aboutsummaryrefslogtreecommitdiff
path: root/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/AbstractController.java
diff options
context:
space:
mode:
Diffstat (limited to 'id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/AbstractController.java')
-rw-r--r--id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/AbstractController.java214
1 files changed, 128 insertions, 86 deletions
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/AbstractController.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/AbstractController.java
index 887692477..acff2e40e 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/AbstractController.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/AbstractController.java
@@ -52,7 +52,7 @@ import at.gv.egovernment.moa.id.config.ConfigurationException;
import at.gv.egovernment.moa.id.config.auth.AuthConfiguration;
import at.gv.egovernment.moa.id.moduls.IRequestStorage;
import at.gv.egovernment.moa.id.process.ProcessExecutionException;
-import at.gv.egovernment.moa.id.protocols.AbstractProtocolModulController;
+import at.gv.egovernment.moa.id.protocols.AbstractAuthProtocolModulController;
import at.gv.egovernment.moa.id.protocols.pvp2x.exceptions.AuthnRequestValidatorException;
import at.gv.egovernment.moa.id.storage.ITransactionStorage;
import at.gv.egovernment.moa.id.util.ErrorResponseUtils;
@@ -78,35 +78,65 @@ public abstract class AbstractController extends MOAIDAuthConstants {
@Autowired protected ITransactionStorage transactionStorage;
@Autowired protected MOAReversionLogger revisionsLogger;
@Autowired protected AuthConfiguration authConfig;
-
- protected void handleError(String errorMessage, Throwable exceptionThrown,
- HttpServletRequest req, HttpServletResponse resp, String pendingRequestID) throws IOException {
- Throwable loggedException = extractOriginalExceptionFromProcessException(exceptionThrown);
+ @ExceptionHandler({MOAIDException.class})
+ public void MOAIDExceptionHandler(HttpServletRequest req, HttpServletResponse resp, Exception e) throws IOException {
+ Logger.error(e.getMessage() , e);
+ internalMOAIDExceptionHandler(req, resp, e, true);
- if (!(loggedException instanceof MOAIDException)) {
- Logger.error("Receive an internal error: Message=" + loggedException.getMessage(), loggedException);
+ }
- } else {
- if (Logger.isDebugEnabled() || Logger.isTraceEnabled()) {
- Logger.error(loggedException.getMessage(), loggedException);
+ @ExceptionHandler({Exception.class})
+ public void GenericExceptionHandler(HttpServletResponse resp, Exception exception) throws IOException {
+ Logger.error("Internel Server Error." , exception);
+ resp.setContentType("text/html;charset=UTF-8");
+ resp.sendError(HttpServletResponse.SC_INTERNAL_SERVER_ERROR, "Internal Server Error!" +
+ "(Errorcode=9199"
+ +" | Description="+ exception.getMessage() + ")");
+ return;
+
+ }
- } else {
- Logger.error(loggedException.getMessage());
+ @ExceptionHandler({IOException.class})
+ public void IOExceptionHandler(HttpServletResponse resp, IOException exception) {
+ Logger.error("Internel Server Error." , exception);
+ resp.setContentType("text/html;charset=UTF-8");
+ resp.setStatus(HttpServletResponse.SC_INTERNAL_SERVER_ERROR);
+ return;
+
+ }
- }
- }
+ protected void handleError(String errorMessage, Throwable exceptionThrown,
+ HttpServletRequest req, HttpServletResponse resp, String pendingRequestID) throws IOException {
- //store error into transaction store
- try {
- String key = Random.nextRandom();
- transactionStorage.put(key, loggedException);
+ Throwable loggedException = null;
+ Throwable extractedException = extractOriginalExceptionFromProcessException(exceptionThrown);
+
+ //extract pendingRequestID and originalException if it was a TaskExecutionException
+ if (extractedException instanceof TaskExecutionException) {
+ //set original exception
+ loggedException = ((TaskExecutionException) extractedException).getOriginalException();
- if (key != null && MiscUtil.isNotEmpty(pendingRequestID)) {
+ //set pending-request ID if it is set
+ String reqID = ((TaskExecutionException) extractedException).getPendingRequestID();
+ if (MiscUtil.isNotEmpty(reqID))
+ pendingRequestID = reqID;
+
+ } else
+ loggedException = exceptionThrown;
+
+ try {
+ //switch to protocol-finalize method to generate a protocol-specific error message
+ if (MiscUtil.isNotEmpty(pendingRequestID)) {
+
+ //put exception into transaction store for redirect
+ String key = Random.nextRandom();
+ transactionStorage.put(key, loggedException);
+
+ //build up redirect URL
String redirectURL = null;
-
redirectURL = ServletUtils.getBaseUrl(req);
- redirectURL += "/"+AbstractProtocolModulController.FINALIZEPROTOCOL_ENDPOINT
+ redirectURL += "/"+AbstractAuthProtocolModulController.FINALIZEPROTOCOL_ENDPOINT
+ "?" + ERROR_CODE_PARAM + "=" + key
+ "&" + MOAIDAuthConstants.PARAM_TARGET_PENDINGREQUESTID + "=" + pendingRequestID;
@@ -119,7 +149,8 @@ public abstract class AbstractController extends MOAIDAuthConstants {
return;
} else {
- //Exception can not be stored in database
+ //write exception into browser window, because protocol-specific error message
+ // is not possible without pendingRequest
handleErrorNoRedirect(loggedException, req, resp, true);
}
@@ -132,8 +163,7 @@ public abstract class AbstractController extends MOAIDAuthConstants {
}
-
-
+
/**
* Handles all exceptions with no pending request.
* Therefore, the error is written to the users browser
@@ -151,71 +181,36 @@ public abstract class AbstractController extends MOAIDAuthConstants {
statisticLogger.logErrorOperation(throwable);
//write errror to console
- Logger.error(throwable.getMessage(), throwable);
+ logExceptionToTechnicalLog(throwable);
//return error to Web browser
if (throwable instanceof MOAIDException || throwable instanceof ProcessExecutionException)
- MOAIDExceptionHandler(req, resp, (Exception)throwable);
+ internalMOAIDExceptionHandler(req, resp, (Exception)throwable, false);
else
GenericExceptionHandler(resp, (Exception)throwable);
}
- @ExceptionHandler({MOAIDException.class})
- public void MOAIDExceptionHandler(HttpServletRequest req, HttpServletResponse resp, Exception e) throws IOException {
- if (e instanceof ProtocolNotActiveException) {
- resp.getWriter().write(e.getMessage());
- resp.setContentType("text/html;charset=UTF-8");
- resp.sendError(HttpServletResponse.SC_FORBIDDEN, e.getMessage());
-
- } else if (e instanceof AuthnRequestValidatorException) {
- AuthnRequestValidatorException ex = (AuthnRequestValidatorException)e;
- //log Error Message
- statisticLogger.logErrorOperation(ex, ex.getErrorRequest());
-
- //write error message
- writeBadRequestErrorResponse(req, resp, (MOAIDException) e);
-
- } else if (e instanceof InvalidProtocolRequestException) {
- //send error response
- writeBadRequestErrorResponse(req, resp, (MOAIDException) e);
-
- } else if (e instanceof ConfigurationException) {
- //send HTML formated error message
- writeHTMLErrorResponse(resp, (MOAIDException) e);
-
- } else if (e instanceof MOAIDException) {
- //send HTML formated error message
- writeHTMLErrorResponse(resp, e);
-
- } else if (e instanceof ProcessExecutionException) {
- //send HTML formated error message
- writeHTMLErrorResponse(resp, e);
-
- }
-
- }
+ /**
+ * Write a Exception to the MOA-ID-Auth internal technical log
+ *
+ * @param loggedException Exception to log
+ */
+ protected void logExceptionToTechnicalLog(Throwable loggedException) {
+ if (!(loggedException instanceof MOAIDException)) {
+ Logger.error("Receive an internal error: Message=" + loggedException.getMessage(), loggedException);
- @ExceptionHandler({Exception.class})
- public void GenericExceptionHandler(HttpServletResponse resp, Exception exception) throws IOException {
- Logger.error("Internel Server Error." , exception);
- resp.setContentType("text/html;charset=UTF-8");
- resp.sendError(HttpServletResponse.SC_INTERNAL_SERVER_ERROR, "Internal Server Error!" +
- "(Errorcode=9199"
- +" | Description="+ exception.getMessage() + ")");
- return;
-
- }
+ } else {
+ if (Logger.isDebugEnabled() || Logger.isTraceEnabled()) {
+ Logger.error(loggedException.getMessage(), loggedException);
- @ExceptionHandler({IOException.class})
- public void IOExceptionHandler(HttpServletResponse resp, IOException exception) {
- Logger.error("Internel Server Error." , exception);
- resp.setContentType("text/html;charset=UTF-8");
- resp.setStatus(HttpServletResponse.SC_INTERNAL_SERVER_ERROR);
- return;
-
- }
+ } else {
+ Logger.error(loggedException.getMessage());
+ }
+ }
+ }
+
private void writeBadRequestErrorResponse(HttpServletRequest req, HttpServletResponse resp, MOAIDException e) throws IOException {
ErrorResponseUtils utils = ErrorResponseUtils.getInstance();
String code = utils.mapInternalErrorToExternalError(
@@ -295,21 +290,68 @@ public abstract class AbstractController extends MOAIDAuthConstants {
return errors.toString();
}
-
+
+ /**
+ * Extracts a TaskExecutionException of a ProcessExecutionExeception Stacktrace.
+ *
+ * @param exception
+ * @return Return the latest TaskExecutionExecption if exists, otherwise the latest ProcessExecutionException
+ */
private Throwable extractOriginalExceptionFromProcessException(Throwable exception) {
- Throwable returnexception = exception;
+ Throwable exholder = exception;
+ TaskExecutionException taskExc = null;
- while(returnexception != null
- && returnexception instanceof ProcessExecutionException) {
- ProcessExecutionException procExc = (ProcessExecutionException) returnexception;
+ while(exholder != null
+ && exholder instanceof ProcessExecutionException) {
+ ProcessExecutionException procExc = (ProcessExecutionException) exholder;
if (procExc.getCause() != null &&
procExc.getCause() instanceof TaskExecutionException) {
- TaskExecutionException taskExc = (TaskExecutionException) procExc.getCause();
- returnexception = taskExc.getOriginalException();
+ taskExc = (TaskExecutionException) procExc.getCause();
+ exholder = taskExc.getOriginalException();
}
}
- return returnexception;
+ if (taskExc == null)
+ return exholder;
+
+ else
+ return taskExc;
+ }
+
+ private void internalMOAIDExceptionHandler(HttpServletRequest req, HttpServletResponse resp, Exception e, boolean writeExceptionToStatisicLog) throws IOException {
+ if (e instanceof ProtocolNotActiveException) {
+ resp.getWriter().write(e.getMessage());
+ resp.setContentType("text/html;charset=UTF-8");
+ resp.sendError(HttpServletResponse.SC_FORBIDDEN, e.getMessage());
+
+ } else if (e instanceof AuthnRequestValidatorException) {
+ AuthnRequestValidatorException ex = (AuthnRequestValidatorException)e;
+ //log Error Message
+ if (writeExceptionToStatisicLog)
+ statisticLogger.logErrorOperation(ex, ex.getErrorRequest());
+
+ //write error message
+ writeBadRequestErrorResponse(req, resp, (MOAIDException) e);
+
+ } else if (e instanceof InvalidProtocolRequestException) {
+ //send error response
+ writeBadRequestErrorResponse(req, resp, (MOAIDException) e);
+
+ } else if (e instanceof ConfigurationException) {
+ //send HTML formated error message
+ writeHTMLErrorResponse(resp, (MOAIDException) e);
+
+ } else if (e instanceof MOAIDException) {
+ //send HTML formated error message
+ writeHTMLErrorResponse(resp, e);
+
+ } else if (e instanceof ProcessExecutionException) {
+ //send HTML formated error message
+ writeHTMLErrorResponse(resp, e);
+
+ }
+
}
+
}
generated by cgit v1.2.3 (git 2.25.1) at 2024-07-29 17:35:46 +0000