From 9ccbb61cf24d35196d1cf1334fb350afd4d01c8d Mon Sep 17 00:00:00 2001
From: Thomas <>
Date: Tue, 28 Feb 2023 09:01:48 +0100
Subject: fix(matching): remove HTML escapetion from address-search

Reason: special characters are requiered in plain text
---
 .../ReceiveAustrianResidenceGuiResponseTask.java   |  6 +++--
 ...eceiveAustrianResidenceGuiResponseTaskTest.java | 27 ++++++++++++++++++++++
 2 files changed, 31 insertions(+), 2 deletions(-)

(limited to 'modules/authmodule-eIDAS-v2/src')

diff --git a/modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/tasks/ReceiveAustrianResidenceGuiResponseTask.java b/modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/tasks/ReceiveAustrianResidenceGuiResponseTask.java
index 09b90a1d..b6b03d40 100644
--- a/modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/tasks/ReceiveAustrianResidenceGuiResponseTask.java
+++ b/modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/tasks/ReceiveAustrianResidenceGuiResponseTask.java
@@ -28,13 +28,14 @@ import static at.asitplus.eidas.specific.modules.auth.eidas.v2.Constants.CONTEXT
 import static at.asitplus.eidas.specific.modules.auth.eidas.v2.Constants.TRANSITION_TO_GENERATE_GUI_QUERY_AUSTRIAN_RESIDENCE_TASK;
 import static at.asitplus.eidas.specific.modules.auth.eidas.v2.Constants.TRANSITION_TO_REQUESTING_NEW_ERNP_ENTRY_TASK;
 
+import java.net.URLDecoder;
+import java.nio.charset.StandardCharsets;
 import java.util.Enumeration;
 import java.util.Set;
 
 import javax.servlet.http.HttpServletRequest;
 import javax.servlet.http.HttpServletResponse;
 
-import org.apache.commons.lang.StringEscapeUtils;
 import org.apache.commons.lang3.StringUtils;
 import org.jetbrains.annotations.NotNull;
 import org.springframework.stereotype.Component;
@@ -222,7 +223,8 @@ public class ReceiveAustrianResidenceGuiResponseTask extends AbstractLocaleAuthS
     AdresssucheOutputBuilder resultBuilder = AdresssucheOutput.builder();
     while (reqParamNames.hasMoreElements()) {
       final String paramName = reqParamNames.nextElement();
-      String escaped = StringEscapeUtils.escapeHtml(request.getParameter(paramName));
+
+      String escaped = URLDecoder.decode(request.getParameter(paramName), StandardCharsets.UTF_8);
       if (AdresssucheController.PARAM_MUNIPICALITY.equalsIgnoreCase(paramName)) {
         resultBuilder.municipality(escaped);
 
diff --git a/modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/tasks/ReceiveAustrianResidenceGuiResponseTaskTest.java b/modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/tasks/ReceiveAustrianResidenceGuiResponseTaskTest.java
index 581dee0d..64fbf44b 100644
--- a/modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/tasks/ReceiveAustrianResidenceGuiResponseTaskTest.java
+++ b/modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/tasks/ReceiveAustrianResidenceGuiResponseTaskTest.java
@@ -176,6 +176,33 @@ public class ReceiveAustrianResidenceGuiResponseTaskTest {
     
   }
 
+  @Test
+  public void exactlyOneRegisterResult_SpecialCharacters() throws Exception {
+
+    AdresssucheOutput userInput = new AdresssucheOutput(
+        RandomStringUtils.randomAlphabetic(8),
+        "Peilstein im Mühlviertel",
+        "äöüÄÖÜß",
+        RandomStringUtils.randomAlphabetic(8),
+        RandomStringUtils.randomAlphabetic(8));
+    setHttpParameters(userInput);
+
+    SimpleEidasData eidasData = setupEidasData();
+    RegisterStatusResults registerSearchResult = buildResultWithOneMatch(buildMatchingRegisterResult(
+        eidasData));
+    MatchingTaskUtils.storeIntermediateMatchingResult(pendingReq, registerSearchResult);
+    mockRegisterSearch(userInput, registerSearchResult, eidasData);
+
+    task.execute(pendingReq, executionContext);
+
+    // validate state
+    assertNull("Transition To S9", executionContext.get(Constants.TRANSITION_TO_CREATE_NEW_ERNP_ENTRY_TASK));
+    MatchedPersonResult matchingResult = MatchingTaskUtils.getFinalMatchingResult(pendingReq);
+    assertNotNull("no final matching result", matchingResult);
+    validateMatchedPerson(matchingResult, registerSearchResult);
+
+  }
+
   @Test
   public void exactlyOneRegisterResult_UpdateRequired() throws Exception {
     AdresssucheOutput userInput = setupUserInput();
-- 
cgit v1.2.3