2 files changed, 7 insertions, 4 deletions

diff --git a/eaaf_modules/eaaf_module_auth_sl20/src/main/java/at/gv/egiz/eaaf/modules/auth/sl20/utils/SL20HttpBindingUtils.java b/eaaf_modules/eaaf_module_auth_sl20/src/main/java/at/gv/egiz/eaaf/modules/auth/sl20/utils/SL20HttpBindingUtils.java
index 39f2515d..4d8cabb7 100644
--- a/eaaf_modules/eaaf_module_auth_sl20/src/main/java/at/gv/egiz/eaaf/modules/auth/sl20/utils/SL20HttpBindingUtils.java
+++ b/eaaf_modules/eaaf_module_auth_sl20/src/main/java/at/gv/egiz/eaaf/modules/auth/sl20/utils/SL20HttpBindingUtils.java
@@ -10,10 +10,10 @@ import javax.servlet.http.HttpServletRequest;
 import javax.servlet.http.HttpServletResponse;
 
 import org.apache.http.client.utils.URIBuilder;
-import org.apache.http.entity.ContentType;
 import org.jose4j.base64url.Base64Url;
 import org.slf4j.Logger;
 import org.slf4j.LoggerFactory;
+import org.springframework.http.MediaType;
 
 import com.fasterxml.jackson.databind.JsonNode;
 
@@ -45,7 +45,7 @@ public class SL20HttpBindingUtils {
 			final byte[] content = writer.toString().getBytes("UTF-8");
 			httpResp.setStatus(HttpServletResponse.SC_OK);
 			httpResp.setContentLength(content.length);
-			httpResp.setContentType(ContentType.APPLICATION_JSON.toString());						
+			httpResp.setContentType(MediaType.APPLICATION_JSON_UTF8_VALUE);						
 			httpResp.getOutputStream().write(content);
 											
 		} else {
diff --git a/eaaf_modules/eaaf_module_auth_sl20/src/main/java/at/gv/egiz/eaaf/modules/auth/sl20/utils/SL20JSONExtractorUtils.java b/eaaf_modules/eaaf_module_auth_sl20/src/main/java/at/gv/egiz/eaaf/modules/auth/sl20/utils/SL20JSONExtractorUtils.java
index 901eff51..314dde17 100644
--- a/eaaf_modules/eaaf_module_auth_sl20/src/main/java/at/gv/egiz/eaaf/modules/auth/sl20/utils/SL20JSONExtractorUtils.java
+++ b/eaaf_modules/eaaf_module_auth_sl20/src/main/java/at/gv/egiz/eaaf/modules/auth/sl20/utils/SL20JSONExtractorUtils.java
@@ -291,15 +291,18 @@ public class SL20JSONExtractorUtils {
 	public static JsonNode getSL20ContainerFromResponse(HttpResponse httpResp) throws SLCommandoParserException {
 		try {
 			JsonNode sl20Resp = null;
-			if (httpResp.getStatusLine().getStatusCode() == 307) {
+			if (httpResp.getStatusLine().getStatusCode() == 303 || httpResp.getStatusLine().getStatusCode() == 307) {
 				final Header[] locationHeader = httpResp.getHeaders("Location");
 				if (locationHeader == null)
 					throw new SLCommandoParserException("Find Redirect statuscode but not Location header");
 			
 				final String sl20RespString = new URIBuilder(locationHeader[0].getValue()).getQueryParams().get(0).getValue();
-				sl20Resp =  mapper.getMapper().readTree(Base64Url.encode((sl20RespString.getBytes())));
+				sl20Resp =  mapper.getMapper().readTree(Base64Url.decode(sl20RespString));
 			
 			} else if (httpResp.getStatusLine().getStatusCode() == 200) {
+				if (httpResp.getEntity().getContentType() == null)
+					throw new SLCommandoParserException("SL20 response contains NO ContentType");					
+				
 				if (!httpResp.getEntity().getContentType().getValue().startsWith("application/json"))
 					throw new SLCommandoParserException("SL20 response with a wrong ContentType: " + httpResp.getEntity().getContentType().getValue());					
 				sl20Resp = parseSL20ResultFromResponse(httpResp.getEntity());