aboutsummaryrefslogtreecommitdiff
diff options
context:
space:
mode:
-rw-r--r--id/moa-id-webgui/src/main/java/at/gv/egovernment/moa/id/config/webgui/validation/task/impl/GeneralRevisionLogTask.java152
-rw-r--r--id/moa-id-webgui/src/main/resources/gui/types/general.json16
-rw-r--r--id/moa-id-webgui/src/main/resources/gui/types/oa.json4
-rw-r--r--id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/advancedlogging/MOAIDEventConstants.java4
-rw-r--r--id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/advancedlogging/MOAReversionLogger.java18
-rw-r--r--id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/SSOSendAssertionServlet.java11
-rw-r--r--id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/auth/AuthConfiguration.java7
-rw-r--r--id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/auth/PropertyBasedAuthConfigurationProvider.java33
-rw-r--r--id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/entrypoints/DispatcherServlet.java5
-rw-r--r--id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/moduls/AuthenticationManager.java4
-rw-r--r--id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/id/commons/config/MOAIDConfigurationConstants.java5
-rw-r--r--id/server/modules/module-stork/src/main/java/at/gv/egovernment/moa/id/auth/modules/stork/tasks/CreateStorkAuthRequestFormTask.java16
-rw-r--r--id/server/modules/module-stork/src/main/java/at/gv/egovernment/moa/id/auth/modules/stork/tasks/PepsConnectorHandleLocalSignResponseTask.java9
-rw-r--r--id/server/modules/module-stork/src/main/java/at/gv/egovernment/moa/id/auth/modules/stork/tasks/PepsConnectorTask.java11
14 files changed, 281 insertions, 14 deletions
diff --git a/id/moa-id-webgui/src/main/java/at/gv/egovernment/moa/id/config/webgui/validation/task/impl/GeneralRevisionLogTask.java b/id/moa-id-webgui/src/main/java/at/gv/egovernment/moa/id/config/webgui/validation/task/impl/GeneralRevisionLogTask.java
new file mode 100644
index 000000000..35f1e5228
--- /dev/null
+++ b/id/moa-id-webgui/src/main/java/at/gv/egovernment/moa/id/config/webgui/validation/task/impl/GeneralRevisionLogTask.java
@@ -0,0 +1,152 @@
+/*
+ * Copyright 2014 Federal Chancellery Austria
+ * MOA-ID has been developed in a cooperation between BRZ, the Federal
+ * Chancellery Austria - ICT staff unit, and Graz University of Technology.
+ *
+ * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by
+ * the European Commission - subsequent versions of the EUPL (the "Licence");
+ * You may not use this work except in compliance with the Licence.
+ * You may obtain a copy of the Licence at:
+ * http://www.osor.eu/eupl/
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the Licence is distributed on an "AS IS" basis,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the Licence for the specific language governing permissions and
+ * limitations under the Licence.
+ *
+ * This product combines work with different licenses. See the "NOTICE" text
+ * file for details on the various modules and licenses.
+ * The "NOTICE" text file is part of the distribution. Any derivative works
+ * that you distribute must include a readable copy of the "NOTICE" text file.
+ */
+package at.gv.egovernment.moa.id.config.webgui.validation.task.impl;
+
+import java.util.ArrayList;
+import java.util.Arrays;
+import java.util.Collections;
+import java.util.HashMap;
+import java.util.List;
+import java.util.Map;
+import java.util.UUID;
+import java.util.regex.Pattern;
+
+import org.apache.commons.lang.StringUtils;
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
+
+import at.gv.egiz.components.configuration.api.Configuration;
+import at.gv.egovernment.moa.id.commons.config.MOAIDConfigurationConstants;
+import at.gv.egovernment.moa.id.commons.utils.KeyValueUtils;
+import at.gv.egovernment.moa.id.commons.validation.ValidationHelper;
+import at.gv.egovernment.moa.id.config.webgui.exception.ConfigurationTaskValidationException;
+import at.gv.egovernment.moa.id.config.webgui.exception.ValidationObjectIdentifier;
+import at.gv.egovernment.moa.id.config.webgui.helper.LanguageHelper;
+import at.gv.egovernment.moa.id.config.webgui.validation.task.AbstractTaskValidator;
+import at.gv.egovernment.moa.id.config.webgui.validation.task.IDynamicLoadableTaskValidator;
+import at.gv.egovernment.moa.util.MiscUtil;
+
+/**
+ * @author tlenz
+ *
+ */
+public class GeneralRevisionLogTask extends AbstractTaskValidator implements IDynamicLoadableTaskValidator {
+ private static final Logger log = LoggerFactory.getLogger(GeneralRevisionLogTask.class);
+ private static final List<String> KEYWHITELIST;
+
+ static {
+ ArrayList<String> temp = new ArrayList<String>();
+ KEYWHITELIST = Collections.unmodifiableList(temp);
+ }
+
+ /* (non-Javadoc)
+ * @see at.gv.egovernment.moa.id.config.webgui.validation.task.ITaskValidator#getKeyPrefix()
+ */
+ @Override
+ public String getKeyPrefix() {
+ return MOAIDConfigurationConstants.SERVICE_REVERSION;
+ }
+
+ /* (non-Javadoc)
+ * @see at.gv.egovernment.moa.id.config.webgui.validation.task.ITaskValidator#getName()
+ */
+ @Override
+ public String getName() {
+ return "General - Reversion Logging Task";
+ }
+
+ /* (non-Javadoc)
+ * @see at.gv.egovernment.moa.id.config.webgui.validation.task.ITaskValidator#postProcessing(java.util.Map, java.util.List, at.gv.egiz.components.configuration.api.Configuration)
+ */
+ @Override
+ public Map<String, String> postProcessing(Map<String, String> input,
+ List<String> keysToDelete, Configuration dbconfig) {
+ Map<String, String> newConfigValues = new HashMap<String, String>();
+
+ String eventCodes = input.get(MOAIDConfigurationConstants.GENERAL_REVERSION_LOGS_EVENTCODES);
+ if (MiscUtil.isNotEmpty(eventCodes)) {
+ newConfigValues.put(MOAIDConfigurationConstants.GENERAL_REVERSION_LOGS_EVENTCODES,
+ KeyValueUtils.normalizeCSVValueString(eventCodes));
+
+ }
+
+ if (newConfigValues.isEmpty())
+ return null;
+ else
+ return newConfigValues;
+ }
+
+ /* (non-Javadoc)
+ * @see at.gv.egovernment.moa.id.config.webgui.validation.task.AbstractTaskValidator#tastValidate(java.util.Map)
+ */
+ @Override
+ protected void taskValidate(Map<String, String> input)
+ throws ConfigurationTaskValidationException {
+ List<ValidationObjectIdentifier> errors = new ArrayList<ValidationObjectIdentifier>();
+
+ String eventCodes = input.get(MOAIDConfigurationConstants.GENERAL_REVERSION_LOGS_EVENTCODES);
+ if (MiscUtil.isNotEmpty(eventCodes)) {
+ String[] codes = eventCodes.split(",");
+ for (String el: codes) {
+ try {
+ Integer.parseInt(el.trim());
+
+ } catch (NumberFormatException e) {
+ log.info("Revisions-Log eventcode(s) are not valid", e);
+ errors.add(new ValidationObjectIdentifier(
+ MOAIDConfigurationConstants.GENERAL_REVERSION_LOGS_EVENTCODES,
+ "Reversion - Logger Enabled",
+ LanguageHelper.getErrorString("error.oa.reversion.log.eventcodes")));
+ break;
+
+ }
+
+ }
+
+ }
+
+
+ if (!errors.isEmpty())
+ throw new ConfigurationTaskValidationException(errors);
+
+ }
+
+ /* (non-Javadoc)
+ * @see at.gv.egovernment.moa.id.config.webgui.validation.task.AbstractTaskValidator#getAllAllowedKeys()
+ */
+ @Override
+ public List<Pattern> getAllAllowedPatterns() {
+ return generatePatternsFromKeys(KEYWHITELIST);
+ }
+
+ /* (non-Javadoc)
+ * @see at.gv.egovernment.moa.id.config.webgui.validation.task.IDynamicLoadableTaskValidator#getModulValidatorPrefix()
+ */
+ @Override
+ public List<String> getModulValidatorPrefix() {
+ return Arrays.asList(
+ MOAIDConfigurationConstants.PREFIX_MOAID_GENERAL
+ );
+ }
+
+}
diff --git a/id/moa-id-webgui/src/main/resources/gui/types/general.json b/id/moa-id-webgui/src/main/resources/gui/types/general.json
index f7861332d..f10fac06c 100644
--- a/id/moa-id-webgui/src/main/resources/gui/types/general.json
+++ b/id/moa-id-webgui/src/main/resources/gui/types/general.json
@@ -442,6 +442,22 @@
}
}
}
+ },
+ "reversion.log": {
+ "id": "http://www.egiz.gv.at/dynUI/general/reversion/log",
+ "type": "object",
+ "title": "Revision Logging",
+ "description": "Default Revisions-Logging",
+ "options": {
+ "collapsed": true
+ },
+ "properties": {
+ "eventcodes": {
+ "id": "http://www.egiz.gv.at/dynUI/general/reversion/log/eventcodes",
+ "type": "string",
+ "title": "EventCodes (CSV)"
+ }
+ }
}
},
"required": ["publicURLPrefix"]
diff --git a/id/moa-id-webgui/src/main/resources/gui/types/oa.json b/id/moa-id-webgui/src/main/resources/gui/types/oa.json
index 517327626..deba5d610 100644
--- a/id/moa-id-webgui/src/main/resources/gui/types/oa.json
+++ b/id/moa-id-webgui/src/main/resources/gui/types/oa.json
@@ -541,8 +541,8 @@
"reversion.log": {
"id": "http://www.egiz.gv.at/dynUI/oa/reversion/log",
"type": "object",
- "title": "Reversion Logging",
- "description": "Service specific reversion logging",
+ "title": "Revisions-Logging",
+ "description": "Service specific Revision-Logging",
"options": {
"collapsed": true
},
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/advancedlogging/MOAIDEventConstants.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/advancedlogging/MOAIDEventConstants.java
index 9e9fd2bff..da3608caa 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/advancedlogging/MOAIDEventConstants.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/advancedlogging/MOAIDEventConstants.java
@@ -59,6 +59,7 @@ public interface MOAIDEventConstants extends EventConstants {
public static final int AUTHPROCESS_SSO_ASK_USER_FINISHED = 4007;
public static final int AUTHPROCESS_INTERFEDERATION = 4008;
public static final int AUTHPROCESS_INTERFEDERATION_REVEIVED = 4009;
+ public static final int AUTHPROCESS_INTERFEDERATION_IDP = 4010;
public static final int AUTHPROCESS_BKUSELECTION_INIT = 4110;
public static final int AUTHPROCESS_BKUTYPE_SELECTED = 4111;
@@ -72,12 +73,13 @@ public interface MOAIDEventConstants extends EventConstants {
public static final int AUTHPROCESS_FOREIGN_SZRGW_CONNECTED = 4224;
public static final int AUTHPROCESS_FOREIGN_SZRGW_RECEIVED = 4225;
- public static final int AUTHPROCESS_MANDATE_SERVICE_REQUESTED = 4330;
+ public static final int AUTHPROCESS_MANDATE_SERVICE_REQUESTED = 4300;
public static final int AUTHPROCESS_MANDATE_REDIRECT = 4301;
public static final int AUTHPROCESS_MANDATE_RECEIVED = 4302;
public static final int AUTHPROCESS_PEPS_REQUESTED = 4400;
public static final int AUTHPROCESS_PEPS_RECEIVED = 4401;
+ public static final int AUTHPROCESS_PEPS_IDL_RECEIVED = 4402;
//person information
public static final int PERSONAL_INFORMATION_PROF_REPRESENTATIVE_BPK = 5000;
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/advancedlogging/MOAReversionLogger.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/advancedlogging/MOAReversionLogger.java
index e73aa8df1..b2eda4d78 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/advancedlogging/MOAReversionLogger.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/advancedlogging/MOAReversionLogger.java
@@ -30,6 +30,8 @@ import com.google.common.primitives.Ints;
import at.gv.e_government.reference.namespace.mandates._20040701_.Mandate;
import at.gv.egovernment.moa.id.auth.data.IdentityLink;
+import at.gv.egovernment.moa.id.config.ConfigurationException;
+import at.gv.egovernment.moa.id.config.auth.AuthConfigurationProviderFactory;
import at.gv.egovernment.moa.id.config.auth.IOAAuthParameters;
import at.gv.egovernment.moa.id.moduls.IRequest;
import at.gv.egovernment.moa.id.util.client.mis.simple.MISMandate;
@@ -49,7 +51,6 @@ public class MOAReversionLogger {
MOAIDEventConstants.SESSION_CREATED,
MOAIDEventConstants.SESSION_DESTROYED,
MOAIDEventConstants.SESSION_ERROR,
- MOAIDEventConstants.SESSION_IP,
MOAIDEventConstants.TRANSACTION_CREATED,
MOAIDEventConstants.TRANSACTION_DESTROYED,
MOAIDEventConstants.TRANSACTION_ERROR,
@@ -64,8 +65,9 @@ public class MOAReversionLogger {
MOAIDEventConstants.AUTHPROCESS_IDL_VALIDATED,
MOAIDEventConstants.AUTHPROCESS_CERTIFICATE_VALIDATED,
MOAIDEventConstants.AUTHPROCESS_AUTHBLOCK_VALIDATED,
- MOAIDEventConstants.PERSONAL_INFORMATION_USERNAME_HASH
-
+ MOAIDEventConstants.AUTHPROCESS_SSO,
+ MOAIDEventConstants.AUTHPROCESS_INTERFEDERATION,
+ MOAIDEventConstants.AUTHPROCESS_STORK_REQUESTED
);
public static synchronized MOAReversionLogger getInstance() {
@@ -246,6 +248,16 @@ public class MOAReversionLogger {
}
public List<Integer> getDefaulttReversionsLoggingEventCodes() {
+ try {
+ List<Integer> configuredDefaultEventCodes = AuthConfigurationProviderFactory.getInstance().getDefaultRevisionsLogEventCodes();
+ if (configuredDefaultEventCodes != null)
+ return configuredDefaultEventCodes;
+
+ } catch (ConfigurationException e) {
+ Logger.error("Access to configuration FAILED.", e);
+
+ }
+
return defaultEventCodes;
}
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/SSOSendAssertionServlet.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/SSOSendAssertionServlet.java
index 495c4ca5b..d116f473c 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/SSOSendAssertionServlet.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/SSOSendAssertionServlet.java
@@ -30,12 +30,16 @@ import javax.servlet.http.HttpServletResponse;
import org.apache.commons.lang.StringEscapeUtils;
+import at.gv.egovernment.moa.id.advancedlogging.MOAIDEventConstants;
+import at.gv.egovernment.moa.id.advancedlogging.MOAReversionLogger;
import at.gv.egovernment.moa.id.auth.builder.DataURLBuilder;
import at.gv.egovernment.moa.id.auth.data.AuthenticationSession;
import at.gv.egovernment.moa.id.auth.exception.AuthenticationException;
import at.gv.egovernment.moa.id.auth.exception.WrongParametersException;
import at.gv.egovernment.moa.id.commons.db.ex.MOADatabaseException;
+import at.gv.egovernment.moa.id.moduls.IRequest;
import at.gv.egovernment.moa.id.moduls.ModulUtils;
+import at.gv.egovernment.moa.id.moduls.RequestStorage;
import at.gv.egovernment.moa.id.moduls.SSOManager;
import at.gv.egovernment.moa.id.storage.AuthenticationSessionStoreage;
import at.gv.egovernment.moa.id.util.ParamValidatorUtils;
@@ -127,7 +131,12 @@ public class SSOSendAssertionServlet extends AuthServlet{
moaSessionID = AuthenticationSessionStoreage.getMOASessionSSOID(ssoId);
AuthenticationSession moasession = AuthenticationSessionStoreage.getSession(moaSessionID);
AuthenticationSessionStoreage.setAuthenticated(moaSessionID, true);
-
+
+ //log event
+ String pendingRequestID = AuthenticationSessionStoreage.getPendingRequestID(moaSessionID);
+ IRequest pendingReq = RequestStorage.getPendingRequest(pendingRequestID);
+ MOAReversionLogger.getInstance().logEvent(pendingReq, MOAIDEventConstants.AUTHPROCESS_SSO_ASK_USER_FINISHED);
+
String redirectURL = new DataURLBuilder().buildDataURL(moasession.getAuthURL(),
ModulUtils.buildAuthURL(module, action, id), "");
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/auth/AuthConfiguration.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/auth/AuthConfiguration.java
index ebe08b615..d8f1a28c5 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/auth/AuthConfiguration.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/auth/AuthConfiguration.java
@@ -137,6 +137,13 @@ public interface AuthConfiguration extends ConfigurationProvider{
*/
Map<String, String> getConfigurationWithWildCard(String key);
+ /**
+ * Get configured default revisions-log event codes which should be logged
+ *
+ * @return {List<Integer>} if event codes or null
+ */
+ List<Integer> getDefaultRevisionsLogEventCodes();
+
@Deprecated
public boolean isHTTPAuthAllowed();
}
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/auth/PropertyBasedAuthConfigurationProvider.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/auth/PropertyBasedAuthConfigurationProvider.java
index a151d6dbe..7418f2e35 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/auth/PropertyBasedAuthConfigurationProvider.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/auth/PropertyBasedAuthConfigurationProvider.java
@@ -4,7 +4,6 @@ import java.io.File;
import java.io.FileInputStream;
import java.io.FileNotFoundException;
import java.io.IOException;
-import java.math.BigInteger;
import java.net.MalformedURLException;
import java.net.URI;
import java.util.ArrayList;
@@ -1029,4 +1028,36 @@ public class PropertyBasedAuthConfigurationProvider extends ConfigurationProvide
return Boolean.valueOf(prop);
}
+ /* (non-Javadoc)
+ * @see at.gv.egovernment.moa.id.config.auth.AuthConfiguration#getDefaultRevisionsLogEventCodes()
+ */
+ @Override
+ public List<Integer> getDefaultRevisionsLogEventCodes() {
+ try {
+ String eventcodes = configuration.getStringValue(MOAIDConfigurationConstants.GENERAL_REVERSION_LOGS_EVENTCODES);
+ if (MiscUtil.isNotEmpty(eventcodes)) {
+ String[] codes = eventcodes.split(",");
+ List<Integer> result = new ArrayList<Integer>();
+ for (String el : codes) {
+ try {
+ result.add(Integer.parseInt(el));
+
+ } catch (NumberFormatException e) {
+ Logger.warn("EventCode: " + el + " is not a valid Integer.");
+
+ }
+ }
+
+ if (!result.isEmpty())
+ return result;
+
+ }
+
+ } catch (at.gv.egiz.components.configuration.api.ConfigurationException e) {
+ Logger.error("Error during revisions-code load operationen." , e);
+ }
+
+ return null;
+ }
+
}
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/entrypoints/DispatcherServlet.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/entrypoints/DispatcherServlet.java
index 45eecec84..217efe927 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/entrypoints/DispatcherServlet.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/entrypoints/DispatcherServlet.java
@@ -286,7 +286,7 @@ public class DispatcherServlet extends AuthServlet{
//log information for security and process reversion
MOAReversionLogger.getInstance().logEvent(MOAIDEventConstants.SESSION_CREATED, uniqueSessionIdentifier);
MOAReversionLogger.getInstance().logEvent(MOAIDEventConstants.TRANSACTION_CREATED, protocolRequestID);
- MOAReversionLogger.getInstance().logEvent(uniqueSessionIdentifier, protocolRequestID, MOAIDEventConstants.SESSION_IP, req.getRemoteAddr());
+ MOAReversionLogger.getInstance().logEvent(uniqueSessionIdentifier, protocolRequestID, MOAIDEventConstants.TRANSACTION_IP, req.getRemoteAddr());
protocolRequest = info.preProcess(req, resp, action, uniqueSessionIdentifier, protocolRequestID);
@@ -450,6 +450,9 @@ public class DispatcherServlet extends AuthServlet{
if (tryperform)
MOAReversionLogger.getInstance().logEvent(protocolRequest.getOnlineApplicationConfiguration(),
protocolRequest, MOAIDEventConstants.AUTHPROCESS_FINISHED);
+ else
+ MOAReversionLogger.getInstance().logEvent(protocolRequest.getOnlineApplicationConfiguration(),
+ protocolRequest, MOAIDEventConstants.AUTHPROTOCOL_TYPE, protocolRequest.requestedModule());
if (protocolRequest.forceAuth()) {
if (!tryperform) {
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/moduls/AuthenticationManager.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/moduls/AuthenticationManager.java
index f3c40707e..afc0d8451 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/moduls/AuthenticationManager.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/moduls/AuthenticationManager.java
@@ -532,6 +532,10 @@ public class AuthenticationManager extends MOAIDAuthConstants {
//build and send request without an error
requiredLocalAuthentication = false;
+ MOAReversionLogger.getInstance().logEvent(target.getOnlineApplicationConfiguration(),
+ target, MOAIDEventConstants.AUTHPROCESS_INTERFEDERATION_IDP, idpEntity.getEntityID());
+
+
} else {
Logger.warn("Requested IDP " + target.getRequestedIDP()
+ " does not support POST or Redirect Binding.");
diff --git a/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/id/commons/config/MOAIDConfigurationConstants.java b/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/id/commons/config/MOAIDConfigurationConstants.java
index ad34360d8..c798a525e 100644
--- a/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/id/commons/config/MOAIDConfigurationConstants.java
+++ b/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/id/commons/config/MOAIDConfigurationConstants.java
@@ -258,4 +258,9 @@ public final class MOAIDConfigurationConstants extends MOAIDConstants {
public static final String GENERAL_AUTH_STORK_ATTRIBUTES_LIST = GENERAL_AUTH_STORK + ".attributes";
public static final String GENERAL_AUTH_STORK_ATTRIBUTES_LIST_NAME = "friendlyname";
public static final String GENERAL_AUTH_STORK_ATTRIBUTES_LIST_MANDATORY = "mandatory";
+
+ public static final String GENERAL_REVERSION = PREFIX_MOAID_GENERAL + ".reversion";
+ public static final String GENERAL_REVERSION_LOGS_EVENTCODES = GENERAL_REVERSION + ".log.eventcodes";
+
}
+
diff --git a/id/server/modules/module-stork/src/main/java/at/gv/egovernment/moa/id/auth/modules/stork/tasks/CreateStorkAuthRequestFormTask.java b/id/server/modules/module-stork/src/main/java/at/gv/egovernment/moa/id/auth/modules/stork/tasks/CreateStorkAuthRequestFormTask.java
index 32915f5e6..06dfc95d3 100644
--- a/id/server/modules/module-stork/src/main/java/at/gv/egovernment/moa/id/auth/modules/stork/tasks/CreateStorkAuthRequestFormTask.java
+++ b/id/server/modules/module-stork/src/main/java/at/gv/egovernment/moa/id/auth/modules/stork/tasks/CreateStorkAuthRequestFormTask.java
@@ -62,7 +62,9 @@ import at.gv.egovernment.moa.id.config.stork.STORKConfig;
import at.gv.egovernment.moa.id.config.stork.StorkAttribute;
import at.gv.egovernment.moa.id.advancedlogging.MOAIDEventConstants;
+import at.gv.egovernment.moa.id.advancedlogging.MOAIDEventLog;
import at.gv.egovernment.moa.id.advancedlogging.MOAReversionLogger;
+import at.gv.egovernment.moa.id.moduls.IRequest;
import at.gv.egovernment.moa.id.moduls.RequestStorage;
import at.gv.egovernment.moa.id.process.api.ExecutionContext;
import at.gv.egovernment.moa.id.storage.AuthenticationSessionStoreage;
@@ -123,11 +125,15 @@ public class CreateStorkAuthRequestFormTask extends AbstractAuthServletTask {
}
AuthenticationSession moasession = AuthenticationServer.getSession(sessionID);
pendingRequestID = AuthenticationSessionStoreage.getPendingRequestID(sessionID);
-
+ IRequest pendingReq = RequestStorage.getPendingRequest(pendingRequestID);
+
if (StringUtils.isEmpty(moasession.getCcc())) {
// illegal state; task should not have been executed without a selected country
throw new AuthenticationException("stork.22", new Object[] { sessionID });
+
}
+ MOAReversionLogger.getInstance().logEvent(pendingReq, MOAIDEventConstants.AUTHPROCESS_STORK_REQUESTED);
+
STORKConfig storkConfig = AuthConfigurationProviderFactory.getInstance().getStorkConfig();
if (!storkConfig.isSTORKAuthentication(moasession.getCcc())) {
throw new AuthenticationException("stork.23", new Object[] { moasession.getCcc(), sessionID });
@@ -140,7 +146,7 @@ public class CreateStorkAuthRequestFormTask extends AbstractAuthServletTask {
executionContext.put(PROCESS_CTX_KEY_CPEPS_ISXMLSIGSUPPORTED, cpeps.isXMLSignatureSupported());
Logger.info("Starting STORK authentication for a citizen of country: " + moasession.getCcc());
- startSTORKAuthentication(req, resp, moasession);
+ startSTORKAuthentication(req, resp, moasession, pendingReq);
} catch (MOAIDException ex) {
throw new TaskExecutionException(ex.getMessage(), ex);
@@ -161,6 +167,7 @@ public class CreateStorkAuthRequestFormTask extends AbstractAuthServletTask {
*
* @param req HttpServletRequest
* @param resp HttpServletResponse
+ * @param pendingReq
* @param ccc Citizen country code
* @param oaURL URL of the online application
* @param target Target parameter
@@ -175,7 +182,7 @@ public class CreateStorkAuthRequestFormTask extends AbstractAuthServletTask {
public void startSTORKAuthentication(
HttpServletRequest req,
HttpServletResponse resp,
- AuthenticationSession moasession) throws MOAIDException, AuthenticationException, WrongParametersException, ConfigurationException {
+ AuthenticationSession moasession, IRequest pendingReq) throws MOAIDException, AuthenticationException, WrongParametersException, ConfigurationException {
if (moasession == null) {
throw new AuthenticationException("auth.18", new Object[]{});
@@ -378,7 +385,8 @@ public class CreateStorkAuthRequestFormTask extends AbstractAuthServletTask {
}
Logger.info("STORK AuthnRequest successfully successfully prepared for client with target location: " + authnRequest.getDestination());
-
+ MOAReversionLogger.getInstance().logEvent(pendingReq, MOAIDEventConstants.AUTHPROCESS_PEPS_REQUESTED, authnRequest.getDestination());
+
// do PEPS-conform logging for easier evaluation
try {
// 2015-03-12 16:44:27.144#S-PEPS generates request to C-PEPS#spepsurl#cpepsurl#spapp#spdomain#citizen country#qaa#msghash#msg_id id1#id2#
diff --git a/id/server/modules/module-stork/src/main/java/at/gv/egovernment/moa/id/auth/modules/stork/tasks/PepsConnectorHandleLocalSignResponseTask.java b/id/server/modules/module-stork/src/main/java/at/gv/egovernment/moa/id/auth/modules/stork/tasks/PepsConnectorHandleLocalSignResponseTask.java
index 10eeea97a..a631489be 100644
--- a/id/server/modules/module-stork/src/main/java/at/gv/egovernment/moa/id/auth/modules/stork/tasks/PepsConnectorHandleLocalSignResponseTask.java
+++ b/id/server/modules/module-stork/src/main/java/at/gv/egovernment/moa/id/auth/modules/stork/tasks/PepsConnectorHandleLocalSignResponseTask.java
@@ -17,6 +17,8 @@ import org.apache.velocity.Template;
import org.apache.velocity.VelocityContext;
import org.apache.velocity.app.VelocityEngine;
+import at.gv.egovernment.moa.id.advancedlogging.MOAIDEventConstants;
+import at.gv.egovernment.moa.id.advancedlogging.MOAReversionLogger;
import at.gv.egovernment.moa.id.auth.AuthenticationServer;
import at.gv.egovernment.moa.id.auth.builder.DataURLBuilder;
import at.gv.egovernment.moa.id.auth.data.AuthenticationSession;
@@ -25,7 +27,9 @@ import at.gv.egovernment.moa.id.auth.exception.MOAIDException;
import at.gv.egovernment.moa.id.auth.modules.TaskExecutionException;
import at.gv.egovernment.moa.id.auth.stork.STORKException;
+import at.gv.egovernment.moa.id.moduls.IRequest;
import at.gv.egovernment.moa.id.moduls.ModulUtils;
+import at.gv.egovernment.moa.id.moduls.RequestStorage;
import at.gv.egovernment.moa.id.process.api.ExecutionContext;
import at.gv.egovernment.moa.id.storage.AuthenticationSessionStoreage;
import at.gv.egovernment.moa.id.util.VelocityProvider;
@@ -113,6 +117,8 @@ public class PepsConnectorHandleLocalSignResponseTask extends AbstractPepsConnec
moaSessionID = AuthenticationSessionStoreage.changeSessionID(moaSession);
pendingRequestID = AuthenticationSessionStoreage.getPendingRequestID(moaSessionID);
+ IRequest pendingReq = RequestStorage.getPendingRequest(pendingRequestID);
+
Logger.info("pendingRequestID:" + pendingRequestID);
String signResponseString = new String(Base64Utils.decode(signResponse, false), "UTF8");
Logger.info("RECEIVED signresponse:" + signResponseString);
@@ -183,6 +189,9 @@ public class PepsConnectorHandleLocalSignResponseTask extends AbstractPepsConnec
Logger.debug("Add full STORK AuthnResponse to MOA session");
moaSession.setStorkAuthnResponse(request.getParameter("SAMLResponse"));// TODO ask Florian/Thomas
// authnResponse?
+
+ MOAReversionLogger.getInstance().logEvent(pendingReq, MOAIDEventConstants.AUTHPROCESS_PEPS_RECEIVED);
+
moaSession.setForeigner(true);
// session is implicit stored in changeSessionID!!!!
diff --git a/id/server/modules/module-stork/src/main/java/at/gv/egovernment/moa/id/auth/modules/stork/tasks/PepsConnectorTask.java b/id/server/modules/module-stork/src/main/java/at/gv/egovernment/moa/id/auth/modules/stork/tasks/PepsConnectorTask.java
index fa1b0472c..01dad4ebb 100644
--- a/id/server/modules/module-stork/src/main/java/at/gv/egovernment/moa/id/auth/modules/stork/tasks/PepsConnectorTask.java
+++ b/id/server/modules/module-stork/src/main/java/at/gv/egovernment/moa/id/auth/modules/stork/tasks/PepsConnectorTask.java
@@ -33,6 +33,8 @@ import org.opensaml.saml2.core.StatusCode;
import org.w3c.dom.Element;
import org.w3c.dom.Node;
+import at.gv.egovernment.moa.id.advancedlogging.MOAIDEventConstants;
+import at.gv.egovernment.moa.id.advancedlogging.MOAReversionLogger;
import at.gv.egovernment.moa.id.auth.AuthenticationServer;
import at.gv.egovernment.moa.id.auth.builder.DataURLBuilder;
import at.gv.egovernment.moa.id.auth.data.AuthenticationSession;
@@ -48,7 +50,9 @@ import at.gv.egovernment.moa.id.auth.stork.STORKResponseProcessor;
import at.gv.egovernment.moa.id.config.auth.AuthConfiguration;
import at.gv.egovernment.moa.id.config.auth.AuthConfigurationProviderFactory;
import at.gv.egovernment.moa.id.config.auth.OAAuthParameter;
+import at.gv.egovernment.moa.id.moduls.IRequest;
import at.gv.egovernment.moa.id.moduls.ModulUtils;
+import at.gv.egovernment.moa.id.moduls.RequestStorage;
import at.gv.egovernment.moa.id.process.api.ExecutionContext;
import at.gv.egovernment.moa.id.protocols.pvp2x.PVPConstants;
import at.gv.egovernment.moa.id.storage.AuthenticationSessionStoreage;
@@ -218,7 +222,8 @@ public class PepsConnectorTask extends AbstractAuthServletTask {
// throw new WrongParametersException("VerifyAuthenticationBlock", PARAM_SESSIONID, "auth.12");
pendingRequestID = AuthenticationSessionStoreage.getPendingRequestID(moaSessionID);
-
+ IRequest pendingReq = RequestStorage.getPendingRequest(pendingRequestID);
+
// load MOASession from database
AuthenticationSession moaSession = AuthenticationServer.getSession(moaSessionID);
// change MOASessionID
@@ -340,6 +345,8 @@ public class PepsConnectorTask extends AbstractAuthServletTask {
// ////////////////////////////////////////////////////////////////////////
+ MOAReversionLogger.getInstance().logEvent(pendingReq, MOAIDEventConstants.AUTHPROCESS_PEPS_RECEIVED);
+
AuthConfiguration config = AuthConfigurationProviderFactory.getInstance();
String citizenSignature = null;
if(config.isStorkFakeIdLActive() && config.getStorkNoSignatureCountries().contains(storkAuthnRequest.getCitizenCountryCode()) && config.getStorkFakeIdLCountries().contains(storkAuthnRequest.getCitizenCountryCode())) {
@@ -558,6 +565,8 @@ public class PepsConnectorTask extends AbstractAuthServletTask {
Logger.error("SZR Gateway did not return an identity link.");
throw new MOAIDException("stork.10", null);
}
+
+ MOAReversionLogger.getInstance().logEvent(pendingReq, MOAIDEventConstants.AUTHPROCESS_PEPS_IDL_RECEIVED);
moaSession.setForeigner(true);
Logger.info("Received Identity Link from SZR Gateway");