From 0735a9bb3c338ff80d12156f0904a0714bdf16c3 Mon Sep 17 00:00:00 2001 From: Thomas <> Date: Thu, 10 Mar 2022 09:53:05 +0100 Subject: fix(core): add missing relayState and store pendingRequest in case of ms-connector staging work-around --- .../auth/eidas/v2/tasks/ReceiveAuthnResponseTask.java | 12 +++++++++--- .../eidas/v2/test/tasks/ReceiveEidasResponseTaskTest.java | 3 +++ 2 files changed, 12 insertions(+), 3 deletions(-) diff --git a/modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/tasks/ReceiveAuthnResponseTask.java b/modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/tasks/ReceiveAuthnResponseTask.java index c918b7a4..6a555e67 100644 --- a/modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/tasks/ReceiveAuthnResponseTask.java +++ b/modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/tasks/ReceiveAuthnResponseTask.java @@ -48,6 +48,7 @@ import at.gv.egiz.eaaf.core.impl.idp.auth.data.EidAuthProcessDataWrapper; import at.gv.egiz.eaaf.core.impl.idp.auth.modules.AbstractAuthServletTask; import eu.eidas.auth.commons.EidasParameterKeys; import eu.eidas.auth.commons.light.ILightResponse; +import eu.eidas.auth.commons.light.impl.LightResponse; import eu.eidas.auth.commons.tx.BinaryLightToken; import eu.eidas.specificcommunication.BinaryLightTokenHelper; import eu.eidas.specificcommunication.SpecificCommunicationDefinitionBeanNames; @@ -105,18 +106,23 @@ public class ReceiveAuthnResponseTask extends AbstractAuthServletTask { } private void forwardToOtherStage(HttpServletResponse response, ExecutionContext executionContext, - ILightResponse eidasResponse, String stagingEndpoint) throws SpecificCommunicationException, IOException { + ILightResponse eidasResponse, String stagingEndpoint) + throws SpecificCommunicationException, IOException, EaafException { executionContext.put(MsEidasNodeConstants.EXECCONTEXT_PARAM_MSCONNECTOR_STAGING, true); - + final SpecificCommunicationService specificConnectorCommunicationService = (SpecificCommunicationService) context.getBean( SpecificCommunicationDefinitionBeanNames.SPECIFIC_CONNECTOR_COMMUNICATION_SERVICE.toString()); - BinaryLightToken token = specificConnectorCommunicationService.putResponse(eidasResponse); + BinaryLightToken token = specificConnectorCommunicationService.putResponse( + LightResponse.builder(eidasResponse).relayState(pendingReq.getPendingRequestId()).build()); final String tokenBase64 = BinaryLightTokenHelper.encodeBinaryLightTokenBase64(token); final UriComponentsBuilder redirectUrl = UriComponentsBuilder.fromHttpUrl(stagingEndpoint); redirectUrl.queryParam(EidasParameterKeys.TOKEN.toString(), tokenBase64); + // store pendingRequest + requestStoreage.storePendingRequest(pendingReq); + log.debug("Forward to other stage .... "); response.sendRedirect(redirectUrl.build().encode().toString()); diff --git a/modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/tasks/ReceiveEidasResponseTaskTest.java b/modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/tasks/ReceiveEidasResponseTaskTest.java index ba77610a..47ad5cbd 100644 --- a/modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/tasks/ReceiveEidasResponseTaskTest.java +++ b/modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/tasks/ReceiveEidasResponseTaskTest.java @@ -160,6 +160,9 @@ public class ReceiveEidasResponseTaskTest { Assert.assertEquals("msConnectorStage", true, (Boolean) executionContext.get(MsEidasNodeConstants.EXECCONTEXT_PARAM_MSCONNECTOR_STAGING)); + IRequest storedReq = storage.getPendingRequest(pendingReq.getPendingRequestId()); + Assert.assertNotNull("pendingReq not stored", storedReq); + //validate state Assert.assertEquals("Wrong http statusCode", 302, httpResp.getStatus()); Assert.assertNotNull("No redirect header", httpResp.getHeaderValue("Location")); -- cgit v1.2.3