From 0964aa4dfbf5543fff4e023290beefaeed31f3c5 Mon Sep 17 00:00:00 2001
From: Thomas Lenz <thomas.lenz@egiz.gv.at>
Date: Mon, 9 Nov 2020 18:18:52 +0100
Subject: refactor error-handling in pending-request generation-stategies

---
 .../SecurePendingRequestIdGenerationStrategy.java  | 59 ++++++++--------------
 1 file changed, 21 insertions(+), 38 deletions(-)

(limited to 'eaaf_core_utils/src/main/java/at/gv/egiz/eaaf/core/impl/utils/SecurePendingRequestIdGenerationStrategy.java')

diff --git a/eaaf_core_utils/src/main/java/at/gv/egiz/eaaf/core/impl/utils/SecurePendingRequestIdGenerationStrategy.java b/eaaf_core_utils/src/main/java/at/gv/egiz/eaaf/core/impl/utils/SecurePendingRequestIdGenerationStrategy.java
index ad6471d5..8ec5f3a8 100644
--- a/eaaf_core_utils/src/main/java/at/gv/egiz/eaaf/core/impl/utils/SecurePendingRequestIdGenerationStrategy.java
+++ b/eaaf_core_utils/src/main/java/at/gv/egiz/eaaf/core/impl/utils/SecurePendingRequestIdGenerationStrategy.java
@@ -1,6 +1,6 @@
 package at.gv.egiz.eaaf.core.impl.utils;
 
-import java.io.UnsupportedEncodingException;
+import java.nio.charset.StandardCharsets;
 import java.security.InvalidKeyException;
 import java.security.NoSuchAlgorithmException;
 import java.util.Arrays;
@@ -80,33 +80,22 @@ public class SecurePendingRequestIdGenerationStrategy
 
   @Override
   public String generateExternalPendingRequestId() throws EaafException {
-    try {
-      final String toSign = buildInternalToken(Random.nextLongRandom(), DateTime.now());
-      final StringBuilder externalPendingRequestId = new StringBuilder();
-      externalPendingRequestId.append(toSign);
-      externalPendingRequestId.append(TOKEN_SEPARATOR);
-      externalPendingRequestId.append(Base64.getEncoder().encodeToString(calculateHmac(toSign)));
-      return Base64.getUrlEncoder()
-          .encodeToString(externalPendingRequestId.toString().getBytes("UTF-8"));
-
-    } catch (final UnsupportedEncodingException e) {
-      throw new EaafException("internal.99", new Object[] { e.getMessage() }, e);
-
-    }
+    final String toSign = buildInternalToken(Random.nextLongRandom(), DateTime.now());
+    final StringBuilder externalPendingRequestId = new StringBuilder();
+    externalPendingRequestId.append(toSign);
+    externalPendingRequestId.append(TOKEN_SEPARATOR);
+    externalPendingRequestId.append(Base64.getEncoder().encodeToString(calculateHmac(toSign)));
+    return Base64.getUrlEncoder()
+        .encodeToString(externalPendingRequestId.toString().getBytes(StandardCharsets.UTF_8));
 
   }
 
   @Override
   public String getPendingRequestIdWithOutChecks(final String externalPendingReqId)
       throws PendingReqIdValidationException {
-    try {
-      final String[] tokenElements = extractTokens(externalPendingReqId);
-      return tokenElements[1];
-
-    } catch (final UnsupportedEncodingException e) {
-      throw new RuntimeException(e);
-
-    }
+    final String[] tokenElements = extractTokens(externalPendingReqId);
+    return tokenElements[1];
+    
   }
 
   @Override
@@ -123,8 +112,7 @@ public class SecurePendingRequestIdGenerationStrategy
       if (!Arrays.equals(tokenDigest, refDigist)) {
         log.warn("Digest of Token does NOT match");
         log.debug("Token: {} | Ref: {}", tokenDigest, refDigist);
-        throw new PendingReqIdValidationException(null,
-            "Digest of pendingRequestId does NOT match");
+        throw new PendingReqIdValidationException(null, "internal.pendingreqid.04");
 
       }
       log.debug("PendingRequestId HMAC digest check successful");
@@ -135,8 +123,7 @@ public class SecurePendingRequestIdGenerationStrategy
           .isBefore(now)) {
         log.warn("Token exceeds the valid period");
         log.debug("Token: {} | Now: {}", timeStamp, now);
-        throw new PendingReqIdValidationException(internalPendingReqId,
-            "PendingRequestId exceeds the valid period");
+        throw new PendingReqIdValidationException(internalPendingReqId, "internal.pendingreqid.06");
 
       }
       log.debug("Token valid-period check successful");
@@ -146,20 +133,17 @@ public class SecurePendingRequestIdGenerationStrategy
     } catch (final IllegalArgumentException | EaafIllegalStateException e) {
       log.warn("Token is NOT a valid String. Msg: {}", e.getMessage());
       log.debug("TokenValue: {}", externalPendingReqId);
-      throw new PendingReqIdValidationException(null, "PendingReqId is NOT a valid String", e);
-
-    } catch (final UnsupportedEncodingException e) {
-      throw new RuntimeException(e);
+      throw new PendingReqIdValidationException(null, "internal.pendingreqid.06", e);
 
     }
   }
 
   @NonNull
   private String[] extractTokens(@Nullable final String externalPendingReqId)
-      throws PendingReqIdValidationException, UnsupportedEncodingException {
+      throws PendingReqIdValidationException {
     if (StringUtils.isEmpty(externalPendingReqId)) {
       log.info("PendingReqId is 'null' or empty");
-      throw new PendingReqIdValidationException(null, "PendingReqId is 'null' or empty");
+      throw new PendingReqIdValidationException(null, "internal.pendingreqid.00");
 
     }
 
@@ -168,12 +152,11 @@ public class SecurePendingRequestIdGenerationStrategy
 
     if (externalPendingReqIdBytes.length > maxPendingReqIdSize) {
       log.warn("pendingReqId size exceeds {}", maxPendingReqIdSize);
-      throw new PendingReqIdValidationException(null,
-          "pendingReqId exceeds max.size: " + maxPendingReqIdSize);
+      throw new PendingReqIdValidationException(null, "internal.pendingreqid.03");
 
     }
 
-    final String stringToken = new String(externalPendingReqIdBytes, "UTF-8");
+    final String stringToken = new String(externalPendingReqIdBytes, StandardCharsets.UTF_8);
     if (StringUtils.countMatches(stringToken, TOKEN_SEPARATOR) == ENCODED_TOKEN_PARTS - 1) {
       final String[] tokenElements =
           StringUtils.split(stringToken, TOKEN_SEPARATOR, ENCODED_TOKEN_PARTS);
@@ -182,7 +165,7 @@ public class SecurePendingRequestIdGenerationStrategy
     } else {
       log.warn("PendingRequestId has an unvalid format");
       log.debug("PendingRequestId: {}", stringToken);
-      throw new PendingReqIdValidationException(null, "PendingReqId has an unvalid format");
+      throw new PendingReqIdValidationException(null, "internal.pendingreqid.01");
 
     }
 
@@ -243,9 +226,9 @@ public class SecurePendingRequestIdGenerationStrategy
     try {
       final Mac mac = Mac.getInstance(digistAlgorithm);
       mac.init(key);
-      return mac.doFinal(toSign.getBytes("UTF-8"));
+      return mac.doFinal(toSign.getBytes(StandardCharsets.UTF_8));
 
-    } catch (UnsupportedEncodingException | NoSuchAlgorithmException | InvalidKeyException e) {
+    } catch (NoSuchAlgorithmException | InvalidKeyException e) {
       log.error("Can NOT generate secure pendingRequestId", e);
       throw new EaafIllegalStateException(
           new Object[] { "Can NOT caluclate digist for secure pendingRequestId" }, e);
-- 
cgit v1.2.3