remove superfluous parameters

git-svn-id: https://joinup.ec.europa.eu/svn/moa-idspss/trunk@732 d688527b-c9ab-4aba-bd8d-4036d912da1d

1 files changed, 70 insertions, 4 deletions

diff --git a/id.server/src/at/gv/egovernment/moa/id/proxy/EnhancedConnectionBuilder.java b/id.server/src/at/gv/egovernment/moa/id/proxy/EnhancedConnectionBuilder.java
index 64a27ccf0..9d8dc694c 100644
--- a/id.server/src/at/gv/egovernment/moa/id/proxy/EnhancedConnectionBuilder.java
+++ b/id.server/src/at/gv/egovernment/moa/id/proxy/EnhancedConnectionBuilder.java
@@ -8,6 +8,7 @@ import java.util.Vector;
 
 import javax.net.ssl.SSLSocketFactory;
 import javax.servlet.http.HttpServletRequest;
+import javax.servlet.http.HttpSession;
 
 import at.gv.egovernment.moa.id.config.ConfigurationException;
 import at.gv.egovernment.moa.id.config.proxy.ProxyConfigurationProvider;
@@ -31,13 +32,20 @@ public class EnhancedConnectionBuilder implements ConnectionBuilder {
 	  
 	  /** a boolean to disable the HostnameVerification (default = false)*/
 	  private static boolean cbDisableHostnameVerification = false;
-	  
+	  /** Name of the Parameter for the Target */
+	  private static final String PARAM_TARGET = "Target";
+	  /** Name of the Parameter for the SAMLArtifact */  
+	  private static final String PARAM_SAMLARTIFACT = "SAMLArtifact";
+	  /** Name of the Attribute for marking the session as authenticated*/  
+	  private static final String ATT_AUTHDATAFETCHED = "AuthDataFetched";
+
 	  static {
 	    HTTPConnection.setDefaultTimeout(0);
 	    try {
 	      HTTPConnection.removeDefaultModule(Class.forName("HTTPClient.AuthorizationModule"));
 	      HTTPConnection.removeDefaultModule(Class.forName("HTTPClient.RedirectionModule"));
 	      HTTPConnection.removeDefaultModule(Class.forName("HTTPClient.CookieModule"));
+	      //HTTPConnection.removeDefaultModule(Class.forName("HTTPClient.RetryModule"));
 	    } catch (ClassNotFoundException e) {
 	    	
 	    }
@@ -68,9 +76,14 @@ public class EnhancedConnectionBuilder implements ConnectionBuilder {
 	      throw new IOException(MOAIDMessageProvider.getInstance().getMessage(
 	        "proxy.01", new Object[] {requestedURL, publicURLPrefix}));
 
-	    if (null != req.getQueryString() && 0 != req.getQueryString().length() ) {
-	      String query = req.getQueryString();
-	      requestedURL = requestedURL + "?" + query;
+	    String query = req.getQueryString();
+    	if (req.getSession().getAttribute(ATT_AUTHDATAFETCHED)!=null) {
+  	      query = removeParameter(query, PARAM_SAMLARTIFACT);
+	      query = removeParameter(query, PARAM_TARGET);
+	      req.getSession().removeAttribute(ATT_AUTHDATAFETCHED);
+    	}
+	    if (null != query && 0 != query.length() ) {
+    	  requestedURL = requestedURL + "?" + query;
 
 	      String parameter[] = new String[2];  
 	      for (Iterator iter = parameters.iterator(); iter.hasNext();) {
@@ -141,5 +154,58 @@ public class EnhancedConnectionBuilder implements ConnectionBuilder {
 	      return true;
 	    }
 	  }
+	  
+	  /**
+	   * Removes parameters from the query-URL recursively
+	   *
+	   * @param query the query from which the parameter is to be removed
+	   * @param parameter the parameter to be removed
+	   * @return the parameterclean query
+	   */	  
+	  private String removeParameter(String query, String parameter) {
+		  return removeParameter(query, parameter, true);
+	  }
+
+	  /**
+	   * Removes one parameter from the query-URL recursively
+	   *
+	   * @param query the query from which the parameter is to be removed
+	   * @param parameter the parameter to be removed
+	   * @param remove. Boolean value wether a parameter was removed in last call or not. In initial call set to true to check for new occurrences
+	   * @return the parameterclean query
+	   */	  
+	  private String removeParameter(String query, String parameter, boolean remove) {
+		  String result = query;
+		  if (remove && query!=null && !query.equals("") && parameter!=null && !parameter.equals("")) {
+			  String param = parameter;
+			  int capEnd=0;
+			  if (!param.endsWith("=")) param=param+"=";
+			  if (query.startsWith(param)) {
+				  //remove leading
+				  result="";
+			  } else { 
+				  if (!param.startsWith("&")) param="&"+param;
+				  capEnd = query.indexOf(param);
+				  if (capEnd!=-1) {
+					  //leading part
+				      result=query.substring(0, capEnd);
+				  }
+			  }
+			  if (capEnd!=-1) {
+				  //trailing part
+				  capEnd += param.length();
+				  int capBegin = -1;
+				  if (capEnd <query.length()) capBegin = query.indexOf("&", capEnd);
+				  if (capBegin!=-1) {
+					  if (capBegin<query.length()) {
+						  result=result + query.substring(capBegin);
+						  if (result.startsWith("&")) result = result.substring(1); //if now is leading part
+					  }
+				  }
+		      }
+			  result = removeParameter(result, parameter, !query.equals(result));
+		  }  
+		  return result;
+	  }
 
 	}