From 41dfc9938c5e5da2dfeed251c37865a72d115f75 Mon Sep 17 00:00:00 2001 From: Thomas <> Date: Mon, 1 Mar 2021 19:40:12 +0100 Subject: change endpoints for protocol-finalization controller and add basic modul for end-points --- .../idp/auth/services/ProtocolAuthenticationService.java | 4 ++-- .../idp/controller/ProtocolFinalizationController.java | 6 ++++-- .../at/gv/egiz/eaaf/core/api/data/EaafConstants.java | 16 ++++++++++++++++ 3 files changed, 22 insertions(+), 4 deletions(-) diff --git a/eaaf_core/src/main/java/at/gv/egiz/eaaf/core/impl/idp/auth/services/ProtocolAuthenticationService.java b/eaaf_core/src/main/java/at/gv/egiz/eaaf/core/impl/idp/auth/services/ProtocolAuthenticationService.java index 925d6fe2..abb3d685 100644 --- a/eaaf_core/src/main/java/at/gv/egiz/eaaf/core/impl/idp/auth/services/ProtocolAuthenticationService.java +++ b/eaaf_core/src/main/java/at/gv/egiz/eaaf/core/impl/idp/auth/services/ProtocolAuthenticationService.java @@ -560,7 +560,7 @@ public class ProtocolAuthenticationService implements IProtocolAuthenticationSer private IGuiBuilderConfiguration evaluateRequiredErrorHandlingMethod(IRequest first, String errorId) { if (first != null && first.isProcessInIframe()) { return guiConfigFactory.getDefaultIFrameParentHopGui(first, - "/" + ProtocolFinalizationController.ENDPOINT_ERRORHANDLING, + ProtocolFinalizationController.ENDPOINT_ERRORHANDLING, errorId); } @@ -571,7 +571,7 @@ public class ProtocolAuthenticationService implements IProtocolAuthenticationSer private String generateErrorRedirectUrl(final HttpServletRequest req, String errorKey) { String redirectUrl = null; redirectUrl = ServletUtils.getBaseUrl(req); - redirectUrl += "/" + ProtocolFinalizationController.ENDPOINT_ERRORHANDLING + "?" + redirectUrl += ProtocolFinalizationController.ENDPOINT_ERRORHANDLING + "?" + EaafConstants.PARAM_HTTP_ERROR_CODE + "=" + errorKey; return redirectUrl; diff --git a/eaaf_core/src/main/java/at/gv/egiz/eaaf/core/impl/idp/controller/ProtocolFinalizationController.java b/eaaf_core/src/main/java/at/gv/egiz/eaaf/core/impl/idp/controller/ProtocolFinalizationController.java index 4ff41836..6a566f00 100644 --- a/eaaf_core/src/main/java/at/gv/egiz/eaaf/core/impl/idp/controller/ProtocolFinalizationController.java +++ b/eaaf_core/src/main/java/at/gv/egiz/eaaf/core/impl/idp/controller/ProtocolFinalizationController.java @@ -52,8 +52,10 @@ import at.gv.egiz.eaaf.core.impl.utils.TransactionIdUtils; @Controller public class ProtocolFinalizationController extends AbstractController { private static final Logger log = LoggerFactory.getLogger(ProtocolFinalizationController.class); - public static final String ENDPOINT_FINALIZEPROTOCOL = "finalizeAuthProtocol"; - public static final String ENDPOINT_ERRORHANDLING = "errorHandling"; + public static final String ENDPOINT_FINALIZEPROTOCOL = + EaafConstants.ENDPOINT_PREFIX_SECURED + "/finalizeAuthProtocol"; + public static final String ENDPOINT_ERRORHANDLING = + EaafConstants.ENDPOINT_PREFIX_SECURED + "/errorHandling"; @Autowired(required = true) IRequestStorage requestStorage; diff --git a/eaaf_core_api/src/main/java/at/gv/egiz/eaaf/core/api/data/EaafConstants.java b/eaaf_core_api/src/main/java/at/gv/egiz/eaaf/core/api/data/EaafConstants.java index 1bbfe1b7..82749b81 100644 --- a/eaaf_core_api/src/main/java/at/gv/egiz/eaaf/core/api/data/EaafConstants.java +++ b/eaaf_core_api/src/main/java/at/gv/egiz/eaaf/core/api/data/EaafConstants.java @@ -27,6 +27,22 @@ public class EaafConstants { public static final String CONTENTTYPE_HTML_UTF8 = "text/html; charset=UTF-8"; + // common http end-point prefixes + /** + * Public end-points without any access restriction. + */ + public static final String ENDPOINT_PREFIX_PUBLIC = "/public"; + + /** + * Public end-points with access restriction, like AccessToken, PendingRequestIds, ... + */ + public static final String ENDPOINT_PREFIX_SECURED = "/public/secure"; + + /** + * Non public end-points that allow restriction on network level. + */ + public static final String ENDPOINT_PREFIX_RESTRICTED = "/restricted"; + // http request parameters for process management public static final String PARAM_HTTP_TARGET_PENDINGREQUESTID = "pendingid"; public static final String PARAM_HTTP_ERROR_CODE = "errorid"; -- cgit v1.2.3