add revisionslog info's to eIDAS and SLO methods

6 files changed, 113 insertions, 31 deletions

diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/advancedlogging/MOAIDEventConstants.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/advancedlogging/MOAIDEventConstants.java
index 054543c3e..9d26cc05f 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/advancedlogging/MOAIDEventConstants.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/advancedlogging/MOAIDEventConstants.java
@@ -47,7 +47,12 @@ public interface MOAIDEventConstants extends EventConstants {
 	public static final int AUTHPROTOCOL_OPENIDCONNECT_TOKENREQUEST = 3201;
 	
 	public static final int AUTHPROTOCOL_SAML1_AUTHNREQUEST = 3300;
-			
+	
+	public static final int AUTHPROCESS_IDP_SLO_REQUESTED = 4400;
+	public static final int AUTHPROCESS_SLO_STARTED = 4401;
+	public static final int AUTHPROCESS_SLO_ALL_VALID = 4402;
+	public static final int AUTHPROCESS_SLO_NOT_ALL_VALID = 4403;
+	
 	//authentication process information
 	public static final int AUTHPROCESS_START = 4000;
 	public static final int AUTHPROCESS_FINISHED = 4001;
@@ -78,9 +83,11 @@ public interface MOAIDEventConstants extends EventConstants {
 	public static final int AUTHPROCESS_MANDATE_REDIRECT = 4301;
 	public static final int AUTHPROCESS_MANDATE_RECEIVED = 4302;
 	
-	public static final int AUTHPROCESS_PEPS_REQUESTED = 4400;
-	public static final int AUTHPROCESS_PEPS_RECEIVED = 4401;
-	public static final int AUTHPROCESS_PEPS_IDL_RECEIVED = 4402;
+	public static final int AUTHPROCESS_PEPS_SELECTED = 6100;
+	public static final int AUTHPROCESS_PEPS_REQUESTED = 6101;
+	public static final int AUTHPROCESS_PEPS_RECEIVED = 6102;
+	public static final int AUTHPROCESS_PEPS_RECEIVED_ERROR = 6103;
+	public static final int AUTHPROCESS_PEPS_IDL_RECEIVED = 6104;
 		
 	//person information
 	public static final int PERSONAL_INFORMATION_PROF_REPRESENTATIVE_BPK = 5000;
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/advancedlogging/MOAReversionLogger.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/advancedlogging/MOAReversionLogger.java
index 6fa07a098..4a5cbd55f 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/advancedlogging/MOAReversionLogger.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/advancedlogging/MOAReversionLogger.java
@@ -75,18 +75,26 @@ public class MOAReversionLogger {
 			MOAIDEventConstants.AUTHPROCESS_IDL_VALIDATED,
 			MOAIDEventConstants.AUTHPROCESS_CERTIFICATE_VALIDATED,
 			MOAIDEventConstants.AUTHPROCESS_AUTHBLOCK_VALIDATED,
-									
+
+			MOAIDEventConstants.AUTHPROCESS_IDP_SLO_REQUESTED,
+			MOAIDEventConstants.AUTHPROCESS_SLO_STARTED,
+			MOAIDEventConstants.AUTHPROCESS_SLO_ALL_VALID,
+			MOAIDEventConstants.AUTHPROCESS_SLO_NOT_ALL_VALID,
+			
 			MOAIDEventConstants.AUTHPROCESS_ELGA_MANDATE_SERVICE_REQUESTED,
 			MOAIDEventConstants.AUTHPROCESS_ELGA_MANDATE_ERROR_RECEIVED,
 			MOAIDEventConstants.AUTHPROCESS_ELGA_MANDATE_RECEIVED,
 			MOAIDEventConstants.AUTHPROCESS_ELGA_MANDATE_RECEIVED_IP,
 			
-			MOAIDEventConstants.AUTHPROCESS_FOREIGN_FOUND,
-			MOAIDEventConstants.AUTHPROCESS_FOREIGN_SZRGW_RECEIVED,
+			MOAIDEventConstants.AUTHPROCESS_PEPS_SELECTED,
 			MOAIDEventConstants.AUTHPROCESS_PEPS_REQUESTED,
 			MOAIDEventConstants.AUTHPROCESS_PEPS_RECEIVED,
+			MOAIDEventConstants.AUTHPROCESS_PEPS_RECEIVED_ERROR,
 			MOAIDEventConstants.AUTHPROCESS_PEPS_IDL_RECEIVED,
 			
+			MOAIDEventConstants.AUTHPROCESS_FOREIGN_FOUND,
+			MOAIDEventConstants.AUTHPROCESS_FOREIGN_SZRGW_RECEIVED,
+						
 			MOAIDEventConstants.AUTHPROCESS_MANDATE_SERVICE_REQUESTED,
 			MOAIDEventConstants.AUTHPROCESS_MANDATE_REDIRECT,
 			MOAIDEventConstants.AUTHPROCESS_MANDATE_RECEIVED,
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/data/ISLOInformationContainer.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/data/ISLOInformationContainer.java
index 18ffc5c6d..38f6948d3 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/data/ISLOInformationContainer.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/data/ISLOInformationContainer.java
@@ -24,8 +24,8 @@ package at.gv.egovernment.moa.id.data;
 
 import java.util.Iterator;
 import java.util.List;
-import java.util.Set;
 import java.util.Map.Entry;
+import java.util.Set;
 
 import at.gv.egovernment.moa.id.protocols.pvp2x.PVPTargetConfiguration;
 
@@ -63,5 +63,8 @@ public interface ISLOInformationContainer {
 	List<String> getSloFailedOAs();
 
 	void putFailedOA(String oaID);
-
+	
+	public String getTransactionID();
+	
+	public String getSessionID();
 }
\ No newline at end of file
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/data/SLOInformationContainer.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/data/SLOInformationContainer.java
index fd1749129..20588ad0b 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/data/SLOInformationContainer.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/data/SLOInformationContainer.java
@@ -44,6 +44,8 @@ public class SLOInformationContainer implements Serializable, ISLOInformationCon
 	private LinkedHashMap<String, SLOInformationImpl> activeFrontChannalOAs;
 	private LinkedHashMap<String, SLOInformationImpl> activeBackChannelOAs;
 	private List<String> sloFailedOAs = null;
+	private String transactionID = null;
+	private String sessionID = null;
 	
 	/**
 	 * 
@@ -146,6 +148,7 @@ public class SLOInformationContainer implements Serializable, ISLOInformationCon
 	@Override
 	public void setSloRequest(PVPTargetConfiguration sloRequest) {
 		this.sloRequest = sloRequest;
+		
 	}
 
 	/* (non-Javadoc)
@@ -164,5 +167,37 @@ public class SLOInformationContainer implements Serializable, ISLOInformationCon
 		if (sloFailedOAs == null)
 			sloFailedOAs = new ArrayList<String>();
 		sloFailedOAs.add(oaID);
-	}	
+	}
+
+
+	/**
+	 * @return the transactionID
+	 */
+	public String getTransactionID() {
+		return transactionID;
+	}
+
+
+	/**
+	 * @param transactionID the transactionID to set
+	 */
+	public void setTransactionID(String transactionID) {
+		this.transactionID = transactionID;
+	}
+	
+	public String getSessionID() {
+		return this.sessionID;
+		
+	}
+
+
+	/**
+	 * @param sessionID the sessionID to set
+	 */
+	public void setSessionID(String sessionID) {
+		this.sessionID = sessionID;
+	}
+	
+	
+	
 }
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/moduls/AuthenticationManager.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/moduls/AuthenticationManager.java
index 1e064f24f..a1f2c6558 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/moduls/AuthenticationManager.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/moduls/AuthenticationManager.java
@@ -443,6 +443,8 @@ public class AuthenticationManager extends MOAIDAuthConstants {
 	HttpServletResponse httpResp, AuthenticationSession session, PVPTargetConfiguration pvpReq, String authURL) throws MOAIDException {		
 		String pvpSLOIssuer = null;
 		String inboundRelayState = null;
+		String uniqueSessionIdentifier = "notSet";
+		String uniqueTransactionIdentifier = "notSet";
 		
 		Logger.debug("Start technical Single LogOut process ... ");
 		
@@ -451,14 +453,33 @@ public class AuthenticationManager extends MOAIDAuthConstants {
 			LogoutRequest logOutReq = (LogoutRequest) samlReq.getSamlRequest();
 			pvpSLOIssuer = logOutReq.getIssuer().getValue();
 			inboundRelayState = samlReq.getRelayState();
+			uniqueSessionIdentifier = pvpReq.getUniqueSessionIdentifier();
+			uniqueTransactionIdentifier = pvpReq.getUniqueTransactionIdentifier();
 			
+		} else {			
+			AuthenticationSessionExtensions sessionExt;
+			try {
+				sessionExt = authenticatedSessionStore.getAuthenticationSessionExtensions(session.getSessionID());
+				if (sessionExt != null)
+					uniqueSessionIdentifier = sessionExt.getUniqueSessionId();
+				
+			} catch (MOADatabaseException e) {
+				Logger.error("Error during database communication. Can not evaluate 'uniqueSessionIdentifier'", e);
+				
+			}
+			uniqueTransactionIdentifier = Random.nextLongRandom();
+			revisionsLogger.logEvent(uniqueSessionIdentifier, uniqueTransactionIdentifier, MOAIDEventConstants.AUTHPROCESS_IDP_SLO_REQUESTED);
+						
 		}
 		
 		//store active OAs to SLOContaine
 		List<OASessionStore> dbOAs = authenticatedSessionStore.getAllActiveOAFromMOASession(session);
 		List<InterfederationSessionStore> dbIDPs = authenticatedSessionStore.getAllActiveIDPsFromMOASession(session);
-		SLOInformationContainer sloContainer = new SLOInformationContainer();
-		sloContainer.setSloRequest(pvpReq);		
+		SLOInformationContainer sloContainer = new SLOInformationContainer();		
+		sloContainer.setTransactionID(uniqueTransactionIdentifier);
+		sloContainer.setSessionID(uniqueSessionIdentifier);
+		sloContainer.setSloRequest(pvpReq);
+		
 		sloBuilder.parseActiveIDPs(sloContainer, dbIDPs, pvpSLOIssuer);
 		sloBuilder.parseActiveOAs(sloContainer, dbOAs, pvpSLOIssuer);
 			
@@ -468,19 +489,10 @@ public class AuthenticationManager extends MOAIDAuthConstants {
 				 + " NO_SLO_Support:" + sloContainer.getSloFailedOAs().size());
 		
 		//terminate MOASession
-		try {
-			String uniqueSessionIdentifier = "notSet";
-			AuthenticationSessionExtensions sessionExt = 
-					authenticatedSessionStore.getAuthenticationSessionExtensions(session.getSessionID());
-			if (sessionExt != null)
-				uniqueSessionIdentifier = sessionExt.getUniqueSessionId();
-			
+		try {			
 			authenticatedSessionStore.destroySession(session.getSessionID());
 			ssoManager.deleteSSOSessionID(httpReq, httpResp);
-			if (pvpReq != null)
-				revisionsLogger.logEvent(MOAIDEventConstants.SESSION_DESTROYED, pvpReq.getUniqueSessionIdentifier());			
-			else 
-				revisionsLogger.logEvent(MOAIDEventConstants.SESSION_DESTROYED, uniqueSessionIdentifier);
+			revisionsLogger.logEvent(MOAIDEventConstants.SESSION_DESTROYED, uniqueSessionIdentifier);
 
 			Logger.debug("Active SSO Session on IDP is remove.");
 						
@@ -490,8 +502,9 @@ public class AuthenticationManager extends MOAIDAuthConstants {
 			
 		}
 		
-		Logger.trace("Starting Service-Provider logout process ... ");
-		//start service provider back channel logout process
+		Logger.trace("Starting Service-Provider logout process ... ");		
+		revisionsLogger.logEvent(uniqueSessionIdentifier, uniqueTransactionIdentifier, MOAIDEventConstants.AUTHPROCESS_SLO_STARTED);		
+		//start service provider back channel logout process		
 		Iterator<String> nextOAInterator = sloContainer.getNextBackChannelOA();	
 		while (nextOAInterator.hasNext()) {
 			SLOInformationImpl sloDescr = sloContainer.getBackChannelOASessionDescripten(nextOAInterator.next());
@@ -592,13 +605,17 @@ public class AuthenticationManager extends MOAIDAuthConstants {
 							null);
 					
 			        if (sloContainer.getSloFailedOAs() == null || 
-			        		sloContainer.getSloFailedOAs().size() == 0)
+			        		sloContainer.getSloFailedOAs().size() == 0) {
+			        	revisionsLogger.logEvent(uniqueSessionIdentifier, uniqueTransactionIdentifier, MOAIDEventConstants.AUTHPROCESS_SLO_ALL_VALID);
 			        	config.putCustomParameter("successMsg", 
 			        			MOAIDMessageProvider.getInstance().getMessage("slo.00", null));
-			        else
+			        	
+			        } else {
+			        	revisionsLogger.logEvent(uniqueSessionIdentifier, uniqueTransactionIdentifier, MOAIDEventConstants.AUTHPROCESS_SLO_NOT_ALL_VALID);
 			        	config.putCustomParameter("errorMsg", 
 			        			MOAIDMessageProvider.getInstance().getMessage("slo.01", null));
-			        
+			        	
+			        }
 			        guiBuilder.build(httpResp, config, "Single-LogOut GUI");
 										
 				}
@@ -615,6 +632,8 @@ public class AuthenticationManager extends MOAIDAuthConstants {
 				SingleLogoutService sloService = sloBuilder.getResponseSLODescriptor(pvpReq);
 				LogoutResponse message = sloBuilder.buildSLOErrorResponse(sloService, pvpReq, StatusCode.RESPONDER_URI);
 				sloBuilder.sendFrontChannelSLOMessage(sloService, message, httpReq, httpResp, inboundRelayState);
+
+				revisionsLogger.logEvent(uniqueSessionIdentifier, uniqueTransactionIdentifier, MOAIDEventConstants.AUTHPROCESS_SLO_NOT_ALL_VALID);
 				
 			}else {
 				//print SLO information directly
@@ -623,6 +642,7 @@ public class AuthenticationManager extends MOAIDAuthConstants {
 						DefaultGUIFormBuilderConfiguration.VIEW_SINGLELOGOUT, 
 						null);
 				
+				revisionsLogger.logEvent(uniqueSessionIdentifier, uniqueTransactionIdentifier, MOAIDEventConstants.AUTHPROCESS_SLO_NOT_ALL_VALID);
 				config.putCustomParameter("errorMsg", 
 	        			MOAIDMessageProvider.getInstance().getMessage("slo.01", null));
 	        	
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/SingleLogOutAction.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/SingleLogOutAction.java
index dfe9ecb49..af6c79140 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/SingleLogOutAction.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/SingleLogOutAction.java
@@ -41,6 +41,8 @@ import org.opensaml.saml2.metadata.SingleLogoutService;
 import org.springframework.beans.factory.annotation.Autowired;
 import org.springframework.stereotype.Service;
 
+import at.gv.egovernment.moa.id.advancedlogging.MOAIDEventConstants;
+import at.gv.egovernment.moa.id.advancedlogging.MOAReversionLogger;
 import at.gv.egovernment.moa.id.auth.data.AuthenticationSession;
 import at.gv.egovernment.moa.id.auth.exception.AuthenticationException;
 import at.gv.egovernment.moa.id.auth.servlet.RedirectServlet;
@@ -80,6 +82,7 @@ public class SingleLogOutAction implements IAction {
 	@Autowired private IAuthenticationSessionStoreage authenticationSessionStorage;
 	@Autowired private ITransactionStorage transactionStorage;
 	@Autowired private SingleLogOutBuilder sloBuilder;
+	@Autowired private MOAReversionLogger revisionsLogger;
 	
 	
 	/* (non-Javadoc)
@@ -240,11 +243,17 @@ public class SingleLogOutAction implements IAction {
 									
 							        String statusCode = null;
 									if (sloContainer.getSloFailedOAs() == null || 
-							        		sloContainer.getSloFailedOAs().size() == 0)							       							   							        	
+							        		sloContainer.getSloFailedOAs().size() == 0) {							       							   							        	
 							        	statusCode  = MOAIDAuthConstants.SLOSTATUS_SUCCESS;
-							        else
+							        	revisionsLogger.logEvent(sloContainer.getSessionID(), sloContainer.getTransactionID(),
+							        			MOAIDEventConstants.AUTHPROCESS_SLO_ALL_VALID);
+							        	
+									} else {
+										revisionsLogger.logEvent(sloContainer.getSessionID(), sloContainer.getTransactionID(), 
+												MOAIDEventConstants.AUTHPROCESS_SLO_NOT_ALL_VALID);
 							        	statusCode  = MOAIDAuthConstants.SLOSTATUS_ERROR;
-
+							        	
+									}
 									transactionStorage.put(artifact, statusCode);
 							        redirectURL = addURLParameter(redirectURL, MOAIDAuthConstants.PARAM_SLOSTATUS, artifact);