From 61d276832ebcf1901183dab323126f8ecb6a7370 Mon Sep 17 00:00:00 2001
From: Thomas Lenz <thomas.lenz@egiz.gv.at>
Date: Thu, 11 Apr 2019 09:44:11 +0200
Subject: refactor protocol finalization to support protocol response without
 final redirect

---
 .../controller/ProtocolFinalizationController.java | 78 +++++-----------------
 1 file changed, 16 insertions(+), 62 deletions(-)

(limited to 'eaaf_core/src/main/java/at/gv/egiz/eaaf/core/impl/idp/controller/ProtocolFinalizationController.java')

diff --git a/eaaf_core/src/main/java/at/gv/egiz/eaaf/core/impl/idp/controller/ProtocolFinalizationController.java b/eaaf_core/src/main/java/at/gv/egiz/eaaf/core/impl/idp/controller/ProtocolFinalizationController.java
index e96ea138..b830e240 100644
--- a/eaaf_core/src/main/java/at/gv/egiz/eaaf/core/impl/idp/controller/ProtocolFinalizationController.java
+++ b/eaaf_core/src/main/java/at/gv/egiz/eaaf/core/impl/idp/controller/ProtocolFinalizationController.java
@@ -20,10 +20,6 @@
  * The "NOTICE" text file is part of the distribution. Any derivative works
  * that you distribute must include a readable copy of the "NOTICE" text file.
  *******************************************************************************/
-/*******************************************************************************
- *******************************************************************************/
-/*******************************************************************************
- *******************************************************************************/
 package at.gv.egiz.eaaf.core.impl.idp.controller;
 
 import java.io.IOException;
@@ -34,16 +30,18 @@ import javax.servlet.http.HttpServletResponse;
 import org.apache.commons.text.StringEscapeUtils;
 import org.slf4j.Logger;
 import org.slf4j.LoggerFactory;
+import org.springframework.beans.factory.annotation.Autowired;
 import org.springframework.stereotype.Controller;
 import org.springframework.web.bind.annotation.RequestMapping;
 import org.springframework.web.bind.annotation.RequestMethod;
 
 import at.gv.egiz.components.eventlog.api.EventConstants;
 import at.gv.egiz.eaaf.core.api.IRequest;
+import at.gv.egiz.eaaf.core.api.IRequestStorage;
 import at.gv.egiz.eaaf.core.api.IStatusMessenger;
 import at.gv.egiz.eaaf.core.api.data.EAAFConstants;
 import at.gv.egiz.eaaf.core.api.data.ExceptionContainer;
-import at.gv.egiz.eaaf.core.exceptions.EAAFAuthenticationException;
+import at.gv.egiz.eaaf.core.api.idp.auth.services.IProtocolAuthenticationService;
 import at.gv.egiz.eaaf.core.exceptions.EAAFException;
 
 /**
@@ -51,8 +49,12 @@ import at.gv.egiz.eaaf.core.exceptions.EAAFException;
  *
  */
 @Controller
-public class ProtocolFinalizationController extends AbstractAuthProtocolModulController {
+public class ProtocolFinalizationController extends AbstractController {
 	private static final Logger log = LoggerFactory.getLogger(ProtocolFinalizationController.class);
+	public static final String ENDPOINT_FINALIZEPROTOCOL = "finalizeAuthProtocol";	
+	public static final String ENDPOINT_ERRORHANDLING = "errorHandling";
+	
+	@Autowired(required=true) IRequestStorage requestStorage;
 	
 	@RequestMapping(value = ENDPOINT_ERRORHANDLING, method = {RequestMethod.GET})
 	public void errorHandling(HttpServletRequest req, HttpServletResponse resp) throws EAAFException, IOException {
@@ -72,7 +74,7 @@ public class ProtocolFinalizationController extends AbstractAuthProtocolModulCon
 					
 					if (pendingReq != null) {													
 						//build protocol-specific error message if possible
-						buildProtocolSpecificErrorResponse(throwable, req, resp, pendingReq);
+						protAuthService.buildProtocolSpecificErrorResponse(throwable, req, resp, pendingReq);
 																
 						//remove active user-session
 						transactionStorage.remove(pendingReq.getPendingRequestId());
@@ -80,11 +82,11 @@ public class ProtocolFinalizationController extends AbstractAuthProtocolModulCon
 						return;
 	
 					} else {
-						handleErrorNoRedirect(throwable, req, resp, true);
+						protAuthService.handleErrorNoRedirect(throwable, req, resp, true);
 	
 					}
 				} else {
-					handleErrorNoRedirect(
+					protAuthService.handleErrorNoRedirect(
 							new EAAFException(
 									IStatusMessenger.CODES_INTERNAL_ERROR_AUTH_NOPENDIGREQID, 
 									null), req, resp, false);
@@ -93,7 +95,7 @@ public class ProtocolFinalizationController extends AbstractAuthProtocolModulCon
 				
 			} catch (Throwable e) {
 				log.error(e.getMessage(), e);				
-				handleErrorNoRedirect(e, req, resp, false);
+				protAuthService.handleErrorNoRedirect(e, req, resp, false);
 			
 			} finally {
 				//remove pending-request
@@ -107,7 +109,7 @@ public class ProtocolFinalizationController extends AbstractAuthProtocolModulCon
 			
 		} else {
 			log.debug("Request contains NO ErrorId");
-			handleErrorNoRedirect(
+			protAuthService.handleErrorNoRedirect(
 					new EAAFException(
 							IStatusMessenger.CODES_INTERNAL_ERROR_AUTH_NOPENDIGREQID, 
 							null), req, resp, false);
@@ -132,62 +134,14 @@ public class ProtocolFinalizationController extends AbstractAuthProtocolModulCon
  						
 		if (pendingReq == null) {
 			log.error("No PendingRequest with ID " + pendingRequestID + " found.!");		
-			handleErrorNoRedirect(
+			protAuthService.handleErrorNoRedirect(
 					new EAAFException(
 							IStatusMessenger.CODES_INTERNAL_ERROR_AUTH_TIMEOUT, 
 							new Object[]{pendingRequestID,
 							}), req, resp, false);							
 			
-		} else {
-			try {
-				log.debug("Finalize PendingRequest with ID " + pendingRequestID);
-							
-				//check if pending-request has 'abortedByUser' flag set
-				if (pendingReq.isAbortedByUser()) {
-					//send authentication aborted error to Service Provider
-					buildProtocolSpecificErrorResponse(
-							new EAAFAuthenticationException(
-									IStatusMessenger.CODES_INTERNAL_ERROR_AUTH_USERSTOP, 
-									new Object[] {}), 
-							req, resp, pendingReq);
-					
-					//do not remove the full active SSO-Session 
-					// in case of only one Service-Provider authentication request is aborted   
-					if ( !pendingReq.needSingleSignOnFunctionality())  {
-						transactionStorage.remove(pendingReq.getPendingRequestId());
-						
-					}							
-
-					//check if pending-request are authenticated					
-				} else if (pendingReq.isAuthenticated()) {				
-					finalizeAuthenticationProcess(req, resp, pendingReq);
-
-				} else {
-					//suspect state: pending-request is not aborted but also are not authenticated 
-					log.error("PendingRequest is NOT authenticated --> Abort authentication process!");		
-					handleErrorNoRedirect(
-							new EAAFException(
-									"auth.20",
-									null), req, resp, true);							
-									
-				}
-							
-			} catch (Exception e) {
-				log.error("Finalize authentication protocol FAILED." , e);
-				buildProtocolSpecificErrorResponse(e, req, resp, pendingReq);
-				
-				if (pendingReq != null)
-					transactionStorage.remove(pendingReq.getPendingRequestId());
-				
-			}		
-		}
-		
-		//remove pending-request
-		if (pendingReq != null) {
-			requestStorage.removePendingRequest(pendingReq.getPendingRequestId());
-			revisionsLogger.logEvent(EventConstants.TRANSACTION_DESTROYED, pendingReq.getUniqueTransactionIdentifier());
-			
-		}
+		} else
+			protAuthService.finalizeAuthentication(req, resp, pendingReq);
 		
 	}
 	
-- 
cgit v1.2.3