diff options
author | Thomas Lenz <tlenz@iaik.tugraz.at> | 2020-08-28 07:34:08 +0200 |
---|---|---|
committer | Thomas Lenz <tlenz@iaik.tugraz.at> | 2020-08-28 07:34:08 +0200 |
commit | f27db66b14e417cbc4b8124842d5525bf3bb8884 (patch) | |
tree | 1165c3a07d2f2323905c1fba03b21c3b758774bf | |
parent | 5f1a21af02ef87188e5f5e8bf1193b5cb5914e00 (diff) | |
download | moa-id-spss-f27db66b14e417cbc4b8124842d5525bf3bb8884.tar.gz moa-id-spss-f27db66b14e417cbc4b8124842d5525bf3bb8884.tar.bz2 moa-id-spss-f27db66b14e417cbc4b8124842d5525bf3bb8884.zip |
fix possible problems with http proxy
2 files changed, 38 insertions, 43 deletions
diff --git a/id/server/modules/moa-id-module-AT_eIDAS_connector/src/main/java/at/gv/egovernment/moa/id/auth/modules/eIDAScentralAuth/controller/EidasCentralAuthMetadataController.java b/id/server/modules/moa-id-module-AT_eIDAS_connector/src/main/java/at/gv/egovernment/moa/id/auth/modules/eIDAScentralAuth/controller/EidasCentralAuthMetadataController.java index a0c1fa30b..5409e3a4c 100644 --- a/id/server/modules/moa-id-module-AT_eIDAS_connector/src/main/java/at/gv/egovernment/moa/id/auth/modules/eIDAScentralAuth/controller/EidasCentralAuthMetadataController.java +++ b/id/server/modules/moa-id-module-AT_eIDAS_connector/src/main/java/at/gv/egovernment/moa/id/auth/modules/eIDAScentralAuth/controller/EidasCentralAuthMetadataController.java @@ -23,6 +23,7 @@ package at.gv.egovernment.moa.id.auth.modules.eIDAScentralAuth.controller; import java.io.IOException; +import java.net.URL; import java.util.ArrayList; import java.util.List; import java.util.Map; @@ -76,29 +77,26 @@ public class EidasCentralAuthMetadataController extends AbstractController { public void getSPMetadata(HttpServletRequest req, HttpServletResponse resp) throws IOException, EAAFException { //check PublicURL prefix try { - String authURL = HTTPUtils.extractAuthURLFromRequest(req); - if (!authConfig.getPublicURLPrefix().contains(authURL)) { - resp.sendError(HttpServletResponse.SC_FORBIDDEN, "No valid request URL"); - return; - - } else { - //initialize metadata builder configuration - EidasCentralAuthMetadataConfiguration metadataConfig = - new EidasCentralAuthMetadataConfiguration(authURL, credentialProvider, pvpConfiguration); - metadataConfig.setAdditionalRequiredAttributes(getAdditonalRequiredAttributes()); - - - //build metadata - String xmlMetadata = metadatabuilder.buildPVPMetadata(metadataConfig); - - //write response - byte[] content = xmlMetadata.getBytes("UTF-8"); - resp.setStatus(HttpServletResponse.SC_OK); - resp.setContentLength(content.length); - resp.setContentType(MediaType.XML_UTF_8.toString()); + String authUrlString = HTTPUtils.extractAuthURLFromRequest(req); + String authURL = authConfig.validateIDPURL(new URL(authUrlString)); + Logger.trace("Build eIDAS Metadata for requestUrl: " + authURL); + + //initialize metadata builder configuration + EidasCentralAuthMetadataConfiguration metadataConfig = + new EidasCentralAuthMetadataConfiguration(authURL, credentialProvider, pvpConfiguration); + metadataConfig.setAdditionalRequiredAttributes(getAdditonalRequiredAttributes()); + + + //build metadata + String xmlMetadata = metadatabuilder.buildPVPMetadata(metadataConfig); + + //write response + byte[] content = xmlMetadata.getBytes("UTF-8"); + resp.setStatus(HttpServletResponse.SC_OK); + resp.setContentLength(content.length); + resp.setContentType(MediaType.XML_UTF_8.toString()); resp.getOutputStream().write(content); - } } catch (Exception e) { Logger.warn("Build federated-authentication PVP metadata FAILED.", e); diff --git a/id/server/modules/moa-id-module-E-ID_connector/src/main/java/at/gv/egovernment/moa/id/auth/modules/eidproxyauth/controller/EIDAuthMetadataController.java b/id/server/modules/moa-id-module-E-ID_connector/src/main/java/at/gv/egovernment/moa/id/auth/modules/eidproxyauth/controller/EIDAuthMetadataController.java index 90ecb0942..9fbe04b98 100644 --- a/id/server/modules/moa-id-module-E-ID_connector/src/main/java/at/gv/egovernment/moa/id/auth/modules/eidproxyauth/controller/EIDAuthMetadataController.java +++ b/id/server/modules/moa-id-module-E-ID_connector/src/main/java/at/gv/egovernment/moa/id/auth/modules/eidproxyauth/controller/EIDAuthMetadataController.java @@ -23,6 +23,7 @@ package at.gv.egovernment.moa.id.auth.modules.eidproxyauth.controller; import java.io.IOException; +import java.net.URL; import java.util.ArrayList; import java.util.List; import java.util.Map; @@ -76,28 +77,24 @@ public class EIDAuthMetadataController extends AbstractController { public void getSPMetadata(HttpServletRequest req, HttpServletResponse resp) throws IOException, EAAFException { //check PublicURL prefix try { - String authURL = HTTPUtils.extractAuthURLFromRequest(req); - if (!authConfig.getPublicURLPrefix().contains(authURL)) { - resp.sendError(HttpServletResponse.SC_FORBIDDEN, "No valid request URL"); - return; - - } else { - //initialize metadata builder configuration - EIDAuthMetadataConfiguration metadataConfig = - new EIDAuthMetadataConfiguration(authURL, credentialProvider, pvpConfiguration); - metadataConfig.setAdditionalRequiredAttributes(getAdditonalRequiredAttributes()); - - //build metadata - String xmlMetadata = metadatabuilder.buildPVPMetadata(metadataConfig); - - //write response - byte[] content = xmlMetadata.getBytes("UTF-8"); - resp.setStatus(HttpServletResponse.SC_OK); - resp.setContentLength(content.length); - resp.setContentType(MediaType.XML_UTF_8.toString()); - resp.getOutputStream().write(content); - - } + String authUrlString = HTTPUtils.extractAuthURLFromRequest(req); + String authURL = authConfig.validateIDPURL(new URL(authUrlString)); + Logger.trace("Build E-ID Metadata for requestUrl: " + authURL); + + //initialize metadata builder configuration + EIDAuthMetadataConfiguration metadataConfig = + new EIDAuthMetadataConfiguration(authURL, credentialProvider, pvpConfiguration); + metadataConfig.setAdditionalRequiredAttributes(getAdditonalRequiredAttributes()); + + //build metadata + String xmlMetadata = metadatabuilder.buildPVPMetadata(metadataConfig); + + //write response + byte[] content = xmlMetadata.getBytes("UTF-8"); + resp.setStatus(HttpServletResponse.SC_OK); + resp.setContentLength(content.length); + resp.setContentType(MediaType.XML_UTF_8.toString()); + resp.getOutputStream().write(content); } catch (Exception e) { Logger.warn("Build E-ID Proxy PVP metadata FAILED.", e); |