change endpoints for protocol-finalization controller and add basic modul for end-points

3 files changed, 22 insertions, 4 deletions

diff --git a/eaaf_core/src/main/java/at/gv/egiz/eaaf/core/impl/idp/auth/services/ProtocolAuthenticationService.java b/eaaf_core/src/main/java/at/gv/egiz/eaaf/core/impl/idp/auth/services/ProtocolAuthenticationService.java
index 925d6fe2..abb3d685 100644
--- a/eaaf_core/src/main/java/at/gv/egiz/eaaf/core/impl/idp/auth/services/ProtocolAuthenticationService.java
+++ b/eaaf_core/src/main/java/at/gv/egiz/eaaf/core/impl/idp/auth/services/ProtocolAuthenticationService.java
@@ -560,7 +560,7 @@ public class ProtocolAuthenticationService implements IProtocolAuthenticationSer
   private IGuiBuilderConfiguration evaluateRequiredErrorHandlingMethod(IRequest first, String errorId) {
     if (first != null && first.isProcessInIframe()) {
       return guiConfigFactory.getDefaultIFrameParentHopGui(first,
-          "/" + ProtocolFinalizationController.ENDPOINT_ERRORHANDLING,
+          ProtocolFinalizationController.ENDPOINT_ERRORHANDLING,
           errorId);
 
     }
@@ -571,7 +571,7 @@ public class ProtocolAuthenticationService implements IProtocolAuthenticationSer
   private String generateErrorRedirectUrl(final HttpServletRequest req, String errorKey) {
     String redirectUrl = null;
     redirectUrl = ServletUtils.getBaseUrl(req);
-    redirectUrl += "/" + ProtocolFinalizationController.ENDPOINT_ERRORHANDLING + "?"
+    redirectUrl += ProtocolFinalizationController.ENDPOINT_ERRORHANDLING + "?"
         + EaafConstants.PARAM_HTTP_ERROR_CODE + "=" + errorKey;
     return redirectUrl;
 
diff --git a/eaaf_core/src/main/java/at/gv/egiz/eaaf/core/impl/idp/controller/ProtocolFinalizationController.java b/eaaf_core/src/main/java/at/gv/egiz/eaaf/core/impl/idp/controller/ProtocolFinalizationController.java
index 4ff41836..6a566f00 100644
--- a/eaaf_core/src/main/java/at/gv/egiz/eaaf/core/impl/idp/controller/ProtocolFinalizationController.java
+++ b/eaaf_core/src/main/java/at/gv/egiz/eaaf/core/impl/idp/controller/ProtocolFinalizationController.java
@@ -52,8 +52,10 @@ import at.gv.egiz.eaaf.core.impl.utils.TransactionIdUtils;
 @Controller
 public class ProtocolFinalizationController extends AbstractController {
   private static final Logger log = LoggerFactory.getLogger(ProtocolFinalizationController.class);
-  public static final String ENDPOINT_FINALIZEPROTOCOL = "finalizeAuthProtocol";
-  public static final String ENDPOINT_ERRORHANDLING = "errorHandling";
+  public static final String ENDPOINT_FINALIZEPROTOCOL = 
+      EaafConstants.ENDPOINT_PREFIX_SECURED + "/finalizeAuthProtocol";
+  public static final String ENDPOINT_ERRORHANDLING = 
+      EaafConstants.ENDPOINT_PREFIX_SECURED + "/errorHandling";
 
   @Autowired(required = true)
   IRequestStorage requestStorage;
diff --git a/eaaf_core_api/src/main/java/at/gv/egiz/eaaf/core/api/data/EaafConstants.java b/eaaf_core_api/src/main/java/at/gv/egiz/eaaf/core/api/data/EaafConstants.java
index 1bbfe1b7..82749b81 100644
--- a/eaaf_core_api/src/main/java/at/gv/egiz/eaaf/core/api/data/EaafConstants.java
+++ b/eaaf_core_api/src/main/java/at/gv/egiz/eaaf/core/api/data/EaafConstants.java
@@ -27,6 +27,22 @@ public class EaafConstants {
 
   public static final String CONTENTTYPE_HTML_UTF8 = "text/html; charset=UTF-8";
 
+  // common http end-point prefixes
+  /**
+   * Public end-points without any access restriction.
+   */
+  public static final String ENDPOINT_PREFIX_PUBLIC = "/public";
+  
+  /**
+   * Public end-points with access restriction, like AccessToken, PendingRequestIds, ...
+   */
+  public static final String ENDPOINT_PREFIX_SECURED = "/public/secure";
+  
+  /**
+   * Non public end-points that allow restriction on network level.
+   */
+  public static final String ENDPOINT_PREFIX_RESTRICTED = "/restricted";
+      
   // http request parameters for process management
   public static final String PARAM_HTTP_TARGET_PENDINGREQUESTID = "pendingid";
   public static final String PARAM_HTTP_ERROR_CODE = "errorid";