aboutsummaryrefslogtreecommitdiff
path: root/id/server/modules/moa-id-module-AT_eIDAS_connector
diff options
context:
space:
mode:
authorThomas Lenz <tlenz@iaik.tugraz.at>2020-08-31 16:30:08 +0200
committerThomas Lenz <tlenz@iaik.tugraz.at>2020-08-31 16:30:08 +0200
commitefeae1c1b91823ea4a7d4c84f3c1721f0a06e628 (patch)
tree844dbb9e64e856e2ccdd7ff8aaa4976f66d8b1a4 /id/server/modules/moa-id-module-AT_eIDAS_connector
parent0e6a03ffbc11d07ee2d00abcd573239a971f89b5 (diff)
parent7d9e2026c557cab1b8b3c4bb6a91f054c7bed5f0 (diff)
downloadmoa-id-spss-efeae1c1b91823ea4a7d4c84f3c1721f0a06e628.tar.gz
moa-id-spss-efeae1c1b91823ea4a7d4c84f3c1721f0a06e628.tar.bz2
moa-id-spss-efeae1c1b91823ea4a7d4c84f3c1721f0a06e628.zip
Merge branch 'current_development' into development_preview
Diffstat (limited to 'id/server/modules/moa-id-module-AT_eIDAS_connector')
-rw-r--r--id/server/modules/moa-id-module-AT_eIDAS_connector/pom.xml2
-rw-r--r--id/server/modules/moa-id-module-AT_eIDAS_connector/src/main/java/at/gv/egovernment/moa/id/auth/modules/eIDAScentralAuth/controller/EidasCentralAuthMetadataController.java40
2 files changed, 20 insertions, 22 deletions
diff --git a/id/server/modules/moa-id-module-AT_eIDAS_connector/pom.xml b/id/server/modules/moa-id-module-AT_eIDAS_connector/pom.xml
index 27acb2223..aad4f2919 100644
--- a/id/server/modules/moa-id-module-AT_eIDAS_connector/pom.xml
+++ b/id/server/modules/moa-id-module-AT_eIDAS_connector/pom.xml
@@ -5,7 +5,7 @@
<parent>
<groupId>MOA.id.server.modules</groupId>
<artifactId>moa-id-modules</artifactId>
- <version>4.1.2</version>
+ <version>4.1.3</version>
</parent>
<artifactId>moa-id-module-AT_eIDAS_connector</artifactId>
<name>moa-id-module-AT_eIDAS_connector</name>
diff --git a/id/server/modules/moa-id-module-AT_eIDAS_connector/src/main/java/at/gv/egovernment/moa/id/auth/modules/eIDAScentralAuth/controller/EidasCentralAuthMetadataController.java b/id/server/modules/moa-id-module-AT_eIDAS_connector/src/main/java/at/gv/egovernment/moa/id/auth/modules/eIDAScentralAuth/controller/EidasCentralAuthMetadataController.java
index a0c1fa30b..5409e3a4c 100644
--- a/id/server/modules/moa-id-module-AT_eIDAS_connector/src/main/java/at/gv/egovernment/moa/id/auth/modules/eIDAScentralAuth/controller/EidasCentralAuthMetadataController.java
+++ b/id/server/modules/moa-id-module-AT_eIDAS_connector/src/main/java/at/gv/egovernment/moa/id/auth/modules/eIDAScentralAuth/controller/EidasCentralAuthMetadataController.java
@@ -23,6 +23,7 @@
package at.gv.egovernment.moa.id.auth.modules.eIDAScentralAuth.controller;
import java.io.IOException;
+import java.net.URL;
import java.util.ArrayList;
import java.util.List;
import java.util.Map;
@@ -76,29 +77,26 @@ public class EidasCentralAuthMetadataController extends AbstractController {
public void getSPMetadata(HttpServletRequest req, HttpServletResponse resp) throws IOException, EAAFException {
//check PublicURL prefix
try {
- String authURL = HTTPUtils.extractAuthURLFromRequest(req);
- if (!authConfig.getPublicURLPrefix().contains(authURL)) {
- resp.sendError(HttpServletResponse.SC_FORBIDDEN, "No valid request URL");
- return;
-
- } else {
- //initialize metadata builder configuration
- EidasCentralAuthMetadataConfiguration metadataConfig =
- new EidasCentralAuthMetadataConfiguration(authURL, credentialProvider, pvpConfiguration);
- metadataConfig.setAdditionalRequiredAttributes(getAdditonalRequiredAttributes());
-
-
- //build metadata
- String xmlMetadata = metadatabuilder.buildPVPMetadata(metadataConfig);
-
- //write response
- byte[] content = xmlMetadata.getBytes("UTF-8");
- resp.setStatus(HttpServletResponse.SC_OK);
- resp.setContentLength(content.length);
- resp.setContentType(MediaType.XML_UTF_8.toString());
+ String authUrlString = HTTPUtils.extractAuthURLFromRequest(req);
+ String authURL = authConfig.validateIDPURL(new URL(authUrlString));
+ Logger.trace("Build eIDAS Metadata for requestUrl: " + authURL);
+
+ //initialize metadata builder configuration
+ EidasCentralAuthMetadataConfiguration metadataConfig =
+ new EidasCentralAuthMetadataConfiguration(authURL, credentialProvider, pvpConfiguration);
+ metadataConfig.setAdditionalRequiredAttributes(getAdditonalRequiredAttributes());
+
+
+ //build metadata
+ String xmlMetadata = metadatabuilder.buildPVPMetadata(metadataConfig);
+
+ //write response
+ byte[] content = xmlMetadata.getBytes("UTF-8");
+ resp.setStatus(HttpServletResponse.SC_OK);
+ resp.setContentLength(content.length);
+ resp.setContentType(MediaType.XML_UTF_8.toString());
resp.getOutputStream().write(content);
- }
} catch (Exception e) {
Logger.warn("Build federated-authentication PVP metadata FAILED.", e);