summaryrefslogtreecommitdiff
path: root/eaaf_core/src
diff options
context:
space:
mode:
Diffstat (limited to 'eaaf_core/src')
-rw-r--r--eaaf_core/src/main/java/at/gv/egiz/eaaf/core/impl/idp/auth/services/ProtocolAuthenticationService.java17
-rw-r--r--eaaf_core/src/main/java/at/gv/egiz/eaaf/core/impl/idp/controller/ProtocolFinalizationController.java107
2 files changed, 71 insertions, 53 deletions
diff --git a/eaaf_core/src/main/java/at/gv/egiz/eaaf/core/impl/idp/auth/services/ProtocolAuthenticationService.java b/eaaf_core/src/main/java/at/gv/egiz/eaaf/core/impl/idp/auth/services/ProtocolAuthenticationService.java
index 9b7fcce4..63e84dcb 100644
--- a/eaaf_core/src/main/java/at/gv/egiz/eaaf/core/impl/idp/auth/services/ProtocolAuthenticationService.java
+++ b/eaaf_core/src/main/java/at/gv/egiz/eaaf/core/impl/idp/auth/services/ProtocolAuthenticationService.java
@@ -24,6 +24,7 @@ import at.gv.egiz.eaaf.core.api.IRequest;
import at.gv.egiz.eaaf.core.api.IRequestStorage;
import at.gv.egiz.eaaf.core.api.IStatusMessenger;
import at.gv.egiz.eaaf.core.api.data.EaafConstants;
+import at.gv.egiz.eaaf.core.api.data.ExceptionContainer;
import at.gv.egiz.eaaf.core.api.gui.IGuiBuilderConfiguration;
import at.gv.egiz.eaaf.core.api.gui.IGuiBuilderConfigurationFactory;
import at.gv.egiz.eaaf.core.api.gui.IGuiFormBuilder;
@@ -39,6 +40,7 @@ import at.gv.egiz.eaaf.core.api.idp.auth.services.IProtocolAuthenticationService
import at.gv.egiz.eaaf.core.api.idp.slo.SloInformationInterface;
import at.gv.egiz.eaaf.core.api.logging.IRevisionLogger;
import at.gv.egiz.eaaf.core.api.logging.IStatisticLogger;
+import at.gv.egiz.eaaf.core.api.storage.ITransactionStorage;
import at.gv.egiz.eaaf.core.api.utils.IPendingRequestIdGenerationStrategy;
import at.gv.egiz.eaaf.core.exceptions.AuthnRequestValidatorException;
import at.gv.egiz.eaaf.core.exceptions.EaafAuthenticationException;
@@ -66,6 +68,7 @@ import org.springframework.context.ApplicationContext;
import org.springframework.lang.NonNull;
import org.springframework.lang.Nullable;
import org.springframework.stereotype.Service;
+import org.springframework.util.SerializationUtils;
import javax.annotation.PostConstruct;
import javax.naming.ConfigurationException;
@@ -107,6 +110,12 @@ public class ProtocolAuthenticationService implements IProtocolAuthenticationSer
@Autowired
private IRevisionLogger revisionsLogger;
+ @Autowired(required = true)
+ protected ITransactionStorage transactionStorage;
+
+ @Autowired IPendingRequestIdGenerationStrategy requestIdValidationStragegy;
+
+
private IGuiFormBuilder guiBuilder;
private final HashSet<String> logOnInfoLevel = new HashSet<>();
@@ -229,6 +238,14 @@ public class ProtocolAuthenticationService implements IProtocolAuthenticationSer
displayException(req, resp, errorData);
+ // Put pending request
+ ExceptionContainer exceptionContainer = new ExceptionContainer(protocolRequest, throwable);
+ byte[] serialized = SerializationUtils.serialize(exceptionContainer);
+// transactionStorage.put(req.getParameter(EaafConstants.PARAM_HTTP_ERROR_CODE), serialized, -1);
+ String errorId = requestIdValidationStragegy.validateAndGetPendingRequestId(req.getParameter(EaafConstants.PARAM_HTTP_ERROR_CODE));
+ transactionStorage.put(errorId, serialized, -1);
+
+
// log Error to technical log
logExceptionToTechnicalLog(errorData);
diff --git a/eaaf_core/src/main/java/at/gv/egiz/eaaf/core/impl/idp/controller/ProtocolFinalizationController.java b/eaaf_core/src/main/java/at/gv/egiz/eaaf/core/impl/idp/controller/ProtocolFinalizationController.java
index f0be9a5e..37aab8df 100644
--- a/eaaf_core/src/main/java/at/gv/egiz/eaaf/core/impl/idp/controller/ProtocolFinalizationController.java
+++ b/eaaf_core/src/main/java/at/gv/egiz/eaaf/core/impl/idp/controller/ProtocolFinalizationController.java
@@ -15,7 +15,7 @@
* This product combines work with different licenses. See the "NOTICE" text file for details on the
* various modules and licenses. The "NOTICE" text file is part of the distribution. Any derivative
* works that you distribute must include a readable copy of the "NOTICE" text file.
-*/
+ */
package at.gv.egiz.eaaf.core.impl.idp.controller;
@@ -25,6 +25,7 @@ import at.gv.egiz.eaaf.core.api.IRequestStorage;
import at.gv.egiz.eaaf.core.api.IStatusMessenger;
import at.gv.egiz.eaaf.core.api.data.EaafConstants;
import at.gv.egiz.eaaf.core.api.data.ExceptionContainer;
+import at.gv.egiz.eaaf.core.api.idp.IModulInfo;
import at.gv.egiz.eaaf.core.api.utils.IPendingRequestIdGenerationStrategy;
import at.gv.egiz.eaaf.core.exceptions.EaafException;
import at.gv.egiz.eaaf.core.impl.utils.TransactionIdUtils;
@@ -45,7 +46,6 @@ import java.io.IOException;
* Protocol finialization end-point.
*
* @author tlenz
- *
*/
@Controller
public class ProtocolFinalizationController extends AbstractController {
@@ -56,14 +56,14 @@ public class ProtocolFinalizationController extends AbstractController {
@Autowired(required = true)
IRequestStorage requestStorage;
- @Autowired IPendingRequestIdGenerationStrategy requestIdValidationStragegy;
+ @Autowired
+ IPendingRequestIdGenerationStrategy requestIdValidationStragegy;
- @RequestMapping(value = ENDPOINT_ERROR_REDIRECT, method = { RequestMethod.GET, RequestMethod.POST })
+ @RequestMapping(value = ENDPOINT_ERROR_REDIRECT, method = {RequestMethod.GET, RequestMethod.POST})
public void errorRedirect(final HttpServletRequest req, final HttpServletResponse resp)
throws EaafException, IOException {
- final String errorToken =
- StringEscapeUtils.escapeHtml4(req.getParameter(EaafConstants.PARAM_HTTP_ERROR_CODE));
+ final String errorToken = StringEscapeUtils.escapeHtml4(req.getParameter(EaafConstants.PARAM_HTTP_ERROR_CODE));
if (errorToken != null) {
IRequest pendingReq = null;
try {
@@ -89,29 +89,34 @@ public class ProtocolFinalizationController extends AbstractController {
pendingReq = container.getPendingRequest();
if (pendingReq != null) {
+ //TODO finish
+ final Class<?> clazz = Class.forName(pendingReq.requestedModule());
+
+ if (clazz == null || !IModulInfo.class.isAssignableFrom(clazz)) {
+ log.error("Requested protocol module Class is NULL or does not implement the IModulInfo interface.");
+ throw new ClassCastException(
+ "Requested protocol module Class is NULL or does not implement the IModulInfo interface.");
+
+ }
+ final IModulInfo handlingModule = (IModulInfo) applicationContext.getBean(clazz);
+
+ handlingModule.generateErrorMessage(throwable, req, resp, pendingReq);
}
}
}
- } catch (Exception e) {
+ } catch (Throwable e) {
+ log.error(e.getMessage(), e);
+ protAuthService.handleErrorNoRedirect(e, req, resp, false);
+ } finally {
+ // remove pending-request
+ if (pendingReq != null) {
+ requestStorage.removePendingRequest(pendingReq.getPendingRequestId());
+ revisionsLogger.logEvent(EventConstants.TRANSACTION_DESTROYED, pendingReq.getUniqueTransactionIdentifier());
+
+ }
}
}
-
- //TODO finish
-// final Class<?> clazz = Class.forName(req.requestedModule());
-//
-// if (clazz == null || !IModulInfo.class.isAssignableFrom(clazz)) {
-// log.error(
-// "Requested protocol module Class is NULL or does not implement the IModulInfo interface.");
-// throw new ClassCastException(
-// "Requested protocol module Class is NULL or does not implement the IModulInfo interface.");
-//
-// }
-//
-// final IModulInfo handlingModule = (IModulInfo) applicationContext.getBean(clazz);
-//
-// handlingModule.generateErrorMessage(throwable, req, resp, protocolRequest);
-
}
/**
@@ -123,32 +128,30 @@ public class ProtocolFinalizationController extends AbstractController {
* @throws IOException In case of a servlet error
*/
// TODO reuse for the redirection to SP or own enpoint
- @RequestMapping(value = ENDPOINT_ERRORHANDLING, method = { RequestMethod.GET, RequestMethod.POST })
+ @RequestMapping(value = ENDPOINT_ERRORHANDLING, method = {RequestMethod.GET, RequestMethod.POST})
public void errorHandling(final HttpServletRequest req, final HttpServletResponse resp)
throws EaafException, IOException {
// receive an authentication error
- final String errorToken =
- StringEscapeUtils.escapeHtml4(req.getParameter(EaafConstants.PARAM_HTTP_ERROR_CODE));
+ final String errorToken = StringEscapeUtils.escapeHtml4(req.getParameter(EaafConstants.PARAM_HTTP_ERROR_CODE));
if (errorToken != null) {
IRequest pendingReq = null;
- try {
- String errorId = requestIdValidationStragegy.validateAndGetPendingRequestId(errorToken);
+ try {
+ String errorId = requestIdValidationStragegy.validateAndGetPendingRequestId(errorToken);
log.debug("Searching exception with internal error-token: {}", errorId);
-
+
// load stored exception from database
- final byte[] containerSerialized =
- transactionStorage.get(errorId, byte[].class);
+ final byte[] containerSerialized = transactionStorage.get(errorId, byte[].class);
if (containerSerialized != null) {
// remove exception if it was found
transactionStorage.remove(errorId);
log.trace("Find exception with internal error-token: {}", errorId);
-
+
//final Object containerObj = EaafSerializationUtils.deserialize(containerSerialized,
// Arrays.asList(
// ExceptionContainer.class.getName()
// ));
final Object containerObj = SerializationUtils.deserialize(containerSerialized);
-
+
if (containerObj instanceof ExceptionContainer) {
final ExceptionContainer container = (ExceptionContainer) containerObj;
final Throwable throwable = container.getExceptionThrown();
@@ -157,7 +160,7 @@ public class ProtocolFinalizationController extends AbstractController {
if (pendingReq != null) {
//set MDC variables
TransactionIdUtils.setAllLoggingVariables(pendingReq);
-
+
// build protocol-specific error message if possible
protAuthService.buildProtocolSpecificErrorResponse(throwable, req, resp, pendingReq);
@@ -170,17 +173,17 @@ public class ProtocolFinalizationController extends AbstractController {
}
} else {
- protAuthService.handleErrorNoRedirect(
- new EaafException(IStatusMessenger.CODES_INTERNAL_ERROR_GENERIC, null),
- req, resp, false);
+ protAuthService
+ .handleErrorNoRedirect(new EaafException(IStatusMessenger.CODES_INTERNAL_ERROR_GENERIC, null), req,
+ resp, false);
}
} else {
log.info("Find no exception with internal error-token: {}", errorId);
- protAuthService.handleErrorNoRedirect(
- new EaafException(IStatusMessenger.CODES_INTERNAL_ERROR_AUTH_NOPENDIGREQID, null),
- req, resp, false);
+ protAuthService
+ .handleErrorNoRedirect(new EaafException(IStatusMessenger.CODES_INTERNAL_ERROR_AUTH_NOPENDIGREQID, null),
+ req, resp, false);
}
@@ -192,11 +195,10 @@ public class ProtocolFinalizationController extends AbstractController {
// remove pending-request
if (pendingReq != null) {
requestStorage.removePendingRequest(pendingReq.getPendingRequestId());
- revisionsLogger.logEvent(EventConstants.TRANSACTION_DESTROYED,
- pendingReq.getUniqueTransactionIdentifier());
+ revisionsLogger.logEvent(EventConstants.TRANSACTION_DESTROYED, pendingReq.getUniqueTransactionIdentifier());
}
-
+
//remove all Logger variables
TransactionIdUtils.removeAllLoggingVariables();
@@ -204,9 +206,9 @@ public class ProtocolFinalizationController extends AbstractController {
} else {
log.debug("Request contains NO ErrorId");
- protAuthService.handleErrorNoRedirect(
- new EaafException(IStatusMessenger.CODES_INTERNAL_ERROR_AUTH_NOPENDIGREQID, null), req,
- resp, false);
+ protAuthService
+ .handleErrorNoRedirect(new EaafException(IStatusMessenger.CODES_INTERNAL_ERROR_AUTH_NOPENDIGREQID, null), req,
+ resp, false);
}
@@ -220,7 +222,7 @@ public class ProtocolFinalizationController extends AbstractController {
* @throws EaafException In case of an internal error
* @throws IOException In case of a servlet error
*/
- @RequestMapping(value = ENDPOINT_FINALIZEPROTOCOL, method = { RequestMethod.GET })
+ @RequestMapping(value = ENDPOINT_FINALIZEPROTOCOL, method = {RequestMethod.GET})
public void finalizeAuthProtocol(final HttpServletRequest req, final HttpServletResponse resp)
throws EaafException, IOException {
@@ -232,19 +234,18 @@ public class ProtocolFinalizationController extends AbstractController {
if (pendingReq == null) {
log.error("No PendingRequest with ID " + pendingRequestID + " found.!");
protAuthService.handleErrorNoRedirect(
- new EaafException(IStatusMessenger.CODES_INTERNAL_ERROR_AUTH_TIMEOUT,
- new Object[] { pendingRequestID, }),
- req, resp, false);
+ new EaafException(IStatusMessenger.CODES_INTERNAL_ERROR_AUTH_TIMEOUT, new Object[]{pendingRequestID,}), req,
+ resp, false);
} else {
//set MDC variables
TransactionIdUtils.setAllLoggingVariables(pendingReq);
-
+
//perform protocol finalization steps
protAuthService.finalizeAuthentication(req, resp, pendingReq);
-
+
}
-
+
}
}