From e6abb633dcb406eccc993fbc5a20e28427c7f4a2 Mon Sep 17 00:00:00 2001 From: Jonathan Bauer Date: Fri, 5 Dec 2014 17:28:05 +0100 Subject: [client] improved error handling of ShibboECP. Now differentiate between auth error (ERROR_IDP) and resource error (ERROR_SP) NO_ERROR indicates it all worked. ERROR_OTHER indicates an internal error (~ Exception) --- .../src/main/java/gui/intro/Login_GUI.java | 38 ++++++++++---- .../src/main/java/util/ShibbolethECP.java | 59 +++++++++++++++------- 2 files changed, 68 insertions(+), 29 deletions(-) (limited to 'dozentenmodul/src/main/java') diff --git a/dozentenmodul/src/main/java/gui/intro/Login_GUI.java b/dozentenmodul/src/main/java/gui/intro/Login_GUI.java index 82c2be24..0b22792d 100644 --- a/dozentenmodul/src/main/java/gui/intro/Login_GUI.java +++ b/dozentenmodul/src/main/java/gui/intro/Login_GUI.java @@ -393,9 +393,9 @@ public class Login_GUI extends JFrame { if (loginType == LOGIN_TYPE_BWIDM) { // try the shibbo login in its own SwingWorker to avoid GUI lockups - SwingWorker worker = new SwingWorker(){ + SwingWorker worker = new SwingWorker(){ @Override - protected Boolean doInBackground() throws Exception { + protected ShibbolethECP.ReturnCode doInBackground() throws Exception { publish("Info: Initialisiere Shibboleth-Client ..."); OrganizationData selectedOrg = (OrganizationData) idpChoice.getSelectedItem(); publish("Info: Überprüfe Zugangdaten über bwIDM ..."); @@ -403,14 +403,32 @@ public class Login_GUI extends JFrame { } protected void done() { try { - if (get()) { - setStatus(Color.green, "Info: bwIDM-Login erfolgreich.", null); - JOptionPane.showMessageDialog(c, "Der Shibboleth-Login war erfolgreich! Der Rest ist noch in Entwicklung :)", - "bwIDM-Login erfolgreich", JOptionPane.PLAIN_MESSAGE); - // all done, show main menu - showMainMenu(); - } else { - setStatus(Color.red, "Fehler: bwIDM-Login fehlgeschlagen!", null); + ShibbolethECP.ReturnCode ecpReturn = get(); + switch(ecpReturn) { + case NO_ERROR: + setStatus(Color.green, "Info: bwIDM-Anmeldung erfolgreich.", null); + JOptionPane.showMessageDialog(c, "Der Shibboleth-Login war erfolgreich und das Holen der Resource hat geklappt! Der Rest ist noch in Entwicklung :)", + "Anmeldung erfolgreich", JOptionPane.PLAIN_MESSAGE); + // all done, show main menu + showMainMenu(); + break; + case ERROR_IDP: + setStatus(Color.red, "Fehler: bwIDM-Anmeldung fehlgeschlagen!", null); + JOptionPane.showMessageDialog(c, "Anmeldung fehlgeschlagen. Überprüfen Sie den Benutzername und Passwort.", + "Fehler", JOptionPane.ERROR_MESSAGE); + break; + case ERROR_SP: + setStatus(Color.red, "Fehler: bwIDM-Anmeldung fehlgeschlagen!", null); + JOptionPane.showMessageDialog(c, "Anmeldung erfolgreich aber die Antwort des Service Providers ist ungültig.", + "Fehler", JOptionPane.ERROR_MESSAGE); + break; + case ERROR_OTHER: + setStatus(Color.red, "Fehler: bwIDM-Anmeldung fehlgeschlagen!", null); + JOptionPane.showMessageDialog(c, "Fataler Fehler. Schicken Sie die Log-Datei einem Administrator zu!", + "Fehler", JOptionPane.ERROR_MESSAGE); + break; + default: + setStatus(Color.red, "Fehler: bwIDM-Login fehlgeschlagen!", null); } } catch (InterruptedException e) { LOGGER.error("SwingWorker for ShibbolethECP got interrupted, see trace: ", e); diff --git a/dozentenmodul/src/main/java/util/ShibbolethECP.java b/dozentenmodul/src/main/java/util/ShibbolethECP.java index 87f1c57a..3dea9e3e 100644 --- a/dozentenmodul/src/main/java/util/ShibbolethECP.java +++ b/dozentenmodul/src/main/java/util/ShibbolethECP.java @@ -18,7 +18,6 @@ import com.google.gson.JsonSyntaxException; import edu.kit.scc.dei.ecplean.ECPAuthenticationException; import edu.kit.scc.dei.ecplean.ECPAuthenticator; - public class ShibbolethECP { /** @@ -31,6 +30,32 @@ public class ShibbolethECP { */ private static final Gson GSON = new GsonBuilder().create(); + /** + * Return codes + */ + public static enum ReturnCode { + NO_ERROR(0, "Authentication against the identity provider and request of the service provider resource worked."), + ERROR_IDP(1, "Authentication against the identity provider failed."), + ERROR_SP(2, "Invalid resource of the service provider."), + ERROR_OTHER(3, "Internal class error."); + + private final int id; + private final String msg; + + ReturnCode(int id, String msg) { + this.id = id; + this.msg = msg; + } + + public int getId() { + return this.id; + } + + public String getMsg() { + return this.msg; + } + } + /** * Static URI to the SP. */ @@ -59,24 +84,24 @@ public class ShibbolethECP { * @return * true if login worked, false otherwise. */ - public static Boolean doLogin(final String idpUrl, final String user, final String pass) { + public static ReturnCode doLogin(final String idpUrl, final String user, final String pass) { // first lets do some sanity checks if (BWLP_SP == null) { LOGGER.error("URI to service provider is not set. Check the initialization of 'BWLP_SP'."); - return false; + return ReturnCode.ERROR_OTHER; } if (idpUrl == null) { LOGGER.error("Identity provider is not set, did you initialize this class correctly?"); - return false; + return ReturnCode.ERROR_OTHER; } if (user == null) { LOGGER.error("No username given, aborting..."); - return false; + return ReturnCode.ERROR_OTHER; } if (pass == null) { LOGGER.error("No password given, aborting..."); - return false; + return ReturnCode.ERROR_OTHER; } // now init the authenticator for that idp and our static sp @@ -85,29 +110,25 @@ public class ShibbolethECP { auth = new ECPAuthenticator(user, pass, new URI(idpUrl), BWLP_SP); } catch (URISyntaxException e) { LOGGER.error("Bad URI syntax, see trace: ", e); - return false; + return ReturnCode.ERROR_OTHER; } - if (auth == null) { - LOGGER.error("Initialising ECP authentication failed, aborting..."); - return false; - } try { auth.authenticate(); } catch (ECPAuthenticationException e) { LOGGER.error("ECP Authentication Exception, see trace: ", e); - return false; + return ReturnCode.ERROR_IDP; } // here test again for the SPURL - HttpGet testSp = new HttpGet("https://bwlp-masterserver.ruf.uni-freiburg.de/test.json"); + HttpGet testSp = new HttpGet(BWLP_SP); HttpResponse response = null; try { response = auth.getHttpClient().execute(testSp); } catch (ClientProtocolException e) { LOGGER.error("Bad protocol, see trace: ", e); - return false; + return ReturnCode.ERROR_OTHER; } catch (IOException e) { LOGGER.error("I/O error, see trace: ", e); - return false; + return ReturnCode.ERROR_OTHER; } LOGGER.debug("SP request returned: " + response.getStatusLine()); String responseBody = null; @@ -115,21 +136,21 @@ public class ShibbolethECP { responseBody = EntityUtils.toString(response.getEntity()); } catch (ParseException e) { LOGGER.error("Parsing error, see trace: ", e); - return false; + return ReturnCode.ERROR_OTHER; } catch (IOException e) { LOGGER.error("I/O error, see trace: ", e); - return false; + return ReturnCode.ERROR_OTHER; } ServiceProviderResponse spr = null; try { spr = GSON.fromJson(responseBody, ServiceProviderResponse.class); } catch (JsonSyntaxException e) { LOGGER.error("Bad JSON syntax, see trace: ", e); - return false; + return ReturnCode.ERROR_SP; } LOGGER.debug("SP JSON STATUS: " + spr.getStatus()); // TODO: here we will need to parse the answer accordingly. // no errors, meaning everything worked fine. - return spr.getStatus().equals("funzt") ? true : false; + return spr.getStatus().equals("funzt") ? ReturnCode.NO_ERROR : ReturnCode.ERROR_SP; } } -- cgit v1.2.3-55-g7522