diff options
author | Thomas Lenz <tlenz@iaik.tugraz.at> | 2015-06-16 13:32:48 +0200 |
---|---|---|
committer | Thomas Lenz <tlenz@iaik.tugraz.at> | 2015-06-16 13:32:48 +0200 |
commit | 49607c4b2d3f22d9f41f42928455e680cfdee023 (patch) | |
tree | ffe067f8087d54b495aba1c499cd073243bfd451 /id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/advancedlogging | |
parent | eabc105832402655661b950038fa045f23cc67d2 (diff) | |
download | moa-id-spss-49607c4b2d3f22d9f41f42928455e680cfdee023.tar.gz moa-id-spss-49607c4b2d3f22d9f41f42928455e680cfdee023.tar.bz2 moa-id-spss-49607c4b2d3f22d9f41f42928455e680cfdee023.zip |
add first version of reversionslog implementation
Diffstat (limited to 'id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/advancedlogging')
3 files changed, 293 insertions, 1 deletions
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/advancedlogging/MOAIDEventConstants.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/advancedlogging/MOAIDEventConstants.java index c936c4e15..aae4dd8c4 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/advancedlogging/MOAIDEventConstants.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/advancedlogging/MOAIDEventConstants.java @@ -34,6 +34,65 @@ import at.gv.egiz.components.eventlog.api.EventConstants; */ public interface MOAIDEventConstants extends EventConstants { + //move to EventConstants + public static final int TRANSACTION_ERROR = 1103; + public static final int SESSION_ERROR = 1003; + //auth protocol specific information + public static final int AUTHPROTOCOL_TYPE = 3000; + + public static final int AUTHPROTOCOL_PVP_METADATA = 3100; + public static final int AUTHPROTOCOL_PVP_REQUEST_AUTHREQUEST = 3101; + public static final int AUTHPROTOCOL_PVP_REQUEST_AUTHRESPONSE = 3102; + public static final int AUTHPROTOCOL_PVP_REQUEST_SLO = 3103; + public static final int AUTHPROTOCOL_PVP_REQUEST_ATTRIBUTQUERY = 3104; + + public static final int AUTHPROTOCOL_OPENIDCONNECT_AUTHREQUEST = 3200; + public static final int AUTHPROTOCOL_OPENIDCONNECT_TOKENREQUEST = 3201; + + + //authentication process information + public static final int AUTHPROCESS_START = 4000; + public static final int AUTHPROCESS_FINISHED = 4001; + public static final int AUTHPROCESS_MANDATES_REQUESTED = 4002; + public static final int AUTHPROCESS_STORK_REQUESTED = 4003; + public static final int AUTHPROCESS_SSO = 4004; + public static final int AUTHPROCESS_SSO_INVALID = 4005; + public static final int AUTHPROCESS_SSO_ASK_USER_START = 4006; + public static final int AUTHPROCESS_SSO_ASK_USER_FINISHED = 4007; + public static final int AUTHPROCESS_INTERFEDERATION = 4008; + public static final int AUTHPROCESS_INTERFEDERATION_REVEIVED = 4009; + + public static final int AUTHPROCESS_BKUSELECTION_INIT = 4110; + public static final int AUTHPROCESS_BKUTYPE_SELECTED = 4111; + public static final int AUTHPROCESS_BKU_URL = 4112; + public static final int AUTHPROCESS_BKU_DATAURL_IP = 4113; + + public static final int AUTHPROCESS_IDL_VALIDATED = 4220; + public static final int AUTHPROCESS_CERTIFICATE_VALIDATED = 4221; + public static final int AUTHPROCESS_AUTHBLOCK_VALIDATED = 4222; + public static final int AUTHPROCESS_FOREIGN_FOUND = 4223; + public static final int AUTHPROCESS_FOREIGN_SZRGW_CONNECTED = 4224; + public static final int AUTHPROCESS_FOREIGN_SZRGW_RECEIVED = 4225; + + public static final int AUTHPROCESS_MANDATE_SERVICE_REQUESTED = 4330; + public static final int AUTHPROCESS_MANDATE_REDIRECT = 4301; + public static final int AUTHPROCESS_MANDATE_RECEIVED = 4302; + + public static final int AUTHPROCESS_PEPS_REQUESTED = 4400; + public static final int AUTHPROCESS_PEPS_RECEIVED = 4401; + + //person information + public static final int PERSONAL_INFORMATION_PROF_REPRESENTATIVE_BPK = 5000; + public static final int PERSONAL_INFORMATION_PROF_REPRESENTATIVE = 5001; + public static final int PERSONAL_INFORMATION_USERNAME_HASH = 5002; + + public static final int PERSONAL_INFORMATION_MANDATE_TYPE = 5100; + public static final int PERSONAL_INFORMATION_MANDATE_MANDATOR_TYPE = 5101; + public static final int PERSONAL_INFORMATION_MANDATE_MANDATOR_HASH = 5102; + public static final int PERSONAL_INFORMATION_MANDATE_MANDATOR_BASEID = 5103; + + + } diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/advancedlogging/MOAIDEventLog.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/advancedlogging/MOAIDEventLog.java index 6bc6b3f81..6e09ea439 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/advancedlogging/MOAIDEventLog.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/advancedlogging/MOAIDEventLog.java @@ -22,7 +22,10 @@ */ package at.gv.egovernment.moa.id.advancedlogging; +import at.gv.egiz.components.eventlog.api.Event; import at.gv.egiz.components.eventlog.api.EventLogFactory; +import at.gv.egiz.components.eventlog.api.EventLoggingException; +import at.gv.egovernment.moa.logging.Logger; /** * @author tlenz @@ -30,6 +33,15 @@ import at.gv.egiz.components.eventlog.api.EventLogFactory; */ public class MOAIDEventLog extends EventLogFactory { - + public static void logEvent(Event event) { + try { + getEventLog().logEvent(event); + + } catch (EventLoggingException e) { + Logger.warn("Event logging FAILED!", e); + + } + + } } diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/advancedlogging/MOAReversionLogger.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/advancedlogging/MOAReversionLogger.java index db8449fa2..1228a95a4 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/advancedlogging/MOAReversionLogger.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/advancedlogging/MOAReversionLogger.java @@ -22,10 +22,231 @@ */ package at.gv.egovernment.moa.id.advancedlogging; +import java.security.MessageDigest; +import java.util.Date; +import java.util.List; + +import com.google.common.primitives.Ints; + +import at.gv.e_government.reference.namespace.mandates._20040701_.Mandate; +import at.gv.egiz.components.eventlog.api.EventLoggingException; +import at.gv.egovernment.moa.id.auth.data.IdentityLink; +import at.gv.egovernment.moa.id.config.auth.IOAAuthParameters; +import at.gv.egovernment.moa.id.moduls.IRequest; +import at.gv.egovernment.moa.id.util.client.mis.simple.MISMandate; +import at.gv.egovernment.moa.logging.Logger; +import at.gv.egovernment.moa.util.Base64Utils; +import at.gv.egovernment.moa.util.MiscUtil; + /** * @author tlenz * */ public class MOAReversionLogger { + private static MOAReversionLogger instance = null; + + private static final List<Integer> defaultEventCodes = Ints.asList( + MOAIDEventConstants.SESSION_CREATED, + MOAIDEventConstants.SESSION_DESTROYED, + MOAIDEventConstants.SESSION_ERROR, + MOAIDEventConstants.SESSION_IP, + MOAIDEventConstants.TRANSACTION_CREATED, + MOAIDEventConstants.TRANSACTION_DESTROYED, + MOAIDEventConstants.TRANSACTION_ERROR, + MOAIDEventConstants.TRANSACTION_IP, + MOAIDEventConstants.AUTHPROTOCOL_TYPE, + MOAIDEventConstants.AUTHPROTOCOL_PVP_METADATA, + + MOAIDEventConstants.AUTHPROCESS_START, + MOAIDEventConstants.AUTHPROCESS_FINISHED, + MOAIDEventConstants.AUTHPROCESS_BKU_URL, + MOAIDEventConstants.AUTHPROCESS_BKU_DATAURL_IP, + MOAIDEventConstants.AUTHPROCESS_IDL_VALIDATED, + MOAIDEventConstants.AUTHPROCESS_CERTIFICATE_VALIDATED, + MOAIDEventConstants.AUTHPROCESS_AUTHBLOCK_VALIDATED, + MOAIDEventConstants.PERSONAL_INFORMATION_USERNAME_HASH + + ); + + public static synchronized MOAReversionLogger getInstance() { + if (instance == null) { + instance = new MOAReversionLogger(); + MOAIDEventLog.reload(); + + } + + return instance; + } + + + public void logEvent(IOAAuthParameters oaConfig, + int eventCode, String message) { + List<Integer> OASpecificEventCodes = null; + if (oaConfig == null) + OASpecificEventCodes = getDefaulttReversionsLoggingEventCodes(); + else + OASpecificEventCodes = oaConfig.getReversionsLoggingEventCodes(); + + if (OASpecificEventCodes.contains(eventCode)) + MOAIDEventLog.logEvent(MOAIDEventLog.createNewEvent(new Date().getTime(), eventCode, message)); + } + + public void logEvent(IOAAuthParameters oaConfig, IRequest pendingRequest, + int eventCode) { + List<Integer> OASpecificEventCodes = null; + if (oaConfig == null) + OASpecificEventCodes = getDefaulttReversionsLoggingEventCodes(); + else + OASpecificEventCodes = oaConfig.getReversionsLoggingEventCodes(); + + if (OASpecificEventCodes.contains(eventCode)) + MOAIDEventLog.logEvent(MOAIDEventLog.createNewEvent(new Date().getTime(), eventCode, + pendingRequest.getSessionIdentifier(), + pendingRequest.getRequestID())); + + } + + public void logEvent(IOAAuthParameters oaConfig, IRequest pendingRequest, + int eventCode, String message) { + List<Integer> OASpecificEventCodes = null; + if (oaConfig == null) + OASpecificEventCodes = getDefaulttReversionsLoggingEventCodes(); + else + OASpecificEventCodes = oaConfig.getReversionsLoggingEventCodes(); + + if (OASpecificEventCodes.contains(eventCode)) + MOAIDEventLog.logEvent(MOAIDEventLog.createNewEvent(new Date().getTime(), eventCode, + message, + pendingRequest.getSessionIdentifier(), + pendingRequest.getRequestID() + )); + + } + + /** + * @param sessionCreated + * @param uniqueSessionIdentifier + */ + public void logEvent(int eventCode, String message) { + MOAIDEventLog.logEvent(MOAIDEventLog.createNewEvent(new Date().getTime(), eventCode, message)); + + } + + /** + * @param sessionCreated + * @param uniqueSessionIdentifier + */ + public void logEvent(String sessionID, String transactionID, int eventCode, String message) { + MOAIDEventLog.logEvent(MOAIDEventLog.createNewEvent(new Date().getTime(), eventCode, message, sessionID, transactionID)); + + } + + /** + * @param errorRequest + * @param transactionError + */ + public void logEvent(IRequest pendingRequest, int eventCode) { + MOAIDEventLog.logEvent(MOAIDEventLog.createNewEvent(new Date().getTime(), eventCode, + pendingRequest.getSessionIdentifier(), + pendingRequest.getRequestID())); + + } + + public void logEvent(IRequest pendingRequest, int eventCode, String message) { + logEvent(pendingRequest.getOnlineApplicationConfiguration(), + pendingRequest, eventCode, message); + + } + + public void logMandateEventSet(IRequest pendingReq, MISMandate mandate) { + if (MiscUtil.isNotEmpty(mandate.getOWbPK())) + logEvent(pendingReq, MOAIDEventConstants.PERSONAL_INFORMATION_PROF_REPRESENTATIVE_BPK, + mandate.getOWbPK()); + + if (MiscUtil.isNotEmpty(mandate.getProfRep())) + logEvent(pendingReq, MOAIDEventConstants.PERSONAL_INFORMATION_PROF_REPRESENTATIVE, + mandate.getProfRep()); + + Mandate jaxBMandate = mandate.getMandateJaxB(); + if (jaxBMandate != null) { + logEvent(pendingReq, MOAIDEventConstants.PERSONAL_INFORMATION_MANDATE_TYPE, + jaxBMandate.getAnnotation()); + + if (jaxBMandate.getMandator().getCorporateBody() != null) { + logEvent(pendingReq, MOAIDEventConstants.PERSONAL_INFORMATION_MANDATE_MANDATOR_TYPE, + "jur"); + try { + String jurBaseID = jaxBMandate.getMandator().getCorporateBody().getIdentification().get(0).getType() + + "+" + jaxBMandate.getMandator().getCorporateBody().getIdentification().get(0).getId(); + logEvent(pendingReq, MOAIDEventConstants.PERSONAL_INFORMATION_MANDATE_MANDATOR_BASEID, + jurBaseID); + + } catch (Throwable e) { + Logger.warn("ReversionsLogger: mandator baseID logging FAILED.", e); + + } + + } else { + logEvent(pendingReq, MOAIDEventConstants.PERSONAL_INFORMATION_MANDATE_MANDATOR_TYPE, + "nat"); + logEvent(pendingReq, MOAIDEventConstants.PERSONAL_INFORMATION_MANDATE_MANDATOR_HASH, + buildPersonInformationHash( + jaxBMandate.getMandator().getPhysicalPerson().getName().getGivenName().get(0), + jaxBMandate.getMandator().getPhysicalPerson().getName().getFamilyName().get(0).getValue(), + jaxBMandate.getMandator().getPhysicalPerson().getDateOfBirth())); + } + } + } + + /** + * @param pendingReq + * @param identityLink + */ + public void logPersonalInformationEvent(IRequest pendingReq, + IdentityLink identityLink) { + logEvent(pendingReq, MOAIDEventConstants.PERSONAL_INFORMATION_USERNAME_HASH, + buildPersonInformationHash( + identityLink.getGivenName(), + identityLink.getFamilyName(), + identityLink.getDateOfBirth() + )); + + } + + private String buildPersonInformationHash(String givenName, String familyName, String dateofBirth) { + + // {"hash":"hashvalue","salt":"testSalt"} + // {"person":{"givenname":"value","familyname":"value","dateofbirth":"value"},"salt":"saltvalue"} + + String salt = "default"; + String inputData = "{\"person\":{\"givenname\":\"" + + givenName + + "\",\"familyname\":\"" + + familyName + + "\",\"dateofbirth\":\"" + + dateofBirth + +"\"},\"salt\":\"" + + salt + +"\"}"; + + MessageDigest md; + try { + md = MessageDigest.getInstance("SHA-256"); + byte[] hash = md.digest(inputData.getBytes("UTF-8")); + String hashBase64 = Base64Utils.encode(hash); + return "{\"hash\":\"" + hashBase64 + "\",\"salt\":\"" + salt + "\"}"; + + } catch (Throwable e) { + Logger.warn("ReversionsLogger: mandator personalInformationHash logging FAILED.", e); + return null; + + } + + } + + public List<Integer> getDefaulttReversionsLoggingEventCodes() { + return defaultEventCodes; + } + } |