summaryrefslogtreecommitdiff
path: root/eaaf_core/src
diff options
context:
space:
mode:
Diffstat (limited to 'eaaf_core/src')
-rw-r--r--eaaf_core/src/main/java/at/gv/egiz/eaaf/core/impl/idp/auth/RequestStorage.java9
-rw-r--r--eaaf_core/src/main/java/at/gv/egiz/eaaf/core/impl/idp/auth/services/ProtocolAuthenticationService.java176
-rw-r--r--eaaf_core/src/main/java/at/gv/egiz/eaaf/core/impl/idp/builder/attributes/PiiTransactionIdAttributeBuilder.java37
-rw-r--r--eaaf_core/src/main/java/at/gv/egiz/eaaf/core/impl/idp/builder/attributes/SpUsesMandates.java4
-rw-r--r--eaaf_core/src/main/java/at/gv/egiz/eaaf/core/impl/idp/builder/attributes/TransactionIdAttributeBuilder.java33
-rw-r--r--eaaf_core/src/main/java/at/gv/egiz/eaaf/core/impl/idp/controller/AbstractController.java42
-rw-r--r--eaaf_core/src/main/java/at/gv/egiz/eaaf/core/impl/idp/controller/AbstractProcessEngineSignalController.java4
-rw-r--r--eaaf_core/src/main/java/at/gv/egiz/eaaf/core/impl/idp/controller/ProtocolFinalizationController.java76
-rw-r--r--eaaf_core/src/main/resources/META-INF/services/at.gv.egiz.eaaf.core.api.idp.IAttributeBuilder4
-rw-r--r--eaaf_core/src/test/java/at/gv/egiz/eaaf/core/impl/idp/auth/attributes/PiiTransactionIdAttributeBuilderTest.java64
-rw-r--r--eaaf_core/src/test/java/at/gv/egiz/eaaf/core/impl/idp/auth/attributes/TransactionIdAttributeBuilderTest.java60
11 files changed, 390 insertions, 119 deletions
diff --git a/eaaf_core/src/main/java/at/gv/egiz/eaaf/core/impl/idp/auth/RequestStorage.java b/eaaf_core/src/main/java/at/gv/egiz/eaaf/core/impl/idp/auth/RequestStorage.java
index 48c9d1bd..86c50be0 100644
--- a/eaaf_core/src/main/java/at/gv/egiz/eaaf/core/impl/idp/auth/RequestStorage.java
+++ b/eaaf_core/src/main/java/at/gv/egiz/eaaf/core/impl/idp/auth/RequestStorage.java
@@ -69,10 +69,17 @@ public class RequestStorage implements IRequestStorage {
// search invalid pending-request for errorHandling
IRequest invalidPendingRequest = null;
- try {
+ try {
if (StringUtils.isNotEmpty(e.getInvalidInternalPendingReqId())) {
+ log.debug("Searching for expired pendingRequest with Id: {} ... ", e.getInvalidInternalPendingReqId());
invalidPendingRequest =
transactionStorage.get(e.getInvalidInternalPendingReqId(), IRequest.class);
+ log.debug("{} expired pendingReq. Set it into Exception ...",
+ invalidPendingRequest != null ? "Find" : "Find NO ");
+
+ } else {
+ log.debug("Get no internal pendingRequestId. Expired pendingRequest can not be set");
+
}
} catch (final EaafException e1) {
diff --git a/eaaf_core/src/main/java/at/gv/egiz/eaaf/core/impl/idp/auth/services/ProtocolAuthenticationService.java b/eaaf_core/src/main/java/at/gv/egiz/eaaf/core/impl/idp/auth/services/ProtocolAuthenticationService.java
index 72fa1faf..50bf76db 100644
--- a/eaaf_core/src/main/java/at/gv/egiz/eaaf/core/impl/idp/auth/services/ProtocolAuthenticationService.java
+++ b/eaaf_core/src/main/java/at/gv/egiz/eaaf/core/impl/idp/auth/services/ProtocolAuthenticationService.java
@@ -22,13 +22,24 @@ package at.gv.egiz.eaaf.core.impl.idp.auth.services;
import java.io.IOException;
import java.io.PrintWriter;
import java.io.StringWriter;
-import java.util.Arrays;
-import java.util.List;
+import java.util.HashSet;
+import javax.annotation.PostConstruct;
import javax.naming.ConfigurationException;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
+import org.apache.commons.lang3.ArrayUtils;
+import org.apache.commons.lang3.StringUtils;
+import org.apache.commons.text.StringEscapeUtils;
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
+import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.context.ApplicationContext;
+import org.springframework.lang.NonNull;
+import org.springframework.lang.Nullable;
+import org.springframework.stereotype.Service;
+
import at.gv.egiz.components.eventlog.api.EventConstants;
import at.gv.egiz.eaaf.core.api.IRequest;
import at.gv.egiz.eaaf.core.api.IRequestStorage;
@@ -41,6 +52,7 @@ import at.gv.egiz.eaaf.core.api.gui.ModifyableGuiBuilderConfiguration;
import at.gv.egiz.eaaf.core.api.idp.IAction;
import at.gv.egiz.eaaf.core.api.idp.IAuthData;
import at.gv.egiz.eaaf.core.api.idp.IAuthenticationDataBuilder;
+import at.gv.egiz.eaaf.core.api.idp.IConfiguration;
import at.gv.egiz.eaaf.core.api.idp.IModulInfo;
import at.gv.egiz.eaaf.core.api.idp.ISpConfiguration;
import at.gv.egiz.eaaf.core.api.idp.auth.IAuthenticationManager;
@@ -58,30 +70,22 @@ import at.gv.egiz.eaaf.core.exceptions.GuiBuildException;
import at.gv.egiz.eaaf.core.exceptions.InvalidProtocolRequestException;
import at.gv.egiz.eaaf.core.exceptions.ProcessExecutionException;
import at.gv.egiz.eaaf.core.exceptions.ProtocolNotActiveException;
+import at.gv.egiz.eaaf.core.exceptions.TaskExecutionException;
import at.gv.egiz.eaaf.core.impl.data.Pair;
import at.gv.egiz.eaaf.core.impl.gui.AbstractGuiFormBuilderConfiguration;
import at.gv.egiz.eaaf.core.impl.http.HttpUtils;
import at.gv.egiz.eaaf.core.impl.idp.controller.ProtocolFinalizationController;
import at.gv.egiz.eaaf.core.impl.idp.controller.protocols.RequestImpl;
+import at.gv.egiz.eaaf.core.impl.utils.KeyValueUtils;
import at.gv.egiz.eaaf.core.impl.utils.ServletUtils;
-import org.apache.commons.lang3.ArrayUtils;
-import org.apache.commons.lang3.StringUtils;
-import org.apache.commons.text.StringEscapeUtils;
-import org.slf4j.Logger;
-import org.slf4j.LoggerFactory;
-import org.springframework.beans.factory.annotation.Autowired;
-import org.springframework.context.ApplicationContext;
-import org.springframework.lang.NonNull;
-import org.springframework.lang.Nullable;
-import org.springframework.stereotype.Service;
-
@Service
public class ProtocolAuthenticationService implements IProtocolAuthenticationService {
private static final Logger log = LoggerFactory.getLogger(ProtocolAuthenticationService.class);
- private static final List<String> ERROR_LOGGER_ON_INFO_LEVEL =
- Arrays.asList(IStatusMessenger.CODES_INTERNAL_ERROR_AUTH_USERSTOP);
+ private static final String CONFIG_PROP_LOGGER_ON_INFO_LEVEL =
+ "core.logging.level.info.errorcodes";
+ private static final String TECH_LOG_MSG = "errorCode={} Message={}";
@Autowired(required = true)
private ApplicationContext applicationContext;
@@ -97,6 +101,7 @@ public class ProtocolAuthenticationService implements IProtocolAuthenticationSer
private IRequestStorage requestStorage;
@Autowired(required = true)
IPendingRequestIdGenerationStrategy pendingReqIdGenerationStrategy;
+ @Autowired private IConfiguration basicConfig;
@Autowired(required = false)
private ISsoManager ssoManager;
@@ -107,6 +112,8 @@ public class ProtocolAuthenticationService implements IProtocolAuthenticationSer
private IGuiFormBuilder guiBuilder;
+ private final HashSet<String> logOnInfoLevel = new HashSet<>();
+
/*
* (non-Javadoc)
*
@@ -170,7 +177,7 @@ public class ProtocolAuthenticationService implements IProtocolAuthenticationSer
@Override
public void finalizeAuthentication(final HttpServletRequest req, final HttpServletResponse resp,
final IRequest pendingReq) throws EaafException, IOException {
- log.debug("Finalize PendingRequest with ID " + pendingReq.getPendingRequestId());
+ log.debug("Finalize PendingRequest with ID={} ", pendingReq.getPendingRequestId());
try {
// check if pending-request has 'abortedByUser' flag set
@@ -204,7 +211,7 @@ public class ProtocolAuthenticationService implements IProtocolAuthenticationSer
}
} catch (final Exception e) {
- log.error("Finalize authentication protocol FAILED.", e);
+ log.info("Finalize authentication protocol FAILED. Reason: {}", e.getMessage());
buildProtocolSpecificErrorResponse(e, req, resp, pendingReq);
} finally {
@@ -227,7 +234,7 @@ public class ProtocolAuthenticationService implements IProtocolAuthenticationSer
if (clazz == null || !IModulInfo.class.isAssignableFrom(clazz)) {
log.error(
"Requested protocol module Class is NULL or does not implement the IModulInfo interface.");
- throw new Exception(
+ throw new ClassCastException(
"Requested protocol module Class is NULL or does not implement the IModulInfo interface.");
}
@@ -246,8 +253,6 @@ public class ProtocolAuthenticationService implements IProtocolAuthenticationSer
revisionsLogger.logEvent(protocolRequest, EventConstants.TRANSACTION_ERROR,
protocolRequest.getUniqueTransactionIdentifier());
- return;
-
} else {
handleErrorNoRedirect(throwable, req, resp, true);
@@ -302,31 +307,11 @@ public class ProtocolAuthenticationService implements IProtocolAuthenticationSer
resp.setContentType("text/html");
resp.setStatus(302);
resp.addHeader("Location", redirectUrl);
- log.debug("REDIRECT TO: " + redirectUrl);
+ log.debug("REDIRECT TO: {}", redirectUrl);
}
}
- private IGuiBuilderConfiguration evaluateRequiredErrorHandlingMethod(IRequest first, String errorId) {
- if (first != null && first.isProcessInIframe()) {
- return guiConfigFactory.getDefaultIFrameParentHopGui(first,
- "/" + ProtocolFinalizationController.ENDPOINT_ERRORHANDLING,
- errorId);
-
- }
-
- return null;
- }
-
- private String generateErrorRedirectUrl(final HttpServletRequest req, String errorKey) {
- String redirectUrl = null;
- redirectUrl = ServletUtils.getBaseUrl(req);
- redirectUrl += "/" + ProtocolFinalizationController.ENDPOINT_ERRORHANDLING + "?"
- + EaafConstants.PARAM_HTTP_ERROR_CODE + "=" + errorKey;
- return redirectUrl;
-
- }
-
public void setGuiBuilder(final IGuiFormBuilder guiBuilder) {
this.guiBuilder = guiBuilder;
}
@@ -391,6 +376,51 @@ public class ProtocolAuthenticationService implements IProtocolAuthenticationSer
}
/**
+ * Write a Exception to the MOA-ID-Auth internal technical log.
+ *
+ * @param loggedException Exception to log
+ */
+ protected void logExceptionToTechnicalLog(final Throwable loggedException) {
+ // In case of a TaskExecutionException, which is only a container for process-errors,
+ // extract internal exception
+ Throwable toLog;
+ if (loggedException instanceof TaskExecutionException
+ && ((TaskExecutionException)loggedException).getOriginalException() != null) {
+ toLog = ((TaskExecutionException)loggedException).getOriginalException();
+
+ } else {
+ toLog = loggedException;
+
+ }
+
+ // Log exception
+ if (!(toLog instanceof EaafException)) {
+ log.error(TECH_LOG_MSG, IStatusMessenger.CODES_INTERNAL_ERROR_GENERIC,
+ toLog.getMessage(), toLog);
+
+ } else {
+ if (logOnInfoLevel.contains(((EaafException) toLog).getErrorId())) {
+ log.info(TECH_LOG_MSG, ((EaafException) toLog).getErrorId(),
+ toLog.getMessage(), toLog);
+
+ } else {
+ log.warn(TECH_LOG_MSG, ((EaafException) toLog).getErrorId(),
+ toLog.getMessage(), toLog);
+
+ }
+ }
+ }
+
+ @PostConstruct
+ private void initializer() {
+ log.trace("Initializing {} ...", ProtocolAuthenticationService.class.getName());
+ logOnInfoLevel.addAll(KeyValueUtils.getListOfCsvValues(
+ basicConfig.getBasicConfiguration(CONFIG_PROP_LOGGER_ON_INFO_LEVEL)));
+ log.info("Set errorCodes={} to LogLevel:INFO", String.join(",", logOnInfoLevel));
+
+ }
+
+ /**
* Executes the requested protocol action.
*
* @param httpReq HttpServletRequest
@@ -411,7 +441,7 @@ public class ProtocolAuthenticationService implements IProtocolAuthenticationSer
if (clazz == null || !IAction.class.isAssignableFrom(clazz)) {
log.error(
"Requested protocol-action processing Class is NULL or does not implement the IAction interface.");
- throw new Exception(
+ throw new ClassCastException(
"Requested protocol-action processing Class is NULL or does not implement the IAction interface.");
}
@@ -422,50 +452,16 @@ public class ProtocolAuthenticationService implements IProtocolAuthenticationSer
} catch (final ClassNotFoundException e) {
log.error(
"Requested Auth. protocol processing Class is NULL or does not implement the IAction interface.");
- throw new Exception(
- "Requested Auth. protocol processing Class is NULL or does not implement the IAction interface.");
+ throw new ClassNotFoundException(
+ "Requested Auth. protocol processing Class is NULL or does not implement the IAction interface.", e);
}
}
- /**
- * Write a Exception to the MOA-ID-Auth internal technical log.
- *
- * @param loggedException Exception to log
- */
- protected void logExceptionToTechnicalLog(final Throwable loggedException) {
- if (!(loggedException instanceof EaafException
- || loggedException instanceof ProcessExecutionException)) {
- log.error("Receive an internal error: Message=" + loggedException.getMessage(),
- loggedException);
-
- } else {
- if (loggedException instanceof EaafAuthenticationException && ERROR_LOGGER_ON_INFO_LEVEL
- .contains(((EaafAuthenticationException) loggedException).getErrorId())) {
- if (log.isDebugEnabled() || log.isTraceEnabled()) {
- log.info(loggedException.getMessage(), loggedException);
-
- } else {
- log.info(loggedException.getMessage());
-
- }
-
- } else {
- if (log.isDebugEnabled() || log.isTraceEnabled()) {
- log.warn(loggedException.getMessage(), loggedException);
-
- } else {
- log.warn(loggedException.getMessage());
-
- }
- }
- }
- }
-
private void writeHtmlErrorResponse(@NonNull final HttpServletRequest httpReq,
@NonNull final HttpServletResponse httpResp, @NonNull final String msg,
@NonNull final String errorCode, @Nullable final Object[] params,
- @NonNull final Exception error) throws IOException, EaafException {
+ @NonNull final Exception error) throws EaafException {
try {
final IGuiBuilderConfiguration config =
@@ -543,13 +539,11 @@ public class ProtocolAuthenticationService implements IProtocolAuthenticationSer
}
// write error message
- // writeBadRequestErrorResponse(req, resp, (EAAFException) e);
writeHtmlErrorResponse(req, resp, e.getMessage(), statusMessager.getResponseErrorCode(e),
null, e);
} else if (e instanceof InvalidProtocolRequestException) {
// send error response
- // writeBadRequestErrorResponse(req, resp, (EAAFException) e);
writeHtmlErrorResponse(req, resp, e.getMessage(), statusMessager.getResponseErrorCode(e),
null, e);
@@ -572,4 +566,24 @@ public class ProtocolAuthenticationService implements IProtocolAuthenticationSer
}
+ private IGuiBuilderConfiguration evaluateRequiredErrorHandlingMethod(IRequest first, String errorId) {
+ if (first != null && first.isProcessInIframe()) {
+ return guiConfigFactory.getDefaultIFrameParentHopGui(first,
+ "/" + ProtocolFinalizationController.ENDPOINT_ERRORHANDLING,
+ errorId);
+
+ }
+
+ return null;
+ }
+
+ private String generateErrorRedirectUrl(final HttpServletRequest req, String errorKey) {
+ String redirectUrl = null;
+ redirectUrl = ServletUtils.getBaseUrl(req);
+ redirectUrl += "/" + ProtocolFinalizationController.ENDPOINT_ERRORHANDLING + "?"
+ + EaafConstants.PARAM_HTTP_ERROR_CODE + "=" + errorKey;
+ return redirectUrl;
+
+ }
+
}
diff --git a/eaaf_core/src/main/java/at/gv/egiz/eaaf/core/impl/idp/builder/attributes/PiiTransactionIdAttributeBuilder.java b/eaaf_core/src/main/java/at/gv/egiz/eaaf/core/impl/idp/builder/attributes/PiiTransactionIdAttributeBuilder.java
new file mode 100644
index 00000000..08911ac7
--- /dev/null
+++ b/eaaf_core/src/main/java/at/gv/egiz/eaaf/core/impl/idp/builder/attributes/PiiTransactionIdAttributeBuilder.java
@@ -0,0 +1,37 @@
+package at.gv.egiz.eaaf.core.impl.idp.builder.attributes;
+
+import at.gv.egiz.eaaf.core.api.data.ExtendedPvpAttributeDefinitions;
+import at.gv.egiz.eaaf.core.api.idp.IAttributeBuilder;
+import at.gv.egiz.eaaf.core.api.idp.IAttributeGenerator;
+import at.gv.egiz.eaaf.core.api.idp.IAuthData;
+import at.gv.egiz.eaaf.core.api.idp.ISpConfiguration;
+import at.gv.egiz.eaaf.core.exceptions.AttributeBuilderException;
+import lombok.extern.slf4j.Slf4j;
+
+@Slf4j
+public class PiiTransactionIdAttributeBuilder implements IAttributeBuilder, ExtendedPvpAttributeDefinitions {
+
+ @Override
+ public String getName() {
+ return EID_PII_TRANSACTION_ID_NAME;
+
+ }
+
+ @Override
+ public <ATT> ATT build(ISpConfiguration oaParam, IAuthData authData, IAttributeGenerator<ATT> g)
+ throws AttributeBuilderException {
+ String piiTransactionId = authData.getGenericData(EID_PII_TRANSACTION_ID_NAME, String.class);
+ log.trace("{} piiTransactionId: {} as attribute",
+ piiTransactionId != null ? "Set" : "Notset", log.isTraceEnabled() ? piiTransactionId : "********");
+ return g.buildStringAttribute(EID_PII_TRANSACTION_ID_FRIENDLY_NAME, EID_PII_TRANSACTION_ID_NAME,
+ piiTransactionId);
+
+ }
+
+ @Override
+ public <ATT> ATT buildEmpty(IAttributeGenerator<ATT> g) {
+ return g.buildEmptyAttribute(EID_PII_TRANSACTION_ID_FRIENDLY_NAME, EID_PII_TRANSACTION_ID_NAME);
+
+ }
+
+}
diff --git a/eaaf_core/src/main/java/at/gv/egiz/eaaf/core/impl/idp/builder/attributes/SpUsesMandates.java b/eaaf_core/src/main/java/at/gv/egiz/eaaf/core/impl/idp/builder/attributes/SpUsesMandates.java
index 44ff4e50..924e2a9f 100644
--- a/eaaf_core/src/main/java/at/gv/egiz/eaaf/core/impl/idp/builder/attributes/SpUsesMandates.java
+++ b/eaaf_core/src/main/java/at/gv/egiz/eaaf/core/impl/idp/builder/attributes/SpUsesMandates.java
@@ -30,7 +30,7 @@ public class SpUsesMandates implements IAttributeBuilder, ExtendedPvpAttributeDe
@Override
public String getName() {
- return SP_USESMANDATES_NAME;
+ return SP_USED_MANDATE_PROFILES_NAME;
}
@Override
@@ -44,7 +44,7 @@ public class SpUsesMandates implements IAttributeBuilder, ExtendedPvpAttributeDe
@Override
public <ATT> ATT buildEmpty(final IAttributeGenerator<ATT> g) {
- return g.buildEmptyAttribute(SP_USESMANDATES_FRIENDLY_NAME, SP_USESMANDATES_NAME);
+ return g.buildEmptyAttribute(SP_USED_MANDATE_PROFILES_FRIENDLY_NAME, SP_USED_MANDATE_PROFILES_NAME);
}
diff --git a/eaaf_core/src/main/java/at/gv/egiz/eaaf/core/impl/idp/builder/attributes/TransactionIdAttributeBuilder.java b/eaaf_core/src/main/java/at/gv/egiz/eaaf/core/impl/idp/builder/attributes/TransactionIdAttributeBuilder.java
new file mode 100644
index 00000000..17b830dc
--- /dev/null
+++ b/eaaf_core/src/main/java/at/gv/egiz/eaaf/core/impl/idp/builder/attributes/TransactionIdAttributeBuilder.java
@@ -0,0 +1,33 @@
+package at.gv.egiz.eaaf.core.impl.idp.builder.attributes;
+
+import at.gv.egiz.eaaf.core.api.data.ExtendedPvpAttributeDefinitions;
+import at.gv.egiz.eaaf.core.api.idp.IAttributeBuilder;
+import at.gv.egiz.eaaf.core.api.idp.IAttributeGenerator;
+import at.gv.egiz.eaaf.core.api.idp.IAuthData;
+import at.gv.egiz.eaaf.core.api.idp.ISpConfiguration;
+import at.gv.egiz.eaaf.core.exceptions.AttributeBuilderException;
+import at.gv.egiz.eaaf.core.impl.utils.TransactionIdUtils;
+
+public class TransactionIdAttributeBuilder implements IAttributeBuilder, ExtendedPvpAttributeDefinitions {
+
+ @Override
+ public String getName() {
+ return EID_TRANSACTION_ID_NAME;
+
+ }
+
+ @Override
+ public <ATT> ATT build(ISpConfiguration oaParam, IAuthData authData, IAttributeGenerator<ATT> g)
+ throws AttributeBuilderException {
+ return g.buildStringAttribute(EID_TRANSACTION_ID_FRIENDLY_NAME, EID_TRANSACTION_ID_NAME,
+ TransactionIdUtils.getTransactionId());
+
+ }
+
+ @Override
+ public <ATT> ATT buildEmpty(IAttributeGenerator<ATT> g) {
+ return g.buildEmptyAttribute(EID_TRANSACTION_ID_FRIENDLY_NAME, EID_TRANSACTION_ID_NAME);
+
+ }
+
+}
diff --git a/eaaf_core/src/main/java/at/gv/egiz/eaaf/core/impl/idp/controller/AbstractController.java b/eaaf_core/src/main/java/at/gv/egiz/eaaf/core/impl/idp/controller/AbstractController.java
index e9687833..0479a8c5 100644
--- a/eaaf_core/src/main/java/at/gv/egiz/eaaf/core/impl/idp/controller/AbstractController.java
+++ b/eaaf_core/src/main/java/at/gv/egiz/eaaf/core/impl/idp/controller/AbstractController.java
@@ -26,6 +26,14 @@ import javax.annotation.Nullable;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
+import org.apache.commons.text.StringEscapeUtils;
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
+import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.context.ApplicationContext;
+import org.springframework.util.SerializationUtils;
+import org.springframework.web.bind.annotation.ExceptionHandler;
+
import at.gv.egiz.components.eventlog.api.EventConstants;
import at.gv.egiz.eaaf.core.api.IRequest;
import at.gv.egiz.eaaf.core.api.IStatusMessenger;
@@ -35,19 +43,12 @@ import at.gv.egiz.eaaf.core.api.idp.IConfigurationWithSP;
import at.gv.egiz.eaaf.core.api.idp.auth.services.IProtocolAuthenticationService;
import at.gv.egiz.eaaf.core.api.logging.IRevisionLogger;
import at.gv.egiz.eaaf.core.api.storage.ITransactionStorage;
+import at.gv.egiz.eaaf.core.api.utils.IPendingRequestIdGenerationStrategy;
import at.gv.egiz.eaaf.core.exceptions.EaafException;
import at.gv.egiz.eaaf.core.exceptions.PendingReqIdValidationException;
import at.gv.egiz.eaaf.core.exceptions.ProcessExecutionException;
import at.gv.egiz.eaaf.core.exceptions.TaskExecutionException;
import at.gv.egiz.eaaf.core.impl.data.Pair;
-import at.gv.egiz.eaaf.core.impl.utils.Random;
-
-import org.apache.commons.text.StringEscapeUtils;
-import org.slf4j.Logger;
-import org.slf4j.LoggerFactory;
-import org.springframework.beans.factory.annotation.Autowired;
-import org.springframework.context.ApplicationContext;
-import org.springframework.web.bind.annotation.ExceptionHandler;
/**
* Basic application controller that implements core error-handling.
@@ -73,6 +74,9 @@ public abstract class AbstractController {
@Autowired
protected IRevisionLogger revisionsLogger;
+ @Autowired
+ protected IPendingRequestIdGenerationStrategy reqIdGenerationStrategy;
+
/**
* EAAF framework exception handler.
*
@@ -167,18 +171,30 @@ public abstract class AbstractController {
}
// put exception into transaction store for redirect
- final String errorKey = Random.nextLongRandom();
+ final String errorToken = reqIdGenerationStrategy.generateExternalPendingRequestId();
+ final String errorKey = reqIdGenerationStrategy.getPendingRequestIdWithOutChecks(errorToken);
+
if (errorToHandle.getFirst() != null) {
revisionsLogger.logEvent(errorToHandle.getFirst(), EventConstants.TRANSACTION_ERROR);
- transactionStorage.put(errorKey, new ExceptionContainer(errorToHandle.getFirst(), errorToHandle
- .getSecond()), -1);
+
+ log.trace("Serializing {} ... ", ExceptionContainer.class.getName());
+ final byte[] serializedError = SerializationUtils.serialize(
+ new ExceptionContainer(errorToHandle.getFirst(), errorToHandle.getSecond()));
+
+ log.debug("Put 'ExceptionContainer' into cache with id: {}... ", errorKey);
+ transactionStorage.put(errorKey, serializedError, -1);
} else {
- transactionStorage.put(errorKey, new ExceptionContainer(null, errorToHandle.getSecond()), -1);
+ log.trace("Serializing {} ... ", ExceptionContainer.class.getName());
+ final byte[] serializedError = SerializationUtils.serialize(
+ new ExceptionContainer(null, errorToHandle.getSecond()));
+
+ log.trace("Put 'ExceptionContainer' into cache with id: {}... ",errorKey);
+ transactionStorage.put(errorKey, serializedError, -1);
}
- return errorKey;
+ return errorToken;
}
diff --git a/eaaf_core/src/main/java/at/gv/egiz/eaaf/core/impl/idp/controller/AbstractProcessEngineSignalController.java b/eaaf_core/src/main/java/at/gv/egiz/eaaf/core/impl/idp/controller/AbstractProcessEngineSignalController.java
index 098bca4c..2ce728c1 100644
--- a/eaaf_core/src/main/java/at/gv/egiz/eaaf/core/impl/idp/controller/AbstractProcessEngineSignalController.java
+++ b/eaaf_core/src/main/java/at/gv/egiz/eaaf/core/impl/idp/controller/AbstractProcessEngineSignalController.java
@@ -36,6 +36,7 @@ import at.gv.egiz.eaaf.core.api.data.EaafConstants;
import at.gv.egiz.eaaf.core.api.idp.process.ProcessEngine;
import at.gv.egiz.eaaf.core.exceptions.EaafException;
import at.gv.egiz.eaaf.core.exceptions.EaafIllegalStateException;
+import at.gv.egiz.eaaf.core.exceptions.PendingReqIdValidationException;
import at.gv.egiz.eaaf.core.impl.utils.TransactionIdUtils;
/**
@@ -85,6 +86,9 @@ public abstract class AbstractProcessEngineSignalController extends AbstractCont
// wake up next task
processEngine.signal(pendingReq);
+ } catch (PendingReqIdValidationException e) {
+ handleError(null, e, req, resp, e.getInvalidPendingReq());
+
} catch (final Exception ex) {
handleError(null, ex, req, resp, pendingReq);
diff --git a/eaaf_core/src/main/java/at/gv/egiz/eaaf/core/impl/idp/controller/ProtocolFinalizationController.java b/eaaf_core/src/main/java/at/gv/egiz/eaaf/core/impl/idp/controller/ProtocolFinalizationController.java
index 17da63f5..4ff41836 100644
--- a/eaaf_core/src/main/java/at/gv/egiz/eaaf/core/impl/idp/controller/ProtocolFinalizationController.java
+++ b/eaaf_core/src/main/java/at/gv/egiz/eaaf/core/impl/idp/controller/ProtocolFinalizationController.java
@@ -29,6 +29,7 @@ import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.stereotype.Controller;
+import org.springframework.util.SerializationUtils;
import org.springframework.web.bind.annotation.RequestMapping;
import org.springframework.web.bind.annotation.RequestMethod;
@@ -38,7 +39,9 @@ import at.gv.egiz.eaaf.core.api.IRequestStorage;
import at.gv.egiz.eaaf.core.api.IStatusMessenger;
import at.gv.egiz.eaaf.core.api.data.EaafConstants;
import at.gv.egiz.eaaf.core.api.data.ExceptionContainer;
+import at.gv.egiz.eaaf.core.api.utils.IPendingRequestIdGenerationStrategy;
import at.gv.egiz.eaaf.core.exceptions.EaafException;
+import at.gv.egiz.eaaf.core.impl.utils.TransactionIdUtils;
/**
* Protocol finialization end-point.
@@ -54,6 +57,7 @@ public class ProtocolFinalizationController extends AbstractController {
@Autowired(required = true)
IRequestStorage requestStorage;
+ @Autowired IPendingRequestIdGenerationStrategy requestIdValidationStragegy;
/**
* End-Point to handle errors.
@@ -67,35 +71,57 @@ public class ProtocolFinalizationController extends AbstractController {
public void errorHandling(final HttpServletRequest req, final HttpServletResponse resp)
throws EaafException, IOException {
// receive an authentication error
- final String errorid =
+ final String errorToken =
StringEscapeUtils.escapeHtml4(req.getParameter(EaafConstants.PARAM_HTTP_ERROR_CODE));
- if (errorid != null) {
+ if (errorToken != null) {
IRequest pendingReq = null;
- try {
+ try {
+ String errorId = requestIdValidationStragegy.validateAndGetPendingRequestId(errorToken);
+ log.debug("Searching exception with internal error-token: {}", errorId);
+
// load stored exception from database
- final ExceptionContainer container =
- transactionStorage.get(errorid, ExceptionContainer.class);
- if (container != null) {
+ final byte[] containerSerialized =
+ transactionStorage.get(errorId, byte[].class);
+ if (containerSerialized != null) {
// remove exception if it was found
- transactionStorage.remove(errorid);
-
- final Throwable throwable = container.getExceptionThrown();
- pendingReq = container.getPendingRequest();
-
- if (pendingReq != null) {
- // build protocol-specific error message if possible
- protAuthService.buildProtocolSpecificErrorResponse(throwable, req, resp, pendingReq);
-
- // remove active user-session
- transactionStorage.remove(pendingReq.getPendingRequestId());
-
- return;
+ transactionStorage.remove(errorId);
+ log.trace("Find exception with internal error-token: {}", errorId);
+
+ //final Object containerObj = EaafSerializationUtils.deserialize(containerSerialized,
+ // Arrays.asList(
+ // ExceptionContainer.class.getName()
+ // ));
+ final Object containerObj = SerializationUtils.deserialize(containerSerialized);
+
+ if (containerObj instanceof ExceptionContainer) {
+ final ExceptionContainer container = (ExceptionContainer) containerObj;
+ final Throwable throwable = container.getExceptionThrown();
+ pendingReq = container.getPendingRequest();
+
+ if (pendingReq != null) {
+ //set MDC variables
+ TransactionIdUtils.setAllLoggingVariables(pendingReq);
+
+ // build protocol-specific error message if possible
+ protAuthService.buildProtocolSpecificErrorResponse(throwable, req, resp, pendingReq);
+
+ // remove active user-session
+ transactionStorage.remove(pendingReq.getPendingRequestId());
+
+ } else {
+ protAuthService.handleErrorNoRedirect(throwable, req, resp, true);
+
+ }
} else {
- protAuthService.handleErrorNoRedirect(throwable, req, resp, true);
+ protAuthService.handleErrorNoRedirect(
+ new EaafException(IStatusMessenger.CODES_INTERNAL_ERROR_GENERIC, null),
+ req, resp, false);
}
+
} else {
+ log.info("Find no exception with internal error-token: {}", errorId);
protAuthService.handleErrorNoRedirect(
new EaafException(IStatusMessenger.CODES_INTERNAL_ERROR_AUTH_NOPENDIGREQID, null),
req, resp, false);
@@ -114,6 +140,9 @@ public class ProtocolFinalizationController extends AbstractController {
pendingReq.getUniqueTransactionIdentifier());
}
+
+ //remove all Logger variables
+ TransactionIdUtils.removeAllLoggingVariables();
}
@@ -152,9 +181,14 @@ public class ProtocolFinalizationController extends AbstractController {
req, resp, false);
} else {
+ //set MDC variables
+ TransactionIdUtils.setAllLoggingVariables(pendingReq);
+
+ //perform protocol finalization steps
protAuthService.finalizeAuthentication(req, resp, pendingReq);
+
}
-
+
}
}
diff --git a/eaaf_core/src/main/resources/META-INF/services/at.gv.egiz.eaaf.core.api.idp.IAttributeBuilder b/eaaf_core/src/main/resources/META-INF/services/at.gv.egiz.eaaf.core.api.idp.IAttributeBuilder
index 30f1cb57..f57c3787 100644
--- a/eaaf_core/src/main/resources/META-INF/services/at.gv.egiz.eaaf.core.api.idp.IAttributeBuilder
+++ b/eaaf_core/src/main/resources/META-INF/services/at.gv.egiz.eaaf.core.api.idp.IAttributeBuilder
@@ -12,4 +12,6 @@ at.gv.egiz.eaaf.core.impl.idp.builder.attributes.EidIdentityLinkBuilder
at.gv.egiz.eaaf.core.impl.idp.builder.attributes.EidEidTokenBuilder
at.gv.egiz.eaaf.core.impl.idp.builder.attributes.EidSignerCertificate
at.gv.egiz.eaaf.core.impl.idp.builder.attributes.EidIdentityStatusLevelAttributeBuiler
-at.gv.egiz.eaaf.core.impl.idp.builder.attributes.EidCcsUrl \ No newline at end of file
+at.gv.egiz.eaaf.core.impl.idp.builder.attributes.EidCcsUrl
+at.gv.egiz.eaaf.core.impl.idp.builder.attributes.TransactionIdAttributeBuilder
+at.gv.egiz.eaaf.core.impl.idp.builder.attributes.PiiTransactionIdAttributeBuilder
diff --git a/eaaf_core/src/test/java/at/gv/egiz/eaaf/core/impl/idp/auth/attributes/PiiTransactionIdAttributeBuilderTest.java b/eaaf_core/src/test/java/at/gv/egiz/eaaf/core/impl/idp/auth/attributes/PiiTransactionIdAttributeBuilderTest.java
new file mode 100644
index 00000000..82ac0abf
--- /dev/null
+++ b/eaaf_core/src/test/java/at/gv/egiz/eaaf/core/impl/idp/auth/attributes/PiiTransactionIdAttributeBuilderTest.java
@@ -0,0 +1,64 @@
+package at.gv.egiz.eaaf.core.impl.idp.auth.attributes;
+
+import java.util.UUID;
+
+import org.junit.Assert;
+import org.junit.Test;
+import org.junit.runner.RunWith;
+import org.springframework.test.context.ContextConfiguration;
+import org.springframework.test.context.junit4.SpringJUnit4ClassRunner;
+
+import at.gv.egiz.eaaf.core.api.idp.IAttributeBuilder;
+import at.gv.egiz.eaaf.core.api.idp.IAuthData;
+import at.gv.egiz.eaaf.core.exceptions.AttributeBuilderException;
+import at.gv.egiz.eaaf.core.impl.idp.AuthenticationData;
+import at.gv.egiz.eaaf.core.impl.idp.builder.attributes.PiiTransactionIdAttributeBuilder;
+import at.gv.egiz.eaaf.core.impl.utils.TransactionIdUtils;
+
+/**
+ * Attribute builder to generate an attribute that holds the unique TransactionId for this process.
+ * <br>
+ * The attribute-value is read from {@link TransactionIdUtils} with method <code>getTransactionId()</code>
+ *
+ * @author tlenz
+ *
+ */
+@RunWith(SpringJUnit4ClassRunner.class)
+@ContextConfiguration("/SpringTest-context_eaaf_core.xml")
+public class PiiTransactionIdAttributeBuilderTest extends AbstractAttributeBuilderTest {
+
+ private final IAttributeBuilder attrBuilder = new PiiTransactionIdAttributeBuilder();
+
+ @Test
+ public void attributeName() {
+ Assert.assertEquals("Wrong attribute name",
+ "urn:eidgvat:attributes.piiTransactionId", attrBuilder.getName());
+
+ }
+
+ @Test
+ public void checkEmptyAttribute() {
+ String value = attrBuilder.buildEmpty(gen);
+ Assert.assertNull("Attr. not null", value);
+
+ }
+
+ @Test
+ public void noPiiTransactionId() throws AttributeBuilderException, Exception {
+ String value = attrBuilder.build(spConfig, buildAuthData(), gen);
+ Assert.assertNull("Attr. not null", value);
+
+ }
+
+ @Test
+ public void withPiiTransactionId() throws AttributeBuilderException, Exception {
+ String piiTransId = UUID.randomUUID().toString();
+ IAuthData authData = buildAuthData();
+ ((AuthenticationData)authData).setGenericData("urn:eidgvat:attributes.piiTransactionId", piiTransId);
+
+ String value = attrBuilder.build(spConfig, authData, gen);
+ Assert.assertEquals("piiTransactionId", piiTransId, value);
+
+ }
+
+}
diff --git a/eaaf_core/src/test/java/at/gv/egiz/eaaf/core/impl/idp/auth/attributes/TransactionIdAttributeBuilderTest.java b/eaaf_core/src/test/java/at/gv/egiz/eaaf/core/impl/idp/auth/attributes/TransactionIdAttributeBuilderTest.java
new file mode 100644
index 00000000..d82bdf5c
--- /dev/null
+++ b/eaaf_core/src/test/java/at/gv/egiz/eaaf/core/impl/idp/auth/attributes/TransactionIdAttributeBuilderTest.java
@@ -0,0 +1,60 @@
+package at.gv.egiz.eaaf.core.impl.idp.auth.attributes;
+
+import org.junit.Assert;
+import org.junit.Test;
+import org.junit.runner.RunWith;
+import org.springframework.test.context.ContextConfiguration;
+import org.springframework.test.context.junit4.SpringJUnit4ClassRunner;
+
+import at.gv.egiz.eaaf.core.api.idp.IAttributeBuilder;
+import at.gv.egiz.eaaf.core.exceptions.AttributeBuilderException;
+import at.gv.egiz.eaaf.core.impl.idp.builder.attributes.TransactionIdAttributeBuilder;
+import at.gv.egiz.eaaf.core.impl.utils.TransactionIdUtils;
+
+/**
+ * Attribute builder to generate an attribute that holds the unique TransactionId for this process.
+ * <br>
+ * The attribute-value is read from {@link TransactionIdUtils} with method <code>getTransactionId()</code>
+ *
+ * @author tlenz
+ *
+ */
+@RunWith(SpringJUnit4ClassRunner.class)
+@ContextConfiguration("/SpringTest-context_eaaf_core.xml")
+public class TransactionIdAttributeBuilderTest extends AbstractAttributeBuilderTest {
+
+ private final IAttributeBuilder attrBuilder = new TransactionIdAttributeBuilder();
+
+ @Test
+ public void attributeName() {
+ Assert.assertEquals("Wrong attribute name",
+ "urn:eidgvat:attributes.transactionId", attrBuilder.getName());
+
+ }
+
+ @Test
+ public void checkEmptyAttribute() {
+ String value = attrBuilder.buildEmpty(gen);
+ Assert.assertNull("Attr. not null", value);
+
+ }
+
+ @Test
+ public void noTransactionId() throws AttributeBuilderException, Exception {
+ String value = attrBuilder.build(spConfig, buildAuthData(), gen);
+ Assert.assertNull("Attr. not null", value);
+
+ }
+
+ @Test
+ public void withTransactionId() throws AttributeBuilderException, Exception {
+ TransactionIdUtils.setTransactionId();
+ String transId = TransactionIdUtils.getTransactionId();
+ Assert.assertNull("Inputdata is null", transId);
+
+ String value = attrBuilder.build(spConfig, buildAuthData(), gen);
+ Assert.assertEquals("TransactionId", transId, value);
+
+ }
+
+}