From 9c57501bafec01eb327905a06d757d8ad6cdce68 Mon Sep 17 00:00:00 2001 From: Thomas <> Date: Wed, 9 Mar 2022 18:44:13 +0100 Subject: feature(eidas): add optional parameter to support more-than-one MS-Connector stage # Conflicts: # modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/Constants.java # modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/tasks/ReceiveAuthnResponseTask.java # Conflicts: # modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/Constants.java --- .../at/asitplus/eidas/specific/modules/auth/eidas/v2/Constants.java | 2 ++ 1 file changed, 2 insertions(+) diff --git a/modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/Constants.java b/modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/Constants.java index 90451e87..be20e632 100644 --- a/modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/Constants.java +++ b/modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/Constants.java @@ -128,6 +128,8 @@ public class Constants { public static final String CONIG_PROPS_EIDAS_SZRCLIENT_WORKAROUND_REVISIONLOGDATASTORE_ACTIVE = CONIG_PROPS_EIDAS_SZRCLIENT + ".revisionlog.eidmapping.active"; + + public static final String DEFAULT_MS_NODE_COUNTRY_CODE = "AT"; @Deprecated public static final String CONIG_PROPS_EIDAS_SZRCLIENT_WORKAROUND_SQLLITEDATASTORE_URL = -- cgit v1.2.3 From 0735a9bb3c338ff80d12156f0904a0714bdf16c3 Mon Sep 17 00:00:00 2001 From: Thomas <> Date: Thu, 10 Mar 2022 09:53:05 +0100 Subject: fix(core): add missing relayState and store pendingRequest in case of ms-connector staging work-around --- .../auth/eidas/v2/tasks/ReceiveAuthnResponseTask.java | 12 +++++++++--- .../eidas/v2/test/tasks/ReceiveEidasResponseTaskTest.java | 3 +++ 2 files changed, 12 insertions(+), 3 deletions(-) diff --git a/modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/tasks/ReceiveAuthnResponseTask.java b/modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/tasks/ReceiveAuthnResponseTask.java index c918b7a4..6a555e67 100644 --- a/modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/tasks/ReceiveAuthnResponseTask.java +++ b/modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/tasks/ReceiveAuthnResponseTask.java @@ -48,6 +48,7 @@ import at.gv.egiz.eaaf.core.impl.idp.auth.data.EidAuthProcessDataWrapper; import at.gv.egiz.eaaf.core.impl.idp.auth.modules.AbstractAuthServletTask; import eu.eidas.auth.commons.EidasParameterKeys; import eu.eidas.auth.commons.light.ILightResponse; +import eu.eidas.auth.commons.light.impl.LightResponse; import eu.eidas.auth.commons.tx.BinaryLightToken; import eu.eidas.specificcommunication.BinaryLightTokenHelper; import eu.eidas.specificcommunication.SpecificCommunicationDefinitionBeanNames; @@ -105,18 +106,23 @@ public class ReceiveAuthnResponseTask extends AbstractAuthServletTask { } private void forwardToOtherStage(HttpServletResponse response, ExecutionContext executionContext, - ILightResponse eidasResponse, String stagingEndpoint) throws SpecificCommunicationException, IOException { + ILightResponse eidasResponse, String stagingEndpoint) + throws SpecificCommunicationException, IOException, EaafException { executionContext.put(MsEidasNodeConstants.EXECCONTEXT_PARAM_MSCONNECTOR_STAGING, true); - + final SpecificCommunicationService specificConnectorCommunicationService = (SpecificCommunicationService) context.getBean( SpecificCommunicationDefinitionBeanNames.SPECIFIC_CONNECTOR_COMMUNICATION_SERVICE.toString()); - BinaryLightToken token = specificConnectorCommunicationService.putResponse(eidasResponse); + BinaryLightToken token = specificConnectorCommunicationService.putResponse( + LightResponse.builder(eidasResponse).relayState(pendingReq.getPendingRequestId()).build()); final String tokenBase64 = BinaryLightTokenHelper.encodeBinaryLightTokenBase64(token); final UriComponentsBuilder redirectUrl = UriComponentsBuilder.fromHttpUrl(stagingEndpoint); redirectUrl.queryParam(EidasParameterKeys.TOKEN.toString(), tokenBase64); + // store pendingRequest + requestStoreage.storePendingRequest(pendingReq); + log.debug("Forward to other stage .... "); response.sendRedirect(redirectUrl.build().encode().toString()); diff --git a/modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/tasks/ReceiveEidasResponseTaskTest.java b/modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/tasks/ReceiveEidasResponseTaskTest.java index ba77610a..47ad5cbd 100644 --- a/modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/tasks/ReceiveEidasResponseTaskTest.java +++ b/modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/tasks/ReceiveEidasResponseTaskTest.java @@ -160,6 +160,9 @@ public class ReceiveEidasResponseTaskTest { Assert.assertEquals("msConnectorStage", true, (Boolean) executionContext.get(MsEidasNodeConstants.EXECCONTEXT_PARAM_MSCONNECTOR_STAGING)); + IRequest storedReq = storage.getPendingRequest(pendingReq.getPendingRequestId()); + Assert.assertNotNull("pendingReq not stored", storedReq); + //validate state Assert.assertEquals("Wrong http statusCode", 302, httpResp.getStatus()); Assert.assertNotNull("No redirect header", httpResp.getHeaderValue("Location")); -- cgit v1.2.3