diff options
Diffstat (limited to 'eaaf_core')
12 files changed, 391 insertions, 120 deletions
| diff --git a/eaaf_core/pom.xml b/eaaf_core/pom.xml index 2993110d..a1eee06e 100644 --- a/eaaf_core/pom.xml +++ b/eaaf_core/pom.xml @@ -4,7 +4,7 @@    <parent>  	<groupId>at.gv.egiz</groupId>  	<artifactId>eaaf</artifactId> -	<version>1.1.8</version> +	<version>1.1.11-SNAPSHOT</version>    </parent>    <groupId>at.gv.egiz.eaaf</groupId> diff --git a/eaaf_core/src/main/java/at/gv/egiz/eaaf/core/impl/idp/auth/RequestStorage.java b/eaaf_core/src/main/java/at/gv/egiz/eaaf/core/impl/idp/auth/RequestStorage.java index 48c9d1bd..86c50be0 100644 --- a/eaaf_core/src/main/java/at/gv/egiz/eaaf/core/impl/idp/auth/RequestStorage.java +++ b/eaaf_core/src/main/java/at/gv/egiz/eaaf/core/impl/idp/auth/RequestStorage.java @@ -69,10 +69,17 @@ public class RequestStorage implements IRequestStorage {        // search invalid pending-request for errorHandling        IRequest invalidPendingRequest = null; -      try { +      try {                  if (StringUtils.isNotEmpty(e.getInvalidInternalPendingReqId())) { +          log.debug("Searching for expired pendingRequest with Id: {} ... ", e.getInvalidInternalPendingReqId());            invalidPendingRequest =                transactionStorage.get(e.getInvalidInternalPendingReqId(), IRequest.class); +          log.debug("{} expired pendingReq. Set it into Exception ...",  +              invalidPendingRequest != null ? "Find" : "Find NO "); +           +        } else { +          log.debug("Get no internal pendingRequestId. Expired pendingRequest can not be set"); +                    }        } catch (final EaafException e1) { diff --git a/eaaf_core/src/main/java/at/gv/egiz/eaaf/core/impl/idp/auth/services/ProtocolAuthenticationService.java b/eaaf_core/src/main/java/at/gv/egiz/eaaf/core/impl/idp/auth/services/ProtocolAuthenticationService.java index 72fa1faf..50bf76db 100644 --- a/eaaf_core/src/main/java/at/gv/egiz/eaaf/core/impl/idp/auth/services/ProtocolAuthenticationService.java +++ b/eaaf_core/src/main/java/at/gv/egiz/eaaf/core/impl/idp/auth/services/ProtocolAuthenticationService.java @@ -22,13 +22,24 @@ package at.gv.egiz.eaaf.core.impl.idp.auth.services;  import java.io.IOException;  import java.io.PrintWriter;  import java.io.StringWriter; -import java.util.Arrays; -import java.util.List; +import java.util.HashSet; +import javax.annotation.PostConstruct;  import javax.naming.ConfigurationException;  import javax.servlet.http.HttpServletRequest;  import javax.servlet.http.HttpServletResponse; +import org.apache.commons.lang3.ArrayUtils; +import org.apache.commons.lang3.StringUtils; +import org.apache.commons.text.StringEscapeUtils; +import org.slf4j.Logger; +import org.slf4j.LoggerFactory; +import org.springframework.beans.factory.annotation.Autowired; +import org.springframework.context.ApplicationContext; +import org.springframework.lang.NonNull; +import org.springframework.lang.Nullable; +import org.springframework.stereotype.Service; +  import at.gv.egiz.components.eventlog.api.EventConstants;  import at.gv.egiz.eaaf.core.api.IRequest;  import at.gv.egiz.eaaf.core.api.IRequestStorage; @@ -41,6 +52,7 @@ import at.gv.egiz.eaaf.core.api.gui.ModifyableGuiBuilderConfiguration;  import at.gv.egiz.eaaf.core.api.idp.IAction;  import at.gv.egiz.eaaf.core.api.idp.IAuthData;  import at.gv.egiz.eaaf.core.api.idp.IAuthenticationDataBuilder; +import at.gv.egiz.eaaf.core.api.idp.IConfiguration;  import at.gv.egiz.eaaf.core.api.idp.IModulInfo;  import at.gv.egiz.eaaf.core.api.idp.ISpConfiguration;  import at.gv.egiz.eaaf.core.api.idp.auth.IAuthenticationManager; @@ -58,30 +70,22 @@ import at.gv.egiz.eaaf.core.exceptions.GuiBuildException;  import at.gv.egiz.eaaf.core.exceptions.InvalidProtocolRequestException;  import at.gv.egiz.eaaf.core.exceptions.ProcessExecutionException;  import at.gv.egiz.eaaf.core.exceptions.ProtocolNotActiveException; +import at.gv.egiz.eaaf.core.exceptions.TaskExecutionException;  import at.gv.egiz.eaaf.core.impl.data.Pair;  import at.gv.egiz.eaaf.core.impl.gui.AbstractGuiFormBuilderConfiguration;  import at.gv.egiz.eaaf.core.impl.http.HttpUtils;  import at.gv.egiz.eaaf.core.impl.idp.controller.ProtocolFinalizationController;  import at.gv.egiz.eaaf.core.impl.idp.controller.protocols.RequestImpl; +import at.gv.egiz.eaaf.core.impl.utils.KeyValueUtils;  import at.gv.egiz.eaaf.core.impl.utils.ServletUtils; -import org.apache.commons.lang3.ArrayUtils; -import org.apache.commons.lang3.StringUtils; -import org.apache.commons.text.StringEscapeUtils; -import org.slf4j.Logger; -import org.slf4j.LoggerFactory; -import org.springframework.beans.factory.annotation.Autowired; -import org.springframework.context.ApplicationContext; -import org.springframework.lang.NonNull; -import org.springframework.lang.Nullable; -import org.springframework.stereotype.Service; -  @Service  public class ProtocolAuthenticationService implements IProtocolAuthenticationService {    private static final Logger log = LoggerFactory.getLogger(ProtocolAuthenticationService.class); -  private static final List<String> ERROR_LOGGER_ON_INFO_LEVEL = -      Arrays.asList(IStatusMessenger.CODES_INTERNAL_ERROR_AUTH_USERSTOP); +  private static final String CONFIG_PROP_LOGGER_ON_INFO_LEVEL = +      "core.logging.level.info.errorcodes"; +  private static final String TECH_LOG_MSG = "errorCode={} Message={}";    @Autowired(required = true)    private ApplicationContext applicationContext; @@ -97,6 +101,7 @@ public class ProtocolAuthenticationService implements IProtocolAuthenticationSer    private IRequestStorage requestStorage;    @Autowired(required = true)    IPendingRequestIdGenerationStrategy pendingReqIdGenerationStrategy; +  @Autowired private IConfiguration basicConfig;    @Autowired(required = false)    private ISsoManager ssoManager; @@ -107,6 +112,8 @@ public class ProtocolAuthenticationService implements IProtocolAuthenticationSer    private IGuiFormBuilder guiBuilder; +  private final HashSet<String> logOnInfoLevel = new HashSet<>(); +    /*     * (non-Javadoc)     * @@ -170,7 +177,7 @@ public class ProtocolAuthenticationService implements IProtocolAuthenticationSer    @Override    public void finalizeAuthentication(final HttpServletRequest req, final HttpServletResponse resp,        final IRequest pendingReq) throws EaafException, IOException { -    log.debug("Finalize PendingRequest with ID " + pendingReq.getPendingRequestId()); +    log.debug("Finalize PendingRequest with ID={} ", pendingReq.getPendingRequestId());      try {        // check if pending-request has 'abortedByUser' flag set @@ -204,7 +211,7 @@ public class ProtocolAuthenticationService implements IProtocolAuthenticationSer        }      } catch (final Exception e) { -      log.error("Finalize authentication protocol FAILED.", e); +      log.info("Finalize authentication protocol FAILED. Reason: {}", e.getMessage());        buildProtocolSpecificErrorResponse(e, req, resp, pendingReq);      } finally { @@ -227,7 +234,7 @@ public class ProtocolAuthenticationService implements IProtocolAuthenticationSer        if (clazz == null || !IModulInfo.class.isAssignableFrom(clazz)) {          log.error(              "Requested protocol module Class is NULL or does not implement the IModulInfo interface."); -        throw new Exception( +        throw new ClassCastException(              "Requested protocol module Class is NULL or does not implement the IModulInfo interface.");        } @@ -246,8 +253,6 @@ public class ProtocolAuthenticationService implements IProtocolAuthenticationSer          revisionsLogger.logEvent(protocolRequest, EventConstants.TRANSACTION_ERROR,              protocolRequest.getUniqueTransactionIdentifier()); -        return; -        } else {          handleErrorNoRedirect(throwable, req, resp, true); @@ -302,31 +307,11 @@ public class ProtocolAuthenticationService implements IProtocolAuthenticationSer        resp.setContentType("text/html");        resp.setStatus(302);        resp.addHeader("Location", redirectUrl); -      log.debug("REDIRECT TO: " + redirectUrl); +      log.debug("REDIRECT TO: {}", redirectUrl);      }    } -  private IGuiBuilderConfiguration evaluateRequiredErrorHandlingMethod(IRequest first, String errorId) { -    if (first != null && first.isProcessInIframe()) { -      return guiConfigFactory.getDefaultIFrameParentHopGui(first, -          "/" + ProtocolFinalizationController.ENDPOINT_ERRORHANDLING, -          errorId); - -    } - -    return null; -  } - -  private String generateErrorRedirectUrl(final HttpServletRequest req, String errorKey) { -    String redirectUrl = null; -    redirectUrl = ServletUtils.getBaseUrl(req); -    redirectUrl += "/" + ProtocolFinalizationController.ENDPOINT_ERRORHANDLING + "?" -        + EaafConstants.PARAM_HTTP_ERROR_CODE + "=" + errorKey; -    return redirectUrl; - -  } -    public void setGuiBuilder(final IGuiFormBuilder guiBuilder) {      this.guiBuilder = guiBuilder;    } @@ -391,6 +376,51 @@ public class ProtocolAuthenticationService implements IProtocolAuthenticationSer    }    /** +   * Write a Exception to the MOA-ID-Auth internal technical log. +   * +   * @param loggedException Exception to log +   */ +  protected void logExceptionToTechnicalLog(final Throwable loggedException) {     +    // In case of a TaskExecutionException, which is only a container for process-errors,  +    // extract internal exception  +    Throwable toLog; +    if (loggedException instanceof TaskExecutionException  +        && ((TaskExecutionException)loggedException).getOriginalException() != null) { +      toLog = ((TaskExecutionException)loggedException).getOriginalException(); +       +    } else { +      toLog = loggedException; +       +    } + +    // Log exception +    if (!(toLog instanceof EaafException)) { +      log.error(TECH_LOG_MSG, IStatusMessenger.CODES_INTERNAL_ERROR_GENERIC, +          toLog.getMessage(), toLog); + +    } else {             +      if (logOnInfoLevel.contains(((EaafException) toLog).getErrorId())) { +        log.info(TECH_LOG_MSG, ((EaafException) toLog).getErrorId(), +            toLog.getMessage(), toLog); + +      } else { +        log.warn(TECH_LOG_MSG, ((EaafException) toLog).getErrorId(), +            toLog.getMessage(), toLog); + +      } +    } +  } + +  @PostConstruct +  private void initializer() { +    log.trace("Initializing {} ...", ProtocolAuthenticationService.class.getName()); +    logOnInfoLevel.addAll(KeyValueUtils.getListOfCsvValues( +        basicConfig.getBasicConfiguration(CONFIG_PROP_LOGGER_ON_INFO_LEVEL))); +    log.info("Set errorCodes={} to LogLevel:INFO", String.join(",", logOnInfoLevel)); + +  } + +  /**     * Executes the requested protocol action.     *     * @param httpReq         HttpServletRequest @@ -411,7 +441,7 @@ public class ProtocolAuthenticationService implements IProtocolAuthenticationSer        if (clazz == null || !IAction.class.isAssignableFrom(clazz)) {          log.error(              "Requested protocol-action processing Class is NULL or does not implement the IAction interface."); -        throw new Exception( +        throw new ClassCastException(              "Requested protocol-action processing Class is NULL or does not implement the IAction interface.");        } @@ -422,50 +452,16 @@ public class ProtocolAuthenticationService implements IProtocolAuthenticationSer      } catch (final ClassNotFoundException e) {        log.error(            "Requested Auth. protocol processing Class is NULL or does not implement the IAction interface."); -      throw new Exception( -          "Requested Auth. protocol processing Class is NULL or does not implement the IAction interface."); +      throw new ClassNotFoundException( +          "Requested Auth. protocol processing Class is NULL or does not implement the IAction interface.", e);      }    } -  /** -   * Write a Exception to the MOA-ID-Auth internal technical log. -   * -   * @param loggedException Exception to log -   */ -  protected void logExceptionToTechnicalLog(final Throwable loggedException) { -    if (!(loggedException instanceof EaafException -        || loggedException instanceof ProcessExecutionException)) { -      log.error("Receive an internal error: Message=" + loggedException.getMessage(), -          loggedException); - -    } else { -      if (loggedException instanceof EaafAuthenticationException && ERROR_LOGGER_ON_INFO_LEVEL -          .contains(((EaafAuthenticationException) loggedException).getErrorId())) { -        if (log.isDebugEnabled() || log.isTraceEnabled()) { -          log.info(loggedException.getMessage(), loggedException); - -        } else { -          log.info(loggedException.getMessage()); - -        } - -      } else { -        if (log.isDebugEnabled() || log.isTraceEnabled()) { -          log.warn(loggedException.getMessage(), loggedException); - -        } else { -          log.warn(loggedException.getMessage()); - -        } -      } -    } -  } -    private void writeHtmlErrorResponse(@NonNull final HttpServletRequest httpReq,        @NonNull final HttpServletResponse httpResp, @NonNull final String msg,        @NonNull final String errorCode, @Nullable final Object[] params, -      @NonNull final Exception error) throws IOException, EaafException { +      @NonNull final Exception error) throws EaafException {      try {        final IGuiBuilderConfiguration config = @@ -543,13 +539,11 @@ public class ProtocolAuthenticationService implements IProtocolAuthenticationSer        }        // write error message -      // writeBadRequestErrorResponse(req, resp, (EAAFException) e);        writeHtmlErrorResponse(req, resp, e.getMessage(), statusMessager.getResponseErrorCode(e),            null, e);      } else if (e instanceof InvalidProtocolRequestException) {        // send error response -      // writeBadRequestErrorResponse(req, resp, (EAAFException) e);        writeHtmlErrorResponse(req, resp, e.getMessage(), statusMessager.getResponseErrorCode(e),            null, e); @@ -572,4 +566,24 @@ public class ProtocolAuthenticationService implements IProtocolAuthenticationSer    } +  private IGuiBuilderConfiguration evaluateRequiredErrorHandlingMethod(IRequest first, String errorId) { +    if (first != null && first.isProcessInIframe()) { +      return guiConfigFactory.getDefaultIFrameParentHopGui(first, +          "/" + ProtocolFinalizationController.ENDPOINT_ERRORHANDLING, +          errorId); + +    } + +    return null; +  } + +  private String generateErrorRedirectUrl(final HttpServletRequest req, String errorKey) { +    String redirectUrl = null; +    redirectUrl = ServletUtils.getBaseUrl(req); +    redirectUrl += "/" + ProtocolFinalizationController.ENDPOINT_ERRORHANDLING + "?" +        + EaafConstants.PARAM_HTTP_ERROR_CODE + "=" + errorKey; +    return redirectUrl; + +  } +  } diff --git a/eaaf_core/src/main/java/at/gv/egiz/eaaf/core/impl/idp/builder/attributes/PiiTransactionIdAttributeBuilder.java b/eaaf_core/src/main/java/at/gv/egiz/eaaf/core/impl/idp/builder/attributes/PiiTransactionIdAttributeBuilder.java new file mode 100644 index 00000000..08911ac7 --- /dev/null +++ b/eaaf_core/src/main/java/at/gv/egiz/eaaf/core/impl/idp/builder/attributes/PiiTransactionIdAttributeBuilder.java @@ -0,0 +1,37 @@ +package at.gv.egiz.eaaf.core.impl.idp.builder.attributes; + +import at.gv.egiz.eaaf.core.api.data.ExtendedPvpAttributeDefinitions; +import at.gv.egiz.eaaf.core.api.idp.IAttributeBuilder; +import at.gv.egiz.eaaf.core.api.idp.IAttributeGenerator; +import at.gv.egiz.eaaf.core.api.idp.IAuthData; +import at.gv.egiz.eaaf.core.api.idp.ISpConfiguration; +import at.gv.egiz.eaaf.core.exceptions.AttributeBuilderException; +import lombok.extern.slf4j.Slf4j; + +@Slf4j +public class PiiTransactionIdAttributeBuilder implements IAttributeBuilder, ExtendedPvpAttributeDefinitions { + +  @Override +  public String getName() { +    return EID_PII_TRANSACTION_ID_NAME; +     +  } + +  @Override +  public <ATT> ATT build(ISpConfiguration oaParam, IAuthData authData, IAttributeGenerator<ATT> g) +      throws AttributeBuilderException {     +    String piiTransactionId = authData.getGenericData(EID_PII_TRANSACTION_ID_NAME, String.class);     +    log.trace("{} piiTransactionId: {} as attribute",  +        piiTransactionId != null ? "Set" : "Notset", log.isTraceEnabled() ? piiTransactionId : "********"); +    return g.buildStringAttribute(EID_PII_TRANSACTION_ID_FRIENDLY_NAME, EID_PII_TRANSACTION_ID_NAME, +        piiTransactionId); +     +  } + +  @Override +  public <ATT> ATT buildEmpty(IAttributeGenerator<ATT> g) { +    return g.buildEmptyAttribute(EID_PII_TRANSACTION_ID_FRIENDLY_NAME, EID_PII_TRANSACTION_ID_NAME); +     +  } + +} diff --git a/eaaf_core/src/main/java/at/gv/egiz/eaaf/core/impl/idp/builder/attributes/SpUsesMandates.java b/eaaf_core/src/main/java/at/gv/egiz/eaaf/core/impl/idp/builder/attributes/SpUsesMandates.java index 44ff4e50..924e2a9f 100644 --- a/eaaf_core/src/main/java/at/gv/egiz/eaaf/core/impl/idp/builder/attributes/SpUsesMandates.java +++ b/eaaf_core/src/main/java/at/gv/egiz/eaaf/core/impl/idp/builder/attributes/SpUsesMandates.java @@ -30,7 +30,7 @@ public class SpUsesMandates implements IAttributeBuilder, ExtendedPvpAttributeDe    @Override    public String getName() { -    return SP_USESMANDATES_NAME; +    return SP_USED_MANDATE_PROFILES_NAME;    }    @Override @@ -44,7 +44,7 @@ public class SpUsesMandates implements IAttributeBuilder, ExtendedPvpAttributeDe    @Override    public <ATT> ATT buildEmpty(final IAttributeGenerator<ATT> g) { -    return g.buildEmptyAttribute(SP_USESMANDATES_FRIENDLY_NAME, SP_USESMANDATES_NAME); +    return g.buildEmptyAttribute(SP_USED_MANDATE_PROFILES_FRIENDLY_NAME, SP_USED_MANDATE_PROFILES_NAME);    } diff --git a/eaaf_core/src/main/java/at/gv/egiz/eaaf/core/impl/idp/builder/attributes/TransactionIdAttributeBuilder.java b/eaaf_core/src/main/java/at/gv/egiz/eaaf/core/impl/idp/builder/attributes/TransactionIdAttributeBuilder.java new file mode 100644 index 00000000..17b830dc --- /dev/null +++ b/eaaf_core/src/main/java/at/gv/egiz/eaaf/core/impl/idp/builder/attributes/TransactionIdAttributeBuilder.java @@ -0,0 +1,33 @@ +package at.gv.egiz.eaaf.core.impl.idp.builder.attributes; + +import at.gv.egiz.eaaf.core.api.data.ExtendedPvpAttributeDefinitions; +import at.gv.egiz.eaaf.core.api.idp.IAttributeBuilder; +import at.gv.egiz.eaaf.core.api.idp.IAttributeGenerator; +import at.gv.egiz.eaaf.core.api.idp.IAuthData; +import at.gv.egiz.eaaf.core.api.idp.ISpConfiguration; +import at.gv.egiz.eaaf.core.exceptions.AttributeBuilderException; +import at.gv.egiz.eaaf.core.impl.utils.TransactionIdUtils; + +public class TransactionIdAttributeBuilder implements IAttributeBuilder, ExtendedPvpAttributeDefinitions { + +  @Override +  public String getName() { +    return EID_TRANSACTION_ID_NAME; +     +  } + +  @Override +  public <ATT> ATT build(ISpConfiguration oaParam, IAuthData authData, IAttributeGenerator<ATT> g) +      throws AttributeBuilderException { +    return g.buildStringAttribute(EID_TRANSACTION_ID_FRIENDLY_NAME, EID_TRANSACTION_ID_NAME, +        TransactionIdUtils.getTransactionId()); +     +  } + +  @Override +  public <ATT> ATT buildEmpty(IAttributeGenerator<ATT> g) { +    return g.buildEmptyAttribute(EID_TRANSACTION_ID_FRIENDLY_NAME, EID_TRANSACTION_ID_NAME); +     +  } + +} diff --git a/eaaf_core/src/main/java/at/gv/egiz/eaaf/core/impl/idp/controller/AbstractController.java b/eaaf_core/src/main/java/at/gv/egiz/eaaf/core/impl/idp/controller/AbstractController.java index e9687833..0479a8c5 100644 --- a/eaaf_core/src/main/java/at/gv/egiz/eaaf/core/impl/idp/controller/AbstractController.java +++ b/eaaf_core/src/main/java/at/gv/egiz/eaaf/core/impl/idp/controller/AbstractController.java @@ -26,6 +26,14 @@ import javax.annotation.Nullable;  import javax.servlet.http.HttpServletRequest;  import javax.servlet.http.HttpServletResponse; +import org.apache.commons.text.StringEscapeUtils; +import org.slf4j.Logger; +import org.slf4j.LoggerFactory; +import org.springframework.beans.factory.annotation.Autowired; +import org.springframework.context.ApplicationContext; +import org.springframework.util.SerializationUtils; +import org.springframework.web.bind.annotation.ExceptionHandler; +  import at.gv.egiz.components.eventlog.api.EventConstants;  import at.gv.egiz.eaaf.core.api.IRequest;  import at.gv.egiz.eaaf.core.api.IStatusMessenger; @@ -35,19 +43,12 @@ import at.gv.egiz.eaaf.core.api.idp.IConfigurationWithSP;  import at.gv.egiz.eaaf.core.api.idp.auth.services.IProtocolAuthenticationService;  import at.gv.egiz.eaaf.core.api.logging.IRevisionLogger;  import at.gv.egiz.eaaf.core.api.storage.ITransactionStorage; +import at.gv.egiz.eaaf.core.api.utils.IPendingRequestIdGenerationStrategy;  import at.gv.egiz.eaaf.core.exceptions.EaafException;  import at.gv.egiz.eaaf.core.exceptions.PendingReqIdValidationException;  import at.gv.egiz.eaaf.core.exceptions.ProcessExecutionException;  import at.gv.egiz.eaaf.core.exceptions.TaskExecutionException;  import at.gv.egiz.eaaf.core.impl.data.Pair; -import at.gv.egiz.eaaf.core.impl.utils.Random; - -import org.apache.commons.text.StringEscapeUtils; -import org.slf4j.Logger; -import org.slf4j.LoggerFactory; -import org.springframework.beans.factory.annotation.Autowired; -import org.springframework.context.ApplicationContext; -import org.springframework.web.bind.annotation.ExceptionHandler;  /**   * Basic application controller that implements core error-handling. @@ -73,6 +74,9 @@ public abstract class AbstractController {    @Autowired    protected IRevisionLogger revisionsLogger; +  @Autowired +  protected IPendingRequestIdGenerationStrategy reqIdGenerationStrategy; +      /**     * EAAF framework exception handler.     * @@ -167,18 +171,30 @@ public abstract class AbstractController {      }      // put exception into transaction store for redirect -    final String errorKey = Random.nextLongRandom(); +    final String errorToken = reqIdGenerationStrategy.generateExternalPendingRequestId();     +    final String errorKey = reqIdGenerationStrategy.getPendingRequestIdWithOutChecks(errorToken); +                  if (errorToHandle.getFirst() != null) {        revisionsLogger.logEvent(errorToHandle.getFirst(), EventConstants.TRANSACTION_ERROR); -      transactionStorage.put(errorKey, new ExceptionContainer(errorToHandle.getFirst(), errorToHandle -          .getSecond()), -1); + +      log.trace("Serializing {} ... ", ExceptionContainer.class.getName()); +      final byte[] serializedError = SerializationUtils.serialize( +          new ExceptionContainer(errorToHandle.getFirst(), errorToHandle.getSecond())); + +      log.debug("Put 'ExceptionContainer' into cache with id: {}... ", errorKey); +      transactionStorage.put(errorKey, serializedError, -1);      } else { -      transactionStorage.put(errorKey, new ExceptionContainer(null, errorToHandle.getSecond()), -1); +      log.trace("Serializing {} ... ", ExceptionContainer.class.getName()); +      final byte[] serializedError = SerializationUtils.serialize( +          new ExceptionContainer(null, errorToHandle.getSecond())); + +      log.trace("Put 'ExceptionContainer' into cache with id: {}... ",errorKey); +      transactionStorage.put(errorKey, serializedError, -1);      } -    return errorKey; +    return errorToken;    } diff --git a/eaaf_core/src/main/java/at/gv/egiz/eaaf/core/impl/idp/controller/AbstractProcessEngineSignalController.java b/eaaf_core/src/main/java/at/gv/egiz/eaaf/core/impl/idp/controller/AbstractProcessEngineSignalController.java index 098bca4c..2ce728c1 100644 --- a/eaaf_core/src/main/java/at/gv/egiz/eaaf/core/impl/idp/controller/AbstractProcessEngineSignalController.java +++ b/eaaf_core/src/main/java/at/gv/egiz/eaaf/core/impl/idp/controller/AbstractProcessEngineSignalController.java @@ -36,6 +36,7 @@ import at.gv.egiz.eaaf.core.api.data.EaafConstants;  import at.gv.egiz.eaaf.core.api.idp.process.ProcessEngine;  import at.gv.egiz.eaaf.core.exceptions.EaafException;  import at.gv.egiz.eaaf.core.exceptions.EaafIllegalStateException; +import at.gv.egiz.eaaf.core.exceptions.PendingReqIdValidationException;  import at.gv.egiz.eaaf.core.impl.utils.TransactionIdUtils;  /** @@ -85,6 +86,9 @@ public abstract class AbstractProcessEngineSignalController extends AbstractCont        // wake up next task        processEngine.signal(pendingReq); +    } catch (PendingReqIdValidationException e) { +      handleError(null, e, req, resp, e.getInvalidPendingReq()); +            } catch (final Exception ex) {        handleError(null, ex, req, resp, pendingReq); diff --git a/eaaf_core/src/main/java/at/gv/egiz/eaaf/core/impl/idp/controller/ProtocolFinalizationController.java b/eaaf_core/src/main/java/at/gv/egiz/eaaf/core/impl/idp/controller/ProtocolFinalizationController.java index 17da63f5..4ff41836 100644 --- a/eaaf_core/src/main/java/at/gv/egiz/eaaf/core/impl/idp/controller/ProtocolFinalizationController.java +++ b/eaaf_core/src/main/java/at/gv/egiz/eaaf/core/impl/idp/controller/ProtocolFinalizationController.java @@ -29,6 +29,7 @@ import org.slf4j.Logger;  import org.slf4j.LoggerFactory;  import org.springframework.beans.factory.annotation.Autowired;  import org.springframework.stereotype.Controller; +import org.springframework.util.SerializationUtils;  import org.springframework.web.bind.annotation.RequestMapping;  import org.springframework.web.bind.annotation.RequestMethod; @@ -38,7 +39,9 @@ import at.gv.egiz.eaaf.core.api.IRequestStorage;  import at.gv.egiz.eaaf.core.api.IStatusMessenger;  import at.gv.egiz.eaaf.core.api.data.EaafConstants;  import at.gv.egiz.eaaf.core.api.data.ExceptionContainer; +import at.gv.egiz.eaaf.core.api.utils.IPendingRequestIdGenerationStrategy;  import at.gv.egiz.eaaf.core.exceptions.EaafException; +import at.gv.egiz.eaaf.core.impl.utils.TransactionIdUtils;  /**   * Protocol finialization end-point. @@ -54,6 +57,7 @@ public class ProtocolFinalizationController extends AbstractController {    @Autowired(required = true)    IRequestStorage requestStorage; +  @Autowired IPendingRequestIdGenerationStrategy requestIdValidationStragegy;    /**     * End-Point to handle errors. @@ -67,35 +71,57 @@ public class ProtocolFinalizationController extends AbstractController {    public void errorHandling(final HttpServletRequest req, final HttpServletResponse resp)        throws EaafException, IOException {      // receive an authentication error -    final String errorid = +    final String errorToken =          StringEscapeUtils.escapeHtml4(req.getParameter(EaafConstants.PARAM_HTTP_ERROR_CODE)); -    if (errorid != null) { +    if (errorToken != null) {        IRequest pendingReq = null; -      try { +      try {        +        String errorId = requestIdValidationStragegy.validateAndGetPendingRequestId(errorToken);                 +        log.debug("Searching exception with internal error-token: {}", errorId); +                  // load stored exception from database -        final ExceptionContainer container = -            transactionStorage.get(errorid, ExceptionContainer.class); -        if (container != null) { +        final byte[] containerSerialized = +            transactionStorage.get(errorId, byte[].class); +        if (containerSerialized != null) {            // remove exception if it was found -          transactionStorage.remove(errorid); - -          final Throwable throwable = container.getExceptionThrown(); -          pendingReq = container.getPendingRequest(); - -          if (pendingReq != null) { -            // build protocol-specific error message if possible -            protAuthService.buildProtocolSpecificErrorResponse(throwable, req, resp, pendingReq); - -            // remove active user-session -            transactionStorage.remove(pendingReq.getPendingRequestId()); - -            return; +          transactionStorage.remove(errorId); +          log.trace("Find exception with internal error-token: {}", errorId); +           +          //final Object containerObj = EaafSerializationUtils.deserialize(containerSerialized,  +          //    Arrays.asList( +          //        ExceptionContainer.class.getName() +          //        )); +          final Object containerObj = SerializationUtils.deserialize(containerSerialized); +           +          if (containerObj instanceof ExceptionContainer) { +            final ExceptionContainer container = (ExceptionContainer) containerObj; +            final Throwable throwable = container.getExceptionThrown(); +            pendingReq = container.getPendingRequest(); + +            if (pendingReq != null) { +              //set MDC variables +              TransactionIdUtils.setAllLoggingVariables(pendingReq); +               +              // build protocol-specific error message if possible +              protAuthService.buildProtocolSpecificErrorResponse(throwable, req, resp, pendingReq); + +              // remove active user-session +              transactionStorage.remove(pendingReq.getPendingRequestId()); + +            } else { +              protAuthService.handleErrorNoRedirect(throwable, req, resp, true); + +            }            } else { -            protAuthService.handleErrorNoRedirect(throwable, req, resp, true); +            protAuthService.handleErrorNoRedirect( +                new EaafException(IStatusMessenger.CODES_INTERNAL_ERROR_GENERIC, null), +                req, resp, false);            } +          } else { +          log.info("Find no exception with internal error-token: {}", errorId);            protAuthService.handleErrorNoRedirect(                new EaafException(IStatusMessenger.CODES_INTERNAL_ERROR_AUTH_NOPENDIGREQID, null),                req, resp, false); @@ -114,6 +140,9 @@ public class ProtocolFinalizationController extends AbstractController {                pendingReq.getUniqueTransactionIdentifier());          } +         +        //remove all Logger variables +        TransactionIdUtils.removeAllLoggingVariables();        } @@ -152,9 +181,14 @@ public class ProtocolFinalizationController extends AbstractController {            req, resp, false);      } else { +      //set MDC variables +      TransactionIdUtils.setAllLoggingVariables(pendingReq); +       +      //perform protocol finalization steps        protAuthService.finalizeAuthentication(req, resp, pendingReq); +                        } - +        }  } diff --git a/eaaf_core/src/main/resources/META-INF/services/at.gv.egiz.eaaf.core.api.idp.IAttributeBuilder b/eaaf_core/src/main/resources/META-INF/services/at.gv.egiz.eaaf.core.api.idp.IAttributeBuilder index 30f1cb57..f57c3787 100644 --- a/eaaf_core/src/main/resources/META-INF/services/at.gv.egiz.eaaf.core.api.idp.IAttributeBuilder +++ b/eaaf_core/src/main/resources/META-INF/services/at.gv.egiz.eaaf.core.api.idp.IAttributeBuilder @@ -12,4 +12,6 @@ at.gv.egiz.eaaf.core.impl.idp.builder.attributes.EidIdentityLinkBuilder  at.gv.egiz.eaaf.core.impl.idp.builder.attributes.EidEidTokenBuilder  at.gv.egiz.eaaf.core.impl.idp.builder.attributes.EidSignerCertificate  at.gv.egiz.eaaf.core.impl.idp.builder.attributes.EidIdentityStatusLevelAttributeBuiler -at.gv.egiz.eaaf.core.impl.idp.builder.attributes.EidCcsUrl
\ No newline at end of file +at.gv.egiz.eaaf.core.impl.idp.builder.attributes.EidCcsUrl +at.gv.egiz.eaaf.core.impl.idp.builder.attributes.TransactionIdAttributeBuilder +at.gv.egiz.eaaf.core.impl.idp.builder.attributes.PiiTransactionIdAttributeBuilder diff --git a/eaaf_core/src/test/java/at/gv/egiz/eaaf/core/impl/idp/auth/attributes/PiiTransactionIdAttributeBuilderTest.java b/eaaf_core/src/test/java/at/gv/egiz/eaaf/core/impl/idp/auth/attributes/PiiTransactionIdAttributeBuilderTest.java new file mode 100644 index 00000000..82ac0abf --- /dev/null +++ b/eaaf_core/src/test/java/at/gv/egiz/eaaf/core/impl/idp/auth/attributes/PiiTransactionIdAttributeBuilderTest.java @@ -0,0 +1,64 @@ +package at.gv.egiz.eaaf.core.impl.idp.auth.attributes; + +import java.util.UUID; + +import org.junit.Assert; +import org.junit.Test; +import org.junit.runner.RunWith; +import org.springframework.test.context.ContextConfiguration; +import org.springframework.test.context.junit4.SpringJUnit4ClassRunner; + +import at.gv.egiz.eaaf.core.api.idp.IAttributeBuilder; +import at.gv.egiz.eaaf.core.api.idp.IAuthData; +import at.gv.egiz.eaaf.core.exceptions.AttributeBuilderException; +import at.gv.egiz.eaaf.core.impl.idp.AuthenticationData; +import at.gv.egiz.eaaf.core.impl.idp.builder.attributes.PiiTransactionIdAttributeBuilder; +import at.gv.egiz.eaaf.core.impl.utils.TransactionIdUtils; + +/** + * Attribute builder to generate an attribute that holds the unique TransactionId for this process.  + * <br> + * The attribute-value is read from {@link TransactionIdUtils} with method <code>getTransactionId()</code> + *  + * @author tlenz + * + */ +@RunWith(SpringJUnit4ClassRunner.class) +@ContextConfiguration("/SpringTest-context_eaaf_core.xml") +public class PiiTransactionIdAttributeBuilderTest extends AbstractAttributeBuilderTest { + +  private final IAttributeBuilder attrBuilder = new PiiTransactionIdAttributeBuilder(); +   +  @Test +  public void attributeName() { +    Assert.assertEquals("Wrong attribute name",  +        "urn:eidgvat:attributes.piiTransactionId", attrBuilder.getName()); +     +  } +   +  @Test +  public void checkEmptyAttribute() {     +    String value = attrBuilder.buildEmpty(gen);     +    Assert.assertNull("Attr. not null", value); +         +  } +  +  @Test +  public void noPiiTransactionId() throws AttributeBuilderException, Exception {            +    String value = attrBuilder.build(spConfig, buildAuthData(), gen);     +    Assert.assertNull("Attr. not null", value); +         +  } +   +  @Test +  public void withPiiTransactionId() throws AttributeBuilderException, Exception {     +    String piiTransId = UUID.randomUUID().toString(); +    IAuthData authData = buildAuthData(); +    ((AuthenticationData)authData).setGenericData("urn:eidgvat:attributes.piiTransactionId", piiTransId); +     +    String value = attrBuilder.build(spConfig, authData, gen);     +    Assert.assertEquals("piiTransactionId", piiTransId, value); +         +  } +   +} diff --git a/eaaf_core/src/test/java/at/gv/egiz/eaaf/core/impl/idp/auth/attributes/TransactionIdAttributeBuilderTest.java b/eaaf_core/src/test/java/at/gv/egiz/eaaf/core/impl/idp/auth/attributes/TransactionIdAttributeBuilderTest.java new file mode 100644 index 00000000..d82bdf5c --- /dev/null +++ b/eaaf_core/src/test/java/at/gv/egiz/eaaf/core/impl/idp/auth/attributes/TransactionIdAttributeBuilderTest.java @@ -0,0 +1,60 @@ +package at.gv.egiz.eaaf.core.impl.idp.auth.attributes; + +import org.junit.Assert; +import org.junit.Test; +import org.junit.runner.RunWith; +import org.springframework.test.context.ContextConfiguration; +import org.springframework.test.context.junit4.SpringJUnit4ClassRunner; + +import at.gv.egiz.eaaf.core.api.idp.IAttributeBuilder; +import at.gv.egiz.eaaf.core.exceptions.AttributeBuilderException; +import at.gv.egiz.eaaf.core.impl.idp.builder.attributes.TransactionIdAttributeBuilder; +import at.gv.egiz.eaaf.core.impl.utils.TransactionIdUtils; + +/** + * Attribute builder to generate an attribute that holds the unique TransactionId for this process.  + * <br> + * The attribute-value is read from {@link TransactionIdUtils} with method <code>getTransactionId()</code> + *  + * @author tlenz + * + */ +@RunWith(SpringJUnit4ClassRunner.class) +@ContextConfiguration("/SpringTest-context_eaaf_core.xml") +public class TransactionIdAttributeBuilderTest extends AbstractAttributeBuilderTest { + +  private final IAttributeBuilder attrBuilder = new TransactionIdAttributeBuilder(); +   +  @Test +  public void attributeName() { +    Assert.assertEquals("Wrong attribute name",  +        "urn:eidgvat:attributes.transactionId", attrBuilder.getName()); +     +  } +   +  @Test +  public void checkEmptyAttribute() {     +    String value = attrBuilder.buildEmpty(gen);     +    Assert.assertNull("Attr. not null", value); +         +  } +  +  @Test +  public void noTransactionId() throws AttributeBuilderException, Exception {            +    String value = attrBuilder.build(spConfig, buildAuthData(), gen);     +    Assert.assertNull("Attr. not null", value); +         +  } +   +  @Test +  public void withTransactionId() throws AttributeBuilderException, Exception {     +    TransactionIdUtils.setTransactionId(); +    String transId = TransactionIdUtils.getTransactionId(); +    Assert.assertNull("Inputdata is null", transId); +     +    String value = attrBuilder.build(spConfig, buildAuthData(), gen);     +    Assert.assertEquals("TransactionId", transId, value); +         +  } +   +} | 
