Merge branch 'develop'

disain/scripts/main/main.js

@@ -215,6 +215,17 @@ jQuery(function ($) {
 		validateFormFieldValue($(this), function(){return true;});
 	});
 
+	// Smart-ID status polling form - submit cancel
+    $('#authenticationCheckForm a.c-btn--from-link').on('click', function(event){
+        event.preventDefault();
+
+        if ($(this).prop('disabled')) return;
+        $(this).prop('disabled', true);
+
+        $('#_eventId').val('cancel');
+        $('#authenticationCheckForm').submit();
+    });
+
 	// EU citizen form submit
 	$('#eidasForm button.c-btn--primary').on('click', function(event){
 		event.preventDefault();

pom.xml

@@ -6,10 +6,10 @@
     <groupId>ee.ria.tara</groupId>
     <artifactId>tara-server</artifactId>
     <packaging>war</packaging>
-    <version>1.4.14</version>
+    <version>1.4.15</version>
 
     <properties>
-        <cas.version>5.3.14</cas.version>
+        <cas.version>5.3.15</cas.version>
         <banklink.version>2.1.15</banklink.version>
         <!-- app.server could be -jetty, -undertow, -tomcat, or blank if you plan to provide appserver -->
         <app.server>-tomcat</app.server>
@@ -331,13 +331,6 @@
             <version>${banklink.version}</version>
         </dependency>
 
-        <!-- Mobile-ID SOAP client -->
-        <dependency>
-            <groupId>com.codeborne</groupId>
-            <artifactId>mobileid</artifactId>
-            <version>1.4</version>
-        </dependency>
-
         <!-- Mobile-ID REST client -->
         <!-- NB! When updating must also update explicitly defined 'org.glassfish.jersey.inject.jersey-hk2' version -->
         <dependency>

src/main/java/ee/ria/sso/config/mobileid/MobileIDConfiguration.java

@@ -3,8 +3,6 @@
 import ee.ria.sso.service.mobileid.MobileIDAuthenticationClient;
 import ee.ria.sso.service.mobileid.MobileIDAuthenticationService;
 import ee.ria.sso.service.mobileid.rest.MobileIDRESTAuthClient;
-import ee.ria.sso.service.mobileid.soap.MobileIDAuthenticatorWrapper;
-import ee.ria.sso.service.mobileid.soap.MobileIDSOAPAuthClient;
 import ee.ria.sso.statistics.StatisticsHandler;
 import ee.sk.mid.MidClient;
 import ee.sk.mid.rest.MidLoggingFilter;
@@ -29,13 +27,8 @@ public class MobileIDConfiguration {
 
     @Bean
     public MobileIDAuthenticationClient constructAuthenticationClient() {
-        if (configurationProvider.isUseDdsService()) {
-            log.info("Initializing SOAP protocol based authentication client for DDS Mobile-ID service");
-            return new MobileIDSOAPAuthClient(mobileIDAuthenticatorWrapper());
-        } else {
-            log.info("Initializing REST protocol based authentication client for Mobile-ID REST service");
-            return new MobileIDRESTAuthClient(configurationProvider, midClient());
-        }
+        log.info("Initializing REST protocol based authentication client for Mobile-ID REST service");
+        return new MobileIDRESTAuthClient(configurationProvider, midClient());
     }
 
     @Bean
@@ -44,14 +37,6 @@ public MobileIDAuthenticationService mobileIDAuthenticationService() {
                 statisticsHandler, configurationProvider, constructAuthenticationClient());
     }
 
-    private MobileIDAuthenticatorWrapper mobileIDAuthenticatorWrapper() {
-        MobileIDAuthenticatorWrapper authenticator = new MobileIDAuthenticatorWrapper();
-        authenticator.setDigidocServiceURL(configurationProvider.getHostUrl());
-        authenticator.setLoginMessage(configurationProvider.getMessageToDisplay());
-        authenticator.setServiceName(configurationProvider.getServiceName());
-        return authenticator;
-    }
-
     private MidClient midClient() {
         return MidClient.newBuilder()
                 .withHostUrl(configurationProvider.getHostUrl())

src/main/java/ee/ria/sso/config/mobileid/MobileIDConfigurationProvider.java

@@ -6,7 +6,6 @@
 import lombok.Setter;
 import lombok.ToString;
 import lombok.extern.slf4j.Slf4j;
-import org.apache.commons.lang.StringUtils;
 import org.hibernate.validator.constraints.NotBlank;
 import org.springframework.boot.autoconfigure.condition.ConditionalOnProperty;
 import org.springframework.boot.context.properties.ConfigurationProperties;
@@ -42,7 +41,6 @@ public class MobileIDConfigurationProvider {
     private static final int CONNECTION_DURATION_MARGIN = 1500;
 
     private boolean enabled;
-    private boolean useDdsService = true;
 
     @NotBlank
     private String hostUrl;
@@ -56,8 +54,6 @@ public class MobileIDConfigurationProvider {
     @NotBlank
     private String areaCode = DEFAULT_AREA_CODE;
 
-    private String serviceName;
-
     @NotBlank
     private String messageToDisplay;
 
@@ -67,7 +63,10 @@ public class MobileIDConfigurationProvider {
     @NotNull
     private MidHashType authenticationHashType = DEFAULT_AUTHENTICATION_HASH_TYPE;
 
+    @NotNull
     private String relyingPartyUuid;
+
+    @NotNull
     private String relyingPartyName;
 
     @NotNull
@@ -90,23 +89,10 @@ public void init() {
                             " duration(<" + sessionStatusSocketOpenDuration + ">) and connection duration margin (<" + CONNECTION_DURATION_MARGIN + ">)");
         }
 
-        if (!useDdsService) {
-            if (StringUtils.isBlank(relyingPartyUuid)) {
-                throw new IllegalArgumentException("'mobile-id.relying-party-uuid' cannot be blank when using MID-REST protocol ('mobile-id.use-dds-service=false')");
-            }
-            if (StringUtils.isBlank(relyingPartyName)) {
-                throw new IllegalArgumentException("'mobile-id.relying-party-name' cannot be blank when using MID-REST protocol ('mobile-id.use-dds-service=false')");
-            }
-        }
-
         if (sessionStatusSocketOpenDuration < DEFAULT_SESSION_STATUS_SOCKET_OPEN_DURATION) {
             sessionStatusSocketOpenDuration = DEFAULT_SESSION_STATUS_SOCKET_OPEN_DURATION;
         }
 
-        if (useDdsService && StringUtils.isBlank(serviceName)) {
-            throw new IllegalArgumentException("'mobile-id.service-name' cannot be blank, if DDS is used as Mobile-ID service ('mobile-id.use-dds-service=true' or not present)");
-        }
-
         sessionStatusSocketOpenDuration = sessionStatusSocketOpenDuration / 1000;
 
         log.info("Using Mobile-ID configuration: {}" + this);

src/main/java/ee/ria/sso/flow/action/MobileIDCheckCancelAction.java

@@ -0,0 +1,30 @@
+package ee.ria.sso.flow.action;
+
+import ee.ria.sso.authentication.AuthenticationType;
+import ee.ria.sso.service.mobileid.MobileIDAuthenticationService;
+import ee.ria.sso.service.smartid.SmartIDAuthenticationService;
+import org.springframework.boot.autoconfigure.condition.ConditionalOnProperty;
+import org.springframework.stereotype.Component;
+import org.springframework.webflow.execution.Event;
+import org.springframework.webflow.execution.RequestContext;
+
+@ConditionalOnProperty("mobile-id.enabled")
+@Component
+public class MobileIDCheckCancelAction extends AbstractAuthenticationAction {
+
+    private final MobileIDAuthenticationService authenticationService;
+
+    public MobileIDCheckCancelAction(MobileIDAuthenticationService authenticationService) {
+        this.authenticationService = authenticationService;
+    }
+
+    @Override
+    protected Event doAuthenticationExecute(RequestContext requestContext) {
+        return authenticationService.cancelAuthenticationSessionStatusChecking(requestContext);
+    }
+
+    @Override
+    protected AuthenticationType getAuthenticationType() {
+        return AuthenticationType.MobileID;
+    }
+}

src/main/java/ee/ria/sso/flow/action/SmartIDCheckCancelAction.java

@@ -0,0 +1,29 @@
+package ee.ria.sso.flow.action;
+
+import ee.ria.sso.authentication.AuthenticationType;
+import ee.ria.sso.service.smartid.SmartIDAuthenticationService;
+import org.springframework.boot.autoconfigure.condition.ConditionalOnProperty;
+import org.springframework.stereotype.Component;
+import org.springframework.webflow.execution.Event;
+import org.springframework.webflow.execution.RequestContext;
+
+@ConditionalOnProperty("smart-id.enabled")
+@Component
+public class SmartIDCheckCancelAction extends AbstractAuthenticationAction {
+
+    private final SmartIDAuthenticationService authenticationService;
+
+    public SmartIDCheckCancelAction(SmartIDAuthenticationService authenticationService) {
+        this.authenticationService = authenticationService;
+    }
+
+    @Override
+    protected Event doAuthenticationExecute(RequestContext requestContext) {
+        return authenticationService.cancelCheckSmartIdAuthenticationSessionStatus(requestContext);
+    }
+
+    @Override
+    protected AuthenticationType getAuthenticationType() {
+        return AuthenticationType.SmartID;
+    }
+}

src/main/java/ee/ria/sso/service/AbstractService.java

@@ -78,7 +78,7 @@ protected void logEvent(RequestContext context, Throwable e, AuthenticationType
                 .clientId(getServiceClientId(context))
                 .method(authenticationType)
                 .operation(StatisticsOperation.ERROR)
-                .error(e.getMessage())
+                .error(e != null ? e.getMessage() : null)
                 .build()
         );
     }

src/main/java/ee/ria/sso/service/mobileid/MobileIDAuthenticationService.java

@@ -1,6 +1,5 @@
 package ee.ria.sso.service.mobileid;
 
-import com.codeborne.security.AuthenticationException;
 import ee.ria.sso.Constants;
 import ee.ria.sso.authentication.AuthenticationType;
 import ee.ria.sso.authentication.credential.PreAuthenticationCredential;
@@ -17,12 +16,12 @@
 import org.apereo.inspektr.audit.annotation.Audit;
 import org.springframework.boot.autoconfigure.condition.ConditionalOnProperty;
 import org.springframework.stereotype.Service;
-import org.springframework.util.Assert;
 import org.springframework.webflow.execution.Event;
 import org.springframework.webflow.execution.RequestContext;
 
 import static ee.ria.sso.statistics.StatisticsOperation.START_AUTH;
 import static ee.ria.sso.statistics.StatisticsOperation.SUCCESSFUL_AUTH;
+import static org.springframework.util.Assert.notNull;
 
 @ConditionalOnProperty("mobile-id.enabled")
 @Service
@@ -47,8 +46,7 @@ public MobileIDAuthenticationService(StatisticsHandler statistics,
     )
     public Event startLoginByMobileID(RequestContext context) {
         final PreAuthenticationCredential credential = context.getFlowExecutionContext().getActiveSession().getScope().get("credential", PreAuthenticationCredential.class);
-        Assert.notNull(credential, "PreAuthenticationCredential is missing!");
-
+        notNull(credential, "PreAuthenticationCredential is missing!");
 
         String mobileNumber = StringUtils.isBlank(credential.getMobileNumber()) ? credential.getMobileNumber() : confProvider.getAreaCode() + credential.getMobileNumber();
         log.info("Starting Mobile-ID authentication: <mobileNumber:{}>, <identityCode:{}>", mobileNumber, credential.getPrincipalCode());
@@ -70,6 +68,33 @@ public Event startLoginByMobileID(RequestContext context) {
         }
     }
 
+    @Audit(
+            action = "MID_AUTHENTICATION_STATUS_POLL_CANCEL",
+            actionResolverName = "AUTHENTICATION_RESOLVER",
+            resourceResolverName = "TARA_AUTHENTICATION_RESOURCE_RESOLVER"
+    )
+    public Event cancelAuthenticationSessionStatusChecking(RequestContext context) {
+
+        notNull(context, "Request context cannot be null");
+
+        try {
+            Integer checkCount = context.getFlowScope().get(Constants.AUTH_COUNT, Integer.class);
+            notNull(checkCount, "Polling count in request context is missing");
+
+            MobileIDSession authSession = context.getFlowScope().get(Constants.MOBILE_ID_AUTHENTICATION_SESSION, MobileIDSession.class);
+            notNull(authSession, "Mobile-ID session in request context is missing");
+
+            log.info("Mobile-ID authentication session status checking canceled by the user <count:{}>, <sessionId:{}>",
+                    checkCount, authSession.getSessionId());
+            logEvent(context, new IllegalStateException("Canceled by the user in TARA"), AuthenticationType.MobileID);
+
+            return new Event(this, CasWebflowConstants.TRANSITION_ID_SUCCESS);
+        } catch (Exception e) {
+            logEvent(context, e, AuthenticationType.MobileID);
+            throw e;
+        }
+    }
+
     @Audit(
             action = "MID_AUTHENTICATION_STATUS_POLL",
             actionResolverName = "AUTHENTICATION_RESOLVER",
@@ -118,11 +143,6 @@ private void validateCredential(String principalCode, String mobileNumber) {
     }
 
     private void logEvent(RequestContext context, Exception e) {
-        Throwable cause = e.getCause();
-        if (cause instanceof AuthenticationException) {
-            logEvent(context, cause, AuthenticationType.MobileID);
-        } else {
-            logEvent(context, e, AuthenticationType.MobileID);
-        }
+        logEvent(context, e, AuthenticationType.MobileID);
     }
 }