From 4981ce216b0af1616be2f663a79ff46597cc6014 Mon Sep 17 00:00:00 2001 From: Thomas <> Date: Thu, 14 Oct 2021 13:49:32 +0200 Subject: remove thread-local variable from AuthenticationDataBuilder --- .../builder/AbstractAuthenticationDataBuilder.java | 57 +++++++++++++++------- 1 file changed, 40 insertions(+), 17 deletions(-) (limited to 'eaaf_core/src/main') diff --git a/eaaf_core/src/main/java/at/gv/egiz/eaaf/core/impl/idp/auth/builder/AbstractAuthenticationDataBuilder.java b/eaaf_core/src/main/java/at/gv/egiz/eaaf/core/impl/idp/auth/builder/AbstractAuthenticationDataBuilder.java index d0ee8f5c..142dcf28 100644 --- a/eaaf_core/src/main/java/at/gv/egiz/eaaf/core/impl/idp/auth/builder/AbstractAuthenticationDataBuilder.java +++ b/eaaf_core/src/main/java/at/gv/egiz/eaaf/core/impl/idp/auth/builder/AbstractAuthenticationDataBuilder.java @@ -73,10 +73,12 @@ public abstract class AbstractAuthenticationDataBuilder implements IAuthenticati public static final String CONFIG_PROP_ENABLE_IDL_ATTRIBUTE_ESCAPEING = "configuration.bugfix.enable.idl.escaping"; + private static final String GENERIC_ATTR_CONTAINER = "processAuthParam;"; + @Autowired protected IConfigurationWithSP basicConfig; - protected ThreadLocal> includedToGenericAuthData = null; + //protected ThreadLocal> includedToGenericAuthData = null; @Override @@ -172,7 +174,7 @@ public abstract class AbstractAuthenticationDataBuilder implements IAuthenticati // includedToGenericAuthData = // authProcessData.getGenericSessionDataStorage().keySet(); // else - initializeThreadLocalVariable(new HashSet<>()); + initializeThreadLocalVariable(authProcessData, new HashSet<>()); // #################################################### // set general authData info's @@ -221,14 +223,34 @@ public abstract class AbstractAuthenticationDataBuilder implements IAuthenticati }); } + /** + * Initialize Thread-Local holder for generic attributes set in authenticated session. + * + * @param authProcessData Current authentication data holder + * @param data {@link Collection} of generic attribute-names + * @throws EaafAuthenticationException In case of an error + */ + protected void initializeThreadLocalVariable(@NonNull final IAuthProcessDataContainer authProcessData, + Set data) + throws EaafAuthenticationException { + try { + authProcessData.setGenericDataToSession(GENERIC_ATTR_CONTAINER, data); + + } catch (EaafStorageException e) { + throw new EaafAuthenticationException("builder.11", new Object[] { e.getMessage() }, e); + + } + + } + /** * Initialize Thread-Local holder for generic attributes set in authenticated session. * * @param set {@link Collection} of generic attribute-names */ - protected void initializeThreadLocalVariable(Set set) { - includedToGenericAuthData = new ThreadLocal>(); - includedToGenericAuthData.set(set); + @SuppressWarnings("unchecked") + protected Set getThreadLocalVariable(@NonNull final IAuthProcessDataContainer authProcessData) { + return authProcessData.getGenericDataFromSession(GENERIC_ATTR_CONTAINER, Set.class); } @@ -242,7 +264,7 @@ public abstract class AbstractAuthenticationDataBuilder implements IAuthenticati */ private void setCitizenCountryCode(final AuthenticationData authData, final IAuthProcessDataContainer authProcessData) throws EaafAuthenticationException { - includedToGenericAuthData.get().remove(PvpAttributeDefinitions.EID_ISSUING_NATION_NAME); + getThreadLocalVariable(authProcessData).remove(PvpAttributeDefinitions.EID_ISSUING_NATION_NAME); final String pvpCccAttr = authProcessData .getGenericDataFromSession(PvpAttributeDefinitions.EID_ISSUING_NATION_NAME, String.class); if (StringUtils.isNotEmpty(pvpCccAttr)) { @@ -275,7 +297,7 @@ public abstract class AbstractAuthenticationDataBuilder implements IAuthenticati */ private void setQaaLevel(@NonNull final AuthenticationData authData, @NonNull final IAuthProcessDataContainer authProcessData) { - includedToGenericAuthData.get().remove(PvpAttributeDefinitions.EID_CITIZEN_EIDAS_QAA_LEVEL_NAME); + getThreadLocalVariable(authProcessData).remove(PvpAttributeDefinitions.EID_CITIZEN_EIDAS_QAA_LEVEL_NAME); String currentLoA = null; if (StringUtils.isNotEmpty(authProcessData.getQaaLevel())) { currentLoA = authProcessData.getQaaLevel(); @@ -341,9 +363,10 @@ public abstract class AbstractAuthenticationDataBuilder implements IAuthenticati if (authProcessData.getGenericSessionDataStorage() != null && !authProcessData.getGenericSessionDataStorage().isEmpty()) { - initializeThreadLocalVariable(authProcessData.getGenericSessionDataStorage().keySet()); + initializeThreadLocalVariable(authProcessData, + authProcessData.getGenericSessionDataStorage().keySet()); } else { - initializeThreadLocalVariable(new HashSet<>()); + initializeThreadLocalVariable(authProcessData, new HashSet<>()); } // #################################################### @@ -358,7 +381,7 @@ public abstract class AbstractAuthenticationDataBuilder implements IAuthenticati IIdentityLink idlFromPvpAttr = null; final IIdentityLink identityLink = authProcessData.getIdentityLink(); if (identityLink != null) { - parseBasicUserInfosFromIdl(authData, identityLink, includedToGenericAuthData.get()); + parseBasicUserInfosFromIdl(authData, identityLink, getThreadLocalVariable(authProcessData)); } else { // identityLink is not direct in MOASession @@ -372,7 +395,7 @@ public abstract class AbstractAuthenticationDataBuilder implements IAuthenticati try { idlStream = new ByteArrayInputStream(Base64Utils.decodeFromString(pvpAttrIdl)); idlFromPvpAttr = new SimpleIdentityLinkAssertionParser(idlStream).parseIdentityLink(); - parseBasicUserInfosFromIdl(authData, idlFromPvpAttr, includedToGenericAuthData.get()); + parseBasicUserInfosFromIdl(authData, idlFromPvpAttr, getThreadLocalVariable(authProcessData)); // set identitylink into AuthProcessData authProcessData.setIdentityLink(idlFromPvpAttr); @@ -385,7 +408,7 @@ public abstract class AbstractAuthenticationDataBuilder implements IAuthenticati } finally { try { - includedToGenericAuthData.get().remove(PvpAttributeDefinitions.EID_IDENTITY_LINK_NAME); + getThreadLocalVariable(authProcessData).remove(PvpAttributeDefinitions.EID_IDENTITY_LINK_NAME); if (idlStream != null) { idlStream.close(); } @@ -413,11 +436,11 @@ public abstract class AbstractAuthenticationDataBuilder implements IAuthenticati PvpAttributeDefinitions.EID_SOURCE_PIN_TYPE_NAME, String.class)); // remove corresponding keys from genericSessionData if exists - includedToGenericAuthData.get().remove(PvpAttributeDefinitions.PRINCIPAL_NAME_NAME); - includedToGenericAuthData.get().remove(PvpAttributeDefinitions.GIVEN_NAME_NAME); - includedToGenericAuthData.get().remove(PvpAttributeDefinitions.BIRTHDATE_NAME); - includedToGenericAuthData.get().remove(PvpAttributeDefinitions.EID_SOURCE_PIN_NAME); - includedToGenericAuthData.get().remove(PvpAttributeDefinitions.EID_SOURCE_PIN_TYPE_NAME); + getThreadLocalVariable(authProcessData).remove(PvpAttributeDefinitions.PRINCIPAL_NAME_NAME); + getThreadLocalVariable(authProcessData).remove(PvpAttributeDefinitions.GIVEN_NAME_NAME); + getThreadLocalVariable(authProcessData).remove(PvpAttributeDefinitions.BIRTHDATE_NAME); + getThreadLocalVariable(authProcessData).remove(PvpAttributeDefinitions.EID_SOURCE_PIN_NAME); + getThreadLocalVariable(authProcessData).remove(PvpAttributeDefinitions.EID_SOURCE_PIN_TYPE_NAME); } } -- cgit v1.2.3