From 465c25d4d338b4058366456d3fd7a41cd372481b Mon Sep 17 00:00:00 2001 From: Thomas Lenz Date: Tue, 12 Nov 2019 09:47:08 +0100 Subject: refactor AuthModule interface to inject current IRequest into selectProcess method --- .../idp/auth/AbstractAuthenticationManager.java | 32 +++++++++++----------- .../impl/idp/auth/modules/ModuleRegistration.java | 6 ++-- .../tasks/RestartAuthProzessManagement.java | 2 +- .../gv/egiz/eaaf/core/api/data/EAAFConstants.java | 1 - .../eaaf/core/api/idp/auth/modules/AuthModule.java | 4 ++- .../sl20/AbstractSL20AuthenticationModulImpl.java | 6 ++-- 6 files changed, 27 insertions(+), 24 deletions(-) diff --git a/eaaf_core/src/main/java/at/gv/egiz/eaaf/core/impl/idp/auth/AbstractAuthenticationManager.java b/eaaf_core/src/main/java/at/gv/egiz/eaaf/core/impl/idp/auth/AbstractAuthenticationManager.java index 0d3eaf18..4cefcd8d 100644 --- a/eaaf_core/src/main/java/at/gv/egiz/eaaf/core/impl/idp/auth/AbstractAuthenticationManager.java +++ b/eaaf_core/src/main/java/at/gv/egiz/eaaf/core/impl/idp/auth/AbstractAuthenticationManager.java @@ -113,7 +113,7 @@ public abstract class AbstractAuthenticationManager implements IAuthenticationMa } //load OA configuration from pending request - ISPConfiguration oaParam = pendingReq.getServiceProviderConfiguration(); + final ISPConfiguration oaParam = pendingReq.getServiceProviderConfiguration(); //set logging context and log unique OA identifier to revision log TransactionIDUtils.setServiceProviderId(oaParam.getUniqueIdentifier()); @@ -186,6 +186,7 @@ public abstract class AbstractAuthenticationManager implements IAuthenticationMa } } + @Override public final void performOnlyIDPLogOut(HttpServletRequest request, HttpServletResponse response, IRequest pendingReq) { log.debug("Close session. Remove pending request ... "); @@ -200,7 +201,7 @@ public abstract class AbstractAuthenticationManager implements IAuthenticationMa else log.info("Closing SSO session NOT successfully"); - } catch (EAAFSSOException e) { + } catch (final EAAFSSOException e) { log.warn("Destroying of SSO session FAILED. Reason: " + e.getMessage(), e); } @@ -227,7 +228,7 @@ public abstract class AbstractAuthenticationManager implements IAuthenticationMa revisionsLogger.logEvent(pendingReq, EVENT_AUTHENTICATION_PROCESS_STARTED); //create authentication process execution context - ExecutionContext executionContext = new ExecutionContextImpl(); + final ExecutionContext executionContext = new ExecutionContextImpl(); //set oaIdentifeir executionContext.put(EAAFConstants.PROCESS_ENGINE_SERVICE_PROVIDER_ENTITYID, @@ -239,15 +240,15 @@ public abstract class AbstractAuthenticationManager implements IAuthenticationMa executionContext.put(EAAFConstants.PROCESS_ENGINE_SSL_CLIENT_CERTIFICATE, ((X509Certificate[])httpReq.getAttribute("javax.servlet.request.X509Certificate"))); pendingReq.setRawDataToTransaction(EAAFConstants.PROCESS_ENGINE_SSL_CLIENT_CERTIFICATE, - ((X509Certificate[])httpReq.getAttribute("javax.servlet.request.X509Certificate"))); + (httpReq.getAttribute("javax.servlet.request.X509Certificate"))); } //add additional http request parameter to context if (!reqParameterWhiteListeForModules.isEmpty()) { - Enumeration reqParamNames = httpReq.getParameterNames(); + final Enumeration reqParamNames = httpReq.getParameterNames(); while(reqParamNames.hasMoreElements()) { - String paramName = reqParamNames.nextElement(); + final String paramName = reqParamNames.nextElement(); if (StringUtils.isNotEmpty(paramName) && reqParameterWhiteListeForModules.contains(paramName) ) executionContext.put(paramName, StringEscapeUtils.escapeHtml4(httpReq.getParameter(paramName))); } @@ -255,9 +256,9 @@ public abstract class AbstractAuthenticationManager implements IAuthenticationMa //add additional http request parameter to context if (!reqHeaderWhiteListeForModules.isEmpty()) { - Enumeration reqHeaderNames = httpReq.getHeaderNames(); + final Enumeration reqHeaderNames = httpReq.getHeaderNames(); while(reqHeaderNames.hasMoreElements()) { - String paramName = reqHeaderNames.nextElement(); + final String paramName = reqHeaderNames.nextElement(); if (StringUtils.isNotEmpty(paramName) && at.gv.egiz.eaaf.core.impl.utils.ArrayUtils.containsCaseInsensitive(paramName, reqHeaderWhiteListeForModules) //reqHeaderWhiteListeForModules.contains(paramName.toLowerCase()) @@ -305,7 +306,7 @@ public abstract class AbstractAuthenticationManager implements IAuthenticationMa pendingReq.setAuthenticated(false); //create execution context - ExecutionContext executionContext = new ExecutionContextImpl(); + final ExecutionContext executionContext = new ExecutionContextImpl(); executionContext.put(ISSOManager.PROCESS_ENGINE_SSO_CONSENTS_EVALUATION, true); //start process engine @@ -325,10 +326,9 @@ public abstract class AbstractAuthenticationManager implements IAuthenticationMa try { //put pending-request ID on execurtionContext executionContext.put(EAAFConstants.PROCESS_ENGINE_PENDINGREQUESTID, pendingReq.getPendingRequestId()); - executionContext.put(EAAFConstants.PROCESSCONTEXT_SP_CONFIG, pendingReq.getServiceProviderConfiguration()); // create process instance - String processDefinitionId = ModuleRegistration.getInstance().selectProcess(executionContext); + final String processDefinitionId = ModuleRegistration.getInstance().selectProcess(executionContext, pendingReq); if (processDefinitionId == null) { log.warn("No suitable process found for PendingReqId " + pendingReq.getPendingRequestId() ); @@ -338,7 +338,7 @@ public abstract class AbstractAuthenticationManager implements IAuthenticationMa } - String processInstanceId = processEngine.createProcessInstance(processDefinitionId, executionContext); + final String processInstanceId = processEngine.createProcessInstance(processDefinitionId, executionContext); // keep process instance id in protocol pending-request pendingReq.setProcessInstanceId(processInstanceId); @@ -349,12 +349,12 @@ public abstract class AbstractAuthenticationManager implements IAuthenticationMa // start process processEngine.start(pendingReq); - } catch (ProcessExecutionException e) { - Throwable cause = e.getCause(); + } catch (final ProcessExecutionException e) { + final Throwable cause = e.getCause(); if (cause != null && cause instanceof TaskExecutionException) { - Throwable taskCause = cause.getCause(); + final Throwable taskCause = cause.getCause(); if (taskCause != null && taskCause instanceof EAAFException) { - EAAFException moaTaskCause = (EAAFException) taskCause; + final EAAFException moaTaskCause = (EAAFException) taskCause; log.warn(taskCause.getMessage(), taskCause); throw moaTaskCause; diff --git a/eaaf_core/src/main/java/at/gv/egiz/eaaf/core/impl/idp/auth/modules/ModuleRegistration.java b/eaaf_core/src/main/java/at/gv/egiz/eaaf/core/impl/idp/auth/modules/ModuleRegistration.java index f35b6032..6789c802 100644 --- a/eaaf_core/src/main/java/at/gv/egiz/eaaf/core/impl/idp/auth/modules/ModuleRegistration.java +++ b/eaaf_core/src/main/java/at/gv/egiz/eaaf/core/impl/idp/auth/modules/ModuleRegistration.java @@ -45,6 +45,7 @@ import org.springframework.beans.factory.annotation.Autowired; import org.springframework.context.ApplicationContext; import org.springframework.core.io.Resource; +import at.gv.egiz.eaaf.core.api.IRequest; import at.gv.egiz.eaaf.core.api.idp.auth.modules.AuthModule; import at.gv.egiz.eaaf.core.api.idp.process.ExecutionContext; import at.gv.egiz.eaaf.core.api.idp.process.ProcessEngine; @@ -161,11 +162,12 @@ public class ModuleRegistration { * * @param context * the {@link ExecutionContext}. + * @param pendingReq the current processed {@link IRequest} * @return the process id or {@code null} */ - public String selectProcess(ExecutionContext context) { + public String selectProcess(ExecutionContext context, IRequest pendingReq) { for (final AuthModule module : priorizedModules) { - final String id = module.selectProcess(context); + final String id = module.selectProcess(context, pendingReq); if (StringUtils.isNotEmpty(id)) { log.debug("Process with id '{}' selected, for context '{}'.", id, context); return id; diff --git a/eaaf_core/src/main/java/at/gv/egiz/eaaf/core/impl/idp/controller/tasks/RestartAuthProzessManagement.java b/eaaf_core/src/main/java/at/gv/egiz/eaaf/core/impl/idp/controller/tasks/RestartAuthProzessManagement.java index 1e5b63a2..5ea5baa1 100644 --- a/eaaf_core/src/main/java/at/gv/egiz/eaaf/core/impl/idp/controller/tasks/RestartAuthProzessManagement.java +++ b/eaaf_core/src/main/java/at/gv/egiz/eaaf/core/impl/idp/controller/tasks/RestartAuthProzessManagement.java @@ -79,7 +79,7 @@ public class RestartAuthProzessManagement extends AbstractAuthServletTask { log.debug("Select new auth.-process and restart restart process-engine ... "); // select and create new process instance - final String processDefinitionId = ModuleRegistration.getInstance().selectProcess(newec); + final String processDefinitionId = ModuleRegistration.getInstance().selectProcess(newec, pendingReq); if (processDefinitionId == null) { log.warn("No suitable authentication process found for SessionID " + pendingReq.getPendingRequestId()); throw new EAAFException("process.02", new Object[] { pendingReq.getPendingRequestId()}); diff --git a/eaaf_core_api/src/main/java/at/gv/egiz/eaaf/core/api/data/EAAFConstants.java b/eaaf_core_api/src/main/java/at/gv/egiz/eaaf/core/api/data/EAAFConstants.java index 2397ef0a..32ea7a6f 100644 --- a/eaaf_core_api/src/main/java/at/gv/egiz/eaaf/core/api/data/EAAFConstants.java +++ b/eaaf_core_api/src/main/java/at/gv/egiz/eaaf/core/api/data/EAAFConstants.java @@ -68,7 +68,6 @@ public class EAAFConstants { public static final String PROCESS_ENGINE_PENDINGREQUESTID = PROCESS_ENGINE_PREFIX + PARAM_HTTP_TARGET_PENDINGREQUESTID; public static final String PROCESS_ENGINE_SERVICE_PROVIDER_ENTITYID = PROCESS_ENGINE_PREFIX + "uniqueSPId"; public static final String PROCESS_ENGINE_SSL_CLIENT_CERTIFICATE = PROCESS_ENGINE_PREFIX + "holderofkey_cert"; - public static final String PROCESSCONTEXT_SP_CONFIG = PROCESS_ENGINE_PREFIX + "spConfig"; public static final String PROCESS_ENGINE_REQUIRES_NO_POSTAUTH_REDIRECT = PROCESS_ENGINE_PREFIX + "requireNoPostAuthRedirect"; public static final String PROCESSCONTEXT_SWITCH_LANGUAGE = "changeLanguage"; diff --git a/eaaf_core_api/src/main/java/at/gv/egiz/eaaf/core/api/idp/auth/modules/AuthModule.java b/eaaf_core_api/src/main/java/at/gv/egiz/eaaf/core/api/idp/auth/modules/AuthModule.java index 16df7231..7f5eef06 100644 --- a/eaaf_core_api/src/main/java/at/gv/egiz/eaaf/core/api/idp/auth/modules/AuthModule.java +++ b/eaaf_core_api/src/main/java/at/gv/egiz/eaaf/core/api/idp/auth/modules/AuthModule.java @@ -26,6 +26,7 @@ *******************************************************************************/ package at.gv.egiz.eaaf.core.api.idp.auth.modules; +import at.gv.egiz.eaaf.core.api.IRequest; import at.gv.egiz.eaaf.core.api.idp.process.ExecutionContext; /** @@ -53,9 +54,10 @@ public interface AuthModule { * * @param context * an ExecutionContext for a process. + * @param pendingReq the current processed pending request * @return the process-ID of a process which is able to work with the given ExecutionContext, or {@code null}. */ - String selectProcess(ExecutionContext context); + String selectProcess(ExecutionContext context, IRequest pendingReq); /** * Returns the an Array of {@link ProcessDefinition}s of the processes included in this module. diff --git a/eaaf_modules/eaaf_module_auth_sl20/src/main/java/at/gv/egiz/eaaf/modules/auth/sl20/AbstractSL20AuthenticationModulImpl.java b/eaaf_modules/eaaf_module_auth_sl20/src/main/java/at/gv/egiz/eaaf/modules/auth/sl20/AbstractSL20AuthenticationModulImpl.java index 64739dd8..7e306f25 100644 --- a/eaaf_modules/eaaf_module_auth_sl20/src/main/java/at/gv/egiz/eaaf/modules/auth/sl20/AbstractSL20AuthenticationModulImpl.java +++ b/eaaf_modules/eaaf_module_auth_sl20/src/main/java/at/gv/egiz/eaaf/modules/auth/sl20/AbstractSL20AuthenticationModulImpl.java @@ -10,7 +10,7 @@ import org.slf4j.Logger; import org.slf4j.LoggerFactory; import org.springframework.beans.factory.annotation.Autowired; -import at.gv.egiz.eaaf.core.api.data.EAAFConstants; +import at.gv.egiz.eaaf.core.api.IRequest; import at.gv.egiz.eaaf.core.api.idp.IConfiguration; import at.gv.egiz.eaaf.core.api.idp.ISPConfiguration; import at.gv.egiz.eaaf.core.api.idp.auth.modules.AuthModule; @@ -58,8 +58,8 @@ public abstract class AbstractSL20AuthenticationModulImpl implements AuthModule * @see at.gv.egovernment.moa.id.auth.modules.AuthModule#selectProcess(at.gv.egovernment.moa.id.process.api.ExecutionContext) */ @Override - public String selectProcess(ExecutionContext context) { - final ISPConfiguration spConfig = (ISPConfiguration) context.get(EAAFConstants.PROCESSCONTEXT_SP_CONFIG); + public String selectProcess(ExecutionContext context, IRequest pendingReq) { + final ISPConfiguration spConfig = pendingReq.getServiceProviderConfiguration(); if (spConfig == null) { log.error("Suspect state. NO SP CONFIGURATION IN CONTEXT!"); -- cgit v1.2.3