diff options
| -rw-r--r-- | eaaf_core/src/main/java/at/gv/egiz/eaaf/core/impl/idp/auth/services/ProtocolAuthenticationService.java | 21 | 
1 files changed, 13 insertions, 8 deletions
| diff --git a/eaaf_core/src/main/java/at/gv/egiz/eaaf/core/impl/idp/auth/services/ProtocolAuthenticationService.java b/eaaf_core/src/main/java/at/gv/egiz/eaaf/core/impl/idp/auth/services/ProtocolAuthenticationService.java index b4b188b6..090ea501 100644 --- a/eaaf_core/src/main/java/at/gv/egiz/eaaf/core/impl/idp/auth/services/ProtocolAuthenticationService.java +++ b/eaaf_core/src/main/java/at/gv/egiz/eaaf/core/impl/idp/auth/services/ProtocolAuthenticationService.java @@ -157,17 +157,25 @@ public class ProtocolAuthenticationService implements IProtocolAuthenticationSer  				//do not remove the full active SSO-Session   				//	in case of only one Service-Provider authentication request is aborted     				if ( !pendingReq.needSingleSignOnFunctionality())  { -					transactionStorage.remove(pendingReq.getPendingRequestId()); -				 +					requestStorage.removePendingRequest(pendingReq.getPendingRequestId()); +					  				}							  				//check if pending-request are authenticated					 -			} else if (pendingReq.isAuthenticated()) {				 +			} else if (pendingReq.isAuthenticated() && !pendingReq.isNeedUserConsent()) {				  				internalFinalizeAuthenticationProcess(req, resp, pendingReq);  			} else { -				//suspect state: pending-request is not aborted but also are not authenticated  -				log.error("PendingRequest is NOT authenticated --> Abort authentication process!");		 +				//suspect state: pending-request is not aborted but also are not authenticated +				log.warn("PendingRequest flag for 'authenticated':{} and 'needConsent':{}", pendingReq.isAuthenticated(), pendingReq.isNeedUserConsent()); +				if (pendingReq.isNeedUserConsent()) { +					log.error("PendingRequest NEEDS user-consent. Can NOT fininalize authentication --> Abort authentication process!"); +					 +				} else { +					log.error("PendingRequest is NOT authenticated --> Abort authentication process!"); +					 +				} +				  				handleErrorNoRedirect(  						new EAAFException(  								"auth.20", @@ -179,9 +187,6 @@ public class ProtocolAuthenticationService implements IProtocolAuthenticationSer  			log.error("Finalize authentication protocol FAILED." , e);  			buildProtocolSpecificErrorResponse(e, req, resp, pendingReq); -			if (pendingReq != null) -				transactionStorage.remove(pendingReq.getPendingRequestId()); -			  		}		  		//remove pending-request | 
