aboutsummaryrefslogtreecommitdiff
path: root/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/modules
diff options
context:
space:
mode:
authorThomas Lenz <tlenz@iaik.tugraz.at>2016-02-19 12:08:52 +0100
committerThomas Lenz <tlenz@iaik.tugraz.at>2016-02-19 12:08:52 +0100
commit7cc2776bfc79dd6e83f2b3c9b642b560a6b1ec94 (patch)
tree676bcadc6507aa557a2024df7bffd1e1d62dce64 /id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/modules
parent18f7c6609058ed5c3bfb59c625682f4f4a53d75d (diff)
downloadmoa-id-spss-7cc2776bfc79dd6e83f2b3c9b642b560a6b1ec94.tar.gz
moa-id-spss-7cc2776bfc79dd6e83f2b3c9b642b560a6b1ec94.tar.bz2
moa-id-spss-7cc2776bfc79dd6e83f2b3c9b642b560a6b1ec94.zip
optimize authentication process in respect to session-transaction and transaction-store read/write operations
Diffstat (limited to 'id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/modules')
-rw-r--r--id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/modules/AbstractAuthServletTask.java58
-rw-r--r--id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/modules/internal/tasks/CreateInterfedeartionRequestTask.java4
-rw-r--r--id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/modules/internal/tasks/EvaluateBKUSelectionTask.java65
-rw-r--r--id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/modules/internal/tasks/FinalizeAuthenticationTask.java47
-rw-r--r--id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/modules/internal/tasks/GenerateBKUSelectionFrameTask.java12
-rw-r--r--id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/modules/internal/tasks/RestartAuthProzessManagement.java16
6 files changed, 51 insertions, 151 deletions
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/modules/AbstractAuthServletTask.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/modules/AbstractAuthServletTask.java
index 559d4fd4f..8c7583855 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/modules/AbstractAuthServletTask.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/modules/AbstractAuthServletTask.java
@@ -1,7 +1,5 @@
package at.gv.egovernment.moa.id.auth.modules;
-import static at.gv.egovernment.moa.id.auth.MOAIDAuthConstants.PARAM_TARGET_PENDINGREQUESTID;
-
import java.io.ByteArrayOutputStream;
import java.io.IOException;
import java.io.InputStream;
@@ -19,13 +17,10 @@ import org.apache.commons.fileupload.FileItemFactory;
import org.apache.commons.fileupload.FileUploadException;
import org.apache.commons.fileupload.disk.DiskFileItemFactory;
import org.apache.commons.fileupload.servlet.ServletFileUpload;
-import org.apache.commons.lang.StringEscapeUtils;
import org.apache.commons.lang3.ArrayUtils;
-import org.apache.commons.lang3.ObjectUtils;
import org.springframework.beans.factory.annotation.Autowired;
import at.gv.egovernment.moa.id.advancedlogging.MOAReversionLogger;
-import at.gv.egovernment.moa.id.auth.MOAIDAuthConstants;
import at.gv.egovernment.moa.id.auth.builder.DataURLBuilder;
import at.gv.egovernment.moa.id.auth.data.AuthenticationSession;
import at.gv.egovernment.moa.id.auth.exception.MOAIDException;
@@ -56,31 +51,40 @@ public abstract class AbstractAuthServletTask extends MoaIdTask {
protected IRequest pendingReq = null;
protected AuthenticationSession moasession = null;
- protected void defaultTaskInitialization(HttpServletRequest req, ExecutionContext executionContext) throws MOAIDException, MOADatabaseException {
- String pendingRequestID = StringEscapeUtils.escapeHtml(
- ObjectUtils.defaultIfNull(
- (String) executionContext.get(PARAM_TARGET_PENDINGREQUESTID),
- req.getParameter(PARAM_TARGET_PENDINGREQUESTID)));
+ public abstract void execute(ExecutionContext executionContext, HttpServletRequest request,
+ HttpServletResponse response) throws TaskExecutionException;
+
+
+ protected final IRequest internalExecute(IRequest pendingReq, ExecutionContext executionContext, HttpServletRequest request,
+ HttpServletResponse response) throws TaskExecutionException {
+ //set pending-request object
+ this.pendingReq = pendingReq;
- if (MiscUtil.isEmpty(pendingRequestID)) {
- Logger.info("No PendingRequestID received");
- throw new MOAIDException("auth.10", new Object[]{"VerifyIdentityLink", "pendingRequestID"});
- }
+ //execute task specific action
+ execute(executionContext, request, response);
- pendingReq = requestStoreage.getPendingRequest(pendingRequestID);
+ //return pending-request object
+ return this.pendingReq;
+ }
- if (pendingReq == null) {
- Logger.info("No PendingRequest with Id: " + pendingRequestID + " Maybe, a transaction timeout occure.");
- throw new MOAIDException("auth.28", new Object[]{pendingRequestID});
-
+
+ /**
+ * Default initialization loads the MOASession object from database
+ *
+ * @param req
+ * @param executionContext
+ * @throws MOAIDException
+ * @throws MOADatabaseException
+ */
+ protected void defaultTaskInitialization(HttpServletRequest req, ExecutionContext executionContext) throws MOAIDException, MOADatabaseException {
+ String moasessionid = pendingReq.getMOASessionIdentifier();
+ if (MiscUtil.isEmpty(moasessionid)) {
+ Logger.warn("MOASessionID is empty.");
+ throw new MOAIDException("auth.18", new Object[] {});
}
-
- //change pending-request ID
- String newPendingRequestID = requestStoreage.changePendingRequestID(pendingReq);
- executionContext.put(MOAIDAuthConstants.PARAM_TARGET_PENDINGREQUESTID, newPendingRequestID);
-
+
try {
- moasession = authenticatedSessionStorage.getSession(pendingReq.getMOASessionIdentifier());
+ moasession = authenticatedSessionStorage.getSession(moasessionid);
if (moasession == null) {
Logger.warn("MOASessionID is empty.");
@@ -88,8 +92,8 @@ public abstract class AbstractAuthServletTask extends MoaIdTask {
}
} catch (MOADatabaseException e) {
- Logger.info("MOASession with SessionID=" + pendingReq.getMOASessionIdentifier() + " is not found in Database");
- throw new MOAIDException("init.04", new Object[] { pendingReq.getMOASessionIdentifier() });
+ Logger.info("MOASession with SessionID=" + moasessionid + " is not found in Database");
+ throw new MOAIDException("init.04", new Object[] { moasessionid });
} catch (Throwable e) {
Logger.info("No HTTP Session found!");
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/modules/internal/tasks/CreateInterfedeartionRequestTask.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/modules/internal/tasks/CreateInterfedeartionRequestTask.java
index d0c12a6f3..951a04cf6 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/modules/internal/tasks/CreateInterfedeartionRequestTask.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/modules/internal/tasks/CreateInterfedeartionRequestTask.java
@@ -55,7 +55,6 @@ import at.gv.egovernment.moa.id.config.ConfigurationException;
import at.gv.egovernment.moa.id.config.auth.AuthConfigurationProviderFactory;
import at.gv.egovernment.moa.id.config.auth.IOAAuthParameters;
import at.gv.egovernment.moa.id.config.auth.OAAuthParameter;
-import at.gv.egovernment.moa.id.moduls.IRequest;
import at.gv.egovernment.moa.id.moduls.RequestImpl;
import at.gv.egovernment.moa.id.process.api.ExecutionContext;
import at.gv.egovernment.moa.id.protocols.pvp2x.PVPConstants;
@@ -85,9 +84,6 @@ public class CreateInterfedeartionRequestTask extends AbstractAuthServletTask {
throws TaskExecutionException {
boolean requiredLocalAuthentication = true;
- IRequest pendingReq = requestStoreage.getPendingRequest(
- (String) executionContext.get(MOAIDAuthConstants.PARAM_TARGET_PENDINGREQUESTID));
-
String idpEntityID =
(String) executionContext.get(MOAIDAuthConstants.PROCESSCONTEXT_INTERFEDERATION_ENTITYID);
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/modules/internal/tasks/EvaluateBKUSelectionTask.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/modules/internal/tasks/EvaluateBKUSelectionTask.java
index 3b18959a5..2f6137244 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/modules/internal/tasks/EvaluateBKUSelectionTask.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/modules/internal/tasks/EvaluateBKUSelectionTask.java
@@ -31,10 +31,8 @@ import org.apache.commons.lang.StringEscapeUtils;
import org.springframework.stereotype.Service;
import at.gv.egovernment.moa.id.auth.MOAIDAuthConstants;
-import at.gv.egovernment.moa.id.auth.exception.MOAIDException;
import at.gv.egovernment.moa.id.auth.modules.AbstractAuthServletTask;
import at.gv.egovernment.moa.id.auth.modules.TaskExecutionException;
-import at.gv.egovernment.moa.id.commons.db.ex.MOADatabaseException;
import at.gv.egovernment.moa.id.process.api.ExecutionContext;
import at.gv.egovernment.moa.logging.Logger;
import at.gv.egovernment.moa.util.MiscUtil;
@@ -53,60 +51,19 @@ public class EvaluateBKUSelectionTask extends AbstractAuthServletTask {
public void execute(ExecutionContext executionContext, HttpServletRequest request, HttpServletResponse response)
throws TaskExecutionException {
try {
- //load pending request
- String pendingReqID = request.getParameter(MOAIDAuthConstants.PARAM_TARGET_PENDINGREQUESTID);
- pendingReqID = StringEscapeUtils.escapeHtml(pendingReqID);
- pendingReq = requestStoreage.getPendingRequest(pendingReqID);
-
- if (pendingReq == null) {
- Logger.info("No PendingRequest with Id: " + executionContext.get("pendingRequestID") + " Maybe, a transaction timeout occure.");
- throw new MOAIDException("auth.28", new Object[]{executionContext.get("pendingRequestID")});
-
- }
-
- //change pending-request ID
- String newPendingRequestID = requestStoreage.changePendingRequestID(pendingReq);
- executionContext.put(MOAIDAuthConstants.PARAM_TARGET_PENDINGREQUESTID, newPendingRequestID);
-
- String moaSessionID = pendingReq.getMOASessionIdentifier();
- try {
- moasession = authenticatedSessionStorage.getSession(moaSessionID);
-
- if (moasession == null) {
- Logger.info("MOASession with SessionID="+ moaSessionID + " is not found in Database");
- throw new MOAIDException("init.04", new Object[] {
- moaSessionID});
-
- }
-
- // set parameter execution context
- Enumeration<String> reqParamNames = request.getParameterNames();
- while(reqParamNames.hasMoreElements()) {
- String paramName = reqParamNames.nextElement();
- if (MiscUtil.isNotEmpty(paramName) &&
- !MOAIDAuthConstants.PARAM_TARGET_PENDINGREQUESTID.equalsIgnoreCase(paramName))
- executionContext.put(paramName, request.getParameter(paramName));
-
- }
-
- Logger.info("BKU is selected finished -> Start BKU communication ...");
-
- } catch (MOADatabaseException e) {
- Logger.info("MOASession with SessionID="+ moaSessionID + " is not found in Database");
- throw new MOAIDException("init.04", new Object[] {
- moaSessionID});
+ // set parameter execution context
+ Enumeration<String> reqParamNames = request.getParameterNames();
+ while(reqParamNames.hasMoreElements()) {
+ String paramName = reqParamNames.nextElement();
+ if (MiscUtil.isNotEmpty(paramName) &&
+ !MOAIDAuthConstants.PARAM_TARGET_PENDINGREQUESTID.equalsIgnoreCase(paramName))
+ executionContext.put(paramName,
+ StringEscapeUtils.escapeHtml(request.getParameter(paramName)));
- } catch (Throwable e) {
- Logger.info("No HTTP Session found!");
- throw new MOAIDException("auth.18", new Object[] {});
}
-
-
-
-
- } catch (MOAIDException e) {
- throw new TaskExecutionException(pendingReq, e.getMessage(), e);
-
+
+ Logger.info("BKU is selected finished -> Start BKU selection evaluation ...");
+
} catch (Exception e) {
Logger.warn("EvaluateBKUSelectionTask has an internal error", e);
throw new TaskExecutionException(pendingReq, e.getMessage(), e);
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/modules/internal/tasks/FinalizeAuthenticationTask.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/modules/internal/tasks/FinalizeAuthenticationTask.java
index d1d2cdca8..816c05eab 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/modules/internal/tasks/FinalizeAuthenticationTask.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/modules/internal/tasks/FinalizeAuthenticationTask.java
@@ -31,11 +31,9 @@ import at.gv.egovernment.moa.id.auth.MOAIDAuthConstants;
import at.gv.egovernment.moa.id.auth.exception.MOAIDException;
import at.gv.egovernment.moa.id.auth.modules.AbstractAuthServletTask;
import at.gv.egovernment.moa.id.auth.modules.TaskExecutionException;
-import at.gv.egovernment.moa.id.commons.db.ex.MOADatabaseException;
import at.gv.egovernment.moa.id.moduls.RequestImpl;
import at.gv.egovernment.moa.id.process.api.ExecutionContext;
import at.gv.egovernment.moa.logging.Logger;
-import at.gv.egovernment.moa.util.MiscUtil;
/**
* @author tlenz
@@ -53,44 +51,8 @@ public class FinalizeAuthenticationTask extends AbstractAuthServletTask {
throws TaskExecutionException {
try {
- pendingReq = requestStoreage.getPendingRequest(
- (String) executionContext.get(MOAIDAuthConstants.PARAM_TARGET_PENDINGREQUESTID));
-
- if (pendingReq == null) {
- Logger.info("No PendingRequest with Id: " + executionContext.get("pendingRequestID") + " Maybe, a transaction timeout occure.");
- throw new MOAIDException("auth.28", new Object[]{executionContext.get("pendingRequestID")});
-
- }
-
- //get Session from context
- String moasessionid = pendingReq.getMOASessionIdentifier();
- if (MiscUtil.isEmpty(moasessionid)) {
- Logger.warn("MOASessionID is empty.");
- throw new MOAIDException("auth.18", new Object[] {});
- }
-
- try {
- moasession = authenticatedSessionStorage.getSession(moasessionid);
- if (moasession == null) {
- Logger.info("MOASession with SessionID=" + moasessionid + " is not found in Database");
- throw new MOAIDException("init.04", new Object[] { moasessionid });
-
- }
-
-
- } catch (MOADatabaseException e) {
- Logger.info("MOASession with SessionID=" + moasessionid + " is not found in Database");
- throw new MOAIDException("init.04", new Object[] { moasessionid });
-
- } catch (Throwable e) {
- Logger.info("No HTTP Session found!");
- throw new MOAIDException("auth.18", new Object[] {});
-
- } finally {
- executionContext.remove(MOAIDAuthConstants.PARAM_TARGET_PENDINGREQUESTID);
-
- }
-
+ defaultTaskInitialization(request, executionContext);
+
//set MOASession to authenticated and store MOASession
moasession.setAuthenticated(true);
String newMOASessionID = authenticatedSessionStorage.changeSessionID(moasession);
@@ -110,8 +72,11 @@ public class FinalizeAuthenticationTask extends AbstractAuthServletTask {
Logger.warn("FinalizeAuthenticationTask has an internal error", e);
throw new TaskExecutionException(pendingReq, e.getMessage(), e);
+ } finally {
+ executionContext.remove(MOAIDAuthConstants.PARAM_TARGET_PENDINGREQUESTID);
+
}
-
+
}
}
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/modules/internal/tasks/GenerateBKUSelectionFrameTask.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/modules/internal/tasks/GenerateBKUSelectionFrameTask.java
index 47b68bc51..6ff730898 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/modules/internal/tasks/GenerateBKUSelectionFrameTask.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/modules/internal/tasks/GenerateBKUSelectionFrameTask.java
@@ -30,7 +30,6 @@ import javax.servlet.http.HttpServletResponse;
import org.springframework.stereotype.Service;
import at.gv.egovernment.moa.id.advancedlogging.MOAIDEventConstants;
-import at.gv.egovernment.moa.id.auth.MOAIDAuthConstants;
import at.gv.egovernment.moa.id.auth.builder.LoginFormBuilder;
import at.gv.egovernment.moa.id.auth.exception.AuthenticationException;
import at.gv.egovernment.moa.id.auth.exception.MOAIDException;
@@ -53,16 +52,7 @@ public class GenerateBKUSelectionFrameTask extends AbstractAuthServletTask {
@Override
public void execute(ExecutionContext executionContext, HttpServletRequest request, HttpServletResponse response)
throws TaskExecutionException {
- try {
- pendingReq = requestStoreage.getPendingRequest(
- (String) executionContext.get(MOAIDAuthConstants.PARAM_TARGET_PENDINGREQUESTID));
-
- if (pendingReq == null) {
- Logger.info("No PendingRequest with Id: " + executionContext.get("pendingRequestID") + " Maybe, a transaction timeout occure.");
- throw new MOAIDException("auth.28", new Object[]{executionContext.get("pendingRequestID")});
-
- }
-
+ try {
revisionsLogger.logEvent(pendingReq.getOnlineApplicationConfiguration(),
pendingReq, MOAIDEventConstants.AUTHPROCESS_BKUSELECTION_INIT);
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/modules/internal/tasks/RestartAuthProzessManagement.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/modules/internal/tasks/RestartAuthProzessManagement.java
index d7859dd8b..920b0e2b4 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/modules/internal/tasks/RestartAuthProzessManagement.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/modules/internal/tasks/RestartAuthProzessManagement.java
@@ -30,12 +30,10 @@ import javax.servlet.http.HttpServletResponse;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.stereotype.Service;
-import at.gv.egovernment.moa.id.auth.MOAIDAuthConstants;
import at.gv.egovernment.moa.id.auth.exception.MOAIDException;
import at.gv.egovernment.moa.id.auth.modules.AbstractAuthServletTask;
import at.gv.egovernment.moa.id.auth.modules.TaskExecutionException;
import at.gv.egovernment.moa.id.auth.modules.registration.ModuleRegistration;
-import at.gv.egovernment.moa.id.moduls.IRequest;
import at.gv.egovernment.moa.id.moduls.RequestImpl;
import at.gv.egovernment.moa.id.process.ExecutionContextImpl;
import at.gv.egovernment.moa.id.process.ProcessEngine;
@@ -57,17 +55,7 @@ public class RestartAuthProzessManagement extends AbstractAuthServletTask {
@Override
public void execute(ExecutionContext executionContext, HttpServletRequest request, HttpServletResponse response)
throws TaskExecutionException {
- IRequest pendingReq = null;
- try {
- pendingReq = requestStoreage.getPendingRequest(
- (String) executionContext.get(MOAIDAuthConstants.PARAM_TARGET_PENDINGREQUESTID));
-
- if (pendingReq == null) {
- Logger.info("No PendingRequest with Id: " + executionContext.get("pendingRequestID") + " Maybe, a transaction timeout occure.");
- throw new MOAIDException("auth.28", new Object[]{executionContext.get("pendingRequestID")});
-
- }
-
+ try {
//create a new execution context and copy all elements to new context
ExecutionContext newec = new ExecutionContextImpl();
Set<String> entries = executionContext.keySet();
@@ -107,7 +95,7 @@ public class RestartAuthProzessManagement extends AbstractAuthServletTask {
Logger.info("BKU is selected -> Start BKU communication ...");
// start process
- processEngine.start(processInstanceId);
+ processEngine.start(pendingReq);
} catch (MOAIDException e) {
generated by cgit v1.2.3 (git 2.25.1) at 2024-06-13 13:28:53 +0000