From 54f16e552a3d6c5579282de5c8d6a92395f6c049 Mon Sep 17 00:00:00 2001 From: Thomas <> Date: Sat, 13 May 2023 15:18:03 +0200 Subject: refact(core): remove double serialization in central error handling --- .../services/ProtocolAuthenticationService.java | 4 +- .../impl/idp/controller/AbstractController.java | 15 +---- .../controller/ProtocolFinalizationController.java | 74 +++++++--------------- .../ProtocolFinalizationControllerTest.java | 29 ++++----- 4 files changed, 40 insertions(+), 82 deletions(-) (limited to 'eaaf_core/src') diff --git a/eaaf_core/src/main/java/at/gv/egiz/eaaf/core/impl/idp/auth/services/ProtocolAuthenticationService.java b/eaaf_core/src/main/java/at/gv/egiz/eaaf/core/impl/idp/auth/services/ProtocolAuthenticationService.java index 76687749..98ea339e 100644 --- a/eaaf_core/src/main/java/at/gv/egiz/eaaf/core/impl/idp/auth/services/ProtocolAuthenticationService.java +++ b/eaaf_core/src/main/java/at/gv/egiz/eaaf/core/impl/idp/auth/services/ProtocolAuthenticationService.java @@ -37,7 +37,6 @@ import org.springframework.context.ApplicationContext; import org.springframework.lang.NonNull; import org.springframework.lang.Nullable; import org.springframework.stereotype.Service; -import org.springframework.util.SerializationUtils; import at.gv.egiz.components.eventlog.api.EventConstants; import at.gv.egiz.eaaf.core.api.IRequest; @@ -248,12 +247,11 @@ public class ProtocolAuthenticationService implements IProtocolAuthenticationSer if (errorData.getErrorIdTokenForRedirect() != null) { // Put pending request final ExceptionContainer exceptionContainer = new ExceptionContainer(protocolRequest, throwable); - final byte[] serialized = SerializationUtils.serialize(exceptionContainer); log.debug("Put error into cache to support SP forwarding ... "); String internalErrorToken = pendingReqIdGenerationStrategy.getPendingRequestIdWithOutChecks( errorData.getErrorIdTokenForRedirect()); log.trace("errorIdToken: {}", internalErrorToken); - transactionStorage.put(internalErrorToken, serialized, -1); + transactionStorage.put(internalErrorToken, exceptionContainer, -1); } else { log.debug("No errorTokenId. Forwarding to SP will not be available"); diff --git a/eaaf_core/src/main/java/at/gv/egiz/eaaf/core/impl/idp/controller/AbstractController.java b/eaaf_core/src/main/java/at/gv/egiz/eaaf/core/impl/idp/controller/AbstractController.java index b05d8df0..4fa2676d 100644 --- a/eaaf_core/src/main/java/at/gv/egiz/eaaf/core/impl/idp/controller/AbstractController.java +++ b/eaaf_core/src/main/java/at/gv/egiz/eaaf/core/impl/idp/controller/AbstractController.java @@ -30,7 +30,6 @@ import org.slf4j.Logger; import org.slf4j.LoggerFactory; import org.springframework.beans.factory.annotation.Autowired; import org.springframework.context.ApplicationContext; -import org.springframework.util.SerializationUtils; import org.springframework.web.bind.annotation.ExceptionHandler; import at.gv.egiz.components.eventlog.api.EventConstants; @@ -178,21 +177,13 @@ public abstract class AbstractController { if (errorToHandle.getFirst() != null) { revisionsLogger.logEvent(errorToHandle.getFirst(), EventConstants.TRANSACTION_ERROR); - - log.trace("Serializing {} ... ", ExceptionContainer.class.getName()); - final byte[] serializedError = SerializationUtils.serialize( - new ExceptionContainer(errorToHandle.getFirst(), errorToHandle.getSecond())); - log.debug("Put 'ExceptionContainer' into cache with id: {}... ", errorKey); - transactionStorage.put(errorKey, serializedError, -1); + transactionStorage.put(errorKey, + new ExceptionContainer(errorToHandle.getFirst(), errorToHandle.getSecond()), -1); } else { - log.trace("Serializing {} ... ", ExceptionContainer.class.getName()); - final byte[] serializedError = SerializationUtils.serialize( - new ExceptionContainer(null, errorToHandle.getSecond())); - log.trace("Put 'ExceptionContainer' into cache with id: {}... ",errorKey); - transactionStorage.put(errorKey, serializedError, -1); + transactionStorage.put(errorKey, new ExceptionContainer(null, errorToHandle.getSecond()), -1); } diff --git a/eaaf_core/src/main/java/at/gv/egiz/eaaf/core/impl/idp/controller/ProtocolFinalizationController.java b/eaaf_core/src/main/java/at/gv/egiz/eaaf/core/impl/idp/controller/ProtocolFinalizationController.java index a0ac57d1..099aa180 100644 --- a/eaaf_core/src/main/java/at/gv/egiz/eaaf/core/impl/idp/controller/ProtocolFinalizationController.java +++ b/eaaf_core/src/main/java/at/gv/egiz/eaaf/core/impl/idp/controller/ProtocolFinalizationController.java @@ -29,7 +29,6 @@ import org.slf4j.Logger; import org.slf4j.LoggerFactory; import org.springframework.beans.factory.annotation.Autowired; import org.springframework.stereotype.Controller; -import org.springframework.util.SerializationUtils; import org.springframework.web.bind.annotation.RequestMapping; import org.springframework.web.bind.annotation.RequestMethod; @@ -85,32 +84,23 @@ public class ProtocolFinalizationController extends AbstractController { log.debug("Searching exception with internal error-token: {}", errorId); // load stored exception from database - final byte[] containerSerialized = transactionStorage.get(errorId, byte[].class); - if (containerSerialized != null) { + final ExceptionContainer container = transactionStorage.get(errorId, ExceptionContainer.class); + if (container != null) { // remove exception if it was found transactionStorage.remove(errorId); log.trace("Find exception with internal error-token: {}", errorId); - //final Object containerObj = EaafSerializationUtils.deserialize(containerSerialized, - // Arrays.asList( - // ExceptionContainer.class.getName() - // )); - final Object containerObj = SerializationUtils.deserialize(containerSerialized); - - if (containerObj instanceof ExceptionContainer) { - final ExceptionContainer container = (ExceptionContainer) containerObj; - final Throwable throwable = container.getExceptionThrown(); - pendingReq = container.getPendingRequest(); - - if (pendingReq != null) { - IModulInfo handlingModule = ProtocolAuthenticationService - .extractShibbolethHandling(pendingReq, applicationContext); - if (!handlingModule.generateErrorMessage(throwable, req, resp, pendingReq)) { - protAuthService.handleErrorNoRedirect(new EaafException("process.90", null), req, resp, false); - - } + final Throwable throwable = container.getExceptionThrown(); + pendingReq = container.getPendingRequest(); + + if (pendingReq != null) { + IModulInfo handlingModule = ProtocolAuthenticationService + .extractShibbolethHandling(pendingReq, applicationContext); + if (!handlingModule.generateErrorMessage(throwable, req, resp, pendingReq)) { + protAuthService.handleErrorNoRedirect(new EaafException("process.90", null), req, resp, false); + } - } + } } else { log.info("Find no exception with internal error-token: {}", errorId); protAuthService @@ -162,45 +152,29 @@ public class ProtocolFinalizationController extends AbstractController { log.debug("Searching exception with internal error-token: {}", errorId); // load stored exception from database - final byte[] containerSerialized = transactionStorage.get(errorId, byte[].class); - if (containerSerialized != null) { + final ExceptionContainer container = transactionStorage.get(errorId, ExceptionContainer.class); + if (container != null) { // remove exception if it was found transactionStorage.remove(errorId); log.trace("Find exception with internal error-token: {}", errorId); - //final Object containerObj = EaafSerializationUtils.deserialize(containerSerialized, - // Arrays.asList( - // ExceptionContainer.class.getName() - // )); - final Object containerObj = SerializationUtils.deserialize(containerSerialized); - - if (containerObj instanceof ExceptionContainer) { - final ExceptionContainer container = (ExceptionContainer) containerObj; - final Throwable throwable = container.getExceptionThrown(); - pendingReq = container.getPendingRequest(); + final Throwable throwable = container.getExceptionThrown(); + pendingReq = container.getPendingRequest(); - if (pendingReq != null) { - //set MDC variables - TransactionIdUtils.setAllLoggingVariables(pendingReq); + if (pendingReq != null) { + // set MDC variables + TransactionIdUtils.setAllLoggingVariables(pendingReq); - // build protocol-specific error message if possible - protAuthService.buildProtocolSpecificErrorResponse(throwable, req, resp, pendingReq); + // build protocol-specific error message if possible + protAuthService.buildProtocolSpecificErrorResponse(throwable, req, resp, pendingReq); - // remove active user-session - transactionStorage.remove(pendingReq.getPendingRequestId()); - - } else { - protAuthService.handleErrorNoRedirect(throwable, req, resp, true); - - } + // remove active user-session + transactionStorage.remove(pendingReq.getPendingRequestId()); } else { - protAuthService - .handleErrorNoRedirect(new EaafException(IStatusMessenger.CODES_INTERNAL_ERROR_GENERIC, null), req, - resp, false); + protAuthService.handleErrorNoRedirect(throwable, req, resp, true); } - } else { log.info("Find no exception with internal error-token: {}", errorId); protAuthService diff --git a/eaaf_core/src/test/java/at/gv/egiz/eaaf/core/impl/idp/auth/controller/ProtocolFinalizationControllerTest.java b/eaaf_core/src/test/java/at/gv/egiz/eaaf/core/impl/idp/auth/controller/ProtocolFinalizationControllerTest.java index 4341d141..e165f84b 100644 --- a/eaaf_core/src/test/java/at/gv/egiz/eaaf/core/impl/idp/auth/controller/ProtocolFinalizationControllerTest.java +++ b/eaaf_core/src/test/java/at/gv/egiz/eaaf/core/impl/idp/auth/controller/ProtocolFinalizationControllerTest.java @@ -19,7 +19,6 @@ import org.springframework.mock.web.MockHttpServletRequest; import org.springframework.mock.web.MockHttpServletResponse; import org.springframework.test.context.ContextConfiguration; import org.springframework.test.context.junit4.SpringJUnit4ClassRunner; -import org.springframework.util.SerializationUtils; import at.gv.egiz.eaaf.core.api.data.EaafConfigConstants; import at.gv.egiz.eaaf.core.api.data.EaafConstants; @@ -107,8 +106,7 @@ public class ProtocolFinalizationControllerTest { protocolRequest.setSpConfig(new DummySpConfiguration(spConfig, config)); Throwable throwable = new EaafException("internal.00"); final ExceptionContainer exceptionContainer = new ExceptionContainer(protocolRequest, throwable); - final byte[] serialized = SerializationUtils.serialize(exceptionContainer); - storage.put(token, serialized, -1); + storage.put(token, exceptionContainer, -1); // perform test controller.errorRedirect(httpReq, httpResp); @@ -174,8 +172,7 @@ public class ProtocolFinalizationControllerTest { protocolRequest.setSpConfig(new DummySpConfiguration(spConfig, config)); Throwable throwable = new EaafException("internal.00"); final ExceptionContainer exceptionContainer = new ExceptionContainer(protocolRequest, throwable); - final byte[] serialized = SerializationUtils.serialize(exceptionContainer); - storage.put(token, serialized, -1); + storage.put(token, exceptionContainer, -1); // perform test controller.errorHandling(httpReq, httpResp); @@ -218,8 +215,7 @@ public class ProtocolFinalizationControllerTest { Throwable throwable = new EaafException("internal.00"); final ExceptionContainer exceptionContainer = new ExceptionContainer(protocolRequest, throwable); - final byte[] serialized = SerializationUtils.serialize(exceptionContainer); - storage.put(token, serialized, -1); + storage.put(token, exceptionContainer, -1); String secondErrorTicket = requestIdValidationStragegy.generateExternalPendingRequestId(); errorService.setErrorIdTokenForRedirect(secondErrorTicket); @@ -241,10 +237,10 @@ public class ProtocolFinalizationControllerTest { assertEquals("wrong intErrorCode", "internal.00", params.get("errorCode")); assertTrue("wrong extErrorCode", ((String) params.get("extErrorCode")).contains("internal.00")); - byte[] secondErrorSerialized = storage.get( - requestIdValidationStragegy.getPendingRequestIdWithOutChecks(secondErrorTicket), byte[].class); - assertNotNull("Exception not removed from cache", secondErrorSerialized); - ExceptionContainer secondError = (ExceptionContainer) SerializationUtils.deserialize(secondErrorSerialized); + ExceptionContainer secondError = storage.get( + requestIdValidationStragegy.getPendingRequestIdWithOutChecks(secondErrorTicket), + ExceptionContainer.class); + assertNotNull("Exception not removed from cache", secondError); assertEquals("wrong pengingReq", protocolRequest.getUniqueTransactionIdentifier(), secondError.getPendingRequest().getUniqueTransactionIdentifier()); assertEquals("wrong exception", throwable.getMessage(), secondError.getExceptionThrown().getMessage()); @@ -274,8 +270,7 @@ public class ProtocolFinalizationControllerTest { Throwable throwable = new EaafException("internal.00"); final ExceptionContainer exceptionContainer = new ExceptionContainer(protocolRequest, throwable); - final byte[] serialized = SerializationUtils.serialize(exceptionContainer); - storage.put(token, serialized, -1); + storage.put(token, exceptionContainer, -1); String secondErrorTicket = requestIdValidationStragegy.generateExternalPendingRequestId(); errorService.setErrorIdTokenForRedirect(secondErrorTicket); @@ -296,10 +291,10 @@ public class ProtocolFinalizationControllerTest { assertEquals("wrong intErrorCode", "internal.00", params.get("errorCode")); assertTrue("wrong extErrorCode", ((String) params.get("extErrorCode")).contains("internal.00")); - byte[] secondErrorSerialized = storage.get( - requestIdValidationStragegy.getPendingRequestIdWithOutChecks(secondErrorTicket), byte[].class); - assertNotNull("Exception not removed from cache", secondErrorSerialized); - ExceptionContainer secondError = (ExceptionContainer) SerializationUtils.deserialize(secondErrorSerialized); + ExceptionContainer secondError = storage.get( + requestIdValidationStragegy.getPendingRequestIdWithOutChecks(secondErrorTicket), + ExceptionContainer.class); + assertNotNull("Exception not removed from cache", secondError); assertEquals("wrong pengingReq", protocolRequest.getUniqueTransactionIdentifier(), secondError.getPendingRequest().getUniqueTransactionIdentifier()); assertEquals("wrong exception", throwable.getMessage(), secondError.getExceptionThrown().getMessage()); -- cgit v1.2.3