1 files changed, 22 insertions, 13 deletions

diff --git a/eaaf_core/src/main/java/at/gv/egiz/eaaf/core/impl/idp/auth/services/ProtocolAuthenticationService.java b/eaaf_core/src/main/java/at/gv/egiz/eaaf/core/impl/idp/auth/services/ProtocolAuthenticationService.java
index bf449d44..84753408 100644
--- a/eaaf_core/src/main/java/at/gv/egiz/eaaf/core/impl/idp/auth/services/ProtocolAuthenticationService.java
+++ b/eaaf_core/src/main/java/at/gv/egiz/eaaf/core/impl/idp/auth/services/ProtocolAuthenticationService.java
@@ -27,8 +27,6 @@ import org.apache.commons.lang3.ArrayUtils;
 import org.apache.commons.lang3.StringUtils;
 import org.apache.commons.text.StringEscapeUtils;
 import org.owasp.encoder.Encode;
-import org.slf4j.Logger;
-import org.slf4j.LoggerFactory;
 import org.springframework.beans.factory.annotation.Autowired;
 import org.springframework.context.ApplicationContext;
 import org.springframework.lang.NonNull;
@@ -47,6 +45,7 @@ import at.gv.egiz.eaaf.core.api.gui.ModifyableGuiBuilderConfiguration;
 import at.gv.egiz.eaaf.core.api.idp.IAction;
 import at.gv.egiz.eaaf.core.api.idp.IAuthData;
 import at.gv.egiz.eaaf.core.api.idp.IAuthenticationDataBuilder;
+import at.gv.egiz.eaaf.core.api.idp.IConfigurationWithSP;
 import at.gv.egiz.eaaf.core.api.idp.IModulInfo;
 import at.gv.egiz.eaaf.core.api.idp.ISpConfiguration;
 import at.gv.egiz.eaaf.core.api.idp.auth.IAuthenticationManager;
@@ -74,14 +73,17 @@ import at.gv.egiz.eaaf.core.impl.idp.auth.services.IErrorService.IHandleData;
 import at.gv.egiz.eaaf.core.impl.idp.auth.services.IErrorService.LogLevel;
 import at.gv.egiz.eaaf.core.impl.idp.controller.ProtocolFinalizationController;
 import at.gv.egiz.eaaf.core.impl.idp.controller.protocols.RequestImpl;
-import at.gv.egiz.eaaf.core.impl.utils.ServletUtils;
 import jakarta.annotation.PostConstruct;
 import jakarta.servlet.http.HttpServletRequest;
 import jakarta.servlet.http.HttpServletResponse;
+import lombok.extern.slf4j.Slf4j;
 
+@Slf4j
 @Service
 public class ProtocolAuthenticationService implements IProtocolAuthenticationService {
-  private static final Logger log = LoggerFactory.getLogger(ProtocolAuthenticationService.class);
+
+  @Autowired(required = true)
+  protected IConfigurationWithSP authConfig;
 
   @Autowired(required = true)
   private ApplicationContext applicationContext;
@@ -363,12 +365,19 @@ public class ProtocolAuthenticationService implements IProtocolAuthenticationSer
       guiBuilder.build(req, resp, parentHopGuiConfig, "iFrame-to-parent");
 
     } else {
-      // build up redirect URL
-      final String redirectUrl = generateErrorRedirectUrl(req, errorKey);
-      resp.setContentType("text/html");
-      resp.setStatus(302);
-      resp.addHeader("Location", redirectUrl);
-      log.debug("REDIRECT TO: {}", redirectUrl);
+      try {
+        // build up redirect URL
+        final String redirectUrl = generateErrorRedirectUrl(req, errorKey);
+        resp.setContentType("text/html");
+        resp.setStatus(302);
+        resp.addHeader("Location", redirectUrl);
+        log.debug("REDIRECT TO: {}", redirectUrl);
+
+      } catch (EaafException e) {
+        log.error("Can not forward to error page", e);
+        throw new GuiBuildException("Redirect URL generation error", e);
+
+      }
 
     }
   }
@@ -592,9 +601,9 @@ public class ProtocolAuthenticationService implements IProtocolAuthenticationSer
     return null;
   }
 
-  private String generateErrorRedirectUrl(final HttpServletRequest req, String errorKey) {
-    String redirectUrl = null;
-    redirectUrl = ServletUtils.getBaseUrl(req);
+  private String generateErrorRedirectUrl(final HttpServletRequest req, String errorKey)
+      throws EaafAuthenticationException, EaafException {
+    String redirectUrl = authConfig.validateIdpUrl(HttpUtils.extractAuthUrlFromRequest(req));
     redirectUrl += ProtocolFinalizationController.ENDPOINT_ERRORHANDLING + "?"
         + EaafConstants.PARAM_HTTP_ERROR_CODE + "=" + errorKey;
     return redirectUrl;