aboutsummaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorThomas Lenz <tlenz@iaik.tugraz.at>2020-08-28 07:34:08 +0200
committerThomas Lenz <tlenz@iaik.tugraz.at>2020-08-28 07:34:08 +0200
commitf27db66b14e417cbc4b8124842d5525bf3bb8884 (patch)
tree1165c3a07d2f2323905c1fba03b21c3b758774bf
parent5f1a21af02ef87188e5f5e8bf1193b5cb5914e00 (diff)
downloadmoa-id-spss-f27db66b14e417cbc4b8124842d5525bf3bb8884.tar.gz
moa-id-spss-f27db66b14e417cbc4b8124842d5525bf3bb8884.tar.bz2
moa-id-spss-f27db66b14e417cbc4b8124842d5525bf3bb8884.zip
fix possible problems with http proxy
-rw-r--r--id/server/modules/moa-id-module-AT_eIDAS_connector/src/main/java/at/gv/egovernment/moa/id/auth/modules/eIDAScentralAuth/controller/EidasCentralAuthMetadataController.java40
-rw-r--r--id/server/modules/moa-id-module-E-ID_connector/src/main/java/at/gv/egovernment/moa/id/auth/modules/eidproxyauth/controller/EIDAuthMetadataController.java41
2 files changed, 38 insertions, 43 deletions
diff --git a/id/server/modules/moa-id-module-AT_eIDAS_connector/src/main/java/at/gv/egovernment/moa/id/auth/modules/eIDAScentralAuth/controller/EidasCentralAuthMetadataController.java b/id/server/modules/moa-id-module-AT_eIDAS_connector/src/main/java/at/gv/egovernment/moa/id/auth/modules/eIDAScentralAuth/controller/EidasCentralAuthMetadataController.java
index a0c1fa30b..5409e3a4c 100644
--- a/id/server/modules/moa-id-module-AT_eIDAS_connector/src/main/java/at/gv/egovernment/moa/id/auth/modules/eIDAScentralAuth/controller/EidasCentralAuthMetadataController.java
+++ b/id/server/modules/moa-id-module-AT_eIDAS_connector/src/main/java/at/gv/egovernment/moa/id/auth/modules/eIDAScentralAuth/controller/EidasCentralAuthMetadataController.java
@@ -23,6 +23,7 @@
package at.gv.egovernment.moa.id.auth.modules.eIDAScentralAuth.controller;
import java.io.IOException;
+import java.net.URL;
import java.util.ArrayList;
import java.util.List;
import java.util.Map;
@@ -76,29 +77,26 @@ public class EidasCentralAuthMetadataController extends AbstractController {
public void getSPMetadata(HttpServletRequest req, HttpServletResponse resp) throws IOException, EAAFException {
//check PublicURL prefix
try {
- String authURL = HTTPUtils.extractAuthURLFromRequest(req);
- if (!authConfig.getPublicURLPrefix().contains(authURL)) {
- resp.sendError(HttpServletResponse.SC_FORBIDDEN, "No valid request URL");
- return;
-
- } else {
- //initialize metadata builder configuration
- EidasCentralAuthMetadataConfiguration metadataConfig =
- new EidasCentralAuthMetadataConfiguration(authURL, credentialProvider, pvpConfiguration);
- metadataConfig.setAdditionalRequiredAttributes(getAdditonalRequiredAttributes());
-
-
- //build metadata
- String xmlMetadata = metadatabuilder.buildPVPMetadata(metadataConfig);
-
- //write response
- byte[] content = xmlMetadata.getBytes("UTF-8");
- resp.setStatus(HttpServletResponse.SC_OK);
- resp.setContentLength(content.length);
- resp.setContentType(MediaType.XML_UTF_8.toString());
+ String authUrlString = HTTPUtils.extractAuthURLFromRequest(req);
+ String authURL = authConfig.validateIDPURL(new URL(authUrlString));
+ Logger.trace("Build eIDAS Metadata for requestUrl: " + authURL);
+
+ //initialize metadata builder configuration
+ EidasCentralAuthMetadataConfiguration metadataConfig =
+ new EidasCentralAuthMetadataConfiguration(authURL, credentialProvider, pvpConfiguration);
+ metadataConfig.setAdditionalRequiredAttributes(getAdditonalRequiredAttributes());
+
+
+ //build metadata
+ String xmlMetadata = metadatabuilder.buildPVPMetadata(metadataConfig);
+
+ //write response
+ byte[] content = xmlMetadata.getBytes("UTF-8");
+ resp.setStatus(HttpServletResponse.SC_OK);
+ resp.setContentLength(content.length);
+ resp.setContentType(MediaType.XML_UTF_8.toString());
resp.getOutputStream().write(content);
- }
} catch (Exception e) {
Logger.warn("Build federated-authentication PVP metadata FAILED.", e);
diff --git a/id/server/modules/moa-id-module-E-ID_connector/src/main/java/at/gv/egovernment/moa/id/auth/modules/eidproxyauth/controller/EIDAuthMetadataController.java b/id/server/modules/moa-id-module-E-ID_connector/src/main/java/at/gv/egovernment/moa/id/auth/modules/eidproxyauth/controller/EIDAuthMetadataController.java
index 90ecb0942..9fbe04b98 100644
--- a/id/server/modules/moa-id-module-E-ID_connector/src/main/java/at/gv/egovernment/moa/id/auth/modules/eidproxyauth/controller/EIDAuthMetadataController.java
+++ b/id/server/modules/moa-id-module-E-ID_connector/src/main/java/at/gv/egovernment/moa/id/auth/modules/eidproxyauth/controller/EIDAuthMetadataController.java
@@ -23,6 +23,7 @@
package at.gv.egovernment.moa.id.auth.modules.eidproxyauth.controller;
import java.io.IOException;
+import java.net.URL;
import java.util.ArrayList;
import java.util.List;
import java.util.Map;
@@ -76,28 +77,24 @@ public class EIDAuthMetadataController extends AbstractController {
public void getSPMetadata(HttpServletRequest req, HttpServletResponse resp) throws IOException, EAAFException {
//check PublicURL prefix
try {
- String authURL = HTTPUtils.extractAuthURLFromRequest(req);
- if (!authConfig.getPublicURLPrefix().contains(authURL)) {
- resp.sendError(HttpServletResponse.SC_FORBIDDEN, "No valid request URL");
- return;
-
- } else {
- //initialize metadata builder configuration
- EIDAuthMetadataConfiguration metadataConfig =
- new EIDAuthMetadataConfiguration(authURL, credentialProvider, pvpConfiguration);
- metadataConfig.setAdditionalRequiredAttributes(getAdditonalRequiredAttributes());
-
- //build metadata
- String xmlMetadata = metadatabuilder.buildPVPMetadata(metadataConfig);
-
- //write response
- byte[] content = xmlMetadata.getBytes("UTF-8");
- resp.setStatus(HttpServletResponse.SC_OK);
- resp.setContentLength(content.length);
- resp.setContentType(MediaType.XML_UTF_8.toString());
- resp.getOutputStream().write(content);
-
- }
+ String authUrlString = HTTPUtils.extractAuthURLFromRequest(req);
+ String authURL = authConfig.validateIDPURL(new URL(authUrlString));
+ Logger.trace("Build E-ID Metadata for requestUrl: " + authURL);
+
+ //initialize metadata builder configuration
+ EIDAuthMetadataConfiguration metadataConfig =
+ new EIDAuthMetadataConfiguration(authURL, credentialProvider, pvpConfiguration);
+ metadataConfig.setAdditionalRequiredAttributes(getAdditonalRequiredAttributes());
+
+ //build metadata
+ String xmlMetadata = metadatabuilder.buildPVPMetadata(metadataConfig);
+
+ //write response
+ byte[] content = xmlMetadata.getBytes("UTF-8");
+ resp.setStatus(HttpServletResponse.SC_OK);
+ resp.setContentLength(content.length);
+ resp.setContentType(MediaType.XML_UTF_8.toString());
+ resp.getOutputStream().write(content);
} catch (Exception e) {
Logger.warn("Build E-ID Proxy PVP metadata FAILED.", e);