From b2d620ffa787b95074d7cf479b6610b7327dd388 Mon Sep 17 00:00:00 2001 From: Thomas Lenz Date: Thu, 4 Jul 2019 12:51:23 +0200 Subject: fix some small bugs in SL2.0 module --- .../sl20/AbstractSL20AuthenticationModulImpl.java | 47 +++++++++++++++++----- .../tasks/AbstractCreateQualeIDRequestTask.java | 12 ++++-- .../auth/sl20/utils/SL20HttpBindingUtils.java | 4 +- .../auth/sl20/utils/SL20JSONExtractorUtils.java | 7 +++- 4 files changed, 53 insertions(+), 17 deletions(-) (limited to 'eaaf_modules/eaaf_module_auth_sl20/src/main/java') diff --git a/eaaf_modules/eaaf_module_auth_sl20/src/main/java/at/gv/egiz/eaaf/modules/auth/sl20/AbstractSL20AuthenticationModulImpl.java b/eaaf_modules/eaaf_module_auth_sl20/src/main/java/at/gv/egiz/eaaf/modules/auth/sl20/AbstractSL20AuthenticationModulImpl.java index a5bbf03f..64739dd8 100644 --- a/eaaf_modules/eaaf_module_auth_sl20/src/main/java/at/gv/egiz/eaaf/modules/auth/sl20/AbstractSL20AuthenticationModulImpl.java +++ b/eaaf_modules/eaaf_module_auth_sl20/src/main/java/at/gv/egiz/eaaf/modules/auth/sl20/AbstractSL20AuthenticationModulImpl.java @@ -61,31 +61,58 @@ public abstract class AbstractSL20AuthenticationModulImpl implements AuthModule public String selectProcess(ExecutionContext context) { final ISPConfiguration spConfig = (ISPConfiguration) context.get(EAAFConstants.PROCESSCONTEXT_SP_CONFIG); + if (spConfig == null) { + log.error("Suspect state. NO SP CONFIGURATION IN CONTEXT!"); + throw new RuntimeException("Suspect state. NO SP CONFIGURATION IN CONTEXT!"); + + } + final String sl20ClientTypeHeader = (String) context.get(SL20Constants.HTTP_HEADER_SL20_CLIENT_TYPE.toLowerCase()); final String sl20VDATypeHeader = (String) context.get(SL20Constants.HTTP_HEADER_SL20_VDA_TYPE.toLowerCase()); - if (spConfig != null && - StringUtils.isNotEmpty(spConfig.getConfigurationValue(getConfigPropertyNameEnableModule())) && - Boolean.valueOf(spConfig.getConfigurationValue(getConfigPropertyNameEnableModule()))) { - log.debug("SL2.0 is enabled for " + spConfig.getUniqueIdentifier()); - log.trace(SL20Constants.HTTP_HEADER_SL20_CLIENT_TYPE + ": " + sl20ClientTypeHeader); - log.trace(SL20Constants.HTTP_HEADER_SL20_VDA_TYPE + ": " + sl20VDATypeHeader); - return getProcessName(); + if (authConfig.getBasicConfigurationBoolean(getGeneralConfigPropertyNameEnableModule(), getGeneralConfigPropertyNameEnableModuleDefault())) { + if (spConfig != null && + StringUtils.isNotEmpty(spConfig.getConfigurationValue(getSPConfigPropertyNameEnableModule())) && + Boolean.valueOf(spConfig.getConfigurationValue(getSPConfigPropertyNameEnableModule()))) { + log.debug("SL2.0 is enabled for " + spConfig.getUniqueIdentifier()); + log.trace(SL20Constants.HTTP_HEADER_SL20_CLIENT_TYPE + ": " + sl20ClientTypeHeader); + log.trace(SL20Constants.HTTP_HEADER_SL20_VDA_TYPE + ": " + sl20VDATypeHeader); + return getProcessName(); + + } else { + log.trace("SL2.0 is NOT enabled for " + spConfig.getUniqueIdentifier()); + return null; + + } } else { - log.trace("SL2.0 is NOT enabled for " + spConfig.getUniqueIdentifier()); + log.trace("SL2.0 is NOT enabled with property: {}", getGeneralConfigPropertyNameEnableModule()); return null; - + } } + /** + * Get the general configuration-key that holds the enabled key for this authentication module + * + * @return + */ + public abstract String getGeneralConfigPropertyNameEnableModule(); + + /** + * Get the default value of the general configuration-key that holds the enabled key for this authentication module + * + * @return + */ + public abstract boolean getGeneralConfigPropertyNameEnableModuleDefault(); + /** * Get the SP specific configuration-key that holds the enabled key for this authentication module * * @return configuration key for SP configuration */ - public abstract String getConfigPropertyNameEnableModule(); + public abstract String getSPConfigPropertyNameEnableModule(); /** * Get the name of this specific SL2.0 process diff --git a/eaaf_modules/eaaf_module_auth_sl20/src/main/java/at/gv/egiz/eaaf/modules/auth/sl20/tasks/AbstractCreateQualeIDRequestTask.java b/eaaf_modules/eaaf_module_auth_sl20/src/main/java/at/gv/egiz/eaaf/modules/auth/sl20/tasks/AbstractCreateQualeIDRequestTask.java index 8939e61d..736ba077 100644 --- a/eaaf_modules/eaaf_module_auth_sl20/src/main/java/at/gv/egiz/eaaf/modules/auth/sl20/tasks/AbstractCreateQualeIDRequestTask.java +++ b/eaaf_modules/eaaf_module_auth_sl20/src/main/java/at/gv/egiz/eaaf/modules/auth/sl20/tasks/AbstractCreateQualeIDRequestTask.java @@ -28,7 +28,7 @@ import at.gv.egiz.eaaf.core.api.idp.process.ExecutionContext; import at.gv.egiz.eaaf.core.exceptions.EAAFAuthenticationException; import at.gv.egiz.eaaf.core.exceptions.TaskExecutionException; import at.gv.egiz.eaaf.core.impl.idp.auth.modules.AbstractAuthServletTask; -import at.gv.egiz.eaaf.core.impl.utils.HttpClientFactory; +import at.gv.egiz.eaaf.core.impl.utils.IHttpClientFactory; import at.gv.egiz.eaaf.core.impl.utils.KeyValueUtils; import at.gv.egiz.eaaf.core.impl.utils.Random; import at.gv.egiz.eaaf.core.impl.utils.TransactionIDUtils; @@ -46,7 +46,7 @@ import at.gv.egiz.eaaf.modules.auth.sl20.utils.SL20JSONExtractorUtils; public abstract class AbstractCreateQualeIDRequestTask extends AbstractAuthServletTask { private static final Logger log = LoggerFactory.getLogger(AbstractCreateQualeIDRequestTask.class); - @Autowired(required=true) private HttpClientFactory httpClientFactory; + @Autowired(required=true) private IHttpClientFactory httpClientFactory; @Override public void execute(ExecutionContext executionContext, HttpServletRequest request, HttpServletResponse response) @@ -60,6 +60,12 @@ public abstract class AbstractCreateQualeIDRequestTask extends AbstractAuthServl //get service-provider configuration final ISPConfiguration oaConfig = pendingReq.getServiceProviderConfiguration(); + if (oaConfig == null) { + log.warn("No SP configuration in pendingReq!"); + throw new RuntimeException("Suspect state. NO SP CONFIGURATION IN PendingRequest!"); + + } + //get basic configuration parameters final String vdaQualeIDUrl = extractVDAURLForSpecificOA(oaConfig, executionContext); if (StringUtils.isEmpty(vdaQualeIDUrl)) { @@ -98,7 +104,7 @@ public abstract class AbstractCreateQualeIDRequestTask extends AbstractAuthServl log.trace("Request VDA via SL20 with: " + Base64Url.encode(sl20Req.toString().getBytes())); //request VDA - final HttpResponse httpResp = httpClientFactory.getHttpClient().execute(httpReq); + final HttpResponse httpResp = httpClientFactory.getHttpClient(false).execute(httpReq); //parse response log.info("Receive response from VDA ... "); diff --git a/eaaf_modules/eaaf_module_auth_sl20/src/main/java/at/gv/egiz/eaaf/modules/auth/sl20/utils/SL20HttpBindingUtils.java b/eaaf_modules/eaaf_module_auth_sl20/src/main/java/at/gv/egiz/eaaf/modules/auth/sl20/utils/SL20HttpBindingUtils.java index 39f2515d..4d8cabb7 100644 --- a/eaaf_modules/eaaf_module_auth_sl20/src/main/java/at/gv/egiz/eaaf/modules/auth/sl20/utils/SL20HttpBindingUtils.java +++ b/eaaf_modules/eaaf_module_auth_sl20/src/main/java/at/gv/egiz/eaaf/modules/auth/sl20/utils/SL20HttpBindingUtils.java @@ -10,10 +10,10 @@ import javax.servlet.http.HttpServletRequest; import javax.servlet.http.HttpServletResponse; import org.apache.http.client.utils.URIBuilder; -import org.apache.http.entity.ContentType; import org.jose4j.base64url.Base64Url; import org.slf4j.Logger; import org.slf4j.LoggerFactory; +import org.springframework.http.MediaType; import com.fasterxml.jackson.databind.JsonNode; @@ -45,7 +45,7 @@ public class SL20HttpBindingUtils { final byte[] content = writer.toString().getBytes("UTF-8"); httpResp.setStatus(HttpServletResponse.SC_OK); httpResp.setContentLength(content.length); - httpResp.setContentType(ContentType.APPLICATION_JSON.toString()); + httpResp.setContentType(MediaType.APPLICATION_JSON_UTF8_VALUE); httpResp.getOutputStream().write(content); } else { diff --git a/eaaf_modules/eaaf_module_auth_sl20/src/main/java/at/gv/egiz/eaaf/modules/auth/sl20/utils/SL20JSONExtractorUtils.java b/eaaf_modules/eaaf_module_auth_sl20/src/main/java/at/gv/egiz/eaaf/modules/auth/sl20/utils/SL20JSONExtractorUtils.java index 901eff51..314dde17 100644 --- a/eaaf_modules/eaaf_module_auth_sl20/src/main/java/at/gv/egiz/eaaf/modules/auth/sl20/utils/SL20JSONExtractorUtils.java +++ b/eaaf_modules/eaaf_module_auth_sl20/src/main/java/at/gv/egiz/eaaf/modules/auth/sl20/utils/SL20JSONExtractorUtils.java @@ -291,15 +291,18 @@ public class SL20JSONExtractorUtils { public static JsonNode getSL20ContainerFromResponse(HttpResponse httpResp) throws SLCommandoParserException { try { JsonNode sl20Resp = null; - if (httpResp.getStatusLine().getStatusCode() == 307) { + if (httpResp.getStatusLine().getStatusCode() == 303 || httpResp.getStatusLine().getStatusCode() == 307) { final Header[] locationHeader = httpResp.getHeaders("Location"); if (locationHeader == null) throw new SLCommandoParserException("Find Redirect statuscode but not Location header"); final String sl20RespString = new URIBuilder(locationHeader[0].getValue()).getQueryParams().get(0).getValue(); - sl20Resp = mapper.getMapper().readTree(Base64Url.encode((sl20RespString.getBytes()))); + sl20Resp = mapper.getMapper().readTree(Base64Url.decode(sl20RespString)); } else if (httpResp.getStatusLine().getStatusCode() == 200) { + if (httpResp.getEntity().getContentType() == null) + throw new SLCommandoParserException("SL20 response contains NO ContentType"); + if (!httpResp.getEntity().getContentType().getValue().startsWith("application/json")) throw new SLCommandoParserException("SL20 response with a wrong ContentType: " + httpResp.getEntity().getContentType().getValue()); sl20Resp = parseSL20ResultFromResponse(httpResp.getEntity()); -- cgit v1.2.3