aboutsummaryrefslogtreecommitdiff
path: root/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/AbstractController.java
diff options
context:
space:
mode:
Diffstat (limited to 'id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/AbstractController.java')
-rw-r--r--id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/AbstractController.java168
1 files changed, 67 insertions, 101 deletions
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/AbstractController.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/AbstractController.java
index 04e4e7bdb..e3efdeac0 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/AbstractController.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/AbstractController.java
@@ -22,34 +22,35 @@
*/
package at.gv.egovernment.moa.id.auth.servlet;
-import java.io.BufferedReader;
-import java.io.File;
-import java.io.FileInputStream;
import java.io.IOException;
-import java.io.InputStream;
-import java.io.InputStreamReader;
import java.io.PrintWriter;
import java.io.StringWriter;
-import java.net.URI;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
-import org.apache.velocity.VelocityContext;
-import org.apache.velocity.app.VelocityEngine;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.web.bind.annotation.ExceptionHandler;
+import com.google.common.net.MediaType;
+
+import at.gv.egovernment.moa.id.advancedlogging.MOAIDEventConstants;
import at.gv.egovernment.moa.id.advancedlogging.MOAReversionLogger;
import at.gv.egovernment.moa.id.advancedlogging.StatisticLogger;
-import at.gv.egovernment.moa.id.auth.MOAIDAuthConstants;
import at.gv.egovernment.moa.id.auth.exception.InvalidProtocolRequestException;
-import at.gv.egovernment.moa.id.auth.exception.MOAIDException;
import at.gv.egovernment.moa.id.auth.exception.ProtocolNotActiveException;
+import at.gv.egovernment.moa.id.auth.frontend.builder.DefaultGUIFormBuilderConfiguration;
+import at.gv.egovernment.moa.id.auth.frontend.builder.IGUIFormBuilder;
+import at.gv.egovernment.moa.id.auth.frontend.exception.GUIBuildException;
import at.gv.egovernment.moa.id.auth.modules.TaskExecutionException;
+import at.gv.egovernment.moa.id.commons.MOAIDAuthConstants;
+import at.gv.egovernment.moa.id.commons.api.AuthConfiguration;
+import at.gv.egovernment.moa.id.commons.api.IRequest;
+import at.gv.egovernment.moa.id.commons.api.exceptions.ConfigurationException;
+import at.gv.egovernment.moa.id.commons.api.exceptions.MOAIDException;
import at.gv.egovernment.moa.id.commons.db.ex.MOADatabaseException;
-import at.gv.egovernment.moa.id.config.ConfigurationException;
-import at.gv.egovernment.moa.id.config.auth.AuthConfiguration;
+import at.gv.egovernment.moa.id.commons.utils.MOAIDMessageProvider;
+import at.gv.egovernment.moa.id.data.ExceptionContainer;
import at.gv.egovernment.moa.id.moduls.IRequestStorage;
import at.gv.egovernment.moa.id.process.ProcessExecutionException;
import at.gv.egovernment.moa.id.protocols.AbstractAuthProtocolModulController;
@@ -57,10 +58,8 @@ import at.gv.egovernment.moa.id.protocols.pvp2x.exceptions.AuthnRequestValidator
import at.gv.egovernment.moa.id.storage.ITransactionStorage;
import at.gv.egovernment.moa.id.util.ErrorResponseUtils;
import at.gv.egovernment.moa.id.util.HTTPUtils;
-import at.gv.egovernment.moa.id.util.MOAIDMessageProvider;
import at.gv.egovernment.moa.id.util.Random;
import at.gv.egovernment.moa.id.util.ServletUtils;
-import at.gv.egovernment.moa.id.util.VelocityProvider;
import at.gv.egovernment.moa.logging.Logger;
import at.gv.egovernment.moa.util.MiscUtil;
@@ -72,16 +71,13 @@ public abstract class AbstractController extends MOAIDAuthConstants {
public static final String ERROR_CODE_PARAM = "errorid";
- private static final String HTMLTEMPLATESDIR = "htmlTemplates/";
- private static final String HTMLTEMPLATEFULL = "error_message.html";
- private static String CONTEXTPATH = "contextPath";
-
@Autowired protected StatisticLogger statisticLogger;
@Autowired protected IRequestStorage requestStorage;
@Autowired protected ITransactionStorage transactionStorage;
@Autowired protected MOAReversionLogger revisionsLogger;
@Autowired protected AuthConfiguration authConfig;
-
+ @Autowired protected IGUIFormBuilder guiBuilder;
+
@ExceptionHandler({MOAIDException.class})
public void MOAIDExceptionHandler(HttpServletRequest req, HttpServletResponse resp, Exception e) throws IOException {
Logger.error(e.getMessage() , e);
@@ -92,7 +88,7 @@ public abstract class AbstractController extends MOAIDAuthConstants {
@ExceptionHandler({Exception.class})
public void GenericExceptionHandler(HttpServletResponse resp, Exception exception) throws IOException {
Logger.error("Internel Server Error." , exception);
- resp.setContentType("text/html;charset=UTF-8");
+ resp.setContentType(MediaType.HTML_UTF_8.toString());
resp.sendError(HttpServletResponse.SC_INTERNAL_SERVER_ERROR, "Internal Server Error!" +
"(Errorcode=9199"
+" | Description="+ exception.getMessage() + ")");
@@ -103,15 +99,19 @@ public abstract class AbstractController extends MOAIDAuthConstants {
@ExceptionHandler({IOException.class})
public void IOExceptionHandler(HttpServletResponse resp, Throwable exception) {
Logger.error("Internel Server Error." , exception);
- resp.setContentType("text/html;charset=UTF-8");
+ resp.setContentType(MediaType.HTML_UTF_8.toString());
resp.setStatus(HttpServletResponse.SC_INTERNAL_SERVER_ERROR);
return;
}
protected void handleError(String errorMessage, Throwable exceptionThrown,
- HttpServletRequest req, HttpServletResponse resp, String pendingRequestID) throws IOException {
+ HttpServletRequest req, HttpServletResponse resp, IRequest pendingReq) throws IOException {
+ String pendingRequestID = null;
+ if (pendingReq != null)
+ pendingRequestID = pendingReq.getRequestID();
+
Throwable loggedException = null;
Throwable extractedException = extractOriginalExceptionFromProcessException(exceptionThrown);
@@ -120,6 +120,10 @@ public abstract class AbstractController extends MOAIDAuthConstants {
//set original exception
loggedException = ((TaskExecutionException) extractedException).getOriginalException();
+ //use TaskExecutionException directly, if no Original Exeception is included
+ if (loggedException == null)
+ loggedException = exceptionThrown;
+
//set pending-request ID if it is set
String reqID = ((TaskExecutionException) extractedException).getPendingRequestID();
if (MiscUtil.isNotEmpty(reqID))
@@ -132,8 +136,19 @@ public abstract class AbstractController extends MOAIDAuthConstants {
//switch to protocol-finalize method to generate a protocol-specific error message
//put exception into transaction store for redirect
- String key = Random.nextRandom();
- transactionStorage.put(key, loggedException);
+ String key = Random.nextLongRandom();
+ if (pendingReq != null) {
+ revisionsLogger.logEvent(pendingReq, MOAIDEventConstants.TRANSACTION_ERROR);
+ transactionStorage.put(key,
+ new ExceptionContainer(pendingReq.getUniqueSessionIdentifier(),
+ pendingReq.getUniqueTransactionIdentifier(), loggedException));
+
+ } else {
+ transactionStorage.put(key,
+ new ExceptionContainer(null,
+ null, loggedException));
+
+ }
//build up redirect URL
String redirectURL = null;
@@ -208,7 +223,7 @@ public abstract class AbstractController extends MOAIDAuthConstants {
Logger.warn(loggedException.getMessage(), loggedException);
} else {
- Logger.info(loggedException.getMessage());
+ Logger.warn(loggedException.getMessage());
}
}
@@ -219,7 +234,7 @@ public abstract class AbstractController extends MOAIDAuthConstants {
String code = utils.mapInternalErrorToExternalError(
((InvalidProtocolRequestException)e).getMessageId());
String descr = e.getMessage();
- resp.setContentType("text/html;charset=UTF-8");
+ resp.setContentType(MediaType.HTML_UTF_8.toString());
resp.sendError(HttpServletResponse.SC_BAD_REQUEST, "Protocol validation FAILED!" +
"(Errorcode=" + code +
" | Description=" + descr + ")");
@@ -227,89 +242,40 @@ public abstract class AbstractController extends MOAIDAuthConstants {
}
private void writeHTMLErrorResponse(HttpServletRequest req, HttpServletResponse httpResp, String msg, String errorCode, Exception error) throws IOException {
- VelocityContext context = new VelocityContext();
-
- //add errorcode and errormessage
- context.put("errorMsg", msg);
- context.put("errorCode", errorCode);
+
+ try {
+ DefaultGUIFormBuilderConfiguration config = new DefaultGUIFormBuilderConfiguration(
+ HTTPUtils.extractAuthURLFromRequest(req),
+ DefaultGUIFormBuilderConfiguration.VIEW_ERRORMESSAGE,
+ null);
+
+ //add errorcode and errormessage
+ config.putCustomParameter("errorMsg", msg);
+ config.putCustomParameter("errorCode", errorCode);
- //add stacktrace if debug is enabled
- if (Logger.isTraceEnabled()) {
- context.put("stacktrace", getStacktraceFromException(error));
+ //add stacktrace if debug is enabled
+ if (Logger.isTraceEnabled()) {
+ config.putCustomParameter("stacktrace", getStacktraceFromException(error));
- }
-
- writeHTMLErrorResponse(req, httpResp, context);
-
- }
-
- private void writeHTMLErrorResponse(HttpServletRequest req, HttpServletResponse httpResp, Exception error) throws IOException {
- VelocityContext context = new VelocityContext();
-
- //add errorcode and errormessage
- context.put("errorMsg", error.getMessage());
- context.put("errorCode", ErrorResponseUtils.getInstance().getResponseErrorCode(error));
-
- //add stacktrace if debug is enabled
- if (Logger.isTraceEnabled()) {
- context.put("stacktrace", getStacktraceFromException(error));
+ }
+
+ guiBuilder.build(httpResp, config, "Error-Message");
+
+ } catch (GUIBuildException e) {
+ Logger.warn("Can not build error-message GUI.", e);
+ GenericExceptionHandler(httpResp, e);
}
- writeHTMLErrorResponse(req, httpResp, context);
}
- private void writeHTMLErrorResponse(HttpServletRequest req, HttpServletResponse httpResp, VelocityContext context) throws IOException {
- try {
- String authURL = HTTPUtils.extractAuthURLFromRequest(req);
- context.put(CONTEXTPATH, authURL);
-
- InputStream is = null;
- String pathLocation = null;
- try {
- String rootconfigdir = authConfig.getRootConfigFileDir();
- pathLocation = rootconfigdir + HTMLTEMPLATESDIR + HTMLTEMPLATEFULL;
- File file = new File(new URI(pathLocation));
- is = new FileInputStream(file);
- evaluateErrorTemplate(context, httpResp, is);
-
- } catch (Exception e) {
- Logger.warn("SLO Template is not found in configuration directory (" +
- pathLocation + "). Load template from project library ... ");
-
- try {
- pathLocation = "resources/templates/" + HTMLTEMPLATEFULL;
- is = Thread.currentThread()
- .getContextClassLoader()
- .getResourceAsStream(pathLocation);
- evaluateErrorTemplate(context, httpResp, is);
-
- } catch (Exception e1) {
- Logger.error("Single LogOut form can not created.", e);
- throw new MOAIDException("Create Single LogOut information FAILED.", null, e);
- }
-
- } finally {
- if (is != null)
- is.close();
-
- }
- } catch (Exception e) {
- Logger.error("Error-message form can not created.", e);
- IOExceptionHandler(httpResp, e);
-
- }
+ private void writeHTMLErrorResponse(HttpServletRequest req, HttpServletResponse httpResp, Exception error) throws IOException {
+ writeHTMLErrorResponse(req, httpResp,
+ error.getMessage(),
+ ErrorResponseUtils.getInstance().getResponseErrorCode(error),
+ error);
}
- private void evaluateErrorTemplate(VelocityContext context, HttpServletResponse httpResp, InputStream is) throws Exception {
- VelocityEngine engine = VelocityProvider.getClassPathVelocityEngine();
- BufferedReader reader = new BufferedReader(new InputStreamReader(is ));
- StringWriter writer = new StringWriter();
- engine.evaluate(context, writer, "Error Template", reader);
- httpResp.setContentType("text/html;charset=UTF-8");
- httpResp.getOutputStream().write(writer.toString().getBytes("UTF-8"));
-
- }
private String getStacktraceFromException(Exception ex) {
StringWriter errors = new StringWriter();
@@ -351,7 +317,7 @@ public abstract class AbstractController extends MOAIDAuthConstants {
private void internalMOAIDExceptionHandler(HttpServletRequest req, HttpServletResponse resp, Exception e, boolean writeExceptionToStatisicLog) throws IOException {
if (e instanceof ProtocolNotActiveException) {
resp.getWriter().write(e.getMessage());
- resp.setContentType("text/html;charset=UTF-8");
+ resp.setContentType(MediaType.HTML_UTF_8.toString());
resp.sendError(HttpServletResponse.SC_FORBIDDEN, e.getMessage());
} else if (e instanceof AuthnRequestValidatorException) {
generated by cgit v1.2.3 (git 2.25.1) at 2024-07-12 14:19:43 +0000