From e9052aa4d79700a65a099a7d7ab8dfc15be84bff Mon Sep 17 00:00:00 2001 From: Thomas <> Date: Fri, 21 Oct 2022 14:33:16 +0200 Subject: feat(idaclient): add revision logging to log SAML2 communication ID's --- .../modules/auth/idaustria/IdAustriaAuthConstants.java | 14 +++++++++----- .../idaustria/tasks/ReceiveFromIdAustriaSystemTask.java | 17 +++++++++++------ .../idaustria/tasks/RequestIdAustriaSystemTask.java | 7 ++++--- 3 files changed, 24 insertions(+), 14 deletions(-) (limited to 'modules/authmodule_id-austria/src') diff --git a/modules/authmodule_id-austria/src/main/java/at/asitplus/eidas/specific/modules/auth/idaustria/IdAustriaAuthConstants.java b/modules/authmodule_id-austria/src/main/java/at/asitplus/eidas/specific/modules/auth/idaustria/IdAustriaAuthConstants.java index 57e5c706..48df8b56 100644 --- a/modules/authmodule_id-austria/src/main/java/at/asitplus/eidas/specific/modules/auth/idaustria/IdAustriaAuthConstants.java +++ b/modules/authmodule_id-austria/src/main/java/at/asitplus/eidas/specific/modules/auth/idaustria/IdAustriaAuthConstants.java @@ -18,10 +18,10 @@ import at.gv.egiz.eaaf.core.impl.data.Triple; */ public class IdAustriaAuthConstants { - private IdAustriaAuthConstants() { - - } - + public static final int AUTHPROCESS_EIDAS_AT_PROXYSERVICE_REQUESTED = 6500; + public static final int AUTHPROCESS_EIDAS_AT_PROXYSERVICE_RESPONSE_SUCCESS = 6501; + public static final int AUTHPROCESS_EIDAS_AT_PROXYSERVICE_RESPONSE_ERROR = 6502; + public static final String ERRORTYPE_00 = "module.idaustria.00"; public static final String ERRORTYPE_01 = "module.idaustria.01"; public static final String ERRORTYPE_02 = "module.idaustria.02"; @@ -119,5 +119,9 @@ public class IdAustriaAuthConstants { .filter(el -> el.getThird()) .map(el -> el.getFirst()) .collect(Collectors.toSet()); - + + private IdAustriaAuthConstants() { + + } + } diff --git a/modules/authmodule_id-austria/src/main/java/at/asitplus/eidas/specific/modules/auth/idaustria/tasks/ReceiveFromIdAustriaSystemTask.java b/modules/authmodule_id-austria/src/main/java/at/asitplus/eidas/specific/modules/auth/idaustria/tasks/ReceiveFromIdAustriaSystemTask.java index e59b0671..af7fda03 100644 --- a/modules/authmodule_id-austria/src/main/java/at/asitplus/eidas/specific/modules/auth/idaustria/tasks/ReceiveFromIdAustriaSystemTask.java +++ b/modules/authmodule_id-austria/src/main/java/at/asitplus/eidas/specific/modules/auth/idaustria/tasks/ReceiveFromIdAustriaSystemTask.java @@ -313,7 +313,8 @@ public class ReceiveFromIdAustriaSystemTask extends AbstractAuthServletTask { CredentialsNotAvailableException, AuthnResponseValidationException, SamlAssertionValidationExeption { log.debug("Start PVP-2x assertion processing... "); final Response samlResp = (Response) msg.getResponse(); - + log.info("Receive ID Austria response with Id: {}", samlResp.getID()); + // check SAML2 response status-code if (samlResp.getStatus().getStatusCode().getValue().equals(StatusCode.SUCCESS)) { // validate PVP 2.1 assertion @@ -323,9 +324,11 @@ public class ReceiveFromIdAustriaSystemTask extends AbstractAuthServletTask { IdAustriaAuthConstants.MODULE_NAME_FOR_LOGGING); msg.setSamlMessage(Saml2Utils.asDomDocument(samlResp).getDocumentElement()); - // revisionsLogger.logEvent(pendingReq, - // EidasAuthEventConstants.AUTHPROCESS_EIDAS_AT_CONNECTOR_RECEIVED, - // samlResp.getID()); + + revisionsLogger.logEvent(pendingReq, + IdAustriaAuthConstants.AUTHPROCESS_EIDAS_AT_PROXYSERVICE_RESPONSE_SUCCESS, + samlResp.getID()); + return Pair.newInstance(msg, false); } else { @@ -339,8 +342,10 @@ public class ReceiveFromIdAustriaSystemTask extends AbstractAuthServletTask { } - // revisionsLogger.logEvent(pendingReq, - // EidasAuthEventConstants.AUTHPROCESS_EIDAS_AT_CONNECTOR_RECEIVED_ERROR); + revisionsLogger.logEvent(pendingReq, + IdAustriaAuthConstants.AUTHPROCESS_EIDAS_AT_PROXYSERVICE_RESPONSE_ERROR, + samlResp.getID()); + throw new AuthnResponseValidationException(ERROR_PVP_05, new Object[] { IdAustriaAuthConstants.MODULE_NAME_FOR_LOGGING, samlResp.getIssuer().getValue(), diff --git a/modules/authmodule_id-austria/src/main/java/at/asitplus/eidas/specific/modules/auth/idaustria/tasks/RequestIdAustriaSystemTask.java b/modules/authmodule_id-austria/src/main/java/at/asitplus/eidas/specific/modules/auth/idaustria/tasks/RequestIdAustriaSystemTask.java index bbe9b45f..6d589b68 100644 --- a/modules/authmodule_id-austria/src/main/java/at/asitplus/eidas/specific/modules/auth/idaustria/tasks/RequestIdAustriaSystemTask.java +++ b/modules/authmodule_id-austria/src/main/java/at/asitplus/eidas/specific/modules/auth/idaustria/tasks/RequestIdAustriaSystemTask.java @@ -114,9 +114,10 @@ public class RequestIdAustriaSystemTask extends AbstractAuthServletTask { // build and transmit AuthnRequest authnReqBuilder.buildAuthnRequest(pendingReq, authnReqConfig, relayState, response); - //revisionsLogger.logEvent(pendingReq, - // EidasAuthEventConstants.AUTHPROCESS_EIDAS_AT_CONNECTOR_REQUESTED, - // authnReqConfig.getRequestID()); + log.info("Requsting ID Austria with SAML2 requestId: {}", authnReqConfig.getRequestID()); + revisionsLogger.logEvent(pendingReq, + IdAustriaAuthConstants.AUTHPROCESS_EIDAS_AT_PROXYSERVICE_REQUESTED, + authnReqConfig.getRequestID()); } catch (final EaafException e) { throw new TaskExecutionException(pendingReq, e.getMessage(), e); -- cgit v1.2.3