From f18f6318f7233b336ea2653f183460f17d6562f0 Mon Sep 17 00:00:00 2001
From: Thomas Lenz <tlenz@iaik.tugraz.at>
Date: Wed, 29 Nov 2017 08:13:51 +0100
Subject: update logging

---
 .../gv/egovernment/moa/id/protocols/pvp2x/PVP2XProtocol.java |  2 ++
 .../pvp2x/verification/metadata/MetadataSignatureFilter.java | 12 ++++++------
 .../pvp2x/verification/metadata/PVPEntityCategoryFilter.java | 11 ++++++++---
 3 files changed, 16 insertions(+), 9 deletions(-)

diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/PVP2XProtocol.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/PVP2XProtocol.java
index 216d7a8b1..cdb85c563 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/PVP2XProtocol.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/PVP2XProtocol.java
@@ -259,6 +259,8 @@ public class PVP2XProtocol extends AbstractAuthProtocolModulController  {
 			throw new InvalidProtocolRequestException("pvp2.22", new Object[] {e.getMessage()});
 			
 		} catch (MOAIDException e) {
+			String samlRequest = req.getParameter("SAMLRequest");			
+			Logger.info("Receive INVALID protocol request: " + samlRequest);
 			throw e;
 						
 		} catch (Throwable e) {			
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/verification/metadata/MetadataSignatureFilter.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/verification/metadata/MetadataSignatureFilter.java
index 679bdd10f..589713c4b 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/verification/metadata/MetadataSignatureFilter.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/verification/metadata/MetadataSignatureFilter.java
@@ -22,8 +22,6 @@
  *******************************************************************************/
 package at.gv.egovernment.moa.id.protocols.pvp2x.verification.metadata;
 
-import iaik.x509.X509Certificate;
-
 import java.security.cert.CertificateException;
 import java.util.ArrayList;
 import java.util.Iterator;
@@ -31,16 +29,15 @@ import java.util.List;
 
 import org.opensaml.saml2.metadata.EntitiesDescriptor;
 import org.opensaml.saml2.metadata.EntityDescriptor;
-import org.opensaml.saml2.metadata.provider.FilterException;
 import org.opensaml.saml2.metadata.provider.MetadataFilter;
 import org.opensaml.xml.XMLObject;
 import org.opensaml.xml.security.x509.BasicX509Credential;
 
 import at.gv.egovernment.moa.id.commons.api.exceptions.MOAIDException;
-import at.gv.egovernment.moa.id.protocols.pvp2x.exceptions.NoCredentialsException;
 import at.gv.egovernment.moa.id.protocols.pvp2x.exceptions.filter.SignatureValidationException;
 import at.gv.egovernment.moa.id.protocols.pvp2x.verification.EntityVerifier;
 import at.gv.egovernment.moa.logging.Logger;
+import iaik.x509.X509Certificate;
 
 public class MetadataSignatureFilter implements MetadataFilter {
 	
@@ -87,8 +84,9 @@ public class MetadataSignatureFilter implements MetadataFilter {
 			
 			//CHECK if Entity also match MetaData signature.
 			/*This check is necessary to prepend declaration of counterfeit OA metadata!!*/
+			Logger.debug("Validate metadata for entityID: " + entityID + " ..... ");
 			byte[] entityCert = EntityVerifier.fetchSavedCredential(entityID);
-			
+						
 			if (entityCert != null) {
 			
 				X509Certificate cert;
@@ -99,8 +97,10 @@ public class MetadataSignatureFilter implements MetadataFilter {
 	
 					EntityVerifier.verify(desc, entityCrendential);
 					
-					//add entity to verified entity-list
+					//add entity to verified entity-list					
 					verifiedEntIT.add(entity);
+					Logger.debug("Metadata for entityID: " + entityID + " valid");
+					
 					
 				} catch (Exception e) {
 
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/verification/metadata/PVPEntityCategoryFilter.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/verification/metadata/PVPEntityCategoryFilter.java
index ed96f1962..caabfea30 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/verification/metadata/PVPEntityCategoryFilter.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/verification/metadata/PVPEntityCategoryFilter.java
@@ -112,6 +112,7 @@ public class PVPEntityCategoryFilter implements MetadataFilter {
 		if (extensions != null) {
 			List<XMLObject> listOfExt = extensions.getUnknownXMLObjects();
 			if (listOfExt != null && !listOfExt.isEmpty()) {
+				Logger.trace("Find #" + listOfExt.size() + " 'Extension' elements ");
 				for (XMLObject el : listOfExt) {
 					Logger.trace("Find ExtensionElement: " + el.getElementQName().toString());
 					if (el instanceof EntityAttributes) {
@@ -150,9 +151,13 @@ public class PVPEntityCategoryFilter implements MetadataFilter {
 							Logger.info("Can NOT resolve EntityAttributes! Reason: Only EntityAttributes are supported!");
 						
 					}					
-				}				
-			}			
-		}
+				}
+				
+			} else
+				Logger.trace("'Extension' element is 'null' or empty");
+			
+		} else
+			Logger.trace("No 'Extension' element found");
 				
 	}
 	
-- 
cgit v1.2.3