.ServletUtils;
-
-
-
@Service
public class ProtocolAuthenticationService implements IProtocolAuthenticationService {
private static final Logger log = LoggerFactory.getLogger(ProtocolAuthenticationService.class);
- private static final String CONFIG_PROP_LOGGER_ON_INFO_LEVEL = "core.logging.level.info.errorcodes";
-
@Autowired(required = true)
private ApplicationContext applicationContext;
@Autowired(required = true)
@@ -103,8 +98,6 @@ public class ProtocolAuthenticationService implements IProtocolAuthenticationSer
private IRequestStorage requestStorage;
@Autowired(required = true)
IPendingRequestIdGenerationStrategy pendingReqIdGenerationStrategy;
- @Autowired
- private IConfiguration basicConfig;
@Autowired(required = true)
private IErrorService errorTicketService;
@@ -114,21 +107,15 @@ public class ProtocolAuthenticationService implements IProtocolAuthenticationSer
@Autowired
private IStatisticLogger statisticLogger;
-
+
@Autowired
private IRevisionLogger revisionsLogger;
@Autowired(required = true)
protected ITransactionStorage transactionStorage;
- @Autowired
- IPendingRequestIdGenerationStrategy requestIdValidationStragegy;
-
-
private IGuiFormBuilder guiBuilder;
- private final HashSet<String> logOnInfoLevel = new HashSet<>();
-
/*
* (non-Javadoc)
*
@@ -153,7 +140,7 @@ public class ProtocolAuthenticationService implements IProtocolAuthenticationSer
if (oaParam == null) {
throw new EaafAuthenticationException(IStatusMessenger.CODES_INTERNAL_ERROR_AUTH_NOSPCONFIG,
- new Object[]{pendingReq.getSpEntityId()});
+ new Object[] { pendingReq.getSpEntityId() });
}
if (authmanager.doAuthentication(req, resp, pendingReq)) {
@@ -163,7 +150,8 @@ public class ProtocolAuthenticationService implements IProtocolAuthenticationSer
finalizeAuthentication(req, resp, pendingReq);
// transaction is finished, log transaction finished event
- revisionsLogger.logEvent(EventConstants.TRANSACTION_DESTROYED, pendingReq.getUniqueTransactionIdentifier());
+ revisionsLogger.logEvent(EventConstants.TRANSACTION_DESTROYED, pendingReq
+ .getUniqueTransactionIdentifier());
}
@@ -197,7 +185,8 @@ public class ProtocolAuthenticationService implements IProtocolAuthenticationSer
if (pendingReq.isAbortedByUser()) {
// send authentication aborted error to Service Provider
buildProtocolSpecificErrorResponse(
- new EaafAuthenticationException(IStatusMessenger.CODES_INTERNAL_ERROR_AUTH_USERSTOP, new Object[]{}), req,
+ new EaafAuthenticationException(IStatusMessenger.CODES_INTERNAL_ERROR_AUTH_USERSTOP,
+ new Object[] {}), req,
resp, pendingReq);
// check if pending-request are authenticated
@@ -206,7 +195,8 @@ public class ProtocolAuthenticationService implements IProtocolAuthenticationSer
} else {
// suspect state: pending-request is not aborted but also are not authenticated
- log.warn("PendingRequest flag for 'authenticated':{} and 'needConsent':{}", pendingReq.isAuthenticated(),
+ log.warn("PendingRequest flag for 'authenticated':{} and 'needConsent':{}", pendingReq
+ .isAuthenticated(),
pendingReq.isNeedUserConsent());
if (pendingReq.isNeedUserConsent()) {
log.error("PendingRequest NEEDS user-consent. "
@@ -228,65 +218,56 @@ public class ProtocolAuthenticationService implements IProtocolAuthenticationSer
} finally {
// remove pending-request
requestStorage.removePendingRequest(pendingReq.getPendingRequestId());
- revisionsLogger.logEvent(EventConstants.TRANSACTION_DESTROYED, pendingReq.getUniqueTransactionIdentifier());
+ revisionsLogger.logEvent(EventConstants.TRANSACTION_DESTROYED, pendingReq
+ .getUniqueTransactionIdentifier());
}
}
-
@Override
public void buildProtocolSpecificErrorResponse(final Throwable throwable, final HttpServletRequest req,
final HttpServletResponse resp, final IRequest protocolRequest) throws EaafException, IOException {
try {
- IErrorService.IHandleData errorData = errorTicketService.createHandleData(throwable, req);
- if (errorData.getActionType().equals(IErrorService.ActionType.TICKET_REDIRECT) || errorData.getActionType()
- .equals(IErrorService.ActionType.NOTICKET_REDIRECT)) {
+ final IErrorService.IHandleData errorData = errorTicketService.createHandleData(throwable, true);
- // Put pending request
- ExceptionContainer exceptionContainer = new ExceptionContainer(protocolRequest, throwable);
- byte[] serialized = SerializationUtils.serialize(exceptionContainer);
- // transactionStorage.put(req.getParameter(EaafConstants.PARAM_HTTP_ERROR_CODE), serialized, -1);
- String errorId = requestIdValidationStragegy
- .validateAndGetPendingRequestId(req.getParameter(EaafConstants.PARAM_HTTP_ERROR_CODE));
- transactionStorage.put(errorId, serialized, -1);
+ // log Error to technical log
+ logExceptionToTechnicalLog(errorData);
- // log Error to technical log
- errorData.logExceptionToTechnicalLog(logOnInfoLevel);
+ // log Error Message
+ statisticLogger.logErrorOperation(throwable, protocolRequest);
- // log Error Message
- statisticLogger.logErrorOperation(throwable, protocolRequest);
+ // write revision log entries
+ revisionsLogger.logEvent(protocolRequest, EventConstants.TRANSACTION_ERROR,
+ protocolRequest.getUniqueTransactionIdentifier());
- displayException(req, resp, errorData);
+ if (ActionType.TICKET.equals(errorData.getActionType())) {
+ // Put pending request
+ final ExceptionContainer exceptionContainer = new ExceptionContainer(protocolRequest, throwable);
+ final byte[] serialized = SerializationUtils.serialize(exceptionContainer);
+ transactionStorage.put(errorData.getErrorIdTokenForRedirect(), serialized, -1);
- } else if (errorData.getActionType().equals(IErrorService.ActionType.NOTICKET_AUTOREDIRECT)) {
- IModulInfo handlingModule = extractShibbolethHandling(protocolRequest, applicationContext);
+ // render GUI
+ displayException(req, resp, errorData);
+ } else {
+ final IModulInfo handlingModule = extractShibbolethHandling(protocolRequest, applicationContext);
if (handlingModule.generateErrorMessage(throwable, req, resp, protocolRequest)) {
-
- // log Error to technical log
- errorData.logExceptionToTechnicalLog(logOnInfoLevel);
-
- // log Error Message
- statisticLogger.logErrorOperation(throwable, protocolRequest);
-
- // write revision log entries
- revisionsLogger.logEvent(protocolRequest, EventConstants.TRANSACTION_ERROR,
- protocolRequest.getUniqueTransactionIdentifier());
+ log.debug("Error-response to SP successfully written");
} else {
- throw throwable; //through it on to handleErrorNoRedirect
+ log.info("Error-response to SP FAILED. Writing error message into GUI ... ");
+ displayException(req, resp, errorData);
}
-
- } else {
- throw throwable; //through it on to handleErrorNoRedirect
-
}
} catch (final Throwable e) {
- // if building error response results in error, we try with with handleErrorNoRedirect
- handleErrorNoRedirect(e, req, resp, true);
+ // if building error response results in error, we try with with
+ // handleErrorNoRedirect
+ log.error("ErrorHandling has an internel error. Show process-error in GUI ... ", e);
+ handleErrorNoRedirect(throwable, req, resp, false);
+
}
}
@@ -298,7 +279,8 @@ public class ProtocolAuthenticationService implements IProtocolAuthenticationSer
* @return IModulInfo
* @throws ClassNotFoundException If no shibboleth handling implementation found
*/
- public static IModulInfo extractShibbolethHandling(IRequest protocolRequest, ApplicationContext applicationContext)
+ public static IModulInfo extractShibbolethHandling(IRequest protocolRequest,
+ ApplicationContext applicationContext)
throws ClassNotFoundException {
final Class<?> clazz = Class.forName(protocolRequest.requestedModule());
@@ -308,17 +290,16 @@ public class ProtocolAuthenticationService implements IProtocolAuthenticationSer
"Requested protocol module Class is NULL or does not implement the IModulInfo interface.");
}
-
+
return (IModulInfo) applicationContext.getBean(clazz);
}
-
@Override
public void handleErrorNoRedirect(final Throwable throwable, final HttpServletRequest req,
- final HttpServletResponse resp, final boolean writeExceptionToStatisticLog) throws EaafException, IOException {
+ final HttpServletResponse resp, final boolean writeExceptionToStatisticLog) throws EaafException,
+ IOException {
- IErrorService.IHandleData errorData = null;
- errorData = errorTicketService.createHandleData(throwable, req);
+ final IErrorService.IHandleData errorData = errorTicketService.createHandleData(throwable, true);
// log Exception into statistic database
if (writeExceptionToStatisticLog) {
@@ -326,24 +307,45 @@ public class ProtocolAuthenticationService implements IProtocolAuthenticationSer
}
// write errror to console
- errorData.logExceptionToTechnicalLog(logOnInfoLevel);
+ logExceptionToTechnicalLog(errorData);
+
+ // render GUI
+ displayException(req, resp, errorData);
+
+ }
+
+ private void logExceptionToTechnicalLog(IHandleData errorData) {
+ // In case of a TaskExecutionException, which is only a container for
+ // process-errors,
+ // extract internal exception
+
+ // Log exception
+ if (!(errorData.getThrowable() instanceof EaafException)
+ || LogLevel.ERROR.equals(errorData.getLogLevel())) {
+ log.error(errorData.getPreFormatedErrorMessage(), errorData.getThrowable());
+
+ } else if (LogLevel.WARN.equals(errorData.getLogLevel())) {
+ log.warn(errorData.getPreFormatedErrorMessage(), errorData.getThrowable());
+
+ } else if (LogLevel.INFO.equals(errorData.getLogLevel())) {
+ log.info(errorData.getPreFormatedErrorMessage(), errorData.getThrowable());
+
+ } else if (LogLevel.DEBUG.equals(errorData.getLogLevel())) {
+ log.debug(errorData.getPreFormatedErrorMessage(), errorData.getThrowable());
- if (errorData.getActionType().equals(IErrorService.ActionType.NOTICKET_NOREDIRECT) || errorData
- .getActionType().equals(IErrorService.ActionType.TICKET_NOREDIRECT)) {
- // return error to Web browser
- displayException(req, resp, errorData);
} else {
- // TODO introduce separate error type?
- throw new EaafException("internal.configuration.01", new Object[]{
- errorData.getInternalErrorCode() + " in on_error_action" + ".properties", "Erroraction mapping mismatch"});
+ log.warn("Get unsupported LogLevelType: {}. Use {} as default",
+ errorData.getLogLevel(), LogLevel.ERROR);
+ log.error(errorData.getPreFormatedErrorMessage(), errorData.getThrowable());
+
}
}
-
@Override
public void forwardToErrorHandler(Pair<IRequest, Throwable> errorToHandle, String errorKey,
final HttpServletRequest req, final HttpServletResponse resp) throws GuiBuildException {
- final IGuiBuilderConfiguration parentHopGuiConfig = evaluateRequiredErrorHandlingMethod(errorToHandle.getFirst(),
+ final IGuiBuilderConfiguration parentHopGuiConfig = evaluateRequiredErrorHandlingMethod(errorToHandle
+ .getFirst(),
errorKey);
if (parentHopGuiConfig != null) {
log.trace("iFrame to parent hop requested. Building GUI step for error handling ... ");
@@ -372,7 +374,8 @@ public class ProtocolAuthenticationService implements IProtocolAuthenticationSer
* @param pendingReq Authentication request which is actually in process
* @throws Exception In case of an error
*/
- protected void internalFinalizeAuthenticationProcess(final HttpServletRequest req, final HttpServletResponse resp,
+ protected void internalFinalizeAuthenticationProcess(final HttpServletRequest req,
+ final HttpServletResponse resp,
final IRequest pendingReq) throws Exception {
String newSsoSessionId = null;
@@ -395,7 +398,8 @@ public class ProtocolAuthenticationService implements IProtocolAuthenticationSer
final IAuthData authData = authDataBuilder.buildAuthenticationData(pendingReq);
// execute the protocol-specific action
- final SloInformationInterface sloInformation = executeProtocolSpecificAction(req, resp, pendingReq, authData);
+ final SloInformationInterface sloInformation = executeProtocolSpecificAction(req, resp, pendingReq,
+ authData);
// Store OA specific SSO session information if an SSO cookie is set
if (StringUtils.isNotEmpty(newSsoSessionId)) {
@@ -422,9 +426,6 @@ public class ProtocolAuthenticationService implements IProtocolAuthenticationSer
@PostConstruct
private void initializer() {
log.trace("Initializing {} ...", ProtocolAuthenticationService.class.getName());
- logOnInfoLevel
- .addAll(KeyValueUtils.getListOfCsvValues(basicConfig.getBasicConfiguration(CONFIG_PROP_LOGGER_ON_INFO_LEVEL)));
- log.info("Set errorCodes={} to LogLevel:INFO", String.join(",", logOnInfoLevel));
}
@@ -439,12 +440,14 @@ public class ProtocolAuthenticationService implements IProtocolAuthenticationSer
* @throws Exception in case of an error
*/
private SloInformationInterface executeProtocolSpecificAction(final HttpServletRequest httpReq,
- final HttpServletResponse httpResp, final IRequest pendingReq, final IAuthData authData) throws Exception {
+ final HttpServletResponse httpResp, final IRequest pendingReq, final IAuthData authData)
+ throws Exception {
try {
// request needs no authentication --> start request processing
final Class<?> clazz = Class.forName(pendingReq.requestedAction());
if (clazz == null || !IAction.class.isAssignableFrom(clazz)) {
- log.error("Requested protocol-action processing Class is NULL or does not implement the IAction interface.");
+ log.error(
+ "Requested protocol-action processing Class is NULL or does not implement the IAction interface.");
throw new ClassCastException(
"Requested protocol-action processing Class is NULL or does not implement the IAction interface.");
@@ -454,20 +457,24 @@ public class ProtocolAuthenticationService implements IProtocolAuthenticationSer
return protocolAction.processRequest(pendingReq, httpReq, httpResp, authData);
} catch (final ClassNotFoundException e) {
- log.error("Requested Auth. protocol processing Class is NULL or does not implement the IAction interface.");
+ log.error(
+ "Requested Auth. protocol processing Class is NULL or does not implement the IAction interface.");
throw new ClassNotFoundException(
- "Requested Auth. protocol processing Class is NULL or does not implement the IAction interface.", e);
+ "Requested Auth. protocol processing Class is NULL or does not implement the IAction interface.",
+ e);
}
}
-
- // private void writeHtmlErrorResponse(@NonNull final HttpServletRequest httpReq,
- // @NonNull final HttpServletResponse httpResp, @NonNull final String msg, @NonNull final String errorCode,
- // @Nullable final Object[] params, String externalErrorCode) throws EaafException {
- // this.writeHtmlErrorResponse(httpReq, httpResp, msg, errorCode, params, externalErrorCode, null, null);
- // }
-
+ // private void writeHtmlErrorResponse(@NonNull final HttpServletRequest
+ // httpReq,
+ // @NonNull final HttpServletResponse httpResp, @NonNull final String msg,
+ // @NonNull final String errorCode,
+ // @Nullable final Object[] params, String externalErrorCode) throws
+ // EaafException {
+ // this.writeHtmlErrorResponse(httpReq, httpResp, msg, errorCode, params,
+ // externalErrorCode, null, null);
+ // }
private void writeHtmlErrorResponse(@NonNull final HttpServletRequest httpReq,
@NonNull final HttpServletResponse httpResp, @NonNull final String msg, @NonNull final String errorCode,
@@ -480,7 +487,7 @@ public class ProtocolAuthenticationService implements IProtocolAuthenticationSer
String[] errorCodeParams = null;
if (params == null) {
- errorCodeParams = new String[]{};
+ errorCodeParams = new String[] {};
} else {
errorCodeParams = new String[params.length];
for (int i = 0; i < params.length; i++) {
@@ -495,16 +502,17 @@ public class ProtocolAuthenticationService implements IProtocolAuthenticationSer
// add errorcode and errormessage
if (config instanceof ModifyableGuiBuilderConfiguration) {
- ModifyableGuiBuilderConfiguration c = (ModifyableGuiBuilderConfiguration) config;
+ final ModifyableGuiBuilderConfiguration c = (ModifyableGuiBuilderConfiguration) config;
c.putCustomParameter(AbstractGuiFormBuilderConfiguration.PARAM_GROUP_MSG, PARAM_GUI_ERROMSG, msg);
- c.putCustomParameter(AbstractGuiFormBuilderConfiguration.PARAM_GROUP_MSG, PARAM_GUI_ERRORCODE, errorCode);
+ c.putCustomParameter(AbstractGuiFormBuilderConfiguration.PARAM_GROUP_MSG, PARAM_GUI_ERRORCODE,
+ errorCode);
// TODO: should we keep the internal errorcode secret?
- c.putCustomParameter(AbstractGuiFormBuilderConfiguration.PARAM_GROUP_MSG, PARAM_GUI_EXTERNAL_ERRORCODE,
+ c.putCustomParameter(AbstractGuiFormBuilderConfiguration.PARAM_GROUP_MSG,
+ PARAM_GUI_EXTERNAL_ERRORCODE,
externalErrorCode);
c.putCustomParameterWithOutEscaption(AbstractGuiFormBuilderConfiguration.PARAM_GROUP_MSG,
PARAM_GUI_ERRORCODEPARAMS, ArrayUtils.toString(errorCodeParams));
- errorTicketService.displayErrorData(c, errorData);
-
+ errorTicketService.displayErrorData(c, errorData, httpReq);
} else {
log.info("Can not ADD error message, because 'GUIBuilderConfiguration' is not modifieable ");
@@ -555,7 +563,8 @@ public class ProtocolAuthenticationService implements IProtocolAuthenticationSer
private IGuiBuilderConfiguration evaluateRequiredErrorHandlingMethod(IRequest first, String errorId) {
if (first != null && first.isProcessInIframe()) {
return guiConfigFactory
- .getDefaultIFrameParentHopGui(first, "/" + ProtocolFinalizationController.ENDPOINT_ERRORHANDLING, errorId);
+ .getDefaultIFrameParentHopGui(first, ProtocolFinalizationController.ENDPOINT_ERRORHANDLING,
+ errorId);
}
return null;
diff --git a/eaaf_core/src/main/java/at/gv/egiz/eaaf/core/impl/idp/controller/ProtocolFinalizationController.java b/eaaf_core/src/main/java/at/gv/egiz/eaaf/core/impl/idp/controller/ProtocolFinalizationController.java
index a8b0a961..dce2251a 100644
--- a/eaaf_core/src/main/java/at/gv/egiz/eaaf/core/impl/idp/controller/ProtocolFinalizationController.java
+++ b/eaaf_core/src/main/java/at/gv/egiz/eaaf/core/impl/idp/controller/ProtocolFinalizationController.java
@@ -105,14 +105,17 @@ public class ProtocolFinalizationController extends AbstractController {
if (pendingReq != null) {
IModulInfo handlingModule = ProtocolAuthenticationService
.extractShibbolethHandling(pendingReq, applicationContext);
-
- handlingModule.generateErrorMessage(throwable, req, resp, pendingReq);
+ if (!handlingModule.generateErrorMessage(throwable, req, resp, pendingReq)) {
+ protAuthService.handleErrorNoRedirect(new EaafException("process.90", null), req, resp, false);
+
+ }
}
}
}
} catch (Throwable e) {
log.error(e.getMessage(), e);
protAuthService.handleErrorNoRedirect(e, req, resp, false);
+
} finally {
// remove pending-request
if (pendingReq != null) {
diff --git a/eaaf_core/src/main/java/at/gv/egiz/eaaf/core/impl/idp/controller/tasks/RestartAuthProzessManagement.java b/eaaf_core/src/main/java/at/gv/egiz/eaaf/core/impl/idp/controller/tasks/RestartAuthProzessManagement.java
index 08bf588f..c3f3d32e 100644
--- a/eaaf_core/src/main/java/at/gv/egiz/eaaf/core/impl/idp/controller/tasks/RestartAuthProzessManagement.java
+++ b/eaaf_core/src/main/java/at/gv/egiz/eaaf/core/impl/idp/controller/tasks/RestartAuthProzessManagement.java
@@ -82,7 +82,7 @@ public class RestartAuthProzessManagement extends AbstractAuthServletTask {
if (processDefinitionId == null) {
log.warn("No suitable authentication process found for SessionID "
+ pendingReq.getPendingRequestId());
- throw new EaafException("process.02", new Object[] { pendingReq.getPendingRequestId() });
+ throw new EaafException("process.02", null);
}
final String processInstanceId =
diff --git a/eaaf_core/src/main/resources/messages/eaaf_core_messages.properties b/eaaf_core/src/main/resources/messages/eaaf_core_messages.properties
index ff0be478..c5cb1bb1 100644
--- a/eaaf_core/src/main/resources/messages/eaaf_core_messages.properties
+++ b/eaaf_core/src/main/resources/messages/eaaf_core_messages.properties
@@ -5,3 +5,15 @@ builder.30=Decrypted bPK target: {0} does not match to required target: {1}
builder.31=Encrypted bPK has a suspect format and consists of #{0} elements
builder.32=bPK-target format must be full URI
builder.33=bPK caluclation not possible. Reason: {0}
+
+
+
+process.01=Can not execute authentication process
+process.02=Find no applicable authentication process for current state or user-selection.
+process.03=Can not resume the authentication process. Reason: {0}
+process.04=Can not execute authentication process. Problem with an internal state
+
+process.90=Forward to service-provider not possible, because it's not supported.
+
+process.98=Not supported internal state. Reason: {0}
+process.99=Validation of RequestId: {0} FAILED. Reason: {1} \ No newline at end of file