diff options
| author | Bojan Suzic <bojan.suzic@iaik.tugraz.at> | 2015-05-11 13:35:06 +0200 | 
|---|---|---|
| committer | Bojan Suzic <bojan.suzic@iaik.tugraz.at> | 2015-05-11 13:35:06 +0200 | 
| commit | 6501da184914a797babb2a2a49eb0d88fd6aacbc (patch) | |
| tree | 052d04159768f3a63fd0718e45fa43c6f8b9bf09 /id/server/idserverlib | |
| parent | 5830752a2142b9664bc46196c1a67250cbedf655 (diff) | |
| parent | c230145208b7fbe53b7bf2d6aff49a24301559eb (diff) | |
| download | moa-id-spss-6501da184914a797babb2a2a49eb0d88fd6aacbc.tar.gz moa-id-spss-6501da184914a797babb2a2a49eb0d88fd6aacbc.tar.bz2 moa-id-spss-6501da184914a797babb2a2a49eb0d88fd6aacbc.zip | |
Merge branch '2.2.x-Snapshot' of gitlab.iaik.tugraz.at:afitzek/moa-idspss into 2.2.x-Snapshot
Diffstat (limited to 'id/server/idserverlib')
34 files changed, 401 insertions, 131 deletions
| diff --git a/id/server/idserverlib/pom.xml b/id/server/idserverlib/pom.xml index dbfc19b68..9465b56d1 100644 --- a/id/server/idserverlib/pom.xml +++ b/id/server/idserverlib/pom.xml @@ -113,8 +113,6 @@  		   <dependency>
              <groupId>at.gv.util</groupId>
              <artifactId>egovutils</artifactId>
 -            <!-- <version>1.0.7</version> -->
 -            <version>2.0.0</version>
              <exclusions>
                  <exclusion>
                      <groupId>com.sun</groupId>
 @@ -142,6 +140,16 @@                  </exclusion>
              </exclusions>
          </dependency>
 +				
 +		  <dependency>
 +        	<groupId>org.apache.cxf</groupId>
 +        	<artifactId>cxf-rt-frontend-jaxws</artifactId>
 +    	</dependency>
 +    	<dependency>
 +        	<groupId>org.apache.cxf</groupId>
 +        	<artifactId>cxf-rt-transports-http</artifactId>
 +    	</dependency>
 +		
  		<dependency>
  			<groupId>javax.xml.bind</groupId>
 diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/AuthenticationServer.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/AuthenticationServer.java index c4d6859db..eab7c511e 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/AuthenticationServer.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/AuthenticationServer.java @@ -31,6 +31,7 @@ import javax.xml.transform.TransformerException;  import org.apache.commons.io.IOUtils;  import org.apache.commons.lang.StringEscapeUtils; +import org.apache.commons.lang3.BooleanUtils;  import org.apache.velocity.Template;  import org.apache.velocity.VelocityContext;  import org.apache.velocity.app.VelocityEngine; @@ -1731,7 +1732,7 @@ public class AuthenticationServer implements MOAIDAuthConstants {  			boolean globallyMandatory = false;  			for (StorkAttribute currentGlobalAttribute : storkConfig.getStorkAttributes())  				if (current.getName().equals(currentGlobalAttribute.getName())) { -					globallyMandatory = currentGlobalAttribute.isMandatory(); +					globallyMandatory = BooleanUtils.isTrue(currentGlobalAttribute.isMandatory());  					break;  				} diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/MOAIDAuthConstants.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/MOAIDAuthConstants.java index db8b4dd80..5223a181d 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/MOAIDAuthConstants.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/MOAIDAuthConstants.java @@ -149,7 +149,9 @@ public interface MOAIDAuthConstants {  			Collections.unmodifiableMap(new HashMap<String, String>() {  				private static final long serialVersionUID = 1L;  				{ +					put("AT", "Other Countries");//"Workaround for PEPS Simulator"  					put("BE", "België/Belgique"); +					//put("CH", "Schweiz");  					put("EE", "Eesti");  					put("ES", "España");  					put("FI", "Suomi"); diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/modules/TaskExecutionException.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/modules/TaskExecutionException.java new file mode 100644 index 000000000..3e9f4cf14 --- /dev/null +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/modules/TaskExecutionException.java @@ -0,0 +1,57 @@ +/* + * Copyright 2014 Federal Chancellery Austria + * MOA-ID has been developed in a cooperation between BRZ, the Federal + * Chancellery Austria - ICT staff unit, and Graz University of Technology. + * + * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by + * the European Commission - subsequent versions of the EUPL (the "Licence"); + * You may not use this work except in compliance with the Licence. + * You may obtain a copy of the Licence at: + * http://www.osor.eu/eupl/ + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the Licence is distributed on an "AS IS" basis, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the Licence for the specific language governing permissions and + * limitations under the Licence. + * + * This product combines work with different licenses. See the "NOTICE" text + * file for details on the various modules and licenses. + * The "NOTICE" text file is part of the distribution. Any derivative works + * that you distribute must include a readable copy of the "NOTICE" text file. + */ +package at.gv.egovernment.moa.id.auth.modules; + +import at.gv.egovernment.moa.id.process.ProcessExecutionException; + +/** + * @author tlenz + * + */ +public class TaskExecutionException extends ProcessExecutionException { + +	private static final long serialVersionUID = 1L; +	Throwable originalException = null; +	 +	/** +	 * @param message +	 * @param cause +	 */ +	public TaskExecutionException(String message, Throwable cause) { +		super(message, cause); +		originalException = cause; +		 +	} + +	/** +	 * Get the original internal exception from task +	 *  +	 * @return the originalException +	 */ +	public Throwable getOriginalException() { +		return originalException; +	} +	 +	 +	 +} diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/modules/internal/tasks/CertificateReadRequestTask.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/modules/internal/tasks/CertificateReadRequestTask.java index bc73a9f2f..ed3089a41 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/modules/internal/tasks/CertificateReadRequestTask.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/modules/internal/tasks/CertificateReadRequestTask.java @@ -2,6 +2,8 @@ package at.gv.egovernment.moa.id.auth.modules.internal.tasks;  import static at.gv.egovernment.moa.id.auth.MOAIDAuthConstants.*;
 +import java.io.IOException;
 +
  import javax.servlet.http.HttpServletRequest;
  import javax.servlet.http.HttpServletResponse;
 @@ -16,6 +18,7 @@ import at.gv.egovernment.moa.id.auth.exception.AuthenticationException;  import at.gv.egovernment.moa.id.auth.exception.MOAIDException;
  import at.gv.egovernment.moa.id.auth.exception.WrongParametersException;
  import at.gv.egovernment.moa.id.auth.modules.AbstractAuthServletTask;
 +import at.gv.egovernment.moa.id.auth.modules.TaskExecutionException;
  import at.gv.egovernment.moa.id.commons.db.ConfigurationDBUtils;
  import at.gv.egovernment.moa.id.process.api.ExecutionContext;
  import at.gv.egovernment.moa.id.storage.AuthenticationSessionStoreage;
 @@ -47,15 +50,12 @@ public class CertificateReadRequestTask extends AbstractAuthServletTask {  	@Override
  	public void execute(ExecutionContext executionContext, HttpServletRequest req, HttpServletResponse resp)
 -			throws Exception {
 +			throws TaskExecutionException {
  		// TODO[branch]: Foreign citizen or mandate mode; respond with IRR for certificates, dataURL = "/VerifyCertificate"
  		Logger.info("Send InfoboxReadRequest to BKU to get signer certificate.");
 -		setNoCachingHeaders(resp);
 -
 -		String pendingRequestID = null;
 -		
 +		setNoCachingHeaders(resp);		
  		try {
  			String sessionID = StringEscapeUtils.escapeHtml(req.getParameter(PARAM_SESSIONID));
 @@ -65,8 +65,6 @@ public class CertificateReadRequestTask extends AbstractAuthServletTask {  				throw new WrongParametersException("CertificateReadRequestTask", PARAM_SESSIONID, "auth.12");
  			}
 -			pendingRequestID = AuthenticationSessionStoreage.getPendingRequestID(sessionID);
 -
  			AuthenticationSession session = AuthenticationServer.getSession(sessionID);
  			boolean useMandate = session.getUseMandate();
 @@ -91,7 +89,11 @@ public class CertificateReadRequestTask extends AbstractAuthServletTask {  					AuthenticationServer.REQ_PROCESS_VALIDATOR_INPUT, "VerifyIdentityLink", dataurl);
  		} catch (MOAIDException ex) {
 -			handleError(null, ex, req, resp, pendingRequestID);
 +			throw new TaskExecutionException(ex.getMessage(), ex);
 +					
 +		} catch (IOException e) {
 +			throw new TaskExecutionException(e.getMessage(), e);
 +			
  		} finally {
  			ConfigurationDBUtils.closeSession();
  		}		
 diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/modules/internal/tasks/CreateIdentityLinkFormTask.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/modules/internal/tasks/CreateIdentityLinkFormTask.java index 4cd1ea94e..ee6f0d5a4 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/modules/internal/tasks/CreateIdentityLinkFormTask.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/modules/internal/tasks/CreateIdentityLinkFormTask.java @@ -15,6 +15,7 @@ import at.gv.egovernment.moa.id.auth.data.AuthenticationSession;  import at.gv.egovernment.moa.id.auth.exception.MOAIDException;
  import at.gv.egovernment.moa.id.auth.exception.WrongParametersException;
  import at.gv.egovernment.moa.id.auth.modules.AbstractAuthServletTask;
 +import at.gv.egovernment.moa.id.auth.modules.TaskExecutionException;
  import at.gv.egovernment.moa.id.auth.servlet.GenerateIFrameTemplateServlet;
  import at.gv.egovernment.moa.id.commons.db.ConfigurationDBUtils;
  import at.gv.egovernment.moa.id.commons.db.ex.MOADatabaseException;
 @@ -60,9 +61,8 @@ public class CreateIdentityLinkFormTask extends AbstractAuthServletTask {  	@Override
  	public void execute(ExecutionContext executionContext, HttpServletRequest req, HttpServletResponse resp)
 -			throws Exception {
 +			throws TaskExecutionException {
 -		String pendingRequestID = null;
  		String moasessionid = StringEscapeUtils.escapeHtml(ObjectUtils.defaultIfNull(req.getParameter(PARAM_SESSIONID), (String) executionContext.get(PARAM_SESSIONID)));
  		AuthenticationSession moasession = null;
  		try {
 @@ -72,9 +72,7 @@ public class CreateIdentityLinkFormTask extends AbstractAuthServletTask {  				throw new MOAIDException("auth.18", new Object[] {});
  			}
 -			try {
 -			
 -				pendingRequestID = AuthenticationSessionStoreage.getPendingRequestID(moasessionid);
 +			try {			
  				moasession = AuthenticationSessionStoreage.getSession(moasessionid);
  				AuthenticationSessionStoreage.changeSessionID(moasession);
  				executionContext.remove(PARAM_SESSIONID);
 @@ -100,14 +98,17 @@ public class CreateIdentityLinkFormTask extends AbstractAuthServletTask {  			}
  		} catch (WrongParametersException ex) {
 -			handleWrongParameters(ex, req, resp);
 +//			handleWrongParameters(ex, req, resp);
 +			throw new TaskExecutionException(ex.getMessage(), ex);
  		}
  		catch (MOAIDException ex) {
 -			handleError(null, ex, req, resp, pendingRequestID);
 +//			handleError(null, ex, req, resp, pendingRequestID);
 +			throw new TaskExecutionException(ex.getMessage(), ex);
  		} catch (Exception e) {
  			Logger.error("CreateIdentityLinkFormTask has an interal Error.", e);
 +			throw new TaskExecutionException(e.getMessage(), e);
  		}
 diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/modules/internal/tasks/GetForeignIDTask.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/modules/internal/tasks/GetForeignIDTask.java index 4771628a3..6bf68e2eb 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/modules/internal/tasks/GetForeignIDTask.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/modules/internal/tasks/GetForeignIDTask.java @@ -24,6 +24,7 @@ import at.gv.egovernment.moa.id.auth.exception.MOAIDException;  import at.gv.egovernment.moa.id.auth.exception.ParseException;
  import at.gv.egovernment.moa.id.auth.exception.WrongParametersException;
  import at.gv.egovernment.moa.id.auth.modules.AbstractAuthServletTask;
 +import at.gv.egovernment.moa.id.auth.modules.TaskExecutionException;
  import at.gv.egovernment.moa.id.auth.parser.CreateXMLSignatureResponseParser;
  import at.gv.egovernment.moa.id.auth.parser.IdentityLinkAssertionParser;
  import at.gv.egovernment.moa.id.client.SZRGWClientException;
 @@ -66,7 +67,7 @@ public class GetForeignIDTask extends AbstractAuthServletTask {  	@Override
  	public void execute(ExecutionContext executionContext, HttpServletRequest req, HttpServletResponse resp)
 -			throws Exception {
 +			throws TaskExecutionException {
  		Logger.debug("POST GetForeignIDServlet");
 @@ -76,9 +77,10 @@ public class GetForeignIDTask extends AbstractAuthServletTask {  		try {
  			parameters = getParameters(req);
 -		} catch (FileUploadException e) {
 +			
 +		} catch (FileUploadException | IOException e) {
  			Logger.error("Parsing mulitpart/form-data request parameters failed: " + e.getMessage());
 -			throw new IOException(e.getMessage());
 +			throw new TaskExecutionException("Parsing mulitpart/form-data request parameters failed", new IOException(e.getMessage()));
  		}
  		String sessionID = StringEscapeUtils.escapeHtml(req.getParameter(PARAM_SESSIONID));
 @@ -170,10 +172,11 @@ public class GetForeignIDTask extends AbstractAuthServletTask {  			}
  		} catch (MOAIDException ex) {
 -			handleError(null, ex, req, resp, pendingRequestID);
 +			throw new TaskExecutionException(ex.getMessage(), ex);
  		} catch (Exception e) {
  			Logger.error("GetForeignIDServlet has an interal Error.", e);
 +			throw new TaskExecutionException(e.getMessage(), e);
  		}
 diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/modules/internal/tasks/GetMISSessionIDTask.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/modules/internal/tasks/GetMISSessionIDTask.java index f08f96782..4ff5672bd 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/modules/internal/tasks/GetMISSessionIDTask.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/modules/internal/tasks/GetMISSessionIDTask.java @@ -21,6 +21,7 @@ import at.gv.egovernment.moa.id.auth.exception.AuthenticationException;  import at.gv.egovernment.moa.id.auth.exception.MOAIDException;
  import at.gv.egovernment.moa.id.auth.exception.WrongParametersException;
  import at.gv.egovernment.moa.id.auth.modules.AbstractAuthServletTask;
 +import at.gv.egovernment.moa.id.auth.modules.TaskExecutionException;
  import at.gv.egovernment.moa.id.commons.db.ConfigurationDBUtils;
  import at.gv.egovernment.moa.id.config.ConnectionParameter;
  import at.gv.egovernment.moa.id.config.auth.AuthConfigurationProvider;
 @@ -62,7 +63,7 @@ public class GetMISSessionIDTask extends AbstractAuthServletTask {  	@Override
  	public void execute(ExecutionContext executionContext, HttpServletRequest req, HttpServletResponse resp)
 -			throws Exception {
 +			throws TaskExecutionException {
  		Logger.debug("POST GetMISSessionIDServlet");
 @@ -154,22 +155,23 @@ public class GetMISSessionIDTask extends AbstractAuthServletTask {  			Logger.debug("REDIRECT TO: " + redirectURL);
  		} catch (MOAIDException ex) {
 -			handleError(null, ex, req, resp, pendingRequestID);
 +			throw new TaskExecutionException(ex.getMessage(), ex);
  		} catch (GeneralSecurityException ex) {
 -			handleError(null, ex, req, resp, pendingRequestID);
 +			throw new TaskExecutionException(ex.getMessage(), ex);
  		} catch (PKIException e) {
 -			handleError(null, e, req, resp, pendingRequestID);
 +			throw new TaskExecutionException(e.getMessage(), e);
  		} catch (SAXException e) {
 -			handleError(null, e, req, resp, pendingRequestID);
 +			throw new TaskExecutionException(e.getMessage(), e);
  		} catch (ParserConfigurationException e) {
 -			handleError(null, e, req, resp, pendingRequestID);
 +			throw new TaskExecutionException(e.getMessage(), e);
  	    } catch (Exception e) {
  	    	Logger.error("MISMandateValidation has an interal Error.", e);
 +	    	throw new TaskExecutionException(e.getMessage(), e);
  	    }
  	    finally {
 diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/modules/internal/tasks/PrepareAuthBlockSignatureTask.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/modules/internal/tasks/PrepareAuthBlockSignatureTask.java index dcea3a1dd..3ae35bc24 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/modules/internal/tasks/PrepareAuthBlockSignatureTask.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/modules/internal/tasks/PrepareAuthBlockSignatureTask.java @@ -12,6 +12,7 @@ import at.gv.egovernment.moa.id.auth.data.AuthenticationSession;  import at.gv.egovernment.moa.id.auth.exception.MOAIDException;
  import at.gv.egovernment.moa.id.auth.exception.WrongParametersException;
  import at.gv.egovernment.moa.id.auth.modules.AbstractAuthServletTask;
 +import at.gv.egovernment.moa.id.auth.modules.TaskExecutionException;
  import at.gv.egovernment.moa.id.commons.db.ConfigurationDBUtils;
  import at.gv.egovernment.moa.id.config.auth.AuthConfigurationProvider;
  import at.gv.egovernment.moa.id.config.auth.OAAuthParameter;
 @@ -45,7 +46,7 @@ public class PrepareAuthBlockSignatureTask extends AbstractAuthServletTask {  	@Override
  	public void execute(ExecutionContext executionContext, HttpServletRequest req, HttpServletResponse resp)
 -			throws Exception {
 +			throws TaskExecutionException {
  		// note: code taken from at.gv.egovernment.moa.id.auth.servlet.VerifyIdentityLinkServlet
  		Logger.debug("Process IdentityLink");
 @@ -88,10 +89,11 @@ public class PrepareAuthBlockSignatureTask extends AbstractAuthServletTask {  					"VerifyIdentityLink");
  		} catch (MOAIDException ex) {
 -			handleError(null, ex, req, resp, pendingRequestID);
 +			throw new TaskExecutionException(ex.getMessage(), ex);
  		} catch (Exception e) {
  			Logger.error("IdentityLinkValidation has an interal Error.", e);
 +			throw new TaskExecutionException(e.getMessage(), e);
  		}
  		finally {
 diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/modules/internal/tasks/VerifyAuthenticationBlockTask.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/modules/internal/tasks/VerifyAuthenticationBlockTask.java index 1e1a4df89..64dcb0f41 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/modules/internal/tasks/VerifyAuthenticationBlockTask.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/modules/internal/tasks/VerifyAuthenticationBlockTask.java @@ -25,6 +25,7 @@ import at.gv.egovernment.moa.id.auth.exception.MISSimpleClientException;  import at.gv.egovernment.moa.id.auth.exception.MOAIDException;
  import at.gv.egovernment.moa.id.auth.exception.WrongParametersException;
  import at.gv.egovernment.moa.id.auth.modules.AbstractAuthServletTask;
 +import at.gv.egovernment.moa.id.auth.modules.TaskExecutionException;
  import at.gv.egovernment.moa.id.commons.db.ConfigurationDBUtils;
  import at.gv.egovernment.moa.id.commons.db.ex.MOADatabaseException;
  import at.gv.egovernment.moa.id.config.ConnectionParameter;
 @@ -77,7 +78,7 @@ public class VerifyAuthenticationBlockTask extends AbstractAuthServletTask {  	@Override
  	public void execute(ExecutionContext executionContext, HttpServletRequest req, HttpServletResponse resp)
 -			throws Exception {
 +			throws TaskExecutionException {
  		// note: code taken from at.gv.egovernment.moa.id.auth.servlet.VerifyAuthenticationBlockServlet
 @@ -89,12 +90,13 @@ public class VerifyAuthenticationBlockTask extends AbstractAuthServletTask {  	    try 
  	    {
  	      parameters = getParameters(req);
 -	    } catch (FileUploadException e) 
 +	      
 +	    } catch (FileUploadException | IOException e) 
  	    {
  	      Logger.error("Parsing mulitpart/form-data request parameters failed: " + e.getMessage());
 -	      throw new IOException(e.getMessage());
 -	      
 +	      throw new TaskExecutionException("Parsing mulitpart/form-data request parameters failed", new IOException(e.getMessage()));
  	    }
 +	      
  			String sessionID = req.getParameter(PARAM_SESSIONID);
  			String createXMLSignatureResponse = (String)parameters.get(PARAM_XMLRESPONSE);
 @@ -219,19 +221,21 @@ public class VerifyAuthenticationBlockTask extends AbstractAuthServletTask {  			}
  			catch (MOAIDException ex) {
 -				handleError(null, ex, req, resp, pendingRequestID);
 +				throw new TaskExecutionException(ex.getMessage(), ex);
  			} catch (GeneralSecurityException e) {
 -				handleError(null, e, req, resp, pendingRequestID);
 +				throw new TaskExecutionException(e.getMessage(), e);
  			} catch (PKIException e) {
 -				handleError(null, e, req, resp, pendingRequestID);
 +				throw new TaskExecutionException(e.getMessage(), e);
  			} catch (TransformerException e) {
 -				handleError(null, e, req, resp, pendingRequestID);
 +				throw new TaskExecutionException(e.getMessage(), e);
  		    } catch (Exception e) {
  		    	Logger.error("AuthBlockValidation has an interal Error.", e);
 +		    	throw new TaskExecutionException(e.getMessage(), e);
 +		    	
  		    }
 diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/modules/internal/tasks/VerifyCertificateTask.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/modules/internal/tasks/VerifyCertificateTask.java index 32ea7fe3a..607641532 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/modules/internal/tasks/VerifyCertificateTask.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/modules/internal/tasks/VerifyCertificateTask.java @@ -19,6 +19,7 @@ import at.gv.egovernment.moa.id.auth.exception.AuthenticationException;  import at.gv.egovernment.moa.id.auth.exception.MOAIDException;
  import at.gv.egovernment.moa.id.auth.exception.WrongParametersException;
  import at.gv.egovernment.moa.id.auth.modules.AbstractAuthServletTask;
 +import at.gv.egovernment.moa.id.auth.modules.TaskExecutionException;
  import at.gv.egovernment.moa.id.commons.db.ConfigurationDBUtils;
  import at.gv.egovernment.moa.id.commons.db.ex.MOADatabaseException;
  import at.gv.egovernment.moa.id.process.api.ExecutionContext;
 @@ -57,30 +58,26 @@ public class VerifyCertificateTask extends AbstractAuthServletTask {  	@Override
  	public void execute(ExecutionContext executionContext, HttpServletRequest req, HttpServletResponse resp)
 -			throws Exception {
 +			throws TaskExecutionException {
  		// note: code taken from at.gv.egovernment.moa.id.auth.servlet.VerifyCertificateServlet
  		Logger.debug("POST VerifyCertificateServlet");
 -		
 -		String pendingRequestID = null;
 -		
 +				
  		Map<String, String> parameters;
  	    try 
  	    {
  	      parameters = getParameters(req);
 -	    } catch (FileUploadException e) 
 +	    } catch (FileUploadException | IOException e) 
  	    {
  	      Logger.error("Parsing mulitpart/form-data request parameters failed: " + e.getMessage());
 -	      throw new IOException(e.getMessage());
 -	     	}
 +	      throw new TaskExecutionException("Parsing mulitpart/form-data request parameters failed", new IOException(e.getMessage()));
 +	     }
  	    String sessionID = req.getParameter(PARAM_SESSIONID);
  	    // escape parameter strings
  		sessionID = StringEscapeUtils.escapeHtml(sessionID);
 -		
 -		pendingRequestID = AuthenticationSessionStoreage.getPendingRequestID(sessionID);
 -		
 +				
  	    AuthenticationSession session = null;
  	    try {
  	       // check parameter
 @@ -148,10 +145,12 @@ public class VerifyCertificateTask extends AbstractAuthServletTask {  	    	}	    		    	 
  	    }
  	    catch (MOAIDException ex) {
 -	      handleError(null, ex, req, resp, pendingRequestID);
 +	    	throw new TaskExecutionException(ex.getMessage(), ex);
  	    } catch (Exception e) {
  	    	Logger.error("CertificateValidation has an interal Error.", e);
 +	    	throw new TaskExecutionException(e.getMessage(), e);
 +	    	
  	    }
 diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/modules/internal/tasks/VerifyIdentityLinkTask.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/modules/internal/tasks/VerifyIdentityLinkTask.java index bf10b3681..44557453a 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/modules/internal/tasks/VerifyIdentityLinkTask.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/modules/internal/tasks/VerifyIdentityLinkTask.java @@ -16,6 +16,7 @@ import at.gv.egovernment.moa.id.auth.exception.MOAIDException;  import at.gv.egovernment.moa.id.auth.exception.ParseException;
  import at.gv.egovernment.moa.id.auth.exception.WrongParametersException;
  import at.gv.egovernment.moa.id.auth.modules.AbstractAuthServletTask;
 +import at.gv.egovernment.moa.id.auth.modules.TaskExecutionException;
  import at.gv.egovernment.moa.id.commons.db.ConfigurationDBUtils;
  import at.gv.egovernment.moa.id.process.api.ExecutionContext;
  import at.gv.egovernment.moa.id.storage.AuthenticationSessionStoreage;
 @@ -50,7 +51,7 @@ public class VerifyIdentityLinkTask extends AbstractAuthServletTask {  	@Override
  	public void execute(ExecutionContext executionContext, HttpServletRequest req, HttpServletResponse resp)
 -			throws Exception {
 +			throws TaskExecutionException {
  		// note: code taken from at.gv.egovernment.moa.id.auth.servlet.VerifyIdentityLinkServlet
 @@ -59,13 +60,12 @@ public class VerifyIdentityLinkTask extends AbstractAuthServletTask {  		setNoCachingHeaders(resp);
  		Map<String, String> parameters;
 -		String pendingRequestID = null;
  		try {
  			parameters = getParameters(req);
  		} catch (Exception e) {
  			Logger.error("Parsing mulitpart/form-data request parameters failed: " + e.getMessage());
 -			throw new IOException(e.getMessage());
 +			throw new TaskExecutionException("Parsing mulitpart/form-data request parameters failed", new IOException(e.getMessage()));
  		}
  		try {
 @@ -75,8 +75,6 @@ public class VerifyIdentityLinkTask extends AbstractAuthServletTask {  			if (!ParamValidatorUtils.isValidSessionID(sessionID)) {
  				throw new WrongParametersException("VerifyIdentityLink", PARAM_SESSIONID, "auth.12");
  			}
 -			pendingRequestID = AuthenticationSessionStoreage.getPendingRequestID(sessionID);
 -
  			AuthenticationSession session = AuthenticationServer.getSession(sessionID);
  			boolean identityLinkAvailable = AuthenticationServer.getInstance().verifyIdentityLink(session, parameters) != null;
 @@ -85,13 +83,15 @@ public class VerifyIdentityLinkTask extends AbstractAuthServletTask {  			executionContext.put("identityLinkAvailable", identityLinkAvailable);
  		} catch (ParseException ex) {
 -			handleError(null, ex, req, resp, pendingRequestID);
 +			throw new TaskExecutionException(ex.getMessage(), ex);
  		} catch (MOAIDException ex) {
 -			handleError(null, ex, req, resp, pendingRequestID);
 +			throw new TaskExecutionException(ex.getMessage(), ex);
  		} catch (Exception e) {
  			Logger.error("IdentityLinkValidation has an interal Error.", e);
 +			throw new TaskExecutionException(e.getMessage(), e);
 +			
  		}
  		finally {
 diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/AuthServlet.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/AuthServlet.java index 331a7653a..c4c4b2691 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/AuthServlet.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/AuthServlet.java @@ -77,9 +77,11 @@ import at.gv.egovernment.moa.id.auth.MOAIDAuthConstants;  import at.gv.egovernment.moa.id.auth.exception.AuthenticationException;  import at.gv.egovernment.moa.id.auth.exception.MOAIDException;  import at.gv.egovernment.moa.id.auth.exception.WrongParametersException; +import at.gv.egovernment.moa.id.auth.modules.TaskExecutionException;  import at.gv.egovernment.moa.id.config.ConfigurationException;  import at.gv.egovernment.moa.id.entrypoints.DispatcherServlet;  import at.gv.egovernment.moa.id.process.ProcessEngine; +import at.gv.egovernment.moa.id.process.ProcessExecutionException;  import at.gv.egovernment.moa.id.storage.DBExceptionStoreImpl;  import at.gv.egovernment.moa.id.storage.IExceptionStore;  import at.gv.egovernment.moa.id.util.ServletUtils; @@ -185,29 +187,36 @@ public class AuthServlet extends HttpServlet implements MOAIDAuthConstants {  	protected void handleError(String errorMessage, Throwable exceptionThrown,  			HttpServletRequest req, HttpServletResponse resp, String pendingRequestID) { -		if (null != errorMessage) { -			Logger.error(errorMessage); -			req.setAttribute("ErrorMessage", errorMessage); -		} - -		if (null != exceptionThrown) { -			if (null == errorMessage) -				errorMessage = exceptionThrown.getMessage(); -			Logger.error(errorMessage, exceptionThrown); -			req.setAttribute("ExceptionThrown", exceptionThrown); -		} - -		if (Logger.isDebugEnabled()) { -			req.setAttribute("LogLevel", "debug"); +		Throwable loggedException = null; +		 +		if (exceptionThrown != null  +				&& exceptionThrown instanceof ProcessExecutionException) { +			ProcessExecutionException procExc =  +					(ProcessExecutionException) exceptionThrown; +			if (procExc.getCause() != null &&  +					procExc.getCause() instanceof TaskExecutionException) { +				TaskExecutionException taskExc = (TaskExecutionException) procExc.getCause(); +				loggedException = taskExc.getOriginalException();	 +				if (Logger.isDebugEnabled() || Logger.isTraceEnabled()) { +					Logger.error(exceptionThrown.getMessage(), exceptionThrown); +					 +				} else +					Logger.error(exceptionThrown.getMessage()); +								 +			}			  		} +		 +		if (loggedException == null) +			loggedException = exceptionThrown; +		 -		if (!(exceptionThrown instanceof MOAIDException)) { -			Logger.error("Receive an internal error: Message=" + exceptionThrown.getMessage(), exceptionThrown); +		if (!(loggedException instanceof MOAIDException)) { +			Logger.error("Receive an internal error: Message=" + loggedException.getMessage(), loggedException);  		}  		IExceptionStore store = DBExceptionStoreImpl.getStore(); -		String id = store.storeException(exceptionThrown); +		String id = store.storeException(loggedException);  		if (id != null && MiscUtil.isNotEmpty(pendingRequestID)) { @@ -228,7 +237,7 @@ public class AuthServlet extends HttpServlet implements MOAIDAuthConstants {  		} else {  			//Exception can not be stored in database -			handleErrorNoRedirect(errorMessage, exceptionThrown, req, resp); +			handleErrorNoRedirect(errorMessage, loggedException, req, resp);  		}  	} diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/ProcessEngineSignalServlet.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/ProcessEngineSignalServlet.java index d670cbe8a..43b6c03d4 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/ProcessEngineSignalServlet.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/ProcessEngineSignalServlet.java @@ -13,6 +13,7 @@ import at.gv.egovernment.moa.id.auth.MOAIDAuthConstants;  import at.gv.egovernment.moa.id.auth.data.AuthenticationSession;
  import at.gv.egovernment.moa.id.auth.exception.WrongParametersException;
  import at.gv.egovernment.moa.id.commons.db.MOASessionDBUtils;
 +import at.gv.egovernment.moa.id.storage.AuthenticationSessionStoreage;
  import at.gv.egovernment.moa.id.util.ParamValidatorUtils;
  /**
 @@ -54,7 +55,8 @@ public class ProcessEngineSignalServlet extends AuthServlet {  	protected void doPost(HttpServletRequest req, HttpServletResponse resp) throws ServletException, IOException {
  		String sessionID = StringEscapeUtils.escapeHtml(getMoaSessionId(req));
 -		setNoCachingHeaders(resp);
 +		setNoCachingHeaders(resp);		
 +		String pendingRequestID = null;
  		try {
  			if (sessionID == null) {
 @@ -62,6 +64,7 @@ public class ProcessEngineSignalServlet extends AuthServlet {  			}
  			// retrieve moa session
 +			pendingRequestID = AuthenticationSessionStoreage.getPendingRequestID(sessionID);
  			AuthenticationSession session = AuthenticationServer.getSession(sessionID);
  			// process instance is mandatory
 @@ -73,7 +76,7 @@ public class ProcessEngineSignalServlet extends AuthServlet {  			getProcessEngine().signal(session.getProcessInstanceId());
  		} catch (Exception ex) {
 -			handleError(null, ex, req, resp, null);
 +			handleError(null, ex, req, resp, pendingRequestID);
  		} finally {
  			MOASessionDBUtils.closeSession();
  		}
 diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/stork/STORKResponseProcessor.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/stork/STORKResponseProcessor.java index ea1526ff0..3809ec4bc 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/stork/STORKResponseProcessor.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/stork/STORKResponseProcessor.java @@ -39,6 +39,7 @@ import javax.xml.transform.TransformerFactoryConfigurationError;  import javax.xml.transform.stream.StreamSource;
  import org.apache.commons.io.IOUtils;
 +import org.apache.commons.lang3.StringEscapeUtils;
  import at.gv.egovernment.moa.id.auth.AuthenticationServer;
  import at.gv.egovernment.moa.id.auth.data.ExtendedSAMLAttribute;
 @@ -286,6 +287,12 @@ public class STORKResponseProcessor {  			Object attributeValue = attribute.getValue();
  			if (null == attributeValue)
  				attributeValue = attribute.getComplexValue();
 +
 +			// escape attributeValue
 +			attributeValue = StringEscapeUtils.escapeXml10(attributeValue.toString());
 +			// and remove trailing and tailing brackets. Might break something but we never saw an array with more than one entry!
 +			attributeValue = ((String) attributeValue).substring(1, ((String) attributeValue).length() - 1);
 +
  			ExtendedSAMLAttribute extendedSAMLAttribute = 
  				new ExtendedSAMLAttributeImpl(attribute.getName(), attributeValue, Constants.STORK_NS_URI, 0);
  			moaExtendedSAMLAttributeList.add(extendedSAMLAttribute);
 diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/process/ProcessEngineImpl.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/process/ProcessEngineImpl.java index 0ffa22ec3..096e5ee9e 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/process/ProcessEngineImpl.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/process/ProcessEngineImpl.java @@ -13,6 +13,7 @@ import org.slf4j.Logger;  import org.slf4j.LoggerFactory;  import org.slf4j.MDC; +import at.gv.egovernment.moa.id.auth.modules.TaskExecutionException;  import at.gv.egovernment.moa.id.commons.db.ex.MOADatabaseException;  import at.gv.egovernment.moa.id.process.api.ExecutionContext;  import at.gv.egovernment.moa.id.process.api.ExpressionEvaluationContext; diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/process/api/Task.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/process/api/Task.java index 6401b1d5d..343b8fe0c 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/process/api/Task.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/process/api/Task.java @@ -1,5 +1,7 @@  package at.gv.egovernment.moa.id.process.api; +import at.gv.egovernment.moa.id.auth.modules.TaskExecutionException; +  /**   * Represents a single task to be performed upon process execution. @@ -16,6 +18,6 @@ public interface Task {  	 *            Provides execution related information.  	 * @throws Exception An exception upon task execution.  	 */ -	void execute(ExecutionContext executionContext) throws Exception; +	void execute(ExecutionContext executionContext) throws TaskExecutionException;  } diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/process/springweb/MoaIdTask.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/process/springweb/MoaIdTask.java index bae6391ec..fb75fc8d7 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/process/springweb/MoaIdTask.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/process/springweb/MoaIdTask.java @@ -8,6 +8,7 @@ import org.springframework.web.context.request.RequestContextHolder;  import org.springframework.web.context.request.ServletRequestAttributes;  import org.springframework.web.filter.RequestContextFilter; +import at.gv.egovernment.moa.id.auth.modules.TaskExecutionException;  import at.gv.egovernment.moa.id.process.api.ExecutionContext;  import at.gv.egovernment.moa.id.process.api.Task; @@ -52,10 +53,10 @@ public abstract class MoaIdTask implements Task {  	 *             Thrown in case of error executing the task.  	 */  	public abstract void execute(ExecutionContext executionContext, HttpServletRequest request, -			HttpServletResponse response) throws Exception; +			HttpServletResponse response) throws TaskExecutionException;  	@Override -	public void execute(ExecutionContext executionContext) throws Exception { +	public void execute(ExecutionContext executionContext) throws TaskExecutionException {  		RequestAttributes requestAttributes = RequestContextHolder.getRequestAttributes();  		if (requestAttributes != null && requestAttributes instanceof ServletRequestAttributes) {  			HttpServletRequest request = ((ServletRequestAttributes) requestAttributes).getRequest(); diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/PVPConstants.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/PVPConstants.java index 1f3e86ff6..168f2362a 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/PVPConstants.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/PVPConstants.java @@ -237,12 +237,12 @@ public interface PVPConstants {  	public static final String MANDATE_PROF_REP_OID_OID = "1.2.40.0.10.2.1.1.261.86";  	public static final String MANDATE_PROF_REP_OID_NAME = URN_OID_PREFIX + MANDATE_PROF_REP_OID_OID; -	public static final String MANDATE_PROF_REP_OID_FRIENDLY_NAME = "MANDATOR-PROF-REP-OID"; +	public static final String MANDATE_PROF_REP_OID_FRIENDLY_NAME = "MANDATE-PROF-REP-OID";  	public static final int MANDATE_PROF_REP_OID_MAX_LENGTH = 256;  	public static final String MANDATE_PROF_REP_DESC_OID = "1.2.40.0.10.2.1.1.261.88";  	public static final String MANDATE_PROF_REP_DESC_NAME = URN_OID_PREFIX + MANDATE_PROF_REP_DESC_OID; -	public static final String MANDATE_PROF_REP_DESC_FRIENDLY_NAME = "MANDATOR-PROF-REP-DESCRIPTION"; +	public static final String MANDATE_PROF_REP_DESC_FRIENDLY_NAME = "MANDATE-PROF-REP-DESCRIPTION";  	public static final int MANDATE_PROF_REP_DESC_MAX_LENGTH = 1024;  	public static final String MANDATE_REFERENCE_VALUE_OID = "1.2.40.0.10.2.1.1.261.90"; diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/exceptions/filter/SchemaValidationException.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/exceptions/filter/SchemaValidationException.java new file mode 100644 index 000000000..8da5edeed --- /dev/null +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/exceptions/filter/SchemaValidationException.java @@ -0,0 +1,43 @@ +/* + * Copyright 2014 Federal Chancellery Austria + * MOA-ID has been developed in a cooperation between BRZ, the Federal + * Chancellery Austria - ICT staff unit, and Graz University of Technology. + * + * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by + * the European Commission - subsequent versions of the EUPL (the "Licence"); + * You may not use this work except in compliance with the Licence. + * You may obtain a copy of the Licence at: + * http://www.osor.eu/eupl/ + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the Licence is distributed on an "AS IS" basis, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the Licence for the specific language governing permissions and + * limitations under the Licence. + * + * This product combines work with different licenses. See the "NOTICE" text + * file for details on the various modules and licenses. + * The "NOTICE" text file is part of the distribution. Any derivative works + * that you distribute must include a readable copy of the "NOTICE" text file. + */ +package at.gv.egovernment.moa.id.protocols.pvp2x.exceptions.filter; + +import org.opensaml.saml2.metadata.provider.FilterException; + +/** + * @author tlenz + * + */ +public class SchemaValidationException extends FilterException { + +	/** +	 * @param string +	 */ +	public SchemaValidationException(String string) { +		super(string); +		 +	} + +	private static final long serialVersionUID = 1L; + +} diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/exceptions/filter/SignatureValidationException.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/exceptions/filter/SignatureValidationException.java new file mode 100644 index 000000000..86a6a777b --- /dev/null +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/exceptions/filter/SignatureValidationException.java @@ -0,0 +1,58 @@ +/* + * Copyright 2014 Federal Chancellery Austria + * MOA-ID has been developed in a cooperation between BRZ, the Federal + * Chancellery Austria - ICT staff unit, and Graz University of Technology. + * + * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by + * the European Commission - subsequent versions of the EUPL (the "Licence"); + * You may not use this work except in compliance with the Licence. + * You may obtain a copy of the Licence at: + * http://www.osor.eu/eupl/ + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the Licence is distributed on an "AS IS" basis, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the Licence for the specific language governing permissions and + * limitations under the Licence. + * + * This product combines work with different licenses. See the "NOTICE" text + * file for details on the various modules and licenses. + * The "NOTICE" text file is part of the distribution. Any derivative works + * that you distribute must include a readable copy of the "NOTICE" text file. + */ +package at.gv.egovernment.moa.id.protocols.pvp2x.exceptions.filter; + +import org.opensaml.saml2.metadata.provider.FilterException; + +/** + * @author tlenz + * + */ +public class SignatureValidationException extends FilterException { + +	/** +	 * @param string +	 */ +	public SignatureValidationException(String string) { +		super(string); +		 +	} + +	/** +	 * @param e +	 */ +	public SignatureValidationException(Exception e) { +		super(e); +	} + +	/** +	 * @param string +	 * @param object +	 */ +	public SignatureValidationException(String string, Exception e) { +		super(string, e); +	} + +	private static final long serialVersionUID = 1L; + +} diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/metadata/MOAMetadataProvider.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/metadata/MOAMetadataProvider.java index 12afa14bc..d493ef9e0 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/metadata/MOAMetadataProvider.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/metadata/MOAMetadataProvider.java @@ -55,6 +55,8 @@ import at.gv.egovernment.moa.id.commons.ex.MOAHttpProtocolSocketFactoryException  import at.gv.egovernment.moa.id.commons.utils.MOAHttpProtocolSocketFactory;  import at.gv.egovernment.moa.id.config.auth.AuthConfigurationProvider;  import at.gv.egovernment.moa.id.protocols.pvp2x.PVPConstants; +import at.gv.egovernment.moa.id.protocols.pvp2x.exceptions.filter.SchemaValidationException; +import at.gv.egovernment.moa.id.protocols.pvp2x.exceptions.filter.SignatureValidationException;  import at.gv.egovernment.moa.id.protocols.pvp2x.verification.metadata.InterfederatedIDPPublicServiceFilter;  import at.gv.egovernment.moa.id.protocols.pvp2x.verification.metadata.MetadataFilterChain;  import at.gv.egovernment.moa.id.protocols.pvp2x.verification.metadata.SchemaValidationFilter; @@ -380,10 +382,18 @@ public class MOAMetadataProvider implements MetadataProvider {  			return httpProvider; -		} catch (Throwable e) { +		} catch (Throwable e) {			  			if (e.getCause() != null && e.getCause().getCause() instanceof SSLHandshakeException) {  				Logger.warn("SSL-Server certificate for metadata "  -						+ metadataURL + " not trusted.", e);				 +						+ metadataURL + " not trusted.", e); +				 +			} if (e.getCause() != null && e.getCause().getCause() instanceof SignatureValidationException) {				 +				Logger.warn("Signature verification for metadata"  +						+ metadataURL + " FAILED.", e); +			 +			} if (e.getCause() != null && e.getCause().getCause() instanceof SchemaValidationException) { +				Logger.warn("Schema validation for metadata "  +						+ metadataURL + " FAILED.", e);								  			}  			Logger.error( diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/verification/metadata/MetadataSignatureFilter.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/verification/metadata/MetadataSignatureFilter.java index 0405fa114..6dac4bba1 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/verification/metadata/MetadataSignatureFilter.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/verification/metadata/MetadataSignatureFilter.java @@ -39,6 +39,7 @@ import org.opensaml.xml.security.x509.BasicX509Credential;  import at.gv.egovernment.moa.id.auth.exception.MOAIDException;  import at.gv.egovernment.moa.id.commons.db.ConfigurationDBUtils;  import at.gv.egovernment.moa.id.protocols.pvp2x.exceptions.NoCredentialsException; +import at.gv.egovernment.moa.id.protocols.pvp2x.exceptions.filter.SignatureValidationException;  import at.gv.egovernment.moa.id.protocols.pvp2x.verification.EntityVerifier;  import at.gv.egovernment.moa.logging.Logger; @@ -126,7 +127,7 @@ public class MetadataSignatureFilter implements MetadataFilter {  		desc.getEntityDescriptors().addAll(verifiedEntIT);  	} -	public void doFilter(XMLObject metadata) throws FilterException { +	public void doFilter(XMLObject metadata) throws SignatureValidationException {  		try {  			if (metadata instanceof EntitiesDescriptor) {  				EntitiesDescriptor entitiesDescriptor = (EntitiesDescriptor) metadata; @@ -155,7 +156,7 @@ public class MetadataSignatureFilter implements MetadataFilter {  			Logger.info("Metadata signature policy check done OK");  		} catch (MOAIDException e) {  			Logger.warn("Metadata signature policy check FAILED.", e); -			throw new FilterException(e); +			throw new SignatureValidationException(e);  		}  	} diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/verification/metadata/SchemaValidationFilter.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/verification/metadata/SchemaValidationFilter.java index 382adb108..f73b541bf 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/verification/metadata/SchemaValidationFilter.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/verification/metadata/SchemaValidationFilter.java @@ -22,8 +22,6 @@   */  package at.gv.egovernment.moa.id.protocols.pvp2x.verification.metadata; -import java.io.IOException; -  import org.opensaml.saml2.metadata.provider.FilterException;  import org.opensaml.saml2.metadata.provider.MetadataFilter;  import org.opensaml.xml.XMLObject; @@ -38,6 +36,7 @@ import org.xml.sax.SAXException;  import at.gv.egovernment.moa.id.config.ConfigurationException;  import at.gv.egovernment.moa.id.config.auth.AuthConfigurationProvider; +import at.gv.egovernment.moa.id.protocols.pvp2x.exceptions.filter.SchemaValidationException;  import at.gv.egovernment.moa.logging.Logger;  /** @@ -69,7 +68,7 @@ public class SchemaValidationFilter implements MetadataFilter {  	 * @see org.opensaml.saml2.metadata.provider.MetadataFilter#doFilter(org.opensaml.xml.XMLObject)  	 */  	@Override -	public void doFilter(XMLObject arg0) throws FilterException { +	public void doFilter(XMLObject arg0) throws SchemaValidationException {  		String errString = null; @@ -100,7 +99,7 @@ public class SchemaValidationFilter implements MetadataFilter {  			} -			throw new FilterException("Metadata Schema validation FAILED with message: "+ errString); +			throw new SchemaValidationException("Metadata Schema validation FAILED with message: "+ errString);  		} else		  			Logger.info("Metadata Schema validation check is DEACTIVATED!"); diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AttributeCollector.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AttributeCollector.java index 1e6cf6910..371cfb1d7 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AttributeCollector.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AttributeCollector.java @@ -26,12 +26,8 @@ import java.util.ArrayList;  import java.util.Iterator;  import java.util.List; -import at.gv.egovernment.moa.id.auth.data.AuthenticationSession;  import at.gv.egovernment.moa.id.auth.exception.AuthenticationException;  import at.gv.egovernment.moa.id.auth.exception.MOAIDException; -import at.gv.egovernment.moa.id.commons.db.dao.config.AttributeProviderPlugin; -import at.gv.egovernment.moa.id.commons.db.dao.config.OAStorkAttribute; -import at.gv.egovernment.moa.id.commons.db.dao.config.StorkAttribute;  import at.gv.egovernment.moa.id.commons.db.ex.MOADatabaseException;  import at.gv.egovernment.moa.id.config.auth.AuthConfigurationProvider;  import at.gv.egovernment.moa.id.config.auth.OAAuthParameter; @@ -184,9 +180,21 @@ public class AttributeCollector implements IAction {          IPersonalAttributeList requestAttributeList = container.getRequest().getPersonalAttributeList();          IPersonalAttributeList responseAttributeList = container.getResponse().getPersonalAttributeList();          List<PersonalAttribute> missingAttributes = new ArrayList<PersonalAttribute>(); +        Logger.debug("aquire list of missing attributes");          for (PersonalAttribute current : requestAttributeList) -            if (!responseAttributeList.containsKey(current.getName())) -                missingAttributes.add(current); +            if (!responseAttributeList.containsKey(current.getName())) { +                if(null == current.getStatus() || (null != current.getStatus() && !current.getStatus().equals(AttributeStatusType.WITHHELD.value()))) { +                    // add the ones we need +                    missingAttributes.add(current); +                    Logger.debug("add " + current.getName() + " to the list of missing attributes"); +                } +            } else { +                // remove the ones we do not want to share from the response list +                if(null != current.getStatus() && current.getStatus().equals(AttributeStatusType.WITHHELD.value())) { +                    responseAttributeList.remove(current.getName()); +                    Logger.debug("remove " + current.getName() + " from the list of resulting attributes because the user does not want to disclose the data"); +                } +            }          Logger.info("collecting attributes...");  		Logger.debug("found " + missingAttributes.size() + " missing attributes"); @@ -253,10 +261,7 @@ public class AttributeCollector implements IAction {              Logger.info("collecting attributes done");              // ask for consent if necessary -            if(oaParam.isRequireConsentForStorkAttributes()) -            	new ConsentEvaluator().requestConsent(container, response, oaParam); -            else -            	new ConsentEvaluator().generateSTORKResponse(response, container); +            new ConsentEvaluator().generateSTORKResponse(response, container);              return null; // AssertionId                              // TODO diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AuthenticationRequest.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AuthenticationRequest.java index 859f4900b..01f84125f 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AuthenticationRequest.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AuthenticationRequest.java @@ -163,7 +163,12 @@ public class AuthenticationRequest implements IAction {              Logger.debug("Data container prepared"); -            return (new AttributeCollector()).processRequest(container, httpReq, httpResp, authData, oaParam); +            if(oaParam.isRequireConsentForStorkAttributes()) +                new ConsentEvaluator().requestConsent(container, httpReq, httpResp, authData, oaParam); +            else +                new AttributeCollector().processRequest(container, httpReq, httpResp, authData, oaParam); + +            return null;          }  //        // check if we are getting request for citizen of some other country  //        else if (req instanceof MOASTORKRequest) { @@ -494,11 +499,11 @@ public class AuthenticationRequest implements IAction {                  Logger.debug("Personal attribute found in request: " + personalAttribute.getName() + " isRequired: " + personalAttribute.isRequired());                  moaAttributeProvider.populateAttribute(attributeList, personalAttribute);              	 } catch (Exception e) { -                     Logger.error("Exception, attributes: " + e.getMessage()); +                     Logger.error("Exception, attributes: " + e.getMessage(), e);                   }              }          } catch (Exception e) { -            Logger.error("Exception, attributes: " + e.getMessage()); +            Logger.error("Exception, attributes: " + e.getMessage(), e);          }          Logger.trace("AUTHBLOCK " + authData.getAuthBlock()); diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/ConsentEvaluator.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/ConsentEvaluator.java index 2c5728798..3acd1039f 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/ConsentEvaluator.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/ConsentEvaluator.java @@ -23,13 +23,17 @@  package at.gv.egovernment.moa.id.protocols.stork2;  import java.io.StringWriter; + +import at.gv.egovernment.moa.id.auth.exception.AuthenticationException; +  import java.util.ArrayList;  import java.util.HashMap; -import at.gv.egovernment.moa.id.auth.data.AuthenticationSession; +import java.util.Map.Entry; +  import at.gv.egovernment.moa.id.auth.exception.MOAIDException;  import at.gv.egovernment.moa.id.commons.db.ex.MOADatabaseException;  import at.gv.egovernment.moa.id.config.auth.AuthConfigurationProvider; -import at.gv.egovernment.moa.id.config.auth.IOAAuthParameters; +import at.gv.egovernment.moa.id.config.auth.OAAuthParameter;  import at.gv.egovernment.moa.id.data.IAuthData;  import at.gv.egovernment.moa.id.data.SLOInformationInterface;  import at.gv.egovernment.moa.id.moduls.IAction; @@ -39,14 +43,13 @@ import at.gv.egovernment.moa.id.util.VelocityProvider;  import at.gv.egovernment.moa.logging.Logger;  import eu.stork.peps.auth.commons.PEPSUtil;  import eu.stork.peps.auth.commons.PersonalAttribute; -import eu.stork.peps.auth.commons.STORKAuthnResponse;  import eu.stork.peps.auth.engine.STORKSAMLEngine;  import eu.stork.peps.complex.attributes.eu.stork.names.tc.stork._1_0.assertion.AttributeStatusType;  import eu.stork.peps.exceptions.STORKSAMLEngineException; +  import org.apache.velocity.Template;  import org.apache.velocity.VelocityContext;  import org.apache.velocity.app.VelocityEngine; -import org.joda.time.DateTime;  import org.opensaml.common.impl.SecureRandomIdentifierGenerator;  import javax.servlet.http.HttpServletRequest; @@ -72,23 +75,28 @@ public class ConsentEvaluator implements IAction {  		DataContainer container;  		try {  			container = AssertionStorage.getInstance().get(artifactId, DataContainer.class); +			req = container.getRequest();  		} catch (MOADatabaseException e) {  			Logger.error("Error fetching incomplete Stork response from temporary storage. Most likely a timeout occured.", e);  			throw new MOAIDException("stork.17", null);  		}  		// evaluate response -		for(PersonalAttribute current : container.getResponse().getPersonalAttributeList()) { +		for(PersonalAttribute current : container.getRequest().getPersonalAttributeList()) {  			if(null == httpReq.getParameter(current.getName())) { -				current.setStatus(AttributeStatusType.NOT_AVAILABLE.value()); +				current.setStatus(AttributeStatusType.WITHHELD.value());  				current.setValue(new ArrayList<String>());  				current.setComplexValue(new HashMap<String, String>());  			}  		} -        // build and send response -        generateSTORKResponse(httpResp, container); -         +        //TODO: CHECK: req.getOAURL() should return the unique OA identifier +		OAAuthParameter oaParam = AuthConfigurationProvider.getInstance().getOnlineApplicationParameter(req.getOAURL()); +		if (oaParam == null) +			throw new AuthenticationException("stork.12", new Object[]{req.getOAURL()}); + +		new AttributeCollector().processRequest(container, httpReq, httpResp, authData, oaParam); +          return null; // AssertionId      } @@ -96,12 +104,19 @@ public class ConsentEvaluator implements IAction {  	 * Fills the given HttpResponse with the required web page.  	 *  	 * @param container the container +	 * @param authData   	 * @param response the response  	 * @param oaParam the oa param  	 * @return the string  	 * @throws MOAIDException the mOAID exception  	 */ -	public String requestConsent(DataContainer container, HttpServletResponse response, IOAAuthParameters oaParam) throws MOAIDException { +	public String requestConsent(DataContainer container, HttpServletRequest httpReq, HttpServletResponse httpResp, IAuthData authData, OAAuthParameter oaParam) throws MOAIDException { +		//check if we need to collect consent +        if(!oaParam.isRequireConsentForStorkAttributes()) { +            (new AttributeCollector()).processRequest(container, httpReq, httpResp, authData, oaParam); +            return ""; +        } +  		// prepare redirect  		String newArtifactId;  		try { @@ -130,19 +145,20 @@ public class ConsentEvaluator implements IAction {  			Template template = velocityEngine.getTemplate("/resources/templates/stork2_consent.html");  			VelocityContext context = new VelocityContext(); -			context.put("action", AuthConfigurationProvider.getInstance().getPublicURLPrefix() + "/stork2/CompleteAuthentication?" + ARTIFACT_ID + "=" + newArtifactId); +			context.put("action", AuthConfigurationProvider.getInstance().getPublicURLPrefix() + "/stork2/GetConsent?" + ARTIFACT_ID + "=" + newArtifactId);  			// assemble table  			String table = ""; -			for (PersonalAttribute current : container.getResponse().getPersonalAttributeList()) -				if ("Available".equals(current.getStatus())) -					table += "<tr><td><input type=\"checkbox\" checked=\"yes\" name=\"" + current.getName() + "\"></td><td>" + current.getName() + "</td></tr>\n"; +			for (PersonalAttribute current : container.getRequest().getPersonalAttributeList()) +				table += "<tr><td><input type=\"checkbox\" checked=\"yes\" name=\"" + current.getName() + "\"></td><td>" + current.getName() + (current.isRequired() ? "" : " (optional)") + "</td></tr>\n";  			context.put("tablecontent", table); +			for(Entry<String, String> current : oaParam.getFormCustomizaten().entrySet()) +				context.put(current.getKey().replace("#", ""), current.getValue());  			StringWriter writer = new StringWriter();  			template.merge(context, writer); -			response.getOutputStream().write(writer.getBuffer().toString().getBytes("UTF-8")); +			httpResp.getOutputStream().write(writer.getBuffer().toString().getBytes("UTF-8"));  		} catch (Exception e) {  			Logger.error("Velocity error: " + e.getMessage()); diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/MOAAttributeProvider.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/MOAAttributeProvider.java index 3ab4ec4a1..9a6206947 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/MOAAttributeProvider.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/MOAAttributeProvider.java @@ -79,7 +79,17 @@ public class MOAAttributeProvider {      public void populateAttribute(PersonalAttributeList attributeList, PersonalAttribute requestedAttribute ) {          String storkAttribute = requestedAttribute.getName(); -        if (storkAttributeSimpleMapping.containsKey(storkAttribute)) { +        if (null != authData && null != authData.getStorkAttributes() && authData.getStorkAttributes().containsKey(requestedAttribute.getName())) { +            Logger.debug("Trying to get value for attribute directly from STORK2 response [" + storkAttribute + "]"); +            try { +                PersonalAttribute tmp = authData.getStorkAttributes().get(requestedAttribute.getName()); +                attributeList.add((PersonalAttribute) tmp.clone()); +            } catch(Exception e) { +                Logger.error("Could not retrieve attribute from STORK2 response: " + storkAttribute); +                if(Logger.isDebugEnabled()) +                    e.printStackTrace(); +            } +        } else if (storkAttributeSimpleMapping.containsKey(storkAttribute)) {              Logger.debug("Trying to get value for attribute using simple mapping [" + storkAttribute + "]");              try {                  Method method = authData.getClass().getDeclaredMethod(storkAttributeSimpleMapping.get(storkAttribute)); diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/MandateRetrievalRequest.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/MandateRetrievalRequest.java index e6fff76ab..59e1dbeca 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/MandateRetrievalRequest.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/MandateRetrievalRequest.java @@ -211,7 +211,7 @@ public class MandateRetrievalRequest implements IAction {          // ask for consent if necessary          if (oaParam.isRequireConsentForStorkAttributes()) -            new ConsentEvaluator().requestConsent(container, httpResp, oaParam); +            new ConsentEvaluator().requestConsent(container, httpReq, httpResp, authData, oaParam);          else              new ConsentEvaluator().generateSTORKResponse(httpResp, container); diff --git a/id/server/idserverlib/src/main/resources/resources/templates/stork2_consent.html b/id/server/idserverlib/src/main/resources/resources/templates/stork2_consent.html index e21a61665..0ab41f146 100644 --- a/id/server/idserverlib/src/main/resources/resources/templates/stork2_consent.html +++ b/id/server/idserverlib/src/main/resources/resources/templates/stork2_consent.html @@ -80,6 +80,7 @@  				  overflow:auto;	            min-width: 190px;            height: 260px; +          padding: 20px;  			  }          h2#tabheader{ @@ -134,6 +135,7 @@          #bkulogin {          min-height: 150px; +        padding: 20px;          }         } @@ -146,6 +148,7 @@          #bkulogin {            height: 180px; +          padding: 20px;          }          } @@ -175,7 +178,7 @@  					color : #000;  			  	text-align: center;            font-size: 100%; -			  	background-color: #MAIN_BACKGOUNDCOLOR#; +			  	background-color: ${MAIN_BACKGOUNDCOLOR};  				}  			  #page { @@ -230,6 +233,7 @@         	#bkulogin {	            min-width: 190px;            height: 155px;	 +          padding: 20px;  			 }  			 .setAssertionButton_full { @@ -249,7 +253,7 @@  			* {  				margin: 0;  				padding: 0; -        font-family: #FONTTYPE#; +        font-family: ${FONTTYPE};  			}  			#selectArea { @@ -333,13 +337,13 @@  			}  			.hell { -				background-color : #MAIN_BACKGOUNDCOLOR#; -        color: #MAIN_COLOR#;	 +				background-color : ${MAIN_BACKGOUNDCOLOR}; +        color: ${MAIN_COLOR};	  			}  			.dunkel { -				background-color: #HEADER_BACKGROUNDCOLOR#; -        color: #HEADER_COLOR#; +				background-color: ${HEADER_BACKGROUNDCOLOR}; +        color: ${HEADER_COLOR};  			}  			.main_header { @@ -404,7 +408,7 @@      }  	</script> -<title>#HEADER_TEXT#</title> +<title>Informationsfreigabe</title>  </head>  <body onload="onChangeChecks();" onresize="onChangeChecks();">  	<div id="page"> @@ -417,7 +421,7 @@  							<h2 id="tabheader" class="dunkel" role="heading">STORK Informationsfreigabe</h2>  						</div>  						<div id="bkulogin" class="hell" role="form"> -							Alle angehakten Daten werden an das fragende Drittland übermittelt. +							Wählen Sie jene Daten, die, wenn verfügbar, an ein Drittland weitergegeben werden sollen:</br>  	  						<table>  	  							${tablecontent}  							</table> diff --git a/id/server/idserverlib/src/test/java/at/gv/egovernment/moa/id/process/spring/test/task/CreateSAML1AssertionTask.java b/id/server/idserverlib/src/test/java/at/gv/egovernment/moa/id/process/spring/test/task/CreateSAML1AssertionTask.java index 7e56071bd..ebda3c5c3 100644 --- a/id/server/idserverlib/src/test/java/at/gv/egovernment/moa/id/process/spring/test/task/CreateSAML1AssertionTask.java +++ b/id/server/idserverlib/src/test/java/at/gv/egovernment/moa/id/process/spring/test/task/CreateSAML1AssertionTask.java @@ -1,5 +1,6 @@  package at.gv.egovernment.moa.id.process.spring.test.task; +import java.io.IOException;  import java.io.InputStream;  import java.nio.charset.Charset;  import java.util.Objects; @@ -8,6 +9,7 @@ import org.apache.commons.io.IOUtils;  import org.slf4j.Logger;  import org.slf4j.LoggerFactory; +import at.gv.egovernment.moa.id.auth.modules.TaskExecutionException;  import at.gv.egovernment.moa.id.process.api.ExecutionContext;  import at.gv.egovernment.moa.id.process.api.Task; @@ -37,7 +39,7 @@ public class CreateSAML1AssertionTask implements Task {  	private Logger log = LoggerFactory.getLogger(getClass());  	@Override -	public void execute(ExecutionContext executionContext) throws Exception { +	public void execute(ExecutionContext executionContext) throws TaskExecutionException {  		Objects.requireNonNull(executionContext.get("IdentityLink"));  		assert (Boolean.TRUE.equals(Objects.requireNonNull(executionContext.get("isIdentityLinkValidated"))));  		Objects.requireNonNull(executionContext.get("SignedAuthBlock")); @@ -47,6 +49,9 @@ public class CreateSAML1AssertionTask implements Task {  		try (InputStream in = getClass().getResourceAsStream("SAML1Assertion.xml")) {  			executionContext.put("SAML1Assertion", IOUtils.toString(in, Charset.forName("UTF-8"))); +			 +		} catch (IOException e) { +			throw new TaskExecutionException("", e);  		}  	} diff --git a/id/server/idserverlib/src/test/java/at/gv/egovernment/moa/id/process/spring/test/task/GetIdentityLinkTask.java b/id/server/idserverlib/src/test/java/at/gv/egovernment/moa/id/process/spring/test/task/GetIdentityLinkTask.java index 412fb0123..bd08ec6a1 100644 --- a/id/server/idserverlib/src/test/java/at/gv/egovernment/moa/id/process/spring/test/task/GetIdentityLinkTask.java +++ b/id/server/idserverlib/src/test/java/at/gv/egovernment/moa/id/process/spring/test/task/GetIdentityLinkTask.java @@ -9,6 +9,7 @@ import org.apache.commons.io.IOUtils;  import org.slf4j.Logger;  import org.slf4j.LoggerFactory; +import at.gv.egovernment.moa.id.auth.modules.TaskExecutionException;  import at.gv.egovernment.moa.id.process.api.ExecutionContext;  import at.gv.egovernment.moa.id.process.api.Task; @@ -37,13 +38,16 @@ public class GetIdentityLinkTask implements Task {  	private Logger log = LoggerFactory.getLogger(getClass());  	@Override -	public void execute(ExecutionContext executionContext) throws IOException { +	public void execute(ExecutionContext executionContext) throws TaskExecutionException {  		Objects.requireNonNull(executionContext.get("bkuURL"));  		log.debug("Using bkuURL in order to retrieve IdentityLink.");  		try (InputStream in = getClass().getResourceAsStream("IdentityLink_Max_Mustermann.xml")) {  			executionContext.put("IdentityLink", IOUtils.toString(in, Charset.forName("UTF-8"))); +			 +		} catch (IOException e) { +			throw new TaskExecutionException("", e);  		}  	} diff --git a/id/server/idserverlib/src/test/java/at/gv/egovernment/moa/id/process/spring/test/task/SignAuthBlockTask.java b/id/server/idserverlib/src/test/java/at/gv/egovernment/moa/id/process/spring/test/task/SignAuthBlockTask.java index 8099c0f98..8f9b72cea 100644 --- a/id/server/idserverlib/src/test/java/at/gv/egovernment/moa/id/process/spring/test/task/SignAuthBlockTask.java +++ b/id/server/idserverlib/src/test/java/at/gv/egovernment/moa/id/process/spring/test/task/SignAuthBlockTask.java @@ -1,5 +1,6 @@  package at.gv.egovernment.moa.id.process.spring.test.task; +import java.io.IOException;  import java.io.InputStream;  import java.nio.charset.Charset;  import java.util.Objects; @@ -8,6 +9,7 @@ import org.apache.commons.io.IOUtils;  import org.slf4j.Logger;  import org.slf4j.LoggerFactory; +import at.gv.egovernment.moa.id.auth.modules.TaskExecutionException;  import at.gv.egovernment.moa.id.process.api.ExecutionContext;  import at.gv.egovernment.moa.id.process.api.Task; @@ -38,7 +40,7 @@ public class SignAuthBlockTask implements Task {  	private Logger log = LoggerFactory.getLogger(getClass());  	@Override -	public void execute(ExecutionContext executionContext) throws Exception { +	public void execute(ExecutionContext executionContext) throws TaskExecutionException {  		Objects.requireNonNull(executionContext.get("IdentityLink"));  		assert (Boolean.TRUE.equals(Objects.requireNonNull(executionContext.get("isIdentityLinkValidated"))));  		Objects.requireNonNull(executionContext.get("bkuURL")); @@ -46,6 +48,9 @@ public class SignAuthBlockTask implements Task {  		log.debug("Using validated IdentityLink and bkuURL in order to sign auth block.");  		try (InputStream in = getClass().getResourceAsStream("SignedAuthBlock.xml")) {  			executionContext.put("SignedAuthBlock", IOUtils.toString(in, Charset.forName("UTF-8"))); +		} catch (IOException e) { +			throw new TaskExecutionException("", e); +			  		}  	} diff --git a/id/server/idserverlib/src/test/java/at/gv/egovernment/moa/id/process/spring/test/task/ValidateSignedAuthBlockTask.java b/id/server/idserverlib/src/test/java/at/gv/egovernment/moa/id/process/spring/test/task/ValidateSignedAuthBlockTask.java index 07b2ea69c..cece373d4 100644 --- a/id/server/idserverlib/src/test/java/at/gv/egovernment/moa/id/process/spring/test/task/ValidateSignedAuthBlockTask.java +++ b/id/server/idserverlib/src/test/java/at/gv/egovernment/moa/id/process/spring/test/task/ValidateSignedAuthBlockTask.java @@ -5,6 +5,7 @@ import java.util.Objects;  import org.slf4j.Logger;  import org.slf4j.LoggerFactory; +import at.gv.egovernment.moa.id.auth.modules.TaskExecutionException;  import at.gv.egovernment.moa.id.process.api.ExecutionContext;  import at.gv.egovernment.moa.id.process.api.Task; @@ -33,7 +34,7 @@ public class ValidateSignedAuthBlockTask implements Task {  	private Logger log = LoggerFactory.getLogger(getClass());  	@Override -	public void execute(ExecutionContext executionContext) throws Exception { +	public void execute(ExecutionContext executionContext) throws TaskExecutionException {  		Objects.requireNonNull(executionContext.get("IdentityLink"));  		assert (Boolean.TRUE.equals(Objects.requireNonNull(executionContext.get("isIdentityLinkValidated"))));  		Objects.requireNonNull(executionContext.get("SignedAuthBlock")); | 
