aboutsummaryrefslogtreecommitdiff
path: root/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/SingleLogOutAction.java
diff options
context:
space:
mode:
Diffstat (limited to 'id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/SingleLogOutAction.java')
-rw-r--r--id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/SingleLogOutAction.java142
1 files changed, 61 insertions, 81 deletions
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/SingleLogOutAction.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/SingleLogOutAction.java
index f709da213..68158cd61 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/SingleLogOutAction.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/SingleLogOutAction.java
@@ -35,30 +35,31 @@ import org.opensaml.saml2.metadata.SingleLogoutService;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.stereotype.Service;
+import at.gv.egiz.eaaf.core.api.IRequest;
+import at.gv.egiz.eaaf.core.api.idp.IAction;
+import at.gv.egiz.eaaf.core.api.idp.IAuthData;
+import at.gv.egiz.eaaf.core.api.idp.auth.IAuthenticationManager;
+import at.gv.egiz.eaaf.core.api.idp.slo.ISLOInformationContainer;
+import at.gv.egiz.eaaf.core.api.idp.slo.SLOInformationInterface;
+import at.gv.egiz.eaaf.core.api.logging.IRevisionLogger;
+import at.gv.egiz.eaaf.core.api.storage.ITransactionStorage;
+import at.gv.egiz.eaaf.core.exceptions.EAAFException;
+import at.gv.egiz.eaaf.core.exceptions.SLOException;
+import at.gv.egiz.eaaf.core.impl.utils.Random;
+import at.gv.egiz.eaaf.modules.pvp2.idp.impl.PVPSProfilePendingRequest;
+import at.gv.egiz.eaaf.modules.pvp2.impl.message.PVPSProfileRequest;
+import at.gv.egiz.eaaf.modules.pvp2.impl.message.PVPSProfileResponse;
import at.gv.egovernment.moa.id.advancedlogging.MOAIDEventConstants;
-import at.gv.egovernment.moa.id.advancedlogging.MOAReversionLogger;
import at.gv.egovernment.moa.id.auth.exception.AuthenticationException;
import at.gv.egovernment.moa.id.auth.servlet.RedirectServlet;
import at.gv.egovernment.moa.id.commons.MOAIDAuthConstants;
-import at.gv.egovernment.moa.id.commons.api.IRequest;
-import at.gv.egovernment.moa.id.commons.api.data.IAuthenticationSession;
import at.gv.egovernment.moa.id.commons.api.exceptions.MOAIDException;
import at.gv.egovernment.moa.id.commons.db.dao.session.AssertionStore;
import at.gv.egovernment.moa.id.commons.db.ex.MOADatabaseException;
-import at.gv.egovernment.moa.id.data.IAuthData;
-import at.gv.egovernment.moa.id.data.ISLOInformationContainer;
import at.gv.egovernment.moa.id.data.SLOInformationContainer;
-import at.gv.egovernment.moa.id.data.SLOInformationInterface;
-import at.gv.egovernment.moa.id.moduls.AuthenticationManager;
-import at.gv.egovernment.moa.id.moduls.IAction;
import at.gv.egovernment.moa.id.moduls.SSOManager;
import at.gv.egovernment.moa.id.protocols.pvp2x.builder.SingleLogOutBuilder;
-import at.gv.egovernment.moa.id.protocols.pvp2x.exceptions.SLOException;
-import at.gv.egovernment.moa.id.protocols.pvp2x.messages.MOARequest;
-import at.gv.egovernment.moa.id.protocols.pvp2x.messages.MOAResponse;
import at.gv.egovernment.moa.id.storage.IAuthenticationSessionStoreage;
-import at.gv.egovernment.moa.id.storage.ITransactionStorage;
-import at.gv.egovernment.moa.id.util.Random;
import at.gv.egovernment.moa.logging.Logger;
import at.gv.egovernment.moa.util.MiscUtil;
import at.gv.egovernment.moa.util.URLEncoder;
@@ -71,11 +72,11 @@ import at.gv.egovernment.moa.util.URLEncoder;
public class SingleLogOutAction implements IAction {
@Autowired private SSOManager ssomanager;
- @Autowired private AuthenticationManager authManager;
+ @Autowired private IAuthenticationManager authManager;
@Autowired private IAuthenticationSessionStoreage authenticationSessionStorage;
@Autowired private ITransactionStorage transactionStorage;
@Autowired private SingleLogOutBuilder sloBuilder;
- @Autowired private MOAReversionLogger revisionsLogger;
+ @Autowired private IRevisionLogger revisionsLogger;
/* (non-Javadoc)
@@ -84,22 +85,22 @@ public class SingleLogOutAction implements IAction {
@Override
public SLOInformationInterface processRequest(IRequest req,
HttpServletRequest httpReq, HttpServletResponse httpResp,
- IAuthData authData) throws MOAIDException {
+ IAuthData authData) throws EAAFException {
- PVPTargetConfiguration pvpReq = (PVPTargetConfiguration) req;
+ PVPSProfilePendingRequest pvpReq = (PVPSProfilePendingRequest) req;
- if (pvpReq.getRequest() instanceof MOARequest &&
- ((MOARequest)pvpReq.getRequest()).getSamlRequest() instanceof LogoutRequest) {
+ if (pvpReq.getRequest() instanceof PVPSProfileRequest &&
+ ((PVPSProfileRequest)pvpReq.getRequest()).getSamlRequest() instanceof LogoutRequest) {
Logger.debug("Process Single LogOut request");
- MOARequest samlReq = (MOARequest) pvpReq.getRequest();
+ PVPSProfileRequest samlReq = (PVPSProfileRequest) pvpReq.getRequest();
LogoutRequest logOutReq = (LogoutRequest) samlReq.getSamlRequest();
- IAuthenticationSession session =
- authenticationSessionStorage.searchMOASessionWithNameIDandOAID(
+ String ssoSessionId =
+ authenticationSessionStorage.searchSSOSessionWithNameIDandOAID(
logOutReq.getIssuer().getValue(),
logOutReq.getNameID().getValue());
- if (session == null) {
+ if (MiscUtil.isEmpty(ssoSessionId)) {
Logger.warn("Can not find active SSO session with nameID "
+ logOutReq.getNameID().getValue() + " and OA "
+ logOutReq.getIssuer().getValue());
@@ -116,10 +117,10 @@ public class SingleLogOutAction implements IAction {
} else {
try {
- session = ssomanager.getInternalMOASession(ssoID);
+ ssoSessionId = authenticationSessionStorage.getInternalSSOSessionWithSSOID(ssoID);
- if (session == null)
- throw new MOADatabaseException();
+ if (MiscUtil.isEmpty(ssoSessionId))
+ throw new MOADatabaseException("");
} catch (MOADatabaseException e) {
Logger.info("Can not find active Session. Single LogOut not possible!");
@@ -134,12 +135,17 @@ public class SingleLogOutAction implements IAction {
}
}
- authManager.performSingleLogOut(httpReq, httpResp, session, pvpReq);
-
- } else if (pvpReq.getRequest() instanceof MOAResponse &&
- ((MOAResponse)pvpReq.getRequest()).getResponse() instanceof LogoutResponse) {
+ pvpReq.setInternalSSOSessionIdentifier(ssoSessionId);
+ ISLOInformationContainer sloInformationContainer
+ = authManager.performSingleLogOut(httpReq, httpResp, pvpReq, ssoSessionId);
+
+ Logger.debug("Starting technical SLO process ... ");
+ sloBuilder.toTechnicalLogout(sloInformationContainer, httpReq, httpResp, null);
+
+ } else if (pvpReq.getRequest() instanceof PVPSProfileResponse &&
+ ((PVPSProfileResponse)pvpReq.getRequest()).getResponse() instanceof LogoutResponse) {
Logger.debug("Process Single LogOut response");
- LogoutResponse logOutResp = (LogoutResponse) ((MOAResponse)pvpReq.getRequest()).getResponse();
+ LogoutResponse logOutResp = (LogoutResponse) ((PVPSProfileResponse)pvpReq.getRequest()).getResponse();
//Transaction tx = null;
@@ -159,26 +165,8 @@ public class SingleLogOutAction implements IAction {
//TODO: add counter to prevent deadlock
synchronized(this){
while (!storageSuccess) {
- // tx = session.beginTransaction();
- //
- // List result;
- // Query query = session.getNamedQuery("getAssertionWithArtifact");
- // query.setParameter("artifact", relayState);
- // result = query.list();
- //
- //
- // Logger.trace("Found entries: " + result.size());
- //
- // //Assertion requires an unique artifact
- // if (result.size() != 1) {
- // Logger.trace("No entries found.");
- // throw new MOADatabaseException("No sessioninformation found with this ID");
- // }
- //
- // AssertionStore element = (AssertionStore) result.get(0);
- // Object data = SerializationUtils.deserialize(element.getAssertion());
- Logger.debug("Current Thread getAssertionStore: "+Thread.currentThread().getId());
- Object o = transactionStorage.getAssertionStore(relayState);
+ Logger.debug("Current Thread: " +Thread.currentThread().getId() + " requests TransactionStore");
+ Object o = transactionStorage.getRaw(relayState);
if(o==null){
Logger.trace("No entries found.");
throw new MOADatabaseException("No sessioninformation found with this ID");
@@ -198,43 +186,44 @@ public class SingleLogOutAction implements IAction {
byte[] serializedSLOContainer = SerializationUtils.serialize((Serializable) sloContainer);
element.setAssertion(serializedSLOContainer);
element.setType(sloContainer.getClass().getName());
-
- // session.saveOrUpdate(element);
- // tx.commit();
- Logger.debug("Current Thread putAssertionStore: "+Thread.currentThread().getId());
- transactionStorage.putAssertionStore(element);
+ Logger.debug("Current Thread: " + Thread.currentThread().getId() + " puts SLOInformation into TransactionStore");
+ transactionStorage.putRaw(element.getArtifact(), element);
//sloContainer could be stored to database
storageSuccess = true;
- } catch(MOADatabaseException e) {
- //tx.rollback();
-
+ } catch(EAAFException e) {
counter++;
Logger.debug("SLOContainter could not stored to database. Wait some time and restart storage process ... ");
- java.util.Random rand = new java.util.Random();
-
+ if (counter > 1000) {
+ Logger.warn("Stopping SLO process with an error, because it runs in a loop.", e);
+ throw new EAAFException("internal.01", null, e);
+
+ }
+
+
try {
+ java.util.Random rand = new java.util.Random();
Thread.sleep(rand.nextInt(20)*10);
} catch (InterruptedException e1) {
Logger.warn("Thread could not stopped. ReStart storage process immediately", e1);
+
}
}
} else {
- Logger.debug("Current Thread removeElement by Artifact: "+Thread.currentThread().getId());
+ Logger.debug("Current Thread: " + Thread.currentThread().getId() + " remove SLOInformation from TransactionStore");
transactionStorage.remove(element.getArtifact());
- // session.delete(element);
- // tx.commit();
storageSuccess = true;
String redirectURL = null;
- if (sloContainer.getSloRequest() != null) {
- //send SLO response to SLO request issuer
- SingleLogoutService sloService = sloBuilder.getResponseSLODescriptor(sloContainer.getSloRequest());
- LogoutResponse message = sloBuilder.buildSLOResponseMessage(sloService, sloContainer.getSloRequest(), sloContainer.getSloFailedOAs());
- redirectURL = sloBuilder.getFrontChannelSLOMessageURL(sloService, message, httpReq, httpResp, sloContainer.getSloRequest().getRequest().getRelayState());
+ IRequest sloReq = sloContainer.getSloRequest();
+ if (sloReq != null && sloReq instanceof PVPSProfilePendingRequest) {
+ //send SLO response to SLO request issuer
+ SingleLogoutService sloService = sloBuilder.getResponseSLODescriptor((PVPSProfilePendingRequest)sloReq);
+ LogoutResponse message = sloBuilder.buildSLOResponseMessage(sloService, (PVPSProfilePendingRequest)sloReq, sloContainer.getSloFailedOAs());
+ redirectURL = sloBuilder.getFrontChannelSLOMessageURL(sloService, message, httpReq, httpResp, ((PVPSProfilePendingRequest)sloReq).getRequest().getRelayState());
} else {
//print SLO information directly
@@ -276,7 +265,7 @@ public class SingleLogOutAction implements IAction {
}
}
}
- } catch (MOADatabaseException e) {
+ } catch (EAAFException e) {
Logger.error("MOA AssertionDatabase ERROR", e);
throw new SLOException("pvp2.19", null);
@@ -285,16 +274,7 @@ public class SingleLogOutAction implements IAction {
throw new AuthenticationException("pvp2.13", new Object[]{});
}
-
- // finally {
- // if (tx != null && !tx.getStatus().equals(TransactionStatus.COMMITTED)) {
- // tx.commit();
- //
- // }
- // }
-
-
-
+
} else {
Logger.error("Process SingleLogOutAction but request is NOT of type LogoutRequest or LogoutResponse.");
throw new MOAIDException("pvp2.13", null);
@@ -318,7 +298,7 @@ public class SingleLogOutAction implements IAction {
*/
@Override
public String getDefaultActionName() {
- return PVP2XProtocol.SINGLELOGOUT;
+ return PVPConstants.SINGLELOGOUT;
}
protected static String addURLParameter(String url, String paramname,
generated by cgit v1.2.3 (git 2.25.1) at 2024-06-03 08:06:30 +0000