From fe5b974390bed15d2421dfd14c54ef25d485b5ed Mon Sep 17 00:00:00 2001 From: Thomas Lenz Date: Wed, 21 Oct 2020 08:00:55 +0200 Subject: add new configuration property to switch between log-level "WARN" and "INFO" based on internal errorIds remove duplicated logging --- .../services/ProtocolAuthenticationService.java | 142 +++++++++++---------- .../services/IProtocolAuthenticationService.java | 10 +- .../sl20/tasks/AbstractReceiveQualEidTask.java | 25 ++-- 3 files changed, 89 insertions(+), 88 deletions(-) diff --git a/eaaf_core/src/main/java/at/gv/egiz/eaaf/core/impl/idp/auth/services/ProtocolAuthenticationService.java b/eaaf_core/src/main/java/at/gv/egiz/eaaf/core/impl/idp/auth/services/ProtocolAuthenticationService.java index 72fa1faf..98149957 100644 --- a/eaaf_core/src/main/java/at/gv/egiz/eaaf/core/impl/idp/auth/services/ProtocolAuthenticationService.java +++ b/eaaf_core/src/main/java/at/gv/egiz/eaaf/core/impl/idp/auth/services/ProtocolAuthenticationService.java @@ -22,9 +22,9 @@ package at.gv.egiz.eaaf.core.impl.idp.auth.services; import java.io.IOException; import java.io.PrintWriter; import java.io.StringWriter; -import java.util.Arrays; -import java.util.List; +import java.util.HashSet; +import javax.annotation.PostConstruct; import javax.naming.ConfigurationException; import javax.servlet.http.HttpServletRequest; import javax.servlet.http.HttpServletResponse; @@ -41,6 +41,7 @@ import at.gv.egiz.eaaf.core.api.gui.ModifyableGuiBuilderConfiguration; import at.gv.egiz.eaaf.core.api.idp.IAction; import at.gv.egiz.eaaf.core.api.idp.IAuthData; import at.gv.egiz.eaaf.core.api.idp.IAuthenticationDataBuilder; +import at.gv.egiz.eaaf.core.api.idp.IConfiguration; import at.gv.egiz.eaaf.core.api.idp.IModulInfo; import at.gv.egiz.eaaf.core.api.idp.ISpConfiguration; import at.gv.egiz.eaaf.core.api.idp.auth.IAuthenticationManager; @@ -63,6 +64,7 @@ import at.gv.egiz.eaaf.core.impl.gui.AbstractGuiFormBuilderConfiguration; import at.gv.egiz.eaaf.core.impl.http.HttpUtils; import at.gv.egiz.eaaf.core.impl.idp.controller.ProtocolFinalizationController; import at.gv.egiz.eaaf.core.impl.idp.controller.protocols.RequestImpl; +import at.gv.egiz.eaaf.core.impl.utils.KeyValueUtils; import at.gv.egiz.eaaf.core.impl.utils.ServletUtils; import org.apache.commons.lang3.ArrayUtils; @@ -80,8 +82,9 @@ import org.springframework.stereotype.Service; public class ProtocolAuthenticationService implements IProtocolAuthenticationService { private static final Logger log = LoggerFactory.getLogger(ProtocolAuthenticationService.class); - private static final List ERROR_LOGGER_ON_INFO_LEVEL = - Arrays.asList(IStatusMessenger.CODES_INTERNAL_ERROR_AUTH_USERSTOP); + private static final String CONFIG_PROP_LOGGER_ON_INFO_LEVEL = + "core.logging.level.info.errorcodes"; + private static final String TECH_LOG_MSG = "errorCode={} Message={}"; @Autowired(required = true) private ApplicationContext applicationContext; @@ -97,6 +100,7 @@ public class ProtocolAuthenticationService implements IProtocolAuthenticationSer private IRequestStorage requestStorage; @Autowired(required = true) IPendingRequestIdGenerationStrategy pendingReqIdGenerationStrategy; + @Autowired private IConfiguration basicConfig; @Autowired(required = false) private ISsoManager ssoManager; @@ -107,6 +111,8 @@ public class ProtocolAuthenticationService implements IProtocolAuthenticationSer private IGuiFormBuilder guiBuilder; + private final HashSet logOnInfoLevel = new HashSet<>(); + /* * (non-Javadoc) * @@ -170,7 +176,7 @@ public class ProtocolAuthenticationService implements IProtocolAuthenticationSer @Override public void finalizeAuthentication(final HttpServletRequest req, final HttpServletResponse resp, final IRequest pendingReq) throws EaafException, IOException { - log.debug("Finalize PendingRequest with ID " + pendingReq.getPendingRequestId()); + log.debug("Finalize PendingRequest with ID={} ", pendingReq.getPendingRequestId()); try { // check if pending-request has 'abortedByUser' flag set @@ -204,7 +210,7 @@ public class ProtocolAuthenticationService implements IProtocolAuthenticationSer } } catch (final Exception e) { - log.error("Finalize authentication protocol FAILED.", e); + log.info("Finalize authentication protocol FAILED. Reason: {}", e.getMessage()); buildProtocolSpecificErrorResponse(e, req, resp, pendingReq); } finally { @@ -227,7 +233,7 @@ public class ProtocolAuthenticationService implements IProtocolAuthenticationSer if (clazz == null || !IModulInfo.class.isAssignableFrom(clazz)) { log.error( "Requested protocol module Class is NULL or does not implement the IModulInfo interface."); - throw new Exception( + throw new ClassCastException( "Requested protocol module Class is NULL or does not implement the IModulInfo interface."); } @@ -246,8 +252,6 @@ public class ProtocolAuthenticationService implements IProtocolAuthenticationSer revisionsLogger.logEvent(protocolRequest, EventConstants.TRANSACTION_ERROR, protocolRequest.getUniqueTransactionIdentifier()); - return; - } else { handleErrorNoRedirect(throwable, req, resp, true); @@ -302,29 +306,9 @@ public class ProtocolAuthenticationService implements IProtocolAuthenticationSer resp.setContentType("text/html"); resp.setStatus(302); resp.addHeader("Location", redirectUrl); - log.debug("REDIRECT TO: " + redirectUrl); - - } - } - - private IGuiBuilderConfiguration evaluateRequiredErrorHandlingMethod(IRequest first, String errorId) { - if (first != null && first.isProcessInIframe()) { - return guiConfigFactory.getDefaultIFrameParentHopGui(first, - "/" + ProtocolFinalizationController.ENDPOINT_ERRORHANDLING, - errorId); + log.debug("REDIRECT TO: {}", redirectUrl); } - - return null; - } - - private String generateErrorRedirectUrl(final HttpServletRequest req, String errorKey) { - String redirectUrl = null; - redirectUrl = ServletUtils.getBaseUrl(req); - redirectUrl += "/" + ProtocolFinalizationController.ENDPOINT_ERRORHANDLING + "?" - + EaafConstants.PARAM_HTTP_ERROR_CODE + "=" + errorKey; - return redirectUrl; - } public void setGuiBuilder(final IGuiFormBuilder guiBuilder) { @@ -390,6 +374,40 @@ public class ProtocolAuthenticationService implements IProtocolAuthenticationSer } + /** + * Write a Exception to the MOA-ID-Auth internal technical log. + * + * @param loggedException Exception to log + */ + protected void logExceptionToTechnicalLog(final Throwable loggedException) { + if (!(loggedException instanceof EaafException + || loggedException instanceof ProcessExecutionException)) { + log.error(TECH_LOG_MSG, IStatusMessenger.CODES_INTERNAL_ERROR_GENERIC, + loggedException.getMessage(), loggedException); + + } else { + if (loggedException instanceof EaafException + && logOnInfoLevel.contains(((EaafException) loggedException).getErrorId())) { + log.info(TECH_LOG_MSG, ((EaafException) loggedException).getErrorId(), + loggedException.getMessage(), loggedException); + + } else { + log.warn(TECH_LOG_MSG, ((EaafException) loggedException).getErrorId(), + loggedException.getMessage(), loggedException); + + } + } + } + + @PostConstruct + private void initializer() { + log.trace("Initializing {} ...", ProtocolAuthenticationService.class.getName()); + logOnInfoLevel.addAll(KeyValueUtils.getListOfCsvValues( + basicConfig.getBasicConfiguration(CONFIG_PROP_LOGGER_ON_INFO_LEVEL))); + log.info("Set errorCodes={} to LogLevel:INFO", String.join(",", logOnInfoLevel)); + + } + /** * Executes the requested protocol action. * @@ -411,7 +429,7 @@ public class ProtocolAuthenticationService implements IProtocolAuthenticationSer if (clazz == null || !IAction.class.isAssignableFrom(clazz)) { log.error( "Requested protocol-action processing Class is NULL or does not implement the IAction interface."); - throw new Exception( + throw new ClassCastException( "Requested protocol-action processing Class is NULL or does not implement the IAction interface."); } @@ -422,50 +440,16 @@ public class ProtocolAuthenticationService implements IProtocolAuthenticationSer } catch (final ClassNotFoundException e) { log.error( "Requested Auth. protocol processing Class is NULL or does not implement the IAction interface."); - throw new Exception( - "Requested Auth. protocol processing Class is NULL or does not implement the IAction interface."); + throw new ClassNotFoundException( + "Requested Auth. protocol processing Class is NULL or does not implement the IAction interface.", e); } } - /** - * Write a Exception to the MOA-ID-Auth internal technical log. - * - * @param loggedException Exception to log - */ - protected void logExceptionToTechnicalLog(final Throwable loggedException) { - if (!(loggedException instanceof EaafException - || loggedException instanceof ProcessExecutionException)) { - log.error("Receive an internal error: Message=" + loggedException.getMessage(), - loggedException); - - } else { - if (loggedException instanceof EaafAuthenticationException && ERROR_LOGGER_ON_INFO_LEVEL - .contains(((EaafAuthenticationException) loggedException).getErrorId())) { - if (log.isDebugEnabled() || log.isTraceEnabled()) { - log.info(loggedException.getMessage(), loggedException); - - } else { - log.info(loggedException.getMessage()); - - } - - } else { - if (log.isDebugEnabled() || log.isTraceEnabled()) { - log.warn(loggedException.getMessage(), loggedException); - - } else { - log.warn(loggedException.getMessage()); - - } - } - } - } - private void writeHtmlErrorResponse(@NonNull final HttpServletRequest httpReq, @NonNull final HttpServletResponse httpResp, @NonNull final String msg, @NonNull final String errorCode, @Nullable final Object[] params, - @NonNull final Exception error) throws IOException, EaafException { + @NonNull final Exception error) throws EaafException { try { final IGuiBuilderConfiguration config = @@ -543,13 +527,11 @@ public class ProtocolAuthenticationService implements IProtocolAuthenticationSer } // write error message - // writeBadRequestErrorResponse(req, resp, (EAAFException) e); writeHtmlErrorResponse(req, resp, e.getMessage(), statusMessager.getResponseErrorCode(e), null, e); } else if (e instanceof InvalidProtocolRequestException) { // send error response - // writeBadRequestErrorResponse(req, resp, (EAAFException) e); writeHtmlErrorResponse(req, resp, e.getMessage(), statusMessager.getResponseErrorCode(e), null, e); @@ -572,4 +554,24 @@ public class ProtocolAuthenticationService implements IProtocolAuthenticationSer } + private IGuiBuilderConfiguration evaluateRequiredErrorHandlingMethod(IRequest first, String errorId) { + if (first != null && first.isProcessInIframe()) { + return guiConfigFactory.getDefaultIFrameParentHopGui(first, + "/" + ProtocolFinalizationController.ENDPOINT_ERRORHANDLING, + errorId); + + } + + return null; + } + + private String generateErrorRedirectUrl(final HttpServletRequest req, String errorKey) { + String redirectUrl = null; + redirectUrl = ServletUtils.getBaseUrl(req); + redirectUrl += "/" + ProtocolFinalizationController.ENDPOINT_ERRORHANDLING + "?" + + EaafConstants.PARAM_HTTP_ERROR_CODE + "=" + errorKey; + return redirectUrl; + + } + } diff --git a/eaaf_core_api/src/main/java/at/gv/egiz/eaaf/core/api/idp/auth/services/IProtocolAuthenticationService.java b/eaaf_core_api/src/main/java/at/gv/egiz/eaaf/core/api/idp/auth/services/IProtocolAuthenticationService.java index d1d68c2d..2c0fe55f 100644 --- a/eaaf_core_api/src/main/java/at/gv/egiz/eaaf/core/api/idp/auth/services/IProtocolAuthenticationService.java +++ b/eaaf_core_api/src/main/java/at/gv/egiz/eaaf/core/api/idp/auth/services/IProtocolAuthenticationService.java @@ -96,16 +96,16 @@ public interface IProtocolAuthenticationService { /** * Forward the process to error-handler in case of an error. - * + * * @param errorToHandle Error to handle * @param errorKey ErrorId for error-handler * @param req HTTP response * @param resp HTTP response * @throws GuiBuildException In case of an GUI generation error */ - void forwardToErrorHandler(Pair errorToHandle, String errorKey, + void forwardToErrorHandler(Pair errorToHandle, String errorKey, HttpServletRequest req, HttpServletResponse resp) throws GuiBuildException; - - - + + + } diff --git a/eaaf_modules/eaaf_module_auth_sl20/src/main/java/at/gv/egiz/eaaf/modules/auth/sl20/tasks/AbstractReceiveQualEidTask.java b/eaaf_modules/eaaf_module_auth_sl20/src/main/java/at/gv/egiz/eaaf/modules/auth/sl20/tasks/AbstractReceiveQualEidTask.java index 4786ff39..7591b3bd 100644 --- a/eaaf_modules/eaaf_module_auth_sl20/src/main/java/at/gv/egiz/eaaf/modules/auth/sl20/tasks/AbstractReceiveQualEidTask.java +++ b/eaaf_modules/eaaf_module_auth_sl20/src/main/java/at/gv/egiz/eaaf/modules/auth/sl20/tasks/AbstractReceiveQualEidTask.java @@ -6,15 +6,6 @@ import java.util.Map; import javax.servlet.http.HttpServletRequest; import javax.servlet.http.HttpServletResponse; -import org.apache.commons.lang3.StringUtils; -import org.jose4j.base64url.Base64Url; -import org.slf4j.Logger; -import org.slf4j.LoggerFactory; -import org.springframework.beans.factory.annotation.Autowired; - -import com.fasterxml.jackson.core.JsonParseException; -import com.fasterxml.jackson.databind.JsonNode; - import at.gv.egiz.eaaf.core.api.idp.process.ExecutionContext; import at.gv.egiz.eaaf.core.exceptions.EaafAuthenticationException; import at.gv.egiz.eaaf.core.exceptions.EaafStorageException; @@ -36,6 +27,15 @@ import at.gv.egiz.eaaf.modules.auth.sl20.utils.SL20Constants; import at.gv.egiz.eaaf.modules.auth.sl20.utils.SL20JsonExtractorUtils; import at.gv.egiz.eaaf.modules.auth.sl20.utils.SL20ResponseUtils; +import org.apache.commons.lang3.StringUtils; +import org.jose4j.base64url.Base64Url; +import org.slf4j.Logger; +import org.slf4j.LoggerFactory; +import org.springframework.beans.factory.annotation.Autowired; + +import com.fasterxml.jackson.core.JsonParseException; +import com.fasterxml.jackson.databind.JsonNode; + public abstract class AbstractReceiveQualEidTask extends AbstractAuthServletTask { private static final Logger log = LoggerFactory.getLogger(AbstractReceiveQualEidTask.class); @@ -117,7 +117,7 @@ public abstract class AbstractReceiveQualEidTask extends AbstractAuthServletTask log.debug("VDA provides an optional sessionId. Inject it to internal error-holder "); ex.setVdaSessionId(vdaSessionId); - } + } throw ex; } else { @@ -161,7 +161,6 @@ public abstract class AbstractReceiveQualEidTask extends AbstractAuthServletTask } } catch (final EaafAuthenticationException e) { - log.warn("SL2.0 processing error:", e); if (sl20Result != null) { log.debug("Received SL2.0 result: " + sl20Result); } @@ -170,8 +169,8 @@ public abstract class AbstractReceiveQualEidTask extends AbstractAuthServletTask new TaskExecutionException(pendingReq, "SL2.0 Authentication FAILED. Msg: " + e.getMessage(), e)); } catch (final Exception e) { - log.warn("ERROR:", e); - log.warn("SL2.0 Authentication FAILED with a generic error.", e); + + if (sl20Result != null) { log.debug("Received SL2.0 result: " + sl20Result); } -- cgit v1.2.3