diff options
author | Thomas Lenz <tlenz@iaik.tugraz.at> | 2020-08-31 16:30:08 +0200 |
---|---|---|
committer | Thomas Lenz <tlenz@iaik.tugraz.at> | 2020-08-31 16:30:08 +0200 |
commit | efeae1c1b91823ea4a7d4c84f3c1721f0a06e628 (patch) | |
tree | 844dbb9e64e856e2ccdd7ff8aaa4976f66d8b1a4 /id/server/modules/moa-id-module-E-ID_connector/src/main | |
parent | 0e6a03ffbc11d07ee2d00abcd573239a971f89b5 (diff) | |
parent | 7d9e2026c557cab1b8b3c4bb6a91f054c7bed5f0 (diff) | |
download | moa-id-spss-efeae1c1b91823ea4a7d4c84f3c1721f0a06e628.tar.gz moa-id-spss-efeae1c1b91823ea4a7d4c84f3c1721f0a06e628.tar.bz2 moa-id-spss-efeae1c1b91823ea4a7d4c84f3c1721f0a06e628.zip |
Merge branch 'current_development' into development_preview
Diffstat (limited to 'id/server/modules/moa-id-module-E-ID_connector/src/main')
-rw-r--r-- | id/server/modules/moa-id-module-E-ID_connector/src/main/java/at/gv/egovernment/moa/id/auth/modules/eidproxyauth/controller/EIDAuthMetadataController.java | 41 |
1 files changed, 19 insertions, 22 deletions
diff --git a/id/server/modules/moa-id-module-E-ID_connector/src/main/java/at/gv/egovernment/moa/id/auth/modules/eidproxyauth/controller/EIDAuthMetadataController.java b/id/server/modules/moa-id-module-E-ID_connector/src/main/java/at/gv/egovernment/moa/id/auth/modules/eidproxyauth/controller/EIDAuthMetadataController.java index 90ecb0942..9fbe04b98 100644 --- a/id/server/modules/moa-id-module-E-ID_connector/src/main/java/at/gv/egovernment/moa/id/auth/modules/eidproxyauth/controller/EIDAuthMetadataController.java +++ b/id/server/modules/moa-id-module-E-ID_connector/src/main/java/at/gv/egovernment/moa/id/auth/modules/eidproxyauth/controller/EIDAuthMetadataController.java @@ -23,6 +23,7 @@ package at.gv.egovernment.moa.id.auth.modules.eidproxyauth.controller; import java.io.IOException; +import java.net.URL; import java.util.ArrayList; import java.util.List; import java.util.Map; @@ -76,28 +77,24 @@ public class EIDAuthMetadataController extends AbstractController { public void getSPMetadata(HttpServletRequest req, HttpServletResponse resp) throws IOException, EAAFException { //check PublicURL prefix try { - String authURL = HTTPUtils.extractAuthURLFromRequest(req); - if (!authConfig.getPublicURLPrefix().contains(authURL)) { - resp.sendError(HttpServletResponse.SC_FORBIDDEN, "No valid request URL"); - return; - - } else { - //initialize metadata builder configuration - EIDAuthMetadataConfiguration metadataConfig = - new EIDAuthMetadataConfiguration(authURL, credentialProvider, pvpConfiguration); - metadataConfig.setAdditionalRequiredAttributes(getAdditonalRequiredAttributes()); - - //build metadata - String xmlMetadata = metadatabuilder.buildPVPMetadata(metadataConfig); - - //write response - byte[] content = xmlMetadata.getBytes("UTF-8"); - resp.setStatus(HttpServletResponse.SC_OK); - resp.setContentLength(content.length); - resp.setContentType(MediaType.XML_UTF_8.toString()); - resp.getOutputStream().write(content); - - } + String authUrlString = HTTPUtils.extractAuthURLFromRequest(req); + String authURL = authConfig.validateIDPURL(new URL(authUrlString)); + Logger.trace("Build E-ID Metadata for requestUrl: " + authURL); + + //initialize metadata builder configuration + EIDAuthMetadataConfiguration metadataConfig = + new EIDAuthMetadataConfiguration(authURL, credentialProvider, pvpConfiguration); + metadataConfig.setAdditionalRequiredAttributes(getAdditonalRequiredAttributes()); + + //build metadata + String xmlMetadata = metadatabuilder.buildPVPMetadata(metadataConfig); + + //write response + byte[] content = xmlMetadata.getBytes("UTF-8"); + resp.setStatus(HttpServletResponse.SC_OK); + resp.setContentLength(content.length); + resp.setContentType(MediaType.XML_UTF_8.toString()); + resp.getOutputStream().write(content); } catch (Exception e) { Logger.warn("Build E-ID Proxy PVP metadata FAILED.", e); |