diff options
Diffstat (limited to 'eaaf_core')
-rw-r--r-- | eaaf_core/src/main/java/at/gv/egiz/eaaf/core/impl/idp/auth/services/ProtocolAuthenticationService.java | 21 |
1 files changed, 13 insertions, 8 deletions
diff --git a/eaaf_core/src/main/java/at/gv/egiz/eaaf/core/impl/idp/auth/services/ProtocolAuthenticationService.java b/eaaf_core/src/main/java/at/gv/egiz/eaaf/core/impl/idp/auth/services/ProtocolAuthenticationService.java index b4b188b6..090ea501 100644 --- a/eaaf_core/src/main/java/at/gv/egiz/eaaf/core/impl/idp/auth/services/ProtocolAuthenticationService.java +++ b/eaaf_core/src/main/java/at/gv/egiz/eaaf/core/impl/idp/auth/services/ProtocolAuthenticationService.java @@ -157,17 +157,25 @@ public class ProtocolAuthenticationService implements IProtocolAuthenticationSer //do not remove the full active SSO-Session // in case of only one Service-Provider authentication request is aborted if ( !pendingReq.needSingleSignOnFunctionality()) { - transactionStorage.remove(pendingReq.getPendingRequestId()); - + requestStorage.removePendingRequest(pendingReq.getPendingRequestId()); + } //check if pending-request are authenticated - } else if (pendingReq.isAuthenticated()) { + } else if (pendingReq.isAuthenticated() && !pendingReq.isNeedUserConsent()) { internalFinalizeAuthenticationProcess(req, resp, pendingReq); } else { - //suspect state: pending-request is not aborted but also are not authenticated - log.error("PendingRequest is NOT authenticated --> Abort authentication process!"); + //suspect state: pending-request is not aborted but also are not authenticated + log.warn("PendingRequest flag for 'authenticated':{} and 'needConsent':{}", pendingReq.isAuthenticated(), pendingReq.isNeedUserConsent()); + if (pendingReq.isNeedUserConsent()) { + log.error("PendingRequest NEEDS user-consent. Can NOT fininalize authentication --> Abort authentication process!"); + + } else { + log.error("PendingRequest is NOT authenticated --> Abort authentication process!"); + + } + handleErrorNoRedirect( new EAAFException( "auth.20", @@ -179,9 +187,6 @@ public class ProtocolAuthenticationService implements IProtocolAuthenticationSer log.error("Finalize authentication protocol FAILED." , e); buildProtocolSpecificErrorResponse(e, req, resp, pendingReq); - if (pendingReq != null) - transactionStorage.remove(pendingReq.getPendingRequestId()); - } //remove pending-request |